[PM-3543] [PM-3607] Fix password re-prompt when editing and on autofill. (#2713)

* [PM-3543] [PM-3507] Fix password re-prompt when editing and on autofill.
This commit is contained in:
André Bispo 2023-08-30 09:38:46 +01:00 committed by GitHub
parent 68759fc608
commit 4d0f9d1c03
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 32 additions and 4 deletions

View file

@ -159,7 +159,7 @@ namespace Bit.Droid
var cryptoFunctionService = new PclCryptoFunctionService(cryptoPrimitiveService); var cryptoFunctionService = new PclCryptoFunctionService(cryptoPrimitiveService);
var cryptoService = new CryptoService(stateService, cryptoFunctionService); var cryptoService = new CryptoService(stateService, cryptoFunctionService);
var biometricService = new BiometricService(stateService, cryptoService); var biometricService = new BiometricService(stateService, cryptoService);
var passwordRepromptService = new MobilePasswordRepromptService(platformUtilsService, cryptoService); var passwordRepromptService = new MobilePasswordRepromptService(platformUtilsService, cryptoService, stateService);
ServiceContainer.Register<ISynchronousStorageService>(preferencesStorage); ServiceContainer.Register<ISynchronousStorageService>(preferencesStorage);
ServiceContainer.Register<IBroadcasterService>("broadcasterService", broadcasterService); ServiceContainer.Register<IBroadcasterService>("broadcasterService", broadcasterService);

View file

@ -1,6 +1,7 @@
using System.Threading.Tasks; using System.Threading.Tasks;
using Bit.App.Abstractions; using Bit.App.Abstractions;
using Bit.App.Resources; using Bit.App.Resources;
using Bit.App.Utilities;
using Bit.Core.Abstractions; using Bit.Core.Abstractions;
using Bit.Core.Enums; using Bit.Core.Enums;
@ -10,11 +11,13 @@ namespace Bit.App.Services
{ {
private readonly IPlatformUtilsService _platformUtilsService; private readonly IPlatformUtilsService _platformUtilsService;
private readonly ICryptoService _cryptoService; private readonly ICryptoService _cryptoService;
private readonly IStateService _stateService;
public MobilePasswordRepromptService(IPlatformUtilsService platformUtilsService, ICryptoService cryptoService) public MobilePasswordRepromptService(IPlatformUtilsService platformUtilsService, ICryptoService cryptoService, IStateService stateService)
{ {
_platformUtilsService = platformUtilsService; _platformUtilsService = platformUtilsService;
_cryptoService = cryptoService; _cryptoService = cryptoService;
_stateService = stateService;
} }
public string[] ProtectedFields { get; } = { "LoginTotp", "LoginPassword", "H_FieldValue", "CardNumber", "CardCode" }; public string[] ProtectedFields { get; } = { "LoginTotp", "LoginPassword", "H_FieldValue", "CardNumber", "CardCode" };
@ -42,7 +45,22 @@ namespace Bit.App.Services
return false; return false;
}; };
return await _cryptoService.CompareAndUpdateKeyHashAsync(password, null); var masterKey = await _cryptoService.GetOrDeriveMasterKeyAsync(password);
var passwordValid = await _cryptoService.CompareAndUpdateKeyHashAsync(password, masterKey);
if (passwordValid)
{
await AppHelpers.ResetInvalidUnlockAttemptsAsync();
var userKey = await _cryptoService.DecryptUserKeyWithMasterKeyAsync(masterKey);
await _cryptoService.SetMasterKeyAsync(masterKey);
var hasKey = await _cryptoService.HasUserKeyAsync();
if (!hasKey)
{
await _cryptoService.SetUserKeyAsync(userKey);
}
}
return passwordValid;
} }
private async Task<bool> ShouldByPassMasterPasswordRepromptAsync() private async Task<bool> ShouldByPassMasterPasswordRepromptAsync()

View file

@ -60,5 +60,6 @@ namespace Bit.Core.Abstractions
Task<EncString> EncryptAsync(string plainValue, SymmetricCryptoKey key = null); Task<EncString> EncryptAsync(string plainValue, SymmetricCryptoKey key = null);
Task<EncByteArray> EncryptToBytesAsync(byte[] plainValue, SymmetricCryptoKey key = null); Task<EncByteArray> EncryptToBytesAsync(byte[] plainValue, SymmetricCryptoKey key = null);
Task<UserKey> DecryptAndMigrateOldPinKeyAsync(bool masterPasswordOnRestart, string pin, string email, KdfConfig kdfConfig, EncString oldPinKey); Task<UserKey> DecryptAndMigrateOldPinKeyAsync(bool masterPasswordOnRestart, string pin, string email, KdfConfig kdfConfig, EncString oldPinKey);
Task<MasterKey> GetOrDeriveMasterKeyAsync(string password, string userId = null);
} }
} }

View file

@ -700,6 +700,15 @@ namespace Bit.Core.Services
return new EncByteArray(encBytes); return new EncByteArray(encBytes);
} }
public async Task<MasterKey> GetOrDeriveMasterKeyAsync(string password, string userId = null)
{
var masterKey = await GetMasterKeyAsync(userId);
return masterKey ?? await this.MakeMasterKeyAsync(
password,
await _stateService.GetEmailAsync(userId),
await _stateService.GetActiveUserCustomDataAsync(a => new KdfConfig(a?.Profile)));
}
// --HELPER METHODS-- // --HELPER METHODS--
private async Task StoreAdditionalKeysAsync(UserKey userKey, string userId = null) private async Task StoreAdditionalKeysAsync(UserKey userKey, string userId = null)

View file

@ -115,7 +115,7 @@ namespace Bit.iOS.Core.Utilities
var cryptoFunctionService = new PclCryptoFunctionService(cryptoPrimitiveService); var cryptoFunctionService = new PclCryptoFunctionService(cryptoPrimitiveService);
var cryptoService = new CryptoService(stateService, cryptoFunctionService); var cryptoService = new CryptoService(stateService, cryptoFunctionService);
var biometricService = new BiometricService(stateService, cryptoService); var biometricService = new BiometricService(stateService, cryptoService);
var passwordRepromptService = new MobilePasswordRepromptService(platformUtilsService, cryptoService); var passwordRepromptService = new MobilePasswordRepromptService(platformUtilsService, cryptoService, stateService);
ServiceContainer.Register<ISynchronousStorageService>(preferencesStorage); ServiceContainer.Register<ISynchronousStorageService>(preferencesStorage);
ServiceContainer.Register<IBroadcasterService>("broadcasterService", broadcasterService); ServiceContainer.Register<IBroadcasterService>("broadcasterService", broadcasterService);