Use type to ensure transmitted data is encrypted (#1422)
This commit is contained in:
parent
afed18908b
commit
80a33e98a2
|
@ -4,7 +4,7 @@ using Bit.Core.Models.Response;
|
||||||
|
|
||||||
namespace Bit.Core.Abstractions {
|
namespace Bit.Core.Abstractions {
|
||||||
public interface IFileUploadService {
|
public interface IFileUploadService {
|
||||||
Task UploadCipherAttachmentFileAsync(AttachmentUploadDataResponse uploadData, string fileName, EncByteArray encryptedFileData);
|
Task UploadCipherAttachmentFileAsync(AttachmentUploadDataResponse uploadData, EncString fileName, EncByteArray encryptedFileData);
|
||||||
Task UploadSendFileAsync(SendFileUploadDataResponse uploadData, EncString fileName, EncByteArray encryptedFileData);
|
Task UploadSendFileAsync(SendFileUploadDataResponse uploadData, EncString fileName, EncByteArray encryptedFileData);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -574,7 +574,7 @@ namespace Bit.Core.Services
|
||||||
|
|
||||||
var uploadDataResponse = await _apiService.PostCipherAttachmentAsync(cipher.Id, request);
|
var uploadDataResponse = await _apiService.PostCipherAttachmentAsync(cipher.Id, request);
|
||||||
response = uploadDataResponse.CipherResponse;
|
response = uploadDataResponse.CipherResponse;
|
||||||
await _fileUploadService.UploadCipherAttachmentFileAsync(uploadDataResponse, encFileName.EncryptedString, encFileData);
|
await _fileUploadService.UploadCipherAttachmentFileAsync(uploadDataResponse, encFileName, encFileData);
|
||||||
}
|
}
|
||||||
catch (ApiException e) when (e.Error.StatusCode == System.Net.HttpStatusCode.NotFound || e.Error.StatusCode == System.Net.HttpStatusCode.MethodNotAllowed)
|
catch (ApiException e) when (e.Error.StatusCode == System.Net.HttpStatusCode.NotFound || e.Error.StatusCode == System.Net.HttpStatusCode.MethodNotAllowed)
|
||||||
{
|
{
|
||||||
|
|
|
@ -20,14 +20,14 @@ namespace Bit.Core.Services {
|
||||||
private readonly ApiService _apiService;
|
private readonly ApiService _apiService;
|
||||||
|
|
||||||
public async Task UploadCipherAttachmentFileAsync(AttachmentUploadDataResponse uploadData,
|
public async Task UploadCipherAttachmentFileAsync(AttachmentUploadDataResponse uploadData,
|
||||||
string encryptedFileName, EncByteArray encryptedFileData)
|
EncString encryptedFileName, EncByteArray encryptedFileData)
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
switch (uploadData.FileUploadType)
|
switch (uploadData.FileUploadType)
|
||||||
{
|
{
|
||||||
case FileUploadType.Direct:
|
case FileUploadType.Direct:
|
||||||
await _bitwardenFileUploadService.Upload(encryptedFileName, encryptedFileData,
|
await _bitwardenFileUploadService.Upload(encryptedFileName.EncryptedString, encryptedFileData,
|
||||||
fd => _apiService.PostAttachmentFileAsync(uploadData.CipherResponse.Id, uploadData.AttachmentId, fd));
|
fd => _apiService.PostAttachmentFileAsync(uploadData.CipherResponse.Id, uploadData.AttachmentId, fd));
|
||||||
break;
|
break;
|
||||||
case FileUploadType.Azure:
|
case FileUploadType.Azure:
|
||||||
|
|
|
@ -24,8 +24,9 @@ namespace Bit.Core.Test.Services
|
||||||
public async Task SaveWithServerAsync_PrefersFileUploadService(SutProvider<CipherService> sutProvider,
|
public async Task SaveWithServerAsync_PrefersFileUploadService(SutProvider<CipherService> sutProvider,
|
||||||
Cipher cipher, string fileName, EncByteArray data, AttachmentUploadDataResponse uploadDataResponse, EncString encKey)
|
Cipher cipher, string fileName, EncByteArray data, AttachmentUploadDataResponse uploadDataResponse, EncString encKey)
|
||||||
{
|
{
|
||||||
|
var encFileName = new EncString(fileName);
|
||||||
sutProvider.GetDependency<ICryptoService>().EncryptAsync(fileName, Arg.Any<SymmetricCryptoKey>())
|
sutProvider.GetDependency<ICryptoService>().EncryptAsync(fileName, Arg.Any<SymmetricCryptoKey>())
|
||||||
.Returns(new EncString(fileName));
|
.Returns(encFileName);
|
||||||
sutProvider.GetDependency<ICryptoService>().EncryptToBytesAsync(data.Buffer, Arg.Any<SymmetricCryptoKey>())
|
sutProvider.GetDependency<ICryptoService>().EncryptToBytesAsync(data.Buffer, Arg.Any<SymmetricCryptoKey>())
|
||||||
.Returns(data);
|
.Returns(data);
|
||||||
sutProvider.GetDependency<ICryptoService>().MakeEncKeyAsync(Arg.Any<SymmetricCryptoKey>()).Returns(new Tuple<SymmetricCryptoKey, EncString>(null, encKey));
|
sutProvider.GetDependency<ICryptoService>().MakeEncKeyAsync(Arg.Any<SymmetricCryptoKey>()).Returns(new Tuple<SymmetricCryptoKey, EncString>(null, encKey));
|
||||||
|
@ -35,7 +36,7 @@ namespace Bit.Core.Test.Services
|
||||||
await sutProvider.Sut.SaveAttachmentRawWithServerAsync(cipher, fileName, data.Buffer);
|
await sutProvider.Sut.SaveAttachmentRawWithServerAsync(cipher, fileName, data.Buffer);
|
||||||
|
|
||||||
await sutProvider.GetDependency<IFileUploadService>().Received(1)
|
await sutProvider.GetDependency<IFileUploadService>().Received(1)
|
||||||
.UploadCipherAttachmentFileAsync(uploadDataResponse, fileName, data);
|
.UploadCipherAttachmentFileAsync(uploadDataResponse, encFileName, data);
|
||||||
}
|
}
|
||||||
|
|
||||||
[Theory]
|
[Theory]
|
||||||
|
|
Loading…
Reference in New Issue