fix EncString serialization issues & various fixes

Co-authored-by: Matt Gibson <MGibson1@users.noreply.github.com>

apps/browser/src/background/nativeMessaging.background.ts

@@ -10,7 +10,10 @@ import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/pl
 import { StateService } from "@bitwarden/common/platform/abstractions/state.service";
 import { Utils } from "@bitwarden/common/platform/misc/utils";
 import { EncString } from "@bitwarden/common/platform/models/domain/enc-string";
-import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";
+import {
+  MasterKey,
+  SymmetricCryptoKey,
+} from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";
 
 import { BrowserApi } from "../platform/browser/browser-api";
 
@@ -320,8 +323,8 @@ export class NativeMessagingBackground {
         }
 
         if (message.response === "unlocked") {
-          await this.cryptoService.setKey(
-            new SymmetricCryptoKey(Utils.fromB64ToArray(message.keyB64).buffer)
+          await this.cryptoService.setMasterKey(
+            new SymmetricCryptoKey(Utils.fromB64ToArray(message.keyB64).buffer) as MasterKey
           );
 
           // Verify key is correct by attempting to decrypt a secret
@@ -329,7 +332,7 @@ export class NativeMessagingBackground {
             await this.cryptoService.getFingerprint(await this.stateService.getUserId());
           } catch (e) {
             this.logService.error("Unable to verify key: " + e);
-            await this.cryptoService.clearKey();
+            await this.cryptoService.clearKeys();
             this.showWrongUserDialog();
 
             // Exit early

apps/browser/src/platform/services/browser-crypto.service.ts

@@ -3,11 +3,11 @@ import { CryptoService } from "@bitwarden/common/platform/services/crypto.servic
 
 export class BrowserCryptoService extends CryptoService {
   protected async retrieveKeyFromStorage(keySuffix: KeySuffixOptions) {
-    if (keySuffix === "biometric") {
+    if (keySuffix === KeySuffixOptions.Biometric) {
       await this.platformUtilService.authenticateBiometric();
-      return (await this.getKey())?.keyB64;
+      return (await this.getUserKeyFromMemory())?.keyB64;
     }
 
-    return await super.retrieveKeyFromStorage(keySuffix);
+    return await super.retrieveUserKeyFromStorage(keySuffix);
   }
 }

apps/desktop/src/platform/services/electron-crypto.service.ts

@@ -42,16 +42,12 @@ export class ElectronCryptoService extends CryptoService {
     keySuffix: KeySuffixOptions,
     userId?: string
   ): Promise<UserSymKey> {
-    const userKey = super.retrieveUserKeyFromStorage(keySuffix, userId);
-    if (userKey) {
-      return userKey;
-    }
     if (keySuffix === KeySuffixOptions.Biometric) {
       await this.migrateBiometricKeyIfNeeded(userId);
       const userKey = await this.stateService.getUserSymKeyBiometric({ userId: userId });
       return new SymmetricCryptoKey(Utils.fromB64ToArray(userKey).buffer) as UserSymKey;
     }
-    return null;
+    return await super.retrieveUserKeyFromStorage(keySuffix, userId);
   }
 
   protected async storeBiometricKey(key: UserSymKey, userId?: string): Promise<void> {
@@ -86,15 +82,18 @@ export class ElectronCryptoService extends CryptoService {
   }
 
   private async migrateBiometricKeyIfNeeded(userId?: string) {
-    const oldBiometricKey = await this.stateService.getCryptoMasterKeyBiometric({ userId });
-    if (oldBiometricKey) {
+    if (await this.stateService.hasCryptoMasterKeyBiometric({ userId })) {
+      const oldBiometricKey = await this.stateService.getCryptoMasterKeyBiometric({ userId });
       // decrypt
-      const masterKey = new SymmetricCryptoKey(
-        Utils.fromB64ToArray(oldBiometricKey).buffer
-      ) as MasterKey;
+      const masterKey = new SymmetricCryptoKey(Utils.fromB64ToArray(oldBiometricKey)) as MasterKey;
+      let encUserKey = await this.stateService.getEncryptedCryptoSymmetricKey();
+      encUserKey = encUserKey ?? (await this.stateService.getUserSymKeyMasterKey());
+      if (!encUserKey) {
+        throw new Error("No user key found during biometric migration");
+      }
       const userSymKey = await this.decryptUserSymKeyWithMasterKey(
         masterKey,
-        new EncString(await this.stateService.getEncryptedCryptoSymmetricKey())
+        new EncString(encUserKey)
       );
       // migrate
       await this.storeBiometricKey(userSymKey, userId);

apps/desktop/src/services/native-message-handler.service.ts

@@ -8,7 +8,7 @@ import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.se
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service";
 import { Utils } from "@bitwarden/common/platform/misc/utils";
-import { EncString } from "@bitwarden/common/platform/models/domain/enc-string";
+import { EncryptedString, EncString } from "@bitwarden/common/platform/models/domain/enc-string";
 import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";
 import { StateService } from "@bitwarden/common/platform/services/state.service";
 
@@ -144,7 +144,9 @@ export class NativeMessageHandlerService {
   }
 
   private async handleEncryptedMessage(message: EncryptedMessage) {
-    message.encryptedCommand = EncString.fromJSON(message.encryptedCommand.toString());
+    message.encryptedCommand = EncString.fromJSON(
+      message.encryptedCommand.toString() as EncryptedString
+    );
     const decryptedCommandData = await this.decryptPayload(message);
     const { command } = decryptedCommandData;