bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-17 16:53:34 +00:00
Code Issues Releases Wiki Activity

Setup new encryption flow

Browse Source
This commit is contained in:
Hinton
2020-10-19 12:21:07 +02:00
parent 1bb81270d9
commit 54c53e432b
1 changed files with 12 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/services/nativeMessaging.service.ts
View File

@@ -5,14 +5,14 @@ import { CryptoFunctionService } from 'jslib/abstractions/cryptoFunction.service
import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service'; import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
import { LogService } from 'jslib/abstractions/log.service'; import { LogService } from 'jslib/abstractions/log.service';
import { Utils } from 'jslib/misc/utils'; import { Utils } from 'jslib/misc/utils';
import { SymmetricCryptoKey } from 'jslib/models/domain/symmetricCryptoKey';
const MessageValidTimeout = 10 * 1000; const MessageValidTimeout = 10 * 1000;
const EncryptionAlgorithm = 'sha256'; const EncryptionAlgorithm = 'sha1';
export class NativeMessagingService { export class NativeMessagingService {
private publicKey: ArrayBuffer;
private privateKey: ArrayBuffer;
private remotePublicKey: ArrayBuffer; private remotePublicKey: ArrayBuffer;
private sharedSecret: any;
constructor(private cryptoFunctionService: CryptoFunctionService, private cryptoService: CryptoService, constructor(private cryptoFunctionService: CryptoFunctionService, private cryptoService: CryptoService,
private platformUtilService: PlatformUtilsService, private logService: LogService) { private platformUtilService: PlatformUtilsService, private logService: LogService) {
@@ -28,9 +28,9 @@ export class NativeMessagingService {
return; return;
} }
debugger; // TODO: Add error handler, if it fails we should invalidate the key and send a re-authenticate message to browser
const message = JSON.parse(Utils.fromBufferToUtf8(await this.cryptoFunctionService.rsaDecrypt(rawMessage, this.privateKey, EncryptionAlgorithm))); const message = JSON.parse(await this.cryptoService.decryptToUtf8(rawMessage, this.sharedSecret));
console.log(message);
if (Math.abs(message.timestamp - Date.now()) > MessageValidTimeout) { if (Math.abs(message.timestamp - Date.now()) > MessageValidTimeout) {
this.logService.error('NativeMessage is to old, ignoring.'); this.logService.error('NativeMessage is to old, ignoring.');
return; return;
@@ -58,14 +58,17 @@ export class NativeMessagingService {
private async send(message: any) { private async send(message: any) {
message.timestamp = Date.now(); message.timestamp = Date.now();
const encrypted = await this.cryptoFunctionService.rsaEncrypt(Utils.fromUtf8ToArray(JSON.stringify(message)), this.remotePublicKey, EncryptionAlgorithm);
const encrypted = await this.cryptoService.encrypt(JSON.stringify(message), this.sharedSecret);
ipcRenderer.send('nativeMessagingReply', encrypted); ipcRenderer.send('nativeMessagingReply', encrypted);
} }
private async secureCommunication() { private async secureCommunication() {
[this.publicKey, this.privateKey] = await this.cryptoFunctionService.rsaGenerateKeyPair(2048); const secret = await this.cryptoFunctionService.randomBytes(64);
this.sharedSecret = new SymmetricCryptoKey(secret);
this.send({command: 'setupEncryption', publicKey: Utils.fromBufferToB64(this.publicKey)}); const encryptedSecret = await this.cryptoFunctionService.rsaEncrypt(secret, this.remotePublicKey, EncryptionAlgorithm);
ipcRenderer.send('nativeMessagingReply', {command: 'setupEncryption', sharedSecret: Utils.fromBufferToB64(encryptedSecret)});
} }
} }