Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-09-19 02:51:14 +02:00
Code Issues Projects Releases Wiki Activity

Ensure we only setup a communication when userId matches

Browse Source
This commit is contained in:
Hinton 2021-01-15 10:57:09 +01:00
parent 326b6b3aaf
commit 8084b28013
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/services/nativeMessaging.service.ts
View File

@ -22,8 +22,9 @@ export class NativeMessagingService {
private sharedSecrets = new Map<string, SymmetricCryptoKey>(); private sharedSecrets = new Map<string, SymmetricCryptoKey>();
constructor(private cryptoFunctionService: CryptoFunctionService, private cryptoService: CryptoService, constructor(private cryptoFunctionService: CryptoFunctionService, private cryptoService: CryptoService,
private platformUtilService: PlatformUtilsService, private logService: LogService, private i18nService: I18nService, private platformUtilService: PlatformUtilsService, private logService: LogService,
private userService: UserService, private messagingService: MessagingService, private vaultTimeoutService: VaultTimeoutService, private storageService: StorageService) { private i18nService: I18nService, private userService: UserService, private messagingService: MessagingService,
private vaultTimeoutService: VaultTimeoutService, private storageService: StorageService) {
ipcRenderer.on('nativeMessaging', async (event: any, message: any) => { ipcRenderer.on('nativeMessaging', async (event: any, message: any) => {
this.messageHandler(message); this.messageHandler(message);
}); });
@ -37,6 +38,12 @@ export class NativeMessagingService {
if (rawMessage.command === 'setupEncryption') { if (rawMessage.command === 'setupEncryption') {
const remotePublicKey = Utils.fromB64ToArray(rawMessage.publicKey).buffer; const remotePublicKey = Utils.fromB64ToArray(rawMessage.publicKey).buffer;
// Valudate the UserId to ensure we are logged into the same account.
if (rawMessage.userId !== await this.userService.getUserId()) {
ipcRenderer.send('nativeMessagingReply', {command: 'wrongUserId', appId: appId});
return;
}
if (await this.storageService.get<boolean>(ElectronConstants.enableBrowserIntegrationFingerprint)) { if (await this.storageService.get<boolean>(ElectronConstants.enableBrowserIntegrationFingerprint)) {
ipcRenderer.send('nativeMessagingReply', {command: 'verifyFingerprint', appId: appId}); ipcRenderer.send('nativeMessagingReply', {command: 'verifyFingerprint', appId: appId});