mirror of
https://github.com/bitwarden/browser
synced 2025-12-15 15:53:27 +00:00
[Pm-13097] Rename cryptoservice to keyservice and move it to km ownership (#11358)
* Rename cryptoservice to keyservice * Rename cryptoservice to keyservice * Move key service to key management ownership * Remove accidentally added file * Fix cli build * Fix browser build * Run prettier * Fix builds * Fix cli build * Fix tests * Fix incorrect renames * Rename webauthn-login-crypto-service * Fix build errors due to merge conflicts * Fix linting
This commit is contained in:
Bernd Schoolmann
GitHub
@@ -10,7 +10,6 @@ import { AuditService } from "@bitwarden/common/abstractions/audit.service";
|
||||
import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
|
||||
import { MasterPasswordPolicyOptions } from "@bitwarden/common/admin-console/models/domain/master-password-policy-options";
|
||||
import { DEFAULT_KDF_CONFIG } from "@bitwarden/common/auth/models/domain/kdf-config";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
import { HashPurpose } from "@bitwarden/common/platform/enums";
|
||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
@@ -24,6 +23,7 @@ import {
|
||||
InputModule,
|
||||
ToastService,
|
||||
} from "@bitwarden/components";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { InputsFieldMatch } from "../../../../angular/src/auth/validators/inputs-field-match.validator";
|
||||
import { SharedModule } from "../../../../components/src/shared";
|
||||
@@ -96,7 +96,7 @@ export class InputPasswordComponent {
|
||||
|
||||
constructor(
|
||||
private auditService: AuditService,
|
||||
private cryptoService: CryptoService,
|
||||
private keyService: KeyService,
|
||||
private dialogService: DialogService,
|
||||
private formBuilder: FormBuilder,
|
||||
private i18nService: I18nService,
|
||||
@@ -146,15 +146,15 @@ export class InputPasswordComponent {
|
||||
throw new Error("Email is required to create master key.");
|
||||
}
|
||||
|
||||
const masterKey = await this.cryptoService.makeMasterKey(
|
||||
const masterKey = await this.keyService.makeMasterKey(
|
||||
password,
|
||||
this.email.trim().toLowerCase(),
|
||||
kdfConfig,
|
||||
);
|
||||
|
||||
const masterKeyHash = await this.cryptoService.hashMasterKey(password, masterKey);
|
||||
const masterKeyHash = await this.keyService.hashMasterKey(password, masterKey);
|
||||
|
||||
const localMasterKeyHash = await this.cryptoService.hashMasterKey(
|
||||
const localMasterKeyHash = await this.keyService.hashMasterKey(
|
||||
password,
|
||||
masterKey,
|
||||
HashPurpose.LocalAuthorization,
|
||||
|
||||
@@ -7,9 +7,9 @@ import { ZXCVBNResult } from "zxcvbn";
|
||||
import { AuditService } from "@bitwarden/common/abstractions/audit.service";
|
||||
import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
|
||||
import { MasterPasswordPolicyOptions } from "@bitwarden/common/admin-console/models/domain/master-password-policy-options";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { PasswordStrengthServiceAbstraction } from "@bitwarden/common/tools/password-strength";
|
||||
import { DialogService, ToastService } from "@bitwarden/components";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
// FIXME: remove `/apps` import from `/libs`
|
||||
// eslint-disable-next-line import/no-restricted-paths
|
||||
@@ -32,7 +32,7 @@ export default {
|
||||
} as Partial<AuditService>,
|
||||
},
|
||||
{
|
||||
provide: CryptoService,
|
||||
provide: KeyService,
|
||||
useValue: {
|
||||
makeMasterKey: () => Promise.resolve("example-master-key"),
|
||||
hashMasterKey: () => Promise.resolve("example-master-key-hash"),
|
||||
|
||||
@@ -19,7 +19,6 @@ import {
|
||||
} from "@bitwarden/common/auth/types/verification";
|
||||
import { ClientType } from "@bitwarden/common/enums";
|
||||
import { BroadcasterService } from "@bitwarden/common/platform/abstractions/broadcaster.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
||||
import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service";
|
||||
@@ -37,7 +36,7 @@ import {
|
||||
IconButtonModule,
|
||||
ToastService,
|
||||
} from "@bitwarden/components";
|
||||
import { BiometricStateService } from "@bitwarden/key-management";
|
||||
import { KeyService, BiometricStateService } from "@bitwarden/key-management";
|
||||
|
||||
import { PinServiceAbstraction } from "../../common/abstractions";
|
||||
import { AnonLayoutWrapperDataService } from "../anon-layout/anon-layout-wrapper-data.service";
|
||||
@@ -123,7 +122,7 @@ export class LockV2Component implements OnInit, OnDestroy {
|
||||
private accountService: AccountService,
|
||||
private pinService: PinServiceAbstraction,
|
||||
private userVerificationService: UserVerificationService,
|
||||
private cryptoService: CryptoService,
|
||||
private keyService: KeyService,
|
||||
private platformUtilsService: PlatformUtilsService,
|
||||
private router: Router,
|
||||
private dialogService: DialogService,
|
||||
@@ -307,7 +306,7 @@ export class LockV2Component implements OnInit, OnDestroy {
|
||||
|
||||
try {
|
||||
await this.biometricStateService.setUserPromptCancelled();
|
||||
const userKey = await this.cryptoService.getUserKeyFromStorage(
|
||||
const userKey = await this.keyService.getUserKeyFromStorage(
|
||||
KeySuffixOptions.Biometric,
|
||||
this.activeAccount.id,
|
||||
);
|
||||
@@ -486,7 +485,7 @@ export class LockV2Component implements OnInit, OnDestroy {
|
||||
}
|
||||
|
||||
private async setUserKeyAndContinue(key: UserKey, evaluatePasswordAfterUnlock = false) {
|
||||
await this.cryptoService.setUserKey(key, this.activeAccount.id);
|
||||
await this.keyService.setUserKey(key, this.activeAccount.id);
|
||||
|
||||
// Now that we have a decrypted user key in memory, we can check if we
|
||||
// need to establish trust on the current device
|
||||
|
||||
@@ -2,11 +2,11 @@ import { MockProxy, mock } from "jest-mock-extended";
|
||||
|
||||
import { AccountApiService } from "@bitwarden/common/auth/abstractions/account-api.service";
|
||||
import { DEFAULT_KDF_CONFIG } from "@bitwarden/common/auth/models/domain/kdf-config";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncString } from "@bitwarden/common/platform/models/domain/enc-string";
|
||||
import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";
|
||||
import { CsprngArray } from "@bitwarden/common/types/csprng";
|
||||
import { MasterKey, UserKey } from "@bitwarden/common/types/key";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { PasswordInputResult } from "../../input-password/password-input-result";
|
||||
|
||||
@@ -15,14 +15,14 @@ import { DefaultRegistrationFinishService } from "./default-registration-finish.
|
||||
describe("DefaultRegistrationFinishService", () => {
|
||||
let service: DefaultRegistrationFinishService;
|
||||
|
||||
let cryptoService: MockProxy<CryptoService>;
|
||||
let keyService: MockProxy<KeyService>;
|
||||
let accountApiService: MockProxy<AccountApiService>;
|
||||
|
||||
beforeEach(() => {
|
||||
cryptoService = mock<CryptoService>();
|
||||
keyService = mock<KeyService>();
|
||||
accountApiService = mock<AccountApiService>();
|
||||
|
||||
service = new DefaultRegistrationFinishService(cryptoService, accountApiService);
|
||||
service = new DefaultRegistrationFinishService(keyService, accountApiService);
|
||||
});
|
||||
|
||||
it("instantiates", () => {
|
||||
@@ -76,7 +76,7 @@ describe("DefaultRegistrationFinishService", () => {
|
||||
});
|
||||
|
||||
it("throws an error if the user key cannot be created", async () => {
|
||||
cryptoService.makeUserKey.mockResolvedValue([null, null]);
|
||||
keyService.makeUserKey.mockResolvedValue([null, null]);
|
||||
|
||||
await expect(service.finishRegistration(email, passwordInputResult)).rejects.toThrow(
|
||||
"User key could not be created",
|
||||
@@ -84,8 +84,8 @@ describe("DefaultRegistrationFinishService", () => {
|
||||
});
|
||||
|
||||
it("registers the user and returns a captcha bypass token when given valid email verification input", async () => {
|
||||
cryptoService.makeUserKey.mockResolvedValue([userKey, userKeyEncString]);
|
||||
cryptoService.makeKeyPair.mockResolvedValue(userKeyPair);
|
||||
keyService.makeUserKey.mockResolvedValue([userKey, userKeyEncString]);
|
||||
keyService.makeKeyPair.mockResolvedValue(userKeyPair);
|
||||
accountApiService.registerFinish.mockResolvedValue(capchaBypassToken);
|
||||
|
||||
const result = await service.finishRegistration(
|
||||
@@ -96,8 +96,8 @@ describe("DefaultRegistrationFinishService", () => {
|
||||
|
||||
expect(result).toEqual(capchaBypassToken);
|
||||
|
||||
expect(cryptoService.makeUserKey).toHaveBeenCalledWith(masterKey);
|
||||
expect(cryptoService.makeKeyPair).toHaveBeenCalledWith(userKey);
|
||||
expect(keyService.makeUserKey).toHaveBeenCalledWith(masterKey);
|
||||
expect(keyService.makeKeyPair).toHaveBeenCalledWith(userKey);
|
||||
expect(accountApiService.registerFinish).toHaveBeenCalledWith(
|
||||
expect.objectContaining({
|
||||
email,
|
||||
|
||||
@@ -2,8 +2,8 @@ import { MasterPasswordPolicyOptions } from "@bitwarden/common/admin-console/mod
|
||||
import { AccountApiService } from "@bitwarden/common/auth/abstractions/account-api.service";
|
||||
import { RegisterFinishRequest } from "@bitwarden/common/auth/models/request/registration/register-finish.request";
|
||||
import { KeysRequest } from "@bitwarden/common/models/request/keys.request";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptedString, EncString } from "@bitwarden/common/platform/models/domain/enc-string";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { PasswordInputResult } from "../../input-password/password-input-result";
|
||||
|
||||
@@ -11,7 +11,7 @@ import { RegistrationFinishService } from "./registration-finish.service";
|
||||
|
||||
export class DefaultRegistrationFinishService implements RegistrationFinishService {
|
||||
constructor(
|
||||
protected cryptoService: CryptoService,
|
||||
protected keyService: KeyService,
|
||||
protected accountApiService: AccountApiService,
|
||||
) {}
|
||||
|
||||
@@ -31,14 +31,14 @@ export class DefaultRegistrationFinishService implements RegistrationFinishServi
|
||||
acceptEmergencyAccessInviteToken?: string,
|
||||
emergencyAccessId?: string,
|
||||
): Promise<string> {
|
||||
const [newUserKey, newEncUserKey] = await this.cryptoService.makeUserKey(
|
||||
const [newUserKey, newEncUserKey] = await this.keyService.makeUserKey(
|
||||
passwordInputResult.masterKey,
|
||||
);
|
||||
|
||||
if (!newUserKey || !newEncUserKey) {
|
||||
throw new Error("User key could not be created");
|
||||
}
|
||||
const userAsymmetricKeys = await this.cryptoService.makeKeyPair(newUserKey);
|
||||
const userAsymmetricKeys = await this.keyService.makeKeyPair(newUserKey);
|
||||
|
||||
const registerRequest = await this.buildRegisterRequest(
|
||||
email,
|
||||
|
||||
@@ -14,7 +14,6 @@ import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth
|
||||
import { DEFAULT_KDF_CONFIG } from "@bitwarden/common/auth/models/domain/kdf-config";
|
||||
import { SetPasswordRequest } from "@bitwarden/common/auth/models/request/set-password.request";
|
||||
import { KeysRequest } from "@bitwarden/common/models/request/keys.request";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
@@ -23,6 +22,7 @@ import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/sym
|
||||
import { CsprngArray } from "@bitwarden/common/types/csprng";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
import { MasterKey, UserKey } from "@bitwarden/common/types/key";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { PasswordInputResult } from "../input-password/password-input-result";
|
||||
|
||||
@@ -33,7 +33,7 @@ describe("DefaultSetPasswordJitService", () => {
|
||||
let sut: DefaultSetPasswordJitService;
|
||||
|
||||
let apiService: MockProxy<ApiService>;
|
||||
let cryptoService: MockProxy<CryptoService>;
|
||||
let keyService: MockProxy<KeyService>;
|
||||
let encryptService: MockProxy<EncryptService>;
|
||||
let i18nService: MockProxy<I18nService>;
|
||||
let kdfConfigService: MockProxy<KdfConfigService>;
|
||||
@@ -44,7 +44,7 @@ describe("DefaultSetPasswordJitService", () => {
|
||||
|
||||
beforeEach(() => {
|
||||
apiService = mock<ApiService>();
|
||||
cryptoService = mock<CryptoService>();
|
||||
keyService = mock<KeyService>();
|
||||
encryptService = mock<EncryptService>();
|
||||
i18nService = mock<I18nService>();
|
||||
kdfConfigService = mock<KdfConfigService>();
|
||||
@@ -55,7 +55,7 @@ describe("DefaultSetPasswordJitService", () => {
|
||||
|
||||
sut = new DefaultSetPasswordJitService(
|
||||
apiService,
|
||||
cryptoService,
|
||||
keyService,
|
||||
encryptService,
|
||||
i18nService,
|
||||
kdfConfigService,
|
||||
@@ -141,14 +141,14 @@ describe("DefaultSetPasswordJitService", () => {
|
||||
|
||||
function setupSetPasswordMocks(hasUserKey = true) {
|
||||
if (!hasUserKey) {
|
||||
cryptoService.userKey$.mockReturnValue(of(null));
|
||||
cryptoService.makeUserKey.mockResolvedValue(protectedUserKey);
|
||||
keyService.userKey$.mockReturnValue(of(null));
|
||||
keyService.makeUserKey.mockResolvedValue(protectedUserKey);
|
||||
} else {
|
||||
cryptoService.userKey$.mockReturnValue(of(userKey));
|
||||
cryptoService.encryptUserKeyWithMasterKey.mockResolvedValue(protectedUserKey);
|
||||
keyService.userKey$.mockReturnValue(of(userKey));
|
||||
keyService.encryptUserKeyWithMasterKey.mockResolvedValue(protectedUserKey);
|
||||
}
|
||||
|
||||
cryptoService.makeKeyPair.mockResolvedValue(keyPair);
|
||||
keyService.makeKeyPair.mockResolvedValue(keyPair);
|
||||
|
||||
apiService.setPassword.mockResolvedValue(undefined);
|
||||
masterPasswordService.setForceSetPasswordReason.mockResolvedValue(undefined);
|
||||
@@ -156,9 +156,9 @@ describe("DefaultSetPasswordJitService", () => {
|
||||
userDecryptionOptionsSubject.next(new UserDecryptionOptions({ hasMasterPassword: true }));
|
||||
userDecryptionOptionsService.setUserDecryptionOptions.mockResolvedValue(undefined);
|
||||
kdfConfigService.setKdfConfig.mockResolvedValue(undefined);
|
||||
cryptoService.setUserKey.mockResolvedValue(undefined);
|
||||
keyService.setUserKey.mockResolvedValue(undefined);
|
||||
|
||||
cryptoService.setPrivateKey.mockResolvedValue(undefined);
|
||||
keyService.setPrivateKey.mockResolvedValue(undefined);
|
||||
|
||||
masterPasswordService.setMasterKeyHash.mockResolvedValue(undefined);
|
||||
}
|
||||
@@ -171,7 +171,7 @@ describe("DefaultSetPasswordJitService", () => {
|
||||
return;
|
||||
}
|
||||
|
||||
cryptoService.userKey$.mockReturnValue(of(userKey));
|
||||
keyService.userKey$.mockReturnValue(of(userKey));
|
||||
encryptService.rsaEncrypt.mockResolvedValue(userKeyEncString);
|
||||
|
||||
organizationUserApiService.putOrganizationUserResetPasswordEnrollment.mockResolvedValue(
|
||||
|
||||
@@ -13,13 +13,13 @@ import { ForceSetPasswordReason } from "@bitwarden/common/auth/models/domain/for
|
||||
import { PBKDF2KdfConfig } from "@bitwarden/common/auth/models/domain/kdf-config";
|
||||
import { SetPasswordRequest } from "@bitwarden/common/auth/models/request/set-password.request";
|
||||
import { KeysRequest } from "@bitwarden/common/models/request/keys.request";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
import { EncString } from "@bitwarden/common/platform/models/domain/enc-string";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
import { MasterKey, UserKey } from "@bitwarden/common/types/key";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import {
|
||||
SetPasswordCredentials,
|
||||
@@ -29,7 +29,7 @@ import {
|
||||
export class DefaultSetPasswordJitService implements SetPasswordJitService {
|
||||
constructor(
|
||||
protected apiService: ApiService,
|
||||
protected cryptoService: CryptoService,
|
||||
protected keyService: KeyService,
|
||||
protected encryptService: EncryptService,
|
||||
protected i18nService: I18nService,
|
||||
protected kdfConfigService: KdfConfigService,
|
||||
@@ -85,7 +85,7 @@ export class DefaultSetPasswordJitService implements SetPasswordJitService {
|
||||
// User now has a password so update account decryption options in state
|
||||
await this.updateAccountDecryptionProperties(masterKey, kdfConfig, protectedUserKey, userId);
|
||||
|
||||
await this.cryptoService.setPrivateKey(keyPair[1].encryptedString, userId);
|
||||
await this.keyService.setPrivateKey(keyPair[1].encryptedString, userId);
|
||||
|
||||
await this.masterPasswordService.setMasterKeyHash(localMasterKeyHash, userId);
|
||||
|
||||
@@ -100,12 +100,12 @@ export class DefaultSetPasswordJitService implements SetPasswordJitService {
|
||||
): Promise<[UserKey, EncString]> {
|
||||
let protectedUserKey: [UserKey, EncString] = null;
|
||||
|
||||
const userKey = await firstValueFrom(this.cryptoService.userKey$(userId));
|
||||
const userKey = await firstValueFrom(this.keyService.userKey$(userId));
|
||||
|
||||
if (userKey == null) {
|
||||
protectedUserKey = await this.cryptoService.makeUserKey(masterKey);
|
||||
protectedUserKey = await this.keyService.makeUserKey(masterKey);
|
||||
} else {
|
||||
protectedUserKey = await this.cryptoService.encryptUserKeyWithMasterKey(masterKey);
|
||||
protectedUserKey = await this.keyService.encryptUserKeyWithMasterKey(masterKey);
|
||||
}
|
||||
|
||||
return protectedUserKey;
|
||||
@@ -114,7 +114,7 @@ export class DefaultSetPasswordJitService implements SetPasswordJitService {
|
||||
private async makeKeyPairAndRequest(
|
||||
protectedUserKey: [UserKey, EncString],
|
||||
): Promise<[[string, EncString], KeysRequest]> {
|
||||
const keyPair = await this.cryptoService.makeKeyPair(protectedUserKey[0]);
|
||||
const keyPair = await this.keyService.makeKeyPair(protectedUserKey[0]);
|
||||
if (keyPair == null) {
|
||||
throw new Error("keyPair not found. Could not set password.");
|
||||
}
|
||||
@@ -136,7 +136,7 @@ export class DefaultSetPasswordJitService implements SetPasswordJitService {
|
||||
await this.userDecryptionOptionsService.setUserDecryptionOptions(userDecryptionOpts);
|
||||
await this.kdfConfigService.setKdfConfig(userId, kdfConfig);
|
||||
await this.masterPasswordService.setMasterKey(masterKey, userId);
|
||||
await this.cryptoService.setUserKey(protectedUserKey[0], userId);
|
||||
await this.keyService.setUserKey(protectedUserKey[0], userId);
|
||||
}
|
||||
|
||||
private async handleResetPasswordAutoEnroll(
|
||||
@@ -153,7 +153,7 @@ export class DefaultSetPasswordJitService implements SetPasswordJitService {
|
||||
const publicKey = Utils.fromB64ToArray(organizationKeys.publicKey);
|
||||
|
||||
// RSA Encrypt user key with organization public key
|
||||
const userKey = await firstValueFrom(this.cryptoService.userKey$(userId));
|
||||
const userKey = await firstValueFrom(this.keyService.userKey$(userId));
|
||||
|
||||
if (userKey == null) {
|
||||
throw new Error("userKey not found. Could not handle reset password auto enroll.");
|
||||
|
||||
@@ -11,7 +11,6 @@ import { FakeMasterPasswordService } from "@bitwarden/common/auth/services/maste
|
||||
import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abstractions/account/billing-account-profile-state.service";
|
||||
import { VaultTimeoutAction } from "@bitwarden/common/enums/vault-timeout-action.enum";
|
||||
import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
||||
import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service";
|
||||
@@ -24,6 +23,7 @@ import { FakeAccountService, mockAccountServiceWith } from "@bitwarden/common/sp
|
||||
import { CsprngArray } from "@bitwarden/common/types/csprng";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
import { MasterKey, UserKey } from "@bitwarden/common/types/key";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { InternalUserDecryptionOptionsServiceAbstraction } from "../abstractions/user-decryption-options.service.abstraction";
|
||||
import { AuthRequestLoginCredentials } from "../models/domain/login-credentials";
|
||||
@@ -37,7 +37,7 @@ import { identityTokenResponseFactory } from "./login.strategy.spec";
|
||||
describe("AuthRequestLoginStrategy", () => {
|
||||
let cache: AuthRequestLoginStrategyData;
|
||||
|
||||
let cryptoService: MockProxy<CryptoService>;
|
||||
let keyService: MockProxy<KeyService>;
|
||||
let encryptService: MockProxy<EncryptService>;
|
||||
let apiService: MockProxy<ApiService>;
|
||||
let tokenService: MockProxy<TokenService>;
|
||||
@@ -73,7 +73,7 @@ describe("AuthRequestLoginStrategy", () => {
|
||||
const decMasterKeyHash = "LOCAL_PASSWORD_HASH";
|
||||
|
||||
beforeEach(async () => {
|
||||
cryptoService = mock<CryptoService>();
|
||||
keyService = mock<KeyService>();
|
||||
apiService = mock<ApiService>();
|
||||
tokenService = mock<TokenService>();
|
||||
appIdService = mock<AppIdService>();
|
||||
@@ -102,7 +102,7 @@ describe("AuthRequestLoginStrategy", () => {
|
||||
deviceTrustService,
|
||||
accountService,
|
||||
masterPasswordService,
|
||||
cryptoService,
|
||||
keyService,
|
||||
encryptService,
|
||||
apiService,
|
||||
tokenService,
|
||||
@@ -161,13 +161,13 @@ describe("AuthRequestLoginStrategy", () => {
|
||||
decMasterKeyHash,
|
||||
mockUserId,
|
||||
);
|
||||
expect(cryptoService.setMasterKeyEncryptedUserKey).toHaveBeenCalledWith(
|
||||
expect(keyService.setMasterKeyEncryptedUserKey).toHaveBeenCalledWith(
|
||||
tokenResponse.key,
|
||||
mockUserId,
|
||||
);
|
||||
expect(cryptoService.setUserKey).toHaveBeenCalledWith(userKey, mockUserId);
|
||||
expect(keyService.setUserKey).toHaveBeenCalledWith(userKey, mockUserId);
|
||||
expect(deviceTrustService.trustDeviceIfRequired).toHaveBeenCalled();
|
||||
expect(cryptoService.setPrivateKey).toHaveBeenCalledWith(tokenResponse.privateKey, mockUserId);
|
||||
expect(keyService.setPrivateKey).toHaveBeenCalledWith(tokenResponse.privateKey, mockUserId);
|
||||
});
|
||||
|
||||
it("sets keys after a successful authentication when only userKey provided in login credentials", async () => {
|
||||
@@ -189,12 +189,12 @@ describe("AuthRequestLoginStrategy", () => {
|
||||
expect(masterPasswordService.mock.setMasterKeyHash).not.toHaveBeenCalled();
|
||||
|
||||
// setMasterKeyEncryptedUserKey, setUserKey, and setPrivateKey should still be called
|
||||
expect(cryptoService.setMasterKeyEncryptedUserKey).toHaveBeenCalledWith(
|
||||
expect(keyService.setMasterKeyEncryptedUserKey).toHaveBeenCalledWith(
|
||||
tokenResponse.key,
|
||||
mockUserId,
|
||||
);
|
||||
expect(cryptoService.setUserKey).toHaveBeenCalledWith(decUserKey, mockUserId);
|
||||
expect(cryptoService.setPrivateKey).toHaveBeenCalledWith(tokenResponse.privateKey, mockUserId);
|
||||
expect(keyService.setUserKey).toHaveBeenCalledWith(decUserKey, mockUserId);
|
||||
expect(keyService.setPrivateKey).toHaveBeenCalledWith(tokenResponse.privateKey, mockUserId);
|
||||
|
||||
// trustDeviceIfRequired should be called
|
||||
expect(deviceTrustService.trustDeviceIfRequired).not.toHaveBeenCalled();
|
||||
|
||||
@@ -99,10 +99,10 @@ export class AuthRequestLoginStrategy extends LoginStrategy {
|
||||
const authRequestCredentials = this.cache.value.authRequestCredentials;
|
||||
// User now may or may not have a master password
|
||||
// but set the master key encrypted user key if it exists regardless
|
||||
await this.cryptoService.setMasterKeyEncryptedUserKey(response.key, userId);
|
||||
await this.keyService.setMasterKeyEncryptedUserKey(response.key, userId);
|
||||
|
||||
if (authRequestCredentials.decryptedUserKey) {
|
||||
await this.cryptoService.setUserKey(authRequestCredentials.decryptedUserKey, userId);
|
||||
await this.keyService.setUserKey(authRequestCredentials.decryptedUserKey, userId);
|
||||
} else {
|
||||
await this.trySetUserKeyWithMasterKey(userId);
|
||||
|
||||
@@ -115,7 +115,7 @@ export class AuthRequestLoginStrategy extends LoginStrategy {
|
||||
const masterKey = await firstValueFrom(this.masterPasswordService.masterKey$(userId));
|
||||
if (masterKey) {
|
||||
const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(masterKey);
|
||||
await this.cryptoService.setUserKey(userKey, userId);
|
||||
await this.keyService.setUserKey(userKey, userId);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -123,7 +123,7 @@ export class AuthRequestLoginStrategy extends LoginStrategy {
|
||||
response: IdentityTokenResponse,
|
||||
userId: UserId,
|
||||
): Promise<void> {
|
||||
await this.cryptoService.setPrivateKey(
|
||||
await this.keyService.setPrivateKey(
|
||||
response.privateKey ?? (await this.createKeyPairForOldAccount(userId)),
|
||||
userId,
|
||||
);
|
||||
|
||||
@@ -21,7 +21,6 @@ import { FakeMasterPasswordService } from "@bitwarden/common/auth/services/maste
|
||||
import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abstractions/account/billing-account-profile-state.service";
|
||||
import { VaultTimeoutAction } from "@bitwarden/common/enums/vault-timeout-action.enum";
|
||||
import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
||||
import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service";
|
||||
@@ -39,6 +38,7 @@ import {
|
||||
import { CsprngArray } from "@bitwarden/common/types/csprng";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
import { UserKey, MasterKey } from "@bitwarden/common/types/key";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { LoginStrategyServiceAbstraction } from "../abstractions";
|
||||
import { InternalUserDecryptionOptionsServiceAbstraction } from "../abstractions/user-decryption-options.service.abstraction";
|
||||
@@ -104,7 +104,7 @@ describe("LoginStrategy", () => {
|
||||
let masterPasswordService: FakeMasterPasswordService;
|
||||
|
||||
let loginStrategyService: MockProxy<LoginStrategyServiceAbstraction>;
|
||||
let cryptoService: MockProxy<CryptoService>;
|
||||
let keyService: MockProxy<KeyService>;
|
||||
let encryptService: MockProxy<EncryptService>;
|
||||
let apiService: MockProxy<ApiService>;
|
||||
let tokenService: MockProxy<TokenService>;
|
||||
@@ -129,7 +129,7 @@ describe("LoginStrategy", () => {
|
||||
masterPasswordService = new FakeMasterPasswordService();
|
||||
|
||||
loginStrategyService = mock<LoginStrategyServiceAbstraction>();
|
||||
cryptoService = mock<CryptoService>();
|
||||
keyService = mock<KeyService>();
|
||||
encryptService = mock<EncryptService>();
|
||||
apiService = mock<ApiService>();
|
||||
tokenService = mock<TokenService>();
|
||||
@@ -158,7 +158,7 @@ describe("LoginStrategy", () => {
|
||||
loginStrategyService,
|
||||
accountService,
|
||||
masterPasswordService,
|
||||
cryptoService,
|
||||
keyService,
|
||||
encryptService,
|
||||
apiService,
|
||||
tokenService,
|
||||
@@ -321,7 +321,7 @@ describe("LoginStrategy", () => {
|
||||
it("makes a new public and private key for an old account", async () => {
|
||||
const tokenResponse = identityTokenResponseFactory();
|
||||
tokenResponse.privateKey = null;
|
||||
cryptoService.makeKeyPair.mockResolvedValue(["PUBLIC_KEY", new EncString("PRIVATE_KEY")]);
|
||||
keyService.makeKeyPair.mockResolvedValue(["PUBLIC_KEY", new EncString("PRIVATE_KEY")]);
|
||||
|
||||
apiService.postIdentityToken.mockResolvedValue(tokenResponse);
|
||||
masterPasswordService.masterKeySubject.next(masterKey);
|
||||
@@ -330,10 +330,10 @@ describe("LoginStrategy", () => {
|
||||
await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
// User symmetric key must be set before the new RSA keypair is generated
|
||||
expect(cryptoService.setUserKey).toHaveBeenCalled();
|
||||
expect(cryptoService.makeKeyPair).toHaveBeenCalled();
|
||||
expect(cryptoService.setUserKey.mock.invocationCallOrder[0]).toBeLessThan(
|
||||
cryptoService.makeKeyPair.mock.invocationCallOrder[0],
|
||||
expect(keyService.setUserKey).toHaveBeenCalled();
|
||||
expect(keyService.makeKeyPair).toHaveBeenCalled();
|
||||
expect(keyService.setUserKey.mock.invocationCallOrder[0]).toBeLessThan(
|
||||
keyService.makeKeyPair.mock.invocationCallOrder[0],
|
||||
);
|
||||
|
||||
expect(apiService.postAccountKeys).toHaveBeenCalled();
|
||||
@@ -470,7 +470,7 @@ describe("LoginStrategy", () => {
|
||||
loginStrategyService,
|
||||
accountService,
|
||||
masterPasswordService,
|
||||
cryptoService,
|
||||
keyService,
|
||||
encryptService,
|
||||
apiService,
|
||||
tokenService,
|
||||
|
||||
@@ -25,7 +25,6 @@ import { ClientType } from "@bitwarden/common/enums";
|
||||
import { VaultTimeoutAction } from "@bitwarden/common/enums/vault-timeout-action.enum";
|
||||
import { KeysRequest } from "@bitwarden/common/models/request/keys.request";
|
||||
import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
||||
import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service";
|
||||
@@ -34,6 +33,7 @@ import { StateService } from "@bitwarden/common/platform/abstractions/state.serv
|
||||
import { KdfType } from "@bitwarden/common/platform/enums";
|
||||
import { Account, AccountProfile } from "@bitwarden/common/platform/models/domain/account";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { InternalUserDecryptionOptionsServiceAbstraction } from "../abstractions/user-decryption-options.service.abstraction";
|
||||
import {
|
||||
@@ -66,7 +66,7 @@ export abstract class LoginStrategy {
|
||||
constructor(
|
||||
protected accountService: AccountService,
|
||||
protected masterPasswordService: InternalMasterPasswordServiceAbstraction,
|
||||
protected cryptoService: CryptoService,
|
||||
protected keyService: KeyService,
|
||||
protected encryptService: EncryptService,
|
||||
protected apiService: ApiService,
|
||||
protected tokenService: TokenService,
|
||||
@@ -284,8 +284,8 @@ export abstract class LoginStrategy {
|
||||
|
||||
protected async createKeyPairForOldAccount(userId: UserId) {
|
||||
try {
|
||||
const userKey = await this.cryptoService.getUserKeyWithLegacySupport(userId);
|
||||
const [publicKey, privateKey] = await this.cryptoService.makeKeyPair(userKey);
|
||||
const userKey = await this.keyService.getUserKeyWithLegacySupport(userId);
|
||||
const [publicKey, privateKey] = await this.keyService.makeKeyPair(userKey);
|
||||
await this.apiService.postAccountKeys(new KeysRequest(publicKey, privateKey.encryptedString));
|
||||
return privateKey.encryptedString;
|
||||
} catch (e) {
|
||||
|
||||
@@ -15,7 +15,6 @@ import { FakeMasterPasswordService } from "@bitwarden/common/auth/services/maste
|
||||
import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abstractions/account/billing-account-profile-state.service";
|
||||
import { VaultTimeoutAction } from "@bitwarden/common/enums/vault-timeout-action.enum";
|
||||
import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
||||
import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service";
|
||||
@@ -33,6 +32,7 @@ import {
|
||||
import { CsprngArray } from "@bitwarden/common/types/csprng";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
import { MasterKey, UserKey } from "@bitwarden/common/types/key";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { LoginStrategyServiceAbstraction } from "../abstractions";
|
||||
import { InternalUserDecryptionOptionsServiceAbstraction } from "../abstractions/user-decryption-options.service.abstraction";
|
||||
@@ -63,7 +63,7 @@ describe("PasswordLoginStrategy", () => {
|
||||
let masterPasswordService: FakeMasterPasswordService;
|
||||
|
||||
let loginStrategyService: MockProxy<LoginStrategyServiceAbstraction>;
|
||||
let cryptoService: MockProxy<CryptoService>;
|
||||
let keyService: MockProxy<KeyService>;
|
||||
let encryptService: MockProxy<EncryptService>;
|
||||
let apiService: MockProxy<ApiService>;
|
||||
let tokenService: MockProxy<TokenService>;
|
||||
@@ -89,7 +89,7 @@ describe("PasswordLoginStrategy", () => {
|
||||
masterPasswordService = new FakeMasterPasswordService();
|
||||
|
||||
loginStrategyService = mock<LoginStrategyServiceAbstraction>();
|
||||
cryptoService = mock<CryptoService>();
|
||||
keyService = mock<KeyService>();
|
||||
encryptService = mock<EncryptService>();
|
||||
apiService = mock<ApiService>();
|
||||
tokenService = mock<TokenService>();
|
||||
@@ -113,10 +113,10 @@ describe("PasswordLoginStrategy", () => {
|
||||
|
||||
loginStrategyService.makePreloginKey.mockResolvedValue(masterKey);
|
||||
|
||||
cryptoService.hashMasterKey
|
||||
keyService.hashMasterKey
|
||||
.calledWith(masterPassword, expect.anything(), undefined)
|
||||
.mockResolvedValue(hashedPassword);
|
||||
cryptoService.hashMasterKey
|
||||
keyService.hashMasterKey
|
||||
.calledWith(masterPassword, expect.anything(), HashPurpose.LocalAuthorization)
|
||||
.mockResolvedValue(localHashedPassword);
|
||||
|
||||
@@ -129,7 +129,7 @@ describe("PasswordLoginStrategy", () => {
|
||||
loginStrategyService,
|
||||
accountService,
|
||||
masterPasswordService,
|
||||
cryptoService,
|
||||
keyService,
|
||||
encryptService,
|
||||
apiService,
|
||||
tokenService,
|
||||
@@ -198,12 +198,9 @@ describe("PasswordLoginStrategy", () => {
|
||||
localHashedPassword,
|
||||
userId,
|
||||
);
|
||||
expect(cryptoService.setMasterKeyEncryptedUserKey).toHaveBeenCalledWith(
|
||||
tokenResponse.key,
|
||||
userId,
|
||||
);
|
||||
expect(cryptoService.setUserKey).toHaveBeenCalledWith(userKey, userId);
|
||||
expect(cryptoService.setPrivateKey).toHaveBeenCalledWith(tokenResponse.privateKey, userId);
|
||||
expect(keyService.setMasterKeyEncryptedUserKey).toHaveBeenCalledWith(tokenResponse.key, userId);
|
||||
expect(keyService.setUserKey).toHaveBeenCalledWith(userKey, userId);
|
||||
expect(keyService.setPrivateKey).toHaveBeenCalledWith(tokenResponse.privateKey, userId);
|
||||
});
|
||||
|
||||
it("does not force the user to update their master password when there are no requirements", async () => {
|
||||
|
||||
@@ -83,15 +83,12 @@ export class PasswordLoginStrategy extends LoginStrategy {
|
||||
data.userEnteredEmail = email;
|
||||
|
||||
// Hash the password early (before authentication) so we don't persist it in memory in plaintext
|
||||
data.localMasterKeyHash = await this.cryptoService.hashMasterKey(
|
||||
data.localMasterKeyHash = await this.keyService.hashMasterKey(
|
||||
masterPassword,
|
||||
data.masterKey,
|
||||
HashPurpose.LocalAuthorization,
|
||||
);
|
||||
const serverMasterKeyHash = await this.cryptoService.hashMasterKey(
|
||||
masterPassword,
|
||||
data.masterKey,
|
||||
);
|
||||
const serverMasterKeyHash = await this.keyService.hashMasterKey(masterPassword, data.masterKey);
|
||||
|
||||
data.tokenRequest = new PasswordTokenRequest(
|
||||
email,
|
||||
@@ -182,12 +179,12 @@ export class PasswordLoginStrategy extends LoginStrategy {
|
||||
if (this.encryptionKeyMigrationRequired(response)) {
|
||||
return;
|
||||
}
|
||||
await this.cryptoService.setMasterKeyEncryptedUserKey(response.key, userId);
|
||||
await this.keyService.setMasterKeyEncryptedUserKey(response.key, userId);
|
||||
|
||||
const masterKey = await firstValueFrom(this.masterPasswordService.masterKey$(userId));
|
||||
if (masterKey) {
|
||||
const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(masterKey);
|
||||
await this.cryptoService.setUserKey(userKey, userId);
|
||||
await this.keyService.setUserKey(userKey, userId);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -195,7 +192,7 @@ export class PasswordLoginStrategy extends LoginStrategy {
|
||||
response: IdentityTokenResponse,
|
||||
userId: UserId,
|
||||
): Promise<void> {
|
||||
await this.cryptoService.setPrivateKey(
|
||||
await this.keyService.setPrivateKey(
|
||||
response.privateKey ?? (await this.createKeyPairForOldAccount(userId)),
|
||||
userId,
|
||||
);
|
||||
|
||||
@@ -16,7 +16,6 @@ import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abs
|
||||
import { VaultTimeoutAction } from "@bitwarden/common/enums/vault-timeout-action.enum";
|
||||
import { ErrorResponse } from "@bitwarden/common/models/response/error.response";
|
||||
import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
||||
@@ -30,6 +29,7 @@ import { FakeAccountService, mockAccountServiceWith } from "@bitwarden/common/sp
|
||||
import { CsprngArray } from "@bitwarden/common/types/csprng";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
import { DeviceKey, UserKey, MasterKey } from "@bitwarden/common/types/key";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import {
|
||||
AuthRequestServiceAbstraction,
|
||||
@@ -44,7 +44,7 @@ describe("SsoLoginStrategy", () => {
|
||||
let accountService: FakeAccountService;
|
||||
let masterPasswordService: FakeMasterPasswordService;
|
||||
|
||||
let cryptoService: MockProxy<CryptoService>;
|
||||
let keyService: MockProxy<KeyService>;
|
||||
let encryptService: MockProxy<EncryptService>;
|
||||
let apiService: MockProxy<ApiService>;
|
||||
let tokenService: MockProxy<TokenService>;
|
||||
@@ -79,7 +79,7 @@ describe("SsoLoginStrategy", () => {
|
||||
accountService = mockAccountServiceWith(userId);
|
||||
masterPasswordService = new FakeMasterPasswordService();
|
||||
|
||||
cryptoService = mock<CryptoService>();
|
||||
keyService = mock<KeyService>();
|
||||
encryptService = mock<EncryptService>();
|
||||
apiService = mock<ApiService>();
|
||||
tokenService = mock<TokenService>();
|
||||
@@ -127,7 +127,7 @@ describe("SsoLoginStrategy", () => {
|
||||
i18nService,
|
||||
accountService,
|
||||
masterPasswordService,
|
||||
cryptoService,
|
||||
keyService,
|
||||
encryptService,
|
||||
apiService,
|
||||
tokenService,
|
||||
@@ -174,8 +174,8 @@ describe("SsoLoginStrategy", () => {
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(masterPasswordService.mock.setMasterKey).not.toHaveBeenCalled();
|
||||
expect(cryptoService.setUserKey).not.toHaveBeenCalled();
|
||||
expect(cryptoService.setPrivateKey).not.toHaveBeenCalled();
|
||||
expect(keyService.setUserKey).not.toHaveBeenCalled();
|
||||
expect(keyService.setPrivateKey).not.toHaveBeenCalled();
|
||||
});
|
||||
|
||||
it("sets master key encrypted user key for existing SSO users", async () => {
|
||||
@@ -187,11 +187,8 @@ describe("SsoLoginStrategy", () => {
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
// Assert
|
||||
expect(cryptoService.setMasterKeyEncryptedUserKey).toHaveBeenCalledTimes(1);
|
||||
expect(cryptoService.setMasterKeyEncryptedUserKey).toHaveBeenCalledWith(
|
||||
tokenResponse.key,
|
||||
userId,
|
||||
);
|
||||
expect(keyService.setMasterKeyEncryptedUserKey).toHaveBeenCalledTimes(1);
|
||||
expect(keyService.setMasterKeyEncryptedUserKey).toHaveBeenCalledWith(tokenResponse.key, userId);
|
||||
});
|
||||
|
||||
describe("Trusted Device Decryption", () => {
|
||||
@@ -247,7 +244,7 @@ describe("SsoLoginStrategy", () => {
|
||||
deviceTrustService.getDeviceKey.mockResolvedValue(mockDeviceKey);
|
||||
deviceTrustService.decryptUserKeyWithDeviceKey.mockResolvedValue(mockUserKey);
|
||||
|
||||
const cryptoSvcSetUserKeySpy = jest.spyOn(cryptoService, "setUserKey");
|
||||
const cryptoSvcSetUserKeySpy = jest.spyOn(keyService, "setUserKey");
|
||||
|
||||
// Act
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
@@ -274,7 +271,7 @@ describe("SsoLoginStrategy", () => {
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
// Assert
|
||||
expect(cryptoService.setUserKey).not.toHaveBeenCalled();
|
||||
expect(keyService.setUserKey).not.toHaveBeenCalled();
|
||||
});
|
||||
|
||||
describe.each([
|
||||
@@ -295,7 +292,7 @@ describe("SsoLoginStrategy", () => {
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
// Assert
|
||||
expect(cryptoService.setUserKey).not.toHaveBeenCalled();
|
||||
expect(keyService.setUserKey).not.toHaveBeenCalled();
|
||||
});
|
||||
});
|
||||
|
||||
@@ -314,7 +311,7 @@ describe("SsoLoginStrategy", () => {
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
// Assert
|
||||
expect(cryptoService.setUserKey).not.toHaveBeenCalled();
|
||||
expect(keyService.setUserKey).not.toHaveBeenCalled();
|
||||
});
|
||||
|
||||
it("logs when a device key is found but no decryption keys were recieved in token response", async () => {
|
||||
@@ -365,7 +362,7 @@ describe("SsoLoginStrategy", () => {
|
||||
|
||||
it("sets the user key using master key and hash from approved admin request if exists", async () => {
|
||||
apiService.postIdentityToken.mockResolvedValue(tokenResponse);
|
||||
cryptoService.hasUserKey.mockResolvedValue(true);
|
||||
keyService.hasUserKey.mockResolvedValue(true);
|
||||
const adminAuthResponse = {
|
||||
id: "1",
|
||||
publicKey: "PRIVATE" as any,
|
||||
@@ -383,7 +380,7 @@ describe("SsoLoginStrategy", () => {
|
||||
|
||||
it("sets the user key from approved admin request if exists", async () => {
|
||||
apiService.postIdentityToken.mockResolvedValue(tokenResponse);
|
||||
cryptoService.hasUserKey.mockResolvedValue(true);
|
||||
keyService.hasUserKey.mockResolvedValue(true);
|
||||
const adminAuthResponse = {
|
||||
id: "1",
|
||||
publicKey: "PRIVATE" as any,
|
||||
@@ -400,7 +397,7 @@ describe("SsoLoginStrategy", () => {
|
||||
|
||||
it("attempts to establish a trusted device if successful", async () => {
|
||||
apiService.postIdentityToken.mockResolvedValue(tokenResponse);
|
||||
cryptoService.hasUserKey.mockResolvedValue(true);
|
||||
keyService.hasUserKey.mockResolvedValue(true);
|
||||
const adminAuthResponse = {
|
||||
id: "1",
|
||||
publicKey: "PRIVATE" as any,
|
||||
@@ -438,7 +435,7 @@ describe("SsoLoginStrategy", () => {
|
||||
requestApproved: true,
|
||||
};
|
||||
apiService.getAuthRequest.mockResolvedValue(adminAuthResponse as AuthRequestResponse);
|
||||
cryptoService.hasUserKey.mockResolvedValue(false);
|
||||
keyService.hasUserKey.mockResolvedValue(false);
|
||||
deviceTrustService.getDeviceKey.mockResolvedValue("DEVICE_KEY" as any);
|
||||
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
@@ -502,7 +499,7 @@ describe("SsoLoginStrategy", () => {
|
||||
undefined,
|
||||
undefined,
|
||||
);
|
||||
expect(cryptoService.setUserKey).toHaveBeenCalledWith(userKey, userId);
|
||||
expect(keyService.setUserKey).toHaveBeenCalledWith(userKey, userId);
|
||||
});
|
||||
});
|
||||
|
||||
@@ -558,7 +555,7 @@ describe("SsoLoginStrategy", () => {
|
||||
undefined,
|
||||
undefined,
|
||||
);
|
||||
expect(cryptoService.setUserKey).toHaveBeenCalledWith(userKey, userId);
|
||||
expect(keyService.setUserKey).toHaveBeenCalledWith(userKey, userId);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
@@ -192,7 +192,7 @@ export class SsoLoginStrategy extends LoginStrategy {
|
||||
|
||||
if (masterKeyEncryptedUserKey) {
|
||||
// set the master key encrypted user key if it exists
|
||||
await this.cryptoService.setMasterKeyEncryptedUserKey(masterKeyEncryptedUserKey, userId);
|
||||
await this.keyService.setMasterKeyEncryptedUserKey(masterKeyEncryptedUserKey, userId);
|
||||
}
|
||||
|
||||
const userDecryptionOptions = tokenResponse?.userDecryptionOptions;
|
||||
@@ -205,7 +205,7 @@ export class SsoLoginStrategy extends LoginStrategy {
|
||||
// Using it will clear it from state and future requests will use the device key.
|
||||
await this.trySetUserKeyWithApprovedAdminRequestIfExists(userId);
|
||||
|
||||
const hasUserKey = await this.cryptoService.hasUserKey(userId);
|
||||
const hasUserKey = await this.keyService.hasUserKey(userId);
|
||||
|
||||
// Only try to set user key with device key if admin approval request was not successful.
|
||||
if (!hasUserKey) {
|
||||
@@ -267,7 +267,7 @@ export class SsoLoginStrategy extends LoginStrategy {
|
||||
);
|
||||
}
|
||||
|
||||
if (await this.cryptoService.hasUserKey()) {
|
||||
if (await this.keyService.hasUserKey()) {
|
||||
// Now that we have a decrypted user key in memory, we can check if we
|
||||
// need to establish trust on the current device
|
||||
await this.deviceTrustService.trustDeviceIfRequired(userId);
|
||||
@@ -323,7 +323,7 @@ export class SsoLoginStrategy extends LoginStrategy {
|
||||
);
|
||||
|
||||
if (userKey) {
|
||||
await this.cryptoService.setUserKey(userKey, userId);
|
||||
await this.keyService.setUserKey(userKey, userId);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -339,7 +339,7 @@ export class SsoLoginStrategy extends LoginStrategy {
|
||||
}
|
||||
|
||||
const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(masterKey);
|
||||
await this.cryptoService.setUserKey(userKey, userId);
|
||||
await this.keyService.setUserKey(userKey, userId);
|
||||
}
|
||||
|
||||
protected override async setPrivateKey(
|
||||
@@ -349,7 +349,7 @@ export class SsoLoginStrategy extends LoginStrategy {
|
||||
const newSsoUser = tokenResponse.key == null;
|
||||
|
||||
if (!newSsoUser) {
|
||||
await this.cryptoService.setPrivateKey(
|
||||
await this.keyService.setPrivateKey(
|
||||
tokenResponse.privateKey ?? (await this.createKeyPairForOldAccount(userId)),
|
||||
userId,
|
||||
);
|
||||
|
||||
@@ -10,7 +10,6 @@ import { FakeMasterPasswordService } from "@bitwarden/common/auth/services/maste
|
||||
import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abstractions/account/billing-account-profile-state.service";
|
||||
import { VaultTimeoutAction } from "@bitwarden/common/enums/vault-timeout-action.enum";
|
||||
import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import {
|
||||
Environment,
|
||||
@@ -27,6 +26,7 @@ import { FakeAccountService, mockAccountServiceWith } from "@bitwarden/common/sp
|
||||
import { CsprngArray } from "@bitwarden/common/types/csprng";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
import { UserKey, MasterKey } from "@bitwarden/common/types/key";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { InternalUserDecryptionOptionsServiceAbstraction } from "../abstractions/user-decryption-options.service.abstraction";
|
||||
import { UserApiLoginCredentials } from "../models/domain/login-credentials";
|
||||
@@ -39,7 +39,7 @@ describe("UserApiLoginStrategy", () => {
|
||||
let accountService: FakeAccountService;
|
||||
let masterPasswordService: FakeMasterPasswordService;
|
||||
|
||||
let cryptoService: MockProxy<CryptoService>;
|
||||
let keyService: MockProxy<KeyService>;
|
||||
let encryptService: MockProxy<EncryptService>;
|
||||
let apiService: MockProxy<ApiService>;
|
||||
let tokenService: MockProxy<TokenService>;
|
||||
@@ -72,7 +72,7 @@ describe("UserApiLoginStrategy", () => {
|
||||
accountService = mockAccountServiceWith(userId);
|
||||
masterPasswordService = new FakeMasterPasswordService();
|
||||
|
||||
cryptoService = mock<CryptoService>();
|
||||
keyService = mock<KeyService>();
|
||||
apiService = mock<ApiService>();
|
||||
tokenService = mock<TokenService>();
|
||||
appIdService = mock<AppIdService>();
|
||||
@@ -100,7 +100,7 @@ describe("UserApiLoginStrategy", () => {
|
||||
keyConnectorService,
|
||||
accountService,
|
||||
masterPasswordService,
|
||||
cryptoService,
|
||||
keyService,
|
||||
encryptService,
|
||||
apiService,
|
||||
tokenService,
|
||||
@@ -175,11 +175,8 @@ describe("UserApiLoginStrategy", () => {
|
||||
|
||||
await apiLogInStrategy.logIn(credentials);
|
||||
|
||||
expect(cryptoService.setMasterKeyEncryptedUserKey).toHaveBeenCalledWith(
|
||||
tokenResponse.key,
|
||||
userId,
|
||||
);
|
||||
expect(cryptoService.setPrivateKey).toHaveBeenCalledWith(tokenResponse.privateKey, userId);
|
||||
expect(keyService.setMasterKeyEncryptedUserKey).toHaveBeenCalledWith(tokenResponse.key, userId);
|
||||
expect(keyService.setPrivateKey).toHaveBeenCalledWith(tokenResponse.privateKey, userId);
|
||||
});
|
||||
|
||||
it("gets and sets the master key if Key Connector is enabled", async () => {
|
||||
@@ -219,6 +216,6 @@ describe("UserApiLoginStrategy", () => {
|
||||
undefined,
|
||||
undefined,
|
||||
);
|
||||
expect(cryptoService.setUserKey).toHaveBeenCalledWith(userKey, userId);
|
||||
expect(keyService.setUserKey).toHaveBeenCalledWith(userKey, userId);
|
||||
});
|
||||
});
|
||||
|
||||
@@ -64,13 +64,13 @@ export class UserApiLoginStrategy extends LoginStrategy {
|
||||
response: IdentityTokenResponse,
|
||||
userId: UserId,
|
||||
): Promise<void> {
|
||||
await this.cryptoService.setMasterKeyEncryptedUserKey(response.key, userId);
|
||||
await this.keyService.setMasterKeyEncryptedUserKey(response.key, userId);
|
||||
|
||||
if (response.apiUseKeyConnector) {
|
||||
const masterKey = await firstValueFrom(this.masterPasswordService.masterKey$(userId));
|
||||
if (masterKey) {
|
||||
const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(masterKey);
|
||||
await this.cryptoService.setUserKey(userKey, userId);
|
||||
await this.keyService.setUserKey(userKey, userId);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -79,7 +79,7 @@ export class UserApiLoginStrategy extends LoginStrategy {
|
||||
response: IdentityTokenResponse,
|
||||
userId: UserId,
|
||||
): Promise<void> {
|
||||
await this.cryptoService.setPrivateKey(
|
||||
await this.keyService.setPrivateKey(
|
||||
response.privateKey ?? (await this.createKeyPairForOldAccount(userId)),
|
||||
userId,
|
||||
);
|
||||
|
||||
@@ -13,7 +13,6 @@ import { WebAuthnLoginAssertionResponseRequest } from "@bitwarden/common/auth/se
|
||||
import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abstractions/account/billing-account-profile-state.service";
|
||||
import { VaultTimeoutAction } from "@bitwarden/common/enums/vault-timeout-action.enum";
|
||||
import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
||||
import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service";
|
||||
@@ -25,6 +24,7 @@ import { VaultTimeoutSettingsService } from "@bitwarden/common/services/vault-ti
|
||||
import { FakeAccountService, mockAccountServiceWith } from "@bitwarden/common/spec";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
import { PrfKey, UserKey } from "@bitwarden/common/types/key";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { InternalUserDecryptionOptionsServiceAbstraction } from "../abstractions/user-decryption-options.service.abstraction";
|
||||
import { WebAuthnLoginCredentials } from "../models/domain/login-credentials";
|
||||
@@ -37,7 +37,7 @@ describe("WebAuthnLoginStrategy", () => {
|
||||
let accountService: FakeAccountService;
|
||||
let masterPasswordService: FakeMasterPasswordService;
|
||||
|
||||
let cryptoService!: MockProxy<CryptoService>;
|
||||
let keyService!: MockProxy<KeyService>;
|
||||
let encryptService!: MockProxy<EncryptService>;
|
||||
let apiService!: MockProxy<ApiService>;
|
||||
let tokenService!: MockProxy<TokenService>;
|
||||
@@ -80,7 +80,7 @@ describe("WebAuthnLoginStrategy", () => {
|
||||
accountService = mockAccountServiceWith(userId);
|
||||
masterPasswordService = new FakeMasterPasswordService();
|
||||
|
||||
cryptoService = mock<CryptoService>();
|
||||
keyService = mock<KeyService>();
|
||||
encryptService = mock<EncryptService>();
|
||||
apiService = mock<ApiService>();
|
||||
tokenService = mock<TokenService>();
|
||||
@@ -105,7 +105,7 @@ describe("WebAuthnLoginStrategy", () => {
|
||||
cache,
|
||||
accountService,
|
||||
masterPasswordService,
|
||||
cryptoService,
|
||||
keyService,
|
||||
encryptService,
|
||||
apiService,
|
||||
tokenService,
|
||||
@@ -233,8 +233,8 @@ describe("WebAuthnLoginStrategy", () => {
|
||||
|
||||
// Assert
|
||||
// Master key encrypted user key should be set
|
||||
expect(cryptoService.setMasterKeyEncryptedUserKey).toHaveBeenCalledTimes(1);
|
||||
expect(cryptoService.setMasterKeyEncryptedUserKey).toHaveBeenCalledWith(
|
||||
expect(keyService.setMasterKeyEncryptedUserKey).toHaveBeenCalledTimes(1);
|
||||
expect(keyService.setMasterKeyEncryptedUserKey).toHaveBeenCalledWith(
|
||||
idTokenResponse.key,
|
||||
userId,
|
||||
);
|
||||
@@ -249,8 +249,8 @@ describe("WebAuthnLoginStrategy", () => {
|
||||
idTokenResponse.userDecryptionOptions.webAuthnPrfOption.encryptedUserKey,
|
||||
mockPrfPrivateKey,
|
||||
);
|
||||
expect(cryptoService.setUserKey).toHaveBeenCalledWith(mockUserKey, userId);
|
||||
expect(cryptoService.setPrivateKey).toHaveBeenCalledWith(idTokenResponse.privateKey, userId);
|
||||
expect(keyService.setUserKey).toHaveBeenCalledWith(mockUserKey, userId);
|
||||
expect(keyService.setPrivateKey).toHaveBeenCalledWith(idTokenResponse.privateKey, userId);
|
||||
|
||||
// Master key and private key should not be set
|
||||
expect(masterPasswordService.mock.setMasterKey).not.toHaveBeenCalled();
|
||||
@@ -274,7 +274,7 @@ describe("WebAuthnLoginStrategy", () => {
|
||||
// Assert
|
||||
expect(encryptService.decryptToBytes).not.toHaveBeenCalled();
|
||||
expect(encryptService.rsaDecrypt).not.toHaveBeenCalled();
|
||||
expect(cryptoService.setUserKey).not.toHaveBeenCalled();
|
||||
expect(keyService.setUserKey).not.toHaveBeenCalled();
|
||||
});
|
||||
|
||||
describe.each([
|
||||
@@ -294,7 +294,7 @@ describe("WebAuthnLoginStrategy", () => {
|
||||
await webAuthnLoginStrategy.logIn(webAuthnCredentials);
|
||||
|
||||
// Assert
|
||||
expect(cryptoService.setUserKey).not.toHaveBeenCalled();
|
||||
expect(keyService.setUserKey).not.toHaveBeenCalled();
|
||||
});
|
||||
});
|
||||
|
||||
@@ -313,7 +313,7 @@ describe("WebAuthnLoginStrategy", () => {
|
||||
await webAuthnLoginStrategy.logIn(webAuthnCredentials);
|
||||
|
||||
// Assert
|
||||
expect(cryptoService.setUserKey).not.toHaveBeenCalled();
|
||||
expect(keyService.setUserKey).not.toHaveBeenCalled();
|
||||
});
|
||||
|
||||
it("does not set the user key when the encrypted user key decryption fails", async () => {
|
||||
@@ -331,7 +331,7 @@ describe("WebAuthnLoginStrategy", () => {
|
||||
await webAuthnLoginStrategy.logIn(webAuthnCredentials);
|
||||
|
||||
// Assert
|
||||
expect(cryptoService.setUserKey).not.toHaveBeenCalled();
|
||||
expect(keyService.setUserKey).not.toHaveBeenCalled();
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
@@ -66,7 +66,7 @@ export class WebAuthnLoginStrategy extends LoginStrategy {
|
||||
|
||||
if (masterKeyEncryptedUserKey) {
|
||||
// set the master key encrypted user key if it exists
|
||||
await this.cryptoService.setMasterKeyEncryptedUserKey(masterKeyEncryptedUserKey, userId);
|
||||
await this.keyService.setMasterKeyEncryptedUserKey(masterKeyEncryptedUserKey, userId);
|
||||
}
|
||||
|
||||
const userDecryptionOptions = idTokenResponse?.userDecryptionOptions;
|
||||
@@ -93,7 +93,7 @@ export class WebAuthnLoginStrategy extends LoginStrategy {
|
||||
);
|
||||
|
||||
if (userKey) {
|
||||
await this.cryptoService.setUserKey(new SymmetricCryptoKey(userKey) as UserKey, userId);
|
||||
await this.keyService.setUserKey(new SymmetricCryptoKey(userKey) as UserKey, userId);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -102,7 +102,7 @@ export class WebAuthnLoginStrategy extends LoginStrategy {
|
||||
response: IdentityTokenResponse,
|
||||
userId: UserId,
|
||||
): Promise<void> {
|
||||
await this.cryptoService.setPrivateKey(
|
||||
await this.keyService.setPrivateKey(
|
||||
response.privateKey ?? (await this.createKeyPairForOldAccount(userId)),
|
||||
userId,
|
||||
);
|
||||
|
||||
@@ -5,7 +5,6 @@ import { AuthRequestResponse } from "@bitwarden/common/auth/models/response/auth
|
||||
import { FakeMasterPasswordService } from "@bitwarden/common/auth/services/master-password/fake-master-password.service";
|
||||
import { AuthRequestPushNotification } from "@bitwarden/common/models/response/notification.response";
|
||||
import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
import { EncString } from "@bitwarden/common/platform/models/domain/enc-string";
|
||||
@@ -14,6 +13,7 @@ import { StateProvider } from "@bitwarden/common/platform/state";
|
||||
import { FakeAccountService, mockAccountServiceWith } from "@bitwarden/common/spec";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
import { MasterKey, UserKey } from "@bitwarden/common/types/key";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { AuthRequestService } from "./auth-request.service";
|
||||
|
||||
@@ -24,7 +24,7 @@ describe("AuthRequestService", () => {
|
||||
let accountService: FakeAccountService;
|
||||
let masterPasswordService: FakeMasterPasswordService;
|
||||
const appIdService = mock<AppIdService>();
|
||||
const cryptoService = mock<CryptoService>();
|
||||
const keyService = mock<KeyService>();
|
||||
const encryptService = mock<EncryptService>();
|
||||
const apiService = mock<ApiService>();
|
||||
|
||||
@@ -41,7 +41,7 @@ describe("AuthRequestService", () => {
|
||||
appIdService,
|
||||
accountService,
|
||||
masterPasswordService,
|
||||
cryptoService,
|
||||
keyService,
|
||||
encryptService,
|
||||
apiService,
|
||||
stateProvider,
|
||||
@@ -115,7 +115,7 @@ describe("AuthRequestService", () => {
|
||||
});
|
||||
|
||||
it("should use the user key if the master key and hash do not exist", async () => {
|
||||
cryptoService.getUserKey.mockResolvedValueOnce({ key: new Uint8Array(64) } as UserKey);
|
||||
keyService.getUserKey.mockResolvedValueOnce({ key: new Uint8Array(64) } as UserKey);
|
||||
|
||||
await sut.approveOrDenyAuthRequest(
|
||||
true,
|
||||
@@ -135,7 +135,7 @@ describe("AuthRequestService", () => {
|
||||
const mockDecryptedUserKey = {} as UserKey;
|
||||
jest.spyOn(sut, "decryptPubKeyEncryptedUserKey").mockResolvedValueOnce(mockDecryptedUserKey);
|
||||
|
||||
cryptoService.setUserKey.mockResolvedValueOnce(undefined);
|
||||
keyService.setUserKey.mockResolvedValueOnce(undefined);
|
||||
|
||||
// Act
|
||||
await sut.setUserKeyAfterDecryptingSharedUserKey(
|
||||
@@ -149,7 +149,7 @@ describe("AuthRequestService", () => {
|
||||
mockAuthReqResponse.key,
|
||||
mockPrivateKey,
|
||||
);
|
||||
expect(cryptoService.setUserKey).toBeCalledWith(mockDecryptedUserKey, mockUserId);
|
||||
expect(keyService.setUserKey).toBeCalledWith(mockDecryptedUserKey, mockUserId);
|
||||
});
|
||||
});
|
||||
|
||||
@@ -175,7 +175,7 @@ describe("AuthRequestService", () => {
|
||||
masterPasswordService.mock.decryptUserKeyWithMasterKey.mockResolvedValue(
|
||||
mockDecryptedUserKey,
|
||||
);
|
||||
cryptoService.setUserKey.mockResolvedValueOnce(undefined);
|
||||
keyService.setUserKey.mockResolvedValueOnce(undefined);
|
||||
|
||||
// Act
|
||||
await sut.setKeysAfterDecryptingSharedMasterKeyAndHash(
|
||||
@@ -203,7 +203,7 @@ describe("AuthRequestService", () => {
|
||||
undefined,
|
||||
undefined,
|
||||
);
|
||||
expect(cryptoService.setUserKey).toHaveBeenCalledWith(mockDecryptedUserKey, mockUserId);
|
||||
expect(keyService.setUserKey).toHaveBeenCalledWith(mockDecryptedUserKey, mockUserId);
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
@@ -9,7 +9,6 @@ import { PasswordlessAuthRequest } from "@bitwarden/common/auth/models/request/p
|
||||
import { AuthRequestResponse } from "@bitwarden/common/auth/models/response/auth-request.response";
|
||||
import { AuthRequestPushNotification } from "@bitwarden/common/models/response/notification.response";
|
||||
import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
import { EncString } from "@bitwarden/common/platform/models/domain/enc-string";
|
||||
@@ -21,6 +20,7 @@ import {
|
||||
} from "@bitwarden/common/platform/state";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
import { MasterKey, UserKey } from "@bitwarden/common/types/key";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { AuthRequestServiceAbstraction } from "../../abstractions/auth-request.service.abstraction";
|
||||
|
||||
@@ -45,7 +45,7 @@ export class AuthRequestService implements AuthRequestServiceAbstraction {
|
||||
private appIdService: AppIdService,
|
||||
private accountService: AccountService,
|
||||
private masterPasswordService: InternalMasterPasswordServiceAbstraction,
|
||||
private cryptoService: CryptoService,
|
||||
private keyService: KeyService,
|
||||
private encryptService: EncryptService,
|
||||
private apiService: ApiService,
|
||||
private stateProvider: StateProvider,
|
||||
@@ -111,7 +111,7 @@ export class AuthRequestService implements AuthRequestServiceAbstraction {
|
||||
);
|
||||
keyToEncrypt = masterKey.encKey;
|
||||
} else {
|
||||
const userKey = await this.cryptoService.getUserKey();
|
||||
const userKey = await this.keyService.getUserKey();
|
||||
keyToEncrypt = userKey.key;
|
||||
}
|
||||
|
||||
@@ -135,7 +135,7 @@ export class AuthRequestService implements AuthRequestServiceAbstraction {
|
||||
authReqResponse.key,
|
||||
authReqPrivateKey,
|
||||
);
|
||||
await this.cryptoService.setUserKey(userKey, userId);
|
||||
await this.keyService.setUserKey(userKey, userId);
|
||||
}
|
||||
|
||||
async setKeysAfterDecryptingSharedMasterKeyAndHash(
|
||||
@@ -156,7 +156,7 @@ export class AuthRequestService implements AuthRequestServiceAbstraction {
|
||||
await this.masterPasswordService.setMasterKey(masterKey, userId);
|
||||
await this.masterPasswordService.setMasterKeyHash(masterKeyHash, userId);
|
||||
|
||||
await this.cryptoService.setUserKey(userKey, userId);
|
||||
await this.keyService.setUserKey(userKey, userId);
|
||||
}
|
||||
|
||||
// Decryption helpers
|
||||
@@ -203,6 +203,6 @@ export class AuthRequestService implements AuthRequestServiceAbstraction {
|
||||
}
|
||||
|
||||
async getFingerprintPhrase(email: string, publicKey: Uint8Array): Promise<string> {
|
||||
return (await this.cryptoService.getFingerprint(email.toLowerCase(), publicKey)).join("-");
|
||||
return (await this.keyService.getFingerprint(email.toLowerCase(), publicKey)).join("-");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -20,7 +20,6 @@ import { FakeMasterPasswordService } from "@bitwarden/common/auth/services/maste
|
||||
import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abstractions/account/billing-account-profile-state.service";
|
||||
import { VaultTimeoutAction } from "@bitwarden/common/enums/vault-timeout-action.enum";
|
||||
import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
@@ -38,6 +37,7 @@ import {
|
||||
} from "@bitwarden/common/spec";
|
||||
import { PasswordStrengthServiceAbstraction } from "@bitwarden/common/tools/password-strength";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import {
|
||||
AuthRequestServiceAbstraction,
|
||||
@@ -54,7 +54,7 @@ describe("LoginStrategyService", () => {
|
||||
|
||||
let accountService: FakeAccountService;
|
||||
let masterPasswordService: FakeMasterPasswordService;
|
||||
let cryptoService: MockProxy<CryptoService>;
|
||||
let keyService: MockProxy<KeyService>;
|
||||
let apiService: MockProxy<ApiService>;
|
||||
let tokenService: MockProxy<TokenService>;
|
||||
let appIdService: MockProxy<AppIdService>;
|
||||
@@ -85,7 +85,7 @@ describe("LoginStrategyService", () => {
|
||||
beforeEach(() => {
|
||||
accountService = mockAccountServiceWith(userId);
|
||||
masterPasswordService = new FakeMasterPasswordService();
|
||||
cryptoService = mock<CryptoService>();
|
||||
keyService = mock<KeyService>();
|
||||
apiService = mock<ApiService>();
|
||||
tokenService = mock<TokenService>();
|
||||
appIdService = mock<AppIdService>();
|
||||
@@ -112,7 +112,7 @@ describe("LoginStrategyService", () => {
|
||||
sut = new LoginStrategyService(
|
||||
accountService,
|
||||
masterPasswordService,
|
||||
cryptoService,
|
||||
keyService,
|
||||
apiService,
|
||||
tokenService,
|
||||
appIdService,
|
||||
|
||||
@@ -29,7 +29,6 @@ import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abs
|
||||
import { PreloginRequest } from "@bitwarden/common/models/request/prelogin.request";
|
||||
import { ErrorResponse } from "@bitwarden/common/models/response/error.response";
|
||||
import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
@@ -43,6 +42,7 @@ import { GlobalState, GlobalStateProvider } from "@bitwarden/common/platform/sta
|
||||
import { DeviceTrustServiceAbstraction } from "@bitwarden/common/src/auth/abstractions/device-trust.service.abstraction";
|
||||
import { PasswordStrengthServiceAbstraction } from "@bitwarden/common/tools/password-strength";
|
||||
import { MasterKey } from "@bitwarden/common/types/key";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { AuthRequestServiceAbstraction, LoginStrategyServiceAbstraction } from "../../abstractions";
|
||||
import { InternalUserDecryptionOptionsServiceAbstraction } from "../../abstractions/user-decryption-options.service.abstraction";
|
||||
@@ -91,7 +91,7 @@ export class LoginStrategyService implements LoginStrategyServiceAbstraction {
|
||||
constructor(
|
||||
protected accountService: AccountService,
|
||||
protected masterPasswordService: InternalMasterPasswordServiceAbstraction,
|
||||
protected cryptoService: CryptoService,
|
||||
protected keyService: KeyService,
|
||||
protected apiService: ApiService,
|
||||
protected tokenService: TokenService,
|
||||
protected appIdService: AppIdService,
|
||||
@@ -267,7 +267,7 @@ export class LoginStrategyService implements LoginStrategyServiceAbstraction {
|
||||
|
||||
kdfConfig.validateKdfConfigForPrelogin();
|
||||
|
||||
return await this.cryptoService.makeMasterKey(masterPassword, email, kdfConfig);
|
||||
return await this.keyService.makeMasterKey(masterPassword, email, kdfConfig);
|
||||
}
|
||||
|
||||
private async clearCache(): Promise<void> {
|
||||
@@ -319,7 +319,7 @@ export class LoginStrategyService implements LoginStrategyServiceAbstraction {
|
||||
const sharedDeps: ConstructorParameters<typeof LoginStrategy> = [
|
||||
this.accountService,
|
||||
this.masterPasswordService,
|
||||
this.cryptoService,
|
||||
this.keyService,
|
||||
this.encryptService,
|
||||
this.apiService,
|
||||
this.tokenService,
|
||||
|
||||
Reference in New Issue
Block a user