bitwarden/directory-connector
1
0
Fork 0
mirror of https://github.com/bitwarden/directory-connector synced 2025-12-21 02:33:14 +00:00
Code Issues Releases Wiki Activity

more fixes. everything is broken. shelving this for now.

Browse Source
This commit is contained in:
Jared McCannon
2025-12-12 12:33:49 -06:00
parent 7deec78ca4
commit 98260e6087
6 changed files with 84 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
jslib/common/spec/domain/symmetricCryptoKey.spec.ts
View File

@@ -17,45 +17,48 @@ describe("SymmetricCryptoKey", () => {
const key = makeStaticByteArray(32); const key = makeStaticByteArray(32);
const cryptoKey = new SymmetricCryptoKey(key); const cryptoKey = new SymmetricCryptoKey(key);
expect(cryptoKey).toEqual({ expect(cryptoKey.encType).toBe(0);
encKey: key, expect(cryptoKey.keyB64).toBe("AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=");
encKeyB64: "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=", expect(cryptoKey.encKeyB64).toBe("AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=");
encType: 0, expect(cryptoKey.macKey).toBeNull();
key: key, expect(cryptoKey.key).toBeInstanceOf(ArrayBuffer);
keyB64: "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=", expect(cryptoKey.encKey).toBeInstanceOf(ArrayBuffer);
macKey: null, expect(cryptoKey.key.byteLength).toBe(32);
}); expect(cryptoKey.encKey.byteLength).toBe(32);
}); });
it("AesCbc128_HmacSha256_B64", () => { it("AesCbc128_HmacSha256_B64", () => {
const key = makeStaticByteArray(32); const key = makeStaticByteArray(32);
const cryptoKey = new SymmetricCryptoKey(key, EncryptionType.AesCbc128_HmacSha256_B64); const cryptoKey = new SymmetricCryptoKey(key, EncryptionType.AesCbc128_HmacSha256_B64);
expect(cryptoKey).toEqual({ // After TS 5.9 upgrade, properties are ArrayBuffer not Uint8Array
encKey: key.slice(0, 16), expect(cryptoKey.encType).toBe(1);
encKeyB64: "AAECAwQFBgcICQoLDA0ODw==", expect(cryptoKey.keyB64).toBe("AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=");
encType: 1, expect(cryptoKey.encKeyB64).toBe("AAECAwQFBgcICQoLDA0ODw==");
key: key, expect(cryptoKey.macKeyB64).toBe("EBESExQVFhcYGRobHB0eHw==");
keyB64: "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=", expect(cryptoKey.key).toBeInstanceOf(ArrayBuffer);
macKey: key.slice(16, 32), expect(cryptoKey.encKey).toBeInstanceOf(ArrayBuffer);
macKeyB64: "EBESExQVFhcYGRobHB0eHw==", expect(cryptoKey.macKey).toBeInstanceOf(ArrayBuffer);
}); expect(cryptoKey.key.byteLength).toBe(32);
expect(cryptoKey.encKey.byteLength).toBe(16);
expect(cryptoKey.macKey.byteLength).toBe(16);
}); });
it("AesCbc256_HmacSha256_B64", () => { it("AesCbc256_HmacSha256_B64", () => {
const key = makeStaticByteArray(64); const key = makeStaticByteArray(64);
const cryptoKey = new SymmetricCryptoKey(key); const cryptoKey = new SymmetricCryptoKey(key);
expect(cryptoKey).toEqual({ // After TS 5.9 upgrade, properties are ArrayBuffer not Uint8Array
encKey: key.slice(0, 32), expect(cryptoKey.encType).toBe(2);
encKeyB64: "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=", expect(cryptoKey.keyB64).toBe("AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+Pw==");
encType: 2, expect(cryptoKey.encKeyB64).toBe("AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=");
key: key, expect(cryptoKey.macKeyB64).toBe("ICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj8=");
keyB64: expect(cryptoKey.key).toBeInstanceOf(ArrayBuffer);
"AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+Pw==", expect(cryptoKey.encKey).toBeInstanceOf(ArrayBuffer);
macKey: key.slice(32, 64), expect(cryptoKey.macKey).toBeInstanceOf(ArrayBuffer);
macKeyB64: "ICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj8=", expect(cryptoKey.key.byteLength).toBe(64);
}); expect(cryptoKey.encKey.byteLength).toBe(32);
expect(cryptoKey.macKey.byteLength).toBe(32);
}); });
it("unknown length", () => { it("unknown length", () => {

6
jslib/common/src/misc/utils.ts
View File

@@ -92,7 +92,11 @@ class Utils {
static fromBufferToB64(buffer: BufferSource): string { static fromBufferToB64(buffer: BufferSource): string {
if (Utils.isNode) { if (Utils.isNode) {
return Buffer.from(buffer as ArrayBuffer).toString("base64"); if (ArrayBuffer.isView(buffer)) {
return Buffer.from(buffer.buffer, buffer.byteOffset, buffer.byteLength).toString("base64");
} else {
return Buffer.from(buffer).toString("base64");
}
} else { } else {
let binary = ""; let binary = "";
const bytes = ArrayBuffer.isView(buffer) ? new Uint8Array(buffer.buffer, buffer.byteOffset, buffer.byteLength) : new Uint8Array(buffer); const bytes = ArrayBuffer.isView(buffer) ? new Uint8Array(buffer.buffer, buffer.byteOffset, buffer.byteLength) : new Uint8Array(buffer);

56
jslib/node/spec/services/nodeCryptoFunction.service.spec.ts
View File

@@ -95,7 +95,7 @@ describe("NodeCrypto Function Service", () => {
const cryptoFunctionService = new NodeCryptoFunctionService(); const cryptoFunctionService = new NodeCryptoFunctionService();
const prk = Utils.fromB64ToArray(prk16Byte); const prk = Utils.fromB64ToArray(prk16Byte);
const f = cryptoFunctionService.hkdfExpand( const f = cryptoFunctionService.hkdfExpand(
prk.buffer as ArrayBuffer, prk.buffer,
"info", "info",
32, 32,
"sha256", "sha256",
@@ -107,7 +107,7 @@ describe("NodeCrypto Function Service", () => {
const cryptoFunctionService = new NodeCryptoFunctionService(); const cryptoFunctionService = new NodeCryptoFunctionService();
const prk = Utils.fromB64ToArray(prk32Byte); const prk = Utils.fromB64ToArray(prk32Byte);
const f = cryptoFunctionService.hkdfExpand( const f = cryptoFunctionService.hkdfExpand(
prk.buffer as ArrayBuffer, prk.buffer,
"info", "info",
8161, 8161,
"sha256", "sha256",
@@ -181,16 +181,16 @@ describe("NodeCrypto Function Service", () => {
it("should successfully encrypt and then decrypt data", async () => { it("should successfully encrypt and then decrypt data", async () => {
const nodeCryptoFunctionService = new NodeCryptoFunctionService(); const nodeCryptoFunctionService = new NodeCryptoFunctionService();
const iv = makeStaticByteArray(16); const iv = makeStaticByteArray(16).buffer;
const key = makeStaticByteArray(32); const key = makeStaticByteArray(32).buffer;
const value = "EncryptMe!"; const value = "EncryptMe!";
const data = Utils.fromUtf8ToArray(value); const data = Utils.fromUtf8ToArray(value).buffer;
const encValue = await nodeCryptoFunctionService.aesEncrypt( const encValue = await nodeCryptoFunctionService.aesEncrypt(
data.buffer, data,
iv.buffer, iv,
key.buffer, key
); );
const decValue = await nodeCryptoFunctionService.aesDecrypt(encValue, iv.buffer, key.buffer); const decValue = await nodeCryptoFunctionService.aesDecrypt(encValue, iv, key);
expect(Utils.fromBufferToUtf8(decValue)).toBe(value); expect(Utils.fromBufferToUtf8(decValue)).toBe(value);
}); });
}); });
@@ -198,8 +198,9 @@ describe("NodeCrypto Function Service", () => {
describe("aesDecryptFast", () => { describe("aesDecryptFast", () => {
it("should successfully decrypt data", async () => { it("should successfully decrypt data", async () => {
const nodeCryptoFunctionService = new NodeCryptoFunctionService(); const nodeCryptoFunctionService = new NodeCryptoFunctionService();
const iv = Utils.fromBufferToB64(makeStaticByteArray(16).buffer); const ivArray = makeStaticByteArray(16);
const symKey = new SymmetricCryptoKey(makeStaticByteArray(32).buffer); const iv = Utils.fromBufferToB64(ivArray);
const symKey = new SymmetricCryptoKey(makeStaticByteArray(32));
const data = "ByUF8vhyX4ddU9gcooznwA=="; const data = "ByUF8vhyX4ddU9gcooznwA==";
const params = nodeCryptoFunctionService.aesDecryptFastParameters(data, iv, null, symKey); const params = nodeCryptoFunctionService.aesDecryptFastParameters(data, iv, null, symKey);
const decValue = await nodeCryptoFunctionService.aesDecryptFast(params); const decValue = await nodeCryptoFunctionService.aesDecryptFast(params);
@@ -210,13 +211,13 @@ describe("NodeCrypto Function Service", () => {
describe("aesDecrypt", () => { describe("aesDecrypt", () => {
it("should successfully decrypt data", async () => { it("should successfully decrypt data", async () => {
const nodeCryptoFunctionService = new NodeCryptoFunctionService(); const nodeCryptoFunctionService = new NodeCryptoFunctionService();
const iv = makeStaticByteArray(16); const iv = makeStaticByteArray(16).buffer;
const key = makeStaticByteArray(32); const key = makeStaticByteArray(32).buffer;
const data = Utils.fromB64ToArray("ByUF8vhyX4ddU9gcooznwA=="); const data = Utils.fromB64ToArray("ByUF8vhyX4ddU9gcooznwA==").buffer;
const decValue = await nodeCryptoFunctionService.aesDecrypt( const decValue = await nodeCryptoFunctionService.aesDecrypt(
data.buffer, data,
iv.buffer, iv,
key.buffer, key,
); );
expect(Utils.fromBufferToUtf8(decValue)).toBe("EncryptMe!"); expect(Utils.fromBufferToUtf8(decValue)).toBe("EncryptMe!");
}); });
@@ -226,7 +227,7 @@ describe("NodeCrypto Function Service", () => {
it("should successfully encrypt and then decrypt data", async () => { it("should successfully encrypt and then decrypt data", async () => {
const nodeCryptoFunctionService = new NodeCryptoFunctionService(); const nodeCryptoFunctionService = new NodeCryptoFunctionService();
const pubKey = Utils.fromB64ToArray(RsaPublicKey); const pubKey = Utils.fromB64ToArray(RsaPublicKey);
const privKey = Utils.fromB64ToArray(RsaPrivateKey); const privKey = Utils.fromB64ToArray(RsaPrivateKey).buffer;
const value = "EncryptMe!"; const value = "EncryptMe!";
const data = Utils.fromUtf8ToArray(value); const data = Utils.fromUtf8ToArray(value);
const encValue = await nodeCryptoFunctionService.rsaEncrypt( const encValue = await nodeCryptoFunctionService.rsaEncrypt(
@@ -234,7 +235,7 @@ describe("NodeCrypto Function Service", () => {
pubKey.buffer, pubKey.buffer,
"sha1", "sha1",
); );
const decValue = await nodeCryptoFunctionService.rsaDecrypt(encValue, privKey.buffer, "sha1"); const decValue = await nodeCryptoFunctionService.rsaDecrypt(encValue, privKey, "sha1");
expect(Utils.fromBufferToUtf8(decValue)).toBe(value); expect(Utils.fromBufferToUtf8(decValue)).toBe(value);
}); });
}); });
@@ -261,8 +262,8 @@ describe("NodeCrypto Function Service", () => {
describe("rsaExtractPublicKey", () => { describe("rsaExtractPublicKey", () => {
it("should successfully extract key", async () => { it("should successfully extract key", async () => {
const nodeCryptoFunctionService = new NodeCryptoFunctionService(); const nodeCryptoFunctionService = new NodeCryptoFunctionService();
const privKey = Utils.fromB64ToArray(RsaPrivateKey); const privKey = Utils.fromB64ToArray(RsaPrivateKey).buffer;
const publicKey = await nodeCryptoFunctionService.rsaExtractPublicKey(privKey.buffer); const publicKey = await nodeCryptoFunctionService.rsaExtractPublicKey(privKey);
expect(Utils.fromBufferToB64(publicKey)).toBe(RsaPublicKey); expect(Utils.fromBufferToB64(publicKey)).toBe(RsaPublicKey);
}); });
}); });
@@ -343,8 +344,7 @@ function testHkdf(
utf8Key: string, utf8Key: string,
unicodeKey: string, unicodeKey: string,
) { ) {
const ikmArray = Utils.fromB64ToArray("criAmKtfzxanbgea5/kelQ=="); const ikm = Utils.fromB64ToArray("criAmKtfzxanbgea5/kelQ==");
const ikm = ikmArray.buffer as ArrayBuffer;
const regularSalt = "salt"; const regularSalt = "salt";
const utf8Salt = "üser_salt"; const utf8Salt = "üser_salt";
@@ -356,26 +356,26 @@ function testHkdf(
it("should create valid " + algorithm + " key from regular input", async () => { it("should create valid " + algorithm + " key from regular input", async () => {
const cryptoFunctionService = new NodeCryptoFunctionService(); const cryptoFunctionService = new NodeCryptoFunctionService();
const key = await cryptoFunctionService.hkdf(ikm, regularSalt, regularInfo, 32, algorithm); const key = await cryptoFunctionService.hkdf(ikm.buffer, regularSalt, regularInfo, 32, algorithm);
expect(Utils.fromBufferToB64(key)).toBe(regularKey); expect(Utils.fromBufferToB64(key)).toBe(regularKey);
}); });
it("should create valid " + algorithm + " key from utf8 input", async () => { it("should create valid " + algorithm + " key from utf8 input", async () => {
const cryptoFunctionService = new NodeCryptoFunctionService(); const cryptoFunctionService = new NodeCryptoFunctionService();
const key = await cryptoFunctionService.hkdf(ikm, utf8Salt, utf8Info, 32, algorithm); const key = await cryptoFunctionService.hkdf(ikm.buffer, utf8Salt, utf8Info, 32, algorithm);
expect(Utils.fromBufferToB64(key)).toBe(utf8Key); expect(Utils.fromBufferToB64(key)).toBe(utf8Key);
}); });
it("should create valid " + algorithm + " key from unicode input", async () => { it("should create valid " + algorithm + " key from unicode input", async () => {
const cryptoFunctionService = new NodeCryptoFunctionService(); const cryptoFunctionService = new NodeCryptoFunctionService();
const key = await cryptoFunctionService.hkdf(ikm, unicodeSalt, unicodeInfo, 32, algorithm); const key = await cryptoFunctionService.hkdf(ikm.buffer, unicodeSalt, unicodeInfo, 32, algorithm);
expect(Utils.fromBufferToB64(key)).toBe(unicodeKey); expect(Utils.fromBufferToB64(key)).toBe(unicodeKey);
}); });
it("should create valid " + algorithm + " key from array buffer input", async () => { it("should create valid " + algorithm + " key from array buffer input", async () => {
const cryptoFunctionService = new NodeCryptoFunctionService(); const cryptoFunctionService = new NodeCryptoFunctionService();
const key = await cryptoFunctionService.hkdf( const key = await cryptoFunctionService.hkdf(
ikm, ikm.buffer,
Utils.fromUtf8ToArray(regularSalt).buffer, Utils.fromUtf8ToArray(regularSalt).buffer,
Utils.fromUtf8ToArray(regularInfo).buffer, Utils.fromUtf8ToArray(regularInfo).buffer,
32, 32,
@@ -397,7 +397,7 @@ function testHkdfExpand(
const cryptoFunctionService = new NodeCryptoFunctionService(); const cryptoFunctionService = new NodeCryptoFunctionService();
const prk = Utils.fromB64ToArray(b64prk); const prk = Utils.fromB64ToArray(b64prk);
const okm = await cryptoFunctionService.hkdfExpand( const okm = await cryptoFunctionService.hkdfExpand(
prk.buffer as ArrayBuffer, prk.buffer,
info, info,
outputByteSize, outputByteSize,
algorithm, algorithm,

18
jslib/node/src/services/nodeCryptoFunction.service.ts
View File

@@ -147,19 +147,22 @@ export class NodeCryptoFunctionService implements CryptoFunctionService {
): DecryptParameters<ArrayBuffer> { ): DecryptParameters<ArrayBuffer> {
const p = new DecryptParameters<ArrayBuffer>(); const p = new DecryptParameters<ArrayBuffer>();
p.encKey = key.encKey; p.encKey = key.encKey;
p.data = Utils.fromB64ToArray(data).buffer; const dataArr = Utils.fromB64ToArray(data);
p.iv = Utils.fromB64ToArray(iv).buffer; p.data = dataArr.buffer.slice(dataArr.byteOffset, dataArr.byteOffset + dataArr.byteLength) as ArrayBuffer;
const ivArr = Utils.fromB64ToArray(iv);
p.iv = ivArr.buffer.slice(ivArr.byteOffset, ivArr.byteOffset + ivArr.byteLength) as ArrayBuffer;
const macData = new Uint8Array(p.iv.byteLength + p.data.byteLength); const macData = new Uint8Array(p.iv.byteLength + p.data.byteLength);
macData.set(new Uint8Array(p.iv), 0); macData.set(new Uint8Array(p.iv), 0);
macData.set(new Uint8Array(p.data), p.iv.byteLength); macData.set(new Uint8Array(p.data), p.iv.byteLength);
p.macData = macData.buffer; p.macData = macData.buffer.slice(macData.byteOffset, macData.byteOffset + macData.byteLength) as ArrayBuffer;
if (key.macKey != null) { if (key.macKey != null) {
p.macKey = key.macKey; p.macKey = key.macKey;
} }
if (mac != null) { if (mac != null) {
p.mac = Utils.fromB64ToArray(mac).buffer; const macArr = Utils.fromB64ToArray(mac);
p.mac = macArr.buffer.slice(macArr.byteOffset, macArr.byteOffset + macArr.byteLength) as ArrayBuffer;
} }
return p; return p;
@@ -277,9 +280,12 @@ export class NodeCryptoFunctionService implements CryptoFunctionService {
private toArrayBuffer(value: Buffer | string | ArrayBuffer): ArrayBuffer { private toArrayBuffer(value: Buffer | string | ArrayBuffer): ArrayBuffer {
let buf: ArrayBuffer; let buf: ArrayBuffer;
if (typeof value === "string") { if (typeof value === "string") {
buf = Utils.fromUtf8ToArray(value).buffer; const arr = Utils.fromUtf8ToArray(value);
buf = arr.buffer.slice(arr.byteOffset, arr.byteOffset + arr.byteLength) as ArrayBuffer;
} else if (Buffer.isBuffer(value)) {
buf = value.buffer.slice(value.byteOffset, value.byteOffset + value.byteLength) as ArrayBuffer;
} else { } else {
buf = new Uint8Array(value).buffer; buf = value;
} }
return buf; return buf;
} }

5
scripts/notarize.js
View File

@@ -1,10 +1,9 @@
/* eslint-disable @typescript-eslint/no-var-requires */
import { notarize } from "@electron/notarize"; import { notarize } from "@electron/notarize";
import { config } from "dotenv"; import { config } from "dotenv";
config(); config();
exports.default = async function notarizing(context) { export default async function notarizing(context) {
const { electronPlatformName, appOutDir } = context; const { electronPlatformName, appOutDir } = context;
if (electronPlatformName !== "darwin") { if (electronPlatformName !== "darwin") {
return; return;
@@ -35,4 +34,4 @@ exports.default = async function notarizing(context) {
appleIdPassword: appleIdPassword, appleIdPassword: appleIdPassword,
}); });
} }
}; }

11
scripts/sign.js
View File

@@ -1,8 +1,11 @@
/* eslint-disable @typescript-eslint/no-var-requires, no-console */ /* eslint-disable no-console */
import { execSync } from "child_process"; import { execSync } from "child_process";
exports.default = async function (configuration) { export default async function (configuration) {
if (parseInt(process.env.ELECTRON_BUILDER_SIGN) === 1 && configuration.path.slice(-4) == ".exe") { if (
parseInt(process.env.ELECTRON_BUILDER_SIGN) === 1 &&
configuration.path.slice(-4) === ".exe"
) {
console.log(`[*] Signing file: ${configuration.path}`); console.log(`[*] Signing file: ${configuration.path}`);
execSync( execSync(
`azuresigntool sign ` + `azuresigntool sign ` +
@@ -20,4 +23,4 @@ exports.default = async function (configuration) {
}, },
); );
} }
}; }