[PM-10607] Require userId for getKeyForCipherKeyDecryption (#10509)

* updated cipher service to stop using the deprecated getUserKeyWithLegacySupport and use the version that requires a user id * Added account service mock * fixed cipher test * Fixed test * removed async from encryptCipher * updated encryptSharedCipher to pass userId to the encrypt function * Pass userId to getUserKeyWithLegacySupport on encryptSharedCipher * pass in userid when setting masterKeyEncryptedUserKey * Added activer usedId to new web refresh function
2025-12-23 19:53:43 +00:00 · 2024-08-20 12:00:48 -04:00
parent ed719f835a
commit dedd7f1b5c
67 changed files with 534 additions and 118 deletions
--- a/apps/desktop/src/services/encrypted-message-handler.service.ts
+++ b/apps/desktop/src/services/encrypted-message-handler.service.ts
@@ -164,7 +164,10 @@ export class EncryptedMessageHandlerService {
    cipherView.login.uris[0].uri = credentialCreatePayload.uri;

    try {
-      const encrypted = await this.cipherService.encrypt(cipherView);
+      const activeUserId = await firstValueFrom(
+        this.accountService.activeAccount$.pipe(map((a) => a?.id)),
+      );
+      const encrypted = await this.cipherService.encrypt(cipherView, activeUserId);
      await this.cipherService.createWithServer(encrypted);

      // Notify other clients of new login
@@ -197,14 +200,17 @@ export class EncryptedMessageHandlerService {
      if (cipher === null) {
        return { status: "failure" };
      }
+      const activeUserId = await firstValueFrom(
+        this.accountService.activeAccount$.pipe(map((a) => a?.id)),
+      );
      const cipherView = await cipher.decrypt(
-        await this.cipherService.getKeyForCipherKeyDecryption(cipher),
+        await this.cipherService.getKeyForCipherKeyDecryption(cipher, activeUserId),
      );
      cipherView.name = credentialUpdatePayload.name;
      cipherView.login.password = credentialUpdatePayload.password;
      cipherView.login.username = credentialUpdatePayload.userName;
      cipherView.login.uris[0].uri = credentialUpdatePayload.uri;
-      const encrypted = await this.cipherService.encrypt(cipherView);
+      const encrypted = await this.cipherService.encrypt(cipherView, activeUserId);

      await this.cipherService.updateWithServer(encrypted);

--- a/apps/desktop/src/vault/app/vault/attachments.component.ts
+++ b/apps/desktop/src/vault/app/vault/attachments.component.ts
@@ -2,6 +2,7 @@ import { Component } from "@angular/core";

 import { AttachmentsComponent as BaseAttachmentsComponent } from "@bitwarden/angular/vault/components/attachments.component";
 import { ApiService } from "@bitwarden/common/abstractions/api.service";
+import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
 import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abstractions/account/billing-account-profile-state.service";
 import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
 import { FileDownloadService } from "@bitwarden/common/platform/abstractions/file-download/file-download.service";
@@ -28,6 +29,7 @@ export class AttachmentsComponent extends BaseAttachmentsComponent {
    fileDownloadService: FileDownloadService,
    dialogService: DialogService,
    billingAccountProfileStateService: BillingAccountProfileStateService,
+    accountService: AccountService,
  ) {
    super(
      cipherService,
@@ -41,6 +43,7 @@ export class AttachmentsComponent extends BaseAttachmentsComponent {
      fileDownloadService,
      dialogService,
      billingAccountProfileStateService,
+      accountService,
    );
  }
 }
--- a/apps/desktop/src/vault/app/vault/collections.component.ts
+++ b/apps/desktop/src/vault/app/vault/collections.component.ts
@@ -2,6 +2,7 @@ import { Component } from "@angular/core";

 import { CollectionsComponent as BaseCollectionsComponent } from "@bitwarden/angular/admin-console/components/collections.component";
 import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
+import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
 import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
@@ -22,6 +23,7 @@ export class CollectionsComponent extends BaseCollectionsComponent {
    organizationService: OrganizationService,
    logService: LogService,
    configService: ConfigService,
+    accountService: AccountService,
  ) {
    super(
      collectionService,
@@ -31,6 +33,7 @@ export class CollectionsComponent extends BaseCollectionsComponent {
      organizationService,
      logService,
      configService,
+      accountService,
    );
  }
 }
--- a/apps/desktop/src/vault/app/vault/password-history.component.ts
+++ b/apps/desktop/src/vault/app/vault/password-history.component.ts
@@ -1,6 +1,7 @@
 import { Component } from "@angular/core";

 import { PasswordHistoryComponent as BasePasswordHistoryComponent } from "@bitwarden/angular/vault/components/password-history.component";
+import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
 import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
@@ -14,7 +15,8 @@ export class PasswordHistoryComponent extends BasePasswordHistoryComponent {
    cipherService: CipherService,
    platformUtilsService: PlatformUtilsService,
    i18nService: I18nService,
+    accountService: AccountService,
  ) {
-    super(cipherService, platformUtilsService, i18nService, window);
+    super(cipherService, platformUtilsService, i18nService, accountService, window);
  }
 }
--- a/apps/desktop/src/vault/app/vault/share.component.ts
+++ b/apps/desktop/src/vault/app/vault/share.component.ts
@@ -3,6 +3,7 @@ import { Component } from "@angular/core";
 import { ModalRef } from "@bitwarden/angular/components/modal/modal.ref";
 import { ShareComponent as BaseShareComponent } from "@bitwarden/angular/components/share.component";
 import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
+import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
 import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
@@ -21,6 +22,7 @@ export class ShareComponent extends BaseShareComponent {
    platformUtilsService: PlatformUtilsService,
    logService: LogService,
    organizationService: OrganizationService,
+    accountService: AccountService,
    private modalRef: ModalRef,
  ) {
    super(
@@ -30,6 +32,7 @@ export class ShareComponent extends BaseShareComponent {
      cipherService,
      logService,
      organizationService,
+      accountService,
    );
  }

--- a/apps/desktop/src/vault/app/vault/view.component.ts
+++ b/apps/desktop/src/vault/app/vault/view.component.ts
@@ -14,6 +14,7 @@ import { ViewComponent as BaseViewComponent } from "@bitwarden/angular/vault/com
 import { ApiService } from "@bitwarden/common/abstractions/api.service";
 import { AuditService } from "@bitwarden/common/abstractions/audit.service";
 import { EventCollectionService } from "@bitwarden/common/abstractions/event/event-collection.service";
+import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
 import { TokenService } from "@bitwarden/common/auth/abstractions/token.service";
 import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abstractions/account/billing-account-profile-state.service";
 import { BroadcasterService } from "@bitwarden/common/platform/abstractions/broadcaster.service";
@@ -62,6 +63,7 @@ export class ViewComponent extends BaseViewComponent implements OnInit, OnDestro
    dialogService: DialogService,
    datePipe: DatePipe,
    billingAccountProfileStateService: BillingAccountProfileStateService,
+    accountService: AccountService,
  ) {
    super(
      cipherService,
@@ -84,6 +86,7 @@ export class ViewComponent extends BaseViewComponent implements OnInit, OnDestro
      fileDownloadService,
      dialogService,
      datePipe,
+      accountService,
      billingAccountProfileStateService,
    );
  }