bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-06 00:13:28 +00:00
Code Issues Releases Wiki Activity

[PM-16984] Improve decryption code clarity (#12681)

Browse Source 
* Improve decrypt failure logging

* Rename decryptcontext to decrypttrace

* Improve docs
This commit is contained in:
Bernd Schoolmann
2025-02-18 16:59:53 +01:00
committed by GitHub
parent 2622422cf7
commit 7a7be6088a
3 changed files with 38 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
libs/common/src/platform/models/domain/domain-base.ts
View File

@@ -65,7 +65,6 @@ export default class Domain {
key: SymmetricCryptoKey = null,
objectContext: string = "No Domain Context",
): Promise<T> {
const promises = [];
const self: any = this;
for (const prop in map) {
@@ -74,27 +73,15 @@ export default class Domain {
continue;
}
(function (theProp) {
const p = Promise.resolve()
.then(() => {
const mapProp = map[theProp] || theProp;
if (self[mapProp]) {
return self[mapProp].decrypt(
orgId,
key,
`Property: ${prop}; ObjectContext: ${objectContext}`,
);
}
return null;
})
.then((val: any) => {
(viewModel as any)[theProp] = val;
});
promises.push(p);
})(prop);
const mapProp = map[prop] || prop;
if (self[mapProp]) {
(viewModel as any)[prop] = await self[mapProp].decrypt(
orgId,
key,
`Property: ${prop}; ObjectContext: ${objectContext}`,
);
}
}
await Promise.all(promises);
return viewModel;
}
@@ -121,22 +108,20 @@ export default class Domain {
_: Constructor<TThis> = this.constructor as Constructor<TThis>,
objectContext: string = "No Domain Context",
): Promise<DecryptedObject<TThis, TEncryptedKeys>> {
const promises = [];
const decryptedObjects = [];
for (const prop of encryptedProperties) {
const value = (this as any)[prop] as EncString;
promises.push(
this.decryptProperty(
prop,
value,
key,
encryptService,
`Property: ${prop.toString()}; ObjectContext: ${objectContext}`,
),
const decrypted = await this.decryptProperty(
prop,
value,
key,
encryptService,
`Property: ${prop.toString()}; ObjectContext: ${objectContext}`,
);
decryptedObjects.push(decrypted);
}
const decryptedObjects = await Promise.all(promises);
const decryptedObject = decryptedObjects.reduce(
(acc, obj) => {
return { ...acc, ...obj };

48
libs/common/src/vault/models/domain/cipher.ts
View File

@@ -12,7 +12,10 @@ import { CipherRepromptType } from "../../enums/cipher-reprompt-type";
import { CipherType } from "../../enums/cipher-type";
import { CipherData } from "../data/cipher.data";
import { LocalData } from "../data/local.data";
import { AttachmentView } from "../view/attachment.view";
import { CipherView } from "../view/cipher.view";
import { FieldView } from "../view/field.view";
import { PasswordHistoryView } from "../view/password-history.view";
import { Attachment } from "./attachment";
import { Card } from "./card";
@@ -136,6 +139,7 @@ export class Cipher extends Domain implements Decryptable<CipherView> {
if (this.key != null) {
const encryptService = Utils.getContainerService().getEncryptService();
const keyBytes = await encryptService.decryptToBytes(
this.key,
encKey,
@@ -198,44 +202,28 @@ export class Cipher extends Domain implements Decryptable<CipherView> {
}
if (this.attachments != null && this.attachments.length > 0) {
const attachments: any[] = [];
await this.attachments.reduce((promise, attachment) => {
return promise
.then(() => {
return attachment.decrypt(this.organizationId, `Cipher Id: ${this.id}`, encKey);
})
.then((decAttachment) => {
attachments.push(decAttachment);
});
}, Promise.resolve());
const attachments: AttachmentView[] = [];
for (const attachment of this.attachments) {
attachments.push(
await attachment.decrypt(this.organizationId, `Cipher Id: ${this.id}`, encKey),
);
}
model.attachments = attachments;
}
if (this.fields != null && this.fields.length > 0) {
const fields: any[] = [];
await this.fields.reduce((promise, field) => {
return promise
.then(() => {
return field.decrypt(this.organizationId, encKey);
})
.then((decField) => {
fields.push(decField);
});
}, Promise.resolve());
const fields: FieldView[] = [];
for (const field of this.fields) {
fields.push(await field.decrypt(this.organizationId, encKey));
}
model.fields = fields;
}
if (this.passwordHistory != null && this.passwordHistory.length > 0) {
const passwordHistory: any[] = [];
await this.passwordHistory.reduce((promise, ph) => {
return promise
.then(() => {
return ph.decrypt(this.organizationId, encKey);
})
.then((decPh) => {
passwordHistory.push(decPh);
});
}, Promise.resolve());
const passwordHistory: PasswordHistoryView[] = [];
for (const ph of this.passwordHistory) {
passwordHistory.push(await ph.decrypt(this.organizationId, encKey));
}
model.passwordHistory = passwordHistory;
}

8
libs/key-management/src/key.service.ts
View File

@@ -368,20 +368,20 @@ export class DefaultKeyService implements KeyServiceAbstraction {
await this.stateProvider.getUser(userId, USER_ENCRYPTED_ORGANIZATION_KEYS).update(() => {
const encOrgKeyData: { [orgId: string]: EncryptedOrganizationKeyData } = {};
orgs.forEach((org) => {
for (const org of orgs) {
encOrgKeyData[org.id] = {
type: "organization",
key: org.key,
};
});
}
providerOrgs.forEach((org) => {
for (const org of providerOrgs) {
encOrgKeyData[org.id] = {
type: "provider",
providerId: org.providerId,
key: org.key,
};
});
}
return encOrgKeyData;
});
}