bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2026-01-02 00:23:35 +00:00
Code Issues Releases Wiki Activity

[PM-9423] use observable user encryptor in secret state (#10271)

Browse Source
This commit is contained in:
✨ Audrey ✨
2024-08-01 17:25:10 -04:00
committed by GitHub
parent 82d6b26b18
commit d26ea1be5f
9 changed files with 130 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libs/tools/generator/extensions/history/src/local-generator-history.service.spec.ts
View File

@@ -25,7 +25,7 @@ describe("LocalGeneratorHistoryService", () => {
encryptService.encrypt.mockImplementation((p) => Promise.resolve(p as unknown as EncString));
encryptService.decryptToUtf8.mockImplementation((c) => Promise.resolve(c.encryptedString));
keyService.getUserKey.mockImplementation(() => Promise.resolve(userKey));
keyService.getInMemoryUserKeyFor$.mockImplementation(() => of(true as unknown as UserKey));
keyService.userKey$.mockImplementation(() => of(true as unknown as UserKey));
});
afterEach(() => {

13
libs/tools/generator/extensions/history/src/local-generator-history.service.ts
View File

@@ -1,4 +1,4 @@
import { map } from "rxjs";
import { filter, map } from "rxjs";
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
@@ -110,7 +110,10 @@ export class LocalGeneratorHistoryService extends GeneratorHistoryService {
private createSecretState(userId: UserId): SingleUserState<GeneratedCredential[]> {
// construct the encryptor
const packer = new PaddedDataPacker(OPTIONS_FRAME_SIZE);
const encryptor = new UserKeyEncryptor(this.encryptService, this.keyService, packer);
const encryptor$ = this.keyService.userKey$(userId).pipe(
map((key) => (key ? new UserKeyEncryptor(userId, this.encryptService, key, packer) : null)),
filter((encryptor) => !!encryptor),
);
// construct the durable state
const state = SecretState.from<
@@ -119,7 +122,7 @@ export class LocalGeneratorHistoryService extends GeneratorHistoryService {
GeneratedCredential,
Record<keyof GeneratedCredential, never>,
GeneratedCredential
>(userId, GENERATOR_HISTORY, this.stateProvider, encryptor);
>(userId, GENERATOR_HISTORY, this.stateProvider, encryptor$);
// decryptor is just an algorithm, but it can't run until the key is available;
// providing it via an observable makes running it early impossible
@@ -128,9 +131,7 @@ export class LocalGeneratorHistoryService extends GeneratorHistoryService {
this.keyService,
this.encryptService,
);
const decryptor$ = this.keyService
.getInMemoryUserKeyFor$(userId)
.pipe(map((key) => key && decryptor));
const decryptor$ = this.keyService.userKey$(userId).pipe(map((key) => key && decryptor));
// move data from the old password history once decryptor is available
const buffer = new BufferedState(