Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-21 11:35:34 +01:00
Code Issues Projects Releases Wiki Activity

Fix account key (de)serialization

Browse Source
This commit is contained in:
Matt Gibson 2022-09-12 20:06:47 -04:00
parent 5370cc463d
commit b1dffb5c2c
No known key found for this signature in database
GPG Key ID: A2275080D765C2D7
5 changed files with 93 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
libs/common/src/abstractions/state.service.ts
View File

@ -214,8 +214,11 @@ export abstract class StateService<T extends Account = Account> {
) => Promise<void>;
getEncryptedPrivateKey: (options?: StorageOptions) => Promise<string>;
setEncryptedPrivateKey: (value: string, options?: StorageOptions) => Promise<void>;
getEncryptedProviderKeys: (options?: StorageOptions) => Promise<any>;
setEncryptedProviderKeys: (value: any, options?: StorageOptions) => Promise<void>;
getEncryptedProviderKeys: (options?: StorageOptions) => Promise<Record<string, string>>;
setEncryptedProviderKeys: (
value: Record<string, string>,
options?: StorageOptions
) => Promise<void>;
getEncryptedSends: (options?: StorageOptions) => Promise<{ [id: string]: SendData }>;
setEncryptedSends: (value: { [id: string]: SendData }, options?: StorageOptions) => Promise<void>;
getEntityId: (options?: StorageOptions) => Promise<string>;

54
libs/common/src/models/domain/account.ts
View File

@ -108,15 +108,13 @@ export class AccountKeys {
>();
organizationKeys?: EncryptionPair<
{ [orgId: string]: EncryptedOrganizationKeyData },
Map<string, SymmetricCryptoKey>
Record<string, SymmetricCryptoKey>
> = new EncryptionPair<
{ [orgId: string]: EncryptedOrganizationKeyData },
Map<string, SymmetricCryptoKey>
>();
providerKeys?: EncryptionPair<any, Map<string, SymmetricCryptoKey>> = new EncryptionPair<
any,
Map<string, SymmetricCryptoKey>
Record<string, SymmetricCryptoKey>
>();
providerKeys?: EncryptionPair<Record<string, string>, Record<string, SymmetricCryptoKey>> =
new EncryptionPair<Record<string, string>, Record<string, SymmetricCryptoKey>>();
privateKey?: EncryptionPair<string, ArrayBuffer> = new EncryptionPair<string, ArrayBuffer>();
publicKey?: ArrayBuffer;
private publicKeySerialized?: string;
@ -124,10 +122,36 @@ export class AccountKeys {
toJSON() {
this.publicKeySerialized = Utils.fromBufferToByteString(this.publicKey);
return this;
return {
cryptoMasterKey: this.cryptoMasterKey?.toJSON(),
cryptoMasterKeyAuto: this.cryptoMasterKeyAuto,
cryptoMasterKeyB64: this.cryptoMasterKeyB64,
cryptoMasterKeyBiometric: this.cryptoMasterKeyBiometric,
cryptoSymmetricKey: this.cryptoSymmetricKey?.toJSON() as {
encrypted: string;
decrypted: Jsonify<SymmetricCryptoKey>;
decryptedSerialized: string;
},
organizationKeys: this.organizationKeys?.toJSON() as {
encrypted: { [orgId: string]: EncryptedOrganizationKeyData };
decrypted: Record<string, Jsonify<SymmetricCryptoKey>>;
decryptedSerialized: string;
},
providerKeys: this.providerKeys?.toJSON() as {
encrypted: any;
decrypted: Record<string, Jsonify<SymmetricCryptoKey>>;
decryptedSerialized: string;
},
privateKey: this.privateKey?.toJSON() as {
encrypted: string;
decrypted: Jsonify<ArrayBuffer>;
decryptedSerialized: string;
},
publicKeySerialized: this.publicKeySerialized,
};
}
static fromJSON(obj: any): AccountKeys {
static fromJSON(obj: Partial<Jsonify<AccountKeys>>): AccountKeys {
return Object.assign(
new AccountKeys(),
{ cryptoMasterKey: SymmetricCryptoKey.fromJSON(obj?.cryptoMasterKey) },
@ -137,8 +161,8 @@ export class AccountKeys {
SymmetricCryptoKey.fromJSON
),
},
{ organizationKeys: AccountKeys.initMapEncryptionPairsFromJSON(obj?.organizationKeys) },
{ providerKeys: AccountKeys.initMapEncryptionPairsFromJSON(obj?.providerKeys) },
{ organizationKeys: AccountKeys.initRecordEncryptionPairsFromJSON(obj?.organizationKeys) },
{ providerKeys: AccountKeys.initRecordEncryptionPairsFromJSON(obj?.providerKeys) },
{ privateKey: EncryptionPair.fromJSON(obj?.privateKey) },
{
publicKey: Utils.fromByteStringToArray(obj?.publicKeySerialized)?.buffer,
@ -148,13 +172,13 @@ export class AccountKeys {
// These `any` types are a result of Jsonify<Map<>> === {}
// Issue raised https://github.com/sindresorhus/type-fest/issues/457
static initMapEncryptionPairsFromJSON(obj: any) {
static initRecordEncryptionPairsFromJSON(obj: any) {
return EncryptionPair.fromJSON(obj, (decObj: any) => {
const map = new Map<string, SymmetricCryptoKey>();
for (const id in decObj) {
map.set(id, SymmetricCryptoKey.fromJSON(decObj[id]));
const record: Record<string, SymmetricCryptoKey> = {};
for (const key in decObj) {
record[key] = SymmetricCryptoKey.fromJSON(decObj[key]);
}
return map;
return record;
});
}
}

41
libs/common/src/models/domain/acount-keys.spec.ts
View File

@ -6,15 +6,22 @@ import { AccountKeys, EncryptionPair } from "./account";
import { SymmetricCryptoKey } from "./symmetricCryptoKey";
describe("AccountKeys", () => {
const buffer = makeStaticByteArray(64).buffer;
const symmetricKey = new SymmetricCryptoKey(buffer);
describe("toJSON", () => {
it("should serialize itself", () => {
const keys = new AccountKeys();
const buffer = makeStaticByteArray(64).buffer;
const symmetricKey = new SymmetricCryptoKey(buffer);
keys.cryptoMasterKey = symmetricKey;
keys.publicKey = buffer;
keys.cryptoSymmetricKey = new EncryptionPair<string, SymmetricCryptoKey>();
keys.cryptoSymmetricKey.decrypted = symmetricKey;
keys.providerKeys = new EncryptionPair<
Record<string, string>,
Record<string, SymmetricCryptoKey>
>();
keys.providerKeys.encrypted = { test: "test" };
keys.providerKeys.decrypted = { providerId: symmetricKey };
const symmetricKeySpy = jest.spyOn(symmetricKey, "toJSON");
const actual = JSON.stringify(keys.toJSON());
@ -23,6 +30,8 @@ describe("AccountKeys", () => {
expect(actual).toContain(
`"publicKeySerialized":${JSON.stringify(Utils.fromBufferToByteString(buffer))}`
);
expect(actual).toContain(`"providerKeys":${JSON.stringify(keys.providerKeys.toJSON())}`);
expect(actual).toContain(`"providerId":${JSON.stringify(symmetricKey.toJSON())}`);
});
it("should serialize public key as a string", () => {
@ -49,19 +58,41 @@ describe("AccountKeys", () => {
it("should deserialize organizationKeys", () => {
const spy = jest.spyOn(SymmetricCryptoKey, "fromJSON");
AccountKeys.fromJSON({ organizationKeys: [{ orgId: "keyJSON" }] });
AccountKeys.fromJSON({
organizationKeys: {
encrypted: {},
decrypted: {
"00000000-0000-0000-0000-000000000000": {
keyB64: symmetricKey.keyB64,
},
},
decryptedSerialized: null,
},
});
expect(spy).toHaveBeenCalled();
});
it("should deserialize providerKeys", () => {
const spy = jest.spyOn(SymmetricCryptoKey, "fromJSON");
AccountKeys.fromJSON({ providerKeys: [{ providerId: "keyJSON" }] });
AccountKeys.fromJSON({
providerKeys: {
encrypted: {},
decrypted: {
"00000000-0000-0000-0000-000000000000": {
keyB64: symmetricKey.keyB64,
},
},
decryptedSerialized: null,
},
});
expect(spy).toHaveBeenCalled();
});
it("should deserialize privateKey", () => {
const spy = jest.spyOn(EncryptionPair, "fromJSON");
AccountKeys.fromJSON({ privateKey: { encrypted: "encrypted", decrypted: "decrypted" } });
AccountKeys.fromJSON({
privateKey: { encrypted: "encrypted", decrypted: null, decryptedSerialized: "test" },
});
expect(spy).toHaveBeenCalled();
});
});

2
libs/common/src/services/crypto.service.ts
View File

@ -84,7 +84,7 @@ export class CryptoService implements CryptoServiceAbstraction {
}
async setProviderKeys(providers: ProfileProviderResponse[]): Promise<void> {
const providerKeys: any = {};
const providerKeys: Record<string, string> = {};
providers.forEach((provider) => {
providerKeys[provider.id] = provider.key;
});

20
libs/common/src/services/state.service.ts
View File

@ -687,7 +687,7 @@ export class StateService<
const account = await this.getAccount(
this.reconcileOptions(options, await this.defaultInMemoryOptions())
);
return account?.keys?.organizationKeys?.decrypted;
return new Map(Object.entries(account?.keys?.organizationKeys?.decrypted));
}
async setDecryptedOrganizationKeys(
@ -697,7 +697,7 @@ export class StateService<
const account = await this.getAccount(
this.reconcileOptions(options, await this.defaultInMemoryOptions())
);
account.keys.organizationKeys.decrypted = value;
account.keys.organizationKeys.decrypted = Object.fromEntries(value);
await this.saveAccount(
account,
this.reconcileOptions(options, await this.defaultInMemoryOptions())
@ -784,9 +784,10 @@ export class StateService<
async getDecryptedProviderKeys(
options?: StorageOptions
): Promise<Map<string, SymmetricCryptoKey>> {
return (
await this.getAccount(this.reconcileOptions(options, await this.defaultInMemoryOptions()))
)?.keys?.providerKeys?.decrypted;
const account = await this.getAccount(
this.reconcileOptions(options, await this.defaultInMemoryOptions())
);
return new Map(Object.entries(account?.keys?.providerKeys?.decrypted));
}
async setDecryptedProviderKeys(
@ -796,7 +797,7 @@ export class StateService<
const account = await this.getAccount(
this.reconcileOptions(options, await this.defaultInMemoryOptions())
);
account.keys.providerKeys.decrypted = value;
account.keys.providerKeys.decrypted = Object.fromEntries(value);
await this.saveAccount(
account,
this.reconcileOptions(options, await this.defaultInMemoryOptions())
@ -1461,13 +1462,16 @@ export class StateService<
);
}
async getEncryptedProviderKeys(options?: StorageOptions): Promise<any> {
async getEncryptedProviderKeys(options?: StorageOptions): Promise<Record<string, string>> {
return (
await this.getAccount(this.reconcileOptions(options, await this.defaultOnDiskOptions()))
)?.keys?.providerKeys?.encrypted;
}
async setEncryptedProviderKeys(value: any, options?: StorageOptions): Promise<void> {
async setEncryptedProviderKeys(
value: Record<string, string>,
options?: StorageOptions
): Promise<void> {
const account = await this.getAccount(
this.reconcileOptions(options, await this.defaultOnDiskOptions())
);