mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2024-12-22 06:25:00 +01:00
Implement cipher key encryption (#3990)
This commit is contained in:
parent
6eaf131922
commit
cb4b683dcd
12 changed files with 29 additions and 1 deletions
2
migrations/mysql/2023-10-21-221242_add_cipher_key/up.sql
Normal file
2
migrations/mysql/2023-10-21-221242_add_cipher_key/up.sql
Normal file
|
@ -0,0 +1,2 @@
|
|||
ALTER TABLE ciphers
|
||||
ADD COLUMN "key" TEXT;
|
|
@ -0,0 +1,2 @@
|
|||
ALTER TABLE ciphers
|
||||
ADD COLUMN "key" TEXT;
|
|
@ -0,0 +1,2 @@
|
|||
ALTER TABLE ciphers
|
||||
ADD COLUMN "key" TEXT;
|
|
@ -206,6 +206,8 @@ pub struct CipherData {
|
|||
// TODO: Some of these might appear all the time, no need for Option
|
||||
OrganizationId: Option<String>,
|
||||
|
||||
Key: Option<String>,
|
||||
|
||||
/*
|
||||
Login = 1,
|
||||
SecureNote = 2,
|
||||
|
@ -483,6 +485,7 @@ pub async fn update_cipher_from_data(
|
|||
None => err!("Data missing"),
|
||||
};
|
||||
|
||||
cipher.key = data.Key;
|
||||
cipher.name = data.Name;
|
||||
cipher.notes = data.Notes;
|
||||
cipher.fields = data.Fields.map(|f| _clean_cipher_data(f).to_string());
|
||||
|
|
|
@ -194,7 +194,12 @@ fn version() -> Json<&'static str> {
|
|||
fn config() -> Json<Value> {
|
||||
let domain = crate::CONFIG.domain();
|
||||
Json(json!({
|
||||
"version": crate::VERSION,
|
||||
// Note: The clients use this version to handle backwards compatibility concerns
|
||||
// This means they expect a version that closely matches the Bitwarden server version
|
||||
// We should make sure that we keep this updated when we support the new server features
|
||||
// Version history:
|
||||
// - Individual cipher key encryption: 2023.9.1
|
||||
"version": "2023.9.1",
|
||||
"gitHash": option_env!("GIT_REV"),
|
||||
"server": {
|
||||
"name": "Vaultwarden",
|
||||
|
@ -207,6 +212,12 @@ fn config() -> Json<Value> {
|
|||
"notifications": format!("{domain}/notifications"),
|
||||
"sso": "",
|
||||
},
|
||||
"featureStates": {
|
||||
// Any feature flags that we want the clients to use
|
||||
// Can check the enabled ones at:
|
||||
// https://vault.bitwarden.com/api/config
|
||||
"autofill-v2": true
|
||||
},
|
||||
"object": "config",
|
||||
}))
|
||||
}
|
||||
|
|
|
@ -23,6 +23,8 @@ db_object! {
|
|||
pub user_uuid: Option<String>,
|
||||
pub organization_uuid: Option<String>,
|
||||
|
||||
pub key: Option<String>,
|
||||
|
||||
/*
|
||||
Login = 1,
|
||||
SecureNote = 2,
|
||||
|
@ -62,6 +64,8 @@ impl Cipher {
|
|||
user_uuid: None,
|
||||
organization_uuid: None,
|
||||
|
||||
key: None,
|
||||
|
||||
atype,
|
||||
name,
|
||||
|
||||
|
@ -203,6 +207,7 @@ impl Cipher {
|
|||
"DeletedDate": self.deleted_at.map_or(Value::Null, |d| Value::String(format_date(&d))),
|
||||
"Reprompt": self.reprompt.unwrap_or(RepromptType::None as i32),
|
||||
"OrganizationId": self.organization_uuid,
|
||||
"Key": self.key,
|
||||
"Attachments": attachments_json,
|
||||
// We have UseTotp set to true by default within the Organization model.
|
||||
// This variable together with UsersGetPremium is used to show or hide the TOTP counter.
|
||||
|
|
|
@ -15,6 +15,7 @@ table! {
|
|||
updated_at -> Datetime,
|
||||
user_uuid -> Nullable<Text>,
|
||||
organization_uuid -> Nullable<Text>,
|
||||
key -> Nullable<Text>,
|
||||
atype -> Integer,
|
||||
name -> Text,
|
||||
notes -> Nullable<Text>,
|
||||
|
|
|
@ -15,6 +15,7 @@ table! {
|
|||
updated_at -> Timestamp,
|
||||
user_uuid -> Nullable<Text>,
|
||||
organization_uuid -> Nullable<Text>,
|
||||
key -> Nullable<Text>,
|
||||
atype -> Integer,
|
||||
name -> Text,
|
||||
notes -> Nullable<Text>,
|
||||
|
|
|
@ -15,6 +15,7 @@ table! {
|
|||
updated_at -> Timestamp,
|
||||
user_uuid -> Nullable<Text>,
|
||||
organization_uuid -> Nullable<Text>,
|
||||
key -> Nullable<Text>,
|
||||
atype -> Integer,
|
||||
name -> Text,
|
||||
notes -> Nullable<Text>,
|
||||
|
|
Loading…
Reference in a new issue