search

passbolt / passbolt_browser_extension

Browser extensions (Firefox, Edge & Chrome) for Passbolt the open source password manager for teams
https://passbolt.com
GNU Affero General Public License v3.0
233 stars 72 forks source link

Error when parsing key user id #53

Closed clns closed 6 years ago

clns commented 6 years ago

Passbolt breaks when setting up an account with the "Comment" field not blank

What you did

Filled in the "Comment" field on the Create a new key screen, when setting up an account.

screen shot 2018-11-07 at 11 27 44 am

What happened

On the last step, the extension throws this error: error importing the private key : Error when parsing key user id.

The json snippet is similar to this:

{
  "error": "error importing the private key : Error when parsing key user id",
  "setup": {
    "stepId": "login_redirection",
    "stepsHistory": "domain_check/define_key/secret/backup_key/security_token",
    "user": {
      "username": "email@example.com",
      "firstname": "User",
      "lastname": "Name",
      "id": "a426d73a-3aed-4dca-9503-7658f7e99fe7"
    },
    "key": {
      "ownerName": "User Name",
      "ownerEmail": "email@example.com",
      "comment": "comment here",
      "length": "2048",
      "algorithm": "RSA-DSA",
      "passphrase": "",
      "publicKeyArmored": "-----BEGIN PGP PUBLIC KEY BLOCK-----\r\n...\r\n-----END PGP PUBLIC KEY BLOCK-----\r\n",
      "privateKeyArmored": ""
    },
    "settings": {
      "token": "6464142d-6262-4fdc-a470-8ec5e82e2e5d",
      "domain": "https://passbolt.domain.com",
      "workflow": "install",
      "armoredServerKey": "-----BEGIN PGP PUBLIC KEY BLOCK-----...\n-----END PGP PUBLIC KEY BLOCK-----\n",
      "securityToken": {
        "code": "PUR",
        "color": "#a65cff",
        "textcolor": "#000"
      }
    }
  },
  "additional": {
    "key": "-----BEGIN PGP PRIVATE KEY BLOCK-----\r\n...\r\n-----END PGP PRIVATE KEY BLOCK-----\r\n",
    "userId": "a426d73a-3aed-4dca-9503-7658f7e99fe7"
  }
}

I think the problem is here: https://github.com/passbolt/passbolt_browser_extension/blob/aa8283378f6d8bcadfabc9ae96508f98c02232b9/src/all/background_page/model/keyring.js#L257

// Extract name & email from key userIds.
  let i, match, myRegexp = XRegExp(/(.*) <(\S+@\S+)>$/g);
  for (i in userIds) {
    match = XRegExp.exec(userIds[i], myRegexp);
    if(match === null) {
      throw new Error('Error when parsing key user id');
    }
    userIdsSplited.push({
      name: match[1],
      email: match[2]
    });
  }

Apparently when "Comment" field is not blank, the userId is something like User Name <email@example.com> (comment here), which doesn't match the regex /(.*) <(\S+@\S+)>$/g, so the browser extension stops working. This means any action that requires reading the keys (password create, group member add, etc.) fails.

cedricalfonsi commented 6 years ago

Thank you for the detailed report @clns

cedricalfonsi commented 6 years ago

Fixed with v2.4.4