From f35f3550a78aa16ee68864eb18d5727ac08b60c4 Mon Sep 17 00:00:00 2001
From: Matt Gibson <mgibson@bitwarden.com>
Date: Tue, 22 Jun 2021 16:11:29 -0400
Subject: [PATCH] Get either 'Bitwarden' and 'Bitwarden_biometric' keys.
 (#1904)

* Get either 'Bitwarden' and 'Bitwarden_biometric' keys.

* Fix let var typo

* Fix string handling error

* Retrieve biometric key from Desktop

* Null check key
---
 src/background/main.background.ts                 |  4 ++--
 src/safari/safari/SafariWebExtensionHandler.swift |  8 ++++++--
 src/services/browserCrypto.service.ts             | 14 ++++++++++++++
 3 files changed, 22 insertions(+), 4 deletions(-)
 create mode 100644 src/services/browserCrypto.service.ts

diff --git a/src/background/main.background.ts b/src/background/main.background.ts
index eba3dd985f..f5ee088098 100644
--- a/src/background/main.background.ts
+++ b/src/background/main.background.ts
@@ -10,7 +10,6 @@ import {
     CollectionService,
     ConstantsService,
     ContainerService,
-    CryptoService,
     EnvironmentService,
     FolderService,
     PasswordGenerationService,
@@ -82,6 +81,7 @@ import WindowsBackground from './windows.background';
 
 import { PopupUtilsService } from '../popup/services/popup-utils.service';
 import AutofillService from '../services/autofill.service';
+import { BrowserCryptoService } from '../services/browserCrypto.service';
 import BrowserMessagingService from '../services/browserMessaging.service';
 import BrowserPlatformUtilsService from '../services/browserPlatformUtils.service';
 import BrowserStorageService from '../services/browserStorage.service';
@@ -173,7 +173,7 @@ export default class MainBackground {
         this.i18nService = new I18nService(BrowserApi.getUILanguage(window));
         this.cryptoFunctionService = new WebCryptoFunctionService(window, this.platformUtilsService);
         this.consoleLogService = new ConsoleLogService(false);
-        this.cryptoService = new CryptoService(this.storageService, this.secureStorageService,
+        this.cryptoService = new BrowserCryptoService(this.storageService, this.secureStorageService,
             this.cryptoFunctionService, this.platformUtilsService, this.consoleLogService);
         this.tokenService = new TokenService(this.storageService);
         this.appIdService = new AppIdService(this.storageService);
diff --git a/src/safari/safari/SafariWebExtensionHandler.swift b/src/safari/safari/SafariWebExtensionHandler.swift
index f7be96252f..153cb85dfe 100644
--- a/src/safari/safari/SafariWebExtensionHandler.swift
+++ b/src/safari/safari/SafariWebExtensionHandler.swift
@@ -4,6 +4,7 @@ import LocalAuthentication
 
 let SFExtensionMessageKey = "message"
 let ServiceName = "Bitwarden"
+let ServiceNameBiometric = ServiceName + "_biometric"
 
 class SafariWebExtensionHandler: NSObject, NSExtensionRequestHandling {
 
@@ -118,8 +119,11 @@ class SafariWebExtensionHandler: NSObject, NSExtensionRequestHandling {
                     var passwordLength: UInt32 = 0
                     var passwordPtr: UnsafeMutableRawPointer? = nil
                     
-                    let status = SecKeychainFindGenericPassword(nil, UInt32(ServiceName.utf8.count), ServiceName, UInt32(passwordName.utf8.count), passwordName, &passwordLength, &passwordPtr, nil)
-                    
+                    var status = SecKeychainFindGenericPassword(nil, UInt32(ServiceNameBiometric.utf8.count), ServiceNameBiometric, UInt32(passwordName.utf8.count), passwordName, &passwordLength, &passwordPtr, nil)
+                    if status != errSecSuccess {
+                        status = SecKeychainFindGenericPassword(nil, UInt32(ServiceName.utf8.count), ServiceName, UInt32(passwordName.utf8.count), passwordName, &passwordLength, &passwordPtr, nil)
+                    }
+    
                     if status == errSecSuccess {
                         let result = NSString(bytes: passwordPtr!, length: Int(passwordLength), encoding: String.Encoding.utf8.rawValue) as String?
                                     SecKeychainItemFreeContent(nil, passwordPtr)
diff --git a/src/services/browserCrypto.service.ts b/src/services/browserCrypto.service.ts
new file mode 100644
index 0000000000..995847d941
--- /dev/null
+++ b/src/services/browserCrypto.service.ts
@@ -0,0 +1,14 @@
+import { KeySuffixOptions } from 'jslib-common/abstractions/storage.service';
+import { CryptoService } from 'jslib-common/services/crypto.service';
+
+export class BrowserCryptoService extends CryptoService {
+    protected async retrieveKeyFromStorage(keySuffix: KeySuffixOptions) {
+        if (keySuffix === 'biometric') {
+            await this.platformUtilService.authenticateBiometric();
+            return (await this.getKey())?.keyB64;
+        }
+
+        return await super.retrieveKeyFromStorage(keySuffix);
+    }
+
+}