bitwarden/mobile
1
0
Fork 0
mirror of https://github.com/bitwarden/mobile synced 2026-01-05 10:03:26 +00:00
Code Issues Releases Wiki Activity

PM-4739 Fix PR comments

Browse Source
This commit is contained in:
Carlos Gonçalves
2023-12-12 12:22:28 +00:00
parent c04933b959
commit 287b3a0580
6 changed files with 26 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/Core/Abstractions/ICryptoService.cs
View File

@@ -64,5 +64,6 @@ namespace Bit.Core.Abstractions
Task<MasterKey> GetOrDeriveMasterKeyAsync(string password, string userId = null);
Task UpdateMasterKeyAndUserKeyAsync(MasterKey masterKey);
Task<string> HashAsync(string value, CryptoHashAlgorithm hashAlgorithm);
Task<bool> ValidateUriChecksumAsync(EncString remoteUriChecksum, string rawUri, string orgId, SymmetricCryptoKey key);
}
}

4
src/Core/Models/Domain/Cipher.cs
View File

@@ -93,7 +93,6 @@ namespace Bit.Core.Models.Domain
public async Task<CipherView> DecryptAsync()
{
var model = new CipherView(this);
var bypassValidation = true;
if (Key != null)
{
@@ -105,7 +104,6 @@ namespace Bit.Core.Models.Domain
var key = await cryptoService.DecryptToBytesAsync(Key, orgKey);
model.Key = new CipherKey(key);
bypassValidation = false;
}
await DecryptObjAsync(model, this, new HashSet<string>
@@ -117,7 +115,7 @@ namespace Bit.Core.Models.Domain
switch (Type)
{
case Enums.CipherType.Login:
model.Login = await Login.DecryptAsync(OrganizationId, bypassValidation, model.Key);
model.Login = await Login.DecryptAsync(OrganizationId, Key == null, model.Key);
break;
case Enums.CipherType.SecureNote:
model.SecureNote = await SecureNote.DecryptAsync(OrganizationId, model.Key);

5
src/Core/Models/Domain/Login.cs
View File

@@ -2,8 +2,10 @@
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Bit.Core.Abstractions;
using Bit.Core.Models.Data;
using Bit.Core.Models.View;
using Bit.Core.Utilities;
namespace Bit.Core.Models.Domain
{
@@ -41,11 +43,12 @@ namespace Bit.Core.Models.Domain
}, orgId, key);
if (Uris != null)
{
var cryptoService = ServiceContainer.Resolve<ICryptoService>();
view.Uris = new List<LoginUriView>();
foreach (var uri in Uris)
{
var loginUriView = await uri.DecryptAsync(orgId, key);
if (bypassValidation || (await uri.ValidateChecksum(loginUriView.Uri, orgId, key)))
if (bypassValidation || await cryptoService.ValidateUriChecksumAsync(uri.UriChecksum, loginUriView.Uri, orgId, key))
{
view.Uris.Add(loginUriView);
}

30
src/Core/Models/Domain/LoginUri.cs
View File

@@ -1,10 +1,9 @@
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Bit.Core.Abstractions;
using Bit.Core.Enums;
using Bit.Core.Models.Data;
using Bit.Core.Models.View;
using Bit.Core.Utilities;
namespace Bit.Core.Models.Domain
{
@@ -12,7 +11,8 @@ namespace Bit.Core.Models.Domain
{
private HashSet<string> _map = new HashSet<string>
{
"Uri"
nameof(Uri),
nameof(UriChecksum)
};
public LoginUri() { }
@@ -20,12 +20,6 @@ namespace Bit.Core.Models.Domain
public LoginUri(LoginUriData obj, bool alreadyEncrypted = false)
{
Match = obj.Match;
if (obj.UriChecksum != null)
{
UriChecksum = new EncString(obj.UriChecksum);
}
BuildDomainModel(this, obj, _map, alreadyEncrypted);
}
@@ -35,7 +29,7 @@ namespace Bit.Core.Models.Domain
public Task<LoginUriView> DecryptAsync(string orgId, SymmetricCryptoKey key = null)
{
return DecryptObjAsync(new LoginUriView(this), this, _map, orgId, key);
return DecryptObjAsync(new LoginUriView(this), this, _map.Where(m => m != nameof(UriChecksum)).ToHashSet<string>(), orgId, key);
}
public LoginUriData ToLoginUriData()
@@ -44,21 +38,5 @@ namespace Bit.Core.Models.Domain
BuildDataModel(this, u, _map, new HashSet<string> { "Match" });
return u;
}
public async Task<bool> ValidateChecksum(string clearTextUri, string orgId, SymmetricCryptoKey key)
{
if (this.UriChecksum == null)
{
return false;
}
// HACK: I don't like resolving this here but I can't see a better way without
// refactoring a lot of things.
var cryptoService = ServiceContainer.Resolve<ICryptoService>();
var localChecksum = await cryptoService.HashAsync(clearTextUri, CryptoHashAlgorithm.Sha256);
var remoteChecksum = await this.UriChecksum.DecryptAsync(orgId, key);
return remoteChecksum == localChecksum;
}
}
}

2
src/Core/Models/Export/LoginUri.cs
View File

@@ -17,10 +17,12 @@ namespace Bit.Core.Models.Export
{
Match = obj.Match;
Uri = obj.Uri?.EncryptedString;
UriChecksum = obj.UriChecksum?.EncryptedString;
}
public UriMatchType? Match { get; set; }
public string Uri { get; set; }
public string UriChecksum { get; set; }
public static LoginUriView ToView(LoginUri req, LoginUriView view = null)
{

14
src/Core/Services/CryptoService.cs
View File

@@ -736,6 +736,20 @@ namespace Bit.Core.Services
return Convert.ToBase64String(hashArray);
}
public async Task<bool> ValidateUriChecksumAsync(EncString remoteUriChecksum, string rawUri, string orgId, SymmetricCryptoKey key)
{
if (remoteUriChecksum == null)
{
return false;
}
//var cryptoService = ServiceContainer.Resolve<ICryptoService>();
var localChecksum = await HashAsync(rawUri, CryptoHashAlgorithm.Sha256);
var remoteChecksum = await remoteUriChecksum.DecryptAsync(orgId, key);
return remoteChecksum == localChecksum;
}
// --HELPER METHODS--
private async Task StoreAdditionalKeysAsync(UserKey userKey, string userId = null)