1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-12-29 17:38:04 +01:00

added error logs for decrypt methods

This commit is contained in:
Kyle Spearrin 2017-07-31 23:19:02 -04:00
parent 747b5608e8
commit 2beb22e8cf

View File

@ -477,121 +477,140 @@ angular
}; };
_service.decrypt = function (encValue, key, outputEncoding) { _service.decrypt = function (encValue, key, outputEncoding) {
key = key || _service.getEncKey() || _service.getKey(); try {
key = key || _service.getEncKey() || _service.getKey();
var headerPieces = encValue.split('.'), var headerPieces = encValue.split('.'),
encType, encType,
encPieces; encPieces;
if (headerPieces.length === 2) { if (headerPieces.length === 2) {
try { try {
encType = parseInt(headerPieces[0]); encType = parseInt(headerPieces[0]);
encPieces = headerPieces[1].split('|'); encPieces = headerPieces[1].split('|');
} }
catch (e) { catch (e) {
return null; console.error('Cannot parse headerPieces.');
}
}
else {
encPieces = encValue.split('|');
encType = encPieces.length === 3 ? constants.encType.AesCbc128_HmacSha256_B64 :
constants.encType.AesCbc256_B64;
}
if (encType === constants.encType.AesCbc128_HmacSha256_B64 && key.encType === constants.encType.AesCbc256_B64) {
// Old encrypt-then-mac scheme, swap out the key
_legacyEtmKey = _legacyEtmKey ||
new SymmetricCryptoKey(key.key, false, constants.encType.AesCbc128_HmacSha256_B64);
key = _legacyEtmKey;
}
if (encType !== key.encType) {
throw 'encType unavailable.';
}
switch (encType) {
case constants.encType.AesCbc128_HmacSha256_B64:
case constants.encType.AesCbc256_HmacSha256_B64:
if (encPieces.length !== 3) {
return null; return null;
} }
break; }
case constants.encType.AesCbc256_B64: else {
if (encPieces.length !== 2) { encPieces = encValue.split('|');
encType = encPieces.length === 3 ? constants.encType.AesCbc128_HmacSha256_B64 :
constants.encType.AesCbc256_B64;
}
if (encType === constants.encType.AesCbc128_HmacSha256_B64 && key.encType === constants.encType.AesCbc256_B64) {
// Old encrypt-then-mac scheme, swap out the key
_legacyEtmKey = _legacyEtmKey ||
new SymmetricCryptoKey(key.key, false, constants.encType.AesCbc128_HmacSha256_B64);
key = _legacyEtmKey;
}
if (encType !== key.encType) {
throw 'encType unavailable.';
}
switch (encType) {
case constants.encType.AesCbc128_HmacSha256_B64:
case constants.encType.AesCbc256_HmacSha256_B64:
if (encPieces.length !== 3) {
console.error('Enc type (' + encType + ') not valid.');
return null;
}
break;
case constants.encType.AesCbc256_B64:
if (encPieces.length !== 2) {
console.error('Enc type (' + encType + ') not valid.');
return null;
}
break;
default:
console.error('Enc type (' + encType + ') not supported.');
return null;
}
var ivBytes = forge.util.decode64(encPieces[0]);
var ctBytes = forge.util.decode64(encPieces[1]);
if (key.macKey && encPieces.length > 2) {
var macBytes = forge.util.decode64(encPieces[2]);
var computedMacBytes = computeMac(ivBytes + ctBytes, key.macKey, false);
if (!macsEqual(key.macKey, macBytes, computedMacBytes)) {
console.error('MAC failed.');
return null; return null;
} }
break; }
default:
return null;
}
var ivBytes = forge.util.decode64(encPieces[0]); var ctBuffer = forge.util.createBuffer(ctBytes);
var ctBytes = forge.util.decode64(encPieces[1]); var decipher = forge.cipher.createDecipher('AES-CBC', key.encKey);
decipher.start({ iv: ivBytes });
decipher.update(ctBuffer);
decipher.finish();
if (key.macKey && encPieces.length > 2) { outputEncoding = outputEncoding || 'utf8';
var macBytes = forge.util.decode64(encPieces[2]); if (outputEncoding === 'utf8') {
var computedMacBytes = computeMac(ivBytes + ctBytes, key.macKey, false); return decipher.output.toString('utf8');
if (!macsEqual(key.macKey, macBytes, computedMacBytes)) { }
console.error('MAC failed.'); else {
return null; return decipher.output.getBytes();
} }
} }
catch (e) {
var ctBuffer = forge.util.createBuffer(ctBytes); console.error('Caught unhandled error in decrypt: ' + e);
var decipher = forge.cipher.createDecipher('AES-CBC', key.encKey); throw e;
decipher.start({ iv: ivBytes });
decipher.update(ctBuffer);
decipher.finish();
outputEncoding = outputEncoding || 'utf8';
if (outputEncoding === 'utf8') {
return decipher.output.toString('utf8');
}
else {
return decipher.output.getBytes();
} }
}; };
_service.decryptFromBytes = function (encBuf, key) { _service.decryptFromBytes = function (encBuf, key) {
if (!encBuf) { try {
throw 'no encBuf.'; if (!encBuf) {
} throw 'no encBuf.';
}
var encBytes = new Uint8Array(encBuf), var encBytes = new Uint8Array(encBuf),
encType = encBytes[0], encType = encBytes[0],
ctBytes = null, ctBytes = null,
ivBytes = null, ivBytes = null,
macBytes = null; macBytes = null;
switch (encType) { switch (encType) {
case constants.encType.AesCbc128_HmacSha256_B64: case constants.encType.AesCbc128_HmacSha256_B64:
case constants.encType.AesCbc256_HmacSha256_B64: case constants.encType.AesCbc256_HmacSha256_B64:
if (encBytes.length <= 49) { // 1 + 16 + 32 + ctLength if (encBytes.length <= 49) { // 1 + 16 + 32 + ctLength
console.error('Enc type (' + encType + ') not valid.');
return null;
}
ivBytes = slice(encBytes, 1, 17);
macBytes = slice(encBytes, 17, 49);
ctBytes = slice(encBytes, 49);
break;
case constants.encType.AesCbc256_B64:
if (encBytes.length <= 17) { // 1 + 16 + ctLength
console.error('Enc type (' + encType + ') not valid.');
return null;
}
ivBytes = slice(encBytes, 1, 17);
ctBytes = slice(encBytes, 17);
break;
default:
console.error('Enc type (' + encType + ') not supported.');
return null; return null;
} }
ivBytes = slice(encBytes, 1, 17); return aesDecryptWC(
macBytes = slice(encBytes, 17, 49); encType,
ctBytes = slice(encBytes, 49); ctBytes.buffer,
break; ivBytes.buffer,
case constants.encType.AesCbc256_B64: macBytes ? macBytes.buffer : null,
if (encBytes.length <= 17) { // 1 + 16 + ctLength key);
return null; }
} catch (e) {
console.error('Caught unhandled error in decryptFromBytes: ' + e);
ivBytes = slice(encBytes, 1, 17); throw e;
ctBytes = slice(encBytes, 17);
break;
default:
return null;
} }
return aesDecryptWC(
encType,
ctBytes.buffer,
ivBytes.buffer,
macBytes ? macBytes.buffer : null,
key);
}; };
function aesDecryptWC(encType, ctBuf, ivBuf, macBuf, key) { function aesDecryptWC(encType, ctBuf, ivBuf, macBuf, key) {