From c1958474393116310df3dfa64444bb514e626103 Mon Sep 17 00:00:00 2001 From: Jacob Fink Date: Tue, 30 May 2023 14:44:07 -0400 Subject: [PATCH] update emergency access components to use new crypto service methods --- .../emergency-access-takeover.component.ts | 21 +++++++++++++------ .../emergency-access.component.ts | 6 +++--- 2 files changed, 18 insertions(+), 9 deletions(-) diff --git a/apps/web/src/app/auth/settings/emergency-access/emergency-access-takeover.component.ts b/apps/web/src/app/auth/settings/emergency-access/emergency-access-takeover.component.ts index 026529dc116..dc1400025fc 100644 --- a/apps/web/src/app/auth/settings/emergency-access/emergency-access-takeover.component.ts +++ b/apps/web/src/app/auth/settings/emergency-access/emergency-access-takeover.component.ts @@ -17,7 +17,10 @@ import { LogService } from "@bitwarden/common/platform/abstractions/log.service" import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service"; import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; import { StateService } from "@bitwarden/common/platform/abstractions/state.service"; -import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key"; +import { + SymmetricCryptoKey, + UserSymKey, +} from "@bitwarden/common/platform/models/domain/symmetric-crypto-key"; import { PasswordGenerationServiceAbstraction } from "@bitwarden/common/tools/generator/password"; @Component({ @@ -91,9 +94,9 @@ export class EmergencyAccessTakeoverComponent ); const oldKeyBuffer = await this.cryptoService.rsaDecrypt(takeoverResponse.keyEncrypted); - const oldEncKey = new SymmetricCryptoKey(oldKeyBuffer); + const oldUserSymKey = new SymmetricCryptoKey(oldKeyBuffer) as UserSymKey; - if (oldEncKey == null) { + if (oldUserSymKey == null) { this.platformUtilsService.showToast( "error", this.i18nService.t("errorOccurred"), @@ -102,7 +105,7 @@ export class EmergencyAccessTakeoverComponent return; } - const key = await this.cryptoService.makeKey( + const masterKey = await this.cryptoService.makeMasterKey( this.masterPassword, this.email, takeoverResponse.kdf, @@ -112,9 +115,15 @@ export class EmergencyAccessTakeoverComponent takeoverResponse.kdfParallelism ) ); - const masterPasswordHash = await this.cryptoService.hashPassword(this.masterPassword, key); + const masterPasswordHash = await this.cryptoService.hashPassword( + this.masterPassword, + masterKey + ); - const encKey = await this.cryptoService.remakeEncKey(key, oldEncKey); + const encKey = await this.cryptoService.encryptUserSymKeyWithMasterKey( + masterKey, + oldUserSymKey + ); const request = new EmergencyAccessPasswordRequest(); request.newMasterPasswordHash = masterPasswordHash; diff --git a/apps/web/src/app/auth/settings/emergency-access/emergency-access.component.ts b/apps/web/src/app/auth/settings/emergency-access/emergency-access.component.ts index 73f8f1f6531..a6c5c0dab01 100644 --- a/apps/web/src/app/auth/settings/emergency-access/emergency-access.component.ts +++ b/apps/web/src/app/auth/settings/emergency-access/emergency-access.component.ts @@ -300,9 +300,9 @@ export class EmergencyAccessComponent implements OnInit { } } - // Encrypt the master password hash using the grantees public key, and send it to bitwarden for escrow. + // Encrypt the user key with the grantees public key, and send it to bitwarden for escrow. private async doConfirmation(details: EmergencyAccessGranteeDetailsResponse) { - const encKey = await this.cryptoService.getEncKey(); + const userKey = await this.cryptoService.getUserKeyFromMemory(); const publicKeyResponse = await this.apiService.getUserPublicKey(details.granteeId); const publicKey = Utils.fromB64ToArray(publicKeyResponse.publicKey); @@ -315,7 +315,7 @@ export class EmergencyAccessComponent implements OnInit { // Ignore errors since it's just a debug message } - const encryptedKey = await this.cryptoService.rsaEncrypt(encKey.key, publicKey.buffer); + const encryptedKey = await this.cryptoService.rsaEncrypt(userKey.key, publicKey.buffer); const request = new EmergencyAccessConfirmRequest(); request.key = encryptedKey.encryptedString; await this.apiService.postEmergencyAccessConfirm(details.id, request);