1
0
mirror of https://github.com/bitwarden/desktop.git synced 2024-11-28 12:35:40 +01:00

Ensure we only setup a communication when userId matches

This commit is contained in:
Hinton 2021-01-15 10:57:09 +01:00
parent 326b6b3aaf
commit 8084b28013

View File

@ -22,8 +22,9 @@ export class NativeMessagingService {
private sharedSecrets = new Map<string, SymmetricCryptoKey>();
constructor(private cryptoFunctionService: CryptoFunctionService, private cryptoService: CryptoService,
private platformUtilService: PlatformUtilsService, private logService: LogService, private i18nService: I18nService,
private userService: UserService, private messagingService: MessagingService, private vaultTimeoutService: VaultTimeoutService, private storageService: StorageService) {
private platformUtilService: PlatformUtilsService, private logService: LogService,
private i18nService: I18nService, private userService: UserService, private messagingService: MessagingService,
private vaultTimeoutService: VaultTimeoutService, private storageService: StorageService) {
ipcRenderer.on('nativeMessaging', async (event: any, message: any) => {
this.messageHandler(message);
});
@ -37,6 +38,12 @@ export class NativeMessagingService {
if (rawMessage.command === 'setupEncryption') {
const remotePublicKey = Utils.fromB64ToArray(rawMessage.publicKey).buffer;
// Valudate the UserId to ensure we are logged into the same account.
if (rawMessage.userId !== await this.userService.getUserId()) {
ipcRenderer.send('nativeMessagingReply', {command: 'wrongUserId', appId: appId});
return;
}
if (await this.storageService.get<boolean>(ElectronConstants.enableBrowserIntegrationFingerprint)) {
ipcRenderer.send('nativeMessagingReply', {command: 'verifyFingerprint', appId: appId});