Merge branch 'km/signing-upgrade-rotation' of github.com:bitwarden/server into km/signing-upgrade-rotation

2025-06-20 10:58:07 -05:00 · 2025-06-09 10:51:01 +02:00 · 2025-06-09 10:51:01 +02:00 · 08f39cb3b2
commit 08f39cb3b2
parent 7273f15423 c694b7c0fc
7 changed files with 28 additions and 33 deletions
--- a/src/Core/KeyManagement/Entities/UserSignatureKeyPair.cs
+++ b/src/Core/KeyManagement/Entities/UserSignatureKeyPair.cs
@ -1,5 +1,4 @@
-using System.ComponentModel.DataAnnotations;
+using Bit.Core.Entities;
 using Bit.Core.Entities;
 using Bit.Core.KeyManagement.Enums;
 using Bit.Core.KeyManagement.Models.Data;
 using Bit.Core.Utilities;
@ -14,9 +13,7 @@ public class UserSignatureKeyPair : ITableObject<Guid>, IRevisable
    public Guid UserId { get; set; }
    public SignatureAlgorithm SignatureAlgorithm { get; set; }
    [MaxLength(500)]
    required public string VerifyingKey { get; set; }
    [MaxLength(500)]
    required public string SigningKey { get; set; }
    public DateTime CreationDate { get; set; } = DateTime.UtcNow;
--- a/src/Infrastructure.EntityFramework/KeyManagement/Repositories/UserSignatureKeyPairRepository.cs
+++ b/src/Infrastructure.EntityFramework/KeyManagement/Repositories/UserSignatureKeyPairRepository.cs
@ -11,13 +11,13 @@ using Microsoft.Extensions.DependencyInjection;
 namespace Bit.Infrastructure.EntityFramework.KeyManagement.Repositories;
-public class UserSignatureKeyPairRepository(IServiceScopeFactory serviceScopeFactory, IMapper mapper) : Repository<Core.KeyManagement.Entities.UserSignatureKeyPair, Models.UserSignatureKeyPair, Guid>(serviceScopeFactory, mapper, context => context.UserSignatureKeyPair), IUserSignatureKeyPairRepository
+public class UserSignatureKeyPairRepository(IServiceScopeFactory serviceScopeFactory, IMapper mapper) : Repository<Core.KeyManagement.Entities.UserSignatureKeyPair, Models.UserSignatureKeyPair, Guid>(serviceScopeFactory, mapper, context => context.UserSignatureKeyPairs), IUserSignatureKeyPairRepository
 {
    public async Task<SignatureKeyPairData?> GetByUserIdAsync(Guid userId)
    {
        await using var scope = ServiceScopeFactory.CreateAsyncScope();
        var dbContext = GetDatabaseContext(scope);
-        var signingKeys = await dbContext.UserSignatureKeyPair.FindAsync(userId);
+        var signingKeys = await dbContext.UserSignatureKeyPairs.FindAsync(userId);
        if (signingKeys == null)
        {
            return null;
@ -42,7 +42,7 @@ public class UserSignatureKeyPairRepository(IServiceScopeFactory serviceScopeFac
                CreationDate = DateTime.UtcNow,
                RevisionDate = DateTime.UtcNow,
            };
-            await dbContext.UserSignatureKeyPair.AddAsync(entity);
+            await dbContext.UserSignatureKeyPairs.AddAsync(entity);
            await dbContext.SaveChangesAsync();
        };
    }
@ -53,7 +53,7 @@ public class UserSignatureKeyPairRepository(IServiceScopeFactory serviceScopeFac
        {
            await using var scope = ServiceScopeFactory.CreateAsyncScope();
            var dbContext = GetDatabaseContext(scope);
-            var entity = await dbContext.UserSignatureKeyPair.FirstOrDefaultAsync(x => x.UserId == grantorId);
+            var entity = await dbContext.UserSignatureKeyPairs.FirstOrDefaultAsync(x => x.UserId == grantorId);
            if (entity != null)
            {
                entity.SignatureAlgorithm = signingKeys.SignatureAlgorithm;
--- a/src/Infrastructure.EntityFramework/Repositories/DatabaseContext.cs
+++ b/src/Infrastructure.EntityFramework/Repositories/DatabaseContext.cs
@ -71,7 +71,7 @@ public class DatabaseContext : DbContext
    public DbSet<TaxRate> TaxRates { get; set; }
    public DbSet<Transaction> Transactions { get; set; }
    public DbSet<User> Users { get; set; }
-    public DbSet<UserSignatureKeyPair> UserSignatureKeyPair { get; set; }
+    public DbSet<UserSignatureKeyPair> UserSignatureKeyPairs { get; set; }
    public DbSet<AuthRequest> AuthRequests { get; set; }
    public DbSet<OrganizationDomain> OrganizationDomains { get; set; }
    public DbSet<WebAuthnCredential> WebAuthnCredentials { get; set; }
--- a/util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql
+++ b/util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql
@ -1,4 +1,7 @@
-CREATE TABLE [dbo].[UserSignatureKeyPair] (
+IF OBJECT_ID('[dbo].[UserSignatureKeyPair]') IS NULL
 BEGIN
    CREATE TABLE [dbo].[UserSignatureKeyPair]
    (
        [Id] UNIQUEIDENTIFIER NOT NULL,
        [UserId] UNIQUEIDENTIFIER NOT NULL,
        [SignatureKeyPairAlgorithm] TINYINT NOT NULL,
@ -9,6 +12,7 @@ CREATE TABLE [dbo].[UserSignatureKeyPair] (
        CONSTRAINT [PK_UserSignatureKeyPair] PRIMARY KEY CLUSTERED ([Id] ASC),
        CONSTRAINT [FK_UserSignatureKeyPair_User] FOREIGN KEY ([UserId]) REFERENCES [dbo].[User] ([Id])
    );
 END
 GO
 IF NOT EXISTS(SELECT name
@ -29,7 +33,7 @@ FROM
    [dbo].[UserSignatureKeyPair]
 GO
-CREATE PROCEDURE [dbo].[UserSignatureKeyPair_ReadByUserId]
+CREATE OR ALTER PROCEDURE [dbo].[UserSignatureKeyPair_ReadByUserId]
    @UserId UNIQUEIDENTIFIER
 AS
 BEGIN
@ -39,7 +43,7 @@ BEGIN
 END
 GO
-CREATE PROCEDURE [dbo].[UserSignatureKeyPair_UpdateForRotation]
+CREATE OR ALTER PROCEDURE [dbo].[UserSignatureKeyPair_UpdateForRotation]
    @UserId UNIQUEIDENTIFIER,
    @SignatureKeyPairAlgorithm TINYINT,
    @SigningKey VARCHAR(MAX),
@ -56,7 +60,7 @@ BEGIN
 END
 GO
-CREATE PROCEDURE [dbo].[UserSignatureKeyPair_SetForRotation]
+CREATE OR ALTER PROCEDURE [dbo].[UserSignatureKeyPair_SetForRotation]
    @Id UNIQUEIDENTIFIER,
    @UserId UNIQUEIDENTIFIER,
    @SignatureKeyPairAlgorithm TINYINT,
--- a/util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs
+++ b/util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs
@ -1752,16 +1752,14 @@ namespace Bit.MySqlMigrations.Migrations
                    b.Property<string>("SigningKey")
                        .IsRequired()
-                        .HasMaxLength(500)
+                        .HasColumnType("longtext");
                        .HasColumnType("varchar(500)");
                    b.Property<Guid>("UserId")
                        .HasColumnType("char(36)");
                    b.Property<string>("VerifyingKey")
                        .IsRequired()
-                        .HasMaxLength(500)
+                        .HasColumnType("longtext");
                        .HasColumnType("varchar(500)");
                    b.HasKey("Id");
--- a/util/PostgresMigrations/Migrations/DatabaseContextModelSnapshot.cs
+++ b/util/PostgresMigrations/Migrations/DatabaseContextModelSnapshot.cs
@ -1758,16 +1758,14 @@ namespace Bit.PostgresMigrations.Migrations
                    b.Property<string>("SigningKey")
                        .IsRequired()
-                        .HasMaxLength(500)
+                        .HasColumnType("text");
                        .HasColumnType("character varying(500)");
                    b.Property<Guid>("UserId")
                        .HasColumnType("uuid");
                    b.Property<string>("VerifyingKey")
                        .IsRequired()
-                        .HasMaxLength(500)
+                        .HasColumnType("text");
                        .HasColumnType("character varying(500)");
                    b.HasKey("Id");
--- a/util/SqliteMigrations/Migrations/DatabaseContextModelSnapshot.cs
+++ b/util/SqliteMigrations/Migrations/DatabaseContextModelSnapshot.cs
@ -1741,7 +1741,6 @@ namespace Bit.SqliteMigrations.Migrations
                    b.Property<string>("SigningKey")
                        .IsRequired()
                        .HasMaxLength(500)
                        .HasColumnType("TEXT");
                    b.Property<Guid>("UserId")
@ -1749,7 +1748,6 @@ namespace Bit.SqliteMigrations.Migrations
                    b.Property<string>("VerifyingKey")
                        .IsRequired()
                        .HasMaxLength(500)
                        .HasColumnType("TEXT");
                    b.HasKey("Id");