Add getPinProtectedUserKey to VaultSdkSource (#632)

This commit is contained in:
Brian Yencho 2024-01-15 22:18:22 -06:00 committed by Álison Fernandes
parent c52ae0ed2a
commit fd8293ba55
3 changed files with 48 additions and 0 deletions

View file

@ -41,6 +41,20 @@ interface VaultSdkSource {
pin: String, pin: String,
): Result<DerivePinKeyResponse> ): Result<DerivePinKeyResponse>
/**
* Derives a pin-protected user key from the given [encryptedPin] for the given [userId]. This
* value must be derived from a previous call to [derivePinKey] with a plaintext PIN. This can
* be used to later unlock their vault via a call to [initializeCrypto] with
* [InitUserCryptoMethod.Pin].
*
* This should only be called after a successful call to [initializeCrypto] for the associated
* user.
*/
suspend fun derivePinProtectedUserKey(
userId: String,
encryptedPin: String,
): Result<String>
/** /**
* Gets the user's encryption key, which can be used to later unlock their vault via a call to * Gets the user's encryption key, which can be used to later unlock their vault via a call to
* [initializeCrypto] with [InitUserCryptoMethod.DecryptedKey]. * [initializeCrypto] with [InitUserCryptoMethod.DecryptedKey].

View file

@ -42,6 +42,16 @@ class VaultSdkSourceImpl(
.derivePinKey(pin = pin) .derivePinKey(pin = pin)
} }
override suspend fun derivePinProtectedUserKey(
userId: String,
encryptedPin: String,
): Result<String> =
runCatching {
getClient(userId = userId)
.crypto()
.derivePinUserKey(encryptedPin = encryptedPin)
}
override suspend fun getUserEncryptionKey( override suspend fun getUserEncryptionKey(
userId: String, userId: String,
): Result<String> = ): Result<String> =

View file

@ -83,6 +83,30 @@ class VaultSdkSourceTest {
verify { sdkClientManager.getOrCreateClient(userId = userId) } verify { sdkClientManager.getOrCreateClient(userId = userId) }
} }
@Suppress("MaxLineLength")
@Test
fun `derivePinProtectedUserKey should call SDK and return a Result with the correct data`() =
runBlocking {
val userId = "userId"
val encryptedPin = "encryptedPin"
val expectedResult = "pinProtectedUserKey"
coEvery {
clientCrypto.derivePinUserKey(encryptedPin = encryptedPin)
} returns expectedResult
val result = vaultSdkSource.derivePinProtectedUserKey(
userId = userId,
encryptedPin = encryptedPin,
)
assertEquals(
expectedResult.asSuccess(),
result,
)
coVerify {
clientCrypto.derivePinUserKey(encryptedPin = encryptedPin)
}
verify { sdkClientManager.getOrCreateClient(userId = userId) }
}
@Test @Test
fun `getUserEncryptionKey should call SDK and return a Result with correct data`() = fun `getUserEncryptionKey should call SDK and return a Result with correct data`() =
runBlocking { runBlocking {