[PM-19603] Change asymmetric interface to only allow key encapsulation (#14046)

* Change asymmetric interface to only allow key encapsulation * Fix naming * Clean up naming * Update libs/common/src/key-management/crypto/abstractions/encrypt.service.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update libs/common/src/key-management/crypto/abstractions/encrypt.service.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Fix test --------- Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2025-12-10 05:13:29 +00:00 · 2025-04-15 16:39:02 +02:00
parent 9f174e7723
commit b09305577f
30 changed files with 229 additions and 143 deletions
--- a/libs/angular/src/auth/components/set-password.component.ts
+++ b/libs/angular/src/auth/components/set-password.component.ts
@@ -211,7 +211,10 @@ export class SetPasswordComponent extends BaseChangePasswordComponent implements

            // RSA Encrypt user key with organization public key
            const userKey = await this.keyService.getUserKey();
-            const encryptedUserKey = await this.encryptService.rsaEncrypt(userKey.key, publicKey);
+            const encryptedUserKey = await this.encryptService.encapsulateKeyUnsigned(
+              userKey,
+              publicKey,
+            );

            const resetRequest = new OrganizationUserResetPasswordEnrollmentRequest();
            resetRequest.masterPasswordHash = masterPasswordHash;