mirror of
https://github.com/bitwarden/browser
synced 2025-12-15 15:53:27 +00:00
48bd43882447c13631d049fbfafa838c07c95dd4
34 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Bernd Schoolmann
|
48bd438824 |
Add context logs for native messaging (#11690)
* Add logging to decryption routines * Fix case of uknown encryption type * Add decryption context to log where failures occur * Update log message * Fix linting * Add more context logs * Add context logs for native messaging * Update apps/desktop/native-messaging-test-runner/src/native-message.service.ts Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com> * Update apps/desktop/src/services/native-message-handler.service.ts Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com> * Rename channel key to desktop ipc channel key --------- Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com> |
||
|
Bernd Schoolmann
|
b486fcc689 |
[Pm-13097] Rename cryptoservice to keyservice and move it to km ownership (#11358)
* Rename cryptoservice to keyservice * Rename cryptoservice to keyservice * Move key service to key management ownership * Remove accidentally added file * Fix cli build * Fix browser build * Run prettier * Fix builds * Fix cli build * Fix tests * Fix incorrect renames * Rename webauthn-login-crypto-service * Fix build errors due to merge conflicts * Fix linting |
||
|
Bernd Schoolmann
|
19f547e638 |
[PM-8836] Move ownership of biometrics to key-management (#10818)
* Move ownership of biometrics to key-management * Move biometrics ipc ownership to km * Move further files to km; split off preload / ipc to km * Fix linting * Fix linting * Fix tests * Fix tests * Update .github/CODEOWNERS Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com> * Update .github/CODEOWNERS Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com> * Change ownership of native messaging to key-management * Move biometrics to libs/key-management * Add README to capital whitelist * Update package-lock.json * Move km to key-management * Move km to key-management * Fix build for cli * Import fixes * Apply prettier fix * Fix test * Import fixes * Import fixes * Update libs/key-management/README.md Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com> * Update libs/key-management/package.json Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com> * Update lock file * Change imports to top level km package --------- Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com> |
||
|
Bernd Schoolmann
|
d92b2cbea2 |
[PM-11477] Remove deprecated cryptoservice functions (#10854)
* Remove deprecated cryptoservice functions * Use getUserkeyWithLegacySupport to get userkey * Fix tests * Fix tests * Fix tests * Remove unused cryptoservice instances * Fix build * Remove unused apiService in constructor * Fix encryption * Ensure passed in key is used if present * Fix sends and folders * Fix tests * Remove logged key * Fix import for account restricted keys |
||
|
Bernd Schoolmann
|
3c9b3ea2cc |
[PM-6296] Fix biometrics error prompt when biometrics are temporarily unavailable in browser extension (v2) (#10374)
* Create unavailable message for biometrics when in clamshell mode * Move browser biometrics * Inject nativemessagingbackground instead of using constructor * Fix linting * Fix build on browser |
||
|
Bernd Schoolmann
|
325d3382d7 | [PM-10852] Prevent process reload from logging out active user (#10526) | ||
|
Bernd Schoolmann
|
cc45655b86 |
Revert "[PM-6296] Fix biometrics error prompt when biometrics are temporarily…" (#10373)
This reverts commit
|
||
|
Bernd Schoolmann
|
1184c504d1 |
[PM-6296] Fix biometrics error prompt when biometrics are temporarily unavailable in browser extension (#9851)
* Add availability check to biometrics * Move isbiometricunlockavailable logic to parent component * Fix availability detection on desktop * FIx response parsing on browser * Suppress pending biometric message while checking for availability * Refactor biometrics functions out of platformutilsservice * Remove unused constructor * Remove unused abstract function definitions * Rename abstract services * Add documentation * Rename service abstraction, add comments * Add comments * Refactor browser biometrics into background/foreground and remove callbacks * Remove unused logs * Remove unused logs |
||
|
Bernd Schoolmann
|
3de85c75cb | Allow browser extension unlock while desktop is locked (#9945) | ||
|
Bernd Schoolmann
|
537fa67b09 |
[PM-9465] Move shared ipc keys to main process (#9944)
* Remove old biometrics masterkey logic * Move shared ipc keys to main process * Update apps/desktop/src/platform/services/ephemeral-value-storage.main.service.ts Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com> * Extract ephemeral store functions to it's own object --------- Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com> |
||
|
Bernd Schoolmann
|
457c0795be | Remove old biometrics masterkey logic (#9943) | ||
|
Bernd Schoolmann
|
5839999fc4 | Rename "encryptionAlgorithm" to "hashAlgorithmForEncryption" for clarity (#9891) | ||
Justin Baur
|
ba3d21094e |
[PM-7541] Move Last Desktop Settings (#9310)
* Clone Initial Data In `runMigrator` - When using test cases, mutating the input data causes problems. * Migrate `minimizeOnCopy` & `browserIntegrationEnabled` * Update From Main * Move Fingerprint Setting - No Migration Yet * Add Fingerprint to Migrations * Convert Messaging to `async` * Switch to calling `Boolean` for Map Function * Catch Errors * Remove LogService |
||
Robyn MacCallum
|
f07840339e |
Add autofill as codeowners to ddg files (#9268)
* Add autofill as codeowners to ddg files * Add comments |
||
Matt Gibson
|
7819dbdd56 |
PM-8197 Do not allow browser biometric for locked account (#9216)
Process reload is the means by which we protect user keys in memory. once an account locks, it triggers a process reload (assuming no other accounts are unlocked), that frees renderer memory. However, if the user is not unlocked, it is not protected by the process reload, so we may keep user keys in memory. |
||
|
Matt Gibson
|
a4d5717283 | Use account service for account enumeration. (#9023) | ||
Jake Fink
|
9d10825dbd |
[PM-5362] Add MP Service (attempt #2) (#8619)
* create mp and kdf service * update mp service interface to not rely on active user * rename observable methods * update crypto service with new MP service * add master password service to login strategies - make fake service for easier testing - fix crypto service tests * update auth service and finish strategies * auth request refactors * more service refactors and constructor updates * setMasterKey refactors * remove master key methods from crypto service * remove master key and hash from state service * missed fixes * create migrations and fix references * fix master key imports * default force set password reason to none * add password reset reason observable factory to service * remove kdf changes and migrate only disk data * update migration number * fix sync service deps * use disk for force set password state * fix desktop migration * fix sso test * fix tests * fix more tests * fix even more tests * fix even more tests * fix cli * remove kdf service abstraction * add missing deps for browser * fix merge conflicts * clear reset password reason on lock or logout * fix tests * fix other tests * add jsdocs to abstraction * use state provider in crypto service * inverse master password service factory * add clearOn to master password service * add parameter validation to master password service * add component level userId * add missed userId * migrate key hash * fix login strategy service * delete crypto master key from account * migrate master key encrypted user key * rename key hash to master key hash * use mp service for getMasterKeyEncryptedUserKey * fix tests * fix user key decryption logic * add clear methods to mp service * fix circular dep and encryption issue * fix test * remove extra account service call * use EncString in state provider * fix tests * return to using encrypted string for serialization |
||
|
Jake Fink
|
775c8a1bbe |
Revert "[PM-5362]Create MP Service for state provider migration (#7623)" (#8617)
This reverts commit
|
||
|
Jake Fink
|
b1abfb0a5c |
[PM-5362]Create MP Service for state provider migration (#7623)
* create mp and kdf service * update mp service interface to not rely on active user * rename observable methods * update crypto service with new MP service * add master password service to login strategies - make fake service for easier testing - fix crypto service tests * update auth service and finish strategies * auth request refactors * more service refactors and constructor updates * setMasterKey refactors * remove master key methods from crypto service * remove master key and hash from state service * missed fixes * create migrations and fix references * fix master key imports * default force set password reason to none * add password reset reason observable factory to service * remove kdf changes and migrate only disk data * update migration number * fix sync service deps * use disk for force set password state * fix desktop migration * fix sso test * fix tests * fix more tests * fix even more tests * fix even more tests * fix cli * remove kdf service abstraction * add missing deps for browser * fix merge conflicts * clear reset password reason on lock or logout * fix tests * fix other tests * add jsdocs to abstraction * use state provider in crypto service * inverse master password service factory * add clearOn to master password service * add parameter validation to master password service * add component level userId * add missed userId * migrate key hash * fix login strategy service * delete crypto master key from account * migrate master key encrypted user key * rename key hash to master key hash * use mp service for getMasterKeyEncryptedUserKey * fix tests |
||
Jonathan Prusik
|
ac7d80980d | remove unused services (#8334) | ||
|
Matt Gibson
|
5677d6265e |
Ps/pm 5537/move biometric unlock to state providers (#8099)
* Establish biometric unlock enabled in state providers * Use biometric state service for biometric state values * Migrate biometricUnlock * Fixup Dependencies * linter and import fixes * Fix injection * Fix merge * Use boolean constructor as mapper * Conform to documented test naming conventions * Commit documentation suggestion Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com> * Fix merge commit * Fix test names --------- Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com> |
||
Will Martin
|
cb8849c355 |
Add eslint rule no-floating-promises (#7789)
* add eslint rule no-floating-promises * add eslint-disable comment to offending lines |
||
Jared Snider
|
2c1d215b71 |
Auth/PM-5242 - Create new User Verification dialog and form input components which support PIN and biometrics verification (#7536)
* PM-5242 - First working draft of copying out web CL implementation of user verification form and dialog components into standalone libs/auth components which could be used in any client. * PM-5242 - Rename UserVerificationFormComponent to UserVerificationFormInputComponent b/c it doesn't actually have a form and is meant to slot into a form as an input. * PM-5242 - Update libs/auth angular index to take renamed component into account * PM-5242 - Clean up UserVerificationDialogComponent as have much cleaner design approach now (maintain existing func while simply adding new requirements for client side validation for passkeys) * PM-5242 - UserVerificationFormInput component - WIP draft of new client and server split of user verification logic * PM-5242 - UserVerificationFormInput - WIP - Lots of progress on client side verification layout - more to do * PM-5242 - UserVerificationFormInputComponent - Add hasMultipleVerificationMethods property so we can only show alternate methods if user has them. * PM-5242 - UserVerificationFormInputComponent - rename hasMultipleVerificationMethods to hasMultipleClientVerificationOptions * PM-5242 - Add new user verification biometrics fingerprint icon with proper secondary fill so it displays properly on all themes. * PM-5242 - Create enum for tracking client user verification states * PM-5242 - UserVerificationFormInputComponent - WIP - (1) Got biometrics layout working except for error state (2) Emitting active client verification option and biometrics result to dialog (3) Properly identifying if biometrics is enabled in a platform agnostic way (4) Translations TODO * PM-5242 - UserVerificationDialogComponent - (1) Wire up new inputs and outputs for UserVerificationFormInput (2) Don't show submit button when clientside biometrics verification active * PM-5242 - UserVerificationFormInputComponent - wired up biometrics failure and retry handling + re-arranged comp properties to put inputs & outputs at the top * PM-5242 - UserVerificationFormInput component - Add logic to prevent currently active client verification method from being shown an option * PM-5242 - UserVerificationFormInput - adjust margins * PM-5242 - User verification dialog and form input comps - replace Verification with VerificationWithSecret type where applicable * PM-5242 - UserVerificationFormComp - Default to server for backwards compatibility and to avoid requiring the input at all * PM-5242 - UserVerificationFormInputComp - (1) Rename processChanges to processSecretChanges (2) Short circuit processSecretChanges when biometrics is active (3) Add new function for determining type of verification that has a secret. * PM-5242 - UserVerificationDialog - Support custom, optional callout in dialog body. * PM-5242 - UserVerificationDialogComp - support custom confirm button text and type. * PM-5242 - UserVerificationDialog - Add user verification dialog result type to allow for handling all possible verification scenarios * PM-5242 - UserVerificationFormInputComp - tweak comment * PM-5242 - UserVerificationFormInput comp html - add placeholder text for no client verifications found scenario * PM-5242 - UserVerificationDialogComponent - (1) Add confirm & cancel to dialog result (2) Add cancel method vs using bitDialogClose for specificity (3) Adjust naming of output property to properly specify that it is scoped to client verification (4) Adjust layout of dialog html to handle when no client side verification methods are found. * PM-5242 - UserVerificationFormInput - Clean up test code * PM-5242 - UserVerificationFormInput - For server verification, we don't need to check if the user has a local master key hash as we will generate a hash to send to the server for comparison. * PM-5242 - UserVerificationFormInput html - Remove now unnecessary dev warning as I've provided a default * PM-5242 - UserVerification Dialog & Form Input - add translations on all clients for all visible text. * PM-5242 - UserVerificationFormInput html - remove no active client verification handling from form input comp as it is instead emitted upwards to parent dialog component to be handled there. * PM-5242 - UserVerificationDialogComp - (1) Make UserVerificationDialogResult.noAvailableClientVerificationMethods optional because it isn't needed in cancel flows (thanks Will) (2) Modify static open to intercept closed observable event in order to always return a UserVerificationDialogResult as BitDialog returns empty string when the user clicks the x * PM-5242 - UserVerificationDialogComp - Simplify dialog param names to remove redundant dialog * PM-5242 - UserVerificationDialogParams - update comments to match new names * PM-5242 - UserVerificationDialog Storybook - WIP first draft * PM-5242 - UserVerificationDialogStoryComponent - WIP - try out having imports the same as the standalone component * PM-5242 - UserVerificationDialogStoryComponent - more WIP - building now - some stuff displaying * PM-5242 - UserVerificationDialogStoryComponent - some progress on providers setup * PM-5242 - Not going to use storybook for user verification dialog * PM-5242 - UserVerificationDialogComp - move types into own file + add docs * PM-5242 - Update auth index to export user-verification-dialog.types * PM-5242 - UserVerificationFormInput & UserVerificationService - Extract out getAvailableVerificationOptions logic into service * PM-5242 -UserVerificationDialogComponent - Update close logic to handle escape key undefined scenario * PM-5242 - UserVerificationFormInput - add getInvalidSecretErrorMessage for properly determining invalid secret translation * PM-5242 - UserVerificationDialogComp - Refactor submit logic to handle different return methodologies in existing MP and OTP user verification service code vs new PIN flow (e.g., throwing an error instead of returning false) * PM-5242 - PinCryptoService - change error logs to warnings per discussion with Justin * PM-5242 - UserVerificationFormInput - Biometrics flow on desktop - remove accidentally added period in couldNotCompleteBiometrics translation key. * PM-5242 - UserVerificationFormInput HTML - Re-arrange order of other client verification options to match design * PM-5242 - UserVerificationFormInputComponent - Reset inputs as untouched on change of client verification method. * PM-5242 - UserVerificationDialogComponent - Remove TODO as existing secret change logic turns invalidSecret false when biometrics is swapped to. * PM-5242 - UserVerificationFormInputComponent - getInvalidSecretErrorMessage - fix PIN error message not being returned. * PM-5242 - UserVerificationDialogComponent - Add documentation and examples to open method. * PM-5242 - UserVerificationDialogComponent - tweak open docs * PM-5242 - Remove accidental period from translation keys on browser & web * PM-5242 - UserVerificationFormInputComponent - OTP flow needed button module to work * PM-5242 - UserVerificationDialogParams - Add docs explaining that noAvailableClientVerificationMethods is only for desktop & browser. * PM-5242 - User-verification-form-input - Adjust layout to meet new design requirements - (1) On load, send OTP without user clicking a button (2) Allow resending of the codes (3) show a code sent message for 3 seconds * PM-5242 - Browser User Verification - Instantiate PinCryptoService and UserVerification service AFTER instantiating vaultTimeoutSettingsService so that it isn't undefined at run time. * PM-5242 - JslibServices Module - UserVerificationService - add missing PlatformUtilsServiceAbstraction dependency. * PM-5242 - Desktop Native Messaging Service - Wrap biometric getUserKeyFromStorage call in try catch because it throws an error if the user cancels the biometrics prompt and doesn't send a response to the browser extension when using the biometrics unlock bridge to the desktop app and OS. * PM-5242 - Browser Extension - NativeMessagingBackground - if the desktop biometricUnlock command is executed with a canceled (not adjusting misspelling to keep side effects at a min) response, don't bother continuing. * PM-5242 - BrowserCryptoService - When retrieving the user key via desktop biometrics, return null for user key if the user fails or cancels the biometrics prompt. Otherwise, if there is a user key in memory after unlock, biometrics user verification will always just return the user key from state regardless of if the user has successfully passed the biometrics prompt or not. * PM-5242 - BrowserCryptoService - extra comments * PM-5242 - Clean up translations - (1) Remove unused defaultUserVerificationDialogConfirmBtnText (2) Refactor name of defaultUserVerificationDialogTitle to just be verificationRequired which matches existing naming conventions. * PM-5242 - CLI - fix order of service instantiations to ensure that vaultTimeoutSettingsService isn't undefined for PinCryptoService and UserVerificationService * PM-5242 - Rename UserVerificationDialogParams to UserVerificationDialogOptions to match existing naming conventions of other CL comps. * PM-5242 - UserVerificationDialogComponent - dialogParams renamed to dialogOptions * PM-5242 - UserVerificationService Abstraction - Per PR feedback, use keyof for verificationType * PM-5242 - UserVerificationBiometricsIcon - Per PR feedback, use https://jakearchibald.github.io/svgomg/ to optimize SVG by 50%. * PM-5242 - Per PR feedback, clarify UserVerificationDialogOptions.clientSideOnlyVerification comment. * PM-5242 - UserVerificationTypes - Add comments clarifying all text passed to the UserVerificationDialog are translation keys * PM-5242 - UserVerificationDialogComp - fix extra new line per PR feedback * PM-5242 - UserVerificationDialogTypes - per PR feedback and discussion with Will M., export ButtonType from CL so we (and consumers of the dialog) can properly import it via standard CL import. * PM-5242 - BrowserCryptoService - Adjust comments per PR feedback. * PM-5242 - UserVerificationDialogComponent - make ActiveClientVerificationOption readonly as it only for component html * PM-5242 - UserVerificationDialogComp html - finish comment * PM-5242 - BrowserCryptoService - add returns js doc per PR feedback. * PM-5242 - UserVerificationDialogComponent - per PR feedback, add unexpected error toast. * PM-5242 - UserVerificationService - getAvailableVerificationOptions - update params to use keyof like abstraction * PM-5242 - Mark all existing client specific implemetations of user verification as deprecated. |
||
renovate[bot]
|
28de9439be |
[deps] Autofill: Update prettier to v3 (#7014)
* [deps] Autofill: Update prettier to v3 * prettier formatting updates --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Jonathan Prusik <jprusik@classynemesis.com> |
||
Oscar Hinton
|
a5e3432f85 |
Assign ownership to many libs files (#6928)
Assign ownership to many of the remaining libs/common files. Criteria for ownership: * Files used by a single team, is now owned by that team. * Files related to a domain owned by a team is now owned by that team. * Where ownership is unclear the "lowest level" service takes ownership. |
||
|
Oscar Hinton
|
f2aa0ca65f |
[PM-4087] Add missing await for native-messaging.service (#6708)
We missed an await which caused the if statement to never be true. This might have had the effect of not showing a browser integration error message when attempting to unlock should biometrics for some reason be unavailable. |
||
Daniel García
|
1ecf019397 | [PM-3687] Remove ipcRenderer from native-messaging (#6893) | ||
|
Oscar Hinton
|
c5475f78ea | Forbid promise misuse (#6360) | ||
|
Will Martin
|
f999e2cea9 |
[PM-3763] remove Sweet Alert from desktop and browser (#6138)
* update desktop and browser swal references to use CL * rename bit-dialog-close * share fingerprint dialog between desktop and browser * apply code review * format fingerprint in template * apply code review * fix button color * fix button types * update var names * close awaitDesktop dialog on success AND error * add DialogService to NativeMessageHandlerService deps * wrap browser message dialogs in ngZone.run * wrap native messaging handler in ngzone.run * apply code review * fix async ngzone --------- Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com> |
||
Todd Martin
|
5665576147 |
Trusted Device Encryption feature (#5950)
* PM-1049 - Create first display draft of login-decryption-options base and web components (no data loading or user actions wired up yet; WIP) * PM-1049 - Update DeviceResponse to match latest properties on backend * PM-1049 - Add getDevices call to retrieve all user devices to API service * PM-1049 - WIP on figuring out login decryption options component requirements * PM-1049 - Add empty login decryption options to desktop * PM-1049 - Desktop - Update "Log in initiated" translation to be "Login Initiated" per figma and product request * PM-1049 - Desktop - login decryption options component html done * PM-1049 - Move login-decryption-options in web into own folder * PM-1049 - Browser - created html for login-decryption-options component * PM-1049 - Move newly created getDevices() method out of api.service into proper place in new devices-api.service. * PM-1049 -Comment cleanup and TODO added * PM-1049 - Comment cleanup and dependency cleanup across all login-decryption-options comps * PM-1049 - WIP of building out needed response and regular models for saving new UserDecryptionOptions on the Account in state. * PM-1049 - Update all User Decryption Options response and state models in light of the back end changes from a list to an object. Web building now with decryption options stored on state under the account successfully. Must now build out state service methods for retrieving / setting account decryption options for use elsewhere. * PM-1049 - State Service - setup setters / getters for UserDecryptionOptions off the account * PM-1049 - StateService - replace User with Acct for decryption options * PM-1049 - Create domain models vs using response models as response models have a response property w/ the full response nested underneath which we don't need to persist for the user decryption options stored on the account. * PM-1049 - AcctDecryptionOptions now persist across page refreshes of the login-initiated page to act similarly to refreshes on the lock screen. Accomplished via persisting AcctDecryptionOptions in local storage -- still cleared on logout. * PM-1049 - IdTokenResponse - only userDecryptionOptions if they exist on the response from the server; I saw a few instances where it did not. Wasn't able to replicate consistently, but I put this check here to be safe. * PM-1049 - Login Initiated route can only be accessed if user is AuthN w/ locked vault + TDE feature flag is on. * PM-1049 - LoginDecryptionOptions - (1) Wire up loading logic (2) Retrieve User Acct Decryption options to determine whether or not to show request admin approval btn and approve w/ MP (3) Write up future logic for requestAdminApproval (4) approveWithMasterPassword takes you to the lock screen to login. * PM-1049 - Apply same guards as in web to login-decryption-options in desktop & browser. * PM-1049 - (1) Updated dependencies in parent BaseLoginDecryptionOptionsComponent class + child components (2) Retrieve userEmail b/c needed for displaying which email the user is logging in with (3) Add log out functionality (4) Add comments regarding future implementation details for each login approval flow. * PM-1049 - Web/Browser/Desktop LoginDecryptionOptions - (1) Wire up approval buttons (2) Add conditional margins (3) Loading spinner added (4) Display userEmail + "not you" logout link * PM-1049 - Add TODOs for future changes needed as part of the Login Approval flows for TDE * PM-1049 - TODO: replace base component with business service * add new storage to replace MasterKey with UserSymKey * add storage for master key encrypted user symmetric key * Begin refactor of crypto service to support new key structure * remove provided key from getKeyForUserEncryption * add decryption with MasterKey method to crypto service * update makeKeyPair on crypto service to be generic * add type to parameter of setUserKey in abstraction of crypto service * add setUserSymKeyMasterKey so we can set the encrypted user sym key from server * update cli with new crypto service methods - decrypt user sym key and set when unlocking * separate the user key in memory from user keys in storage * add new memory concept to crypto service calls in cli * update auth service to use new crypto service * update register component in lib to use new crypto service * update register component again with more crypto service * update sync service to use new crypto service methods * update send service to use new crypto service methods * update folder service to use new crypto service methods * update cipher service to use new crypto service * update password generation service to use new crypto service * update vault timeout service with new crypto service * update collection service to use new crypto service * update emergency access components to use new crypto service methods * migrate login strategies to new key model - decrypt and set user symmetric key if Master Key is available - rename keys where applicable - update unit tests * migrate pin to use user's symmetric key instead of master key - set up new state - migrate on lock component - use new crypto service methods * update pin key when the user symmetric key is set - always set the protected pin so we can recreate pin key from user symmetric key - stop using EncryptionPair in account - use EncString for both pin key storage - update migration from old strategy on lock component * set user symmetric key on lock component - add missed key suffix types to crypto service methods * migrate auto key - add helper to internal crypto service method to migrate * remove additional keys in state service clean * clean up the old pin keys in more flows - in the case that the app is updated while logged in and the user changes their pin, this will clear the old pin keys * finish migrate auto key if needed - migrate whenever retrieved from storage - add back the user symmetric key toggle * migrate biometrics key - migrate only on retrieval * fix crypto calls for key connector and vault timeout settings * update change password components with new crypto service * update assortment of leftover old crypto service calls * update device-crypto service with new crypto service * remove old EncKey methods from crypto service * remove clearEncKey from crypto service * move crypto service jsdoc to abstraction * add org key type and new method to build a data enc key for orgs * fix typing of bulk confirm component * fix EncString serialization issues & various fixes Co-authored-by: Matt Gibson <MGibson1@users.noreply.github.com> * update account model with new keys serialization * migrate native messaging for biometrics to use new key model - support backwards compatibility - update safari web extension to send user key - add error handling * add early exit to native messaging flow for errors * improve error strings in crypto service * disable disk cache for browser due to bg script/popup race conditions * clear bio key when pin is migrated as bio is refreshed * share disk cache to fix syncing issues between contexts * check for ephemeral pin before process reload * remove state no longer needed and add JSDOC * fix linter * add new types to tests * remove cryptoMasterKeyB64 from account * fix tests imports * use master key for device approvals still * cleanup old TODOs, add missing crypto service parameters * fix cli crypto service calls * share disk cache between contexts on browser * Revert "share disk cache between contexts on browser" This reverts commit |
||
|
Matt Gibson
|
36b7d30804 |
Fix failing crypto tests (#5948)
* Change everything to Uint8Array related to https://github.com/jestjs/jest/issues/14379 * Work on failing type tests * Revert changes to custom matcher setup * Remove last BufferArrays from tests * Fix custom matcher type errors in vscode * Remove errant `.buffer` calls on Uint8Arrays * Encryption Pair should serialize Array Buffer and Uint8Array * Fix EncArrayBuffer encryption --------- Co-authored-by: Thomas Rittson <trittson@bitwarden.com> |
||
|
Matt Gibson
|
78248db590 |
Platform/pm 19/platform team file moves (#5460)
* Rename service-factory folder * Move cryptographic service factories * Move crypto models * Move crypto services * Move domain base class * Platform code owners * Move desktop log services * Move log files * Establish component library ownership * Move background listeners * Move background background * Move localization to Platform * Move browser alarms to Platform * Move browser state to Platform * Move CLI state to Platform * Move Desktop native concerns to Platform * Move flag and misc to Platform * Lint fixes * Move electron state to platform * Move web state to Platform * Move lib state to Platform * Fix broken tests * Rename interface to idiomatic TS * `npm run prettier` 🤖 * Resolve review feedback * Set platform as owners of web core and shared * Expand moved services * Fix test types --------- Co-authored-by: Hinton <hinton@users.noreply.github.com> |
||
Vincent Salucci
|
bacb8828de |
[AC-1266] Enums filename conventions (#5140)
* refactor: update clientType enum * refactor: update deviceType filename * refactor: update encryptedExportType filename * refactor: update encryptionType filename * refactor: update eventType filename * refactor: update fieldType filename * refactor: update fileUploadType filename * refactor: update hashPurpose filename * refactor: update htmlStorageLocation filename * refactor: update kdfType filename * refactor: update keySuffixOptions filename * refactor: update linkedIdType filename * refactor: update logLevelType filename * refactor: update nativeMessagingVersion filename * refactor: update notificationType filename * refactor: update productType filename * refactor: update secureNoteType filename * refactor: update stateVersion filename * refactor: update storageLocation filename * refactor: update themeType filename * refactor: update uriMatchType filename * fix: update kdfType classes missed in initial pass, refs AC-1266 * fix: missing import update for device-type * refactor: add barrel file for enums and update pathed import statements, refs AC-1266 * fix: incorrect import statements for web, refs AC-1266 * fix: missed import statement updates (browser), refs AC-1266 * fix: missed import statement changes (cli), refs AC-1266 * fix: missed import statement changes (desktop), refs AC-1266 * fix: prettier, refs AC-1266 * refactor: (libs) update relative paths to use barrel file, refs AC-1266 * fix: missed find/replace import statements for SecureNoteType, refs AC-1266 * refactor: apply .enum suffix to enums folder and modify leftover relative paths, refs AC-1266 * fix: find/replace errors for native-messaging-version, refs AC-1266 |
||
Daniel James Smith
|
db2d8aaa7e |
Rename files and folders per ADR #12 (#4106)
Renamed folders: ./apps/desktop/src/models/nativeMessaging ./apps/desktop/src/models/nativeMessaging/encryptedMessagePayloads ./apps/desktop/src/models/nativeMessaging/encryptedMessageResponses Renamed all files Cleaned up entries in whitelist-capital-letters.txt |