Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-12-27 17:18:04 +01:00
Code Issues Projects Releases Wiki Activity

added error logs for decrypt methods

Browse Source
This commit is contained in:
Kyle Spearrin 2017-07-31 23:19:02 -04:00
parent 747b5608e8
commit 2beb22e8cf
1 changed files with 115 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

211
src/app/services/cryptoService.js
View File

@ -477,121 +477,140 @@ angular
};
_service.decrypt = function (encValue, key, outputEncoding) {
key = key || _service.getEncKey() || _service.getKey();
try {
key = key || _service.getEncKey() || _service.getKey();
var headerPieces = encValue.split('.'),
encType,
encPieces;
var headerPieces = encValue.split('.'),
encType,
encPieces;
if (headerPieces.length === 2) {
try {
encType = parseInt(headerPieces[0]);
encPieces = headerPieces[1].split('|');
}
catch (e) {
return null;
}
}
else {
encPieces = encValue.split('|');
encType = encPieces.length === 3 ? constants.encType.AesCbc128_HmacSha256_B64 :
constants.encType.AesCbc256_B64;
}
if (encType === constants.encType.AesCbc128_HmacSha256_B64 && key.encType === constants.encType.AesCbc256_B64) {
// Old encrypt-then-mac scheme, swap out the key
_legacyEtmKey = _legacyEtmKey ||
new SymmetricCryptoKey(key.key, false, constants.encType.AesCbc128_HmacSha256_B64);
key = _legacyEtmKey;
}
if (encType !== key.encType) {
throw 'encType unavailable.';
}
switch (encType) {
case constants.encType.AesCbc128_HmacSha256_B64:
case constants.encType.AesCbc256_HmacSha256_B64:
if (encPieces.length !== 3) {
if (headerPieces.length === 2) {
try {
encType = parseInt(headerPieces[0]);
encPieces = headerPieces[1].split('|');
}
catch (e) {
console.error('Cannot parse headerPieces.');
return null;
}
break;
case constants.encType.AesCbc256_B64:
if (encPieces.length !== 2) {
}
else {
encPieces = encValue.split('|');
encType = encPieces.length === 3 ? constants.encType.AesCbc128_HmacSha256_B64 :
constants.encType.AesCbc256_B64;
}
if (encType === constants.encType.AesCbc128_HmacSha256_B64 && key.encType === constants.encType.AesCbc256_B64) {
// Old encrypt-then-mac scheme, swap out the key
_legacyEtmKey = _legacyEtmKey ||
new SymmetricCryptoKey(key.key, false, constants.encType.AesCbc128_HmacSha256_B64);
key = _legacyEtmKey;
}
if (encType !== key.encType) {
throw 'encType unavailable.';
}
switch (encType) {
case constants.encType.AesCbc128_HmacSha256_B64:
case constants.encType.AesCbc256_HmacSha256_B64:
if (encPieces.length !== 3) {
console.error('Enc type (' + encType + ') not valid.');
return null;
}
break;
case constants.encType.AesCbc256_B64:
if (encPieces.length !== 2) {
console.error('Enc type (' + encType + ') not valid.');
return null;
}
break;
default:
console.error('Enc type (' + encType + ') not supported.');
return null;
}
var ivBytes = forge.util.decode64(encPieces[0]);
var ctBytes = forge.util.decode64(encPieces[1]);
if (key.macKey && encPieces.length > 2) {
var macBytes = forge.util.decode64(encPieces[2]);
var computedMacBytes = computeMac(ivBytes + ctBytes, key.macKey, false);
if (!macsEqual(key.macKey, macBytes, computedMacBytes)) {
console.error('MAC failed.');
return null;
}
break;
default:
return null;
}
}
var ivBytes = forge.util.decode64(encPieces[0]);
var ctBytes = forge.util.decode64(encPieces[1]);
var ctBuffer = forge.util.createBuffer(ctBytes);
var decipher = forge.cipher.createDecipher('AES-CBC', key.encKey);
decipher.start({ iv: ivBytes });
decipher.update(ctBuffer);
decipher.finish();
if (key.macKey && encPieces.length > 2) {
var macBytes = forge.util.decode64(encPieces[2]);
var computedMacBytes = computeMac(ivBytes + ctBytes, key.macKey, false);
if (!macsEqual(key.macKey, macBytes, computedMacBytes)) {
console.error('MAC failed.');
return null;
outputEncoding = outputEncoding || 'utf8';
if (outputEncoding === 'utf8') {
return decipher.output.toString('utf8');
}
else {
return decipher.output.getBytes();
}
}
var ctBuffer = forge.util.createBuffer(ctBytes);
var decipher = forge.cipher.createDecipher('AES-CBC', key.encKey);
decipher.start({ iv: ivBytes });
decipher.update(ctBuffer);
decipher.finish();
outputEncoding = outputEncoding || 'utf8';
if (outputEncoding === 'utf8') {
return decipher.output.toString('utf8');
}
else {
return decipher.output.getBytes();
catch (e) {
console.error('Caught unhandled error in decrypt: ' + e);
throw e;
}
};
_service.decryptFromBytes = function (encBuf, key) {
if (!encBuf) {
throw 'no encBuf.';
}
try {
if (!encBuf) {
throw 'no encBuf.';
}
var encBytes = new Uint8Array(encBuf),
encType = encBytes[0],
ctBytes = null,
ivBytes = null,
macBytes = null;
var encBytes = new Uint8Array(encBuf),
encType = encBytes[0],
ctBytes = null,
ivBytes = null,
macBytes = null;
switch (encType) {
case constants.encType.AesCbc128_HmacSha256_B64:
case constants.encType.AesCbc256_HmacSha256_B64:
if (encBytes.length <= 49) { // 1 + 16 + 32 + ctLength
switch (encType) {
case constants.encType.AesCbc128_HmacSha256_B64:
case constants.encType.AesCbc256_HmacSha256_B64:
if (encBytes.length <= 49) { // 1 + 16 + 32 + ctLength
console.error('Enc type (' + encType + ') not valid.');
return null;
}
ivBytes = slice(encBytes, 1, 17);
macBytes = slice(encBytes, 17, 49);
ctBytes = slice(encBytes, 49);
break;
case constants.encType.AesCbc256_B64:
if (encBytes.length <= 17) { // 1 + 16 + ctLength
console.error('Enc type (' + encType + ') not valid.');
return null;
}
ivBytes = slice(encBytes, 1, 17);
ctBytes = slice(encBytes, 17);
break;
default:
console.error('Enc type (' + encType + ') not supported.');
return null;
}
}
ivBytes = slice(encBytes, 1, 17);
macBytes = slice(encBytes, 17, 49);
ctBytes = slice(encBytes, 49);
break;
case constants.encType.AesCbc256_B64:
if (encBytes.length <= 17) { // 1 + 16 + ctLength
return null;
}
ivBytes = slice(encBytes, 1, 17);
ctBytes = slice(encBytes, 17);
break;
default:
return null;
return aesDecryptWC(
encType,
ctBytes.buffer,
ivBytes.buffer,
macBytes ? macBytes.buffer : null,
key);
}
catch (e) {
console.error('Caught unhandled error in decryptFromBytes: ' + e);
throw e;
}
return aesDecryptWC(
encType,
ctBytes.buffer,
ivBytes.buffer,
macBytes ? macBytes.buffer : null,
key);
};
function aesDecryptWC(encType, ctBuf, ivBuf, macBuf, key) {