mirror of
https://github.com/bitwarden/browser
synced 2025-12-19 09:43:23 +00:00
35 lines
1.7 KiB
TypeScript
35 lines
1.7 KiB
TypeScript
import { Jsonify } from "type-fest";
|
|
|
|
import { EncString } from "../../../platform/models/domain/enc-string";
|
|
import { UserId } from "../../../types/guid";
|
|
|
|
/** A classification strategy that protects a type's secrets with
|
|
* user-specific information. The specific kind of information is
|
|
* determined by the classification strategy.
|
|
*/
|
|
export abstract class UserEncryptor<Secret> {
|
|
/** Protects secrets in `value` with a user-specific key.
|
|
* @param secret the object to protect. This object is mutated during encryption.
|
|
* @param userId identifies the user-specific information used to protect
|
|
* the secret.
|
|
* @returns a promise that resolves to a tuple. The tuple's first property contains
|
|
* the encrypted secret and whose second property contains an object w/ disclosed
|
|
* properties.
|
|
* @throws If `value` is `null` or `undefined`, the promise rejects with an error.
|
|
*/
|
|
abstract encrypt(secret: Secret, userId: UserId): Promise<EncString>;
|
|
|
|
/** Combines protected secrets and disclosed data into a type that can be
|
|
* rehydrated into a domain object.
|
|
* @param secret an encrypted JSON payload containing encrypted secrets.
|
|
* @param userId identifies the user-specific information used to protect
|
|
* the secret.
|
|
* @returns a promise that resolves to the raw state. This state *is not* a
|
|
* class. It contains only data that can be round-tripped through JSON,
|
|
* and lacks members such as a prototype or bound functions.
|
|
* @throws If `secret` or `disclosed` is `null` or `undefined`, the promise
|
|
* rejects with an error.
|
|
*/
|
|
abstract decrypt(secret: EncString, userId: UserId): Promise<Jsonify<Secret>>;
|
|
}
|