From 3392d18957a1551334ff44e173f454e67a250f4e Mon Sep 17 00:00:00 2001 From: Matt Gibson Date: Tue, 4 Mar 2025 15:08:59 -0800 Subject: [PATCH] Make Encrypted type strict This simply matches the existing types, not what we would like `EncString`, `EncArrayBuffer`, and `Encrypted` to represent. We can't throw in construction of EncStrings because that would cause early errors all over the place we aren't ready to deal with, yet. --- .../src/platform/interfaces/encrypted.ts | 6 ++-- .../models/domain/enc-array-buffer.ts | 16 ++++------ .../src/platform/models/domain/enc-string.ts | 31 ++++++++++--------- 3 files changed, 25 insertions(+), 28 deletions(-) diff --git a/libs/common/src/platform/interfaces/encrypted.ts b/libs/common/src/platform/interfaces/encrypted.ts index 6f9d3a191df..e67a5468bb4 100644 --- a/libs/common/src/platform/interfaces/encrypted.ts +++ b/libs/common/src/platform/interfaces/encrypted.ts @@ -2,7 +2,7 @@ import { EncryptionType } from "../enums"; export interface Encrypted { encryptionType?: EncryptionType; - dataBytes: Uint8Array; - macBytes: Uint8Array; - ivBytes: Uint8Array; + dataBytes: Uint8Array | null; + macBytes: Uint8Array | null | undefined; + ivBytes: Uint8Array | null; } diff --git a/libs/common/src/platform/models/domain/enc-array-buffer.ts b/libs/common/src/platform/models/domain/enc-array-buffer.ts index 305504f57b7..ee3cf30fe1f 100644 --- a/libs/common/src/platform/models/domain/enc-array-buffer.ts +++ b/libs/common/src/platform/models/domain/enc-array-buffer.ts @@ -1,5 +1,3 @@ -// FIXME: Update this file to be type safe and remove this and next line -// @ts-strict-ignore import { Utils } from "../../../platform/misc/utils"; import { EncryptionType } from "../../enums"; import { Encrypted } from "../../interfaces/encrypted"; @@ -10,16 +8,16 @@ const MAC_LENGTH = 32; const MIN_DATA_LENGTH = 1; export class EncArrayBuffer implements Encrypted { - readonly encryptionType: EncryptionType = null; - readonly dataBytes: Uint8Array = null; - readonly ivBytes: Uint8Array = null; - readonly macBytes: Uint8Array = null; + readonly encryptionType?: EncryptionType; + readonly dataBytes: Uint8Array | null = null; + readonly ivBytes: Uint8Array | null = null; + readonly macBytes: Uint8Array | undefined | null = null; constructor(readonly buffer: Uint8Array) { const encBytes = buffer; - const encType = encBytes[0]; + this.encryptionType = encBytes[0]; - switch (encType) { + switch (this.encryptionType) { case EncryptionType.AesCbc128_HmacSha256_B64: case EncryptionType.AesCbc256_HmacSha256_B64: { const minimumLength = ENC_TYPE_LENGTH + IV_LENGTH + MAC_LENGTH + MIN_DATA_LENGTH; @@ -48,8 +46,6 @@ export class EncArrayBuffer implements Encrypted { default: this.throwDecryptionError(); } - - this.encryptionType = encType; } private throwDecryptionError() { diff --git a/libs/common/src/platform/models/domain/enc-string.ts b/libs/common/src/platform/models/domain/enc-string.ts index 360cb9bab46..46737a836e0 100644 --- a/libs/common/src/platform/models/domain/enc-string.ts +++ b/libs/common/src/platform/models/domain/enc-string.ts @@ -1,5 +1,3 @@ -// FIXME: Update this file to be type safe and remove this and next line -// @ts-strict-ignore import { Jsonify, Opaque } from "type-fest"; import { EncryptService } from "../../../key-management/crypto/abstractions/encrypt.service"; @@ -17,7 +15,7 @@ export class EncString implements Encrypted { decryptedValue?: string; data?: string; iv?: string; - mac?: string; + mac: string | undefined | null; constructor( encryptedStringOrType: string | EncryptionType, @@ -32,15 +30,15 @@ export class EncString implements Encrypted { } } - get ivBytes(): Uint8Array { + get ivBytes(): Uint8Array | null { return this.iv == null ? null : Utils.fromB64ToArray(this.iv); } - get macBytes(): Uint8Array { + get macBytes(): Uint8Array | null { return this.mac == null ? null : Utils.fromB64ToArray(this.mac); } - get dataBytes(): Uint8Array { + get dataBytes(): Uint8Array | null { return this.data == null ? null : Utils.fromB64ToArray(this.data); } @@ -48,7 +46,7 @@ export class EncString implements Encrypted { return this.encryptedString as string; } - static fromJSON(obj: Jsonify): EncString { + static fromJSON(obj: Jsonify): EncString | null { if (obj == null) { return null; } @@ -56,7 +54,12 @@ export class EncString implements Encrypted { return new EncString(obj); } - private initFromData(encType: EncryptionType, data: string, iv: string, mac: string) { + private initFromData( + encType: EncryptionType, + data: string, + iv: string | undefined, + mac: string | undefined, + ) { if (iv != null) { this.encryptedString = (encType + "." + iv + "|" + data) as EncryptedString; } else { @@ -119,15 +122,13 @@ export class EncString implements Encrypted { } { const headerPieces = encryptedString.split("."); let encType: EncryptionType; - let encPieces: string[] = null; + let encPieces: string[]; if (headerPieces.length === 2) { try { - encType = parseInt(headerPieces[0], null); + encType = parseInt(headerPieces[0]); encPieces = headerPieces[1].split("|"); - // FIXME: Remove when updating file. Eslint update - // eslint-disable-next-line @typescript-eslint/no-unused-vars - } catch (e) { + } catch { return { encType: NaN, encPieces: [] }; } } else { @@ -160,7 +161,7 @@ export class EncString implements Encrypted { async decrypt( orgId: string | null, - key: SymmetricCryptoKey = null, + key: SymmetricCryptoKey | null = null, context?: string, ): Promise { if (this.decryptedValue != null) { @@ -219,7 +220,7 @@ export class EncString implements Encrypted { return this.decryptedValue; } - private async getKeyForDecryption(orgId: string) { + private async getKeyForDecryption(orgId: string | null) { const keyService = Utils.getContainerService().getKeyService(); return orgId != null ? await keyService.getOrgKey(orgId)