Merge branch 'main' into pm-8161-payment-optional-trial-mvp

apps/browser/src/background/main.background.ts

@@ -753,6 +753,7 @@ export default class MainBackground {
       this.accountService,
       this.masterPasswordService,
       this.cryptoService,
+      this.encryptService,
       this.apiService,
       this.stateProvider,
     );

apps/browser/src/tools/popup/send-v2/send-v2.component.html

@@ -10,7 +10,7 @@
     <bit-callout *ngIf="sendsDisabled" [title]="'sendDisabled' | i18n">
       {{ "sendDisabledWarning" | i18n }}
     </bit-callout>
-    <ng-container *ngIf="!sendsDisabled">
+    <ng-container *ngIf="listState !== sendState.Empty">
       <tools-send-search></tools-send-search>
       <app-send-list-filters></app-send-list-filters>
     </ng-container>

apps/cli/src/admin-console/commands/confirm.command.ts

@@ -4,6 +4,7 @@ import {
 } from "@bitwarden/admin-console/common";
 import { ApiService } from "@bitwarden/common/abstractions/api.service";
 import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
+import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
 import { Utils } from "@bitwarden/common/platform/misc/utils";
 
 import { Response } from "../../models/response";
@@ -12,6 +13,7 @@ export class ConfirmCommand {
   constructor(
     private apiService: ApiService,
     private cryptoService: CryptoService,
+    private encryptService: EncryptService,
     private organizationUserApiService: OrganizationUserApiService,
   ) {}
 
@@ -53,7 +55,7 @@ export class ConfirmCommand {
       }
       const publicKeyResponse = await this.apiService.getUserPublicKey(orgUser.userId);
       const publicKey = Utils.fromB64ToArray(publicKeyResponse.publicKey);
-      const key = await this.cryptoService.rsaEncrypt(orgKey.key, publicKey);
+      const key = await this.encryptService.rsaEncrypt(orgKey.key, publicKey);
       const req = new OrganizationUserConfirmRequest();
       req.key = key.encryptedString;
       await this.organizationUserApiService.postOrganizationUserConfirm(

apps/cli/src/oss-serve-configurator.ts

@@ -117,6 +117,7 @@ export class OssServeConfigurator {
     this.confirmCommand = new ConfirmCommand(
       this.serviceContainer.apiService,
       this.serviceContainer.cryptoService,
+      this.serviceContainer.encryptService,
       this.serviceContainer.organizationUserApiService,
     );
     this.restoreCommand = new RestoreCommand(this.serviceContainer.cipherService);

apps/cli/src/service-container/service-container.ts

@@ -534,6 +534,7 @@ export class ServiceContainer {
       this.accountService,
       this.masterPasswordService,
       this.cryptoService,
+      this.encryptService,
       this.apiService,
       this.stateProvider,
     );

apps/cli/src/vault.program.ts

@@ -415,6 +415,7 @@ export class VaultProgram extends BaseProgram {
         const command = new ConfirmCommand(
           this.serviceContainer.apiService,
           this.serviceContainer.cryptoService,
+          this.serviceContainer.encryptService,
           this.serviceContainer.organizationUserApiService,
         );
         const response = await command.run(object, id, cmd);

apps/desktop/src/app/services/services.module.ts

@@ -287,6 +287,7 @@ const safeProviders: SafeProvider[] = [
     deps: [
       ApiService,
       CryptoService,
+      EncryptService,
       I18nServiceAbstraction,
       KdfConfigService,
       InternalMasterPasswordServiceAbstraction,

apps/desktop/src/main/native-messaging.main.ts

@@ -201,6 +201,13 @@ export class NativeMessagingMain {
             chromeJson,
           );
         }
+
+        if (existsSync(`${this.homedir()}/.config/chromium/`)) {
+          await this.writeManifest(
+            `${this.homedir()}/.config/chromium/NativeMessagingHosts/com.8bit.bitwarden.json`,
+            chromeJson,
+          );
+        }
         break;
       default:
         break;

apps/web/src/app/admin-console/organizations/members/components/bulk/base-bulk-confirm.component.ts

@@ -8,6 +8,7 @@ import { ProviderUserBulkPublicKeyResponse } from "@bitwarden/common/admin-conso
 import { ProviderUserBulkResponse } from "@bitwarden/common/admin-console/models/response/provider/provider-user-bulk.response";
 import { ListResponse } from "@bitwarden/common/models/response/list.response";
 import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
+import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { Utils } from "@bitwarden/common/platform/misc/utils";
 import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";
@@ -31,6 +32,7 @@ export abstract class BaseBulkConfirmComponent implements OnInit {
 
   protected constructor(
     protected cryptoService: CryptoService,
+    protected encryptService: EncryptService,
     protected i18nService: I18nService,
   ) {}
 
@@ -67,7 +69,7 @@ export abstract class BaseBulkConfirmComponent implements OnInit {
         if (publicKey == null) {
           continue;
         }
-        const encryptedKey = await this.cryptoService.rsaEncrypt(key.key, publicKey);
+        const encryptedKey = await this.encryptService.rsaEncrypt(key.key, publicKey);
         userIdsWithKeys.push({
           id: user.id,
           key: encryptedKey.encryptedString,

apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-confirm.component.ts

@@ -8,6 +8,7 @@ import {
 import { ApiService } from "@bitwarden/common/abstractions/api.service";
 import { OrganizationUserStatusType } from "@bitwarden/common/admin-console/enums";
 import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
+import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { Utils } from "@bitwarden/common/platform/misc/utils";
 import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";
@@ -41,6 +42,7 @@ export class BulkConfirmComponent implements OnInit {
   constructor(
     @Inject(DIALOG_DATA) protected data: BulkConfirmDialogData,
     protected cryptoService: CryptoService,
+    protected encryptService: EncryptService,
     protected apiService: ApiService,
     private organizationUserApiService: OrganizationUserApiService,
     private i18nService: I18nService,
@@ -81,7 +83,7 @@ export class BulkConfirmComponent implements OnInit {
         if (publicKey == null) {
           continue;
         }
-        const encryptedKey = await this.cryptoService.rsaEncrypt(key.key, publicKey);
+        const encryptedKey = await this.encryptService.rsaEncrypt(key.key, publicKey);
         userIdsWithKeys.push({
           id: user.id,
           key: encryptedKey.encryptedString,

apps/web/src/app/admin-console/organizations/members/members.component.ts

@@ -39,6 +39,7 @@ import { isNotSelfUpgradable, ProductTierType } from "@bitwarden/common/billing/
 import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
 import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
 import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
+import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
 import { ValidationService } from "@bitwarden/common/platform/abstractions/validation.service";
@@ -107,6 +108,7 @@ export class MembersComponent extends BaseMembersComponent<OrganizationUserView>
     i18nService: I18nService,
     organizationManagementPreferencesService: OrganizationManagementPreferencesService,
     cryptoService: CryptoService,
+    private encryptService: EncryptService,
     validationService: ValidationService,
     logService: LogService,
     userNamePipe: UserNamePipe,
@@ -289,7 +291,7 @@ export class MembersComponent extends BaseMembersComponent<OrganizationUserView>
 
   async confirmUser(user: OrganizationUserView, publicKey: Uint8Array): Promise<void> {
     const orgKey = await this.cryptoService.getOrgKey(this.organization.id);
-    const key = await this.cryptoService.rsaEncrypt(orgKey.key, publicKey);
+    const key = await this.encryptService.rsaEncrypt(orgKey.key, publicKey);
     const request = new OrganizationUserConfirmRequest();
     request.key = key.encryptedString;
     await this.organizationUserApiService.postOrganizationUserConfirm(

apps/web/src/app/admin-console/organizations/members/services/organization-user-reset-password/organization-user-reset-password.service.spec.ts

@@ -71,7 +71,7 @@ describe("OrganizationUserResetPasswordService", () => {
       const mockUserKey = new SymmetricCryptoKey(mockRandomBytes) as UserKey;
       cryptoService.getUserKey.mockResolvedValue(mockUserKey);
 
-      cryptoService.rsaEncrypt.mockResolvedValue(
+      encryptService.rsaEncrypt.mockResolvedValue(
         new EncString(EncryptionType.Rsa2048_OaepSha1_B64, "mockEncryptedUserKey"),
       );
     });
@@ -103,7 +103,7 @@ describe("OrganizationUserResetPasswordService", () => {
     it("should rsa encrypt the user key", async () => {
       await sut.buildRecoveryKey(mockOrgId);
 
-      expect(cryptoService.rsaEncrypt).toHaveBeenCalledWith(expect.anything(), expect.anything());
+      expect(encryptService.rsaEncrypt).toHaveBeenCalledWith(expect.anything(), expect.anything());
     });
   });
 
@@ -128,7 +128,7 @@ describe("OrganizationUserResetPasswordService", () => {
       cryptoService.getOrgKey.mockResolvedValue(mockOrgKey);
       encryptService.decryptToBytes.mockResolvedValue(mockRandomBytes);
 
-      cryptoService.rsaDecrypt.mockResolvedValue(mockRandomBytes);
+      encryptService.rsaDecrypt.mockResolvedValue(mockRandomBytes);
       const mockMasterKey = new SymmetricCryptoKey(mockRandomBytes) as MasterKey;
       cryptoService.makeMasterKey.mockResolvedValue(mockMasterKey);
       cryptoService.hashMasterKey.mockResolvedValue("test-master-key-hash");
@@ -172,7 +172,7 @@ describe("OrganizationUserResetPasswordService", () => {
           publicKey: "test-public-key",
         }),
       );
-      cryptoService.rsaEncrypt.mockResolvedValue(
+      encryptService.rsaEncrypt.mockResolvedValue(
         new EncString(EncryptionType.Rsa2048_OaepSha1_B64, "mockEncryptedUserKey"),
       );
     });

apps/web/src/app/admin-console/organizations/members/services/organization-user-reset-password/organization-user-reset-password.service.ts

@@ -57,7 +57,7 @@ export class OrganizationUserResetPasswordService
     if (userKey == null) {
       throw new Error("No user key found");
     }
-    const encryptedKey = await this.cryptoService.rsaEncrypt(userKey.key, publicKey);
+    const encryptedKey = await this.encryptService.rsaEncrypt(userKey.key, publicKey);
 
     return encryptedKey.encryptedString;
   }
@@ -96,7 +96,10 @@ export class OrganizationUserResetPasswordService
     );
 
     // Decrypt User's Reset Password Key to get UserKey
-    const decValue = await this.cryptoService.rsaDecrypt(response.resetPasswordKey, decPrivateKey);
+    const decValue = await this.encryptService.rsaDecrypt(
+      new EncString(response.resetPasswordKey),
+      decPrivateKey,
+    );
     const existingUserKey = new SymmetricCryptoKey(decValue) as UserKey;
 
     // determine Kdf Algorithm

apps/web/src/app/auth/core/services/rotateable-key-set.service.spec.ts

@@ -35,7 +35,7 @@ describe("RotateableKeySetService", () => {
       const encryptedPrivateKey = Symbol();
       cryptoService.makeKeyPair.mockResolvedValue(["publicKey", encryptedPrivateKey as any]);
       cryptoService.getUserKey.mockResolvedValue({ key: userKey.key } as any);
-      cryptoService.rsaEncrypt.mockResolvedValue(encryptedUserKey as any);
+      encryptService.rsaEncrypt.mockResolvedValue(encryptedUserKey as any);
       encryptService.encrypt.mockResolvedValue(encryptedPublicKey as any);
 
       const result = await service.createKeySet(externalKey as any);

apps/web/src/app/auth/core/services/rotateable-key-set.service.ts

@@ -25,7 +25,7 @@ export class RotateableKeySetService {
 
     const userKey = await this.cryptoService.getUserKey();
     const rawPublicKey = Utils.fromB64ToArray(publicKey);
-    const encryptedUserKey = await this.cryptoService.rsaEncrypt(userKey.key, rawPublicKey);
+    const encryptedUserKey = await this.encryptService.rsaEncrypt(userKey.key, rawPublicKey);
     const encryptedPublicKey = await this.encryptService.encrypt(rawPublicKey, userKey);
     return new RotateableKeySet(encryptedUserKey, encryptedPublicKey, encryptedPrivateKey);
   }

apps/web/src/app/auth/emergency-access/services/emergency-access.service.spec.ts

@@ -132,7 +132,7 @@ describe("EmergencyAccessService", () => {
         cryptoService.getUserKey.mockResolvedValueOnce(mockUserKey);
         apiService.getUserPublicKey.mockResolvedValueOnce(mockUserPublicKeyResponse);
 
-        cryptoService.rsaEncrypt.mockResolvedValueOnce(mockUserPublicKeyEncryptedUserKey);
+        encryptService.rsaEncrypt.mockResolvedValueOnce(mockUserPublicKeyEncryptedUserKey);
 
         emergencyAccessApiService.postEmergencyAccessConfirm.mockResolvedValueOnce();
 
@@ -162,7 +162,7 @@ describe("EmergencyAccessService", () => {
 
       const mockDecryptedGrantorUserKey = new Uint8Array(64);
       cryptoService.getPrivateKey.mockResolvedValue(new Uint8Array(64));
-      cryptoService.rsaDecrypt.mockResolvedValueOnce(mockDecryptedGrantorUserKey);
+      encryptService.rsaDecrypt.mockResolvedValueOnce(mockDecryptedGrantorUserKey);
 
       const mockMasterKey = new SymmetricCryptoKey(new Uint8Array(64) as CsprngArray) as MasterKey;
 
@@ -200,7 +200,7 @@ describe("EmergencyAccessService", () => {
     });
 
     it("should not post a new password if decryption fails", async () => {
-      cryptoService.rsaDecrypt.mockResolvedValueOnce(null);
+      encryptService.rsaDecrypt.mockResolvedValueOnce(null);
       emergencyAccessApiService.postEmergencyAccessTakeover.mockResolvedValueOnce({
         keyEncrypted: "EncryptedKey",
         kdf: KdfType.PBKDF2_SHA256,
@@ -259,7 +259,7 @@ describe("EmergencyAccessService", () => {
         publicKey: "mockPublicKey",
       } as UserKeyResponse);
 
-      cryptoService.rsaEncrypt.mockImplementation((plainValue, publicKey) => {
+      encryptService.rsaEncrypt.mockImplementation((plainValue, publicKey) => {
         return Promise.resolve(
           new EncString(EncryptionType.Rsa2048_OaepSha1_B64, "Encrypted: " + plainValue),
         );

apps/web/src/app/auth/emergency-access/services/emergency-access.service.ts

@@ -17,7 +17,7 @@ import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.
 import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
 import { KdfType } from "@bitwarden/common/platform/enums";
 import { Utils } from "@bitwarden/common/platform/misc/utils";
-import { EncryptedString } from "@bitwarden/common/platform/models/domain/enc-string";
+import { EncryptedString, EncString } from "@bitwarden/common/platform/models/domain/enc-string";
 import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";
 import { UserId } from "@bitwarden/common/types/guid";
 import { UserKey } from "@bitwarden/common/types/key";
@@ -224,8 +224,8 @@ export class EmergencyAccessService
       throw new Error("Active user does not have a private key, cannot get view only ciphers.");
     }
 
-    const grantorKeyBuffer = await this.cryptoService.rsaDecrypt(
-      response.keyEncrypted,
+    const grantorKeyBuffer = await this.encryptService.rsaDecrypt(
+      new EncString(response.keyEncrypted),
       activeUserPrivateKey,
     );
     const grantorUserKey = new SymmetricCryptoKey(grantorKeyBuffer) as UserKey;
@@ -261,8 +261,8 @@ export class EmergencyAccessService
       throw new Error("Active user does not have a private key, cannot complete a takeover.");
     }
 
-    const grantorKeyBuffer = await this.cryptoService.rsaDecrypt(
-      takeoverResponse.keyEncrypted,
+    const grantorKeyBuffer = await this.encryptService.rsaDecrypt(
+      new EncString(takeoverResponse.keyEncrypted),
       activeUserPrivateKey,
     );
     if (grantorKeyBuffer == null) {
@@ -355,6 +355,6 @@ export class EmergencyAccessService
   }
 
   private async encryptKey(userKey: UserKey, publicKey: Uint8Array): Promise<EncryptedString> {
-    return (await this.cryptoService.rsaEncrypt(userKey.key, publicKey)).encryptedString;
+    return (await this.encryptService.rsaEncrypt(userKey.key, publicKey)).encryptedString;
   }
 }

apps/web/src/app/auth/organization-invite/accept-organization.service.ts

@@ -184,7 +184,7 @@ export class AcceptOrganizationInviteService {
 
       // RSA Encrypt user's encKey.key with organization public key
       const userKey = await this.cryptoService.getUserKey();
-      const encryptedKey = await this.cryptoService.rsaEncrypt(userKey.key, publicKey);
+      const encryptedKey = await this.encryptService.rsaEncrypt(userKey.key, publicKey);
 
       // Add reset password key to accept request
       request.resetPasswordKey = encryptedKey.encryptedString;

apps/web/src/app/core/core.module.ts

@@ -35,6 +35,7 @@ import { ClientType } from "@bitwarden/common/enums";
 import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service";
 import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
 import { CryptoService as CryptoServiceAbstraction } from "@bitwarden/common/platform/abstractions/crypto.service";
+import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
 import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service";
 import { FileDownloadService } from "@bitwarden/common/platform/abstractions/file-download/file-download.service";
 import { I18nService as I18nServiceAbstraction } from "@bitwarden/common/platform/abstractions/i18n.service";
@@ -202,6 +203,7 @@ const safeProviders: SafeProvider[] = [
     deps: [
       ApiService,
       CryptoServiceAbstraction,
+      EncryptService,
       I18nServiceAbstraction,
       KdfConfigService,
       InternalMasterPasswordServiceAbstraction,

bitwarden_license/bit-common/src/admin-console/auth-requests/organization-auth-request.service.spec.ts

@@ -124,8 +124,8 @@ describe("OrganizationAuthRequestService", () => {
       );
 
       const encryptedUserKey = new EncString("encryptedUserKey");
-      cryptoService.rsaDecrypt.mockResolvedValue(new Uint8Array(32));
-      cryptoService.rsaEncrypt.mockResolvedValue(encryptedUserKey);
+      encryptService.rsaDecrypt.mockResolvedValue(new Uint8Array(32));
+      encryptService.rsaEncrypt.mockResolvedValue(encryptedUserKey);
 
       const mockPendingAuthRequest = new PendingAuthRequestView();
       mockPendingAuthRequest.id = "requestId1";
@@ -166,8 +166,8 @@ describe("OrganizationAuthRequestService", () => {
       );
 
       const encryptedUserKey = new EncString("encryptedUserKey");
-      cryptoService.rsaDecrypt.mockResolvedValue(new Uint8Array(32));
-      cryptoService.rsaEncrypt.mockResolvedValue(encryptedUserKey);
+      encryptService.rsaDecrypt.mockResolvedValue(new Uint8Array(32));
+      encryptService.rsaEncrypt.mockResolvedValue(encryptedUserKey);
 
       const mockPendingAuthRequest = new PendingAuthRequestView();
       mockPendingAuthRequest.id = "requestId1";

bitwarden_license/bit-common/src/admin-console/auth-requests/organization-auth-request.service.ts

@@ -117,10 +117,13 @@ export class OrganizationAuthRequestService {
     );
 
     // Decrypt user key with decrypted org private key
-    const decValue = await this.cryptoService.rsaDecrypt(encryptedUserKey, decOrgPrivateKey);
+    const decValue = await this.encryptService.rsaDecrypt(
+      new EncString(encryptedUserKey),
+      decOrgPrivateKey,
+    );
     const userKey = new SymmetricCryptoKey(decValue);
 
     // Re-encrypt user Key with the Device Public Key
-    return await this.cryptoService.rsaEncrypt(userKey.key, devicePubKey);
+    return await this.encryptService.rsaEncrypt(userKey.key, devicePubKey);
   }
 }

bitwarden_license/bit-web/src/app/admin-console/providers/manage/dialogs/bulk-confirm-dialog.component.ts

@@ -13,6 +13,7 @@ import { ProviderUserBulkPublicKeyResponse } from "@bitwarden/common/admin-conso
 import { ProviderUserBulkResponse } from "@bitwarden/common/admin-console/models/response/provider/provider-user-bulk.response";
 import { ListResponse } from "@bitwarden/common/models/response/list.response";
 import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
+import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";
 import { DialogService } from "@bitwarden/components";
@@ -34,10 +35,11 @@ export class BulkConfirmDialogComponent extends BaseBulkConfirmComponent {
   constructor(
     private apiService: ApiService,
     protected cryptoService: CryptoService,
+    protected encryptService: EncryptService,
     @Inject(DIALOG_DATA) protected dialogParams: BulkConfirmDialogParams,
     protected i18nService: I18nService,
   ) {
-    super(cryptoService, i18nService);
+    super(cryptoService, encryptService, i18nService);
 
     this.providerId = dialogParams.providerId;
     this.users = dialogParams.users;