encryption type header checking

2024-11-22 12:15:36 +01:00 · 2017-04-06 22:55:36 -04:00 · 2017-04-06 22:55:36 -04:00 · 02d8913a77
commit 02d8913a77
parent 2d7cb1321b
3 changed files with 60 additions and 18 deletions
--- a/src/Core/Enums/EncryptionType.cs
+++ b/src/Core/Enums/EncryptionType.cs
@ -0,0 +1,10 @@
+namespace Bit.Core.Enums
+{
+    public enum EncryptionType : byte
+    {
+        AesCbc256_B64 = 0,
+        AesCbc128_HmacSha256_B64 = 1,
+        AesCbc256_HmacSha256_B64 = 2,
+        RsaOaep_Sha256_B64 = 3
+    }
+}
--- a/src/Core/Enums/ShareStatusType.cs
+++ b/src/Core/Enums/ShareStatusType.cs
@ -1,9 +0,0 @@
-namespace Bit.Core.Enums
-{
-    public enum ShareStatusType : byte
-    {
-        Pending = 0,
-        Accepted = 1,
-        Rejected = 2
-    }
-}
--- a/src/Core/Utilities/EncryptedValueAttribute.cs
+++ b/src/Core/Utilities/EncryptedValueAttribute.cs
@ -27,21 +27,62 @@ namespace Bit.Core.Utilities
                    return false;
                }

-                var encStringPieces = encString.Split('|');
-                if(encStringPieces.Length != 2 && encStringPieces.Length != 3)
+                var headerPieces = encString.Split('.');
+                string[] encStringPieces = null;
+                var encType = Enums.EncryptionType.AesCbc256_B64;
+
+                if(headerPieces.Length == 1)
                {
-                    return false;
+                    encStringPieces = headerPieces[0].Split('|');
+                    // encType stays AesCbc256_B64
+                }
+                else if(headerPieces.Length == 2)
+                {
+                    encStringPieces = headerPieces[1].Split('|');
+                    if(!Enum.TryParse(headerPieces[0], out encType))
+                    {
+                        return false;
+                    }
                }

-                var iv = Convert.FromBase64String(encStringPieces[0]);
-                var ct = Convert.FromBase64String(encStringPieces[1]);
-
-                if(iv.Length < 1 || ct.Length < 1)
+                switch(encType)
                {
-                    return false;
+                    case Enums.EncryptionType.AesCbc256_B64:
+                        if(encStringPieces.Length != 2)
+                        {
+                            return false;
+                        }
+                        break;
+                    case Enums.EncryptionType.AesCbc128_HmacSha256_B64:
+                    case Enums.EncryptionType.AesCbc256_HmacSha256_B64:
+                        if(encStringPieces.Length != 3)
+                        {
+                            return false;
+                        }
+                        break;
+                    case Enums.EncryptionType.RsaOaep_Sha256_B64:
+                        if(encStringPieces.Length != 1)
+                        {
+                            return false;
+                        }
+                        break;
+                    default:
+                        return false;
                }

-                if(encStringPieces.Length == 3)
+                if(encType != Enums.EncryptionType.RsaOaep_Sha256_B64)
+                {
+                    var iv = Convert.FromBase64String(encStringPieces[0]);
+                    var ct = Convert.FromBase64String(encStringPieces[1]);
+
+                    if(iv.Length < 1 || ct.Length < 1)
+                    {
+                        return false;
+                    }
+                }
+
+                if(encType == Enums.EncryptionType.AesCbc128_HmacSha256_B64 ||
+                    encType == Enums.EncryptionType.AesCbc256_HmacSha256_B64)
                {
                    var mac = Convert.FromBase64String(encStringPieces[2]);
                    if(mac.Length < 1)