Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin' into new-routing
Browse files Browse the repository at this point in the history
  • Loading branch information
dangtony98 committed Dec 27, 2022
2 parents 07c34c4 + f3e3a9e commit 924e3d7
Show file tree
Hide file tree
Showing 11 changed files with 180 additions and 62 deletions.
4 changes: 4 additions & 0 deletions backend/src/controllers/v1/secretController.ts
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,10 @@ interface PushSecret {
ivValue: string;
tagValue: string;
hashValue: string;
ciphertextComment: string;
ivComment: string;
tagComment: string;
hashComment: string;
type: 'shared' | 'personal';
}

Expand Down
32 changes: 28 additions & 4 deletions backend/src/helpers/secret.ts
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,10 @@ interface PushSecret {
ivValue: string;
tagValue: string;
hashValue: string;
ciphertextComment: string;
ivComment: string;
tagComment: string;
hashComment: string;
type: 'shared' | 'personal';
}

Expand Down Expand Up @@ -93,7 +97,8 @@ const pushSecrets = async ({
const toUpdate = oldSecrets
.filter((s) => {
if (`${s.type}-${s.secretKeyHash}` in newSecretsObj) {
if (s.secretValueHash !== newSecretsObj[`${s.type}-${s.secretKeyHash}`].hashValue) {
if (s.secretValueHash !== newSecretsObj[`${s.type}-${s.secretKeyHash}`].hashValue
|| s.secretCommentHash !== newSecretsObj[`${s.type}-${s.secretKeyHash}`].hashComment) {
// case: filter secrets where value changed
return true;
}
Expand All @@ -113,14 +118,22 @@ const pushSecrets = async ({
ciphertextValue,
ivValue,
tagValue,
hashValue
hashValue,
ciphertextComment,
ivComment,
tagComment,
hashComment
} = newSecretsObj[`${s.type}-${s.secretKeyHash}`];

const update: Update = {
secretValueCiphertext: ciphertextValue,
secretValueIV: ivValue,
secretValueTag: tagValue,
secretValueHash: hashValue
secretValueHash: hashValue,
secretCommentCiphertext: ciphertextComment,
secretCommentIV: ivComment,
secretCommentTag: tagComment,
secretCommentHash: hashComment,
}

if (!s.version) {
Expand Down Expand Up @@ -192,7 +205,11 @@ const pushSecrets = async ({
secretValueCiphertext: s.ciphertextValue,
secretValueIV: s.ivValue,
secretValueTag: s.tagValue,
secretValueHash: s.hashValue
secretValueHash: s.hashValue,
secretCommentCiphertext: s.ciphertextComment,
secretCommentIV: s.ivComment,
secretCommentTag: s.tagComment,
secretCommentHash: s.hashComment
};

if (toAdd[idx].type === 'personal') {
Expand Down Expand Up @@ -315,6 +332,13 @@ const reformatPullSecrets = ({ secrets }: { secrets: ISecret[] }) => {
iv: s.secretValueIV,
tag: s.secretValueTag,
hash: s.secretValueHash
},
secretComment: {
workspace: s.workspace,
ciphertext: s.secretCommentCiphertext,
iv: s.secretCommentIV,
tag: s.secretCommentTag,
hash: s.secretCommentHash
}
}));
} catch (err) {
Expand Down
20 changes: 20 additions & 0 deletions backend/src/models/secret.ts
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,10 @@ export interface ISecret {
secretValueIV: string;
secretValueTag: string;
secretValueHash: string;
secretCommentCiphertext?: string;
secretCommentIV?: string;
secretCommentTag?: string;
secretCommentHash?: string;
}

const secretSchema = new Schema<ISecret>(
Expand Down Expand Up @@ -82,6 +86,22 @@ const secretSchema = new Schema<ISecret>(
secretValueHash: {
type: String,
required: true
},
secretCommentCiphertext: {
type: String,
required: false
},
secretCommentIV: {
type: String, // symmetric
required: false
},
secretCommentTag: {
type: String, // symmetric
required: false
},
secretCommentHash: {
type: String,
required: false
}
},
{
Expand Down
8 changes: 8 additions & 0 deletions docs/cli/overview.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,14 @@ The Infisical CLI provides a way to inject environment variables from the platfo
sudo apt-get update && sudo apt-get install -y infisical
```

</Tab>
<Tab title="Arch Linux">
Use the `yay` package manager to install from the [Arch User Repository](https://aur.archlinux.org/packages/infisical-bin)

```bash
yay -S infisical-bin
```

</Tab>
</Tabs>

Expand Down
5 changes: 4 additions & 1 deletion frontend/components/basic/Toggle.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ interface OverrideProps {
keyName: string;
value: string;
pos: number;
comment: string;
}

interface ToggleProps {
Expand All @@ -17,6 +18,7 @@ interface ToggleProps {
value: string;
pos: number;
id: string;
comment: string;
deleteOverride: (id: string) => void;
sharedToHide: string[];
setSharedToHide: (values: string[]) => void;
Expand Down Expand Up @@ -46,6 +48,7 @@ export default function Toggle ({
value,
pos,
id,
comment,
deleteOverride,
sharedToHide,
setSharedToHide
Expand All @@ -55,7 +58,7 @@ export default function Toggle ({
checked={enabled}
onChange={() => {
if (enabled == false) {
addOverride({ id, keyName, value, pos });
addOverride({ id, keyName, value, pos, comment });
setSharedToHide([
...sharedToHide!,
id
Expand Down
16 changes: 16 additions & 0 deletions frontend/components/dashboard/CommentField.tsx
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
/**
* This is the text field where people can add comments to particular secrets.
*/
const CommentField = ({ comment, modifyComment, position }: { comment: string; modifyComment: (value: string, posistion: number) => void; position: number;}) => {
return <div className={`relative mt-4 px-4 pt-4`}>
<p className='text-sm text-bunker-300'>Comments & notes</p>
<textarea
className="bg-bunker-800 h-32 w-full bg-bunker-800 p-2 rounded-md border border-mineshaft-500 text-sm text-bunker-300 outline-none focus:ring-2 ring-primary-800 ring-opacity-70"
value={comment}
onChange={(e) => modifyComment(e.target.value, position)}
placeholder="Leave any comments here..."
/>
</div>
}

export default CommentField;
6 changes: 3 additions & 3 deletions frontend/components/dashboard/DropZone.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@ const DropZone = ({
</div>
) : keysExist ? (
<div
className="opacity-60 hover:opacity-100 duration-200 relative bg-bunker outline max-w-[calc(100%-1rem)] w-full outline-dashed outline-gray-600 rounded-md outline-2 flex flex-col items-center justify-center mb-16 mx-auto mt-1 py-8 px-2"
className="opacity-60 hover:opacity-100 duration-200 relative bg-mineshaft-900 outline max-w-[calc(100%-1rem)] w-full outline-dashed outline-chicago-600 rounded-md outline-2 flex flex-col items-center justify-center mb-16 mx-auto mt-1 py-8 px-2"
onDragEnter={handleDragEnter}
onDragOver={handleDragOver}
onDragLeave={handleDragLeave}
Expand All @@ -147,9 +147,9 @@ const DropZone = ({
<div className="flex flex-row">
<FontAwesomeIcon
icon={faUpload}
className="text-gray-300 text-3xl mr-6"
className="text-bunker-300 text-3xl mr-6"
/>
<p className="text-gray-300 mt-1">
<p className="text-bunker-300 mt-1">
Drag and drop your .env file here to add more keys.
</p>
</div>
Expand Down
18 changes: 7 additions & 11 deletions frontend/components/dashboard/SideBar.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import SecretVersionList from 'ee/components/SecretVersionList';

import Button from '../basic/buttons/Button';
import Toggle from '../basic/Toggle';
import CommentField from './CommentField';
import DashboardInputField from './DashboardInputField';
import GenerateSecretMenu from './GenerateSecretMenu';

Expand All @@ -15,20 +16,23 @@ interface SecretProps {
pos: number;
type: string;
id: string;
comment: string;
}

interface OverrideProps {
id: string;
keyName: string;
value: string;
pos: number;
comment: string;
}

interface SideBarProps {
toggleSidebar: (value: string) => void;
data: SecretProps[];
modifyKey: (value: string, position: number) => void;
modifyValue: (value: string, position: number) => void;
modifyComment: (value: string, position: number) => void;
addOverride: (value: OverrideProps) => void;
deleteOverride: (id: string) => void;
buttonReady: boolean;
Expand Down Expand Up @@ -56,6 +60,7 @@ const SideBar = ({
data,
modifyKey,
modifyValue,
modifyComment,
addOverride,
deleteOverride,
buttonReady,
Expand Down Expand Up @@ -115,6 +120,7 @@ const SideBar = ({
value={data[0].value}
pos={data[0].pos}
id={data[0].id}
comment={data[0].comment}
deleteOverride={deleteOverride}
sharedToHide={sharedToHide}
setSharedToHide={setSharedToHide}
Expand Down Expand Up @@ -143,17 +149,7 @@ const SideBar = ({
isFull={true}
/>
</div> */}
<div className={`relative mt-4 px-4 pt-4`}>
<div className='flex flex-row justify-between'>
<p className='text-sm text-bunker-300'>Comments & notes</p>
<div className="bg-yellow rounded-md h-min">
<p className="relative text-black text-xs px-1.5 h-min">Coming soon!</p>
</div>
</div>
<div className='h-32 opacity-50 w-full bg-bunker-800 p-2 rounded-md border border-mineshaft-500 rounded-md text-sm text-bunker-300'>
Leave your comment here...
</div>
</div>
<CommentField comment={data.filter(secret => secret.type == "shared")[0]?.comment} modifyComment={modifyComment} position={data[0].pos} />
</div>
<div className={`flex justify-start max-w-sm mt-4 px-4 mt-full mb-[4.7rem]`}>
<Button
Expand Down
33 changes: 28 additions & 5 deletions frontend/components/utilities/secrets/getSecretsForProject.ts
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,13 @@ const {
const nacl = require('tweetnacl');
nacl.util = require('tweetnacl-util');

interface SecretProps {
key: string;
value: string;
type: 'personal' | 'shared';
comment: string;
}

interface Props {
env: keyof typeof envMapping;
setFileState: any;
Expand All @@ -34,12 +41,12 @@ const getSecretsForProject = async ({
} catch (error) {
console.log('ERROR: Not able to access the latest file');
}
// This is called isKeyAvilable but what it really means is if a person is able to create new key pairs
// This is called isKeyAvailable but what it really means is if a person is able to create new key pairs
setIsKeyAvailable(!file.key ? file.secrets.length == 0 : true);

const PRIVATE_KEY = localStorage.getItem('PRIVATE_KEY');

const tempFileState: { key: string; value: string; type: 'personal' | 'shared'; }[] = [];
const tempFileState: SecretProps[] = [];
if (file.key) {
// assymmetrically decrypt symmetric key with local private key
const key = decryptAssymmetric({
Expand All @@ -64,10 +71,24 @@ const getSecretsForProject = async ({
tag: secretPair.secretValue.tag,
key
});

let plainTextComment;
if (secretPair.secretComment.ciphertext) {
plainTextComment = decryptSymmetric({
ciphertext: secretPair.secretComment.ciphertext,
iv: secretPair.secretComment.iv,
tag: secretPair.secretComment.tag,
key
});
} else {
plainTextComment = "";
}

tempFileState.push({
key: plainTextKey,
value: plainTextValue,
type: secretPair.type
type: secretPair.type,
comment: plainTextComment
});
});
}
Expand All @@ -80,7 +101,8 @@ const getSecretsForProject = async ({
pos: index,
key: line['key'],
value: line['value'],
type: line['type']
type: line['type'],
comment: line['comment']
};
})
);
Expand All @@ -91,7 +113,8 @@ const getSecretsForProject = async ({
pos: index,
key: line['key'],
value: line['value'],
type: line['type']
type: line['type'],
comment: line['comment']
};
});
} catch (error) {
Expand Down
14 changes: 14 additions & 0 deletions frontend/components/utilities/secrets/pushKeys.ts
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,16 @@ const pushKeys = async({ obj, workspaceId, env }: { obj: object; workspaceId: st
key: randomBytes,
});

// encrypt comment
const {
ciphertext: ciphertextComment,
iv: ivComment,
tag: tagComment,
} = encryptSymmetric({
plaintext: obj[key as keyof typeof obj][1],
key: randomBytes,
});

const visibility = key.charAt(0) == "p" ? "personal" : "shared";

return {
Expand All @@ -76,6 +86,10 @@ const pushKeys = async({ obj, workspaceId, env }: { obj: object; workspaceId: st
ivValue,
tagValue,
hashValue: crypto.createHash("sha256").update(obj[key as keyof typeof obj][0]).digest("hex"),
ciphertextComment,
ivComment,
tagComment,
hashComment: crypto.createHash("sha256").update(obj[key as keyof typeof obj][1]).digest("hex"),
type: visibility,
};
});
Expand Down
Loading

0 comments on commit 924e3d7

Please sign in to comment.