Added GetOrDeriveMasterKey to UserVerificationService (#2808)

This commit is contained in:
aj-rosado 2023-10-03 12:54:22 +01:00 committed by GitHub
parent 685e0f407a
commit f2be840a7d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 16 additions and 8 deletions

View file

@ -51,13 +51,7 @@ namespace Bit.App.Services
{
await AppHelpers.ResetInvalidUnlockAttemptsAsync();
var userKey = await _cryptoService.DecryptUserKeyWithMasterKeyAsync(masterKey);
await _cryptoService.SetMasterKeyAsync(masterKey);
var hasKey = await _cryptoService.HasUserKeyAsync();
if (!hasKey)
{
await _cryptoService.SetUserKeyAsync(userKey);
}
await _cryptoService.UpdateMasterKeyAndUserKeyAsync(masterKey);
}
return passwordValid;

View file

@ -62,5 +62,6 @@ namespace Bit.Core.Abstractions
Task<EncByteArray> EncryptToBytesAsync(byte[] plainValue, SymmetricCryptoKey key = null);
Task<UserKey> DecryptAndMigrateOldPinKeyAsync(bool masterPasswordOnRestart, string pin, string email, KdfConfig kdfConfig, EncString oldPinKey);
Task<MasterKey> GetOrDeriveMasterKeyAsync(string password, string userId = null);
Task UpdateMasterKeyAndUserKeyAsync(MasterKey masterKey);
}
}

View file

@ -719,6 +719,17 @@ namespace Bit.Core.Services
await _stateService.GetActiveUserCustomDataAsync(a => new KdfConfig(a?.Profile)));
}
public async Task UpdateMasterKeyAndUserKeyAsync(MasterKey masterKey)
{
var userKey = await DecryptUserKeyWithMasterKeyAsync(masterKey);
await SetMasterKeyAsync(masterKey);
var hasKey = await HasUserKeyAsync();
if (!hasKey)
{
await SetUserKeyAsync(userKey);
}
}
// --HELPER METHODS--
private async Task StoreAdditionalKeysAsync(UserKey userKey, string userId = null)

View file

@ -48,12 +48,14 @@ namespace Bit.Core.Services
}
else
{
var passwordValid = await _cryptoService.CompareAndUpdateKeyHashAsync(secret, null);
var masterKey = await _cryptoService.GetOrDeriveMasterKeyAsync(secret);
var passwordValid = await _cryptoService.CompareAndUpdateKeyHashAsync(secret, masterKey);
if (!passwordValid)
{
await InvalidSecretErrorAsync(verificationType);
return false;
}
await _cryptoService.UpdateMasterKeyAndUserKeyAsync(masterKey);
}
return true;