mirror of
https://github.com/bitwarden/browser
synced 2025-12-16 08:13:42 +00:00
[Pm-13097] Rename cryptoservice to keyservice and move it to km ownership (#11358)
* Rename cryptoservice to keyservice * Rename cryptoservice to keyservice * Move key service to key management ownership * Remove accidentally added file * Fix cli build * Fix browser build * Run prettier * Fix builds * Fix cli build * Fix tests * Fix incorrect renames * Rename webauthn-login-crypto-service * Fix build errors due to merge conflicts * Fix linting
This commit is contained in:
Bernd Schoolmann
GitHub
@@ -10,7 +10,6 @@ import { AuditService } from "@bitwarden/common/abstractions/audit.service";
|
||||
import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
|
||||
import { MasterPasswordPolicyOptions } from "@bitwarden/common/admin-console/models/domain/master-password-policy-options";
|
||||
import { DEFAULT_KDF_CONFIG } from "@bitwarden/common/auth/models/domain/kdf-config";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
import { HashPurpose } from "@bitwarden/common/platform/enums";
|
||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
@@ -24,6 +23,7 @@ import {
|
||||
InputModule,
|
||||
ToastService,
|
||||
} from "@bitwarden/components";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { InputsFieldMatch } from "../../../../angular/src/auth/validators/inputs-field-match.validator";
|
||||
import { SharedModule } from "../../../../components/src/shared";
|
||||
@@ -96,7 +96,7 @@ export class InputPasswordComponent {
|
||||
|
||||
constructor(
|
||||
private auditService: AuditService,
|
||||
private cryptoService: CryptoService,
|
||||
private keyService: KeyService,
|
||||
private dialogService: DialogService,
|
||||
private formBuilder: FormBuilder,
|
||||
private i18nService: I18nService,
|
||||
@@ -146,15 +146,15 @@ export class InputPasswordComponent {
|
||||
throw new Error("Email is required to create master key.");
|
||||
}
|
||||
|
||||
const masterKey = await this.cryptoService.makeMasterKey(
|
||||
const masterKey = await this.keyService.makeMasterKey(
|
||||
password,
|
||||
this.email.trim().toLowerCase(),
|
||||
kdfConfig,
|
||||
);
|
||||
|
||||
const masterKeyHash = await this.cryptoService.hashMasterKey(password, masterKey);
|
||||
const masterKeyHash = await this.keyService.hashMasterKey(password, masterKey);
|
||||
|
||||
const localMasterKeyHash = await this.cryptoService.hashMasterKey(
|
||||
const localMasterKeyHash = await this.keyService.hashMasterKey(
|
||||
password,
|
||||
masterKey,
|
||||
HashPurpose.LocalAuthorization,
|
||||
|
||||
@@ -7,9 +7,9 @@ import { ZXCVBNResult } from "zxcvbn";
|
||||
import { AuditService } from "@bitwarden/common/abstractions/audit.service";
|
||||
import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
|
||||
import { MasterPasswordPolicyOptions } from "@bitwarden/common/admin-console/models/domain/master-password-policy-options";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { PasswordStrengthServiceAbstraction } from "@bitwarden/common/tools/password-strength";
|
||||
import { DialogService, ToastService } from "@bitwarden/components";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
// FIXME: remove `/apps` import from `/libs`
|
||||
// eslint-disable-next-line import/no-restricted-paths
|
||||
@@ -32,7 +32,7 @@ export default {
|
||||
} as Partial<AuditService>,
|
||||
},
|
||||
{
|
||||
provide: CryptoService,
|
||||
provide: KeyService,
|
||||
useValue: {
|
||||
makeMasterKey: () => Promise.resolve("example-master-key"),
|
||||
hashMasterKey: () => Promise.resolve("example-master-key-hash"),
|
||||
|
||||
@@ -19,7 +19,6 @@ import {
|
||||
} from "@bitwarden/common/auth/types/verification";
|
||||
import { ClientType } from "@bitwarden/common/enums";
|
||||
import { BroadcasterService } from "@bitwarden/common/platform/abstractions/broadcaster.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
||||
import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service";
|
||||
@@ -37,7 +36,7 @@ import {
|
||||
IconButtonModule,
|
||||
ToastService,
|
||||
} from "@bitwarden/components";
|
||||
import { BiometricStateService } from "@bitwarden/key-management";
|
||||
import { KeyService, BiometricStateService } from "@bitwarden/key-management";
|
||||
|
||||
import { PinServiceAbstraction } from "../../common/abstractions";
|
||||
import { AnonLayoutWrapperDataService } from "../anon-layout/anon-layout-wrapper-data.service";
|
||||
@@ -123,7 +122,7 @@ export class LockV2Component implements OnInit, OnDestroy {
|
||||
private accountService: AccountService,
|
||||
private pinService: PinServiceAbstraction,
|
||||
private userVerificationService: UserVerificationService,
|
||||
private cryptoService: CryptoService,
|
||||
private keyService: KeyService,
|
||||
private platformUtilsService: PlatformUtilsService,
|
||||
private router: Router,
|
||||
private dialogService: DialogService,
|
||||
@@ -307,7 +306,7 @@ export class LockV2Component implements OnInit, OnDestroy {
|
||||
|
||||
try {
|
||||
await this.biometricStateService.setUserPromptCancelled();
|
||||
const userKey = await this.cryptoService.getUserKeyFromStorage(
|
||||
const userKey = await this.keyService.getUserKeyFromStorage(
|
||||
KeySuffixOptions.Biometric,
|
||||
this.activeAccount.id,
|
||||
);
|
||||
@@ -486,7 +485,7 @@ export class LockV2Component implements OnInit, OnDestroy {
|
||||
}
|
||||
|
||||
private async setUserKeyAndContinue(key: UserKey, evaluatePasswordAfterUnlock = false) {
|
||||
await this.cryptoService.setUserKey(key, this.activeAccount.id);
|
||||
await this.keyService.setUserKey(key, this.activeAccount.id);
|
||||
|
||||
// Now that we have a decrypted user key in memory, we can check if we
|
||||
// need to establish trust on the current device
|
||||
|
||||
@@ -2,11 +2,11 @@ import { MockProxy, mock } from "jest-mock-extended";
|
||||
|
||||
import { AccountApiService } from "@bitwarden/common/auth/abstractions/account-api.service";
|
||||
import { DEFAULT_KDF_CONFIG } from "@bitwarden/common/auth/models/domain/kdf-config";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncString } from "@bitwarden/common/platform/models/domain/enc-string";
|
||||
import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";
|
||||
import { CsprngArray } from "@bitwarden/common/types/csprng";
|
||||
import { MasterKey, UserKey } from "@bitwarden/common/types/key";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { PasswordInputResult } from "../../input-password/password-input-result";
|
||||
|
||||
@@ -15,14 +15,14 @@ import { DefaultRegistrationFinishService } from "./default-registration-finish.
|
||||
describe("DefaultRegistrationFinishService", () => {
|
||||
let service: DefaultRegistrationFinishService;
|
||||
|
||||
let cryptoService: MockProxy<CryptoService>;
|
||||
let keyService: MockProxy<KeyService>;
|
||||
let accountApiService: MockProxy<AccountApiService>;
|
||||
|
||||
beforeEach(() => {
|
||||
cryptoService = mock<CryptoService>();
|
||||
keyService = mock<KeyService>();
|
||||
accountApiService = mock<AccountApiService>();
|
||||
|
||||
service = new DefaultRegistrationFinishService(cryptoService, accountApiService);
|
||||
service = new DefaultRegistrationFinishService(keyService, accountApiService);
|
||||
});
|
||||
|
||||
it("instantiates", () => {
|
||||
@@ -76,7 +76,7 @@ describe("DefaultRegistrationFinishService", () => {
|
||||
});
|
||||
|
||||
it("throws an error if the user key cannot be created", async () => {
|
||||
cryptoService.makeUserKey.mockResolvedValue([null, null]);
|
||||
keyService.makeUserKey.mockResolvedValue([null, null]);
|
||||
|
||||
await expect(service.finishRegistration(email, passwordInputResult)).rejects.toThrow(
|
||||
"User key could not be created",
|
||||
@@ -84,8 +84,8 @@ describe("DefaultRegistrationFinishService", () => {
|
||||
});
|
||||
|
||||
it("registers the user and returns a captcha bypass token when given valid email verification input", async () => {
|
||||
cryptoService.makeUserKey.mockResolvedValue([userKey, userKeyEncString]);
|
||||
cryptoService.makeKeyPair.mockResolvedValue(userKeyPair);
|
||||
keyService.makeUserKey.mockResolvedValue([userKey, userKeyEncString]);
|
||||
keyService.makeKeyPair.mockResolvedValue(userKeyPair);
|
||||
accountApiService.registerFinish.mockResolvedValue(capchaBypassToken);
|
||||
|
||||
const result = await service.finishRegistration(
|
||||
@@ -96,8 +96,8 @@ describe("DefaultRegistrationFinishService", () => {
|
||||
|
||||
expect(result).toEqual(capchaBypassToken);
|
||||
|
||||
expect(cryptoService.makeUserKey).toHaveBeenCalledWith(masterKey);
|
||||
expect(cryptoService.makeKeyPair).toHaveBeenCalledWith(userKey);
|
||||
expect(keyService.makeUserKey).toHaveBeenCalledWith(masterKey);
|
||||
expect(keyService.makeKeyPair).toHaveBeenCalledWith(userKey);
|
||||
expect(accountApiService.registerFinish).toHaveBeenCalledWith(
|
||||
expect.objectContaining({
|
||||
email,
|
||||
|
||||
@@ -2,8 +2,8 @@ import { MasterPasswordPolicyOptions } from "@bitwarden/common/admin-console/mod
|
||||
import { AccountApiService } from "@bitwarden/common/auth/abstractions/account-api.service";
|
||||
import { RegisterFinishRequest } from "@bitwarden/common/auth/models/request/registration/register-finish.request";
|
||||
import { KeysRequest } from "@bitwarden/common/models/request/keys.request";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptedString, EncString } from "@bitwarden/common/platform/models/domain/enc-string";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { PasswordInputResult } from "../../input-password/password-input-result";
|
||||
|
||||
@@ -11,7 +11,7 @@ import { RegistrationFinishService } from "./registration-finish.service";
|
||||
|
||||
export class DefaultRegistrationFinishService implements RegistrationFinishService {
|
||||
constructor(
|
||||
protected cryptoService: CryptoService,
|
||||
protected keyService: KeyService,
|
||||
protected accountApiService: AccountApiService,
|
||||
) {}
|
||||
|
||||
@@ -31,14 +31,14 @@ export class DefaultRegistrationFinishService implements RegistrationFinishServi
|
||||
acceptEmergencyAccessInviteToken?: string,
|
||||
emergencyAccessId?: string,
|
||||
): Promise<string> {
|
||||
const [newUserKey, newEncUserKey] = await this.cryptoService.makeUserKey(
|
||||
const [newUserKey, newEncUserKey] = await this.keyService.makeUserKey(
|
||||
passwordInputResult.masterKey,
|
||||
);
|
||||
|
||||
if (!newUserKey || !newEncUserKey) {
|
||||
throw new Error("User key could not be created");
|
||||
}
|
||||
const userAsymmetricKeys = await this.cryptoService.makeKeyPair(newUserKey);
|
||||
const userAsymmetricKeys = await this.keyService.makeKeyPair(newUserKey);
|
||||
|
||||
const registerRequest = await this.buildRegisterRequest(
|
||||
email,
|
||||
|
||||
@@ -14,7 +14,6 @@ import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth
|
||||
import { DEFAULT_KDF_CONFIG } from "@bitwarden/common/auth/models/domain/kdf-config";
|
||||
import { SetPasswordRequest } from "@bitwarden/common/auth/models/request/set-password.request";
|
||||
import { KeysRequest } from "@bitwarden/common/models/request/keys.request";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
@@ -23,6 +22,7 @@ import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/sym
|
||||
import { CsprngArray } from "@bitwarden/common/types/csprng";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
import { MasterKey, UserKey } from "@bitwarden/common/types/key";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { PasswordInputResult } from "../input-password/password-input-result";
|
||||
|
||||
@@ -33,7 +33,7 @@ describe("DefaultSetPasswordJitService", () => {
|
||||
let sut: DefaultSetPasswordJitService;
|
||||
|
||||
let apiService: MockProxy<ApiService>;
|
||||
let cryptoService: MockProxy<CryptoService>;
|
||||
let keyService: MockProxy<KeyService>;
|
||||
let encryptService: MockProxy<EncryptService>;
|
||||
let i18nService: MockProxy<I18nService>;
|
||||
let kdfConfigService: MockProxy<KdfConfigService>;
|
||||
@@ -44,7 +44,7 @@ describe("DefaultSetPasswordJitService", () => {
|
||||
|
||||
beforeEach(() => {
|
||||
apiService = mock<ApiService>();
|
||||
cryptoService = mock<CryptoService>();
|
||||
keyService = mock<KeyService>();
|
||||
encryptService = mock<EncryptService>();
|
||||
i18nService = mock<I18nService>();
|
||||
kdfConfigService = mock<KdfConfigService>();
|
||||
@@ -55,7 +55,7 @@ describe("DefaultSetPasswordJitService", () => {
|
||||
|
||||
sut = new DefaultSetPasswordJitService(
|
||||
apiService,
|
||||
cryptoService,
|
||||
keyService,
|
||||
encryptService,
|
||||
i18nService,
|
||||
kdfConfigService,
|
||||
@@ -141,14 +141,14 @@ describe("DefaultSetPasswordJitService", () => {
|
||||
|
||||
function setupSetPasswordMocks(hasUserKey = true) {
|
||||
if (!hasUserKey) {
|
||||
cryptoService.userKey$.mockReturnValue(of(null));
|
||||
cryptoService.makeUserKey.mockResolvedValue(protectedUserKey);
|
||||
keyService.userKey$.mockReturnValue(of(null));
|
||||
keyService.makeUserKey.mockResolvedValue(protectedUserKey);
|
||||
} else {
|
||||
cryptoService.userKey$.mockReturnValue(of(userKey));
|
||||
cryptoService.encryptUserKeyWithMasterKey.mockResolvedValue(protectedUserKey);
|
||||
keyService.userKey$.mockReturnValue(of(userKey));
|
||||
keyService.encryptUserKeyWithMasterKey.mockResolvedValue(protectedUserKey);
|
||||
}
|
||||
|
||||
cryptoService.makeKeyPair.mockResolvedValue(keyPair);
|
||||
keyService.makeKeyPair.mockResolvedValue(keyPair);
|
||||
|
||||
apiService.setPassword.mockResolvedValue(undefined);
|
||||
masterPasswordService.setForceSetPasswordReason.mockResolvedValue(undefined);
|
||||
@@ -156,9 +156,9 @@ describe("DefaultSetPasswordJitService", () => {
|
||||
userDecryptionOptionsSubject.next(new UserDecryptionOptions({ hasMasterPassword: true }));
|
||||
userDecryptionOptionsService.setUserDecryptionOptions.mockResolvedValue(undefined);
|
||||
kdfConfigService.setKdfConfig.mockResolvedValue(undefined);
|
||||
cryptoService.setUserKey.mockResolvedValue(undefined);
|
||||
keyService.setUserKey.mockResolvedValue(undefined);
|
||||
|
||||
cryptoService.setPrivateKey.mockResolvedValue(undefined);
|
||||
keyService.setPrivateKey.mockResolvedValue(undefined);
|
||||
|
||||
masterPasswordService.setMasterKeyHash.mockResolvedValue(undefined);
|
||||
}
|
||||
@@ -171,7 +171,7 @@ describe("DefaultSetPasswordJitService", () => {
|
||||
return;
|
||||
}
|
||||
|
||||
cryptoService.userKey$.mockReturnValue(of(userKey));
|
||||
keyService.userKey$.mockReturnValue(of(userKey));
|
||||
encryptService.rsaEncrypt.mockResolvedValue(userKeyEncString);
|
||||
|
||||
organizationUserApiService.putOrganizationUserResetPasswordEnrollment.mockResolvedValue(
|
||||
|
||||
@@ -13,13 +13,13 @@ import { ForceSetPasswordReason } from "@bitwarden/common/auth/models/domain/for
|
||||
import { PBKDF2KdfConfig } from "@bitwarden/common/auth/models/domain/kdf-config";
|
||||
import { SetPasswordRequest } from "@bitwarden/common/auth/models/request/set-password.request";
|
||||
import { KeysRequest } from "@bitwarden/common/models/request/keys.request";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
import { EncString } from "@bitwarden/common/platform/models/domain/enc-string";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
import { MasterKey, UserKey } from "@bitwarden/common/types/key";
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import {
|
||||
SetPasswordCredentials,
|
||||
@@ -29,7 +29,7 @@ import {
|
||||
export class DefaultSetPasswordJitService implements SetPasswordJitService {
|
||||
constructor(
|
||||
protected apiService: ApiService,
|
||||
protected cryptoService: CryptoService,
|
||||
protected keyService: KeyService,
|
||||
protected encryptService: EncryptService,
|
||||
protected i18nService: I18nService,
|
||||
protected kdfConfigService: KdfConfigService,
|
||||
@@ -85,7 +85,7 @@ export class DefaultSetPasswordJitService implements SetPasswordJitService {
|
||||
// User now has a password so update account decryption options in state
|
||||
await this.updateAccountDecryptionProperties(masterKey, kdfConfig, protectedUserKey, userId);
|
||||
|
||||
await this.cryptoService.setPrivateKey(keyPair[1].encryptedString, userId);
|
||||
await this.keyService.setPrivateKey(keyPair[1].encryptedString, userId);
|
||||
|
||||
await this.masterPasswordService.setMasterKeyHash(localMasterKeyHash, userId);
|
||||
|
||||
@@ -100,12 +100,12 @@ export class DefaultSetPasswordJitService implements SetPasswordJitService {
|
||||
): Promise<[UserKey, EncString]> {
|
||||
let protectedUserKey: [UserKey, EncString] = null;
|
||||
|
||||
const userKey = await firstValueFrom(this.cryptoService.userKey$(userId));
|
||||
const userKey = await firstValueFrom(this.keyService.userKey$(userId));
|
||||
|
||||
if (userKey == null) {
|
||||
protectedUserKey = await this.cryptoService.makeUserKey(masterKey);
|
||||
protectedUserKey = await this.keyService.makeUserKey(masterKey);
|
||||
} else {
|
||||
protectedUserKey = await this.cryptoService.encryptUserKeyWithMasterKey(masterKey);
|
||||
protectedUserKey = await this.keyService.encryptUserKeyWithMasterKey(masterKey);
|
||||
}
|
||||
|
||||
return protectedUserKey;
|
||||
@@ -114,7 +114,7 @@ export class DefaultSetPasswordJitService implements SetPasswordJitService {
|
||||
private async makeKeyPairAndRequest(
|
||||
protectedUserKey: [UserKey, EncString],
|
||||
): Promise<[[string, EncString], KeysRequest]> {
|
||||
const keyPair = await this.cryptoService.makeKeyPair(protectedUserKey[0]);
|
||||
const keyPair = await this.keyService.makeKeyPair(protectedUserKey[0]);
|
||||
if (keyPair == null) {
|
||||
throw new Error("keyPair not found. Could not set password.");
|
||||
}
|
||||
@@ -136,7 +136,7 @@ export class DefaultSetPasswordJitService implements SetPasswordJitService {
|
||||
await this.userDecryptionOptionsService.setUserDecryptionOptions(userDecryptionOpts);
|
||||
await this.kdfConfigService.setKdfConfig(userId, kdfConfig);
|
||||
await this.masterPasswordService.setMasterKey(masterKey, userId);
|
||||
await this.cryptoService.setUserKey(protectedUserKey[0], userId);
|
||||
await this.keyService.setUserKey(protectedUserKey[0], userId);
|
||||
}
|
||||
|
||||
private async handleResetPasswordAutoEnroll(
|
||||
@@ -153,7 +153,7 @@ export class DefaultSetPasswordJitService implements SetPasswordJitService {
|
||||
const publicKey = Utils.fromB64ToArray(organizationKeys.publicKey);
|
||||
|
||||
// RSA Encrypt user key with organization public key
|
||||
const userKey = await firstValueFrom(this.cryptoService.userKey$(userId));
|
||||
const userKey = await firstValueFrom(this.keyService.userKey$(userId));
|
||||
|
||||
if (userKey == null) {
|
||||
throw new Error("userKey not found. Could not handle reset password auto enroll.");
|
||||
|
||||
Reference in New Issue
Block a user