diff --git a/apps/web/src/app/key-management/data-recovery/steps/cipher-step.ts b/apps/web/src/app/key-management/data-recovery/steps/cipher-step.ts index 01c2d9bc2a1..5894415b046 100644 --- a/apps/web/src/app/key-management/data-recovery/steps/cipher-step.ts +++ b/apps/web/src/app/key-management/data-recovery/steps/cipher-step.ts @@ -5,6 +5,7 @@ import { DialogService } from "@bitwarden/components"; import { LogRecorder } from "../log-recorder"; import { RecoveryStep, RecoveryWorkingData } from "./recovery-step"; +import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service"; export class CipherStep implements RecoveryStep { title = "recoveryStepCipherTitle"; @@ -14,7 +15,8 @@ export class CipherStep implements RecoveryStep { constructor( private apiService: ApiService, - private cipherService: CipherEncryptionService, + private cipherEncryptionService: CipherEncryptionService, + private cipherService: CipherService, private dialogService: DialogService, ) {} @@ -31,7 +33,7 @@ export class CipherStep implements RecoveryStep { const userCiphers = workingData.ciphers.filter((c) => c.organizationId == null); for (const cipher of userCiphers) { try { - await this.cipherService.decrypt(cipher, workingData.userId); + await this.cipherEncryptionService.decrypt(cipher, workingData.userId); this.decryptableCipherIds.push(cipher.id); } catch { logger.record(`Cipher ID ${cipher.id} was undecryptable`); @@ -76,6 +78,7 @@ export class CipherStep implements RecoveryStep { for (const cipherId of this.undecryptableCipherIds) { try { await this.apiService.deleteCipher(cipherId); + await this.cipherService.delete(cipherId, workingData.userId); logger.record(`Deleted cipher ${cipherId}`); } catch (error) { const errorMessage = error instanceof Error ? error.message : String(error); diff --git a/apps/web/src/app/key-management/data-recovery/steps/folder-step.ts b/apps/web/src/app/key-management/data-recovery/steps/folder-step.ts index 90e252ce6c3..96a0f8e057e 100644 --- a/apps/web/src/app/key-management/data-recovery/steps/folder-step.ts +++ b/apps/web/src/app/key-management/data-recovery/steps/folder-step.ts @@ -6,6 +6,7 @@ import { PureCrypto } from "@bitwarden/sdk-internal"; import { LogRecorder } from "../log-recorder"; import { RecoveryStep, RecoveryWorkingData } from "./recovery-step"; +import { FolderService,InternalFolderService } from "@bitwarden/common/vault/abstractions/folder/folder.service.abstraction"; export class FolderStep implements RecoveryStep { title = "recoveryStepFoldersTitle"; @@ -14,7 +15,8 @@ export class FolderStep implements RecoveryStep { private decryptableFolderIds: string[] = []; constructor( - private folderService: FolderApiServiceAbstraction, + private folderApiService: FolderApiServiceAbstraction, + private internalFolderService: InternalFolderService, private dialogService: DialogService, ) {} @@ -85,7 +87,9 @@ export class FolderStep implements RecoveryStep { for (const folderId of this.undecryptableFolderIds) { try { - await this.folderService.delete(folderId, workingData.userId); + await this.folderApiService.delete(folderId, workingData.userId); + await this.internalFolderService.clearDecryptedFolderState(workingData.userId); + logger.record(`Deleted folder ${folderId}`); } catch (error) { logger.record(`Failed to delete folder ${folderId}: ${error}`); diff --git a/libs/key-management/src/user-asymmetric-key-regeneration/services/default-user-asymmetric-key-regeneration.service.ts b/libs/key-management/src/user-asymmetric-key-regeneration/services/default-user-asymmetric-key-regeneration.service.ts index 36bf9c8a421..ffb702ada11 100644 --- a/libs/key-management/src/user-asymmetric-key-regeneration/services/default-user-asymmetric-key-regeneration.service.ts +++ b/libs/key-management/src/user-asymmetric-key-regeneration/services/default-user-asymmetric-key-regeneration.service.ts @@ -14,6 +14,7 @@ import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.servi import { KeyService } from "../../abstractions/key.service"; import { UserAsymmetricKeysRegenerationApiService } from "../abstractions/user-asymmetric-key-regeneration-api.service"; import { UserAsymmetricKeysRegenerationService } from "../abstractions/user-asymmetric-key-regeneration.service"; +import { AccountCryptographicStateService } from "@bitwarden/common/key-management/account-cryptography/account-cryptographic-state.service"; export class DefaultUserAsymmetricKeysRegenerationService implements UserAsymmetricKeysRegenerationService { constructor( @@ -24,6 +25,7 @@ export class DefaultUserAsymmetricKeysRegenerationService implements UserAsymmet private sdkService: SdkService, private apiService: ApiService, private configService: ConfigService, + private accountCryptographicStateService: AccountCryptographicStateService ) {} async regenerateIfNeeded(userId: UserId): Promise { @@ -162,6 +164,11 @@ export class DefaultUserAsymmetricKeysRegenerationService implements UserAsymmet } await this.keyService.setPrivateKey(makeKeyPairResponse.userKeyEncryptedPrivateKey, userId); + await this.accountCryptographicStateService.setAccountCryptographicState({ + "V1": { + private_key: makeKeyPairResponse.userKeyEncryptedPrivateKey + } + }, userId); this.logService.info( "[UserAsymmetricKeyRegeneration] User's asymmetric keys successfully regenerated.", );