[EC-598] fix: counter not being saved correctly

2025-12-17 16:53:34 +00:00 · 2023-04-18 11:23:38 +02:00
parent 53f35d59fb
commit e876ba5421
5 changed files with 33 additions and 7 deletions
--- a/libs/common/src/fido2/models/api/fido2-key.api.ts
+++ b/libs/common/src/fido2/models/api/fido2-key.api.ts
@@ -8,7 +8,7 @@ export class Fido2KeyApi extends BaseResponse {
  keyValue: string;
  rpId: string;
  userHandle: string;
-  counter: number;
+  counter: string;

  // Extras
  rpName: string;
--- a/libs/common/src/fido2/models/data/fido2-key.data.ts
+++ b/libs/common/src/fido2/models/data/fido2-key.data.ts
@@ -8,7 +8,7 @@ export class Fido2KeyData {
  keyValue: string;
  rpId: string;
  userHandle: string;
-  counter: number;
+  counter: string;

  // Extras
  rpName: string;
--- a/libs/common/src/fido2/models/domain/fido2-key.ts
+++ b/libs/common/src/fido2/models/domain/fido2-key.ts
@@ -47,8 +47,8 @@ export class Fido2Key extends Domain {
    );
  }

-  decrypt(orgId: string, encKey?: SymmetricCryptoKey): Promise<Fido2KeyView> {
-    return this.decryptObj(
+  async decrypt(orgId: string, encKey?: SymmetricCryptoKey): Promise<Fido2KeyView> {
+    const view = await this.decryptObj(
      new Fido2KeyView(),
      {
        nonDiscoverableId: null,
@@ -58,7 +58,6 @@ export class Fido2Key extends Domain {
        keyValue: null,
        rpId: null,
        userHandle: null,
-        counter: null,
        rpName: null,
        userName: null,
        origin: null,
@@ -66,6 +65,19 @@ export class Fido2Key extends Domain {
      orgId,
      encKey
    );
+
+    const { counter } = await this.decryptObj(
+      { counter: "" },
+      {
+        counter: null,
+      },
+      orgId,
+      encKey
+    );
+    // Counter will end up as NaN if this fails
+    view.counter = parseInt(counter);
+
+    return view;
  }

  toFido2KeyData(): Fido2KeyData {
--- a/libs/common/src/vault/models/request/cipher.request.ts
+++ b/libs/common/src/vault/models/request/cipher.request.ts
@@ -1,10 +1,10 @@
+import { Fido2KeyApi } from "../../../fido2/models/api/fido2-key.api";
 import { CardApi } from "../../../models/api/card.api";
 import { FieldApi } from "../../../models/api/field.api";
 import { IdentityApi } from "../../../models/api/identity.api";
 import { LoginUriApi } from "../../../models/api/login-uri.api";
 import { LoginApi } from "../../../models/api/login.api";
 import { SecureNoteApi } from "../../../models/api/secure-note.api";
-import { Fido2KeyApi } from "../../../fido2/models/api/fido2-key.api";
 import { CipherRepromptType } from "../../enums/cipher-reprompt-type";
 import { CipherType } from "../../enums/cipher-type";
 import { Cipher } from "../domain/cipher";
@@ -92,6 +92,10 @@ export class CipherRequest {
            cipher.login.fido2Key.rpName != null
              ? cipher.login.fido2Key.rpName.encryptedString
              : null;
+          this.login.fido2Key.counter =
+            cipher.login.fido2Key.counter != null
+              ? cipher.login.fido2Key.counter.encryptedString
+              : null;
          this.login.fido2Key.userHandle =
            cipher.login.fido2Key.userHandle != null
              ? cipher.login.fido2Key.userHandle.encryptedString
@@ -185,6 +189,8 @@ export class CipherRequest {
          cipher.fido2Key.rpId != null ? cipher.fido2Key.rpId.encryptedString : null;
        this.fido2Key.rpName =
          cipher.fido2Key.rpName != null ? cipher.fido2Key.rpName.encryptedString : null;
+        this.fido2Key.counter =
+          cipher.fido2Key.counter != null ? cipher.fido2Key.counter.encryptedString : null;
        this.fido2Key.userHandle =
          cipher.fido2Key.userHandle != null ? cipher.fido2Key.userHandle.encryptedString : null;
        this.fido2Key.userName =
--- a/libs/common/src/vault/services/cipher.service.ts
+++ b/libs/common/src/vault/services/cipher.service.ts
@@ -10,6 +10,7 @@ import { SettingsService } from "../../abstractions/settings.service";
 import { StateService } from "../../abstractions/state.service";
 import { FieldType } from "../../enums/fieldType";
 import { UriMatchType } from "../../enums/uriMatchType";
+import { Fido2Key } from "../../fido2/models/domain/fido2-key";
 import { sequentialize } from "../../misc/sequentialize";
 import { Utils } from "../../misc/utils";
 import { AccountSettingsSettings } from "../../models/domain/account";
@@ -19,7 +20,6 @@ import { EncString } from "../../models/domain/enc-string";
 import { SymmetricCryptoKey } from "../../models/domain/symmetric-crypto-key";
 import { ErrorResponse } from "../../models/response/error.response";
 import { View } from "../../models/view/view";
-import { Fido2Key } from "../../fido2/models/domain/fido2-key";
 import { CipherService as CipherServiceAbstraction } from "../abstractions/cipher.service";
 import { CipherFileUploadService } from "../abstractions/file-upload/cipher-file-upload.service";
 import { CipherType } from "../enums/cipher-type";
@@ -1137,6 +1137,10 @@ export class CipherService implements CipherServiceAbstraction {
            },
            key
          );
+          cipher.login.fido2Key.counter = await this.cryptoService.encrypt(
+            String(model.login.fido2Key.counter),
+            key
+          );
        }
        return;
      case CipherType.SecureNote:
@@ -1205,6 +1209,10 @@ export class CipherService implements CipherServiceAbstraction {
          },
          key
        );
+        cipher.fido2Key.counter = await this.cryptoService.encrypt(
+          String(model.fido2Key.counter),
+          key
+        );
        break;
      default:
        throw new Error("Unknown cipher type.");