Update decryptUserKeyWithMasterKey to requireUserId (#11560)

* Updated decryptUserKeyWithMasterKey to requireUserId * Removed unintended extra character. * Added dependency to LogService. * Fixed unlock command.
2025-12-10 05:13:29 +00:00 · 2024-11-01 11:21:18 -04:00
parent 5eae599b81
commit a049b553a6
19 changed files with 41 additions and 18 deletions
--- a/libs/common/src/auth/abstractions/master-password.service.abstraction.ts
+++ b/libs/common/src/auth/abstractions/master-password.service.abstraction.ts
@@ -33,16 +33,16 @@ export abstract class MasterPasswordServiceAbstraction {
  /**
   * Decrypts the user key with the provided master key
   * @param masterKey The user's master key
+   *    * @param userId The desired user
   * @param userKey The user's encrypted symmetric key
-   * @param userId The desired user
   * @throws If either the MasterKey or UserKey are not resolved, or if the UserKey encryption type
   *         is neither AesCbc256_B64 nor AesCbc256_HmacSha256_B64
   * @returns The user key
   */
  abstract decryptUserKeyWithMasterKey: (
    masterKey: MasterKey,
+    userId: string,
    userKey?: EncString,
-    userId?: string,
  ) => Promise<UserKey>;
 }

--- a/libs/common/src/auth/services/master-password/fake-master-password.service.ts
+++ b/libs/common/src/auth/services/master-password/fake-master-password.service.ts
@@ -64,9 +64,9 @@ export class FakeMasterPasswordService implements InternalMasterPasswordServiceA

  decryptUserKeyWithMasterKey(
    masterKey: MasterKey,
+    userId: string,
    userKey?: EncString,
-    userId?: string,
  ): Promise<UserKey> {
-    return this.mock.decryptUserKeyWithMasterKey(masterKey, userKey, userId);
+    return this.mock.decryptUserKeyWithMasterKey(masterKey, userId, userKey);
  }
 }
--- a/libs/common/src/auth/services/master-password/master-password.service.ts
+++ b/libs/common/src/auth/services/master-password/master-password.service.ts
@@ -1,5 +1,7 @@
 import { firstValueFrom, map, Observable } from "rxjs";

+import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
+
 import { EncryptService } from "../../../platform/abstractions/encrypt.service";
 import { KeyGenerationService } from "../../../platform/abstractions/key-generation.service";
 import { StateService } from "../../../platform/abstractions/state.service";
@@ -55,6 +57,7 @@ export class MasterPasswordService implements InternalMasterPasswordServiceAbstr
    private stateService: StateService,
    private keyGenerationService: KeyGenerationService,
    private encryptService: EncryptService,
+    private logService: LogService,
  ) {}

  masterKey$(userId: UserId): Observable<MasterKey> {
@@ -149,10 +152,9 @@ export class MasterPasswordService implements InternalMasterPasswordServiceAbstr

  async decryptUserKeyWithMasterKey(
    masterKey: MasterKey,
+    userId: UserId,
    userKey?: EncString,
-    userId?: UserId,
  ): Promise<UserKey> {
-    userId ??= await firstValueFrom(this.stateProvider.activeUserId$);
    userKey ??= await this.getMasterKeyEncryptedUserKey(userId);
    masterKey ??= await firstValueFrom(this.masterKey$(userId));

@@ -185,6 +187,7 @@ export class MasterPasswordService implements InternalMasterPasswordServiceAbstr
    }

    if (decUserKey == null) {
+      this.logService.warning("Failed to decrypt user key with master key.");
      return null;
    }