bitwarden-browser/src/app/services/cryptoService.js

angular
    .module('bit.services')

    .factory('cryptoService', function ($sessionStorage) {
        var _service = {},
            _key,
            _b64Key,
            _privateKey,
            _publicKey;

        _service.setKey = function (key) {
            _key = key;
            $sessionStorage.key = forge.util.encode64(key);
        };

        _service.setPrivateKey = function (privateKeyCt, key) {
            try {
                var privateKey = _service.decrypt(privateKeyCt, key, 'raw');
                _privateKey = privateKey;
                $sessionStorage.privateKey = forge.util.encode64(privateKey);
            }
            catch (e) {
                console.log('Cannot set private key. Decryption failed.');
            }
        };

        _service.getKey = function (b64) {
            if (b64 && b64 === true && _b64Key) {
                return _b64Key;
            }
            else if (!b64 && _key) {
                return _key;
            }

            if ($sessionStorage.key) {
                _key = forge.util.decode64($sessionStorage.key);
            }

            if (b64 && b64 === true) {
                _b64Key = forge.util.encode64(_key);
                return _b64Key;
            }

            return _key;
        };

        _service.getEncKey = function (key) {
            key = key || _service.getKey();

            var buffer = forge.util.createBuffer(key);
            return buffer.getBytes(16);
        };

        _service.getMacKey = function (key) {
            key = key || _service.getKey();

            var buffer = forge.util.createBuffer(key);
            buffer.getBytes(16); // skip first half
            return buffer.getBytes(16);
        };

        _service.getPrivateKey = function () {
            if (_privateKey) {
                return _privateKey;
            }

            if ($sessionStorage.privateKey) {
                var privateKeyBytes = forge.util.decode64($sessionStorage.privateKey);
                _privateKey = forge.pki.privateKeyFromAsn1(forge.asn1.fromDer(privateKeyBytes));
            }

            return _privateKey;
        };

        _service.getPublicKey = function () {
            if (_publicKey) {
                return _publicKey;
            }

            var privateKey = _service.getPrivateKey();
            if (!privateKey) {
                return null;
            }

            _publicKey = forge.pki.setRsaPublicKey(privateKey.n, privateKey.e);
            return _publicKey;
        };

        _service.clearKey = function () {
            _key = _b64Key = null;
            delete $sessionStorage.key;
        };

        _service.clearKeyPair = function () {
            _privateKey = null;
            _publicKey = null;
            delete $sessionStorage.privateKey;
        };

        _service.clearKeys = function () {
            _service.clearKey();
            _service.clearKeyPair();
        };

        _service.makeKey = function (password, salt, b64) {
            var key = forge.pbkdf2(forge.util.encodeUtf8(password), forge.util.encodeUtf8(salt),
                5000, 256 / 8, 'sha256');

            if (b64 && b64 === true) {
                return forge.util.encode64(key);
            }

            return key;
        };

        _service.makeKeyPair = function (key, callback) {
            forge.pki.rsa.generateKeyPair({ bits: 2048, workers: 2 }, function (error, keypair) {
                if (error) {
                    callback(null, null, error);
                    return;
                }

                var privateKey = forge.pki.privateKeyToAsn1(keypair.privateKey);
                var privateKeyBytes = forge.asn1.toDer(privateKey).getBytes();
                var privateKeyEnc = _service.encrypt(privateKeyBytes, key, 'raw');

                var publicKey = forge.pki.publicKeyToAsn1(keypair.publicKey);
                var publicKeyBytes = forge.asn1.toDer(publicKey).getBytes();

                callback(forge.util.encode64(publicKeyBytes), privateKeyEnc, null);
            });
        };

        _service.makeShareKey = function () {
            return forge.random.getBytesSync(32);
        };

        _service.hashPassword = function (password, key) {
            if (!key) {
                key = _service.getKey();
            }

            if (!password || !key) {
                throw 'Invalid parameters.';
            }

            var hashBits = forge.pbkdf2(key, forge.util.encodeUtf8(password), 1, 256 / 8, 'sha256');
            return forge.util.encode64(hashBits);
        };

        _service.encrypt = function (plainValue, key, plainValueEncoding) {
            if (!_service.getKey() && !key) {
                throw 'Encryption key unavailable.';
            }

            // TODO: Turn on whenever ready to support encrypt-then-mac
            var encKey = null;
            if (false) {
                encKey = _service.getEncKey(key);
            }
            else {
                encKey = key || _service.getKey();
            }

            plainValueEncoding = plainValueEncoding || 'utf8';
            var buffer = forge.util.createBuffer(plainValue, plainValueEncoding);
            var ivBytes = forge.random.getBytesSync(16);
            var cipher = forge.cipher.createCipher('AES-CBC', encKey);
            cipher.start({ iv: ivBytes });
            cipher.update(buffer);
            cipher.finish();

            var iv = forge.util.encode64(ivBytes);
            var ctBytes = cipher.output.getBytes();
            var ct = forge.util.encode64(ctBytes);
            var cipherString = iv + '|' + ct;

            // TODO: Turn on whenever ready to support encrypt-then-mac
            if (false) {
                var mac = computeMac(ctBytes, ivBytes);
                cipherString = cipherString + '|' + mac;
            }

            return cipherString;
        };

        _service.rsaEncrypt = function (plainValue, publicKey) {
            publicKey = publicKey || _service.getPublicKey();
            if (!publicKey) {
                throw 'Public key unavailable.';
            }

            var encryptedBytes = publicKey.encrypt(plainValue, 'RSA-OAEP', {
                md: forge.md.sha256.create()
            });
            return forge.util.encode64(encryptedBytes);
        };

        _service.decrypt = function (encValue, key, outputEncoding) {
            if (!_service.getKey() && !key) {
                throw 'Encryption key unavailable.';
            }

            var encPieces = encValue.split('|');
            if (encPieces.length !== 2 && encPieces.length !== 3) {
                return '';
            }

            var ivBytes = forge.util.decode64(encPieces[0]);
            var ctBytes = forge.util.decode64(encPieces[1]);

            var computedMac = null;
            if (encPieces.length === 3) {
                computedMac = computeMac(ctBytes, ivBytes);
                if (computedMac !== encPieces[2]) {
                    console.error('MAC failed.');
                    return '';
                }
            }

            var encKey;
            if (computedMac) {
                encKey = _service.getEncKey(key);
            }
            else {
                encKey = key || _service.getKey();
            }

            var ctBuffer = forge.util.createBuffer(ctBytes);
            var decipher = forge.cipher.createDecipher('AES-CBC', encKey);
            decipher.start({ iv: ivBytes });
            decipher.update(ctBuffer);
            decipher.finish();

            outputEncoding = outputEncoding || 'utf8';
            if (outputEncoding === 'utf8') {
                return decipher.output.toString('utf8');
            }
            else {
                return decipher.output.getBytes();
            }
        };

        _service.rsaDecrypt = function (encValue, privateKey) {
            privateKey = privateKey || _service.getPrivateKey();
            if (!privateKey) {
                throw 'Private key unavailable.';
            }

            var ctBytes = forge.util.decode64(encValue);
            var decBytes = privateKey.decrypt(ctBytes, 'RSA-OAEP', {
                md: forge.md.sha256.create()
            });

            return decBytes;
        };

        function computeMac(ct, iv, macKey) {
            var hmac = forge.hmac.create();
            hmac.start('sha256', macKey || _service.getMacKey());
            hmac.update(iv + ct);
            var mac = hmac.digest();
            return forge.util.encode64(mac.getBytes());
        }

        return _service;
    });
initial commit of source 2015-12-09 04:35:05 +01:00			`angular`
			`.module('bit.services')`

			`.factory('cryptoService', function ($sessionStorage) {`
			`var _service = {},`
			`_key,`
updates to cryptoService for rsa keypairs 2017-02-21 04:21:14 +01:00			`_b64Key,`
share login modal 2017-02-28 06:18:11 +01:00			`_privateKey,`
			`_publicKey;`
initial commit of source 2015-12-09 04:35:05 +01:00
			`_service.setKey = function (key) {`
			`_key = key;`
replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00			`$sessionStorage.key = forge.util.encode64(key);`
initial commit of source 2015-12-09 04:35:05 +01:00			`};`

set private key when logging in 2017-02-21 06:29:15 +01:00			`_service.setPrivateKey = function (privateKeyCt, key) {`
			`try {`
			`var privateKey = _service.decrypt(privateKeyCt, key, 'raw');`
			`_privateKey = privateKey;`
			`$sessionStorage.privateKey = forge.util.encode64(privateKey);`
			`}`
			`catch (e) {`
			`console.log('Cannot set private key. Decryption failed.');`
			`}`
updates to cryptoService for rsa keypairs 2017-02-21 04:21:14 +01:00			`};`

initial commit of source 2015-12-09 04:35:05 +01:00			`_service.getKey = function (b64) {`
			`if (b64 && b64 === true && _b64Key) {`
			`return _b64Key;`
			`}`
			`else if (!b64 && _key) {`
			`return _key;`
			`}`

			`if ($sessionStorage.key) {`
replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00			`_key = forge.util.decode64($sessionStorage.key);`
initial commit of source 2015-12-09 04:35:05 +01:00			`}`

			`if (b64 && b64 === true) {`
replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00			`_b64Key = forge.util.encode64(_key);`
initial commit of source 2015-12-09 04:35:05 +01:00			`return _b64Key;`
			`}`

			`return _key;`
			`};`

encrypt-then-mac support 2016-12-09 04:21:46 +01:00			`_service.getEncKey = function (key) {`
			`key = key \|\| _service.getKey();`
replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00
			`var buffer = forge.util.createBuffer(key);`
			`return buffer.getBytes(16);`
encrypt-then-mac support 2016-12-09 04:21:46 +01:00			`};`

			`_service.getMacKey = function (key) {`
			`key = key \|\| _service.getKey();`
replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00
			`var buffer = forge.util.createBuffer(key);`
			`buffer.getBytes(16); // skip first half`
			`return buffer.getBytes(16);`
encrypt-then-mac support 2016-12-09 04:21:46 +01:00			`};`

updates to cryptoService for rsa keypairs 2017-02-21 04:21:14 +01:00			`_service.getPrivateKey = function () {`
			`if (_privateKey) {`
			`return _privateKey;`
			`}`

			`if ($sessionStorage.privateKey) {`
share login modal 2017-02-28 06:18:11 +01:00			`var privateKeyBytes = forge.util.decode64($sessionStorage.privateKey);`
			`_privateKey = forge.pki.privateKeyFromAsn1(forge.asn1.fromDer(privateKeyBytes));`
updates to cryptoService for rsa keypairs 2017-02-21 04:21:14 +01:00			`}`

			`return _privateKey;`
			`};`

share login modal 2017-02-28 06:18:11 +01:00			`_service.getPublicKey = function () {`
			`if (_publicKey) {`
			`return _publicKey;`
			`}`

			`var privateKey = _service.getPrivateKey();`
			`if (!privateKey) {`
			`return null;`
			`}`

			`_publicKey = forge.pki.setRsaPublicKey(privateKey.n, privateKey.e);`
			`return _publicKey;`
			`};`

initial commit of source 2015-12-09 04:35:05 +01:00			`_service.clearKey = function () {`
replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00			`_key = _b64Key = null;`
initial commit of source 2015-12-09 04:35:05 +01:00			`delete $sessionStorage.key;`
			`};`

share login modal 2017-02-28 06:18:11 +01:00			`_service.clearKeyPair = function () {`
updates to cryptoService for rsa keypairs 2017-02-21 04:21:14 +01:00			`_privateKey = null;`
share login modal 2017-02-28 06:18:11 +01:00			`_publicKey = null;`
updates to cryptoService for rsa keypairs 2017-02-21 04:21:14 +01:00			`delete $sessionStorage.privateKey;`
			`};`

			`_service.clearKeys = function () {`
			`_service.clearKey();`
share login modal 2017-02-28 06:18:11 +01:00			`_service.clearKeyPair();`
updates to cryptoService for rsa keypairs 2017-02-21 04:21:14 +01:00			`};`

initial commit of source 2015-12-09 04:35:05 +01:00			`_service.makeKey = function (password, salt, b64) {`
utf8 encode params for key derivation 2017-02-16 01:03:56 +01:00			`var key = forge.pbkdf2(forge.util.encodeUtf8(password), forge.util.encodeUtf8(salt),`
			`5000, 256 / 8, 'sha256');`
initial commit of source 2015-12-09 04:35:05 +01:00
			`if (b64 && b64 === true) {`
replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00			`return forge.util.encode64(key);`
initial commit of source 2015-12-09 04:35:05 +01:00			`}`

			`return key;`
			`};`

generate keypair on registration 2017-02-21 05:59:12 +01:00			`_service.makeKeyPair = function (key, callback) {`
updates to cryptoService for rsa keypairs 2017-02-21 04:21:14 +01:00			`forge.pki.rsa.generateKeyPair({ bits: 2048, workers: 2 }, function (error, keypair) {`
			`if (error) {`
			`callback(null, null, error);`
			`return;`
			`}`

			`var privateKey = forge.pki.privateKeyToAsn1(keypair.privateKey);`
			`var privateKeyBytes = forge.asn1.toDer(privateKey).getBytes();`
generate keypair on registration 2017-02-21 05:59:12 +01:00			`var privateKeyEnc = _service.encrypt(privateKeyBytes, key, 'raw');`
updates to cryptoService for rsa keypairs 2017-02-21 04:21:14 +01:00
			`var publicKey = forge.pki.publicKeyToAsn1(keypair.publicKey);`
			`var publicKeyBytes = forge.asn1.toDer(publicKey).getBytes();`

generate keypair on registration 2017-02-21 05:59:12 +01:00			`callback(forge.util.encode64(publicKeyBytes), privateKeyEnc, null);`
updates to cryptoService for rsa keypairs 2017-02-21 04:21:14 +01:00			`});`
			`};`

share login modal 2017-02-28 06:18:11 +01:00			`_service.makeShareKey = function () {`
			`return forge.random.getBytesSync(32);`
			`};`

initial commit of source 2015-12-09 04:35:05 +01:00			`_service.hashPassword = function (password, key) {`
			`if (!key) {`
			`key = _service.getKey();`
			`}`

			`if (!password \|\| !key) {`
			`throw 'Invalid parameters.';`
			`}`

utf8 encode params for key derivation 2017-02-16 01:03:56 +01:00			`var hashBits = forge.pbkdf2(key, forge.util.encodeUtf8(password), 1, 256 / 8, 'sha256');`
replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00			`return forge.util.encode64(hashBits);`
encrypt-then-mac support 2016-12-09 04:21:46 +01:00			`};`

set private key when logging in 2017-02-21 06:29:15 +01:00			`_service.encrypt = function (plainValue, key, plainValueEncoding) {`
initial commit of source 2015-12-09 04:35:05 +01:00			`if (!_service.getKey() && !key) {`
			`throw 'Encryption key unavailable.';`
			`}`

encrypt-then-mac support 2016-12-09 04:21:46 +01:00			`// TODO: Turn on whenever ready to support encrypt-then-mac`
			`var encKey = null;`
			`if (false) {`
			`encKey = _service.getEncKey(key);`
			`}`
			`else {`
			`encKey = key \|\| _service.getKey();`
initial commit of source 2015-12-09 04:35:05 +01:00			`}`

set private key when logging in 2017-02-21 06:29:15 +01:00			`plainValueEncoding = plainValueEncoding \|\| 'utf8';`
			`var buffer = forge.util.createBuffer(plainValue, plainValueEncoding);`
replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00			`var ivBytes = forge.random.getBytesSync(16);`
			`var cipher = forge.cipher.createCipher('AES-CBC', encKey);`
			`cipher.start({ iv: ivBytes });`
			`cipher.update(buffer);`
			`cipher.finish();`
initial commit of source 2015-12-09 04:35:05 +01:00
replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00			`var iv = forge.util.encode64(ivBytes);`
			`var ctBytes = cipher.output.getBytes();`
			`var ct = forge.util.encode64(ctBytes);`
encrypt-then-mac support 2016-12-09 04:21:46 +01:00			`var cipherString = iv + '\|' + ct;`

			`// TODO: Turn on whenever ready to support encrypt-then-mac`
			`if (false) {`
replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00			`var mac = computeMac(ctBytes, ivBytes);`
encrypt-then-mac support 2016-12-09 04:21:46 +01:00			`cipherString = cipherString + '\|' + mac;`
			`}`

			`return cipherString;`
initial commit of source 2015-12-09 04:35:05 +01:00			`};`

share login modal 2017-02-28 06:18:11 +01:00			`_service.rsaEncrypt = function (plainValue, publicKey) {`
			`publicKey = publicKey \|\| _service.getPublicKey();`
			`if (!publicKey) {`
			`throw 'Public key unavailable.';`
			`}`

			`var encryptedBytes = publicKey.encrypt(plainValue, 'RSA-OAEP', {`
			`md: forge.md.sha256.create()`
			`});`
			`return forge.util.encode64(encryptedBytes);`
lint fixes 2017-03-01 04:53:19 +01:00			`};`
share login modal 2017-02-28 06:18:11 +01:00
set private key when logging in 2017-02-21 06:29:15 +01:00			`_service.decrypt = function (encValue, key, outputEncoding) {`
			`if (!_service.getKey() && !key) {`
			`throw 'Encryption key unavailable.';`
initial commit of source 2015-12-09 04:35:05 +01:00			`}`

			`var encPieces = encValue.split('\|');`
encrypt-then-mac support 2016-12-09 04:21:46 +01:00			`if (encPieces.length !== 2 && encPieces.length !== 3) {`
initial commit of source 2015-12-09 04:35:05 +01:00			`return '';`
			`}`

replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00			`var ivBytes = forge.util.decode64(encPieces[0]);`
			`var ctBytes = forge.util.decode64(encPieces[1]);`
initial commit of source 2015-12-09 04:35:05 +01:00
encrypt-then-mac support 2016-12-09 04:21:46 +01:00			`var computedMac = null;`
			`if (encPieces.length === 3) {`
replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00			`computedMac = computeMac(ctBytes, ivBytes);`
encrypt-then-mac support 2016-12-09 04:21:46 +01:00			`if (computedMac !== encPieces[2]) {`
			`console.error('MAC failed.');`
			`return '';`
			`}`
			`}`

set private key when logging in 2017-02-21 06:29:15 +01:00			`var encKey;`
			`if (computedMac) {`
			`encKey = _service.getEncKey(key);`
			`}`
			`else {`
			`encKey = key \|\| _service.getKey();`
			`}`

replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00			`var ctBuffer = forge.util.createBuffer(ctBytes);`
set private key when logging in 2017-02-21 06:29:15 +01:00			`var decipher = forge.cipher.createDecipher('AES-CBC', encKey);`
replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00			`decipher.start({ iv: ivBytes });`
			`decipher.update(ctBuffer);`
			`decipher.finish();`
initial commit of source 2015-12-09 04:35:05 +01:00
updates to cryptoService for rsa keypairs 2017-02-21 04:21:14 +01:00			`outputEncoding = outputEncoding \|\| 'utf8';`
			`if (outputEncoding === 'utf8') {`
			`return decipher.output.toString('utf8');`
			`}`
			`else {`
			`return decipher.output.getBytes();`
			`}`
replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00			`};`
encrypt-then-mac support 2016-12-09 04:21:46 +01:00
share login modal 2017-02-28 06:18:11 +01:00			`_service.rsaDecrypt = function (encValue, privateKey) {`
			`privateKey = privateKey \|\| _service.getPrivateKey();`
			`if (!privateKey) {`
			`throw 'Private key unavailable.';`
			`}`

			`var ctBytes = forge.util.decode64(encValue);`
			`var decBytes = privateKey.decrypt(ctBytes, 'RSA-OAEP', {`
			`md: forge.md.sha256.create()`
			`});`

			`return decBytes;`
lint fixes 2017-03-01 04:53:19 +01:00			`};`
share login modal 2017-02-28 06:18:11 +01:00
replace sjcl cryptoservice implementation with forge 2017-02-11 19:03:48 +01:00			`function computeMac(ct, iv, macKey) {`
			`var hmac = forge.hmac.create();`
			`hmac.start('sha256', macKey \|\| _service.getMacKey());`
			`hmac.update(iv + ct);`
			`var mac = hmac.digest();`
			`return forge.util.encode64(mac.getBytes());`
encrypt-then-mac support 2016-12-09 04:21:46 +01:00			`}`

initial commit of source 2015-12-09 04:35:05 +01:00			`return _service;`
			`});`