speatzle/go-passbolt
1
0
Fork 0
mirror of https://github.com/passbolt/go-passbolt.git synced 2025-05-12 18:48:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Compare commits

base: speatzle:25990c6a8c11fe7f751fd56a1e91ccf393c4d69e
Branches Tags
speatzle:main
speatzle:v5-metadata-creation
speatzle:v5
speatzle:v5-metadata-decryption
speatzle:gopenpgp-v3
speatzle:v5-basic-metadatakeys
speatzle:v5-server-settings
speatzle:v5-run-workflow
speatzle:auto-skip-integration-tests
speatzle:jwt-auth
speatzle:v0.7.2
speatzle:v0.7.1
speatzle:v0.7.0
speatzle:v0.6.1
speatzle:v0.6.0
speatzle:v0.5.8
speatzle:v0.5.7
speatzle:v0.5.6
speatzle:v0.5.5
speatzle:v0.5.4
speatzle:v0.5.3
speatzle:v0.5.2
speatzle:v0.5.1
speatzle:v0.5.0
speatzle:v0.4.0
speatzle:v0.3.1
speatzle:v0.3.0
speatzle:v0.2.2
speatzle:v0.2.1
speatzle:v0.2.0
speatzle:v0.1.1
speatzle:v0.1.0
speatzle:v0.0.1
..
compare: speatzle:ac942336b3e15d8c0c88533f72b531656441993d
Branches Tags
speatzle:v5-metadata-creation
speatzle:v5
speatzle:v5-metadata-decryption
speatzle:gopenpgp-v3
speatzle:v5-basic-metadatakeys
speatzle:v5-server-settings
speatzle:v5-run-workflow
speatzle:auto-skip-integration-tests
speatzle:main
speatzle:jwt-auth
speatzle:v0.7.2
speatzle:v0.7.1
speatzle:v0.7.0
speatzle:v0.6.1
speatzle:v0.6.0
speatzle:v0.5.8
speatzle:v0.5.7
speatzle:v0.5.6
speatzle:v0.5.5
speatzle:v0.5.4
speatzle:v0.5.3
speatzle:v0.5.2
speatzle:v0.5.1
speatzle:v0.5.0
speatzle:v0.4.0
speatzle:v0.3.1
speatzle:v0.3.0
speatzle:v0.2.2
speatzle:v0.2.1
speatzle:v0.2.0
speatzle:v0.1.1
speatzle:v0.1.0
speatzle:v0.0.1

1 commit
25990c6a8c ... ac942336b3

Author SHA1 Message Date
Samuel Lorch
ac942336b3
Merge 2197d9e0f7 into b0f75af26a 2025-03-19 16:03:24 +01:00
3 changed files with 4 additions and 168 deletions
Show stats Expand all files Collapse all files

33
api/metadata.go
View file

@ -6,8 +6,8 @@ import (
"github.com/ProtonMail/gopenpgp/v3/crypto" "github.com/ProtonMail/gopenpgp/v3/crypto"
) )
// ResourceMetadataTypeV5Default // ResourceMetadataTypePasswordAndDescription
type ResourceMetadataTypeV5Default struct { type ResourceMetadataTypePasswordAndDescription struct {
ObjectType string `json:"object_type"` ObjectType string `json:"object_type"`
ResourceTypeID string `json:"resource_type_id,omitempty"` ResourceTypeID string `json:"resource_type_id,omitempty"`
Name string `json:"name,omitempty"` Name string `json:"name,omitempty"`
@ -16,35 +16,6 @@ type ResourceMetadataTypeV5Default struct {
Description string `json:"description,omitempty"` Description string `json:"description,omitempty"`
} }
// ResourceMetadataTypeV5DefaultWithTOTP
type ResourceMetadataTypeV5DefaultWithTOTP struct {
ObjectType string `json:"object_type"`
ResourceTypeID string `json:"resource_type_id,omitempty"`
Name string `json:"name,omitempty"`
Username string `json:"username,omitempty"`
URIs []string `json:"uris,omitempty"`
Description string `json:"description,omitempty"`
}
// ResourceMetadataTypeV5PasswordString
type ResourceMetadataTypeV5PasswordString struct {
ObjectType string `json:"object_type"`
ResourceTypeID string `json:"resource_type_id,omitempty"`
Name string `json:"name,omitempty"`
Username string `json:"username,omitempty"`
URIs []string `json:"uris,omitempty"`
Description string `json:"description,omitempty"`
}
// ResourceMetadataTypeV5TOTPStandalone
type ResourceMetadataTypeV5TOTPStandalone struct {
ObjectType string `json:"object_type"`
ResourceTypeID string `json:"resource_type_id,omitempty"`
Name string `json:"name,omitempty"`
URIs []string `json:"uris,omitempty"`
Description string `json:"description,omitempty"`
}
func (c *Client) DecryptMetadata(metadataKey *crypto.Key, armoredCiphertext string) (string, error) { func (c *Client) DecryptMetadata(metadataKey *crypto.Key, armoredCiphertext string) (string, error) {
// TODO Get SessionKey from Cache // TODO Get SessionKey from Cache
var sessionKey *crypto.SessionKey = nil var sessionKey *crypto.SessionKey = nil

27
api/secrets.go
View file

@ -41,33 +41,6 @@ type SecretDataTypePasswordDescriptionTOTP struct {
TOTP SecretDataTOTP `json:"totp"` TOTP SecretDataTOTP `json:"totp"`
} }
// SecretDataTypeV5Default
type SecretDataTypeV5Default struct {
ObjectType string `json:"object_type"`
ResourceTypeID string `json:"resource_type_id,omitempty"`
Password string `json:"password,omitempty"`
Description string `json:"description,omitempty"`
}
// SecretDataTypeV5DefaultWithTOTP
type SecretDataTypeV5DefaultWithTOTP struct {
ObjectType string `json:"object_type"`
ResourceTypeID string `json:"resource_type_id,omitempty"`
Password string `json:"password,omitempty"`
Description string `json:"description,omitempty"`
TOTP SecretDataTOTP `json:"totp"`
}
// SecretDataTypeV5PasswordString, is just the Password directly
type SecretDataTypeV5PasswordString string
// SecretDataTypeV5TOTPStandalone
type SecretDataTypeV5TOTPStandalone struct {
ObjectType string `json:"object_type"`
ResourceTypeID string `json:"resource_type_id,omitempty"`
TOTP SecretDataTOTP `json:"totp"`
}
// GetSecret gets a Passbolt Secret // GetSecret gets a Passbolt Secret
func (c *Client) GetSecret(ctx context.Context, resourceID string) (*Secret, error) { func (c *Client) GetSecret(ctx context.Context, resourceID string) (*Secret, error) {
err := checkUUIDFormat(resourceID) err := checkUUIDFormat(resourceID)

112
helper/resources.go
View file

@ -104,26 +104,16 @@ func GetResource(ctx context.Context, c *api.Client, resourceID string) (folderP
} }
// GetResourceFromData Decrypts Resources using only local data, the Resource object must inlude the secret // GetResourceFromData Decrypts Resources using only local data, the Resource object must inlude the secret
// With v5 This needs network calls for Metadata of v5 Resources func GetResourceFromData(c *api.Client, resource api.Resource, secret api.Secret, rType api.ResourceType) (folderParentID, name, username, uri, password, description string, err error) {
func GetResourceFromData(c *api.Client, resource api.Resource, secret api.Secret, rType api.ResourceType) (string, string, string, string, string, string, error) {
var name string
var username string
var uri string
var pw string var pw string
var desc string var desc string
ctx := context.TODO()
switch rType.Slug { switch rType.Slug {
case "password-string": case "password-string":
var err error
pw, err = c.DecryptMessage(secret.Data) pw, err = c.DecryptMessage(secret.Data)
if err != nil { if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Decrypting Secret Data: %w", err) return "", "", "", "", "", "", fmt.Errorf("Decrypting Secret Data: %w", err)
} }
name = resource.Name
username = resource.Username
uri = resource.URI
desc = resource.Description desc = resource.Description
case "password-and-description": case "password-and-description":
rawSecretData, err := c.DecryptMessage(secret.Data) rawSecretData, err := c.DecryptMessage(secret.Data)
@ -136,9 +126,6 @@ func GetResourceFromData(c *api.Client, resource api.Resource, secret api.Secret
if err != nil { if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Parsing Decrypted Secret Data: %w", err) return "", "", "", "", "", "", fmt.Errorf("Parsing Decrypted Secret Data: %w", err)
} }
name = resource.Name
username = resource.Username
uri = resource.URI
pw = secretData.Password pw = secretData.Password
desc = secretData.Description desc = secretData.Description
case "password-description-totp": case "password-description-totp":
@ -152,109 +139,14 @@ func GetResourceFromData(c *api.Client, resource api.Resource, secret api.Secret
if err != nil { if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Parsing Decrypted Secret Data: %w", err) return "", "", "", "", "", "", fmt.Errorf("Parsing Decrypted Secret Data: %w", err)
} }
name = resource.Name
username = resource.Username
uri = resource.URI
pw = secretData.Password pw = secretData.Password
desc = secretData.Description desc = secretData.Description
case "totp": case "totp":
name = resource.Name
username = resource.Username
uri = resource.URI
// nothing fits into the interface in this case
case "v5-default":
rawMetadata, err := GetResourceMetadata(ctx, c, resource, rType)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Getting Metadata: %w", err)
}
var metadata api.ResourceMetadataTypeV5Default
err = json.Unmarshal([]byte(rawMetadata), &metadata)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Parsing Decrypted Metadata: %w", err)
}
name = metadata.Name
username = metadata.Username
if len(metadata.URIs) != 0 {
uri = metadata.URIs[0]
}
rawSecretData, err := c.DecryptMessage(secret.Data)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Decrypting Secret Data: %w", err)
}
var secretData api.SecretDataTypeV5Default
err = json.Unmarshal([]byte(rawSecretData), &secretData)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Parsing Decrypted Secret Data: %w", err)
}
pw = secretData.Password
desc = secretData.Description
case "v5-default-with-totp":
rawMetadata, err := GetResourceMetadata(ctx, c, resource, rType)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Getting Metadata: %w", err)
}
var metadata api.ResourceMetadataTypeV5DefaultWithTOTP
err = json.Unmarshal([]byte(rawMetadata), &metadata)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Parsing Decrypted Metadata: %w", err)
}
name = metadata.Name
username = metadata.Username
if len(metadata.URIs) != 0 {
uri = metadata.URIs[0]
}
rawSecretData, err := c.DecryptMessage(secret.Data)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Decrypting Secret Data: %w", err)
}
var secretData api.SecretDataTypeV5DefaultWithTOTP
err = json.Unmarshal([]byte(rawSecretData), &secretData)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Parsing Decrypted Secret Data: %w", err)
}
pw = secretData.Password
desc = secretData.Description
case "v5-password-string":
rawMetadata, err := GetResourceMetadata(ctx, c, resource, rType)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Getting Metadata: %w", err)
}
var metadata api.ResourceMetadataTypeV5PasswordString
err = json.Unmarshal([]byte(rawMetadata), &metadata)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Parsing Decrypted Metadata: %w", err)
}
name = metadata.Name
username = metadata.Username
if len(metadata.URIs) != 0 {
uri = metadata.URIs[0]
}
// Not available in the Secret
desc = metadata.Description
rawSecretData, err := c.DecryptMessage(secret.Data)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Decrypting Secret Data: %w", err)
}
pw = rawSecretData
case "v5-totp-standalone":
// nothing fits into the interface in this case // nothing fits into the interface in this case
default: default:
return "", "", "", "", "", "", fmt.Errorf("Unknown ResourceType: %v", rType.Slug) return "", "", "", "", "", "", fmt.Errorf("Unknown ResourceType: %v", rType.Slug)
} }
return resource.FolderParentID, name, username, uri, pw, desc, nil return resource.FolderParentID, resource.Name, resource.Username, resource.URI, pw, desc, nil
} }
// UpdateResource Updates all Fields. // UpdateResource Updates all Fields.