mirror of
https://github.com/bitwarden/mobile
synced 2025-12-14 23:33:34 +00:00
[PM-2713] add toggle method to crypto service for keys
This commit is contained in:
Jacob Fink
@@ -491,7 +491,7 @@ namespace Bit.App.Pages
|
|||||||
await _stateService.SetBiometricUnlockAsync(null);
|
await _stateService.SetBiometricUnlockAsync(null);
|
||||||
}
|
}
|
||||||
await _stateService.SetBiometricLockedAsync(false);
|
await _stateService.SetBiometricLockedAsync(false);
|
||||||
await _cryptoService.ToggleKeyAsync();
|
await _cryptoService.ToggleKeysAsync();
|
||||||
BuildList();
|
BuildList();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -9,6 +9,7 @@ namespace Bit.Core.Abstractions
|
|||||||
{
|
{
|
||||||
public interface ICryptoService
|
public interface ICryptoService
|
||||||
{
|
{
|
||||||
|
Task ToggleKeysAsync();
|
||||||
Task SetUserKeyAsync(UserKey userKey, string userId = null);
|
Task SetUserKeyAsync(UserKey userKey, string userId = null);
|
||||||
Task<UserKey> GetUserKeyAsync(string userId = null);
|
Task<UserKey> GetUserKeyAsync(string userId = null);
|
||||||
Task<bool> HasUserKeyAsync(string userId = null);
|
Task<bool> HasUserKeyAsync(string userId = null);
|
||||||
@@ -25,7 +26,7 @@ namespace Bit.Core.Abstractions
|
|||||||
Task SetPasswordHashAsync(string keyHash);
|
Task SetPasswordHashAsync(string keyHash);
|
||||||
Task<string> GetPasswordHashAsync();
|
Task<string> GetPasswordHashAsync();
|
||||||
Task ClearPasswordHashAsync(string userId = null);
|
Task ClearPasswordHashAsync(string userId = null);
|
||||||
Task<bool> CompareAndUpdatePasswordHashAsync(string masterPassword, SymmetricCryptoKey key);
|
Task<bool> CompareAndUpdatePasswordHashAsync(string masterPassword, MasterKey key);
|
||||||
Task SetOrgKeysAsync(IEnumerable<ProfileOrganizationResponse> orgs);
|
Task SetOrgKeysAsync(IEnumerable<ProfileOrganizationResponse> orgs);
|
||||||
Task<OrgKey> GetOrgKeyAsync(string orgId);
|
Task<OrgKey> GetOrgKeyAsync(string orgId);
|
||||||
Task<Dictionary<string, OrgKey>> GetOrgKeysAsync();
|
Task<Dictionary<string, OrgKey>> GetOrgKeysAsync();
|
||||||
@@ -75,6 +76,5 @@ namespace Bit.Core.Abstractions
|
|||||||
Task<Tuple<SymmetricCryptoKey, EncString>> RemakeEncKeyAsync(SymmetricCryptoKey key);
|
Task<Tuple<SymmetricCryptoKey, EncString>> RemakeEncKeyAsync(SymmetricCryptoKey key);
|
||||||
Task SetEncKeyAsync(string encKey);
|
Task SetEncKeyAsync(string encKey);
|
||||||
Task SetKeyAsync(SymmetricCryptoKey key);
|
Task SetKeyAsync(SymmetricCryptoKey key);
|
||||||
Task ToggleKeyAsync();
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -36,6 +36,17 @@ namespace Bit.Core.Services
|
|||||||
_cryptoFunctionService = cryptoFunctionService;
|
_cryptoFunctionService = cryptoFunctionService;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public async Task ToggleKeysAsync()
|
||||||
|
{
|
||||||
|
// refresh or clear the pin key
|
||||||
|
await SetUserKeyAsync(await GetUserKeyAsync());
|
||||||
|
|
||||||
|
// refresh or clear the encrypted user key
|
||||||
|
var encUserKey = await _stateService.GetUserKeyMasterKeyAsync();
|
||||||
|
await _stateService.SetUserKeyMasterKeyAsync(null);
|
||||||
|
await _stateService.SetUserKeyMasterKeyAsync(encUserKey);
|
||||||
|
}
|
||||||
|
|
||||||
public async Task SetUserKeyAsync(UserKey userKey, string userId = null)
|
public async Task SetUserKeyAsync(UserKey userKey, string userId = null)
|
||||||
{
|
{
|
||||||
await _stateService.SetUserKeyAsync(userKey, userId);
|
await _stateService.SetUserKeyAsync(userKey, userId);
|
||||||
@@ -45,6 +56,11 @@ namespace Bit.Core.Services
|
|||||||
{
|
{
|
||||||
await StorePinKey(userKey, userId);
|
await StorePinKey(userKey, userId);
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
await _stateService.SetUserKeyPinAsync(null, userId);
|
||||||
|
await _stateService.SetUserKeyPinEphemeralAsync(null, userId);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<UserKey> GetUserKeyAsync(string userId = null)
|
public async Task<UserKey> GetUserKeyAsync(string userId = null)
|
||||||
@@ -69,12 +85,21 @@ namespace Bit.Core.Services
|
|||||||
|
|
||||||
public async Task SetMasterKeyEncryptedUserKeyAsync(string value, string userId = null)
|
public async Task SetMasterKeyEncryptedUserKeyAsync(string value, string userId = null)
|
||||||
{
|
{
|
||||||
|
var option = await _stateService.GetVaultTimeoutAsync();
|
||||||
|
var biometric = await _stateService.GetBiometricUnlockAsync();
|
||||||
|
if (option.HasValue && !biometric.GetValueOrDefault())
|
||||||
|
{
|
||||||
|
// we only store the encrypted user key if the user has a vault timeout set
|
||||||
|
// with no biometric. Otherwise, we need it for auto unlock or biometric unlock
|
||||||
|
return;
|
||||||
|
}
|
||||||
await _stateService.SetUserKeyMasterKeyAsync(value, userId);
|
await _stateService.SetUserKeyMasterKeyAsync(value, userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task SetMasterKeyAsync(MasterKey masterKey, string userId = null)
|
public async Task SetMasterKeyAsync(MasterKey masterKey, string userId = null)
|
||||||
{
|
{
|
||||||
await _stateService.SetMasterKeyAsync(masterKey, userId);
|
await _stateService.SetMasterKeyAsync(masterKey, userId);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<MasterKey> GetMasterKeyAsync(string userId = null)
|
public async Task<MasterKey> GetMasterKeyAsync(string userId = null)
|
||||||
@@ -211,7 +236,7 @@ namespace Bit.Core.Services
|
|||||||
}
|
}
|
||||||
|
|
||||||
// TODO(Jake): Uses Master Key
|
// TODO(Jake): Uses Master Key
|
||||||
public async Task<bool> CompareAndUpdatePasswordHashAsync(string masterPassword, SymmetricCryptoKey key)
|
public async Task<bool> CompareAndUpdatePasswordHashAsync(string masterPassword, MasterKey key)
|
||||||
{
|
{
|
||||||
var storedPasswordHash = await GetPasswordHashAsync();
|
var storedPasswordHash = await GetPasswordHashAsync();
|
||||||
if (masterPassword != null && storedPasswordHash != null)
|
if (masterPassword != null && storedPasswordHash != null)
|
||||||
@@ -385,6 +410,14 @@ namespace Bit.Core.Services
|
|||||||
return await StretchKeyAsync(pinKey) as PinKey;
|
return await StretchKeyAsync(pinKey) as PinKey;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public async Task ClearPinKeys(string userId = null)
|
||||||
|
{
|
||||||
|
await _stateService.SetUserKeyPinAsync(null, userId);
|
||||||
|
await _stateService.SetUserKeyPinEphemeralAsync(null, userId);
|
||||||
|
await _stateService.SetProtectedPinAsync(null, userId);
|
||||||
|
await clearDeprecatedPinKeysAsync(userId);
|
||||||
|
}
|
||||||
|
|
||||||
// public async Task<UserKey> DecryptUserKeyWithPin(string pin, string salt, KdfConfig kdfConfig, EncString pinProtectedUserKey = null)
|
// public async Task<UserKey> DecryptUserKeyWithPin(string pin, string salt, KdfConfig kdfConfig, EncString pinProtectedUserKey = null)
|
||||||
// {
|
// {
|
||||||
// pinProtectedUserKey ??= await _stateService.GetUserKeyPinAsync();
|
// pinProtectedUserKey ??= await _stateService.GetUserKeyPinAsync();
|
||||||
@@ -614,7 +647,7 @@ namespace Bit.Core.Services
|
|||||||
return new EncByteArray(encBytes);
|
return new EncByteArray(encBytes);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Helpers
|
// --HELPER METHODS--
|
||||||
|
|
||||||
private async Task StorePinKey(UserKey userKey, string userId = null)
|
private async Task StorePinKey(UserKey userKey, string userId = null)
|
||||||
{
|
{
|
||||||
@@ -899,6 +932,15 @@ namespace Bit.Core.Services
|
|||||||
public SymmetricCryptoKey Key { get; set; }
|
public SymmetricCryptoKey Key { get; set; }
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// --LEGACY METHODS--
|
||||||
|
// We previously used the master key for additional keys, but now we use the user key.
|
||||||
|
// These methods support migrating the old keys to the new ones.
|
||||||
|
|
||||||
|
public async Task clearDeprecatedPinKeysAsync(string userId = null)
|
||||||
|
{
|
||||||
|
await _stateService.SetPinProtectedAsync(null);
|
||||||
|
await _stateService.SetPinProtectedKeyAsync(null);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@@ -1083,21 +1125,6 @@ namespace Bit.Core.Services
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public async Task ToggleKeyAsync()
|
|
||||||
{
|
|
||||||
var key = await GetKeyAsync();
|
|
||||||
var option = await _stateService.GetVaultTimeoutAsync();
|
|
||||||
var biometric = await _stateService.GetBiometricUnlockAsync();
|
|
||||||
if (!biometric.GetValueOrDefault() && (option != null || option == 0))
|
|
||||||
{
|
|
||||||
await ClearKeyAsync();
|
|
||||||
await _stateService.SetKeyDecryptedAsync(key);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
await SetKeyAsync(key);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
public async Task<SymmetricCryptoKey> MakeKeyFromPinAsync(string pin, string salt,
|
public async Task<SymmetricCryptoKey> MakeKeyFromPinAsync(string pin, string salt,
|
||||||
KdfConfig config, EncString protectedKeyCs = null)
|
KdfConfig config, EncString protectedKeyCs = null)
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -214,7 +214,7 @@ namespace Bit.Core.Services
|
|||||||
{
|
{
|
||||||
await _stateService.SetVaultTimeoutAsync(timeout);
|
await _stateService.SetVaultTimeoutAsync(timeout);
|
||||||
await _stateService.SetVaultTimeoutActionAsync(action);
|
await _stateService.SetVaultTimeoutActionAsync(action);
|
||||||
await _cryptoService.ToggleKeyAsync();
|
await _cryptoService.ToggleKeysAsync();
|
||||||
await _tokenService.ToggleTokensAsync();
|
await _tokenService.ToggleTokensAsync();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user