Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PM-10394] Add new item type ssh key #4575

Merged
merged 10 commits into from
Nov 5, 2024
Merged

[PM-10394] Add new item type ssh key #4575

merged 10 commits into from
Nov 5, 2024
+87 −1

Conversation

quexten
Copy link
Contributor

@quexten quexten commented Aug 1, 2024
edited
Loading

🎟️ Tracking

Server: #4575
Add Item Type: bitwarden/clients#10360
Add SSH Agent: bitwarden/clients#10293
Add Import/Export: bitwarden/clients#10529

Jira: https://bitwarden.atlassian.net/browse/PM-10395

📔 Objective

Add server support for the new ssh key cipher type. This is mostly copy paste from the other cipher types, with the one exception that we are filtering out ssh keys for older clients, using SSHKeyCipherMinimumVersion. We will update this once we know which release ssh keys will be in.

📸 Screenshots

⏰ Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
  • ❓ (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

@codecov Codecov
Copy link

codecov bot commented Aug 1, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 29.16667% with 34 lines in your changes missing coverage. Please review.

Project coverage is 42.53%. Comparing base (50f7fa0) to head (bc50cf3).
Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
src/Api/Vault/Models/Request/CipherRequestModel.cs 6.25% 15 Missing ⚠️
src/Api/Vault/Models/CipherSSHKeyModel.cs 40.00% 6 Missing ⚠️
...c/Api/Vault/Models/Response/CipherResponseModel.cs 0.00% 6 Missing ⚠️
src/Core/Vault/Models/Data/CipherSSHKeyData.cs 0.00% 4 Missing ⚠️
src/Api/Vault/Controllers/SyncController.cs 75.00% 2 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #4575      +/-   ##
==========================================
- Coverage   42.54%   42.53%   -0.02%     
==========================================
  Files        1389     1391       +2     
  Lines       64745    64792      +47     
  Branches     5943     5945       +2     
==========================================
+ Hits        27548    27561      +13     
- Misses      35975    36008      +33     
- Partials     1222     1223       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@quexten quexten added the hold Hold this PR or item until later; DO NOT MERGE label Aug 1, 2024
@quexten quexten changed the title [PM-10394] Add ssh key item type [PM-10394] Add new item type ssh key Aug 1, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Aug 1, 2024
edited
Loading

Logo
Checkmarx One – Scan Summary & Details8b17816a-e0c3-4c7a-8707-99a10fd7f974

New Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM Unpinned Actions Full Length Commit SHA /repository-management.yml: 119 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Unpinned Actions Full Length Commit SHA /repository-management.yml: 104 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Unpinned Actions Full Length Commit SHA /repository-management.yml: 111 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Unpinned Actions Full Length Commit SHA /repository-management.yml: 60 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
LOW Unpinned Actions Full Length Commit SHA /repository-management.yml: 119 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
LOW Unpinned Actions Full Length Commit SHA /repository-management.yml: 111 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
LOW Unpinned Actions Full Length Commit SHA /repository-management.yml: 104 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
LOW Unpinned Actions Full Length Commit SHA /repository-management.yml: 60 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...

Fixed Issues

Severity Issue Source File / Package
MEDIUM CSRF /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 105
MEDIUM CSRF /src/Billing/Controllers/RecoveryController.cs: 38
MEDIUM CSRF /src/Billing/Controllers/StripeController.cs: 164
MEDIUM CSRF /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 237
MEDIUM CSRF /src/Api/Auth/Controllers/AccountsController.cs: 685
MEDIUM CSRF /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 263
MEDIUM CSRF /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 361
MEDIUM CSRF /src/Api/Auth/Controllers/AccountsController.cs: 469
MEDIUM CSRF /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 344
MEDIUM CSRF /src/Api/Auth/Controllers/AccountsController.cs: 839
MEDIUM CSRF /src/Api/Auth/Controllers/AccountsController.cs: 712
MEDIUM Unpinned Actions Full Length Commit SHA /repository-management.yml: 147
MEDIUM Unpinned Actions Full Length Commit SHA /repository-management.yml: 154
MEDIUM Unpinned Actions Full Length Commit SHA /repository-management.yml: 162
MEDIUM Unpinned Actions Full Length Commit SHA /repository-management.yml: 97
LOW Unpinned Actions Full Length Commit SHA /repository-management.yml: 147
LOW Unpinned Actions Full Length Commit SHA /repository-management.yml: 97
LOW Unpinned Actions Full Length Commit SHA /repository-management.yml: 162
LOW Unpinned Actions Full Length Commit SHA /repository-management.yml: 154

This was referenced Aug 2, 2024
Open
Merged
Merged
@rawkode
Copy link

rawkode commented Aug 10, 2024

Very excited by this! Preparing to ditch 1Password as I type 🙂

@quexten quexten mentioned this pull request Aug 13, 2024
Open
25 tasks
@quexten
Copy link
Contributor Author

quexten commented Aug 16, 2024

Setting this to ready for review, but it will not be merged until all ssh of the ssh key features are ready.

@quexten quexten marked this pull request as ready for review August 16, 2024 12:25
@quexten quexten requested a review from a team as a code owner August 16, 2024 12:25
@quexten quexten requested a review from gbubemismith August 16, 2024 12:25
@quexten quexten removed the hold Hold this PR or item until later; DO NOT MERGE label Aug 21, 2024
gbubemismith
gbubemismith previously approved these changes Aug 29, 2024
View reviewed changes
@quexten quexten mentioned this pull request Oct 1, 2024
Merged
@lizard-boy lizard-boy mentioned this pull request Oct 19, 2024
Open
@quexten quexten mentioned this pull request Oct 21, 2024
Open
@fedemkr fedemkr mentioned this pull request Oct 30, 2024
Merged
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Nov 4, 2024
edited
Loading

LaunchDarkly flag references

🔍 2 flags added or modified

Name Key Aliases found Info
ssh agent ssh-agent
SSH Key Vault Item ssh-key-vault-item

@quexten quexten requested a review from gbubemismith November 4, 2024 19:21
@quexten quexten merged commit dae493d into main Nov 5, 2024
52 checks passed
@quexten quexten deleted the auth/pm-10394/ssh-keys branch November 5, 2024 19:25
cyprain-okeke pushed a commit that referenced this pull request Nov 12, 2024
@quexten @cyprain-okeke
[PM-10394] Add new item type ssh key (#4575)
319b13d 
* Add ssh key item type

* Add fingerprint

* Limit ssh key ciphers to new clients

* Fix enc string length for 4096 bit rsa keys

* Remove keyAlgorithm from ssh cipher

* Add featureflag and exclude mobile from sync

* Add ssh-agent flag
@icyleaf icyleaf mentioned this pull request Dec 24, 2024
Open
@justspacedog
Copy link

I tested the feature as a potential replacement for 1Password, but I encountered two issues:

  1. I copied the SSH key to my clipboard and clicked the "Import Key from Clipboard" option after creating a new item. However, nothing happened.
  2. Subsequently, I received an "An error occurred" message when syncing to my iOS devices.

Notably, all other devices and browser extensions worked fine, and the server logs showed the following response:

[INFO] (sync) GET /api/sync?<data..> => 200 OK

To restore syncing functionality, I had to manually delete the key from the Trash.

@quexten
Copy link
Contributor Author

quexten commented Dec 29, 2024

@justspacedog Could you please note: Your desktop version, your iOS version, and are you using a self-hosted server (if so which one at what version).

@justspacedog
Copy link

macOS: 2024.12.1
iOS: Version: 2024.12.0 (1740)
server: selfhosted vaultwarden latest (I know not official) as docker on a synology

@quexten
Copy link
Contributor Author

quexten commented Jan 4, 2025

@justspacedog Might be related to this PR in vaultwarden: dani-garcia/vaultwarden#5339

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gbubemismith gbubemismith gbubemismith approved these changes

Assignees
No one assigned
Labels
feature-flag
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@quexten @rawkode @justspacedog @gbubemismith