[PM-5533] Migrate Asymmetric User Keys to State Providers (#7665)

2025-12-18 01:03:35 +00:00 · 2024-02-14 15:04:08 -05:00
parent 7a6d7b3a68
commit d8b74b78da
13 changed files with 554 additions and 127 deletions
--- a/libs/common/src/platform/services/key-state/user-key.state.ts
+++ b/libs/common/src/platform/services/key-state/user-key.state.ts
@@ -1,5 +1,59 @@
-import { KeyDefinition, CRYPTO_DISK } from "../../state";
+import { UserPrivateKey, UserPublicKey } from "../../../types/key";
+import { CryptoFunctionService } from "../../abstractions/crypto-function.service";
+import { EncryptService } from "../../abstractions/encrypt.service";
+import { EncString, EncryptedString } from "../../models/domain/enc-string";
+import { KeyDefinition, CRYPTO_DISK, DeriveDefinition } from "../../state";
+import { CryptoService } from "../crypto.service";

 export const USER_EVER_HAD_USER_KEY = new KeyDefinition<boolean>(CRYPTO_DISK, "everHadUserKey", {
  deserializer: (obj) => obj,
 });
+
+export const USER_ENCRYPTED_PRIVATE_KEY = new KeyDefinition<EncryptedString>(
+  CRYPTO_DISK,
+  "privateKey",
+  {
+    deserializer: (obj) => obj,
+  },
+);
+
+export const USER_PRIVATE_KEY = DeriveDefinition.fromWithUserId<
+  EncryptedString,
+  UserPrivateKey,
+  // TODO: update cryptoService to user key directly
+  { encryptService: EncryptService; cryptoService: CryptoService }
+>(USER_ENCRYPTED_PRIVATE_KEY, {
+  deserializer: (obj) => new Uint8Array(Object.values(obj)) as UserPrivateKey,
+  derive: async ([userId, encPrivateKeyString], { encryptService, cryptoService }) => {
+    if (encPrivateKeyString == null) {
+      return null;
+    }
+
+    const userKey = await cryptoService.getUserKey(userId);
+    if (userKey == null) {
+      return null;
+    }
+
+    const encPrivateKey = new EncString(encPrivateKeyString);
+    const privateKey = (await encryptService.decryptToBytes(
+      encPrivateKey,
+      userKey,
+    )) as UserPrivateKey;
+    return privateKey;
+  },
+});
+
+export const USER_PUBLIC_KEY = DeriveDefinition.from<
+  UserPrivateKey,
+  UserPublicKey,
+  { cryptoFunctionService: CryptoFunctionService }
+>([USER_PRIVATE_KEY, "publicKey"], {
+  deserializer: (obj) => new Uint8Array(Object.values(obj)) as UserPublicKey,
+  derive: async (privateKey, { cryptoFunctionService }) => {
+    if (privateKey == null) {
+      return null;
+    }
+
+    return (await cryptoFunctionService.rsaExtractPublicKey(privateKey)) as UserPublicKey;
+  },
+});