nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-20 02:48:03 -05:00
Code

Merge branch 'km/signing-upgrade-rotation' of github.com:bitwarden/server into km/signing-upgrade-rotation

Browse Source
This commit is contained in:
Bernd Schoolmann 2025-06-09 10:51:01 +02:00
commit 08f39cb3b2
No known key found for this signature in database
7 changed files with 28 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/Core/KeyManagement/Entities/UserSignatureKeyPair.cs
View File

@ -1,5 +1,4 @@
using System.ComponentModel.DataAnnotations;
using Bit.Core.Entities;
using Bit.Core.Entities;
using Bit.Core.KeyManagement.Enums;
using Bit.Core.KeyManagement.Models.Data;
using Bit.Core.Utilities;
@ -14,9 +13,7 @@ public class UserSignatureKeyPair : ITableObject<Guid>, IRevisable
public Guid UserId { get; set; }
public SignatureAlgorithm SignatureAlgorithm { get; set; }
[MaxLength(500)]
required public string VerifyingKey { get; set; }
[MaxLength(500)]
required public string SigningKey { get; set; }
public DateTime CreationDate { get; set; } = DateTime.UtcNow;

8
src/Infrastructure.EntityFramework/KeyManagement/Repositories/UserSignatureKeyPairRepository.cs
View File

@ -11,13 +11,13 @@ using Microsoft.Extensions.DependencyInjection;
namespace Bit.Infrastructure.EntityFramework.KeyManagement.Repositories;
public class UserSignatureKeyPairRepository(IServiceScopeFactory serviceScopeFactory, IMapper mapper) : Repository<Core.KeyManagement.Entities.UserSignatureKeyPair, Models.UserSignatureKeyPair, Guid>(serviceScopeFactory, mapper, context => context.UserSignatureKeyPair), IUserSignatureKeyPairRepository
public class UserSignatureKeyPairRepository(IServiceScopeFactory serviceScopeFactory, IMapper mapper) : Repository<Core.KeyManagement.Entities.UserSignatureKeyPair, Models.UserSignatureKeyPair, Guid>(serviceScopeFactory, mapper, context => context.UserSignatureKeyPairs), IUserSignatureKeyPairRepository
{
public async Task<SignatureKeyPairData?> GetByUserIdAsync(Guid userId)
{
await using var scope = ServiceScopeFactory.CreateAsyncScope();
var dbContext = GetDatabaseContext(scope);
var signingKeys = await dbContext.UserSignatureKeyPair.FindAsync(userId);
var signingKeys = await dbContext.UserSignatureKeyPairs.FindAsync(userId);
if (signingKeys == null)
{
return null;
@ -42,7 +42,7 @@ public class UserSignatureKeyPairRepository(IServiceScopeFactory serviceScopeFac
CreationDate = DateTime.UtcNow,
RevisionDate = DateTime.UtcNow,
};
await dbContext.UserSignatureKeyPair.AddAsync(entity);
await dbContext.UserSignatureKeyPairs.AddAsync(entity);
await dbContext.SaveChangesAsync();
};
}
@ -53,7 +53,7 @@ public class UserSignatureKeyPairRepository(IServiceScopeFactory serviceScopeFac
{
await using var scope = ServiceScopeFactory.CreateAsyncScope();
var dbContext = GetDatabaseContext(scope);
var entity = await dbContext.UserSignatureKeyPair.FirstOrDefaultAsync(x => x.UserId == grantorId);
var entity = await dbContext.UserSignatureKeyPairs.FirstOrDefaultAsync(x => x.UserId == grantorId);
if (entity != null)
{
entity.SignatureAlgorithm = signingKeys.SignatureAlgorithm;

2
src/Infrastructure.EntityFramework/Repositories/DatabaseContext.cs
View File

@ -71,7 +71,7 @@ public class DatabaseContext : DbContext
public DbSet<TaxRate> TaxRates { get; set; }
public DbSet<Transaction> Transactions { get; set; }
public DbSet<User> Users { get; set; }
public DbSet<UserSignatureKeyPair> UserSignatureKeyPair { get; set; }
public DbSet<UserSignatureKeyPair> UserSignatureKeyPairs { get; set; }
public DbSet<AuthRequest> AuthRequests { get; set; }
public DbSet<OrganizationDomain> OrganizationDomains { get; set; }
public DbSet<WebAuthnCredential> WebAuthnCredentials { get; set; }

32
util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql
View File

@ -1,14 +1,18 @@
CREATE TABLE [dbo].[UserSignatureKeyPair] (
[Id] UNIQUEIDENTIFIER NOT NULL,
[UserId] UNIQUEIDENTIFIER NOT NULL,
[SignatureKeyPairAlgorithm] TINYINT NOT NULL,
[SigningKey] VARCHAR(MAX) NOT NULL,
[VerifyingKey] VARCHAR(MAX) NOT NULL,
[CreationDate] DATETIME2 (7) NOT NULL,
[RevisionDate] DATETIME2 (7) NOT NULL,
CONSTRAINT [PK_UserSignatureKeyPair] PRIMARY KEY CLUSTERED ([Id] ASC),
CONSTRAINT [FK_UserSignatureKeyPair_User] FOREIGN KEY ([UserId]) REFERENCES [dbo].[User] ([Id])
);
IF OBJECT_ID('[dbo].[UserSignatureKeyPair]') IS NULL
BEGIN
CREATE TABLE [dbo].[UserSignatureKeyPair]
(
[Id] UNIQUEIDENTIFIER NOT NULL,
[UserId] UNIQUEIDENTIFIER NOT NULL,
[SignatureKeyPairAlgorithm] TINYINT NOT NULL,
[SigningKey] VARCHAR(MAX) NOT NULL,
[VerifyingKey] VARCHAR(MAX) NOT NULL,
[CreationDate] DATETIME2 (7) NOT NULL,
[RevisionDate] DATETIME2 (7) NOT NULL,
CONSTRAINT [PK_UserSignatureKeyPair] PRIMARY KEY CLUSTERED ([Id] ASC),
CONSTRAINT [FK_UserSignatureKeyPair_User] FOREIGN KEY ([UserId]) REFERENCES [dbo].[User] ([Id])
);
END
GO
IF NOT EXISTS(SELECT name
@ -29,7 +33,7 @@ FROM
[dbo].[UserSignatureKeyPair]
GO
CREATE PROCEDURE [dbo].[UserSignatureKeyPair_ReadByUserId]
CREATE OR ALTER PROCEDURE [dbo].[UserSignatureKeyPair_ReadByUserId]
@UserId UNIQUEIDENTIFIER
AS
BEGIN
@ -39,7 +43,7 @@ BEGIN
END
GO
CREATE PROCEDURE [dbo].[UserSignatureKeyPair_UpdateForRotation]
CREATE OR ALTER PROCEDURE [dbo].[UserSignatureKeyPair_UpdateForRotation]
@UserId UNIQUEIDENTIFIER,
@SignatureKeyPairAlgorithm TINYINT,
@SigningKey VARCHAR(MAX),
@ -56,7 +60,7 @@ BEGIN
END
GO
CREATE PROCEDURE [dbo].[UserSignatureKeyPair_SetForRotation]
CREATE OR ALTER PROCEDURE [dbo].[UserSignatureKeyPair_SetForRotation]
@Id UNIQUEIDENTIFIER,
@UserId UNIQUEIDENTIFIER,
@SignatureKeyPairAlgorithm TINYINT,

6
util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs
View File

@ -1752,16 +1752,14 @@ namespace Bit.MySqlMigrations.Migrations
b.Property<string>("SigningKey")
.IsRequired()
.HasMaxLength(500)
.HasColumnType("varchar(500)");
.HasColumnType("longtext");
b.Property<Guid>("UserId")
.HasColumnType("char(36)");
b.Property<string>("VerifyingKey")
.IsRequired()
.HasMaxLength(500)
.HasColumnType("varchar(500)");
.HasColumnType("longtext");
b.HasKey("Id");

6
util/PostgresMigrations/Migrations/DatabaseContextModelSnapshot.cs
View File

@ -1758,16 +1758,14 @@ namespace Bit.PostgresMigrations.Migrations
b.Property<string>("SigningKey")
.IsRequired()
.HasMaxLength(500)
.HasColumnType("character varying(500)");
.HasColumnType("text");
b.Property<Guid>("UserId")
.HasColumnType("uuid");
b.Property<string>("VerifyingKey")
.IsRequired()
.HasMaxLength(500)
.HasColumnType("character varying(500)");
.HasColumnType("text");
b.HasKey("Id");

2
util/SqliteMigrations/Migrations/DatabaseContextModelSnapshot.cs
View File

@ -1741,7 +1741,6 @@ namespace Bit.SqliteMigrations.Migrations
b.Property<string>("SigningKey")
.IsRequired()
.HasMaxLength(500)
.HasColumnType("TEXT");
b.Property<Guid>("UserId")
@ -1749,7 +1748,6 @@ namespace Bit.SqliteMigrations.Migrations
b.Property<string>("VerifyingKey")
.IsRequired()
.HasMaxLength(500)
.HasColumnType("TEXT");
b.HasKey("Id");