Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-23 11:56:00 +01:00
Code Issues Projects Releases Wiki Activity

Use encrypted filename filename in Cipher attachment upload blob name (#403)

Browse Source 
* Use EncString type to enforce encryption on filename in Cipher attachment upload

* Fix Cipher attachment test
This commit is contained in:
Matt Gibson 2021-06-08 14:02:08 -05:00 committed by GitHub
parent 2e16aef6a2
commit ea90aea013
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
common/src/abstractions/fileUpload.service.ts
View File

@ -6,6 +6,6 @@ import { SendFileUploadDataResponse } from '../models/response/sendFileUploadDat
export abstract class FileUploadService {
uploadSendFile: (uploadData: SendFileUploadDataResponse, fileName: EncString,
encryptedFileData: EncArrayBuffer) => Promise<any>;
uploadCipherAttachment: (admin: boolean, uploadData: AttachmentUploadDataResponse, fileName: string,
uploadCipherAttachment: (admin: boolean, uploadData: AttachmentUploadDataResponse, fileName: EncString,
encryptedFileData: EncArrayBuffer) => Promise<any>;
}

2
common/src/services/cipher.service.ts
View File

@ -638,7 +638,7 @@ export class CipherService implements CipherServiceAbstraction {
try {
const uploadDataResponse = await this.apiService.postCipherAttachment(cipher.id, request);
response = admin ? uploadDataResponse.cipherMiniResponse : uploadDataResponse.cipherResponse;
await this.fileUploadService.uploadCipherAttachment(admin, uploadDataResponse, filename, encData);
await this.fileUploadService.uploadCipherAttachment(admin, uploadDataResponse, encFileName, encData);
} catch (e) {
if (e instanceof ErrorResponse && (e as ErrorResponse).statusCode === 404 || (e as ErrorResponse).statusCode === 405) {
response = await this.legacyServerAttachmentFileUpload(admin, cipher.id, encFileName, encData, dataEncKey[1]);

5
common/src/services/fileUpload.service.ts
View File

@ -47,12 +47,13 @@ export class FileUploadService implements FileUploadServiceAbstraction {
}
}
async uploadCipherAttachment(admin: boolean, uploadData: AttachmentUploadDataResponse, encryptedFileName: string, encryptedFileData: EncArrayBuffer) {
async uploadCipherAttachment(admin: boolean, uploadData: AttachmentUploadDataResponse, encryptedFileName: EncString,
encryptedFileData: EncArrayBuffer) {
const response = admin ? uploadData.cipherMiniResponse : uploadData.cipherResponse;
try {
switch (uploadData.fileUploadType) {
case FileUploadType.Direct:
await this.bitwardenFileUploadService.upload(encryptedFileName, encryptedFileData,
await this.bitwardenFileUploadService.upload(encryptedFileName.encryptedString, encryptedFileData,
fd => this.apiService.postAttachmentFile(response.id, uploadData.attachmentId, fd));
break;
case FileUploadType.Azure:

2
spec/common/services/cipher.service.spec.ts
View File

@ -56,6 +56,6 @@ describe('Cipher Service', () => {
await cipherService.saveAttachmentRawWithServer(new Cipher(), fileName, fileData);
fileUploadService.received(1).uploadCipherAttachment(Arg.any(), Arg.any(), fileName, ENCRYPTED_BYTES);
fileUploadService.received(1).uploadCipherAttachment(Arg.any(), Arg.any(), new EncString(ENCRYPTED_TEXT), ENCRYPTED_BYTES);
});
});