Use a passed in key in derivation so we can validate other keys (#8954)

* Use a passed in key in derivation so we can validate other keys * Fix user key type tests
2025-12-17 08:43:33 +00:00 · 2024-04-27 16:32:34 -04:00
parent 0ecde07525
commit 88eeebb084
3 changed files with 23 additions and 17 deletions
--- a/libs/common/src/platform/services/crypto.service.ts
+++ b/libs/common/src/platform/services/crypto.service.ts
@@ -100,7 +100,7 @@ export class CryptoService implements CryptoServiceAbstraction {
      USER_PRIVATE_KEY,
      {
        encryptService: this.encryptService,
-        cryptoService: this,
+        getUserKey: (userId) => this.getUserKey(userId),
      },
    );
    this.activeUserPrivateKey$ = this.activeUserPrivateKeyState.state$; // may be null
@@ -738,13 +738,23 @@ export class CryptoService implements CryptoServiceAbstraction {
      // Can decrypt private key
      const privateKey = await USER_PRIVATE_KEY.derive([userId, encPrivateKey], {
        encryptService: this.encryptService,
-        cryptoService: this,
+        getUserKey: () => Promise.resolve(key),
      });

+      if (privateKey == null) {
+        // failed to decrypt
+        return false;
+      }
+
      // Can successfully derive public key
-      await USER_PUBLIC_KEY.derive(privateKey, {
+      const publicKey = await USER_PUBLIC_KEY.derive(privateKey, {
        cryptoFunctionService: this.cryptoFunctionService,
      });
+
+      if (publicKey == null) {
+        // failed to decrypt
+        return false;
+      }
    } catch (e) {
      return false;
    }