[PM-30920] Server changes to encrypt send access email list (#6867)

* models, entity, and stored procs updated to work with EmailHashes with migrations * configure data protection for EmailHashes * update SendAuthenticationQuery to use EmailHashes and perform validation * respond to Claude's comments and update tests * fix send.sql alignment Co-authored-by: mkincaid-bw <mkincaid@bitwarden.com> --------- Co-authored-by: Alex Dragovich <46065570+itsadrago@users.noreply.github.com> Co-authored-by: mkincaid-bw <mkincaid@bitwarden.com>
2026-02-11 22:13:24 +00:00 · 2026-01-28 07:13:25 -07:00
parent 2c39e336e0
commit fa06fe41ab
22 changed files with 11125 additions and 260 deletions
--- a/src/Api/Tools/Models/Request/SendRequestModel.cs
+++ b/src/Api/Tools/Models/Request/SendRequestModel.cs
@@ -102,9 +102,17 @@ public class SendRequestModel
    /// Comma-separated list of emails that may access the send using OTP
    /// authentication. Mutually exclusive with <see cref="Password"/>.
    /// </summary>
-    [StringLength(4000)]
+    [EncryptedString]
+    [EncryptedStringLength(4000)]
    public string Emails { get; set; }

+    /// <summary>
+    /// Comma-separated list of email **hashes**  that may access the send using OTP
+    /// authentication. Mutually exclusive with <see cref="Password"/>.
+    /// </summary>
+    [StringLength(4000)]
+    public string EmailHashes { get; set; }
+
    /// <summary>
    /// When <see langword="true"/>, send access is disabled.
    /// Defaults to <see langword="false"/>.
@@ -253,6 +261,7 @@ public class SendRequestModel
            // normalize encoding
            var emails = Emails.Split(',', RemoveEmptyEntries | TrimEntries);
            existingSend.Emails = string.Join(",", emails);
+            existingSend.EmailHashes = EmailHashes;
            existingSend.Password = null;
            existingSend.AuthType = Core.Tools.Enums.AuthType.Email;
        }