From ac3f4bc64c976112642db6ba5f01b709f581d9eb Mon Sep 17 00:00:00 2001 From: Luis Mauro Date: Wed, 20 Sep 2023 19:30:29 -0600 Subject: [PATCH] handle V3 and V2 --- ee/packages/license/package.json | 1 + ee/packages/license/src/decrypt.ts | 15 +++++++++++++++ ee/packages/license/src/license.ts | 5 +++-- packages/jwt/tsconfig.json | 1 + yarn.lock | 1 + 5 files changed, 21 insertions(+), 2 deletions(-) diff --git a/ee/packages/license/package.json b/ee/packages/license/package.json index 9b236ce0df8e..60122ac88139 100644 --- a/ee/packages/license/package.json +++ b/ee/packages/license/package.json @@ -23,6 +23,7 @@ ], "dependencies": { "@rocket.chat/core-typings": "workspace:^", + "@rocket.chat/jwt": "workspace:^", "@rocket.chat/logger": "workspace:^", "@rocket.chat/models": "workspace:^" } diff --git a/ee/packages/license/src/decrypt.ts b/ee/packages/license/src/decrypt.ts index 62e34817aec6..87fd55b507d5 100644 --- a/ee/packages/license/src/decrypt.ts +++ b/ee/packages/license/src/decrypt.ts @@ -1,9 +1,24 @@ import crypto from 'crypto'; +import { verify } from '@rocket.chat/jwt'; + const publicKey = 'LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQ0lqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FnOEFNSUlDQ2dLQ0FnRUFxV1Nza2Q5LzZ6Ung4a3lQY2ljcwpiMzJ3Mnd4VnV3N3lCVDk2clEvOEQreU1lQ01POXdTU3BIYS85bkZ5d293RXRpZ3B0L3dyb1BOK1ZHU3didHdQCkZYQmVxRWxCbmRHRkFsODZlNStFbGlIOEt6L2hHbkNtSk5tWHB4RUsyUkUwM1g0SXhzWVg3RERCN010eC9pcXMKY2pCL091dlNCa2ppU2xlUzdibE5JVC9kQTdLNC9DSjNvaXUwMmJMNEV4Y2xDSGVwenFOTWVQM3dVWmdweE9uZgpOT3VkOElYWUs3M3pTY3VFOEUxNTdZd3B6Q0twVmFIWDdaSmY4UXVOc09PNVcvYUlqS2wzTDYyNjkrZUlPRXJHCndPTm1hSG56Zmc5RkxwSmh6Z3BPMzhhVm43NnZENUtLakJhaldza1krNGEyZ1NRbUtOZUZxYXFPb3p5RUZNMGUKY0ZXWlZWWjNMZWg0dkVNb1lWUHlJeng5Nng4ZjIveW1QbmhJdXZRdjV3TjRmeWVwYTdFWTVVQ2NwNzF6OGtmUAo0RmNVelBBMElEV3lNaWhYUi9HNlhnUVFaNEdiL3FCQmh2cnZpSkNGemZZRGNKZ0w3RmVnRllIUDNQR0wwN1FnCnZMZXZNSytpUVpQcnhyYnh5U3FkUE9rZ3VyS2pWclhUVXI0QTlUZ2lMeUlYNVVsSnEzRS9SVjdtZk9xWm5MVGEKU0NWWEhCaHVQbG5DR1pSMDFUb1RDZktoTUcxdTBDRm5MMisxNWhDOWZxT21XdjlRa2U0M3FsSjBQZ0YzVkovWAp1eC9tVHBuazlnbmJHOUpIK21mSDM5Um9GdlROaW5Zd1NNdll6dXRWT242OXNPemR3aERsYTkwbDNBQ2g0eENWCks3Sk9YK3VIa29OdTNnMmlWeGlaVU0wQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo='; +// #TODO: use async/await export default function decrypt(encrypted: string): string { + // handle V3 + if (encrypted.startsWith('RCV3_')) { + let decrypted = ''; + const jwt = encrypted.substring(5); + + verify(jwt, publicKey).then(([payload, _header]) => { + decrypted = JSON.stringify(payload); + }); + + return decrypted; + } + const decrypted = crypto.publicDecrypt(Buffer.from(publicKey, 'base64').toString('utf-8'), Buffer.from(encrypted, 'base64')); return decrypted.toString('utf-8'); diff --git a/ee/packages/license/src/license.ts b/ee/packages/license/src/license.ts index 64f75eb501ee..12767271a6bc 100644 --- a/ee/packages/license/src/license.ts +++ b/ee/packages/license/src/license.ts @@ -128,8 +128,9 @@ export const setLicense = async (encryptedLicense: string, forceSet = false): Pr logger.debug({ msg: 'license', decrypted }); } - // #TODO: Check license version and call setLicenseV2 or setLicenseV3 - await setLicenseV2(JSON.parse(decrypted), encryptedLicense); + encryptedLicense.startsWith('RCV3_') + ? await setLicenseV3(JSON.parse(decrypted), encryptedLicense) + : await setLicenseV2(JSON.parse(decrypted), encryptedLicense); return true; } catch (e) { diff --git a/packages/jwt/tsconfig.json b/packages/jwt/tsconfig.json index a132d2e280b6..52e9dd8c4976 100644 --- a/packages/jwt/tsconfig.json +++ b/packages/jwt/tsconfig.json @@ -1,6 +1,7 @@ { "extends": "../../tsconfig.base.server.json", "compilerOptions": { + "declaration": true, "rootDir": "./src", "outDir": "./dist" }, diff --git a/yarn.lock b/yarn.lock index 699acede8b85..3f648e888646 100644 --- a/yarn.lock +++ b/yarn.lock @@ -8395,6 +8395,7 @@ __metadata: resolution: "@rocket.chat/license@workspace:ee/packages/license" dependencies: "@rocket.chat/core-typings": "workspace:^" + "@rocket.chat/jwt": "workspace:^" "@rocket.chat/logger": "workspace:^" "@rocket.chat/models": "workspace:^" "@types/jest": ~29.5.3