mirror of
https://github.com/bitwarden/browser
synced 2025-12-10 13:23:34 +00:00
cc8bd71775
* Add new encrypt service functions * Undo changes * Cleanup * Fix build * Fix comments * Switch encrypt service to use SDK functions * Move remaining functions to PureCrypto * Tests * Increase test coverage * Split up userkey rotation v2 and add tests * Fix eslint * Fix type errors * Fix tests * Implement signing keys * Fix sdk init * Remove key rotation v2 flag * Fix parsing when user does not have signing keys * Clear up trusted key naming * Split up getNewAccountKeys * Add trim and lowercase * Replace user.email with masterKeySalt * Add wasTrustDenied to verifyTrust in key rotation service * Move testable userkey rotation service code to testable class * Fix build * Add comments * Undo changes * Fix incorrect behavior on aborting key rotation and fix import * Fix tests * Make members of userkey rotation service protected * Fix type error * Cleanup and add injectable annotation * Fix tests * Update apps/web/src/app/key-management/key-rotation/user-key-rotation.service.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Remove v1 rotation request * Add upgrade to user encryption v2 * Fix types * Update sdk method calls * Update request models for new server api for rotation * Fix build * Update userkey rotation for new server API * Update crypto client call for new sdk changes * Fix rotation with signing keys * Cargo lock * Fix userkey rotation service * Fix types * Undo changes to feature flag service * Fix linting * [PM-22863] Account security state (#15309) * Add account security state * Update key rotation * Rename * Fix build * Cleanup * Further cleanup * Tests * Increase test coverage * Add test * Increase test coverage * Fix builds and update sdk * Fix build * Fix tests * Reset changes to encrypt service * Cleanup * Add comment * Cleanup * Cleanup * Rename model * Cleanup * Fix build * Clean up * Fix types * Cleanup * Cleanup * Cleanup * Add test * Simplify request model * Rename and add comments * Fix tests * Update responses to use less strict typing * Fix response parsing for v1 users * Update libs/common/src/key-management/keys/response/private-keys.response.ts Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com> * Update libs/common/src/key-management/keys/response/private-keys.response.ts Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com> * Fix build * Fix build * Fix build * Undo change * Fix attachments not encrypting for v2 users --------- Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
71 lines
3.0 KiB
TypeScript
71 lines
3.0 KiB
TypeScript
import { SecurityStateRequest } from "@bitwarden/common/key-management/security-state/request/security-state.request";
|
|
import { WrappedPrivateKey } from "@bitwarden/common/key-management/types";
|
|
import { SdkLoadService } from "@bitwarden/common/platform/abstractions/sdk/sdk-load.service";
|
|
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
|
import { PureCrypto } from "@bitwarden/sdk-internal";
|
|
|
|
import { PublicKeyEncryptionKeyPairRequestModel } from "../model/public-key-encryption-key-pair-request.model";
|
|
import { SignatureKeyPairRequestModel } from "../model/signature-key-pair-request-request.model";
|
|
import { V1UserCryptographicState } from "../types/v1-cryptographic-state";
|
|
import { V2UserCryptographicState } from "../types/v2-cryptographic-state";
|
|
|
|
// This request contains other account-owned keys that are encrypted with the user key.
|
|
export class AccountKeysRequest {
|
|
/**
|
|
* @deprecated
|
|
*/
|
|
userKeyEncryptedAccountPrivateKey: WrappedPrivateKey | null = null;
|
|
/**
|
|
* @deprecated
|
|
*/
|
|
accountPublicKey: string | null = null;
|
|
|
|
publicKeyEncryptionKeyPair: PublicKeyEncryptionKeyPairRequestModel | null = null;
|
|
signatureKeyPair: SignatureKeyPairRequestModel | null = null;
|
|
securityState: SecurityStateRequest | null = null;
|
|
|
|
constructor() {}
|
|
|
|
static fromV1CryptographicState(state: V1UserCryptographicState): AccountKeysRequest {
|
|
const request = new AccountKeysRequest();
|
|
request.userKeyEncryptedAccountPrivateKey = state.publicKeyEncryptionKeyPair.wrappedPrivateKey;
|
|
request.accountPublicKey = Utils.fromBufferToB64(state.publicKeyEncryptionKeyPair.publicKey);
|
|
request.publicKeyEncryptionKeyPair = new PublicKeyEncryptionKeyPairRequestModel(
|
|
state.publicKeyEncryptionKeyPair.wrappedPrivateKey,
|
|
state.publicKeyEncryptionKeyPair.publicKey,
|
|
null,
|
|
);
|
|
|
|
return request;
|
|
}
|
|
|
|
static async fromV2CryptographicState(
|
|
state: V2UserCryptographicState,
|
|
): Promise<AccountKeysRequest> {
|
|
// Ensure the SDK is loaded, since it is used to derive the signature algorithm.
|
|
await SdkLoadService.Ready;
|
|
|
|
const request = new AccountKeysRequest();
|
|
request.userKeyEncryptedAccountPrivateKey = state.publicKeyEncryptionKeyPair.wrappedPrivateKey!;
|
|
request.accountPublicKey = Utils.fromBufferToB64(state.publicKeyEncryptionKeyPair.publicKey);
|
|
request.publicKeyEncryptionKeyPair = new PublicKeyEncryptionKeyPairRequestModel(
|
|
state.publicKeyEncryptionKeyPair.wrappedPrivateKey,
|
|
state.publicKeyEncryptionKeyPair.publicKey,
|
|
state.publicKeyEncryptionKeyPair.signedPublicKey,
|
|
);
|
|
request.signatureKeyPair = new SignatureKeyPairRequestModel(
|
|
state.signatureKeyPair.wrappedSigningKey,
|
|
state.signatureKeyPair.verifyingKey,
|
|
PureCrypto.key_algorithm_for_verifying_key(
|
|
Utils.fromB64ToArray(state.signatureKeyPair.verifyingKey),
|
|
),
|
|
);
|
|
request.securityState = new SecurityStateRequest(
|
|
state.securityState.securityState,
|
|
state.securityState.securityStateVersion,
|
|
);
|
|
|
|
return request;
|
|
}
|
|
}
|