Release v6.2.2 (#1251)

* fix: nodejs crypto privateDecrypt function changed to use NodeRSA for Windows RDP cr: https://code.amazon.com/reviews/CR-117206787 * chore: fix lint error cr: https://code.amazon.com/reviews/CR-117215204 * chore: update changelog cr: https://code.amazon.com/reviews/CR-117316639 --------- Co-authored-by: Sanket Dharwadkar <[email protected]> Co-authored-by: HaiTao Zhang <[email protected]>
awslabs · Mar 13, 2024 · 0cb6136 · 0cb6136
1 parent cb005ef
commit 0cb6136
Show file tree

Hide file tree

Showing 6 changed files with 3,014 additions and 2,874 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,12 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [6.2.2](https://github.com/awslabs/service-workbench-on-aws/compare/v6.2.1...v6.2.2) (2024-03-13)
+
+### Bug Fixes
+
+* fix for EC2 windows connection logic ([a5b1c033](https://github.com/awslabs/service-workbench-on-aws/commit/a5b1c0330ef2355e45c0bb59182749d653d93f1e))
+
 ### [6.2.1](https://github.com/awslabs/service-workbench-on-aws/compare/v6.2.0...v6.2.1) (2024-02-08)
 ## Maintenance Notice
 

diff --git a/addons/addon-base-raas-ui/packages/base-raas-ui/package.json b/addons/addon-base-raas-ui/packages/base-raas-ui/package.json
@@ -21,6 +21,7 @@
     "mobx-react": "^6.3.1",
     "mobx-react-form": "^2.0.9",
     "mobx-state-tree": "^3.17.3",
+    "node-rsa": "^1.1.1",
     "numeral": "^2.0.6",
     "pretty-bytes": "^5.6.0",
     "prop-types": "^15.8.1",

diff --git a/...ase-raas-ui/packages/base-raas-ui/src/parts/environments-builtin/EnvironmentDetailPage.js b/...ase-raas-ui/packages/base-raas-ui/src/parts/environments-builtin/EnvironmentDetailPage.js
@@ -36,7 +36,7 @@ import {
 } from 'semantic-ui-react';
 import { CopyToClipboard } from 'react-copy-to-clipboard';
 
-import crypto from 'crypto';
+import NodeRSA from 'node-rsa';
 
 import { gotoFn } from '@amzn/base-ui/dist/helpers/routing';
 import { swallowError } from '@amzn/base-ui/dist/helpers/utils';
@@ -465,12 +465,11 @@ class EnvironmentDetailPage extends React.Component {
     const environment = this.getEnvironment();
     const [{ privateKey }, { passwordData }] = await environment.getWindowsPassword();
 
-    const password = crypto
-      .privateDecrypt(
-        { key: privateKey, padding: crypto.constants.RSA_PKCS1_PADDING },
-        Buffer.from(passwordData, 'base64'),
-      )
-      .toString('utf8');
+    const keyRSA = new NodeRSA(privateKey, 'private', {
+      environment: 'browser',
+      encryptionScheme: 'pkcs1',
+    });
+    const password = keyRSA.decrypt(Buffer.from(passwordData, 'base64'), 'buffer').toString('utf8');
 
     runInAction(() => {
       this.windowsPassword = password;

diff --git a/...vices/lib/environment/service-catalog/__tests__/environment-sc-connection-service.test.js b/...vices/lib/environment/service-catalog/__tests__/environment-sc-connection-service.test.js
@@ -16,7 +16,7 @@
 const ServicesContainer = require('@amzn/base-services-container/lib/services-container');
 const JsonSchemaValidationService = require('@amzn/base-services/lib/json-schema-validation-service');
 const Logger = require('@amzn/base-services/lib/logger/logger-service');
-const crypto = require('crypto');
+const NodeRSA = require('node-rsa');
 const Boom = require('@amzn/base-services-container/lib/boom');
 
 // Mocked dependencies
@@ -67,6 +67,7 @@ AgMBAAE=
 -----END PUBLIC KEY-----`,
       ),
     })),
+    decrypt: jest.fn(() => `rstudio-user\nfcc91a0d7cfdef9fea2854f2b8b2c80355c391ca617e08567e6584efe6833948`),
   })),
 );
 
@@ -612,10 +613,11 @@ jM0re//6SUWx/9VfBLN+6Ul8wcqGR2uCmK/PJpzWYxz0IzhnyA==
       const encodedCreds = result.url.split('?v=')[1];
       const decodedCreds = decodeURIComponent(encodedCreds);
       const credBuff = Buffer.from(decodedCreds, 'base64');
-      const decryptedCreds = crypto.privateDecrypt(
-        { key: privateKeyBuffer, padding: crypto.constants.RSA_PKCS1_PADDING },
-        credBuff,
-      );
+      const keyRSA = new NodeRSA(privateKeyBuffer, 'private', {
+        environment: 'browser',
+        encryptionScheme: 'pkcs1',
+      });
+      const decryptedCreds = keyRSA.decrypt(credBuff, 'buffer');
       expect(decryptedCreds.toString('utf8')).toBe(credentials);
     });
 

diff --git a/...s/base-raas-services/lib/environment/service-catalog/environment-sc-connection-service.js b/...s/base-raas-services/lib/environment/service-catalog/environment-sc-connection-service.js
@@ -384,12 +384,11 @@ class EnvironmentScConnectionService extends Service {
     const { PasswordData: passwordData } = await ec2.getPasswordData({ InstanceId: connection.instanceId }).promise();
     const { privateKey } = await environmentScKeypairService.mustFind(requestContext, envId);
 
-    const password = crypto
-      .privateDecrypt(
-        { key: privateKey, padding: crypto.constants.RSA_PKCS1_PADDING },
-        Buffer.from(passwordData, 'base64'),
-      )
-      .toString('utf8');
+    const keyRSA = new NodeRSA(privateKey, 'private', {
+      environment: 'browser',
+      encryptionScheme: 'pkcs1',
+    });
+    const password = keyRSA.decrypt(Buffer.from(passwordData, 'base64'), 'buffer').toString('utf8');
 
     // Write audit event
     await this.audit(requestContext, { action: 'env-windows-password-requested', body: { id: envId, connection } });