From 96cb9a48923a18417ffbcf80689de8891c108cb9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Garci=CC=81a?= Date: Wed, 11 Oct 2023 15:39:13 +0200 Subject: [PATCH] [PM-4270] Individual cipher key encryption --- crates/bitwarden/src/vault/cipher/cipher.rs | 34 ++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/crates/bitwarden/src/vault/cipher/cipher.rs b/crates/bitwarden/src/vault/cipher/cipher.rs index 9bf4bbd25..c1092f83f 100644 --- a/crates/bitwarden/src/vault/cipher/cipher.rs +++ b/crates/bitwarden/src/vault/cipher/cipher.rs @@ -11,7 +11,7 @@ use super::{ }; use crate::{ client::encryption_settings::EncryptionSettings, - crypto::{Decryptable, EncString, Encryptable}, + crypto::{Decryptable, EncString, Encryptable, SymmetricCryptoKey}, error::Result, vault::password_history, }; @@ -43,6 +43,8 @@ pub struct Cipher { pub folder_id: Option, pub collection_ids: Vec, + pub key: Option, + pub name: EncString, pub notes: Option, @@ -77,6 +79,8 @@ pub struct CipherView { pub folder_id: Option, pub collection_ids: Vec, + pub key: Option, + pub name: String, pub notes: Option, @@ -132,11 +136,16 @@ pub struct CipherListView { impl Encryptable for CipherView { fn encrypt(self, enc: &EncryptionSettings, _: &Option) -> Result { let org_id = &self.organization_id; + + let enc_owned = Cipher::get_cipher_key_enc_settings(enc, &self.key, org_id)?; + let enc = enc_owned.as_ref().unwrap_or(enc); + Ok(Cipher { id: self.id, organization_id: self.organization_id, folder_id: self.folder_id, collection_ids: self.collection_ids, + key: self.key, name: self.name.encrypt(enc, org_id)?, notes: self.notes.encrypt(enc, org_id)?, r#type: self.r#type, @@ -163,11 +172,16 @@ impl Encryptable for CipherView { impl Decryptable for Cipher { fn decrypt(&self, enc: &EncryptionSettings, _: &Option) -> Result { let org_id = &self.organization_id; + + let enc_owned = Cipher::get_cipher_key_enc_settings(enc, &self.key, org_id)?; + let enc = enc_owned.as_ref().unwrap_or(enc); + Ok(CipherView { id: self.id, organization_id: self.organization_id, folder_id: self.folder_id, collection_ids: self.collection_ids.clone(), + key: self.key.clone(), name: self.name.decrypt(enc, org_id)?, notes: self.notes.decrypt(enc, org_id)?, r#type: self.r#type, @@ -192,6 +206,20 @@ impl Decryptable for Cipher { } impl Cipher { + fn get_cipher_key_enc_settings( + enc: &EncryptionSettings, + key: &Option, + org_id: &Option, + ) -> Result> { + key.as_ref() + .map(|key| -> Result<_> { + let key = enc.decrypt_bytes(key, org_id)?; + let key = SymmetricCryptoKey::try_from(key.as_slice())?; + Ok(EncryptionSettings::new_single_key(key)) + }) + .transpose() + } + fn get_decrypted_subtitle( &self, enc: &EncryptionSettings, @@ -261,6 +289,10 @@ impl Cipher { impl Decryptable for Cipher { fn decrypt(&self, enc: &EncryptionSettings, _: &Option) -> Result { let org_id = &self.organization_id; + + let enc_owned = Cipher::get_cipher_key_enc_settings(enc, &self.key, org_id)?; + let enc = enc_owned.as_ref().unwrap_or(enc); + Ok(CipherListView { id: self.id, organization_id: self.organization_id,