mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2024-12-17 23:52:02 +03:00
Implement cipher key encryption (#3990)
This commit is contained in:
parent
6eaf131922
commit
cb4b683dcd
12 changed files with 29 additions and 1 deletions
2
migrations/mysql/2023-10-21-221242_add_cipher_key/up.sql
Normal file
2
migrations/mysql/2023-10-21-221242_add_cipher_key/up.sql
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
ALTER TABLE ciphers
|
||||||
|
ADD COLUMN "key" TEXT;
|
|
@ -0,0 +1,2 @@
|
||||||
|
ALTER TABLE ciphers
|
||||||
|
ADD COLUMN "key" TEXT;
|
|
@ -0,0 +1,2 @@
|
||||||
|
ALTER TABLE ciphers
|
||||||
|
ADD COLUMN "key" TEXT;
|
|
@ -206,6 +206,8 @@ pub struct CipherData {
|
||||||
// TODO: Some of these might appear all the time, no need for Option
|
// TODO: Some of these might appear all the time, no need for Option
|
||||||
OrganizationId: Option<String>,
|
OrganizationId: Option<String>,
|
||||||
|
|
||||||
|
Key: Option<String>,
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Login = 1,
|
Login = 1,
|
||||||
SecureNote = 2,
|
SecureNote = 2,
|
||||||
|
@ -483,6 +485,7 @@ pub async fn update_cipher_from_data(
|
||||||
None => err!("Data missing"),
|
None => err!("Data missing"),
|
||||||
};
|
};
|
||||||
|
|
||||||
|
cipher.key = data.Key;
|
||||||
cipher.name = data.Name;
|
cipher.name = data.Name;
|
||||||
cipher.notes = data.Notes;
|
cipher.notes = data.Notes;
|
||||||
cipher.fields = data.Fields.map(|f| _clean_cipher_data(f).to_string());
|
cipher.fields = data.Fields.map(|f| _clean_cipher_data(f).to_string());
|
||||||
|
|
|
@ -194,7 +194,12 @@ fn version() -> Json<&'static str> {
|
||||||
fn config() -> Json<Value> {
|
fn config() -> Json<Value> {
|
||||||
let domain = crate::CONFIG.domain();
|
let domain = crate::CONFIG.domain();
|
||||||
Json(json!({
|
Json(json!({
|
||||||
"version": crate::VERSION,
|
// Note: The clients use this version to handle backwards compatibility concerns
|
||||||
|
// This means they expect a version that closely matches the Bitwarden server version
|
||||||
|
// We should make sure that we keep this updated when we support the new server features
|
||||||
|
// Version history:
|
||||||
|
// - Individual cipher key encryption: 2023.9.1
|
||||||
|
"version": "2023.9.1",
|
||||||
"gitHash": option_env!("GIT_REV"),
|
"gitHash": option_env!("GIT_REV"),
|
||||||
"server": {
|
"server": {
|
||||||
"name": "Vaultwarden",
|
"name": "Vaultwarden",
|
||||||
|
@ -207,6 +212,12 @@ fn config() -> Json<Value> {
|
||||||
"notifications": format!("{domain}/notifications"),
|
"notifications": format!("{domain}/notifications"),
|
||||||
"sso": "",
|
"sso": "",
|
||||||
},
|
},
|
||||||
|
"featureStates": {
|
||||||
|
// Any feature flags that we want the clients to use
|
||||||
|
// Can check the enabled ones at:
|
||||||
|
// https://vault.bitwarden.com/api/config
|
||||||
|
"autofill-v2": true
|
||||||
|
},
|
||||||
"object": "config",
|
"object": "config",
|
||||||
}))
|
}))
|
||||||
}
|
}
|
||||||
|
|
|
@ -23,6 +23,8 @@ db_object! {
|
||||||
pub user_uuid: Option<String>,
|
pub user_uuid: Option<String>,
|
||||||
pub organization_uuid: Option<String>,
|
pub organization_uuid: Option<String>,
|
||||||
|
|
||||||
|
pub key: Option<String>,
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Login = 1,
|
Login = 1,
|
||||||
SecureNote = 2,
|
SecureNote = 2,
|
||||||
|
@ -62,6 +64,8 @@ impl Cipher {
|
||||||
user_uuid: None,
|
user_uuid: None,
|
||||||
organization_uuid: None,
|
organization_uuid: None,
|
||||||
|
|
||||||
|
key: None,
|
||||||
|
|
||||||
atype,
|
atype,
|
||||||
name,
|
name,
|
||||||
|
|
||||||
|
@ -203,6 +207,7 @@ impl Cipher {
|
||||||
"DeletedDate": self.deleted_at.map_or(Value::Null, |d| Value::String(format_date(&d))),
|
"DeletedDate": self.deleted_at.map_or(Value::Null, |d| Value::String(format_date(&d))),
|
||||||
"Reprompt": self.reprompt.unwrap_or(RepromptType::None as i32),
|
"Reprompt": self.reprompt.unwrap_or(RepromptType::None as i32),
|
||||||
"OrganizationId": self.organization_uuid,
|
"OrganizationId": self.organization_uuid,
|
||||||
|
"Key": self.key,
|
||||||
"Attachments": attachments_json,
|
"Attachments": attachments_json,
|
||||||
// We have UseTotp set to true by default within the Organization model.
|
// We have UseTotp set to true by default within the Organization model.
|
||||||
// This variable together with UsersGetPremium is used to show or hide the TOTP counter.
|
// This variable together with UsersGetPremium is used to show or hide the TOTP counter.
|
||||||
|
|
|
@ -15,6 +15,7 @@ table! {
|
||||||
updated_at -> Datetime,
|
updated_at -> Datetime,
|
||||||
user_uuid -> Nullable<Text>,
|
user_uuid -> Nullable<Text>,
|
||||||
organization_uuid -> Nullable<Text>,
|
organization_uuid -> Nullable<Text>,
|
||||||
|
key -> Nullable<Text>,
|
||||||
atype -> Integer,
|
atype -> Integer,
|
||||||
name -> Text,
|
name -> Text,
|
||||||
notes -> Nullable<Text>,
|
notes -> Nullable<Text>,
|
||||||
|
|
|
@ -15,6 +15,7 @@ table! {
|
||||||
updated_at -> Timestamp,
|
updated_at -> Timestamp,
|
||||||
user_uuid -> Nullable<Text>,
|
user_uuid -> Nullable<Text>,
|
||||||
organization_uuid -> Nullable<Text>,
|
organization_uuid -> Nullable<Text>,
|
||||||
|
key -> Nullable<Text>,
|
||||||
atype -> Integer,
|
atype -> Integer,
|
||||||
name -> Text,
|
name -> Text,
|
||||||
notes -> Nullable<Text>,
|
notes -> Nullable<Text>,
|
||||||
|
|
|
@ -15,6 +15,7 @@ table! {
|
||||||
updated_at -> Timestamp,
|
updated_at -> Timestamp,
|
||||||
user_uuid -> Nullable<Text>,
|
user_uuid -> Nullable<Text>,
|
||||||
organization_uuid -> Nullable<Text>,
|
organization_uuid -> Nullable<Text>,
|
||||||
|
key -> Nullable<Text>,
|
||||||
atype -> Integer,
|
atype -> Integer,
|
||||||
name -> Text,
|
name -> Text,
|
||||||
notes -> Nullable<Text>,
|
notes -> Nullable<Text>,
|
||||||
|
|
Loading…
Reference in a new issue