[PM-21884] Fix DuckDuckGo integration when SDK is enabled for decrypt (#14884)

* Fix ddg integration when sdk is enabled for decryption * Fix comments
2025-12-06 00:13:28 +00:00 · 2025-05-29 15:17:04 +02:00
parent 6351fc0e69
commit 798acc7cba
1 changed files with 41 additions and 5 deletions
--- a/apps/desktop/src/services/duckduckgo-message-handler.service.ts
+++ b/apps/desktop/src/services/duckduckgo-message-handler.service.ts
@@ -188,13 +188,10 @@ export class DuckDuckGoMessageHandlerService {
    }

    try {
-      let decryptedResult = await this.encryptService.decryptString(
+      const decryptedResult = await this.decryptDuckDuckGoEncString(
        message.encryptedCommand as EncString,
        this.duckduckgoSharedSecret,
      );
-
-      decryptedResult = this.trimNullCharsFromMessage(decryptedResult);
-
      return JSON.parse(decryptedResult);
    } catch {
      this.sendResponse({
@@ -237,7 +234,46 @@ export class DuckDuckGoMessageHandlerService {
    ipc.platform.nativeMessaging.sendReply(response);
  }

-  // Trim all null bytes padded at the end of messages. This happens with C encryption libraries.
+  /*
+   * Bitwarden type 2 (AES256-CBC-HMAC256) uses PKCS7 padding.
+   * DuckDuckGo does not use PKCS7 padding; and instead fills the last CBC block with null bytes.
+   * ref: https://github.com/duckduckgo/apple-browsers/blob/04d678b447869c3a640714718a466b36407db8b6/macOS/DuckDuckGo/PasswordManager/Bitwarden/Services/BWEncryption.m#L141
+   *
+   * This is incompatible which means the default encryptService cannot be used to decrypt the message,
+   * a custom EncString decrypt operation is needed.
+   *
+   * This function also trims null characters that are a result of the null-padding from the end of the message.
+   */
+  private async decryptDuckDuckGoEncString(
+    encString: EncString,
+    key: SymmetricCryptoKey,
+  ): Promise<string> {
+    const fastParams = this.cryptoFunctionService.aesDecryptFastParameters(
+      encString.data,
+      encString.iv,
+      encString.mac,
+      key,
+    );
+
+    const computedMac = await this.cryptoFunctionService.hmacFast(
+      fastParams.macData,
+      fastParams.macKey,
+      "sha256",
+    );
+    const macsEqual = await this.cryptoFunctionService.compareFast(fastParams.mac, computedMac);
+    if (!macsEqual) {
+      return null;
+    }
+    const decryptedPaddedString = await this.cryptoFunctionService.aesDecryptFast({
+      mode: "cbc",
+      parameters: fastParams,
+    });
+    return this.trimNullCharsFromMessage(decryptedPaddedString);
+  }
+
+  // DuckDuckGo does not use PKCS7 padding, but instead leaves the values as null,
+  // so null characters need to be trimmed from the end of the message for the last
+  // CBC-block.
  private trimNullCharsFromMessage(message: string): string {
    const charNull = 0;
    const charRightCurlyBrace = 125;