From a3c902d25ae61addd700e926e0d58ec5c839fd3a Mon Sep 17 00:00:00 2001 From: SmithThe4th Date: Wed, 7 Jun 2023 12:46:52 -0400 Subject: [PATCH] [PM-1975] Move FIDO2 files into vault folder (#5496) * Moved fido2 models to vault in libs * Moved fido2 models to vault in libs * Moved fido2 services and abstractions to vault folder in libs * Moved fido2 popup to vault folder on the browser * Updated import path after moving files to the vault folder * Moved authenticator abstraction and service to the vault folder * Updated content and page script path * Added content script, page script and background messaging to vault * fixed lint issue * Updated reference paths * Added missing fallbacksupported property in test files * Added missing fallbacksupported to the newSession method --- .../browser/src/background/main.background.ts | 10 +- apps/browser/src/browser/webauthn-utils.ts | 4 +- apps/browser/src/popup/app-routing.module.ts | 2 +- apps/browser/src/popup/app.module.ts | 2 +- .../browser-fido2-user-interface.service.ts | 6 +- .../fido2/content/content-script.ts | 0 .../fido2/content/messaging/message.ts | 2 +- .../fido2/content/messaging/messenger.spec.ts | 0 .../fido2/content/messaging/messenger.ts | 0 .../{ => vault}/fido2/content/page-script.ts | 2 +- .../components}/fido2/fido2.component.html | 0 .../components}/fido2/fido2.component.ts | 6 +- apps/browser/webpack.config.js | 4 +- .../abstractions/fido2.service.abstraction.ts | 110 ---- .../src/fido2/services/fido2.service.ts | 474 ------------------ libs/common/src/models/api/login.api.ts | 2 +- ...fido2-authenticator.service.abstraction.ts | 0 .../fido2-client.service.abstraction.ts | 0 ...ido2-user-interface.service.abstraction.ts | 0 .../models => vault}/api/fido2-key.api.ts | 2 +- .../src/vault/models/data/cipher.data.ts | 2 +- .../models/data/fido2-key.data.ts | 2 +- .../src/vault/models/data/login.data.ts | 2 +- libs/common/src/vault/models/domain/cipher.ts | 2 +- .../models/domain/fido2-key.ts | 0 libs/common/src/vault/models/domain/login.ts | 2 +- .../vault/models/request/cipher.request.ts | 2 +- .../vault/models/response/cipher.response.ts | 2 +- .../src/vault/models/view/cipher.view.ts | 2 +- .../models/view/fido2-key.view.ts | 2 +- .../src/vault/models/view/login.view.ts | 2 +- .../src/vault/services/cipher.service.ts | 2 +- .../services/fido2}/domain-utils.spec.ts | 0 .../services/fido2}/domain-utils.ts | 0 .../services/fido2}/ecdsa-utils.ts | 0 .../fido2-authenticator.service.spec.ts | 22 +- .../fido2}/fido2-authenticator.service.ts | 18 +- .../fido2}/fido2-client.service.spec.ts | 14 +- .../services/fido2}/fido2-client.service.ts | 14 +- .../services/fido2}/fido2-utils.ts | 2 +- .../noop-fido2-user-interface.service.ts | 7 +- 41 files changed, 74 insertions(+), 651 deletions(-) rename apps/browser/src/{ => vault}/fido2/content/content-script.ts (100%) rename apps/browser/src/{ => vault}/fido2/content/messaging/message.ts (93%) rename apps/browser/src/{ => vault}/fido2/content/messaging/messenger.spec.ts (100%) rename apps/browser/src/{ => vault}/fido2/content/messaging/messenger.ts (100%) rename apps/browser/src/{ => vault}/fido2/content/page-script.ts (98%) rename apps/browser/src/{fido2/popup => vault/popup/components}/fido2/fido2.component.html (100%) rename apps/browser/src/{fido2/popup => vault/popup/components}/fido2/fido2.component.ts (96%) delete mode 100644 libs/common/src/fido2/abstractions/fido2.service.abstraction.ts delete mode 100644 libs/common/src/fido2/services/fido2.service.ts rename libs/common/src/{fido2/abstractions => vault/abstractions/fido2}/fido2-authenticator.service.abstraction.ts (100%) rename libs/common/src/{fido2/abstractions => vault/abstractions/fido2}/fido2-client.service.abstraction.ts (100%) rename libs/common/src/{fido2/abstractions => vault/abstractions/fido2}/fido2-user-interface.service.abstraction.ts (100%) rename libs/common/src/{fido2/models => vault}/api/fido2-key.api.ts (93%) rename libs/common/src/{fido2 => vault}/models/data/fido2-key.data.ts (92%) rename libs/common/src/{fido2 => vault}/models/domain/fido2-key.ts (100%) rename libs/common/src/{fido2 => vault}/models/view/fido2-key.view.ts (88%) rename libs/common/src/{fido2/services => vault/services/fido2}/domain-utils.spec.ts (100%) rename libs/common/src/{fido2/services => vault/services/fido2}/domain-utils.ts (100%) rename libs/common/src/{fido2/services => vault/services/fido2}/ecdsa-utils.ts (100%) rename libs/common/src/{fido2/services => vault/services/fido2}/fido2-authenticator.service.spec.ts (98%) rename libs/common/src/{fido2/services => vault/services/fido2}/fido2-authenticator.service.ts (96%) rename libs/common/src/{fido2/services => vault/services/fido2}/fido2-client.service.spec.ts (97%) rename libs/common/src/{fido2/services => vault/services/fido2}/fido2-client.service.ts (96%) rename libs/common/src/{fido2/abstractions => vault/services/fido2}/fido2-utils.ts (94%) rename libs/common/src/{fido2/services => vault/services/fido2}/noop-fido2-user-interface.service.ts (55%) diff --git a/apps/browser/src/background/main.background.ts b/apps/browser/src/background/main.background.ts index 7d217f6559c..e6be496cc63 100644 --- a/apps/browser/src/background/main.background.ts +++ b/apps/browser/src/background/main.background.ts @@ -46,11 +46,6 @@ import { TwoFactorService } from "@bitwarden/common/auth/services/two-factor.ser import { UserVerificationApiService } from "@bitwarden/common/auth/services/user-verification/user-verification-api.service"; import { UserVerificationService } from "@bitwarden/common/auth/services/user-verification/user-verification.service"; import { StateFactory } from "@bitwarden/common/factories/stateFactory"; -import { Fido2AuthenticatorService as Fido2AuthenticatorServiceAbstraction } from "@bitwarden/common/fido2/abstractions/fido2-authenticator.service.abstraction"; -import { Fido2ClientService as Fido2ClientServiceAbstraction } from "@bitwarden/common/fido2/abstractions/fido2-client.service.abstraction"; -import { Fido2UserInterfaceService as Fido2UserInterfaceServiceAbstraction } from "@bitwarden/common/fido2/abstractions/fido2-user-interface.service.abstraction"; -import { Fido2AuthenticatorService } from "@bitwarden/common/fido2/services/fido2-authenticator.service"; -import { Fido2ClientService } from "@bitwarden/common/fido2/services/fido2-client.service"; import { GlobalState } from "@bitwarden/common/models/domain/global-state"; import { AvatarUpdateService } from "@bitwarden/common/services/account/avatar-update.service"; import { ApiService } from "@bitwarden/common/services/api.service"; @@ -85,6 +80,9 @@ import { SendApiService } from "@bitwarden/common/tools/send/services/send-api.s import { SendApiService as SendApiServiceAbstraction } from "@bitwarden/common/tools/send/services/send-api.service.abstraction"; import { InternalSendService as InternalSendServiceAbstraction } from "@bitwarden/common/tools/send/services/send.service.abstraction"; import { CipherService as CipherServiceAbstraction } from "@bitwarden/common/vault/abstractions/cipher.service"; +import { Fido2AuthenticatorService as Fido2AuthenticatorServiceAbstraction } from "@bitwarden/common/vault/abstractions/fido2/fido2-authenticator.service.abstraction"; +import { Fido2ClientService as Fido2ClientServiceAbstraction } from "@bitwarden/common/vault/abstractions/fido2/fido2-client.service.abstraction"; +import { Fido2UserInterfaceService as Fido2UserInterfaceServiceAbstraction } from "@bitwarden/common/vault/abstractions/fido2/fido2-user-interface.service.abstraction"; import { CipherFileUploadService as CipherFileUploadServiceAbstraction } from "@bitwarden/common/vault/abstractions/file-upload/cipher-file-upload.service"; import { FolderApiServiceAbstraction } from "@bitwarden/common/vault/abstractions/folder/folder-api.service.abstraction"; import { InternalFolderService as InternalFolderServiceAbstraction } from "@bitwarden/common/vault/abstractions/folder/folder.service.abstraction"; @@ -92,6 +90,8 @@ import { SyncNotifierService as SyncNotifierServiceAbstraction } from "@bitwarde import { SyncService as SyncServiceAbstraction } from "@bitwarden/common/vault/abstractions/sync/sync.service.abstraction"; import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view"; import { CipherService } from "@bitwarden/common/vault/services/cipher.service"; +import { Fido2AuthenticatorService } from "@bitwarden/common/vault/services/fido2/fido2-authenticator.service"; +import { Fido2ClientService } from "@bitwarden/common/vault/services/fido2/fido2-client.service"; import { CipherFileUploadService } from "@bitwarden/common/vault/services/file-upload/cipher-file-upload.service"; import { FolderApiService } from "@bitwarden/common/vault/services/folder/folder-api.service"; import { SyncNotifierService } from "@bitwarden/common/vault/services/sync/sync-notifier.service"; diff --git a/apps/browser/src/browser/webauthn-utils.ts b/apps/browser/src/browser/webauthn-utils.ts index b59fd46432d..2422736077f 100644 --- a/apps/browser/src/browser/webauthn-utils.ts +++ b/apps/browser/src/browser/webauthn-utils.ts @@ -3,8 +3,8 @@ import { CreateCredentialResult, AssertCredentialParams, AssertCredentialResult, -} from "@bitwarden/common/fido2/abstractions/fido2-client.service.abstraction"; -import { Fido2Utils } from "@bitwarden/common/fido2/abstractions/fido2-utils"; +} from "@bitwarden/common/vault/abstractions/fido2/fido2-client.service.abstraction"; +import { Fido2Utils } from "@bitwarden/common/vault/services/fido2/fido2-utils"; export class WebauthnUtils { static mapCredentialCreationOptions( diff --git a/apps/browser/src/popup/app-routing.module.ts b/apps/browser/src/popup/app-routing.module.ts index ba140607125..c2e2a78b094 100644 --- a/apps/browser/src/popup/app-routing.module.ts +++ b/apps/browser/src/popup/app-routing.module.ts @@ -18,13 +18,13 @@ import { SsoComponent } from "../auth/popup/sso.component"; import { TwoFactorOptionsComponent } from "../auth/popup/two-factor-options.component"; import { TwoFactorComponent } from "../auth/popup/two-factor.component"; import { UpdateTempPasswordComponent } from "../auth/popup/update-temp-password.component"; -import { Fido2Component } from "../fido2/popup/fido2/fido2.component"; import { GeneratorComponent } from "../tools/popup/generator/generator.component"; import { PasswordGeneratorHistoryComponent } from "../tools/popup/generator/password-generator-history.component"; import { SendAddEditComponent } from "../tools/popup/send/send-add-edit.component"; import { SendGroupingsComponent } from "../tools/popup/send/send-groupings.component"; import { SendTypeComponent } from "../tools/popup/send/send-type.component"; import { ExportComponent } from "../tools/popup/settings/export.component"; +import { Fido2Component } from "../vault/popup/components/fido2/fido2.component"; import { AddEditComponent } from "../vault/popup/components/vault/add-edit.component"; import { AttachmentsComponent } from "../vault/popup/components/vault/attachments.component"; import { CollectionsComponent } from "../vault/popup/components/vault/collections.component"; diff --git a/apps/browser/src/popup/app.module.ts b/apps/browser/src/popup/app.module.ts index 054f9339f0e..d117132c75b 100644 --- a/apps/browser/src/popup/app.module.ts +++ b/apps/browser/src/popup/app.module.ts @@ -29,7 +29,6 @@ import { SsoComponent } from "../auth/popup/sso.component"; import { TwoFactorOptionsComponent } from "../auth/popup/two-factor-options.component"; import { TwoFactorComponent } from "../auth/popup/two-factor.component"; import { UpdateTempPasswordComponent } from "../auth/popup/update-temp-password.component"; -import { Fido2Component } from "../fido2/popup/fido2/fido2.component"; import { GeneratorComponent } from "../tools/popup/generator/generator.component"; import { PasswordGeneratorHistoryComponent } from "../tools/popup/generator/password-generator-history.component"; import { SendListComponent } from "../tools/popup/send/components/send-list.component"; @@ -40,6 +39,7 @@ import { SendTypeComponent } from "../tools/popup/send/send-type.component"; import { ExportComponent } from "../tools/popup/settings/export.component"; import { ActionButtonsComponent } from "../vault/popup/components/action-buttons.component"; import { CipherRowComponent } from "../vault/popup/components/cipher-row.component"; +import { Fido2Component } from "../vault/popup/components/fido2/fido2.component"; import { PasswordRepromptComponent } from "../vault/popup/components/password-reprompt.component"; import { AddEditCustomFieldsComponent } from "../vault/popup/components/vault/add-edit-custom-fields.component"; import { AddEditComponent } from "../vault/popup/components/vault/add-edit.component"; diff --git a/apps/browser/src/services/fido2/browser-fido2-user-interface.service.ts b/apps/browser/src/services/fido2/browser-fido2-user-interface.service.ts index d014a4c070e..454acd26253 100644 --- a/apps/browser/src/services/fido2/browser-fido2-user-interface.service.ts +++ b/apps/browser/src/services/fido2/browser-fido2-user-interface.service.ts @@ -10,14 +10,14 @@ import { takeUntil, } from "rxjs"; -import { UserRequestedFallbackAbortReason } from "@bitwarden/common/fido2/abstractions/fido2-client.service.abstraction"; +import { Utils } from "@bitwarden/common/misc/utils"; +import { UserRequestedFallbackAbortReason } from "@bitwarden/common/vault/abstractions/fido2/fido2-client.service.abstraction"; import { Fido2UserInterfaceService as Fido2UserInterfaceServiceAbstraction, Fido2UserInterfaceSession, NewCredentialParams, PickCredentialParams, -} from "@bitwarden/common/fido2/abstractions/fido2-user-interface.service.abstraction"; -import { Utils } from "@bitwarden/common/misc/utils"; +} from "@bitwarden/common/vault/abstractions/fido2/fido2-user-interface.service.abstraction"; import { BrowserApi } from "../../browser/browserApi"; import { Popout, PopupUtilsService } from "../../popup/services/popup-utils.service"; diff --git a/apps/browser/src/fido2/content/content-script.ts b/apps/browser/src/vault/fido2/content/content-script.ts similarity index 100% rename from apps/browser/src/fido2/content/content-script.ts rename to apps/browser/src/vault/fido2/content/content-script.ts diff --git a/apps/browser/src/fido2/content/messaging/message.ts b/apps/browser/src/vault/fido2/content/messaging/message.ts similarity index 93% rename from apps/browser/src/fido2/content/messaging/message.ts rename to apps/browser/src/vault/fido2/content/messaging/message.ts index 14d49cd5238..01a19a1f8a4 100644 --- a/apps/browser/src/fido2/content/messaging/message.ts +++ b/apps/browser/src/vault/fido2/content/messaging/message.ts @@ -3,7 +3,7 @@ import { CreateCredentialResult, AssertCredentialParams, AssertCredentialResult, -} from "@bitwarden/common/fido2/abstractions/fido2-client.service.abstraction"; +} from "@bitwarden/common/vault/abstractions/fido2/fido2-client.service.abstraction"; export enum MessageType { CredentialCreationRequest, diff --git a/apps/browser/src/fido2/content/messaging/messenger.spec.ts b/apps/browser/src/vault/fido2/content/messaging/messenger.spec.ts similarity index 100% rename from apps/browser/src/fido2/content/messaging/messenger.spec.ts rename to apps/browser/src/vault/fido2/content/messaging/messenger.spec.ts diff --git a/apps/browser/src/fido2/content/messaging/messenger.ts b/apps/browser/src/vault/fido2/content/messaging/messenger.ts similarity index 100% rename from apps/browser/src/fido2/content/messaging/messenger.ts rename to apps/browser/src/vault/fido2/content/messaging/messenger.ts diff --git a/apps/browser/src/fido2/content/page-script.ts b/apps/browser/src/vault/fido2/content/page-script.ts similarity index 98% rename from apps/browser/src/fido2/content/page-script.ts rename to apps/browser/src/vault/fido2/content/page-script.ts index 429828fa631..aaf3bec9cd6 100644 --- a/apps/browser/src/fido2/content/page-script.ts +++ b/apps/browser/src/vault/fido2/content/page-script.ts @@ -1,4 +1,4 @@ -import { WebauthnUtils } from "../../browser/webauthn-utils"; +import { WebauthnUtils } from "../../../browser/webauthn-utils"; import { MessageType } from "./messaging/message"; import { Messenger } from "./messaging/messenger"; diff --git a/apps/browser/src/fido2/popup/fido2/fido2.component.html b/apps/browser/src/vault/popup/components/fido2/fido2.component.html similarity index 100% rename from apps/browser/src/fido2/popup/fido2/fido2.component.html rename to apps/browser/src/vault/popup/components/fido2/fido2.component.html diff --git a/apps/browser/src/fido2/popup/fido2/fido2.component.ts b/apps/browser/src/vault/popup/components/fido2/fido2.component.ts similarity index 96% rename from apps/browser/src/fido2/popup/fido2/fido2.component.ts rename to apps/browser/src/vault/popup/components/fido2/fido2.component.ts index 88892ce78a3..3846d3f1675 100644 --- a/apps/browser/src/fido2/popup/fido2/fido2.component.ts +++ b/apps/browser/src/vault/popup/components/fido2/fido2.component.ts @@ -12,17 +12,17 @@ import { takeUntil, } from "rxjs"; -import { Fido2KeyView } from "@bitwarden/common/fido2/models/view/fido2-key.view"; import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service"; import { PasswordRepromptService } from "@bitwarden/common/vault/abstractions/password-reprompt.service"; import { CipherType } from "@bitwarden/common/vault/enums/cipher-type"; import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view"; +import { Fido2KeyView } from "@bitwarden/common/vault/models/view/fido2-key.view"; -import { BrowserApi } from "../../../browser/browserApi"; +import { BrowserApi } from "../../../../browser/browserApi"; import { BrowserFido2Message, BrowserFido2UserInterfaceSession, -} from "../../../services/fido2/browser-fido2-user-interface.service"; +} from "../../../../services/fido2/browser-fido2-user-interface.service"; interface ViewData { message: BrowserFido2Message; diff --git a/apps/browser/webpack.config.js b/apps/browser/webpack.config.js index cc124d30cf6..76e7024acbb 100644 --- a/apps/browser/webpack.config.js +++ b/apps/browser/webpack.config.js @@ -147,8 +147,8 @@ const mainConfig = { "content/notificationBar": "./src/autofill/content/notification-bar.ts", "content/contextMenuHandler": "./src/autofill/content/context-menu-handler.ts", "content/message_handler": "./src/autofill/content/message_handler.ts", - "content/fido2/content-script": "./src/fido2/content/content-script.ts", - "content/fido2/page-script": "./src/fido2/content/page-script.ts", + "content/fido2/content-script": "./src/vault/fido2/content/content-script.ts", + "content/fido2/page-script": "./src/vault/fido2/content/page-script.ts", "notification/bar": "./src/autofill/notification/bar.ts", "encrypt-worker": "../../libs/common/src/services/cryptography/encrypt.worker.ts", }, diff --git a/libs/common/src/fido2/abstractions/fido2.service.abstraction.ts b/libs/common/src/fido2/abstractions/fido2.service.abstraction.ts deleted file mode 100644 index e0fa676a8c7..00000000000 --- a/libs/common/src/fido2/abstractions/fido2.service.abstraction.ts +++ /dev/null @@ -1,110 +0,0 @@ -/** - * - * REMOVE BEFORE MERGE - * - * This is the old version of our FIDO2 client which was built according to spec. - * It left here for reference purposes until we no longer need it. - * - */ - -// export type UserVerification = "discouraged" | "preferred" | "required"; - -// export interface CredentialRegistrationParams { -// origin: string; -// attestation?: "direct" | "enterprise" | "indirect" | "none"; -// authenticatorSelection?: { -// // authenticatorAttachment?: AuthenticatorAttachment; // not used -// requireResidentKey?: boolean; -// residentKey?: "discouraged" | "preferred" | "required"; -// userVerification?: UserVerification; -// }; -// challenge: string; // b64 encoded -// excludeCredentials?: { -// id: string; // b64 encoded -// transports?: ("ble" | "internal" | "nfc" | "usb")[]; -// // type: "public-key"; // not used -// }[]; -// extensions?: { -// appid?: string; -// appidExclude?: string; -// credProps?: boolean; -// uvm?: boolean; -// }; -// pubKeyCredParams: { -// alg: number; -// // type: "public-key"; // not used -// }[]; -// rp: { -// id?: string; -// name: string; -// }; -// user: { -// id: string; // b64 encoded -// displayName: string; -// }; -// timeout: number; -// } - -// export interface CredentialRegistrationResult { -// credentialId: string; -// clientDataJSON: string; -// attestationObject: string; -// authData: string; -// publicKeyAlgorithm: number; -// transports: string[]; -// } - -// export interface CredentialAssertParams { -// allowedCredentialIds: string[]; -// rpId: string; -// origin: string; -// challenge: string; -// userVerification?: UserVerification; -// timeout: number; -// } - -// export interface CredentialAssertResult { -// credentialId: string; -// clientDataJSON: string; -// authenticatorData: string; -// signature: string; -// userHandle: string; -// } - -// export class Fido2Error extends Error { -// constructor(message: string, readonly fallbackRequested = false) { -// super(message); -// } -// } - -// export class RequestAbortedError extends Fido2Error { -// constructor(fallbackRequested = false) { -// super("Fido2 request was aborted", fallbackRequested); -// } -// } - -// export class NoCredentialFoundError extends Fido2Error { -// constructor() { -// super("No valid credential found", true); -// } -// } - -// export class OriginMismatchError extends Fido2Error { -// constructor() { -// super( -// "Authentication requests must originate from the same source that created the credential.", -// false -// ); -// } -// } - -// export abstract class Fido2Service { -// createCredential: ( -// params: CredentialRegistrationParams, -// abortController?: AbortController -// ) => Promise; -// assertCredential: ( -// params: CredentialAssertParams, -// abortController?: AbortController -// ) => Promise; -// } diff --git a/libs/common/src/fido2/services/fido2.service.ts b/libs/common/src/fido2/services/fido2.service.ts deleted file mode 100644 index f1236cddfc4..00000000000 --- a/libs/common/src/fido2/services/fido2.service.ts +++ /dev/null @@ -1,474 +0,0 @@ -/** - * - * REMOVE BEFORE MERGE - * - * This is the old version of our FIDO2 client which was built according to spec. - * It left here for reference purposes until we no longer need it. - * - */ - -// import { CBOR } from "cbor-redux"; - -// import { Utils } from "../../misc/utils"; -// import { CipherService } from "../../vault/abstractions/cipher.service"; -// import { CipherType } from "../../vault/enums/cipher-type"; -// import { Cipher } from "../../vault/models/domain/cipher"; -// import { CipherView } from "../../vault/models/view/cipher.view"; -// import { Fido2UserInterfaceService } from "../abstractions/fido2-user-interface.service.abstraction"; -// import { Fido2Utils } from "../abstractions/fido2-utils"; -// import { -// CredentialAssertParams, -// CredentialAssertResult, -// CredentialRegistrationParams, -// CredentialRegistrationResult, -// Fido2Service as Fido2ServiceAbstraction, -// NoCredentialFoundError, -// UserVerification, -// } from "../abstractions/fido2.service.abstraction"; -// import { Fido2KeyView } from "../models/view/fido2-key.view"; - -// import { CredentialId } from "./credential-id"; -// import { joseToDer } from "./ecdsa-utils"; - -// // We support self-signing, but Google won't accept it. -// // TODO: Look into supporting self-signed packed format. -// const STANDARD_ATTESTATION_FORMAT: "none" | "packed" = "none"; -// const TIMEOUTS = { -// NO_VERIFICATION: { -// DEFAULT: 120000, -// MIN: 30000, -// MAX: 180000, -// }, -// WITH_VERIFICATION: { -// DEFAULT: 300000, -// MIN: 30000, -// MAX: 600000, -// }, -// }; - -// interface BitCredential { -// credentialId: CredentialId; -// keyType: "ECDSA"; -// keyCurve: "P-256"; -// keyValue: CryptoKey; -// rpId: string; -// rpName: string; -// userHandle: Uint8Array; -// userName: string; -// origin: string; -// } - -// const KeyUsages: KeyUsage[] = ["sign"]; - -// export class Fido2Service implements Fido2ServiceAbstraction { -// constructor( -// private fido2UserInterfaceService: Fido2UserInterfaceService, -// private cipherService: CipherService -// ) {} - -// async createCredential( -// params: CredentialRegistrationParams, -// abortController = new AbortController() -// ): Promise { -// // Comment: Timeouts could potentially be implemented using decorators. -// // But since I try to use decorators a little as possible and only -// // for the most generic solutions, I'm gonne leave this as is untill peer review. -// const timeout = setAbortTimeout( -// abortController, -// params.authenticatorSelection.userVerification, -// params.timeout -// ); - -// const presence = await this.fido2UserInterfaceService.confirmNewCredential( -// { -// credentialName: params.rp.name, -// userName: params.user.displayName, -// }, -// abortController -// ); - -// const attestationFormat = STANDARD_ATTESTATION_FORMAT; -// const encoder = new TextEncoder(); - -// const clientData = encoder.encode( -// JSON.stringify({ -// type: "webauthn.create", -// challenge: params.challenge, -// origin: params.origin, -// crossOrigin: false, -// }) -// ); -// const keyPair = await crypto.subtle.generateKey( -// { -// name: "ECDSA", -// namedCurve: "P-256", -// }, -// true, -// KeyUsages -// ); - -// const credentialId = await this.saveCredential({ -// keyType: "ECDSA", -// keyCurve: "P-256", -// keyValue: keyPair.privateKey, -// origin: params.origin, -// rpId: params.rp.id, -// rpName: params.rp.name, -// userHandle: Fido2Utils.stringToBuffer(params.user.id), -// userName: params.user.displayName, -// }); - -// const authData = await generateAuthData({ -// rpId: params.rp.id, -// credentialId, -// userPresence: presence, -// userVerification: true, // TODO: Change to false -// keyPair, -// }); - -// const asn1Der_signature = await generateSignature({ -// authData, -// clientData, -// privateKey: keyPair.privateKey, -// }); - -// const attestationObject = new Uint8Array( -// CBOR.encode({ -// fmt: attestationFormat, -// attStmt: -// attestationFormat === "packed" -// ? { -// alg: -7, -// sig: asn1Der_signature, -// } -// : {}, -// authData, -// }) -// ); - -// clearTimeout(timeout); - -// return { -// credentialId: Fido2Utils.bufferToString(credentialId.raw), -// clientDataJSON: Fido2Utils.bufferToString(clientData), -// attestationObject: Fido2Utils.bufferToString(attestationObject), -// authData: Fido2Utils.bufferToString(authData), -// publicKeyAlgorithm: -7, -// transports: ["nfc", "usb"], -// }; -// } - -// async assertCredential( -// params: CredentialAssertParams, -// abortController = new AbortController() -// ): Promise { -// const timeout = setAbortTimeout(abortController, params.userVerification, params.timeout); -// let credential: BitCredential | undefined; - -// if (params.allowedCredentialIds && params.allowedCredentialIds.length > 0) { -// // We're looking for regular non-resident keys -// credential = await this.getCredential(params.allowedCredentialIds); - -// if (credential === undefined) { -// throw new NoCredentialFoundError(); -// } - -// // TODO: Google doesn't work with this. Look into how we're supposed to check this -// // if (credential.origin !== params.origin) { -// // throw new OriginMismatchError(); -// // } - -// await this.fido2UserInterfaceService.confirmCredential( -// credential.credentialId.encoded, -// abortController -// ); -// } else { -// // We're looking for a resident key -// const credentials = await this.getCredentialsByRp(params.rpId); - -// if (credentials.length === 0) { -// throw new NoCredentialFoundError(); -// } - -// const pickedId = await this.fido2UserInterfaceService.pickCredential( -// credentials.map((c) => c.credentialId.encoded), -// abortController -// ); -// credential = credentials.find((c) => c.credentialId.encoded === pickedId); -// } - -// const encoder = new TextEncoder(); -// const clientData = encoder.encode( -// JSON.stringify({ -// type: "webauthn.get", -// challenge: params.challenge, -// origin: params.origin, -// }) -// ); - -// const authData = await generateAuthData({ -// credentialId: credential.credentialId, -// rpId: params.rpId, -// userPresence: true, -// userVerification: true, // TODO: Change to false! -// }); - -// const signature = await generateSignature({ -// authData, -// clientData, -// privateKey: credential.keyValue, -// }); - -// clearTimeout(timeout); - -// return { -// credentialId: credential.credentialId.encoded, -// clientDataJSON: Fido2Utils.bufferToString(clientData), -// authenticatorData: Fido2Utils.bufferToString(authData), -// signature: Fido2Utils.bufferToString(signature), -// userHandle: Fido2Utils.bufferToString(credential.userHandle), -// }; -// } - -// private async getCredential(allowedCredentialIds: string[]): Promise { -// let cipher: Cipher | undefined; -// for (const allowedCredential of allowedCredentialIds) { -// cipher = await this.cipherService.get(allowedCredential); - -// if (cipher?.deletedDate != undefined) { -// cipher = undefined; -// } - -// if (cipher != undefined) { -// break; -// } -// } - -// if (cipher == undefined) { -// return undefined; -// } - -// const cipherView = await cipher.decrypt(); -// return await mapCipherViewToBitCredential(cipherView); -// } - -// private async saveCredential( -// credential: Omit -// ): Promise { -// const pcks8Key = await crypto.subtle.exportKey("pkcs8", credential.keyValue); - -// const view = new CipherView(); -// view.type = CipherType.Fido2Key; -// view.name = credential.rpName; - -// view.fido2Key = new Fido2KeyView(); -// view.fido2Key.origin = credential.origin; -// view.fido2Key.keyType = credential.keyType; -// view.fido2Key.keyCurve = credential.keyCurve; -// view.fido2Key.keyValue = Fido2Utils.bufferToString(pcks8Key); -// view.fido2Key.rpId = credential.rpId; -// view.fido2Key.rpName = credential.rpName; -// view.fido2Key.userHandle = Fido2Utils.bufferToString(credential.userHandle); -// view.fido2Key.userName = credential.userName; -// view.fido2Key.origin = credential.origin; - -// const cipher = await this.cipherService.encrypt(view); -// await this.cipherService.createWithServer(cipher); - -// // TODO: Cipher service modifies supplied object, we might wanna change that. -// return new CredentialId(cipher.id); -// } - -// private async getCredentialsByRp(rpId: string): Promise { -// const allCipherViews = await this.cipherService.getAllDecrypted(); -// const cipherViews = allCipherViews.filter( -// (cv) => !cv.isDeleted && cv.type === CipherType.Fido2Key && cv.fido2Key?.rpId === rpId -// ); - -// return await Promise.all(cipherViews.map((view) => mapCipherViewToBitCredential(view))); -// } -// } - -// interface AuthDataParams { -// rpId: string; -// credentialId: CredentialId; -// userPresence: boolean; -// userVerification: boolean; -// keyPair?: CryptoKeyPair; -// } - -// async function mapCipherViewToBitCredential(cipherView: CipherView): Promise { -// const keyBuffer = Fido2Utils.stringToBuffer(cipherView.fido2Key.keyValue); -// const privateKey = await crypto.subtle.importKey( -// "pkcs8", -// keyBuffer, -// { -// name: cipherView.fido2Key.keyType, -// namedCurve: cipherView.fido2Key.keyCurve, -// }, -// true, -// KeyUsages -// ); - -// return { -// credentialId: new CredentialId(cipherView.id), -// keyType: cipherView.fido2Key.keyType, -// keyCurve: cipherView.fido2Key.keyCurve, -// keyValue: privateKey, -// rpId: cipherView.fido2Key.rpId, -// rpName: cipherView.fido2Key.rpName, -// userHandle: Fido2Utils.stringToBuffer(cipherView.fido2Key.userHandle), -// userName: cipherView.fido2Key.userName, -// origin: cipherView.fido2Key.origin, -// }; -// } - -// async function generateAuthData(params: AuthDataParams) { -// const encoder = new TextEncoder(); - -// const authData: Array = []; - -// const rpIdHash = new Uint8Array( -// await crypto.subtle.digest({ name: "SHA-256" }, encoder.encode(params.rpId)) -// ); -// authData.push(...rpIdHash); - -// const flags = authDataFlags({ -// extensionData: false, -// attestationData: params.keyPair !== undefined, -// userVerification: params.userVerification, -// userPresence: params.userPresence, -// }); -// authData.push(flags); - -// // add 4 bytes of counter - we use time in epoch seconds as monotonic counter -// // TODO: Consider changing this to a cryptographically safe random number -// const now = new Date().getTime() / 1000; -// authData.push( -// ((now & 0xff000000) >> 24) & 0xff, -// ((now & 0x00ff0000) >> 16) & 0xff, -// ((now & 0x0000ff00) >> 8) & 0xff, -// now & 0x000000ff -// ); - -// // attestedCredentialData -// const attestedCredentialData: Array = []; - -// // Use 0 because we're self-signing at the moment -// const aaguid = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]; -// attestedCredentialData.push(...aaguid); - -// // credentialIdLength (2 bytes) and credential Id -// const rawId = params.credentialId.raw; -// const credentialIdLength = [(rawId.length - (rawId.length & 0xff)) / 256, rawId.length & 0xff]; -// attestedCredentialData.push(...credentialIdLength); -// attestedCredentialData.push(...rawId); - -// if (params.keyPair) { -// const publicKeyJwk = await crypto.subtle.exportKey("jwk", params.keyPair.publicKey); -// // COSE format of the EC256 key -// const keyX = Utils.fromUrlB64ToArray(publicKeyJwk.x); -// const keyY = Utils.fromUrlB64ToArray(publicKeyJwk.y); - -// // const credPublicKeyCOSE = { -// // "1": 2, // kty -// // "3": -7, // alg -// // "-1": 1, // crv -// // "-2": keyX, -// // "-3": keyY, -// // }; -// // const coseBytes = new Uint8Array(cbor.encode(credPublicKeyCOSE)); - -// // Can't get `cbor-redux` to encode in CTAP2 canonical CBOR. So we do it manually: -// const coseBytes = new Uint8Array(77); -// coseBytes.set([0xa5, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20], 0); -// coseBytes.set(keyX, 10); -// coseBytes.set([0x22, 0x58, 0x20], 10 + 32); -// coseBytes.set(keyY, 10 + 32 + 3); - -// // credential public key - convert to array from CBOR encoded COSE key -// attestedCredentialData.push(...coseBytes); - -// authData.push(...attestedCredentialData); -// } - -// return new Uint8Array(authData); -// } - -// interface SignatureParams { -// authData: Uint8Array; -// clientData: Uint8Array; -// privateKey: CryptoKey; -// } - -// async function generateSignature(params: SignatureParams) { -// const clientDataHash = await crypto.subtle.digest({ name: "SHA-256" }, params.clientData); -// const sigBase = new Uint8Array([...params.authData, ...new Uint8Array(clientDataHash)]); -// const p1336_signature = new Uint8Array( -// await window.crypto.subtle.sign( -// { -// name: "ECDSA", -// hash: { name: "SHA-256" }, -// }, -// params.privateKey, -// sigBase -// ) -// ); - -// const asn1Der_signature = joseToDer(p1336_signature, "ES256"); - -// return asn1Der_signature; -// } - -// interface Flags { -// extensionData: boolean; -// attestationData: boolean; -// userVerification: boolean; -// userPresence: boolean; -// } - -// function authDataFlags(options: Flags): number { -// let flags = 0; - -// if (options.extensionData) { -// flags |= 0b1000000; -// } - -// if (options.attestationData) { -// flags |= 0b01000000; -// } - -// if (options.userVerification) { -// flags |= 0b00000100; -// } - -// if (options.userPresence) { -// flags |= 0b00000001; -// } - -// return flags; -// } - -// function setAbortTimeout( -// abortController: AbortController, -// userVerification: UserVerification, -// timeout?: number -// ): number { -// let clampedTimeout: number; - -// if (userVerification === "discouraged") { -// timeout = timeout ?? TIMEOUTS.NO_VERIFICATION.DEFAULT; -// clampedTimeout = Math.max( -// TIMEOUTS.NO_VERIFICATION.MIN, -// Math.min(timeout, TIMEOUTS.NO_VERIFICATION.MAX) -// ); -// } else { -// timeout = timeout ?? TIMEOUTS.WITH_VERIFICATION.DEFAULT; -// clampedTimeout = Math.max( -// TIMEOUTS.WITH_VERIFICATION.MIN, -// Math.min(timeout, TIMEOUTS.WITH_VERIFICATION.MAX) -// ); -// } - -// return window.setTimeout(() => abortController.abort(), clampedTimeout); -// } diff --git a/libs/common/src/models/api/login.api.ts b/libs/common/src/models/api/login.api.ts index 1bf8ca13dd7..da7522536a4 100644 --- a/libs/common/src/models/api/login.api.ts +++ b/libs/common/src/models/api/login.api.ts @@ -1,4 +1,4 @@ -import { Fido2KeyApi } from "../../fido2/models/api/fido2-key.api"; +import { Fido2KeyApi } from "../../vault/api/fido2-key.api"; import { BaseResponse } from "../response/base.response"; import { LoginUriApi } from "./login-uri.api"; diff --git a/libs/common/src/fido2/abstractions/fido2-authenticator.service.abstraction.ts b/libs/common/src/vault/abstractions/fido2/fido2-authenticator.service.abstraction.ts similarity index 100% rename from libs/common/src/fido2/abstractions/fido2-authenticator.service.abstraction.ts rename to libs/common/src/vault/abstractions/fido2/fido2-authenticator.service.abstraction.ts diff --git a/libs/common/src/fido2/abstractions/fido2-client.service.abstraction.ts b/libs/common/src/vault/abstractions/fido2/fido2-client.service.abstraction.ts similarity index 100% rename from libs/common/src/fido2/abstractions/fido2-client.service.abstraction.ts rename to libs/common/src/vault/abstractions/fido2/fido2-client.service.abstraction.ts diff --git a/libs/common/src/fido2/abstractions/fido2-user-interface.service.abstraction.ts b/libs/common/src/vault/abstractions/fido2/fido2-user-interface.service.abstraction.ts similarity index 100% rename from libs/common/src/fido2/abstractions/fido2-user-interface.service.abstraction.ts rename to libs/common/src/vault/abstractions/fido2/fido2-user-interface.service.abstraction.ts diff --git a/libs/common/src/fido2/models/api/fido2-key.api.ts b/libs/common/src/vault/api/fido2-key.api.ts similarity index 93% rename from libs/common/src/fido2/models/api/fido2-key.api.ts rename to libs/common/src/vault/api/fido2-key.api.ts index 4fe89fd9d2e..0673d3cd657 100644 --- a/libs/common/src/fido2/models/api/fido2-key.api.ts +++ b/libs/common/src/vault/api/fido2-key.api.ts @@ -1,4 +1,4 @@ -import { BaseResponse } from "../../../models/response/base.response"; +import { BaseResponse } from "../../models/response/base.response"; export class Fido2KeyApi extends BaseResponse { nonDiscoverableId: string; diff --git a/libs/common/src/vault/models/data/cipher.data.ts b/libs/common/src/vault/models/data/cipher.data.ts index a1760a1da7b..1c995b32aea 100644 --- a/libs/common/src/vault/models/data/cipher.data.ts +++ b/libs/common/src/vault/models/data/cipher.data.ts @@ -1,10 +1,10 @@ -import { Fido2KeyData } from "../../../fido2/models/data/fido2-key.data"; import { CipherRepromptType } from "../../enums/cipher-reprompt-type"; import { CipherType } from "../../enums/cipher-type"; import { CipherResponse } from "../response/cipher.response"; import { AttachmentData } from "./attachment.data"; import { CardData } from "./card.data"; +import { Fido2KeyData } from "./fido2-key.data"; import { FieldData } from "./field.data"; import { IdentityData } from "./identity.data"; import { LoginData } from "./login.data"; diff --git a/libs/common/src/fido2/models/data/fido2-key.data.ts b/libs/common/src/vault/models/data/fido2-key.data.ts similarity index 92% rename from libs/common/src/fido2/models/data/fido2-key.data.ts rename to libs/common/src/vault/models/data/fido2-key.data.ts index 5a404e9367c..b73cc2f70bd 100644 --- a/libs/common/src/fido2/models/data/fido2-key.data.ts +++ b/libs/common/src/vault/models/data/fido2-key.data.ts @@ -1,4 +1,4 @@ -import { Fido2KeyApi } from "../api/fido2-key.api"; +import { Fido2KeyApi } from "../../api/fido2-key.api"; export class Fido2KeyData { nonDiscoverableId: string; diff --git a/libs/common/src/vault/models/data/login.data.ts b/libs/common/src/vault/models/data/login.data.ts index b821fb2b052..5108989ef5a 100644 --- a/libs/common/src/vault/models/data/login.data.ts +++ b/libs/common/src/vault/models/data/login.data.ts @@ -1,6 +1,6 @@ -import { Fido2KeyData } from "../../../fido2/models/data/fido2-key.data"; import { LoginApi } from "../../../models/api/login.api"; +import { Fido2KeyData } from "./fido2-key.data"; import { LoginUriData } from "./login-uri.data"; export class LoginData { diff --git a/libs/common/src/vault/models/domain/cipher.ts b/libs/common/src/vault/models/domain/cipher.ts index 84dd4782d0a..d0c31168b5b 100644 --- a/libs/common/src/vault/models/domain/cipher.ts +++ b/libs/common/src/vault/models/domain/cipher.ts @@ -1,6 +1,5 @@ import { Jsonify } from "type-fest"; -import { Fido2Key } from "../../../fido2/models/domain/fido2-key"; import { Decryptable } from "../../../interfaces/decryptable.interface"; import Domain from "../../../models/domain/domain-base"; import { EncString } from "../../../models/domain/enc-string"; @@ -14,6 +13,7 @@ import { CipherView } from "../view/cipher.view"; import { Attachment } from "./attachment"; import { Card } from "./card"; +import { Fido2Key } from "./fido2-key"; import { Field } from "./field"; import { Identity } from "./identity"; import { Login } from "./login"; diff --git a/libs/common/src/fido2/models/domain/fido2-key.ts b/libs/common/src/vault/models/domain/fido2-key.ts similarity index 100% rename from libs/common/src/fido2/models/domain/fido2-key.ts rename to libs/common/src/vault/models/domain/fido2-key.ts diff --git a/libs/common/src/vault/models/domain/login.ts b/libs/common/src/vault/models/domain/login.ts index af7fef4e828..6ab5d837cd3 100644 --- a/libs/common/src/vault/models/domain/login.ts +++ b/libs/common/src/vault/models/domain/login.ts @@ -1,12 +1,12 @@ import { Jsonify } from "type-fest"; -import { Fido2Key } from "../../../fido2/models/domain/fido2-key"; import Domain from "../../../models/domain/domain-base"; import { EncString } from "../../../models/domain/enc-string"; import { SymmetricCryptoKey } from "../../../models/domain/symmetric-crypto-key"; import { LoginData } from "../data/login.data"; import { LoginView } from "../view/login.view"; +import { Fido2Key } from "./fido2-key"; import { LoginUri } from "./login-uri"; export class Login extends Domain { diff --git a/libs/common/src/vault/models/request/cipher.request.ts b/libs/common/src/vault/models/request/cipher.request.ts index 4575e4722e2..17b75f5daf8 100644 --- a/libs/common/src/vault/models/request/cipher.request.ts +++ b/libs/common/src/vault/models/request/cipher.request.ts @@ -1,10 +1,10 @@ -import { Fido2KeyApi } from "../../../fido2/models/api/fido2-key.api"; import { CardApi } from "../../../models/api/card.api"; import { FieldApi } from "../../../models/api/field.api"; import { IdentityApi } from "../../../models/api/identity.api"; import { LoginUriApi } from "../../../models/api/login-uri.api"; import { LoginApi } from "../../../models/api/login.api"; import { SecureNoteApi } from "../../../models/api/secure-note.api"; +import { Fido2KeyApi } from "../../api/fido2-key.api"; import { CipherRepromptType } from "../../enums/cipher-reprompt-type"; import { CipherType } from "../../enums/cipher-type"; import { Cipher } from "../domain/cipher"; diff --git a/libs/common/src/vault/models/response/cipher.response.ts b/libs/common/src/vault/models/response/cipher.response.ts index 07881b7039c..52d35708a8f 100644 --- a/libs/common/src/vault/models/response/cipher.response.ts +++ b/libs/common/src/vault/models/response/cipher.response.ts @@ -1,10 +1,10 @@ -import { Fido2KeyApi } from "../../../fido2/models/api/fido2-key.api"; import { CardApi } from "../../../models/api/card.api"; import { FieldApi } from "../../../models/api/field.api"; import { IdentityApi } from "../../../models/api/identity.api"; import { LoginApi } from "../../../models/api/login.api"; import { SecureNoteApi } from "../../../models/api/secure-note.api"; import { BaseResponse } from "../../../models/response/base.response"; +import { Fido2KeyApi } from "../../api/fido2-key.api"; import { CipherRepromptType } from "../../enums/cipher-reprompt-type"; import { AttachmentResponse } from "./attachment.response"; diff --git a/libs/common/src/vault/models/view/cipher.view.ts b/libs/common/src/vault/models/view/cipher.view.ts index 34ca96fd2e8..bc9cfe60b99 100644 --- a/libs/common/src/vault/models/view/cipher.view.ts +++ b/libs/common/src/vault/models/view/cipher.view.ts @@ -1,7 +1,6 @@ import { Jsonify } from "type-fest"; import { LinkedIdType } from "../../../enums"; -import { Fido2KeyView } from "../../../fido2/models/view/fido2-key.view"; import { InitializerMetadata } from "../../../interfaces/initializer-metadata.interface"; import { View } from "../../../models/view/view"; import { InitializerKey } from "../../../services/cryptography/initializer-key"; @@ -12,6 +11,7 @@ import { Cipher } from "../domain/cipher"; import { AttachmentView } from "./attachment.view"; import { CardView } from "./card.view"; +import { Fido2KeyView } from "./fido2-key.view"; import { FieldView } from "./field.view"; import { IdentityView } from "./identity.view"; import { LoginView } from "./login.view"; diff --git a/libs/common/src/fido2/models/view/fido2-key.view.ts b/libs/common/src/vault/models/view/fido2-key.view.ts similarity index 88% rename from libs/common/src/fido2/models/view/fido2-key.view.ts rename to libs/common/src/vault/models/view/fido2-key.view.ts index baa67fb8173..0832ff41e26 100644 --- a/libs/common/src/fido2/models/view/fido2-key.view.ts +++ b/libs/common/src/vault/models/view/fido2-key.view.ts @@ -1,6 +1,6 @@ import { Jsonify } from "type-fest"; -import { ItemView } from "../../../vault/models/view/item.view"; +import { ItemView } from "./item.view"; export class Fido2KeyView extends ItemView { nonDiscoverableId: string; diff --git a/libs/common/src/vault/models/view/login.view.ts b/libs/common/src/vault/models/view/login.view.ts index dedd96eff8b..1ea846dc30d 100644 --- a/libs/common/src/vault/models/view/login.view.ts +++ b/libs/common/src/vault/models/view/login.view.ts @@ -1,11 +1,11 @@ import { Jsonify } from "type-fest"; import { LoginLinkedId as LinkedId, UriMatchType } from "../../../enums"; -import { Fido2KeyView } from "../../../fido2/models/view/fido2-key.view"; import { linkedFieldOption } from "../../../misc/linkedFieldOption.decorator"; import { Utils } from "../../../misc/utils"; import { Login } from "../domain/login"; +import { Fido2KeyView } from "./fido2-key.view"; import { ItemView } from "./item.view"; import { LoginUriView } from "./login-uri.view"; diff --git a/libs/common/src/vault/services/cipher.service.ts b/libs/common/src/vault/services/cipher.service.ts index f28ec321077..175a703f72b 100644 --- a/libs/common/src/vault/services/cipher.service.ts +++ b/libs/common/src/vault/services/cipher.service.ts @@ -6,7 +6,6 @@ import { SearchService } from "../../abstractions/search.service"; import { SettingsService } from "../../abstractions/settings.service"; import { StateService } from "../../abstractions/state.service"; import { FieldType, UriMatchType } from "../../enums"; -import { Fido2Key } from "../../fido2/models/domain/fido2-key"; import { sequentialize } from "../../misc/sequentialize"; import { Utils } from "../../misc/utils"; import Domain from "../../models/domain/domain-base"; @@ -22,6 +21,7 @@ import { CipherData } from "../models/data/cipher.data"; import { Attachment } from "../models/domain/attachment"; import { Card } from "../models/domain/card"; import { Cipher } from "../models/domain/cipher"; +import { Fido2Key } from "../models/domain/fido2-key"; import { Field } from "../models/domain/field"; import { Identity } from "../models/domain/identity"; import { Login } from "../models/domain/login"; diff --git a/libs/common/src/fido2/services/domain-utils.spec.ts b/libs/common/src/vault/services/fido2/domain-utils.spec.ts similarity index 100% rename from libs/common/src/fido2/services/domain-utils.spec.ts rename to libs/common/src/vault/services/fido2/domain-utils.spec.ts diff --git a/libs/common/src/fido2/services/domain-utils.ts b/libs/common/src/vault/services/fido2/domain-utils.ts similarity index 100% rename from libs/common/src/fido2/services/domain-utils.ts rename to libs/common/src/vault/services/fido2/domain-utils.ts diff --git a/libs/common/src/fido2/services/ecdsa-utils.ts b/libs/common/src/vault/services/fido2/ecdsa-utils.ts similarity index 100% rename from libs/common/src/fido2/services/ecdsa-utils.ts rename to libs/common/src/vault/services/fido2/ecdsa-utils.ts diff --git a/libs/common/src/fido2/services/fido2-authenticator.service.spec.ts b/libs/common/src/vault/services/fido2/fido2-authenticator.service.spec.ts similarity index 98% rename from libs/common/src/fido2/services/fido2-authenticator.service.spec.ts rename to libs/common/src/vault/services/fido2/fido2-authenticator.service.spec.ts index c36e052ca56..8221afa8333 100644 --- a/libs/common/src/fido2/services/fido2-authenticator.service.spec.ts +++ b/libs/common/src/vault/services/fido2/fido2-authenticator.service.spec.ts @@ -3,26 +3,26 @@ import { TextEncoder } from "util"; import { CBOR } from "cbor-redux"; import { mock, MockProxy } from "jest-mock-extended"; -import { Utils } from "../../misc/utils"; -import { CipherService } from "../../vault/abstractions/cipher.service"; -import { CipherType } from "../../vault/enums/cipher-type"; -import { Cipher } from "../../vault/models/domain/cipher"; -import { CipherView } from "../../vault/models/view/cipher.view"; -import { LoginView } from "../../vault/models/view/login.view"; +import { Utils } from "../../../misc/utils"; +import { CipherService } from "../../abstractions/cipher.service"; import { Fido2AutenticatorErrorCode, Fido2AuthenticatorGetAssertionParams, Fido2AuthenticatorMakeCredentialsParams, -} from "../abstractions/fido2-authenticator.service.abstraction"; +} from "../../abstractions/fido2/fido2-authenticator.service.abstraction"; import { Fido2UserInterfaceService, Fido2UserInterfaceSession, NewCredentialParams, -} from "../abstractions/fido2-user-interface.service.abstraction"; -import { Fido2Utils } from "../abstractions/fido2-utils"; -import { Fido2KeyView } from "../models/view/fido2-key.view"; +} from "../../abstractions/fido2/fido2-user-interface.service.abstraction"; +import { CipherType } from "../../enums/cipher-type"; +import { Cipher } from "../../models/domain/cipher"; +import { CipherView } from "../../models/view/cipher.view"; +import { Fido2KeyView } from "../../models/view/fido2-key.view"; +import { LoginView } from "../../models/view/login.view"; import { AAGUID, Fido2AuthenticatorService } from "./fido2-authenticator.service"; +import { Fido2Utils } from "./fido2-utils"; const RpId = "bitwarden.com"; @@ -573,6 +573,7 @@ describe("FidoAuthenticatorService", () => { ], requireResidentKey: params.requireResidentKey ?? false, requireUserVerification: params.requireUserVerification ?? false, + fallbackSupported: params.fallbackSupported ?? false, extensions: params.extensions ?? { appid: undefined, appidExclude: undefined, @@ -908,6 +909,7 @@ describe("FidoAuthenticatorService", () => { allowCredentialDescriptorList: params.allowCredentialDescriptorList ?? [], requireUserVerification: params.requireUserVerification ?? false, extensions: params.extensions ?? {}, + fallbackSupported: params.fallbackSupported ?? false, }; } diff --git a/libs/common/src/fido2/services/fido2-authenticator.service.ts b/libs/common/src/vault/services/fido2/fido2-authenticator.service.ts similarity index 96% rename from libs/common/src/fido2/services/fido2-authenticator.service.ts rename to libs/common/src/vault/services/fido2/fido2-authenticator.service.ts index 2526314250d..0263bc2b69d 100644 --- a/libs/common/src/fido2/services/fido2-authenticator.service.ts +++ b/libs/common/src/vault/services/fido2/fido2-authenticator.service.ts @@ -1,10 +1,8 @@ import { CBOR } from "cbor-redux"; -import { LogService } from "../../abstractions/log.service"; -import { Utils } from "../../misc/utils"; -import { CipherService } from "../../vault/abstractions/cipher.service"; -import { CipherType } from "../../vault/enums/cipher-type"; -import { CipherView } from "../../vault/models/view/cipher.view"; +import { LogService } from "../../../abstractions/log.service"; +import { Utils } from "../../../misc/utils"; +import { CipherService } from "../../abstractions/cipher.service"; import { Fido2AlgorithmIdentifier, Fido2AutenticatorError, @@ -15,12 +13,14 @@ import { Fido2AuthenticatorMakeCredentialsParams, Fido2AuthenticatorService as Fido2AuthenticatorServiceAbstraction, PublicKeyCredentialDescriptor, -} from "../abstractions/fido2-authenticator.service.abstraction"; -import { Fido2UserInterfaceService } from "../abstractions/fido2-user-interface.service.abstraction"; -import { Fido2Utils } from "../abstractions/fido2-utils"; -import { Fido2KeyView } from "../models/view/fido2-key.view"; +} from "../../abstractions/fido2/fido2-authenticator.service.abstraction"; +import { Fido2UserInterfaceService } from "../../abstractions/fido2/fido2-user-interface.service.abstraction"; +import { CipherType } from "../../enums/cipher-type"; +import { CipherView } from "../../models/view/cipher.view"; +import { Fido2KeyView } from "../../models/view/fido2-key.view"; import { joseToDer } from "./ecdsa-utils"; +import { Fido2Utils } from "./fido2-utils"; // AAGUID: 6e8248d5-b479-40db-a3d8-11116f7e8349 export const AAGUID = new Uint8Array([ diff --git a/libs/common/src/fido2/services/fido2-client.service.spec.ts b/libs/common/src/vault/services/fido2/fido2-client.service.spec.ts similarity index 97% rename from libs/common/src/fido2/services/fido2-client.service.spec.ts rename to libs/common/src/vault/services/fido2/fido2-client.service.spec.ts index 306e8af0407..83ac17919f3 100644 --- a/libs/common/src/fido2/services/fido2-client.service.spec.ts +++ b/libs/common/src/vault/services/fido2/fido2-client.service.spec.ts @@ -1,22 +1,22 @@ import { mock, MockProxy } from "jest-mock-extended"; -import { ConfigServiceAbstraction } from "../../abstractions/config/config.service.abstraction"; -import { Utils } from "../../misc/utils"; +import { ConfigServiceAbstraction } from "../../../abstractions/config/config.service.abstraction"; +import { Utils } from "../../../misc/utils"; import { Fido2AutenticatorError, Fido2AutenticatorErrorCode, Fido2AuthenticatorGetAssertionResult, Fido2AuthenticatorMakeCredentialResult, -} from "../abstractions/fido2-authenticator.service.abstraction"; +} from "../../abstractions/fido2/fido2-authenticator.service.abstraction"; import { AssertCredentialParams, CreateCredentialParams, FallbackRequestedError, -} from "../abstractions/fido2-client.service.abstraction"; -import { Fido2Utils } from "../abstractions/fido2-utils"; +} from "../../abstractions/fido2/fido2-client.service.abstraction"; import { Fido2AuthenticatorService } from "./fido2-authenticator.service"; import { Fido2ClientService } from "./fido2-client.service"; +import { Fido2Utils } from "./fido2-utils"; const RpId = "bitwarden.com"; @@ -228,6 +228,7 @@ describe("FidoAuthenticatorService", () => { id: "YmFzZTY0LWVuY29kZWQtdXNlci1pZA", displayName: "User Name", }, + fallbackSupported: params.fallbackSupported ?? false, timeout: params.timeout, }; } @@ -408,13 +409,14 @@ describe("FidoAuthenticatorService", () => { timeout: params.timeout, userVerification: params.userVerification, sameOriginWithAncestors: true, + fallbackSupported: params.fallbackSupported ?? false, }; } function createAuthenticatorAssertResult(): Fido2AuthenticatorGetAssertionResult { return { selectedCredential: { - id: Utils.newGuid(), + id: randomBytes(32), userHandle: randomBytes(32), }, authenticatorData: randomBytes(64), diff --git a/libs/common/src/fido2/services/fido2-client.service.ts b/libs/common/src/vault/services/fido2/fido2-client.service.ts similarity index 96% rename from libs/common/src/fido2/services/fido2-client.service.ts rename to libs/common/src/vault/services/fido2/fido2-client.service.ts index e7e76eade58..e5e89365a1b 100644 --- a/libs/common/src/fido2/services/fido2-client.service.ts +++ b/libs/common/src/vault/services/fido2/fido2-client.service.ts @@ -1,9 +1,9 @@ import { parse } from "tldts"; -import { ConfigServiceAbstraction } from "../../abstractions/config/config.service.abstraction"; -import { LogService } from "../../abstractions/log.service"; -import { FeatureFlag } from "../../enums/feature-flag.enum"; -import { Utils } from "../../misc/utils"; +import { ConfigServiceAbstraction } from "../../../abstractions/config/config.service.abstraction"; +import { LogService } from "../../../abstractions/log.service"; +import { FeatureFlag } from "../../../enums/feature-flag.enum"; +import { Utils } from "../../../misc/utils"; import { Fido2AutenticatorError, Fido2AutenticatorErrorCode, @@ -11,7 +11,7 @@ import { Fido2AuthenticatorMakeCredentialsParams, Fido2AuthenticatorService, PublicKeyCredentialDescriptor, -} from "../abstractions/fido2-authenticator.service.abstraction"; +} from "../../abstractions/fido2/fido2-authenticator.service.abstraction"; import { AssertCredentialParams, AssertCredentialResult, @@ -22,10 +22,10 @@ import { PublicKeyCredentialParam, UserRequestedFallbackAbortReason, UserVerification, -} from "../abstractions/fido2-client.service.abstraction"; -import { Fido2Utils } from "../abstractions/fido2-utils"; +} from "../../abstractions/fido2/fido2-client.service.abstraction"; import { isValidRpId } from "./domain-utils"; +import { Fido2Utils } from "./fido2-utils"; export class Fido2ClientService implements Fido2ClientServiceAbstraction { constructor( diff --git a/libs/common/src/fido2/abstractions/fido2-utils.ts b/libs/common/src/vault/services/fido2/fido2-utils.ts similarity index 94% rename from libs/common/src/fido2/abstractions/fido2-utils.ts rename to libs/common/src/vault/services/fido2/fido2-utils.ts index b3e42de1432..f8376223ac3 100644 --- a/libs/common/src/fido2/abstractions/fido2-utils.ts +++ b/libs/common/src/vault/services/fido2/fido2-utils.ts @@ -1,4 +1,4 @@ -import { Utils } from "../../misc/utils"; +import { Utils } from "../../../misc/utils"; export class Fido2Utils { static bufferToString(bufferSource: BufferSource): string { diff --git a/libs/common/src/fido2/services/noop-fido2-user-interface.service.ts b/libs/common/src/vault/services/fido2/noop-fido2-user-interface.service.ts similarity index 55% rename from libs/common/src/fido2/services/noop-fido2-user-interface.service.ts rename to libs/common/src/vault/services/fido2/noop-fido2-user-interface.service.ts index 7600852e047..4ed14831e22 100644 --- a/libs/common/src/fido2/services/noop-fido2-user-interface.service.ts +++ b/libs/common/src/vault/services/fido2/noop-fido2-user-interface.service.ts @@ -1,10 +1,13 @@ import { Fido2UserInterfaceService as Fido2UserInterfaceServiceAbstraction, Fido2UserInterfaceSession, -} from "../abstractions/fido2-user-interface.service.abstraction"; +} from "../../abstractions/fido2/fido2-user-interface.service.abstraction"; export class Fido2UserInterfaceService implements Fido2UserInterfaceServiceAbstraction { - newSession(abortController?: AbortController): Promise { + newSession( + fallbackSupported: boolean, + abortController?: AbortController + ): Promise { throw new Error("Not implemented exception"); } }