Merge branch 'main' into auth/pm-18458/create-change-existing-password-component

libs/auth/src/angular/anon-layout/anon-layout.component.html

@@ -10,7 +10,7 @@
     [routerLink]="['/']"
     class="tw-w-[128px] tw-block tw-mb-12 [&>*]:tw-align-top"
   >
-    <bit-icon [icon]="logo"></bit-icon>
+    <bit-icon [icon]="logo" [ariaLabel]="'appLogoLabel' | i18n"></bit-icon>
   </a>
 
   <div

libs/auth/src/angular/login/login.component.ts

@@ -536,6 +536,10 @@ export class LoginComponent implements OnInit, OnDestroy {
     if (storedEmail) {
       this.formGroup.controls.email.setValue(storedEmail);
       this.formGroup.controls.rememberEmail.setValue(true);
+      // If we load an email into the form, we need to initialize it for the login process as well
+      // so that other login components can use it.
+      // We do this here as it's possible that a user doesn't edit the email field before submitting.
+      this.loginEmailService.setLoginEmail(storedEmail);
     } else {
       this.formGroup.controls.rememberEmail.setValue(false);
     }

libs/auth/src/angular/two-factor-auth/two-factor-auth.component.ts

@@ -362,7 +362,7 @@ export class TwoFactorAuthComponent implements OnInit, OnDestroy {
         break;
       case TwoFactorProviderType.WebAuthn:
         this.anonLayoutWrapperDataService.setAnonLayoutWrapperData({
-          pageSubtitle: this.i18nService.t("followTheStepsBelowToFinishLoggingIn"),
+          pageSubtitle: this.i18nService.t("followTheStepsBelowToFinishLoggingInWithSecurityKey"),
           pageIcon: TwoFactorAuthWebAuthnIcon,
         });
         break;

libs/auth/src/common/services/auth-request/auth-request.service.spec.ts

@@ -106,7 +106,9 @@ describe("AuthRequestService", () => {
     });
 
     it("should use the master key and hash if they exist", async () => {
-      masterPasswordService.masterKeySubject.next({ encKey: new Uint8Array(64) } as MasterKey);
+      masterPasswordService.masterKeySubject.next(
+        new SymmetricCryptoKey(new Uint8Array(32)) as MasterKey,
+      );
       masterPasswordService.masterKeyHashSubject.next("MASTER_KEY_HASH");
 
       await sut.approveOrDenyAuthRequest(
@@ -115,7 +117,7 @@ describe("AuthRequestService", () => {
       );
 
       expect(encryptService.encapsulateKeyUnsigned).toHaveBeenCalledWith(
-        { encKey: new Uint8Array(64) },
+        new SymmetricCryptoKey(new Uint8Array(32)),
         expect.anything(),
       );
     });

libs/auth/src/common/services/auth-request/auth-request.service.ts

@@ -14,6 +14,7 @@ import { AuthRequestPushNotification } from "@bitwarden/common/models/response/n
 import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service";
 import { Utils } from "@bitwarden/common/platform/misc/utils";
 import { EncString } from "@bitwarden/common/platform/models/domain/enc-string";
+import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";
 import {
   AUTH_REQUEST_DISK_LOCAL,
   StateProvider,
@@ -120,7 +121,10 @@ export class AuthRequestService implements AuthRequestServiceAbstraction {
       keyToEncrypt = await this.keyService.getUserKey();
     }
 
-    const encryptedKey = await this.encryptService.encapsulateKeyUnsigned(keyToEncrypt, pubKey);
+    const encryptedKey = await this.encryptService.encapsulateKeyUnsigned(
+      keyToEncrypt as SymmetricCryptoKey,
+      pubKey,
+    );
 
     const response = new PasswordlessAuthRequest(
       encryptedKey.encryptedString,

libs/auth/src/common/services/pin/pin.service.implementation.ts

@@ -174,7 +174,8 @@ export class PinService implements PinServiceAbstraction {
     );
     const kdfConfig = await this.kdfConfigService.getKdfConfig();
     const pinKey = await this.makePinKey(pin, email, kdfConfig);
-    return await this.encryptService.encrypt(userKey.key, pinKey);
+
+    return await this.encryptService.wrapSymmetricKey(userKey, pinKey);
   }
 
   async storePinKeyEncryptedUserKey(

libs/auth/src/common/services/pin/pin.service.spec.ts

@@ -170,7 +170,7 @@ describe("PinService", () => {
         await sut.createPinKeyEncryptedUserKey(mockPin, mockUserKey, mockUserId);
 
         // Assert
-        expect(encryptService.encrypt).toHaveBeenCalledWith(mockUserKey.key, mockPinKey);
+        expect(encryptService.wrapSymmetricKey).toHaveBeenCalledWith(mockUserKey, mockPinKey);
       });
     });