Add getPinProtectedUserKey to VaultSdkSource (#632)

2026-06-07 14:57:41 -05:00 · 2024-01-15 22:18:22 -06:00
parent c52ae0ed2a
commit fd8293ba55
3 changed files with 48 additions and 0 deletions
--- a/app/src/main/java/com/x8bit/bitwarden/data/vault/datasource/sdk/VaultSdkSource.kt
+++ b/app/src/main/java/com/x8bit/bitwarden/data/vault/datasource/sdk/VaultSdkSource.kt
@@ -41,6 +41,20 @@ interface VaultSdkSource {
        pin: String,
    ): Result<DerivePinKeyResponse>

+    /**
+     * Derives a pin-protected user key from the given [encryptedPin] for the given [userId]. This
+     * value must be derived from a previous call to [derivePinKey] with a plaintext PIN. This can
+     * be used to later unlock their vault via a call to [initializeCrypto] with
+     * [InitUserCryptoMethod.Pin].
+     *
+     * This should only be called after a successful call to [initializeCrypto] for the associated
+     * user.
+     */
+    suspend fun derivePinProtectedUserKey(
+        userId: String,
+        encryptedPin: String,
+    ): Result<String>
+
    /**
     * Gets the user's encryption key, which can be used to later unlock their vault via a call to
     * [initializeCrypto] with [InitUserCryptoMethod.DecryptedKey].
--- a/app/src/main/java/com/x8bit/bitwarden/data/vault/datasource/sdk/VaultSdkSourceImpl.kt
+++ b/app/src/main/java/com/x8bit/bitwarden/data/vault/datasource/sdk/VaultSdkSourceImpl.kt
@@ -42,6 +42,16 @@ class VaultSdkSourceImpl(
                .derivePinKey(pin = pin)
        }

+    override suspend fun derivePinProtectedUserKey(
+        userId: String,
+        encryptedPin: String,
+    ): Result<String> =
+        runCatching {
+            getClient(userId = userId)
+                .crypto()
+                .derivePinUserKey(encryptedPin = encryptedPin)
+        }
+
    override suspend fun getUserEncryptionKey(
        userId: String,
    ): Result<String> =