vaultwarden
/
bitwarden-estensione-browser
mirror of https://github.com/bitwarden/browser
1
0
Fork 0
Code Issues 1 Releases Wiki Activity

Show fingerprint message

This commit is contained in:
Hinton 2020-10-19 16:50:33 +02:00
parent 54c53e432b
commit 2ac6148821
3 changed files with 34 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/app/services.module.ts
View File

@ -129,7 +129,7 @@ const environmentService = new EnvironmentService(apiService, storageService, no
const eventService = new EventService(storageService, apiService, userService, cipherService); const eventService = new EventService(storageService, apiService, userService, cipherService);
const systemService = new SystemService(storageService, vaultTimeoutService, messagingService, platformUtilsService, const systemService = new SystemService(storageService, vaultTimeoutService, messagingService, platformUtilsService,
null); null);
const nativeMessagingService = new NativeMessagingService(cryptoFunctionService, cryptoService, platformUtilsService, logService); const nativeMessagingService = new NativeMessagingService(cryptoFunctionService, cryptoService, platformUtilsService, logService, i18nService, userService);
const analytics = new Analytics(window, () => isDev(), platformUtilsService, storageService, appIdService); const analytics = new Analytics(window, () => isDev(), platformUtilsService, storageService, appIdService);
containerService.attachToGlobal(window); containerService.attachToGlobal(window);

9
src/locales/en/messages.json
View File

@ -1407,5 +1407,14 @@
}, },
"enableBrowserIntegrationDesc": { "enableBrowserIntegrationDesc": {
"message": "Browser integration is used for biometrics in browser." "message": "Browser integration is used for biometrics in browser."
},
"approve": {
"message": "Approve"
},
"verifyBrowserTitle": {
"message": "Verify browser connection"
},
"verifyBrowserDescription": {
"message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
} }
} }

30
src/services/nativeMessaging.service.ts
View File

@ -1,4 +1,5 @@
import { ipcRenderer } from 'electron'; import { ipcRenderer } from 'electron';
import Swal from 'sweetalert2';
import { CryptoService } from 'jslib/abstractions/crypto.service'; import { CryptoService } from 'jslib/abstractions/crypto.service';
import { CryptoFunctionService } from 'jslib/abstractions/cryptoFunction.service'; import { CryptoFunctionService } from 'jslib/abstractions/cryptoFunction.service';
@ -6,16 +7,17 @@ import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
import { LogService } from 'jslib/abstractions/log.service'; import { LogService } from 'jslib/abstractions/log.service';
import { Utils } from 'jslib/misc/utils'; import { Utils } from 'jslib/misc/utils';
import { SymmetricCryptoKey } from 'jslib/models/domain/symmetricCryptoKey'; import { SymmetricCryptoKey } from 'jslib/models/domain/symmetricCryptoKey';
import { I18nService } from 'jslib/abstractions/i18n.service';
import { UserService } from 'jslib/abstractions/user.service';
const MessageValidTimeout = 10 * 1000; const MessageValidTimeout = 10 * 1000;
const EncryptionAlgorithm = 'sha1'; const EncryptionAlgorithm = 'sha1';
export class NativeMessagingService { export class NativeMessagingService {
private remotePublicKey: ArrayBuffer;
private sharedSecret: any; private sharedSecret: any;
constructor(private cryptoFunctionService: CryptoFunctionService, private cryptoService: CryptoService, constructor(private cryptoFunctionService: CryptoFunctionService, private cryptoService: CryptoService,
private platformUtilService: PlatformUtilsService, private logService: LogService) { private platformUtilService: PlatformUtilsService, private logService: LogService, private i18nService: I18nService, private userService: UserService) {
ipcRenderer.on('nativeMessaging', async (event: any, message: any) => { ipcRenderer.on('nativeMessaging', async (event: any, message: any) => {
this.messageHandler(message); this.messageHandler(message);
}); });
@ -23,8 +25,24 @@ export class NativeMessagingService {
private async messageHandler(rawMessage: any) { private async messageHandler(rawMessage: any) {
if (rawMessage.command == 'setupEncryption') { if (rawMessage.command == 'setupEncryption') {
this.remotePublicKey = Utils.fromB64ToArray(rawMessage.publicKey).buffer; const remotePublicKey = Utils.fromB64ToArray(rawMessage.publicKey).buffer;
this.secureCommunication(); const fingerprint = (await this.cryptoService.getFingerprint(await this.userService.getUserId(), remotePublicKey)).join(' ');
const submitted = await Swal.fire({
title: this.i18nService.t('verifyBrowserTitle'),
html: `${this.i18nService.t('verifyBrowserDescription')}<br><br><strong>${fingerprint}</strong>`,
showCancelButton: true,
cancelButtonText: this.i18nService.t('cancel'),
showConfirmButton: true,
confirmButtonText: this.i18nService.t('approve'),
allowOutsideClick: false,
});
if (submitted.value !== true) {
return;
}
this.secureCommunication(remotePublicKey);
return; return;
} }
@ -64,11 +82,11 @@ export class NativeMessagingService {
ipcRenderer.send('nativeMessagingReply', encrypted); ipcRenderer.send('nativeMessagingReply', encrypted);
} }
private async secureCommunication() { private async secureCommunication(remotePublicKey: ArrayBuffer) {
const secret = await this.cryptoFunctionService.randomBytes(64); const secret = await this.cryptoFunctionService.randomBytes(64);
this.sharedSecret = new SymmetricCryptoKey(secret); this.sharedSecret = new SymmetricCryptoKey(secret);
const encryptedSecret = await this.cryptoFunctionService.rsaEncrypt(secret, this.remotePublicKey, EncryptionAlgorithm); const encryptedSecret = await this.cryptoFunctionService.rsaEncrypt(secret, remotePublicKey, EncryptionAlgorithm);
ipcRenderer.send('nativeMessagingReply', {command: 'setupEncryption', sharedSecret: Utils.fromBufferToB64(encryptedSecret)}); ipcRenderer.send('nativeMessagingReply', {command: 'setupEncryption', sharedSecret: Utils.fromBufferToB64(encryptedSecret)});
} }
} }