From dd063cc768b2dfe1376616836eacdde76e2b7912 Mon Sep 17 00:00:00 2001 From: Bernd Schoolmann Date: Wed, 6 Nov 2024 01:39:34 +0100 Subject: [PATCH] Add support for new ssh key cipher type --- cli/agent/bitwarden/models/models.go | 10 +++++++++- cli/agent/bitwarden/sync.go | 2 ++ cli/agent/vault/vault.go | 22 ++++++++++++++++++++++ 3 files changed, 33 insertions(+), 1 deletion(-) diff --git a/cli/agent/bitwarden/models/models.go b/cli/agent/bitwarden/models/models.go index 5eb58f8..11ff9a2 100644 --- a/cli/agent/bitwarden/models/models.go +++ b/cli/agent/bitwarden/models/models.go @@ -76,7 +76,8 @@ type Cipher struct { Login *LoginCipher `json:"login,omitempty"` Notes *crypto.EncString `json:"notes,omitempty"` SecureNote *SecureNoteCipher `json:"secureNote,omitempty"` - + SSHKey *SSHKeyCipher `json:"sshKey,omitempty"` + Key *crypto.EncString `json:"key,omitempty"` } @@ -88,8 +89,15 @@ const ( CipherCard = 3 CipherIdentity = 4 CipherNote = 2 + CipherSSHKey = 5 ) +type SSHKeyCipher struct { + PrivateKey crypto.EncString `json:"privateKey"` + PublicKey crypto.EncString `json:"publicKey"` + KeyFingerprint crypto.EncString `json:"keyFingerprint"` +} + type Card struct { CardholderName crypto.EncString `json:"cardholderName"` Brand crypto.EncString `json:"brand"` diff --git a/cli/agent/bitwarden/sync.go b/cli/agent/bitwarden/sync.go index 44e77ef..6ad5a5f 100644 --- a/cli/agent/bitwarden/sync.go +++ b/cli/agent/bitwarden/sync.go @@ -59,6 +59,8 @@ func DoFullSync(ctx context.Context, vault *vault.Vault, config *config.Config, vault.AddOrUpdateLogin(cipher) case models.CipherNote: vault.AddOrUpdateSecureNote(cipher) + case models.CipherSSHKey: + vault.AddOrUpdateSSHKey(cipher) } } diff --git a/cli/agent/vault/vault.go b/cli/agent/vault/vault.go index 741d36a..1a86b2f 100644 --- a/cli/agent/vault/vault.go +++ b/cli/agent/vault/vault.go @@ -19,6 +19,7 @@ type Vault struct { Keyring *crypto.Keyring logins map[string]models.Cipher secureNotes map[string]models.Cipher + sshKeys map[string]models.Cipher sshKeyNoteIDs []string envCredentials map[string]string lastSynced int64 @@ -31,6 +32,7 @@ func NewVault(keyring *crypto.Keyring) *Vault { Keyring: keyring, logins: make(map[string]models.Cipher), secureNotes: make(map[string]models.Cipher), + sshKeys: make(map[string]models.Cipher), sshKeyNoteIDs: make([]string, 0), envCredentials: make(map[string]string), lastSynced: 0, @@ -92,6 +94,12 @@ func (vault *Vault) AddOrUpdateSecureNote(cipher models.Cipher) { vault.unlockMutex() } +func (vault *Vault) AddOrUpdateSSHKey(cipher models.Cipher) { + vault.lockMutex() + vault.sshKeys[cipher.ID.String()] = cipher + vault.unlockMutex() +} + func (vault *Vault) isEnv(cipher models.Cipher) (string, bool) { if cipher.Type != models.CipherNote { return "", false @@ -258,6 +266,20 @@ func (vault *Vault) GetSSHKeys() []SSHKey { PublicKey: string(publicKey), }) } + + for id, _ := range vault.sshKeys { + key, _ := vault.sshKeys[id].GetKeyForCipher(*vault.Keyring) + privKey, _ := crypto.DecryptWith(vault.sshKeys[id].SSHKey.PrivateKey, key) + pubKey, _ := crypto.DecryptWith(vault.sshKeys[id].SSHKey.PublicKey, key) + name, _ := crypto.DecryptWith(vault.sshKeys[id].Name, key) + + sshKeys = append(sshKeys, SSHKey{ + Name: string(name), + Key: string(privKey), + PublicKey: string(pubKey), + }) + } + return sshKeys }