Rework Desktop Biometrics (#5234)

2025-12-14 15:23:33 +00:00 · 2023-04-18 09:09:47 -04:00
parent 4852992662
commit 830af7b06d
55 changed files with 2497 additions and 564 deletions
--- a/libs/common/src/models/domain/account.ts
+++ b/libs/common/src/models/domain/account.ts
@@ -133,27 +133,20 @@ export class AccountKeys {
      return null;
    }

-    return Object.assign(
-      new AccountKeys(),
-      { cryptoMasterKey: SymmetricCryptoKey.fromJSON(obj?.cryptoMasterKey) },
-      {
-        cryptoSymmetricKey: EncryptionPair.fromJSON(
-          obj?.cryptoSymmetricKey,
-          SymmetricCryptoKey.fromJSON
-        ),
-      },
-      { organizationKeys: AccountKeys.initRecordEncryptionPairsFromJSON(obj?.organizationKeys) },
-      { providerKeys: AccountKeys.initRecordEncryptionPairsFromJSON(obj?.providerKeys) },
-      {
-        privateKey: EncryptionPair.fromJSON<string, ArrayBuffer>(
-          obj?.privateKey,
-          (decObj: string) => Utils.fromByteStringToArray(decObj).buffer
-        ),
-      },
-      {
-        publicKey: Utils.fromByteStringToArray(obj?.publicKey)?.buffer,
-      }
-    );
+    return Object.assign(new AccountKeys(), {
+      cryptoMasterKey: SymmetricCryptoKey.fromJSON(obj?.cryptoMasterKey),
+      cryptoSymmetricKey: EncryptionPair.fromJSON(
+        obj?.cryptoSymmetricKey,
+        SymmetricCryptoKey.fromJSON
+      ),
+      organizationKeys: AccountKeys.initRecordEncryptionPairsFromJSON(obj?.organizationKeys),
+      providerKeys: AccountKeys.initRecordEncryptionPairsFromJSON(obj?.providerKeys),
+      privateKey: EncryptionPair.fromJSON<string, ArrayBuffer>(
+        obj?.privateKey,
+        (decObj: string) => Utils.fromByteStringToArray(decObj).buffer
+      ),
+      publicKey: Utils.fromByteStringToArray(obj?.publicKey)?.buffer,
+    });
  }

  static initRecordEncryptionPairsFromJSON(obj: any) {
--- a/libs/common/src/models/domain/enc-string.ts
+++ b/libs/common/src/models/domain/enc-string.ts
@@ -1,6 +1,6 @@
 import { Jsonify } from "type-fest";

-import { EncryptionType } from "../../enums";
+import { EncryptionType, EXPECTED_NUM_PARTS_BY_ENCRYPTION_TYPE } from "../../enums";
 import { IEncrypted } from "../../interfaces/IEncrypted";
 import { Utils } from "../../misc/utils";

@@ -75,34 +75,26 @@ export class EncString implements IEncrypted {
      return;
    }

-    const { encType, encPieces } = this.parseEncryptedString(this.encryptedString);
+    const { encType, encPieces } = EncString.parseEncryptedString(this.encryptedString);
    this.encryptionType = encType;

+    if (encPieces.length !== EXPECTED_NUM_PARTS_BY_ENCRYPTION_TYPE[encType]) {
+      return;
+    }
+
    switch (encType) {
      case EncryptionType.AesCbc128_HmacSha256_B64:
      case EncryptionType.AesCbc256_HmacSha256_B64:
-        if (encPieces.length !== 3) {
-          return;
-        }
-
        this.iv = encPieces[0];
        this.data = encPieces[1];
        this.mac = encPieces[2];
        break;
      case EncryptionType.AesCbc256_B64:
-        if (encPieces.length !== 2) {
-          return;
-        }
-
        this.iv = encPieces[0];
        this.data = encPieces[1];
        break;
      case EncryptionType.Rsa2048_OaepSha256_B64:
      case EncryptionType.Rsa2048_OaepSha1_B64:
-        if (encPieces.length !== 1) {
-          return;
-        }
-
        this.data = encPieces[0];
        break;
      default:
@@ -110,7 +102,7 @@ export class EncString implements IEncrypted {
    }
  }

-  private parseEncryptedString(encryptedString: string): {
+  private static parseEncryptedString(encryptedString: string): {
    encType: EncryptionType;
    encPieces: string[];
  } {
@@ -139,6 +131,12 @@ export class EncString implements IEncrypted {
    };
  }

+  static isSerializedEncString(s: string): boolean {
+    const { encType, encPieces } = this.parseEncryptedString(s);
+
+    return EXPECTED_NUM_PARTS_BY_ENCRYPTION_TYPE[encType] === encPieces.length;
+  }
+
  async decrypt(orgId: string, key: SymmetricCryptoKey = null): Promise<string> {
    if (this.decryptedValue != null) {
      return this.decryptedValue;
--- a/libs/common/src/models/domain/global-state.ts
+++ b/libs/common/src/models/domain/global-state.ts
@@ -24,7 +24,6 @@ export class GlobalState {
  mainWindowSize?: number;
  enableBiometrics?: boolean;
  biometricText?: string;
-  noAutoPromptBiometrics?: boolean;
  noAutoPromptBiometricsText?: string;
  stateVersion: StateVersion = StateVersion.One;
  environmentUrls: EnvironmentUrls = new EnvironmentUrls();
--- a/libs/common/src/models/domain/symmetric-crypto-key.ts
+++ b/libs/common/src/models/domain/symmetric-crypto-key.ts
@@ -62,12 +62,16 @@ export class SymmetricCryptoKey {
    return { keyB64: this.keyB64 };
  }

-  static fromJSON(obj: Jsonify<SymmetricCryptoKey>): SymmetricCryptoKey {
-    if (obj == null) {
+  static fromString(s: string): SymmetricCryptoKey {
+    if (s == null) {
      return null;
    }

-    const arrayBuffer = Utils.fromB64ToArray(obj.keyB64).buffer;
+    const arrayBuffer = Utils.fromB64ToArray(s).buffer;
    return new SymmetricCryptoKey(arrayBuffer);
  }
+
+  static fromJSON(obj: Jsonify<SymmetricCryptoKey>): SymmetricCryptoKey {
+    return SymmetricCryptoKey.fromString(obj?.keyB64);
+  }
 }