Merge branch 'km/signing-api-changes' of github.com:bitwarden/server into km/signing-api-changes

2025-06-20 02:48:03 -05:00 · 2025-06-12 16:02:33 +02:00 · 2025-06-12 16:02:33 +02:00 · 343452fb7f
commit 343452fb7f
parent 22888a5928 038b4edebe
9 changed files with 31 additions and 37 deletions
--- a/src/Api/KeyManagement/Controllers/UsersController.cs
+++ b/src/Api/KeyManagement/Controllers/UsersController.cs
@ -23,10 +23,9 @@ public class UsersController(
    }

    [HttpGet("{id}/keys")]
-    public async Task<PublicKeysResponseModel> GetAccountKeysAsync(string id)
+    public async Task<PublicKeysResponseModel> GetAccountKeysAsync([FromRoute]Guid id)
    {
-        var guidId = new Guid(id);
-        var user = await _userRepository.GetByIdAsync(guidId) ?? throw new NotFoundException();
+        var user = await _userRepository.GetByIdAsync(id) ?? throw new NotFoundException();
        var accountKeys = await _userAccountKeysQuery.Run(user) ?? throw new NotFoundException("User account keys not found.");
        return new PublicKeysResponseModel(accountKeys);
    }
--- a/src/Api/KeyManagement/Models/Response/PrivateKeysResponseModel.cs
+++ b/src/Api/KeyManagement/Models/Response/PrivateKeysResponseModel.cs
@ -7,7 +7,7 @@ namespace Bit.Api.KeyManagement.Models.Response;
 #nullable enable

 /// <summary>
-/// This response model is used to return the the asymmetric encryption keys,
+/// This response model is used to return the asymmetric encryption keys,
 /// and signature keys of an entity. This includes the private keys of the key pairs,
 /// (private key, signing key), and the public keys of the key pairs (unsigned public key,
 /// signed public key, verification key). 
--- a/src/Core/KeyManagement/Entities/UserSignatureKeyPair.cs
+++ b/src/Core/KeyManagement/Entities/UserSignatureKeyPair.cs
@ -1,5 +1,4 @@
-using System.ComponentModel.DataAnnotations;
-using Bit.Core.Entities;
+using Bit.Core.Entities;
 using Bit.Core.KeyManagement.Enums;
 using Bit.Core.KeyManagement.Models.Data;
 using Bit.Core.Utilities;
@ -14,9 +13,7 @@ public class UserSignatureKeyPair : ITableObject<Guid>, IRevisable
    public Guid UserId { get; set; }
    public SignatureAlgorithm SignatureAlgorithm { get; set; }

-    [MaxLength(500)]
    required public string VerifyingKey { get; set; }
-    [MaxLength(500)]
    required public string SigningKey { get; set; }

    public DateTime CreationDate { get; set; } = DateTime.UtcNow;
--- a/src/Infrastructure.EntityFramework/KeyManagement/Repositories/UserSignatureKeyPairRepository.cs
+++ b/src/Infrastructure.EntityFramework/KeyManagement/Repositories/UserSignatureKeyPairRepository.cs
@ -11,13 +11,13 @@ using Microsoft.Extensions.DependencyInjection;

 namespace Bit.Infrastructure.EntityFramework.KeyManagement.Repositories;

-public class UserSignatureKeyPairRepository(IServiceScopeFactory serviceScopeFactory, IMapper mapper) : Repository<Core.KeyManagement.Entities.UserSignatureKeyPair, Models.UserSignatureKeyPair, Guid>(serviceScopeFactory, mapper, context => context.UserSignatureKeyPair), IUserSignatureKeyPairRepository
+public class UserSignatureKeyPairRepository(IServiceScopeFactory serviceScopeFactory, IMapper mapper) : Repository<Core.KeyManagement.Entities.UserSignatureKeyPair, Models.UserSignatureKeyPair, Guid>(serviceScopeFactory, mapper, context => context.UserSignatureKeyPairs), IUserSignatureKeyPairRepository
 {
    public async Task<SignatureKeyPairData?> GetByUserIdAsync(Guid userId)
    {
        await using var scope = ServiceScopeFactory.CreateAsyncScope();
        var dbContext = GetDatabaseContext(scope);
-        var signingKeys = await dbContext.UserSignatureKeyPair.FindAsync(userId);
+        var signingKeys = await dbContext.UserSignatureKeyPairs.FindAsync(userId);
        if (signingKeys == null)
        {
            return null;
@ -42,7 +42,7 @@ public class UserSignatureKeyPairRepository(IServiceScopeFactory serviceScopeFac
                CreationDate = DateTime.UtcNow,
                RevisionDate = DateTime.UtcNow,
            };
-            await dbContext.UserSignatureKeyPair.AddAsync(entity);
+            await dbContext.UserSignatureKeyPairs.AddAsync(entity);
            await dbContext.SaveChangesAsync();
        };
    }
@ -53,7 +53,7 @@ public class UserSignatureKeyPairRepository(IServiceScopeFactory serviceScopeFac
        {
            await using var scope = ServiceScopeFactory.CreateAsyncScope();
            var dbContext = GetDatabaseContext(scope);
-            var entity = await dbContext.UserSignatureKeyPair.FirstOrDefaultAsync(x => x.UserId == grantorId);
+            var entity = await dbContext.UserSignatureKeyPairs.FirstOrDefaultAsync(x => x.UserId == grantorId);
            if (entity != null)
            {
                entity.SignatureAlgorithm = signingKeys.SignatureAlgorithm;
--- a/src/Infrastructure.EntityFramework/Repositories/DatabaseContext.cs
+++ b/src/Infrastructure.EntityFramework/Repositories/DatabaseContext.cs
@ -71,7 +71,7 @@ public class DatabaseContext : DbContext
    public DbSet<TaxRate> TaxRates { get; set; }
    public DbSet<Transaction> Transactions { get; set; }
    public DbSet<User> Users { get; set; }
-    public DbSet<UserSignatureKeyPair> UserSignatureKeyPair { get; set; }
+    public DbSet<UserSignatureKeyPair> UserSignatureKeyPairs { get; set; }
    public DbSet<AuthRequest> AuthRequests { get; set; }
    public DbSet<OrganizationDomain> OrganizationDomains { get; set; }
    public DbSet<WebAuthnCredential> WebAuthnCredentials { get; set; }
--- a/util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql
+++ b/util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql
@ -1,4 +1,7 @@
-CREATE TABLE [dbo].[UserSignatureKeyPair] (
+IF OBJECT_ID('[dbo].[UserSignatureKeyPair]') IS NULL
+BEGIN
+    CREATE TABLE [dbo].[UserSignatureKeyPair]
+    (
        [Id] UNIQUEIDENTIFIER NOT NULL,
        [UserId] UNIQUEIDENTIFIER NOT NULL,
        [SignatureKeyPairAlgorithm] TINYINT NOT NULL,
@ -8,7 +11,8 @@ CREATE TABLE [dbo].[UserSignatureKeyPair] (
        [RevisionDate] DATETIME2 (7) NOT NULL,
        CONSTRAINT [PK_UserSignatureKeyPair] PRIMARY KEY CLUSTERED ([Id] ASC),
        CONSTRAINT [FK_UserSignatureKeyPair_User] FOREIGN KEY ([UserId]) REFERENCES [dbo].[User] ([Id])
-);
+    );
+END
 GO

 IF NOT EXISTS(SELECT name
@ -29,7 +33,7 @@ FROM
    [dbo].[UserSignatureKeyPair]
 GO

-CREATE PROCEDURE [dbo].[UserSignatureKeyPair_ReadByUserId]
+CREATE OR ALTER PROCEDURE [dbo].[UserSignatureKeyPair_ReadByUserId]
    @UserId UNIQUEIDENTIFIER
 AS
 BEGIN
@ -39,7 +43,7 @@ BEGIN
 END
 GO

-CREATE PROCEDURE [dbo].[UserSignatureKeyPair_UpdateForRotation]
+CREATE OR ALTER PROCEDURE [dbo].[UserSignatureKeyPair_UpdateForRotation]
    @UserId UNIQUEIDENTIFIER,
    @SignatureKeyPairAlgorithm TINYINT,
    @SigningKey VARCHAR(MAX),
@ -56,7 +60,7 @@ BEGIN
 END
 GO

-CREATE PROCEDURE [dbo].[UserSignatureKeyPair_SetForRotation]
+CREATE OR ALTER PROCEDURE [dbo].[UserSignatureKeyPair_SetForRotation]
    @Id UNIQUEIDENTIFIER,
    @UserId UNIQUEIDENTIFIER,
    @SignatureKeyPairAlgorithm TINYINT,
--- a/util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs
+++ b/util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs
@ -1752,16 +1752,14 @@ namespace Bit.MySqlMigrations.Migrations

                    b.Property<string>("SigningKey")
                        .IsRequired()
-                        .HasMaxLength(500)
-                        .HasColumnType("varchar(500)");
+                        .HasColumnType("longtext");

                    b.Property<Guid>("UserId")
                        .HasColumnType("char(36)");

                    b.Property<string>("VerifyingKey")
                        .IsRequired()
-                        .HasMaxLength(500)
-                        .HasColumnType("varchar(500)");
+                        .HasColumnType("longtext");

                    b.HasKey("Id");

--- a/util/PostgresMigrations/Migrations/DatabaseContextModelSnapshot.cs
+++ b/util/PostgresMigrations/Migrations/DatabaseContextModelSnapshot.cs
@ -1758,16 +1758,14 @@ namespace Bit.PostgresMigrations.Migrations

                    b.Property<string>("SigningKey")
                        .IsRequired()
-                        .HasMaxLength(500)
-                        .HasColumnType("character varying(500)");
+                        .HasColumnType("text");

                    b.Property<Guid>("UserId")
                        .HasColumnType("uuid");

                    b.Property<string>("VerifyingKey")
                        .IsRequired()
-                        .HasMaxLength(500)
-                        .HasColumnType("character varying(500)");
+                        .HasColumnType("text");

                    b.HasKey("Id");

--- a/util/SqliteMigrations/Migrations/DatabaseContextModelSnapshot.cs
+++ b/util/SqliteMigrations/Migrations/DatabaseContextModelSnapshot.cs
@ -1741,7 +1741,6 @@ namespace Bit.SqliteMigrations.Migrations

                    b.Property<string>("SigningKey")
                        .IsRequired()
-                        .HasMaxLength(500)
                        .HasColumnType("TEXT");

                    b.Property<Guid>("UserId")
@ -1749,7 +1748,6 @@ namespace Bit.SqliteMigrations.Migrations

                    b.Property<string>("VerifyingKey")
                        .IsRequired()
-                        .HasMaxLength(500)
                        .HasColumnType("TEXT");

                    b.HasKey("Id");