We ran into some weird issues where the memory was corrupted on certain architectures. It turns out we free'd memory before using it.
This ensures we make a copy of the data before freeing it, and extracts a common function for both crates to use.
* Update cargo.lock on windows
* Move ABE key decoding to helper.exe
* Safe slice operations (no panics)
* Refactor CNG code a bit
* Refactor CNG code a bit more
* Update README to match the new flow
* DRY up v1 and v2 decryption
* Remove all the crates and windows features that are not needed
* helper.exe split into a bunch of files
* Refator mod windows
* Minor cleanup
---------
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* feat: shorten socket paths
* fix: No such file or directory error
* feat: remove tmp folder from path
* fix: No such file or directory autofill error
* Extract windows biometrics v2 changes
Co-authored-by: Bernd Schoolmann <mail@quexten.com>
* Address some code review feedback
* cargo fmt
* rely on zeroizing allocator
* Handle TDE edge cases
* Update windows default
* Make windows rust code async and fix restoring focus freezes
* fix formatting
* cleanup native logging
* Add unit test coverage
* Add missing logic to edge case for PIN disable.
* Address code review feedback
* fix test
* code review changes
* fix clippy warning
* Swap to unimplemented on each method
* Implement encrypted memory store
* Make dpapi secure key container pub(super)
* Add comments on sync and send
* Clean up comments
* Clean up
* Fix build
* Add logging and update codeowners
* Run cargo fmt
* Clean up doc
* fix unit tests
* Update apps/desktop/desktop_native/core/src/secure_memory/secure_key/mod.rs
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Handle tampering with re-key and log
* Add docs
* Fix windows build
* Prevent rust flycheck log from being commited to git
* Undo feature flag change
* Add env var override and docs
* Add deps to km owership
---------
Co-authored-by: Thomas Avery <tavery@bitwarden.com>
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Add missing browser to SUPPORTED_BROWSERS in windows.rs
These were previously removed due to needing ABE support
* Add feature flag for chromium importer with ABE
* Fix tests for windows
* Run cargo fmt
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Add importer metadata to native code
* Impl napi code in ts
* Impl napi code in ts
* Fix clippy
* Fix clippy
* remove ts util tests
* Check for installed browsers
* PR fixes
* test fix
* fix clippy
* fix tests
* Bug fix
* clippy fix
* Correct tests
* fix clippy
* fix clippy
* Correct tests
* Correct tests
* [PM-25521] Wire up loading metadata on desktop (#16813)
* Initial commit
* Fix issues regarding now unused feature flag
* Fixed ts-strict issues
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: adudek-bw <adudek@bitwarden.com>
* Remove logic to skip Brave as that now happens via the native code
* Define default capabilities which can be overwritten by specifc client/platform
* Fix DI issues
* Do not overwrite existing importers, just add new ones or update existing ones
* feat: [PM-25521] return metadata directly (not as JSON) (#16882)
* feat: return metadata directly (not as JSON)
* Fix broken builds
Move getMetaData into chromium_importer
Remove chromium_importer_metadata and any related service
Parse object from native instead of json
* Run cargo fmt
* Fix cargo dependency sort order
* Use exposed type from NAPI instead of redefining it.
* Run cargo fmt
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Only enable chromium loader for installed and supported browsers
---------
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
* Implement libmemory_security
* Cleanup and add script
* Remove duplicate build for flatpak
* Rename to process isolation
* Move to desktop native
* Undo changes in gitignore
* Remove after-pack changes
* Run cargo fmt
* Sort deps
* Attempt to fix windows build
* Update apps/desktop/desktop_native/process_isolation/Cargo.toml
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
* Revert "Remove after-pack changes"
This reverts commit c441025587.
* Fix lib process isolation not being included in build
* Fix build
* Attempt to fix build
* Attempt to fix build
* Undo
* Fix library not being included
---------
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
* Desktop autotype windows error handling
* create a subdir
* extract window handle to separate file
* remove println in case tracing doesn't make it in
* touchups
* reduce scope of unsafe call
* use tracing
* Fix comparison on GetLastError result
* Remove the WindowHandle wrapper and save it for the unit testing PR
* restore apps/browser/src/platform/system-notifications/browser-system-notification.service.ts
* use the human readable message for GetLastError debug
* don't call GetLastError outside of error path
* add some more debug statements
* feedback coltonhorst: nits, fix false positive when len zero, re-add handle validation
* lint
* feedback coltonhurst: add comments and update var names
* [BEEEP][PM-255518] Use tracing for improved observability
* feedback dani-garcia: use DefaultVisitor
* set default log level
* convert printlns in objc crate
* convert printlns in autotype crate
* convert printlns in autostart crate
* convert printlns in core/password crate
* convert printlns in core/biometric crate
* convert printlns in napi crate
* convert log usage in macos provider crate
* convert existing log macros to tracing
* fix the cargo.toml sort lint errors
* Revert "fix the cargo.toml sort lint errors"
This reverts commit fd149ab697.
* fix the sort lint using correct cargo sort version
* feedback coltonhurst: more comments/clarity on behavior
* revert changes to ssh_agent
* Use tracing in ssh_agent
* [BEEEP][PM-255518] Use tracing for improved observability
* feedback dani-garcia: use DefaultVisitor
* set default log level
* convert printlns in objc crate
* convert printlns in autotype crate
* convert printlns in autostart crate
* convert printlns in core/password crate
* convert printlns in core/biometric crate
* convert printlns in napi crate
* convert log usage in macos provider crate
* convert existing log macros to tracing
* fix the cargo.toml sort lint errors
* Revert "fix the cargo.toml sort lint errors"
This reverts commit fd149ab697.
* fix the sort lint using correct cargo sort version
* feedback coltonhurst: more comments/clarity on behavior
* revert changes to ssh_agent
* Prevent memory dumping and debugger on windows and mac main process
* Fix clippy
* Only isolate process when isdev is false
* Clean up
* Add backticks around link
* Add importer dummy lib, add cargo deps for win/mac
* Add Chromium importer source from bitwarden/password-access
* Mod crypto is no more
* Expose some Chromium importer functions via NAPI, replace home with home_dir crate
* Add Chromium importer to the main <-> renderer IPC, export all functions from Rust
* Add password and notes fields to the imported logins
* Fix windows to use homedir instead of home
* Return success/failure results
* Import from account logins and join
* Linux v10 support
* Use mod util on Windows
* Use mod util on macOS
* Refactor to move shared code into chromium.rs
* Fix windows
* Fix Linux as well
* Linux v11 support for Chrome/Gnome, everything is async now
* Support multiple browsers on Linux v11
* Move oo7 to Linux
* Fix Windows
* Fix macOS
* Add support for Brave browser in Linux configuration
* Add support for Opera browser in Linux configuration
* Fix Edge and add Arc on macOS
* Add Opera on macOS
* Add support for Vivaldi browser in macOS configuration
* Add support for Chromium browser in macOS configuration
* Fix Edge on Windows
* Add Opera on Windows
* Add Vivaldi on windows
* Add Chromium to supported browsers on Windows
* stub out UI options for chromium direct import
* call IPC funcs from import-desktop
* add notes to chrome csv importer
* remove (csv) from import tool names and format item names as hostnames
* Add ABE/v20 encryption support
* ABE/v20 architecture description
* Add a build step to produce admin.exe and service.exe
* Add Windows v20/ABE configuration functionality to specify the full path to the admin.exe and service.exe. Use ipc.platform.chromiumImporter.configureWindowsCryptoService to configure the Chromium importer on Windows.
* rename ARCHITECTURE.md to README.md
* aligns with guidance from architecture re: in-repository documentation.
* also fixes a failing lint.
* cargo fmt
* cargo clippy fix
* Declare feature flag for using chromium importer
* Linter fix after executing npm run prettier
* Use feature flag to guard the use of the chromium importer
* Added temporary logging to further debug, why the Angular change detection isn't working as expected
* introduce importer metadata; host metadata from service; includes tests
* fix cli build
* Register autotype module in lib.rs
introduce by a bad merge
* Fix web build
* Fix issue with loaders being undefined and the feature flag turned off
* Add missing Chromium support when selecting chromecsv
* debugging
* remove chromium support from chromecsv metadata
* fix default loader selection
* [PM-24753] cargo lib file (#16090)
* Add new modules
* Fix chromium importer
* Fix compile bugs for toolchain
* remove importer folder
* remove IPC code
* undo setting change
* clippy fixes
* cargo fmt
* clippy fixes
* clippy fixes
* clippy fixes
* clippy fixes
* lint fix
* fix release build
* Add files in CODEOWNERS
* Create tools owned preload.ts
* Move chromium-importer.service under tools-ownership
* Fix typeError
When accessing the Chromium direct import options the file button is hidden, so trying to access it's values will fail
* Fix tools owned preload
* Remove dead code and redundant truncation
* Remove configureWindowsCryptoService function/methods
* Clean up cargo files
* Fix unused async
* Update apps/desktop/desktop_native/bitwarden_chromium_importer/Cargo.toml
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* Fix napi deps
* fix lints
* format
* fix linux lint
* fix windows lints
* format
* fix missing `?`
* fix a different missing `?`
---------
Co-authored-by: Dmitry Yakimenko <detunized@gmail.com>
Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: ✨ Audrey ✨ <ajensen@bitwarden.com>
Co-authored-by: ✨ Audrey ✨ <audrey@audreyality.com>
Co-authored-by: adudek-bw <adudek@bitwarden.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
Apply the same clippy configuration as we have in sdk-internal. bitwarden/sdk-internal@49f84e6/Cargo.toml#L91-L94
Adds FIXME comments to all existing violations. unwrap is bad as those will resullt in panics and crash the application. Unused async is ignored in napi since that would require changes to the js side which I don't want to deal with.
* Chrome extension biometric unlock not functioning correctly with Windows Hello.
When unlocking via Windows Hello prompt, the popup have to be in the foreground. If it is not, even for short amount of time (few seconds), if later prompt confirmed, it won't return success when returning signed os key half.
* unit test coverage
* unit test coverage
* exclude test files from build
* use electron `setAlwaysOnTop` instead of toggle
* remove Windows os key half created with derive_key_material biometric function, that prompted Windows Hello.
Moves Windows hello prompt into getBiometricKey.
Witness key no longer needed.
* windows crate formatting
* remove biometric on app start for windows
* failing os biometrics windows unit tests
* cleanup of os biometrics windows unit tests
* increased coverage of os biometrics windows unit tests
* open Windows Hello prompt in the currently focused window, instead of always desktop app
* conflict resolution after merge, typescript lint issues, increased test coverage.
* backwards compatibility when require password on start was disabled
* biometric unlock cancellation and error handling
* biometric settings simplifications
* [PM-22783] Add initial feature flag and settings toggle for autotype MVP
* [PM-22783] Undo Cargo.lock changes
* [PM-22783] Disable console.log block
* [PM-22783] Lint fix
* [PM-22783] Small updates
* [PM-22783] Build fix
* [PM-22783] Use combineLatest in updating the desktop autotype service
* [PM-22783] Check if the user is on Windows
* [PM-22783] Undo access selector html change, linting keeps removing this
* [PM-22783] Fix failing test
* [PM-22788] Add initial desktop native autotype crate based on spike ticket investigation
* [PM-22788] cargo fmt
* [PM-22783] Update autotypeEnabled to be stored in service
* [PM-22783] Add todo comments
* [PM-22783] Add SlimConfigService and MainDesktopAutotypeService
* [PM-22783] Small fixes
* [PM-22788] Add get_foreground_window_title() and cleanup
* [PM-22788] Add comment
* [PM-22788] Lint and cross platform build fixes
* [PM-22788] Update windows.rs in autotype_internal
* [PM-22788] Update windows.rs and dummy.rs in autotype_internal
* [PM-22788] cargo fmt
* [PM-22788] Edit napi result types
* [PM-22788] Edit napi result types again
* [PM-22788] Add autofill as a codeowner of the desktop_native/autotype directory
* [PM-22788] Refactor autotype code
* [PM-22788] Move autotype dependency out of windows only due to abstraction change
* [PM-22788] Fix lint errors
* [PM-22788] Updates based on PR comments
* [PM-22788] cargo fmt
