devol
/
bitwarden-estensione-browser
mirror of https://github.com/bitwarden/browser
1
0
Fork 0
Code Issues 1 Releases Wiki Activity

PM-12102 | Fix LastPass importer not properly de-encrypting URLs (#11366) 

* PM-12102 | Fix LastPass importer not properly de-encrypting URLs

* Reuse the original code for the unencrypted path

* Add some comments
This commit is contained in:
Oleksii Holub 2024-10-07 17:55:17 +03:00 committed by GitHub
parent 68f4c2e879
commit 359b6e02d9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
libs/importer/src/importers/lastpass/access/services/parser.ts
View File

@ -22,7 +22,7 @@ export class Parser {
/*
May return null when the chunk does not represent an account.
All secure notes are ACCTs but not all of them store account information.
TODO: Add a test for the folder case!
TODO: Add a test case that covers secure note account!
*/
@ -60,9 +60,17 @@ export class Parser {
// 3: url
step = 3;
let url = Utils.fromBufferToUtf8(
this.decodeHexLoose(Utils.fromBufferToUtf8(this.readItem(reader))),
);
const urlEncoded = this.readItem(reader);
let url =
urlEncoded.length > 0 && urlEncoded[0] === 33 // 33 = '!'
? // URL is encrypted
await this.cryptoUtils.decryptAes256PlainWithDefault(
urlEncoded,
encryptionKey,
placeholder,
)
: // URL is not encrypted
Utils.fromBufferToUtf8(this.decodeHexLoose(Utils.fromBufferToUtf8(urlEncoded)));
// Ignore "group" accounts. They have no credentials.
if (url == "http://group") {