hoshsadiq
commented
4 years ago Got something basic cooked up. Not much else done
Closed hoshsadiq closed 3 years ago
hoshsadiq
commented
4 years ago Got something basic cooked up. Not much else done
doy
commented
3 years ago this isn't something i'm particularly interested in incorporating into this project directly - it would be a lot of extra code to maintain, and i'm also not particularly familiar with gtk. if you're really interested in this, it should be doable as a standalone project that just depends on rbw and uses the agent, but i haven't had any issues using any of the existing graphical bitwarden clients, myself.
hoshsadiq
commented
3 years ago Understandable! Thanks
AxelTheGerman
commented
3 years ago @doy Thanks for your work on this. I'm super new to Rust and I'm trying to build a QT based application with Rust using your crate to do the heavy lifting.
I got as far as logging in (incl 2FA) and syncing the encrypted vault. I can't seem to figure out how I now would go about decrypting the items - any pointers? I can only find commands that seem to call out to some decrypt action that sends something on a socket?
I have a bunch of these (this one I changed just to be safe haha)
Some(Entry { id: "fb228122-e201-4826-b42b-a91a0118fd2c", org_id: Some("af132da2-b2b4-4826-920c-a2520287b214"), folder: Some("2.WadXKFMs+uE4lXQ==|PnNwUNDEaMJSA==|fqKYjx/e8Balq40/jeoh0VsV+gI3iKvM="), folder_id: Some("5009202a-e216-420e-9d20-a91a0118fd2c"), name: "2.g+Slm+M8LmmsID==|kpJQ34dhtp0g==|ED0x1KvW0cn9YxMC1F1vK69vfc=", data: Login { username: Some("2.NBchbGgHSkp+CuP6g==|V2fJHl8Omx9jK4Nkw8UsCuia+D9QvY9f22TCObwcbC6Ce+2xWgv|FuzjAnYuSOCJvhqb49qwT85TFrIKD0M="), password: Some("2.eVEXLipkCG0BqeHxrQ==|uDVFJ+aXkhRQOer352oIFPA+DsrbmO1JEJM=|Wq79Hs2PZm3bU7hO3ig6Wqe1f5Rq+I7ntrJg="), totp: None, uris: [Uri { uri: "2.P/qUwPIDiUdPzkw==|U3SlaBK5YK5Hl+EnS2mo2njVJuqp2qQnB4g=|nk1oxuhXWkj8aGuqk4Y3k0PhxIdzADA=", match_type: None }] }, fields: [], notes: None, history: [] })Thanks for your input!
hoshsadiq
commented
3 years ago @AxelTheGerman I'm not great at Rust, so I'm sure @doy will be able to point you in the right direction better than I can, but the client has an encrypt/decrypt function in src/bin/rbw/actions.rs. Looks like the encrypt/decrypt are part of the wire protocol used to communicate between agent/server. The data is the cipherstring (the encrypted value only e.g. "2.WadXKFMs+uE4lXQ==|PnNwUNDEaMJSA==|fqKYjx/e8Balq40/jeoh0VsV+gI3iKvM=") and the org id as a string.
AxelTheGerman
commented
3 years ago Thanks @hoshsadiq I did see that but I'm a bit confused. I'm also consulting the ruby API doc (for reverse engineered server API) - https://github.com/jcs/rubywarden/blob/master/API.md#cipher-encryption-and-decryption
Gotcha, yes the socket communication is from the CLI to the agent, which is part of this implementation. So I'll have to dig more into the agent!
Also noticed that in the docs earlier already - it says you need to manage the encryption keys via ENV or similar if you don't want to run the agent (which holds them in memory)
AxelTheGerman
commented
3 years ago Not a full breakthrough yet, but I had a look at the agent code (which receives those socket connections). It uses the Cipherstring to encrypt_xxx and decrypt_xxx. Just need to get my encryption keys in order - should be able to figure those out from the login/lock/unlock methods 🤞
I'd like to request a GTK UI integration with rbw-agent. It seems like a great addition to this tool.
Anyway, would this be a consideration? Seems like you've done a majority of code, so writing a GTK based client that uses the same mechanism you setup for with the agent and all, might be good in.
I'd love to help as well, though I've never written Rust code, or GTK code, so may need some guidance. I tried to write something initially, so I could just raise PR, but I got dizzy trying to understand Rust.