Move asymmetric crypto functions out of crypto service (#10903)

2025-12-16 08:13:42 +00:00 · 2024-10-01 08:47:41 -07:00
parent f2339b0586
commit dafe795854
36 changed files with 126 additions and 152 deletions
--- a/libs/auth/src/common/services/auth-request/auth-request.service.spec.ts
+++ b/libs/auth/src/common/services/auth-request/auth-request.service.spec.ts
@@ -6,6 +6,7 @@ import { FakeMasterPasswordService } from "@bitwarden/common/auth/services/maste
 import { AuthRequestPushNotification } from "@bitwarden/common/models/response/notification.response";
 import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service";
 import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
+import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
 import { Utils } from "@bitwarden/common/platform/misc/utils";
 import { EncString } from "@bitwarden/common/platform/models/domain/enc-string";
 import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";
@@ -24,6 +25,7 @@ describe("AuthRequestService", () => {
  let masterPasswordService: FakeMasterPasswordService;
  const appIdService = mock<AppIdService>();
  const cryptoService = mock<CryptoService>();
+  const encryptService = mock<EncryptService>();
  const apiService = mock<ApiService>();

  let mockPrivateKey: Uint8Array;
@@ -40,6 +42,7 @@ describe("AuthRequestService", () => {
      accountService,
      masterPasswordService,
      cryptoService,
+      encryptService,
      apiService,
      stateProvider,
    );
@@ -82,7 +85,7 @@ describe("AuthRequestService", () => {

  describe("approveOrDenyAuthRequest", () => {
    beforeEach(() => {
-      cryptoService.rsaEncrypt.mockResolvedValue({
+      encryptService.rsaEncrypt.mockResolvedValue({
        encryptedString: "ENCRYPTED_STRING",
      } as EncString);
      appIdService.getAppId.mockResolvedValue("APP_ID");
@@ -108,7 +111,7 @@ describe("AuthRequestService", () => {
        new AuthRequestResponse({ id: "123", publicKey: "KEY" }),
      );

-      expect(cryptoService.rsaEncrypt).toHaveBeenCalledWith(new Uint8Array(64), expect.anything());
+      expect(encryptService.rsaEncrypt).toHaveBeenCalledWith(new Uint8Array(64), expect.anything());
    });

    it("should use the user key if the master key and hash do not exist", async () => {
@@ -119,7 +122,7 @@ describe("AuthRequestService", () => {
        new AuthRequestResponse({ id: "123", publicKey: "KEY" }),
      );

-      expect(cryptoService.rsaEncrypt).toHaveBeenCalledWith(new Uint8Array(64), expect.anything());
+      expect(encryptService.rsaEncrypt).toHaveBeenCalledWith(new Uint8Array(64), expect.anything());
    });
  });
  describe("setUserKeyAfterDecryptingSharedUserKey", () => {
@@ -211,7 +214,7 @@ describe("AuthRequestService", () => {
      const mockDecryptedUserKeyBytes = new Uint8Array(64);
      const mockDecryptedUserKey = new SymmetricCryptoKey(mockDecryptedUserKeyBytes) as UserKey;

-      cryptoService.rsaDecrypt.mockResolvedValueOnce(mockDecryptedUserKeyBytes);
+      encryptService.rsaDecrypt.mockResolvedValueOnce(mockDecryptedUserKeyBytes);

      // Act
      const result = await sut.decryptPubKeyEncryptedUserKey(
@@ -220,7 +223,10 @@ describe("AuthRequestService", () => {
      );

      // Assert
-      expect(cryptoService.rsaDecrypt).toBeCalledWith(mockPubKeyEncryptedUserKey, mockPrivateKey);
+      expect(encryptService.rsaDecrypt).toBeCalledWith(
+        new EncString(mockPubKeyEncryptedUserKey),
+        mockPrivateKey,
+      );
      expect(result).toEqual(mockDecryptedUserKey);
    });
  });
@@ -238,7 +244,7 @@ describe("AuthRequestService", () => {
      const mockDecryptedMasterKeyHashBytes = new Uint8Array(64);
      const mockDecryptedMasterKeyHash = Utils.fromBufferToUtf8(mockDecryptedMasterKeyHashBytes);

-      cryptoService.rsaDecrypt
+      encryptService.rsaDecrypt
        .mockResolvedValueOnce(mockDecryptedMasterKeyBytes)
        .mockResolvedValueOnce(mockDecryptedMasterKeyHashBytes);

@@ -250,14 +256,14 @@ describe("AuthRequestService", () => {
      );

      // Assert
-      expect(cryptoService.rsaDecrypt).toHaveBeenNthCalledWith(
+      expect(encryptService.rsaDecrypt).toHaveBeenNthCalledWith(
        1,
-        mockPubKeyEncryptedMasterKey,
+        new EncString(mockPubKeyEncryptedMasterKey),
        mockPrivateKey,
      );
-      expect(cryptoService.rsaDecrypt).toHaveBeenNthCalledWith(
+      expect(encryptService.rsaDecrypt).toHaveBeenNthCalledWith(
        2,
-        mockPubKeyEncryptedMasterKeyHash,
+        new EncString(mockPubKeyEncryptedMasterKeyHash),
        mockPrivateKey,
      );
      expect(result.masterKey).toEqual(mockDecryptedMasterKey);