Skip to content

Commit 92ecdbe

Browse files
mzieniukbwmzieniukbw
committed
adds decrypt_user_key_with_master_key into PureCrypto
1 parent e30f1ea commit 92ecdbe

File tree

1 file changed

+36
-2
lines changed

1 file changed

+36
-2
lines changed

crates/bitwarden-wasm-internal/src/pure_crypto.rs

Lines changed: 36 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -323,13 +323,26 @@ impl PureCrypto {
323323
#[allow(deprecated)]
324324
dangerous_derive_kdf_material(password, salt, &kdf)
325325
}
326+
327+
pub fn decrypt_user_key_with_master_key(
328+
encrypted_user_key: String,
329+
master_key: Vec<u8>,
330+
) -> Result<Vec<u8>, CryptoError> {
331+
let master_key = &BitwardenLegacyKeyBytes::from(master_key);
332+
let master_key = &SymmetricCryptoKey::try_from(master_key)?;
333+
let master_key = MasterKey::try_from(master_key).map_err(|_| CryptoError::InvalidKey)?;
334+
let encrypted_user_key = EncString::from_str(&encrypted_user_key)?;
335+
let result = master_key
336+
.decrypt_user_key(encrypted_user_key)
337+
.map_err(|_| CryptoError::InvalidKey)?;
338+
Ok(result.to_encoded().to_vec())
339+
}
326340
}
327341

328342
#[cfg(test)]
329343
mod tests {
330-
use std::{num::NonZero, str::FromStr};
331-
332344
use bitwarden_crypto::EncString;
345+
use std::{num::NonZero, str::FromStr};
333346

334347
use super::*;
335348

@@ -665,4 +678,25 @@ DnqOsltgPomWZ7xVfMkm9niL2OA=
665678
let derived_key = PureCrypto::derive_kdf_material(password, email, kdf).unwrap();
666679
assert_eq!(derived_key, DERIVED_KDF_MATERIAL_ARGON2ID);
667680
}
681+
682+
#[test]
683+
fn test_decrypt_user_key_with_master_key() {
684+
let password = "test_password";
685+
let email = "test_email@example.com";
686+
let kdf = &Kdf::Argon2id {
687+
iterations: NonZero::try_from(3).unwrap(),
688+
memory: NonZero::try_from(64).unwrap(),
689+
parallelism: NonZero::try_from(4).unwrap(),
690+
};
691+
let master_key = MasterKey::derive(password, email, kdf).unwrap();
692+
let (user_key, encrypted_user_key) = master_key.make_user_key().unwrap();
693+
let master_key_bytes = master_key.to_base64().into_bytes();
694+
695+
let decrypted_user_key = PureCrypto::decrypt_user_key_with_master_key(
696+
encrypted_user_key.to_string(),
697+
master_key_bytes,
698+
)
699+
.unwrap();
700+
assert_eq!(user_key.0.to_encoded().to_vec(), decrypted_user_key);
701+
}
668702
}

0 commit comments

Comments
 (0)