Merge branch 'master' into feature/org-admin-refresh

apps/desktop/src/app/accounts/lock.component.ts

@@ -13,7 +13,6 @@ import { LogService } from "@bitwarden/common/abstractions/log.service";
 import { MessagingService } from "@bitwarden/common/abstractions/messaging.service";
 import { PlatformUtilsService } from "@bitwarden/common/abstractions/platformUtils.service";
 import { StateService } from "@bitwarden/common/abstractions/state.service";
-import { SyncService } from "@bitwarden/common/abstractions/sync/sync.service.abstraction";
 import { VaultTimeoutService } from "@bitwarden/common/abstractions/vaultTimeout/vaultTimeout.service";
 import { VaultTimeoutSettingsService } from "@bitwarden/common/abstractions/vaultTimeout/vaultTimeoutSettings.service";
 
@@ -25,8 +24,6 @@ const BroadcasterSubscriptionId = "LockComponent";
 })
 export class LockComponent extends BaseLockComponent {
   private deferFocus: boolean = null;
-  authenicatedUrl = "vault";
-  unAuthenicatedUrl = "update-temp-password";
 
   constructor(
     router: Router,
@@ -43,8 +40,7 @@ export class LockComponent extends BaseLockComponent {
     private broadcasterService: BroadcasterService,
     ngZone: NgZone,
     logService: LogService,
-    keyConnectorService: KeyConnectorService,
-    private syncService: SyncService
+    keyConnectorService: KeyConnectorService
   ) {
     super(
       router,
@@ -67,11 +63,6 @@ export class LockComponent extends BaseLockComponent {
     await super.ngOnInit();
     const autoPromptBiometric = !(await this.stateService.getNoAutoPromptBiometrics());
 
-    await this.syncService.fullSync(true);
-
-    const forcePasswordReset = await this.stateService.getForcePasswordReset();
-    this.successRoute = forcePasswordReset === true ? this.unAuthenicatedUrl : this.authenicatedUrl;
-
     // eslint-disable-next-line rxjs-angular/prefer-takeuntil
     this.route.queryParams.subscribe((params) => {
       if (this.supportsBiometric && params.promptBiometric && autoPromptBiometric) {

apps/desktop/src/app/vault/generator.component.spec.ts

@@ -1,6 +1,7 @@
 import { NO_ERRORS_SCHEMA } from "@angular/core";
 import { ComponentFixture, TestBed } from "@angular/core/testing";
 import { ActivatedRoute } from "@angular/router";
+// eslint-disable-next-line no-restricted-imports
 import { Substitute } from "@fluffy-spoon/substitute";
 import { mock, MockProxy } from "jest-mock-extended";
 

apps/desktop/src/services/nativeMessageHandler.service.ts

@@ -182,12 +182,25 @@ export class NativeMessageHandlerService {
       this.ddgSharedSecret = SymmetricCryptoKey.fromJSON({ keyB64: storedKey });
     }
 
-    return JSON.parse(
-      await this.cryptoService.decryptToUtf8(
+    try {
+      let decryptedResult = await this.cryptoService.decryptToUtf8(
         message.encryptedCommand as EncString,
         this.ddgSharedSecret
-      )
-    );
+      );
+
+      decryptedResult = this.trimNullCharsFromMessage(decryptedResult);
+
+      return JSON.parse(decryptedResult);
+    } catch {
+      this.sendResponse({
+        messageId: message.messageId,
+        version: NativeMessagingVersion.Latest,
+        payload: {
+          error: "cannot-decrypt",
+        },
+      });
+      return;
+    }
   }
 
   private async sendEncryptedResponse(
@@ -218,4 +231,23 @@ export class NativeMessageHandlerService {
   private sendResponse(response: EncryptedMessageResponse | UnencryptedMessageResponse) {
     ipcRenderer.send("nativeMessagingReply", response);
   }
+
+  // Trim all null bytes padded at the end of messages. This happens with C encryption libraries.
+  private trimNullCharsFromMessage(message: string): string {
+    const charNull = 0;
+    const charRightCurlyBrace = 125;
+    const charRightBracket = 93;
+
+    for (let i = message.length - 1; i >= 0; i--) {
+      if (message.charCodeAt(i) === charNull) {
+        message = message.substring(0, message.length - 1);
+      } else if (
+        message.charCodeAt(i) === charRightCurlyBrace ||
+        message.charCodeAt(i) === charRightBracket
+      ) {
+        break;
+      }
+    }
+    return message;
+  }
 }