update to use Bitwarden native SSH key type

Support Bitwarden's new native SSH key type (type 5) introduced in CLI version 2024.12.0. Previously, SSH keys were stored as notes with attachments. This update removes the legacy handling and uses the structured sshKey property instead. - Add version check for Bitwarden CLI (>= 2024.12.0) - Filter items by type 5 (SSH key) in Get-FolderItems - Update Get-PrivatePublicKey to use sshKey.privateKey and sshKey.publicKey - Remove legacy handling of notes and attachments - Update prerequisites check to ensure minimum CLI version Breaking Changes: - Requires Bitwarden CLI version 2024.12.0 or higher - Only works with SSH keys stored as native SSH key items (type 5) - Existing SSH keys stored as notes with attachments must be migrated to the new SSH key item type manually
2024-12-13 21:08:45 +01:00
parent 7744667c3d
commit c8f75649af
1 changed files with 21 additions and 20 deletions
--- a/vaultwarden_ssh-agent.ps1
+++ b/vaultwarden_ssh-agent.ps1
@@ -84,13 +84,18 @@ function Test-Prerequisites {
        throw "SSH agent is not running. Please start the SSH agent service."
    }

-    # Check if bw CLI is available
-    if (-not (Get-Command "bw" -ErrorAction SilentlyContinue)) {
-        throw "Bitwarden CLI not found. Please install the Bitwarden CLI."
+    # Check if bw CLI is available and version
+    try {
+        $bwVersion = & bw --version
+        if ($bwVersion -match '(\d{4})\.(\d{1,2})' -and 
+            ("$($matches[1])$($matches[2].PadLeft(2,'0'))" -lt "202412")) {
+            throw "Bitwarden CLI version $bwVersion is not supported. Please upgrade to version 2024.12.0 or above to use SSH key features."
+        }
+    } catch {
+        throw "Bitwarden CLI not found or version check failed. Please install Bitwarden CLI 2024.12.0 or above."
    }
 }

-
 function Test-VaultwardenConfig {
    [CmdletBinding()]
    param()
@@ -258,9 +263,11 @@ function Get-FolderItems {
    )
    
    Write-Debug "Getting items from folder: $FolderId"
+    # Add filter for SSH key type (type=5)
    $Items = & bw list items --session $Session --folderid $FolderId | ConvertFrom-Json
-    Write-Debug "Found $($Items.Count) items"
-    return $Items
+    $SshKeyItems = $Items | Where-Object { $_.type -eq 5 }
+    Write-Debug "Found $($SshKeyItems.Count) SSH key items"
+    return $SshKeyItems
 }

 function Get-PrivatePublicKey {
@@ -273,27 +280,21 @@ function Get-PrivatePublicKey {
    )

    try {
-        # Get and validate public key
-        $PublicKey = if ($Item.notes -is [array]) { 
-            $Item.notes -join "`n" 
-        } else { 
-            $Item.notes 
+        if ($Item.type -ne 5) {
+            throw "Item is not an SSH key type"
        }
+
+        # Get public key from the sshKey property
+        $PublicKey = $Item.sshKey.publicKey
        
        if (-not (Test-SSHKey -KeyContent $PublicKey -KeyType 'Public')) {
-            throw "Invalid public key format in notes"
+            throw "Invalid public key format"
        }
        
        Write-Debug "Valid public key found for: $($Item.name)"
        
-        # Get and validate private key
-        $Attachment = $Item.attachments | Select-Object -First 1
-        if (-not $Attachment) {
-            throw "No attachment found"
-        }  
-
-        $PrivateKey = & bw get attachment $Attachment.id --session $Session --itemid $Item.id --raw
-        $PrivateKey = $PrivateKey -join "`n"
+        # Get private key from the sshKey property
+        $PrivateKey = $Item.sshKey.privateKey
        
        if (-not (Test-SSHKey -KeyContent $PrivateKey -KeyType 'Private')) {
            throw "Invalid private key format"