bitwarden-estensione-browser/apps/cli/src/services/nodeEnvSecureStorage.servic...

import { CryptoService } from "jslib-common/abstractions/crypto.service";
import { LogService } from "jslib-common/abstractions/log.service";
import { StorageService } from "jslib-common/abstractions/storage.service";
import { Utils } from "jslib-common/misc/utils";
import { SymmetricCryptoKey } from "jslib-common/models/domain/symmetricCryptoKey";

export class NodeEnvSecureStorageService implements StorageService {
  constructor(
    private storageService: StorageService,
    private logService: LogService,
    private cryptoService: () => CryptoService
  ) {}

  async get<T>(key: string): Promise<T> {
    const value = await this.storageService.get<string>(this.makeProtectedStorageKey(key));
    if (value == null) {
      return null;
    }
    const obj = await this.decrypt(value);
    return obj as any;
  }

  async has(key: string): Promise<boolean> {
    return (await this.get(key)) != null;
  }

  async save(key: string, obj: any): Promise<any> {
    if (obj == null) {
      return this.remove(key);
    }

    if (obj !== null && typeof obj !== "string") {
      throw new Error("Only string storage is allowed.");
    }
    const protectedObj = await this.encrypt(obj);
    await this.storageService.save(this.makeProtectedStorageKey(key), protectedObj);
  }

  remove(key: string): Promise<any> {
    return this.storageService.remove(this.makeProtectedStorageKey(key));
  }

  private async encrypt(plainValue: string): Promise<string> {
    const sessionKey = this.getSessionKey();
    if (sessionKey == null) {
      throw new Error("No session key available.");
    }
    const encValue = await this.cryptoService().encryptToBytes(
      Utils.fromB64ToArray(plainValue).buffer,
      sessionKey
    );
    if (encValue == null) {
      throw new Error("Value didn't encrypt.");
    }

    return Utils.fromBufferToB64(encValue.buffer);
  }

  private async decrypt(encValue: string): Promise<string> {
    try {
      const sessionKey = this.getSessionKey();
      if (sessionKey == null) {
        return null;
      }

      const decValue = await this.cryptoService().decryptFromBytes(
        Utils.fromB64ToArray(encValue).buffer,
        sessionKey
      );
      if (decValue == null) {
        this.logService.info("Failed to decrypt.");
        return null;
      }

      return Utils.fromBufferToB64(decValue);
    } catch (e) {
      this.logService.info("Decrypt error.");
      return null;
    }
  }

  private getSessionKey() {
    try {
      if (process.env.BW_SESSION != null) {
        const sessionBuffer = Utils.fromB64ToArray(process.env.BW_SESSION).buffer;
        if (sessionBuffer != null) {
          const sessionKey = new SymmetricCryptoKey(sessionBuffer);
          if (sessionBuffer != null) {
            return sessionKey;
          }
        }
      }
    } catch (e) {
      this.logService.info("Session key is invalid.");
    }

    return null;
  }

  private makeProtectedStorageKey(key: string) {
    return "__PROTECTED__" + key;
  }
}
Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`import { CryptoService } from "jslib-common/abstractions/crypto.service";`
			`import { LogService } from "jslib-common/abstractions/log.service";`
			`import { StorageService } from "jslib-common/abstractions/storage.service";`
			`import { Utils } from "jslib-common/misc/utils";`
Add eslint (#496) 2022-03-03 18:24:41 +01:00			`import { SymmetricCryptoKey } from "jslib-common/models/domain/symmetricCryptoKey";`
secure storage with env session key 2018-05-16 03:11:58 +02:00
			`export class NodeEnvSecureStorageService implements StorageService {`
Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`constructor(`
			`private storageService: StorageService,`
			`private logService: LogService,`
			`private cryptoService: () => CryptoService`
			`) {}`
secure storage with env session key 2018-05-16 03:11:58 +02:00
Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`async get<T>(key: string): Promise<T> {`
			`const value = await this.storageService.get<string>(this.makeProtectedStorageKey(key));`
			`if (value == null) {`
			`return null;`
Implement `has` for storage services (#328) * Implement `has` for storage services * Update jslib 2021-06-15 20:41:17 +02:00			`}`
Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`const obj = await this.decrypt(value);`
			`return obj as any;`
			`}`
Implement `has` for storage services (#328) * Implement `has` for storage services * Update jslib 2021-06-15 20:41:17 +02:00
Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`async has(key: string): Promise<boolean> {`
			`return (await this.get(key)) != null;`
			`}`
secure storage with env session key 2018-05-16 03:11:58 +02:00
Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`async save(key: string, obj: any): Promise<any> {`
Fix/lowdb no cache (#443) * Add jslib prettier commit to client ignore hashes * Remove lowdb caching * Fix state service remove being set to null * Await in-memory key retrieval * Fix key loading and unlock requests. * Linter fixes * linter fixes * linter fixes 2022-01-13 18:03:19 +01:00			`if (obj == null) {`
			`return this.remove(key);`
			`}`

			`if (obj !== null && typeof obj !== "string") {`
Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`throw new Error("Only string storage is allowed.");`
secure storage with env session key 2018-05-16 03:11:58 +02:00			`}`
Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`const protectedObj = await this.encrypt(obj);`
			`await this.storageService.save(this.makeProtectedStorageKey(key), protectedObj);`
			`}`
secure storage with env session key 2018-05-16 03:11:58 +02:00
Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`remove(key: string): Promise<any> {`
			`return this.storageService.remove(this.makeProtectedStorageKey(key));`
			`}`
secure storage with env session key 2018-05-16 03:11:58 +02:00
Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`private async encrypt(plainValue: string): Promise<string> {`
			`const sessionKey = this.getSessionKey();`
			`if (sessionKey == null) {`
			`throw new Error("No session key available.");`
			`}`
			`const encValue = await this.cryptoService().encryptToBytes(`
			`Utils.fromB64ToArray(plainValue).buffer,`
			`sessionKey`
			`);`
			`if (encValue == null) {`
			`throw new Error("Value didn't encrypt.");`
secure storage with env session key 2018-05-16 03:11:58 +02:00			`}`

Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`return Utils.fromBufferToB64(encValue.buffer);`
			`}`
secure storage with env session key 2018-05-16 03:11:58 +02:00
Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`private async decrypt(encValue: string): Promise<string> {`
			`try {`
			`const sessionKey = this.getSessionKey();`
			`if (sessionKey == null) {`
			`return null;`
			`}`
secure storage with env session key 2018-05-16 03:11:58 +02:00
Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`const decValue = await this.cryptoService().decryptFromBytes(`
			`Utils.fromB64ToArray(encValue).buffer,`
			`sessionKey`
			`);`
			`if (decValue == null) {`
			`this.logService.info("Failed to decrypt.");`
			`return null;`
			`}`

			`return Utils.fromBufferToB64(decValue);`
			`} catch (e) {`
			`this.logService.info("Decrypt error.");`
			`return null;`
secure storage with env session key 2018-05-16 03:11:58 +02:00			`}`
Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`}`
secure storage with env session key 2018-05-16 03:11:58 +02:00
Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`private getSessionKey() {`
			`try {`
			`if (process.env.BW_SESSION != null) {`
			`const sessionBuffer = Utils.fromB64ToArray(process.env.BW_SESSION).buffer;`
			`if (sessionBuffer != null) {`
			`const sessionKey = new SymmetricCryptoKey(sessionBuffer);`
			`if (sessionBuffer != null) {`
			`return sessionKey;`
			`}`
secure storage with env session key 2018-05-16 03:11:58 +02:00			`}`
Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`}`
			`} catch (e) {`
			`this.logService.info("Session key is invalid.");`
secure storage with env session key 2018-05-16 03:11:58 +02:00			`}`

Apply Prettier (#426) 2021-12-20 18:04:00 +01:00			`return null;`
			`}`

			`private makeProtectedStorageKey(key: string) {`
			`return "__PROTECTED__" + key;`
			`}`
secure storage with env session key 2018-05-16 03:11:58 +02:00			`}`