bitwarden-browser/src/services/nativeMessaging.service.ts

import { ipcRenderer } from 'electron';

import { CryptoService } from 'jslib/abstractions/crypto.service';
import { CryptoFunctionService } from 'jslib/abstractions/cryptoFunction.service';
import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
import { LogService } from 'jslib/abstractions/log.service';
import { Utils } from 'jslib/misc/utils';

const MessageValidTimeout = 10 * 1000;
const EncryptionAlgorithm = 'sha256';

export class NativeMessagingService {
    private publicKey: ArrayBuffer;
    private privateKey: ArrayBuffer;
    private remotePublicKey: ArrayBuffer;

    constructor(private cryptoFunctionService: CryptoFunctionService, private cryptoService: CryptoService,
        private platformUtilService: PlatformUtilsService, private logService: LogService) {
        ipcRenderer.on('nativeMessaging', async (event: any, message: any) => {
            this.messageHandler(message);
        });
    }

    private async messageHandler(rawMessage: any) {
        if (rawMessage.command == 'setupEncryption') {
            this.remotePublicKey = Utils.fromB64ToArray(rawMessage.publicKey).buffer;
            this.secureCommunication();
            return;
        }

        debugger;
        const message = JSON.parse(Utils.fromBufferToUtf8(await this.cryptoFunctionService.rsaDecrypt(rawMessage, this.privateKey, EncryptionAlgorithm)));
        console.log(message);
        if (Math.abs(message.timestamp - Date.now()) > MessageValidTimeout) {
            this.logService.error('NativeMessage is to old, ignoring.');
            return;
        }

        switch (message.command) {
            case 'biometricUnlock':
                if (! this.platformUtilService.supportsBiometric()) {
                    ipcRenderer.send('nativeMessagingSync', )
                    return this.send({command: 'biometricUnlock', response: 'not supported'})
                }

                const response = await this.platformUtilService.authenticateBiometric();
                if (response) {
                    this.send({command: 'biometricUnlock', response: 'unlocked'});
                } else {
                    this.send({command: 'biometricUnlock', response: 'canceled'});
                }

                break;
            default:
                this.logService.error('NativeMessage, got unknown command.');
        }
    }

    private async send(message: any) {
        message.timestamp = Date.now();
        const encrypted = await this.cryptoFunctionService.rsaEncrypt(Utils.fromUtf8ToArray(JSON.stringify(message)), this.remotePublicKey, EncryptionAlgorithm);

        ipcRenderer.send('nativeMessagingReply', encrypted);
    }

    private async secureCommunication() {
        [this.publicKey, this.privateKey] = await this.cryptoFunctionService.rsaGenerateKeyPair(2048);

        this.send({command: 'setupEncryption', publicKey: Utils.fromBufferToB64(this.publicKey)});
    }
}
Split native messaging into renderer and background service. Encrypt messages and verify timestamp 2020-10-12 21:18:28 +02:00			`import { ipcRenderer } from 'electron';`
Replace cosole logs with logService 2020-10-05 20:05:48 +02:00
Use proper logging, fix linting errors. 2020-10-12 21:34:41 +02:00			`import { CryptoService } from 'jslib/abstractions/crypto.service';`
wip 2020-10-16 17:09:17 +02:00			`import { CryptoFunctionService } from 'jslib/abstractions/cryptoFunction.service';`
Use proper logging, fix linting errors. 2020-10-12 21:34:41 +02:00			`import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';`
			`import { LogService } from 'jslib/abstractions/log.service';`
wip 2020-10-16 17:09:17 +02:00			`import { Utils } from 'jslib/misc/utils';`
Use proper logging, fix linting errors. 2020-10-12 21:34:41 +02:00
			`const MessageValidTimeout = 10 * 1000;`
wip 2020-10-16 17:09:17 +02:00			`const EncryptionAlgorithm = 'sha256';`
Use proper logging, fix linting errors. 2020-10-12 21:34:41 +02:00
Initial PoC for browser <-> desktop communication 2020-10-05 15:11:37 +02:00			`export class NativeMessagingService {`
wip 2020-10-16 17:09:17 +02:00			`private publicKey: ArrayBuffer;`
			`private privateKey: ArrayBuffer;`
			`private remotePublicKey: ArrayBuffer;`
Use proper logging, fix linting errors. 2020-10-12 21:34:41 +02:00
wip 2020-10-16 17:09:17 +02:00			`constructor(private cryptoFunctionService: CryptoFunctionService, private cryptoService: CryptoService,`
			`private platformUtilService: PlatformUtilsService, private logService: LogService) {`
Split native messaging into renderer and background service. Encrypt messages and verify timestamp 2020-10-12 21:18:28 +02:00			`ipcRenderer.on('nativeMessaging', async (event: any, message: any) => {`
			`this.messageHandler(message);`
Initial PoC for browser <-> desktop communication 2020-10-05 15:11:37 +02:00			`});`
Generate app manifests and add install scripts for windows 2020-10-05 19:48:51 +02:00			`}`

Split native messaging into renderer and background service. Encrypt messages and verify timestamp 2020-10-12 21:18:28 +02:00			`private async messageHandler(rawMessage: any) {`
wip 2020-10-16 17:09:17 +02:00			`if (rawMessage.command == 'setupEncryption') {`
			`this.remotePublicKey = Utils.fromB64ToArray(rawMessage.publicKey).buffer;`
			`this.secureCommunication();`
			`return;`
			`}`
Replace cosole logs with logService 2020-10-05 20:05:48 +02:00
wip 2020-10-16 17:09:17 +02:00			`debugger;`
			`const message = JSON.parse(Utils.fromBufferToUtf8(await this.cryptoFunctionService.rsaDecrypt(rawMessage, this.privateKey, EncryptionAlgorithm)));`
			`console.log(message);`
Use proper logging, fix linting errors. 2020-10-12 21:34:41 +02:00			`if (Math.abs(message.timestamp - Date.now()) > MessageValidTimeout) {`
			`this.logService.error('NativeMessage is to old, ignoring.');`
Add settings toggle to enable/disable browser integration 2020-10-07 15:11:01 +02:00			`return;`
			`}`
Generate app manifests and add install scripts for windows 2020-10-05 19:48:51 +02:00
Wire up desktop -> browser communication. Add initial biometry support for browser integration 2020-10-11 20:41:10 +02:00			`switch (message.command) {`
			`case 'biometricUnlock':`
Split native messaging into renderer and background service. Encrypt messages and verify timestamp 2020-10-12 21:18:28 +02:00			`if (! this.platformUtilService.supportsBiometric()) {`
			`ipcRenderer.send('nativeMessagingSync', )`
			`return this.send({command: 'biometricUnlock', response: 'not supported'})`
Wire up desktop -> browser communication. Add initial biometry support for browser integration 2020-10-11 20:41:10 +02:00			`}`

Split native messaging into renderer and background service. Encrypt messages and verify timestamp 2020-10-12 21:18:28 +02:00			`const response = await this.platformUtilService.authenticateBiometric();`
Wire up desktop -> browser communication. Add initial biometry support for browser integration 2020-10-11 20:41:10 +02:00			`if (response) {`
Split native messaging into renderer and background service. Encrypt messages and verify timestamp 2020-10-12 21:18:28 +02:00			`this.send({command: 'biometricUnlock', response: 'unlocked'});`
Wire up desktop -> browser communication. Add initial biometry support for browser integration 2020-10-11 20:41:10 +02:00			`} else {`
Split native messaging into renderer and background service. Encrypt messages and verify timestamp 2020-10-12 21:18:28 +02:00			`this.send({command: 'biometricUnlock', response: 'canceled'});`
Wire up desktop -> browser communication. Add initial biometry support for browser integration 2020-10-11 20:41:10 +02:00			`}`
Minor cleanup 2020-10-12 18:03:16 +02:00
Wire up desktop -> browser communication. Add initial biometry support for browser integration 2020-10-11 20:41:10 +02:00			`break;`
			`default:`
Use proper logging, fix linting errors. 2020-10-12 21:34:41 +02:00			`this.logService.error('NativeMessage, got unknown command.');`
Wire up desktop -> browser communication. Add initial biometry support for browser integration 2020-10-11 20:41:10 +02:00			`}`
			`}`
Split native messaging into renderer and background service. Encrypt messages and verify timestamp 2020-10-12 21:18:28 +02:00
			`private async send(message: any) {`
			`message.timestamp = Date.now();`
wip 2020-10-16 17:09:17 +02:00			`const encrypted = await this.cryptoFunctionService.rsaEncrypt(Utils.fromUtf8ToArray(JSON.stringify(message)), this.remotePublicKey, EncryptionAlgorithm);`
Split native messaging into renderer and background service. Encrypt messages and verify timestamp 2020-10-12 21:18:28 +02:00
			`ipcRenderer.send('nativeMessagingReply', encrypted);`
			`}`
wip 2020-10-16 17:09:17 +02:00
			`private async secureCommunication() {`
			`[this.publicKey, this.privateKey] = await this.cryptoFunctionService.rsaGenerateKeyPair(2048);`

			`this.send({command: 'setupEncryption', publicKey: Utils.fromBufferToB64(this.publicKey)});`
			`}`
Initial PoC for browser <-> desktop communication 2020-10-05 15:11:37 +02:00			`}`