1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-21 11:35:34 +01:00
bitwarden-browser/apps/web
Jared Snider 0fcfe883b5
Feature/[PM-1378] - Trusted Device Encryption - Establish trust logic for all clients (#5339)
* PM1378 - (1) Create state service methods for securely storing a device symmetric key while following existing pattern of DuckDuckGoKey generation (2) Create makeDeviceKey method on crypto service which leverages the new state service methods for storing the device key.

* PM-1378 - Document CSPRNG types w/ comments explaining what they are and when they should be used.

* PM-1378 - TODO to add tests for makeDeviceKey method

* PM-1378 - Create Devices API service for creating and updating device encrypted master keys + move models according to latest code standards ( I think)

* PM-1378 - TODO clean up - DeviceResponse properly moved next to device api service abstraction per ADR 0013

* PM-1378 - CryptoService makeDeviceKey test written

* PM-1378 - Tweak crypto service makeDeviceKey test to leverage a describe for the function to better group related code.

* PM-1378 - Move known devices call out of API service and into new devices-api.service and update all references. All clients building.

* PM-1378 - Comment clean up

* PM-1378 - Refactor out master key naming as that is a reserved specific key generated from the MP key derivation process + use same property on request object as back end.

* PM-1378 - Missed a use of master key

* PM-1378 - More abstraction updates to remove master key.

* PM-1378 - Convert crypto service makeDeviceKey into getDeviceKey method to consolidate service logic based on PR feedback

* PM-1378- Updating makeDeviceKey --> getDeviceKey tests to match updated code

* PM-1378 - Current work on updating establish trusted device logic in light of new encryption mechanisms (introduction of a device asymmetric key pair in order to allow for key rotation while maintaining trusted devices)

* PM-1378 - (1) CryptoService.TrustDevice() naming refactors (2) Lots of test additions and tweaks for trustDevice()

* PM-1378 - Updated TrustedDeviceKeysRequest names to be consistent across the client side board.

* PM-1378 - Move trusted device crypto service methods out of crypto service into new DeviceCryptoService for better single responsibility design

* PM-1378 - (1) Add getDeviceByIdentifier endpoint to devices api as will need it later (2) Update TrustedDeviceKeysRequest and DeviceResponse models to match latest server side generic encrypted key names

* PM-1378 - PR feedback fix - use JSDOC comments and move from abstraction to implementation

* PM-1378 - Per PR feedback, makeDeviceKey should be private - updated tests with workaround.

* PM-1378- Per PR feedback, refactored deviceKey to use partialKey dict so we can associate userId with specific device keys.

* PM-1378 - Replace deviceId with deviceIdentifier per PR feedback

* PM-1378 - Remove unnecessary createTrustedDeviceKey methods

* PM-1378 - Update device crypto service to leverage updateTrustedDeviceKeys + update tests

* PM-1378 - Update trustDevice logic - (1) Use getEncKey to get user symmetric key as it's the correct method and (2) Attempt to retrieve the userSymKey earlier on and short circuit if it is not found.

* PM-1378 - Replace deviceId with deviceIdentifier because they are not the same thing

* PM-1378 - Per PR feedback, (1) on web/browser extension, store device key in local storage under account.keys existing structure (2) on desktop, store deviceKey in secure storage. (3) Exempt account.keys.deviceKey from being cleared on account reset

* PM-1378 - Desktop testing revealed that I forgot to add userId existence and options reconciliation checks back

* PM-1378 - Per discussion with Jake, create DeviceKey custom type which is really just an opaque<SymmetricCryptoKey> so we can more easily differentiate between key types.

* PM-1378 - Update symmetric-crypto-key.ts opaque DeviceKey to properly setup Opaque type.

* PM-1378 - Fix wrong return type for getDeviceKey on DeviceCryptoServiceAbstraction per PR feedback
2023-05-25 14:17:19 -04:00
..
.vscode Multi root workspace tweaks (#2858) 2022-06-13 21:39:36 -05:00
config Update POC to POC2 (#5033) 2023-03-21 10:24:22 -06:00
scripts Move web to apps/web and bitwarden_license/bit-web 2022-06-02 11:55:37 +02:00
src Feature/[PM-1378] - Trusted Device Encryption - Establish trust logic for all clients (#5339) 2023-05-25 14:17:19 -04:00
.dockerignore Move web to apps/web and bitwarden_license/bit-web 2022-06-02 11:55:37 +02:00
.eslintrc.json [EC-7] Org Admin Vault Refresh Client V1 (#3925) 2022-11-02 09:57:25 -07:00
.gitignore Add webpack-bundle-analyzer command using npx (#2955) 2022-06-28 07:32:17 +10:00
config.js Use settings in base.json and merge config keys (#3804) 2022-10-18 12:00:40 +10:00
crowdin.yml Fix crowdin sync for web (#2853) 2022-06-07 21:31:53 +02:00
dev-server.shared.pem Move web to apps/web and bitwarden_license/bit-web 2022-06-02 11:55:37 +02:00
Dockerfile Move web to apps/web and bitwarden_license/bit-web 2022-06-02 11:55:37 +02:00
entrypoint.sh Move web to apps/web and bitwarden_license/bit-web 2022-06-02 11:55:37 +02:00
jest.config.js [PM-2328] Fix jest deprecations (#5483) 2023-05-22 20:19:16 +02:00
package.json Bumped web version to 2023.4.2 (#5420) 2023-05-10 10:59:54 -04:00
postcss.config.js Move web to apps/web and bitwarden_license/bit-web 2022-06-02 11:55:37 +02:00
README.md Update urls to match the contributing docs (#4192) 2022-12-06 11:20:27 +01:00
tailwind.config.js [SM-45] Scaffold secrets manager module (#2989) 2022-07-22 11:16:24 +02:00
test.setup.ts [EC-423] Fix unit tests (#3265) 2022-08-11 11:35:08 +10:00
tsconfig.json [PM-328] Move exporter to tools (#5070) 2023-04-19 11:30:46 +02:00
tsconfig.spec.json [EC-423] Fix unit tests (#3265) 2022-08-11 11:35:08 +10:00
webpack.config.js [SM-668] hash font asset names (#5054) 2023-03-23 17:51:03 -04:00

The Bitwarden web project is an Angular application that powers the web vault (https://vault.bitwarden.com/).

Github Workflow build on master Crowdin DockerHub gitter chat

Documentation

Please refer to the Web vault section of the Contributing Documentation for build instructions, recommended tooling, code style tips, and lots of other great information to get you started.