Merge pull request #8868 from BitGo/WCN-412

feat: add v2 encrypt/decrypt for passkey

Author: bdesoky

modules/passkey-crypto/src/attachPasskeyToWallet.ts

@@ -44,7 +44,7 @@ export async function attachPasskeyToWallet(params: {
   const prfSalt = deriveEnterpriseSalt(device.prfSalt, enterpriseId);
 
   // Decrypt private key with existing passphrase
-  const privateKey = bitgo.decrypt({ password: existingPassphrase, input: keychain.encryptedPrv });
+  const privateKey = await bitgo.decryptAsync({ password: existingPassphrase, input: keychain.encryptedPrv });
 
   // Decode credentialId from base64url to ArrayBuffer for allowCredentials.
   // The WebAuthn spec requires allowCredentials to be non-empty when using evalByCredential,
@@ -66,7 +66,7 @@ export async function attachPasskeyToWallet(params: {
   }
 
   const prfPassword = derivePassword(authResult.prfResult);
-  const encryptedPrv = bitgo.encrypt({ password: prfPassword, input: privateKey });
+  const encryptedPrv = await bitgo.encryptAsync({ password: prfPassword, input: privateKey, encryptionVersion: 2 });
 
   const updatedKeychain = await bitgo
     .put(bitgo.url(`/${coin}/key/${keychainId}`, 2))

modules/passkey-crypto/src/removePasskeyFromWallet.ts

@@ -1,4 +1,4 @@
-import { BitGoBase, decryptKeychainPrivateKey } from '@bitgo/sdk-core';
+import { BitGoBase, decryptKeychainPrivateKeyAsync } from '@bitgo/sdk-core';
 import { WebAuthnOtpDevice } from './webAuthnTypes';
 
 export async function removePasskeyFromWallet(params: {
@@ -20,7 +20,7 @@ export async function removePasskeyFromWallet(params: {
   const keychain = await baseCoin.keychains().get({ id: keychainId });
 
   // Verify passphrase before any mutation
-  const decrypted = decryptKeychainPrivateKey(bitgo, keychain, walletPassphrase);
+  const decrypted = await decryptKeychainPrivateKeyAsync(bitgo, keychain, walletPassphrase);
   if (!decrypted) {
     throw new Error('Incorrect wallet passphrase. Passkey removal aborted to prevent lockout.');
   }

modules/passkey-crypto/test/unit/attachPasskeyToWallet.test.ts

@@ -1,6 +1,7 @@
 import * as assert from 'assert';
 import * as sinon from 'sinon';
 import { attachPasskeyToWallet } from '../../src/attachPasskeyToWallet';
+import { derivePassword } from '../../src/derivePassword';
 import { WebAuthnOtpDevice, PasskeyAuthResult, WebAuthnProvider } from '../../src/webAuthnTypes';
 
 describe('attachPasskeyToWallet', function () {
@@ -53,8 +54,8 @@ describe('attachPasskeyToWallet', function () {
     url: sinon.SinonStub;
     coin: sinon.SinonStub;
     put: sinon.SinonStub;
-    decrypt: sinon.SinonStub;
-    encrypt: sinon.SinonStub;
+    decryptAsync: sinon.SinonStub;
+    encryptAsync: sinon.SinonStub;
   };
 
   let mockProvider: {
@@ -83,17 +84,17 @@ describe('attachPasskeyToWallet', function () {
         .callsFake((path, version) => `/api/v${version ?? 1}${path}`),
       coin: sinon.stub().returns(mockBaseCoin),
       put: sinon.stub(),
-      decrypt: sinon.stub(),
-      encrypt: sinon.stub(),
+      decryptAsync: sinon.stub(),
+      encryptAsync: sinon.stub(),
     };
 
     mockProvider = {
       create: sinon.stub(),
       get: sinon.stub(),
     };
 
-    mockBitGo.decrypt.returns(decryptedPrv);
-    mockBitGo.encrypt.returns(reEncryptedPrv);
+    mockBitGo.decryptAsync.resolves(decryptedPrv);
+    mockBitGo.encryptAsync.resolves(reEncryptedPrv);
 
     const putSendStub = sinon.stub().returns({ result: sinon.stub().resolves(updatedKeychain) });
     mockBitGo.put.returns({ send: putSendStub });
@@ -124,8 +125,8 @@ describe('attachPasskeyToWallet', function () {
     sinon.assert.calledWith(mockWallets.get, { id: walletId });
     sinon.assert.calledOnce(mockWallet.type);
     sinon.assert.calledOnce(mockWallet.getEncryptedUserKeychain);
-    sinon.assert.calledOnce(mockBitGo.decrypt);
-    sinon.assert.calledWithExactly(mockBitGo.decrypt, { password: existingPassphrase, input: encryptedPrv });
+    sinon.assert.calledOnce(mockBitGo.decryptAsync);
+    sinon.assert.calledWithExactly(mockBitGo.decryptAsync, { password: existingPassphrase, input: encryptedPrv });
 
     // provider.get called with evalByCredential keyed on device.credentialId
     sinon.assert.calledOnce(mockProvider.get);
@@ -151,9 +152,30 @@ describe('attachPasskeyToWallet', function () {
     assert.match(putBody.webauthnInfo.prfSalt, /^[A-Za-z0-9\-_]+$/);
     assert.strictEqual(typeof putBody.webauthnInfo.encryptedPrv, 'string');
 
+    // encryptAsync must be called with encryptionVersion 2
+    sinon.assert.calledOnce(mockBitGo.encryptAsync);
+    sinon.assert.calledWithMatch(mockBitGo.encryptAsync, { encryptionVersion: 2 });
+
     assert.strictEqual(result.id, keychainId);
   });
 
+  it('should re-encrypt the private key as a v2 Argon2id envelope', async function () {
+    const expectedPrfPassword = derivePassword(prfResultBuffer);
+
+    await callAttach();
+
+    // The PRF-derived password and the decrypted xprv must be passed to encryptAsync
+    sinon.assert.calledWithMatch(mockBitGo.encryptAsync, {
+      password: expectedPrfPassword,
+      input: decryptedPrv,
+      encryptionVersion: 2,
+    });
+
+    // The v2 blob returned by encryptAsync is what gets stored on the server
+    const putBody = mockBitGo.put.firstCall.returnValue.send.firstCall.args[0];
+    assert.strictEqual(putBody.webauthnInfo.encryptedPrv, reEncryptedPrv);
+  });
+
   it('should decode credentialId containing base64url-specific characters (- and _)', async function () {
     const deviceWithUrlChars: WebAuthnOtpDevice = {
       ...device,
@@ -223,7 +245,7 @@ describe('attachPasskeyToWallet', function () {
   });
 
   it('should propagate decrypt errors', async function () {
-    mockBitGo.decrypt.throws(new Error('decryption failed'));
+    mockBitGo.decryptAsync.rejects(new Error('decryption failed'));
 
     await assert.rejects(
       () => callAttach(),

modules/passkey-crypto/test/unit/removePasskeyFromWallet.test.ts

@@ -39,7 +39,7 @@ describe('removePasskeyFromWallet', function () {
         wallets: sinon.stub().returns(mockWallets),
         keychains: sinon.stub().returns(mockKeychains),
       }),
-      decrypt: sinon.stub().returns('xprv-decrypted'),
+      decryptAsync: sinon.stub().resolves('xprv-decrypted'),
       del: sinon.stub().returns({
         result: sinon.stub().resolves({}),
       }),
@@ -75,7 +75,7 @@ describe('removePasskeyFromWallet', function () {
   });
 
   it('should throw and not call DELETE if passphrase is wrong', async function () {
-    mockBitGo.decrypt = sinon.stub().throws(new Error('decryption failed'));
+    mockBitGo.decryptAsync = sinon.stub().resolves(undefined);
 
     await assert.rejects(
       () =>