From cae3a0587fd6272602c854caa5f6bcaa86212a39 Mon Sep 17 00:00:00 2001
From: Bernd Schoolmann <mail@quexten.com>
Date: Tue, 20 Jan 2026 16:00:20 +0100
Subject: [PATCH] Set userkey to state from SDK

---
 .../src/services/jslib-services.module.ts     | 14 +++----
 .../default-master-password-unlock.service.ts |  2 +-
 .../pin/pin.service.implementation.ts         |  2 +-
 .../src/lock/components/lock.component.ts     | 40 ++++++++++++++++++-
 4 files changed, 47 insertions(+), 11 deletions(-)

diff --git a/libs/angular/src/services/jslib-services.module.ts b/libs/angular/src/services/jslib-services.module.ts
index 5eaac4033eb..81bb013cc44 100644
--- a/libs/angular/src/services/jslib-services.module.ts
+++ b/libs/angular/src/services/jslib-services.module.ts
@@ -472,11 +472,11 @@ const safeProviders: SafeProvider[] = [
     provide: LOGOUT_CALLBACK,
     useFactory:
       (messagingService: MessagingServiceAbstraction) =>
-      async (logoutReason: LogoutReason, userId?: string) => {
-        return Promise.resolve(
-          messagingService.send("logout", { logoutReason: logoutReason, userId: userId }),
-        );
-      },
+        async (logoutReason: LogoutReason, userId?: string) => {
+          return Promise.resolve(
+            messagingService.send("logout", { logoutReason: logoutReason, userId: userId }),
+          );
+        },
     deps: [MessagingServiceAbstraction],
   }),
   safeProvider({
@@ -1791,7 +1791,7 @@ const safeProviders: SafeProvider[] = [
   }),
   safeProvider({
     provide: APP_INITIALIZER as SafeInjectionToken<() => Promise<void>>,
-    useFactory: (encryptedMigrationsScheduler: EncryptedMigrationsSchedulerService) => () => {},
+    useFactory: (encryptedMigrationsScheduler: EncryptedMigrationsSchedulerService) => () => { },
     deps: [EncryptedMigrationsSchedulerService],
     multi: true,
   }),
@@ -1858,4 +1858,4 @@ const safeProviders: SafeProvider[] = [
   // Do not register your dependency here! Add it to the typesafeProviders array using the helper function
   providers: safeProviders,
 })
-export class JslibServicesModule {}
+export class JslibServicesModule { }
diff --git a/libs/common/src/key-management/master-password/services/default-master-password-unlock.service.ts b/libs/common/src/key-management/master-password/services/default-master-password-unlock.service.ts
index 89a87403e49..8bd4f03ca0d 100644
--- a/libs/common/src/key-management/master-password/services/default-master-password-unlock.service.ts
+++ b/libs/common/src/key-management/master-password/services/default-master-password-unlock.service.ts
@@ -17,7 +17,7 @@ export class DefaultMasterPasswordUnlockService implements MasterPasswordUnlockS
     private readonly masterPasswordService: InternalMasterPasswordServiceAbstraction,
     private readonly keyService: KeyService,
     private readonly logService: LogService,
-  ) {}
+  ) { }
 
   async unlockWithMasterPassword(masterPassword: string, userId: UserId): Promise<UserKey> {
     this.validateInput(masterPassword, userId);
diff --git a/libs/common/src/key-management/pin/pin.service.implementation.ts b/libs/common/src/key-management/pin/pin.service.implementation.ts
index da6d3f20eaf..085595fc43b 100644
--- a/libs/common/src/key-management/pin/pin.service.implementation.ts
+++ b/libs/common/src/key-management/pin/pin.service.implementation.ts
@@ -23,7 +23,7 @@ export class PinService implements PinServiceAbstraction {
     private keyService: KeyService,
     private sdkService: SdkService,
     private pinStateService: PinStateServiceAbstraction,
-  ) {}
+  ) { }
 
   getPinLockType(userId: UserId): Promise<PinLockType> {
     assertNonNullish(userId, "userId");
diff --git a/libs/key-management-ui/src/lock/components/lock.component.ts b/libs/key-management-ui/src/lock/components/lock.component.ts
index 03ab6033441..e6d0ee9b622 100644
--- a/libs/key-management-ui/src/lock/components/lock.component.ts
+++ b/libs/key-management-ui/src/lock/components/lock.component.ts
@@ -11,6 +11,7 @@ import {
   Subject,
   switchMap,
   takeUntil,
+  map,
   tap,
 } from "rxjs";
 
@@ -28,6 +29,7 @@ import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/key-
 import { PinServiceAbstraction } from "@bitwarden/common/key-management/pin/pin.service.abstraction";
 import { BroadcasterService } from "@bitwarden/common/platform/abstractions/broadcaster.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
+import { RegisterSdkService } from "@bitwarden/common/platform/abstractions/sdk/register-sdk.service";
 import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
 import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service";
 import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
@@ -52,6 +54,8 @@ import {
   UserAsymmetricKeysRegenerationService,
 } from "@bitwarden/key-management";
 
+import { AccountCryptographicStateService } from "@bitwarden/common/key-management/account-cryptography/account-cryptographic-state.service";
+
 import {
   UnlockOption,
   LockComponentService,
@@ -60,6 +64,7 @@ import {
 } from "../services/lock-component.service";
 
 import { MasterPasswordLockComponent } from "./master-password-lock/master-password-lock.component";
+import { PinStateServiceAbstraction } from "@bitwarden/common/key-management/pin/pin-state.service.abstraction";
 
 const BroadcasterSubscriptionId = "LockComponent";
 
@@ -150,6 +155,7 @@ export class LockComponent implements OnInit, OnDestroy {
   constructor(
     private accountService: AccountService,
     private pinService: PinServiceAbstraction,
+    private pinStateService: PinStateServiceAbstraction,
     private keyService: KeyService,
     private platformUtilsService: PlatformUtilsService,
     private router: Router,
@@ -173,10 +179,12 @@ export class LockComponent implements OnInit, OnDestroy {
     private lockComponentService: LockComponentService,
     private anonLayoutWrapperDataService: AnonLayoutWrapperDataService,
     private encryptedMigrator: EncryptedMigrator,
+    private registerSdkService: RegisterSdkService,
+    private accountCryptographicStateService: AccountCryptographicStateService,
 
     // desktop deps
     private broadcasterService: BroadcasterService,
-  ) {}
+  ) { }
 
   async ngOnInit() {
     this.listenForActiveUnlockOptionChanges();
@@ -483,7 +491,35 @@ export class LockComponent implements OnInit, OnDestroy {
     const MAX_INVALID_PIN_ENTRY_ATTEMPTS = 5;
 
     try {
-      const userKey = await this.pinService.decryptUserKeyWithPin(pin, this.activeAccount.id);
+      await firstValueFrom(
+        this.registerSdkService.registerClient$(this.activeAccount.id).pipe(
+          map(async (sdk) => {
+            if (!sdk) {
+              throw new Error("SDK not available");
+            }
+            using ref = sdk.take();
+            return ref.value.crypto().initialize_user_crypto({
+              userId: this.activeAccount.id,
+              kdfParams: {
+                pBKDF2: { iterations: 100000 }
+              },
+              email: "test@quexten.com",
+              accountCryptographicState: await firstValueFrom(this.accountCryptographicStateService.accountCryptographicState$(this.activeAccount.id)),
+              method: {
+                pinEnvelope: {
+                  pin: pin,
+                  pin_protected_user_key_envelope: await this.pinStateService.getPinProtectedUserKeyEnvelope(
+                    this.activeAccount.id,
+                    "PERSISTENT",
+                  ),
+                }
+              }
+            });
+          }),
+        )
+      );
+      //const userKey = await this.pinService.decryptUserKeyWithPin(pin, this.activeAccount.id);
+      const userKey = await firstValueFrom(this.keyService.userKey$(this.activeAccount.id));
 
       if (userKey) {
         await this.setUserKeyAndContinue(userKey);