[PM-22812] Attachments get corrupted when downgrading from cipherkeys #15324
Conversation
|
Great job, no security vulnerabilities found in this Pull Request |
gbubemismith
dismissed stale reviews from shane-melton and nick-livefront
via
a5f9fcc
|
@gbubemismith Looks like we have failing tests, not 100% sure if related to these changes though |
Looks like this PR hasn't been implemented yet on the client |
There was a problem hiding this comment.
@gbubemismith These changes look good to me, the PR you linked above. Can that be pulled in and the failing CI resolved? Or is this dependent on anything else?
This PR addresses it |
|
Codecov ReportAttention: Patch coverage is
✅ All tests successful. No failed tests found.
Additional details and impacted files@@ Coverage Diff @@
## main #15324 +/- ##
=======================================
Coverage 37.18% 37.19%
=======================================
Files 3275 3275
Lines 94347 94349 +2
Branches 14240 14242 +2
=======================================
+ Hits 35083 35090 +7
+ Misses 57811 57804 -7
- Partials 1453 1455 +2 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
🎟️ Tracking
https://bitwarden.atlassian.net/browse/PM-22812
related to this PR
📔 Objective
Editing a cipher with attachments causes attachment corruption when switching between cipher-key encryption and user-key encryption in either direction. The SDK's AttachmentView was not providing the decrypted attachment key needed for re-encryption scenarios. When the cipher gets re-encrypted between different encryption contexts (cipher-key ↔ user-key) during save, the client needs the decrypted attachment key to properly re-encrypt it under the new encryption context. Without this, null gets posted for the attachment key, breaking decryption.
This is a temporary solution during the migration from TypeScript to the SDK. The decrypted_key field should be removed once all encryption logic is handled within the SDK.
Cleanup tracked in: https://bitwarden.atlassian.net/browse/PM-23005
📸 Screenshots
⏰ Reminders before review
🦮 Reviewer guidelines
:+1:) or similar for great changes:memo:) or ℹ️ (:information_source:) for notes or general info:question:) for questions:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion:art:) for suggestions / improvements:x:) or:warning:) for more significant problems or concerns needing attention:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt:pick:) for minor or nitpick changes