bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-16 16:23:44 +00:00
Code Issues Releases Wiki Activity

clean up the old pin keys in more flows

Browse Source 
- in the case that the app is updated while logged in and the user changes their pin, this will clear the old pin keys
This commit is contained in:
Jacob Fink
2023-06-08 12:25:43 -04:00
parent 62c43794e9
commit 7963d3c996
3 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
libs/angular/src/components/set-pin.component.ts
View File

@@ -50,6 +50,7 @@ export class SetPinComponent implements OnInit {
} else { } else {
await this.stateService.setUserSymKeyPin(pinProtectedKey); await this.stateService.setUserSymKeyPin(pinProtectedKey);
} }
await this.cryptoService.clearOldPinKeys();
this.modalRef.close(true); this.modalRef.close(true);
} }

3
libs/common/src/platform/abstractions/crypto.service.ts
View File

@@ -73,7 +73,8 @@ export abstract class CryptoService {
makeKeyPair: (key?: SymmetricCryptoKey) => Promise<[string, EncString]>; makeKeyPair: (key?: SymmetricCryptoKey) => Promise<[string, EncString]>;
clearKeyPair: (memoryOnly?: boolean, userId?: string) => Promise<void[]>; clearKeyPair: (memoryOnly?: boolean, userId?: string) => Promise<void[]>;
makePinKey: (pin: string, salt: string, kdf: KdfType, kdfConfig: KdfConfig) => Promise<PinKey>; makePinKey: (pin: string, salt: string, kdf: KdfType, kdfConfig: KdfConfig) => Promise<PinKey>;
clearPinProtectedKey: () => Promise<void>; clearPinProtectedKey: (userId?: string) => Promise<void>;
clearOldPinKeys: (userId?: string) => Promise<void>;
/** /**
* Decrypts the user's symmetric key with their pin * Decrypts the user's symmetric key with their pin
* @param pin The user's PIN * @param pin The user's PIN

7
libs/common/src/platform/services/crypto.service.ts
View File

@@ -676,7 +676,12 @@ export class CryptoService implements CryptoServiceAbstraction {
*/ */
async clearPinProtectedKey(userId?: string): Promise<void> { async clearPinProtectedKey(userId?: string): Promise<void> {
await this.stateService.setUserSymKeyPin(null, { userId: userId }); await this.stateService.setUserSymKeyPin(null, { userId: userId });
await this.clearOldPinKeys(userId);
}
async clearOldPinKeys(userId?: string): Promise<void> {
await this.stateService.setEncryptedPinProtected(null, { userId: userId }); await this.stateService.setEncryptedPinProtected(null, { userId: userId });
await this.stateService.setDecryptedPinProtected(null, { userId: userId });
} }
async decryptUserSymKeyWithPin( async decryptUserSymKeyWithPin(
@@ -889,7 +894,6 @@ export class CryptoService implements CryptoServiceAbstraction {
await this.stateService.setUserSymKeyAuto(key.keyB64, { userId: userId }); await this.stateService.setUserSymKeyAuto(key.keyB64, { userId: userId });
} else { } else {
await this.stateService.setUserSymKeyAuto(null, { userId: userId }); await this.stateService.setUserSymKeyAuto(null, { userId: userId });
await this.stateService.setCryptoMasterKeyAuto(null, { userId: userId });
} }
const storePin = await this.shouldStoreKey(KeySuffixOptions.Pin, userId); const storePin = await this.shouldStoreKey(KeySuffixOptions.Pin, userId);
@@ -897,7 +901,6 @@ export class CryptoService implements CryptoServiceAbstraction {
await this.storePinKey(key); await this.storePinKey(key);
} else { } else {
await this.stateService.setUserSymKeyPin(null, { userId: userId }); await this.stateService.setUserSymKeyPin(null, { userId: userId });
await this.stateService.setEncryptedPinProtected(null, { userId: userId });
} }
} }