Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2025-02-18 01:41:27 +01:00
Code Issues Projects Releases Wiki Activity

PM-12102 | Fix LastPass importer not properly de-encrypting URLs (#11366)

Browse Source 
* PM-12102 | Fix LastPass importer not properly de-encrypting URLs

* Reuse the original code for the unencrypted path

* Add some comments
This commit is contained in:
Oleksii Holub 2024-10-07 17:55:17 +03:00 committed by GitHub
parent 68f4c2e879
commit 359b6e02d9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
libs/importer/src/importers/lastpass/access/services/parser.ts
View File

@ -22,7 +22,7 @@ export class Parser {
/* /*
May return null when the chunk does not represent an account. May return null when the chunk does not represent an account.
All secure notes are ACCTs but not all of them store account information. All secure notes are ACCTs but not all of them store account information.
TODO: Add a test for the folder case! TODO: Add a test for the folder case!
TODO: Add a test case that covers secure note account! TODO: Add a test case that covers secure note account!
*/ */
@ -60,9 +60,17 @@ export class Parser {
// 3: url // 3: url
step = 3; step = 3;
let url = Utils.fromBufferToUtf8( const urlEncoded = this.readItem(reader);
this.decodeHexLoose(Utils.fromBufferToUtf8(this.readItem(reader))), let url =
); urlEncoded.length > 0 && urlEncoded[0] === 33 // 33 = '!'
? // URL is encrypted
await this.cryptoUtils.decryptAes256PlainWithDefault(
urlEncoded,
encryptionKey,
placeholder,
)
: // URL is not encrypted
Utils.fromBufferToUtf8(this.decodeHexLoose(Utils.fromBufferToUtf8(urlEncoded)));
// Ignore "group" accounts. They have no credentials. // Ignore "group" accounts. They have no credentials.
if (url == "http://group") { if (url == "http://group") {