From 02d8913a7740583c5e0761181975dfe0639d03c8 Mon Sep 17 00:00:00 2001 From: Kyle Spearrin Date: Thu, 6 Apr 2017 22:55:36 -0400 Subject: [PATCH] encryption type header checking --- src/Core/Enums/EncryptionType.cs | 10 ++++ src/Core/Enums/ShareStatusType.cs | 9 --- src/Core/Utilities/EncryptedValueAttribute.cs | 59 ++++++++++++++++--- 3 files changed, 60 insertions(+), 18 deletions(-) create mode 100644 src/Core/Enums/EncryptionType.cs delete mode 100644 src/Core/Enums/ShareStatusType.cs diff --git a/src/Core/Enums/EncryptionType.cs b/src/Core/Enums/EncryptionType.cs new file mode 100644 index 000000000..d264be707 --- /dev/null +++ b/src/Core/Enums/EncryptionType.cs @@ -0,0 +1,10 @@ +namespace Bit.Core.Enums +{ + public enum EncryptionType : byte + { + AesCbc256_B64 = 0, + AesCbc128_HmacSha256_B64 = 1, + AesCbc256_HmacSha256_B64 = 2, + RsaOaep_Sha256_B64 = 3 + } +} diff --git a/src/Core/Enums/ShareStatusType.cs b/src/Core/Enums/ShareStatusType.cs deleted file mode 100644 index 4f87de121..000000000 --- a/src/Core/Enums/ShareStatusType.cs +++ /dev/null @@ -1,9 +0,0 @@ -namespace Bit.Core.Enums -{ - public enum ShareStatusType : byte - { - Pending = 0, - Accepted = 1, - Rejected = 2 - } -} diff --git a/src/Core/Utilities/EncryptedValueAttribute.cs b/src/Core/Utilities/EncryptedValueAttribute.cs index 5772ea64d..016e2c7d7 100644 --- a/src/Core/Utilities/EncryptedValueAttribute.cs +++ b/src/Core/Utilities/EncryptedValueAttribute.cs @@ -27,21 +27,62 @@ namespace Bit.Core.Utilities return false; } - var encStringPieces = encString.Split('|'); - if(encStringPieces.Length != 2 && encStringPieces.Length != 3) + var headerPieces = encString.Split('.'); + string[] encStringPieces = null; + var encType = Enums.EncryptionType.AesCbc256_B64; + + if(headerPieces.Length == 1) { - return false; + encStringPieces = headerPieces[0].Split('|'); + // encType stays AesCbc256_B64 + } + else if(headerPieces.Length == 2) + { + encStringPieces = headerPieces[1].Split('|'); + if(!Enum.TryParse(headerPieces[0], out encType)) + { + return false; + } } - var iv = Convert.FromBase64String(encStringPieces[0]); - var ct = Convert.FromBase64String(encStringPieces[1]); - - if(iv.Length < 1 || ct.Length < 1) + switch(encType) { - return false; + case Enums.EncryptionType.AesCbc256_B64: + if(encStringPieces.Length != 2) + { + return false; + } + break; + case Enums.EncryptionType.AesCbc128_HmacSha256_B64: + case Enums.EncryptionType.AesCbc256_HmacSha256_B64: + if(encStringPieces.Length != 3) + { + return false; + } + break; + case Enums.EncryptionType.RsaOaep_Sha256_B64: + if(encStringPieces.Length != 1) + { + return false; + } + break; + default: + return false; } - if(encStringPieces.Length == 3) + if(encType != Enums.EncryptionType.RsaOaep_Sha256_B64) + { + var iv = Convert.FromBase64String(encStringPieces[0]); + var ct = Convert.FromBase64String(encStringPieces[1]); + + if(iv.Length < 1 || ct.Length < 1) + { + return false; + } + } + + if(encType == Enums.EncryptionType.AesCbc128_HmacSha256_B64 || + encType == Enums.EncryptionType.AesCbc256_HmacSha256_B64) { var mac = Convert.FromBase64String(encStringPieces[2]); if(mac.Length < 1)