Ps/pm-8003/handle-dekstop-invalidated-message-encryption (#9181)

* Do not initialize symmetric crypto keys with null * Require new message on invalid native message encryption Handling of this error is to require the user to retry, so the promise needs to resolve.
bitwarden · May 15, 2024 · 426bacf · 426bacf
1 parent b14bb92
commit 426bacf
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 2 deletions.
diff --git a/apps/browser/src/background/nativeMessaging.background.ts b/apps/browser/src/background/nativeMessaging.background.ts
@@ -167,6 +167,11 @@ export class NativeMessagingBackground {
               cancelButtonText: null,
               type: "danger",
             });
+
+            if (this.resolver) {
+              this.resolver(message);
+            }
+
             break;
           case "verifyFingerprint": {
             if (this.sharedSecret == null) {

diff --git a/apps/desktop/src/platform/services/electron-crypto.service.ts b/apps/desktop/src/platform/services/electron-crypto.service.ts
@@ -92,7 +92,9 @@ export class ElectronCryptoService extends CryptoService {
     if (keySuffix === KeySuffixOptions.Biometric) {
       await this.migrateBiometricKeyIfNeeded(userId);
       const userKey = await this.stateService.getUserKeyBiometric({ userId: userId });
-      return new SymmetricCryptoKey(Utils.fromB64ToArray(userKey)) as UserKey;
+      return userKey == null
+        ? null
+        : (new SymmetricCryptoKey(Utils.fromB64ToArray(userKey)) as UserKey);
     }
     return await super.getKeyFromStorage(keySuffix, userId);
   }
@@ -169,7 +171,9 @@ export class ElectronCryptoService extends CryptoService {
       // decrypt
       const masterKey = new SymmetricCryptoKey(Utils.fromB64ToArray(oldBiometricKey)) as MasterKey;
       userId ??= (await firstValueFrom(this.accountService.activeAccount$))?.id;
-      const encUserKeyPrim = await this.stateService.getEncryptedCryptoSymmetricKey();
+      const encUserKeyPrim = await this.stateService.getEncryptedCryptoSymmetricKey({
+        userId: userId,
+      });
       const encUserKey =
         encUserKeyPrim != null
           ? new EncString(encUserKeyPrim)
@@ -180,6 +184,7 @@ export class ElectronCryptoService extends CryptoService {
       const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(
         masterKey,
         encUserKey,
+        userId,
       );
       // migrate
       await this.storeBiometricKey(userKey, userId);