2020-10-16 11:09:49 +02:00
|
|
|
import { CryptoService, LogService, VaultTimeoutService } from 'jslib/abstractions';
|
2020-10-16 17:08:53 +02:00
|
|
|
import { CryptoFunctionService } from 'jslib/abstractions/cryptoFunction.service';
|
2020-10-12 18:01:34 +02:00
|
|
|
import { StorageService } from 'jslib/abstractions/storage.service';
|
2020-10-16 17:08:53 +02:00
|
|
|
import { Utils } from 'jslib/misc/utils';
|
2020-10-12 18:01:34 +02:00
|
|
|
import { ConstantsService } from 'jslib/services';
|
2020-10-11 20:45:25 +02:00
|
|
|
import { BrowserApi } from '../browser/browserApi';
|
2020-10-12 18:01:34 +02:00
|
|
|
import RuntimeBackground from './runtime.background';
|
2020-10-09 17:16:15 +02:00
|
|
|
|
2020-10-16 11:09:49 +02:00
|
|
|
const MessageValidTimeout = 10 * 1000;
|
2020-10-16 17:08:53 +02:00
|
|
|
const EncryptionAlgorithm = 'sha256';
|
2020-10-16 11:09:49 +02:00
|
|
|
|
2020-10-09 17:16:15 +02:00
|
|
|
export class NativeMessagingBackground {
|
|
|
|
|
private connected = false;
|
|
|
|
|
private port: browser.runtime.Port | chrome.runtime.Port;
|
|
|
|
|
|
|
|
|
|
private resolver: any = null;
|
2020-10-16 17:08:53 +02:00
|
|
|
publicKey: ArrayBuffer;
|
|
|
|
|
privateKey: ArrayBuffer;
|
|
|
|
|
private secureSetupResolve: any = null;
|
|
|
|
|
remotePublicKey: ArrayBufferLike;
|
2020-10-09 17:16:15 +02:00
|
|
|
|
2020-10-12 18:01:34 +02:00
|
|
|
constructor(private storageService: StorageService, private cryptoService: CryptoService,
|
2020-10-16 17:08:53 +02:00
|
|
|
private cryptoFunctionService: CryptoFunctionService, private vaultTimeoutService: VaultTimeoutService,
|
|
|
|
|
private runtimeBackground: RuntimeBackground) {}
|
2020-10-12 18:01:34 +02:00
|
|
|
|
2020-10-09 17:16:15 +02:00
|
|
|
connect() {
|
2020-10-11 20:45:25 +02:00
|
|
|
this.port = BrowserApi.connectNative('com.8bit.bitwarden');
|
2020-10-09 17:16:15 +02:00
|
|
|
|
|
|
|
|
this.connected = true;
|
2020-10-12 18:01:34 +02:00
|
|
|
|
|
|
|
|
this.port.onMessage.addListener((msg) => this.onMessage(msg));
|
2020-10-16 11:09:49 +02:00
|
|
|
|
2020-10-09 17:16:15 +02:00
|
|
|
this.port.onDisconnect.addListener(() => {
|
|
|
|
|
this.connected = false;
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-12 21:18:47 +02:00
|
|
|
async send(message: any) {
|
2020-10-09 17:16:15 +02:00
|
|
|
// If not connected, try to connect
|
|
|
|
|
if (!this.connected) {
|
|
|
|
|
this.connect();
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-16 17:08:53 +02:00
|
|
|
if (this.publicKey == null) {
|
|
|
|
|
await this.secureCommunication();
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-12 21:18:47 +02:00
|
|
|
message.timestamp = Date.now();
|
|
|
|
|
|
2020-10-16 17:08:53 +02:00
|
|
|
const encrypted = await this.cryptoFunctionService.rsaEncrypt(Buffer.from(JSON.stringify(message)), this.remotePublicKey, EncryptionAlgorithm);
|
2020-10-12 21:18:47 +02:00
|
|
|
this.port.postMessage(encrypted);
|
2020-10-09 17:16:15 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
await(): Promise<any> {
|
|
|
|
|
return new Promise((resolve, reject) => {
|
|
|
|
|
this.resolver = resolve;
|
|
|
|
|
});
|
|
|
|
|
}
|
2020-10-12 18:01:34 +02:00
|
|
|
|
2020-10-12 21:18:47 +02:00
|
|
|
private async onMessage(rawMessage: any) {
|
|
|
|
|
const message = JSON.parse(await this.cryptoService.decryptToUtf8(rawMessage));
|
|
|
|
|
|
2020-10-16 11:09:49 +02:00
|
|
|
if (Math.abs(message.timestamp - Date.now()) > MessageValidTimeout) {
|
|
|
|
|
// tslint:disable-next-line
|
|
|
|
|
console.error('NativeMessage is to old, ignoring.');
|
2020-10-12 21:18:47 +02:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-16 11:09:49 +02:00
|
|
|
switch (message.command) {
|
2020-10-16 17:08:53 +02:00
|
|
|
case 'setupEncryption':
|
|
|
|
|
this.remotePublicKey = Utils.fromB64ToArray(message.publicKey).buffer;
|
|
|
|
|
this.secureSetupResolve();
|
|
|
|
|
break;
|
|
|
|
|
case 'biometricUnlock':
|
2020-10-12 18:01:34 +02:00
|
|
|
await this.storageService.remove(ConstantsService.biometricAwaitingAcceptance);
|
|
|
|
|
|
|
|
|
|
const enabled = await this.storageService.get(ConstantsService.biometricUnlockKey);
|
|
|
|
|
if (enabled === null || enabled === false) {
|
2020-10-12 21:18:47 +02:00
|
|
|
if (message.response === 'unlocked') {
|
2020-10-12 18:01:34 +02:00
|
|
|
await this.storageService.save(ConstantsService.biometricUnlockKey, true);
|
|
|
|
|
}
|
2020-10-16 11:09:49 +02:00
|
|
|
|
2020-10-12 18:01:34 +02:00
|
|
|
await this.cryptoService.toggleKey();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (this.vaultTimeoutService.biometricLocked) {
|
|
|
|
|
this.runtimeBackground.processMessage({command: 'unlocked'}, null, null);
|
|
|
|
|
this.vaultTimeoutService.biometricLocked = false;
|
|
|
|
|
}
|
2020-10-16 17:08:53 +02:00
|
|
|
break;
|
2020-10-16 11:09:49 +02:00
|
|
|
default:
|
|
|
|
|
// tslint:disable-next-line
|
|
|
|
|
console.error('NativeMessage, got unknown command.');
|
2020-10-12 18:01:34 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (this.resolver) {
|
2020-10-12 21:18:47 +02:00
|
|
|
this.resolver(message);
|
2020-10-12 18:01:34 +02:00
|
|
|
}
|
|
|
|
|
}
|
2020-10-16 17:08:53 +02:00
|
|
|
|
|
|
|
|
private async secureCommunication() {
|
|
|
|
|
// Using crypto function service directly since we cannot encrypt the private key as
|
|
|
|
|
// master key might not be available
|
|
|
|
|
[this.publicKey, this.privateKey] = await this.cryptoFunctionService.rsaGenerateKeyPair(2048);
|
|
|
|
|
|
|
|
|
|
this.sendUnencrypted({command: 'setupEncryption', publicKey: Utils.fromBufferToB64(this.publicKey)});
|
|
|
|
|
|
|
|
|
|
return new Promise((resolve, reject) => this.secureSetupResolve = resolve);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private async sendUnencrypted(message: any) {
|
|
|
|
|
if (!this.connected) {
|
|
|
|
|
this.connect();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
message.timestamp = Date.now();
|
|
|
|
|
|
|
|
|
|
this.port.postMessage(message);
|
|
|
|
|
}
|
2020-10-09 17:16:15 +02:00
|
|
|
}
|
