1
0
mirror of https://github.com/bitwarden/browser synced 2024-12-28 02:43:04 +01:00

Vault should be locked if key is not in memory (#413)

Key is loaded on startup if auto key exists.
This commit is contained in:
Matt Gibson 2021-06-21 18:47:44 -04:00 committed by GitHub
parent f568c87289
commit 5e24a70a87
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 3 additions and 12 deletions

View File

@ -182,7 +182,6 @@ export class LockComponent implements OnInit {
private async doContinue() {
this.vaultTimeoutService.biometricLocked = false;
this.vaultTimeoutService.everBeenUnlocked = true;
this.vaultTimeoutService.manuallyOrTimerLocked = false;
const disableFavicon = await this.storageService.get<boolean>(ConstantsService.disableFaviconKey);
await this.stateService.save(ConstantsService.disableFaviconKey, !!disableFavicon);
this.messagingService.send('unlocked');

View File

@ -2,7 +2,6 @@ import { EncString } from '../models/domain/encString';
export abstract class VaultTimeoutService {
biometricLocked: boolean;
manuallyOrTimerLocked: boolean;
everBeenUnlocked: boolean;
pinProtectedKey: EncString;
isLocked: () => Promise<boolean>;

View File

@ -18,7 +18,6 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
pinProtectedKey: EncString = null;
biometricLocked: boolean = true;
everBeenUnlocked: boolean = false;
manuallyOrTimerLocked: boolean = false;
private inited = false;
@ -48,17 +47,12 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
// Keys aren't stored for a device that is locked or logged out.
async isLocked(): Promise<boolean> {
// Handle never lock startup situation
if (await this.cryptoService.hasKeyStored('auto') && !this.everBeenUnlocked) {
await this.cryptoService.getKey('auto');
}
const hasKey = await this.cryptoService.hasKey();
if (hasKey) {
if ((await this.isBiometricLockSet() && this.biometricLocked) || this.manuallyOrTimerLocked) {
return true;
}
}
return !hasKey;
return !this.cryptoService.hasKeyInMemory();
}
async checkVaultTimeout(): Promise<void> {
@ -108,7 +102,7 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
}
this.biometricLocked = true;
this.manuallyOrTimerLocked = true;
this.everBeenUnlocked = true;
await this.cryptoService.clearKey(false);
await this.cryptoService.clearOrgKeys(true);
await this.cryptoService.clearKeyPair(true);
@ -149,7 +143,6 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
clear(): Promise<any> {
this.everBeenUnlocked = false;
this.manuallyOrTimerLocked = false;
this.pinProtectedKey = null;
return this.storageService.remove(ConstantsService.protectedPin);
}