From 7fb89fa1a575254b674c3626c05517439976e120 Mon Sep 17 00:00:00 2001
From: Jacob Fink <jfink@bitwarden.com>
Date: Tue, 1 Aug 2023 09:30:00 -0400
Subject: [PATCH] [PM-2713] consolidate attachment key creation - also fix ios
 files missed during symbol rename

---
 src/Core/Services/CipherService.cs            | 45 ++++++++-----------
 .../BaseLockPasswordViewController.cs         |  6 +--
 .../Controllers/LockPasswordViewController.cs |  6 +--
 3 files changed, 25 insertions(+), 32 deletions(-)

diff --git a/src/Core/Services/CipherService.cs b/src/Core/Services/CipherService.cs
index d04479045..5b424f1b5 100644
--- a/src/Core/Services/CipherService.cs
+++ b/src/Core/Services/CipherService.cs
@@ -556,20 +556,9 @@ namespace Bit.Core.Services
 
         public async Task<Cipher> SaveAttachmentRawWithServerAsync(Cipher cipher, string filename, byte[] data)
         {
-            SymmetricCryptoKey attachmentKey;
-            EncString protectedAttachmentKey;
-            var orgKey = await _cryptoService.GetOrgKeyAsync(cipher.OrganizationId);
-            if (orgKey != null)
-            {
-                (attachmentKey, protectedAttachmentKey) = await _cryptoService.MakeDataEncKeyAsync(orgKey);
-            }
-            else
-            {
-                var userKey = await _cryptoService.GetUserKeyWithLegacySupportAsync();
-                (attachmentKey, protectedAttachmentKey) = await _cryptoService.MakeDataEncKeyAsync(userKey);
-            }
+            var (attachmentKey, protectedAttachmentKey, encKey) = await MakeAttachmentKeyAsync(cipher.OrganizationId);
 
-            var encFileName = await _cryptoService.EncryptAsync(filename, orgKey);
+            var encFileName = await _cryptoService.EncryptAsync(filename, encKey);
             var encFileData = await _cryptoService.EncryptToBytesAsync(data, attachmentKey);
 
             CipherResponse response;
@@ -806,6 +795,21 @@ namespace Bit.Core.Services
 
         // Helpers
 
+        private async Task<Tuple<SymmetricCryptoKey, EncString, SymmetricCryptoKey>> MakeAttachmentKeyAsync(string organizationId)
+        {
+            SymmetricCryptoKey attachmentKey;
+            EncString protectedAttachmentKey;
+            var orgKey = await _cryptoService.GetOrgKeyAsync(organizationId);
+            if (orgKey != null)
+            {
+                (attachmentKey, protectedAttachmentKey) = await _cryptoService.MakeDataEncKeyAsync(orgKey);
+                return new Tuple<SymmetricCryptoKey, EncString, SymmetricCryptoKey>(attachmentKey, protectedAttachmentKey, orgKey);
+            }
+            var userKey = await _cryptoService.GetUserKeyWithLegacySupportAsync();
+            (attachmentKey, protectedAttachmentKey) = await _cryptoService.MakeDataEncKeyAsync(userKey);
+            return new Tuple<SymmetricCryptoKey, EncString, SymmetricCryptoKey>(attachmentKey, protectedAttachmentKey, userKey);
+        }
+
         private async Task ShareAttachmentWithServerAsync(AttachmentView attachmentView, string cipherId,
             string organizationId)
         {
@@ -818,20 +822,9 @@ namespace Bit.Core.Services
             var bytes = await attachmentResponse.Content.ReadAsByteArrayAsync();
             var decBytes = await _cryptoService.DecryptFromBytesAsync(bytes, null);
 
-            SymmetricCryptoKey attachmentKey;
-            EncString protectedAttachmentKey;
-            var orgKey = await _cryptoService.GetOrgKeyAsync(organizationId);
-            if (orgKey != null)
-            {
-                (attachmentKey, protectedAttachmentKey) = await _cryptoService.MakeDataEncKeyAsync(orgKey);
-            }
-            else
-            {
-                var userKey = await _cryptoService.GetUserKeyWithLegacySupportAsync();
-                (attachmentKey, protectedAttachmentKey) = await _cryptoService.MakeDataEncKeyAsync(userKey);
-            }
+            var (attachmentKey, protectedAttachmentKey, encKey) = await MakeAttachmentKeyAsync(organizationId);
 
-            var encFileName = await _cryptoService.EncryptAsync(attachmentView.FileName, orgKey);
+            var encFileName = await _cryptoService.EncryptAsync(attachmentView.FileName, encKey);
             var encFileData = await _cryptoService.EncryptToBytesAsync(decBytes, attachmentKey);
 
             var boundary = string.Concat("--BWMobileFormBoundary", DateTime.UtcNow.Ticks);
diff --git a/src/iOS.Core/Controllers/BaseLockPasswordViewController.cs b/src/iOS.Core/Controllers/BaseLockPasswordViewController.cs
index c5f2dfabe..db5ce6f67 100644
--- a/src/iOS.Core/Controllers/BaseLockPasswordViewController.cs
+++ b/src/iOS.Core/Controllers/BaseLockPasswordViewController.cs
@@ -112,7 +112,7 @@ namespace Bit.iOS.Core.Controllers
             {
                 _pinStatus = await _vaultTimeoutService.GetPinLockTypeAsync();
 
-                var ephemeralPinSet = await _stateService.GetUserKeyPinEphemeralAsync()
+                var ephemeralPinSet = await _stateService.GetPinKeyEncryptedUserKeyEphemeralAsync()
                     ?? await _stateService.GetPinProtectedKeyAsync();
                 _pinEnabled = (_pinStatus == PinLockType.Transient && ephemeralPinSet != null) ||
                     _pinStatus == PinLockType.Persistent;
@@ -259,13 +259,13 @@ namespace Bit.iOS.Core.Controllers
                         EncString oldPinProtected = null;
                         if (_pinStatus == PinLockType.Persistent)
                         {
-                            userKeyPin = await _stateService.GetUserKeyPinAsync();
+                            userKeyPin = await _stateService.GetPinKeyEncryptedUserKeyAsync();
                             var oldEncryptedKey = await _stateService.GetPinProtectedAsync();
                             oldPinProtected = oldEncryptedKey != null ? new EncString(oldEncryptedKey) : null;
                         }
                         else if (_pinStatus == PinLockType.Transient)
                         {
-                            userKeyPin = await _stateService.GetUserKeyPinEphemeralAsync();
+                            userKeyPin = await _stateService.GetPinKeyEncryptedUserKeyEphemeralAsync();
                             oldPinProtected = await _stateService.GetPinProtectedKeyAsync();
                         }
 
diff --git a/src/iOS.Core/Controllers/LockPasswordViewController.cs b/src/iOS.Core/Controllers/LockPasswordViewController.cs
index 981bd5d88..eff86b50e 100644
--- a/src/iOS.Core/Controllers/LockPasswordViewController.cs
+++ b/src/iOS.Core/Controllers/LockPasswordViewController.cs
@@ -104,7 +104,7 @@ namespace Bit.iOS.Core.Controllers
             {
                 _pinStatus = await _vaultTimeoutService.GetPinLockTypeAsync();
 
-                var ephemeralPinSet = await _stateService.GetUserKeyPinEphemeralAsync()
+                var ephemeralPinSet = await _stateService.GetPinKeyEncryptedUserKeyEphemeralAsync()
                     ?? await _stateService.GetPinProtectedKeyAsync();
                 _pinEnabled = (_pinStatus == PinLockType.Transient && ephemeralPinSet != null) ||
                     _pinStatus == PinLockType.Persistent;
@@ -226,13 +226,13 @@ namespace Bit.iOS.Core.Controllers
                     EncString oldPinProtected = null;
                     if (_pinStatus == PinLockType.Persistent)
                     {
-                        userKeyPin = await _stateService.GetUserKeyPinAsync();
+                        userKeyPin = await _stateService.GetPinKeyEncryptedUserKeyAsync();
                         var oldEncryptedKey = await _stateService.GetPinProtectedAsync();
                         oldPinProtected = oldEncryptedKey != null ? new EncString(oldEncryptedKey) : null;
                     }
                     else if (_pinStatus == PinLockType.Transient)
                     {
-                        userKeyPin = await _stateService.GetUserKeyPinEphemeralAsync();
+                        userKeyPin = await _stateService.GetPinKeyEncryptedUserKeyEphemeralAsync();
                         oldPinProtected = await _stateService.GetPinProtectedKeyAsync();
                     }