bitwarden_core/key_management/
mod.rs

1//! This module contains the definition for the key identifiers used by the rest of the crates.
2//! Any code that needs to interact with the [KeyStore] should use these types.
3//!
4//! - [SymmetricKeyId] is used to identify symmetric keys.
5//! - [AsymmetricKeyId] is used to identify asymmetric keys.
6//! - [KeyIds] is a helper type that combines both symmetric and asymmetric key identifiers. This is
7//!   usually used in the type bounds of [KeyStore],
8//!   [KeyStoreContext](bitwarden_crypto::KeyStoreContext),
9//!   [PrimitiveEncryptable](bitwarden_crypto::PrimitiveEncryptable),
10//!   [CompositeEncryptable](bitwarden_crypto::CompositeEncryptable), and
11//!   [Decryptable](bitwarden_crypto::Decryptable).
12
13use bitwarden_crypto::{KeyStore, SymmetricCryptoKey, key_ids};
14
15#[cfg(feature = "internal")]
16pub mod crypto;
17#[cfg(feature = "internal")]
18mod crypto_client;
19#[cfg(feature = "internal")]
20pub use crypto_client::CryptoClient;
21
22#[cfg(feature = "internal")]
23mod master_password;
24#[cfg(feature = "internal")]
25pub use master_password::MasterPasswordError;
26#[cfg(feature = "internal")]
27pub(crate) use master_password::{MasterPasswordAuthenticationData, MasterPasswordUnlockData};
28#[cfg(feature = "internal")]
29mod security_state;
30#[cfg(feature = "internal")]
31pub use security_state::{SecurityState, SignedSecurityState};
32#[cfg(feature = "internal")]
33mod user_decryption;
34#[cfg(feature = "internal")]
35pub use user_decryption::UserDecryptionData;
36
37use crate::OrganizationId;
38
39key_ids! {
40    #[symmetric]
41    pub enum SymmetricKeyId {
42        Master,
43        User,
44        Organization(OrganizationId),
45        #[local]
46        Local(LocalId),
47    }
48
49    #[asymmetric]
50    pub enum AsymmetricKeyId {
51        UserPrivateKey,
52        #[local]
53        Local(LocalId),
54    }
55
56    #[signing]
57    pub enum SigningKeyId {
58        UserSigningKey,
59        #[local]
60        Local(LocalId),
61    }
62
63    pub KeyIds => SymmetricKeyId, AsymmetricKeyId, SigningKeyId;
64}
65
66/// This is a helper function to create a test KeyStore with a single user key.
67/// While this function is not marked as #[cfg(test)], it should only be used for testing purposes.
68/// It's only public so that other crates can make use of it in their own tests.
69pub fn create_test_crypto_with_user_key(key: SymmetricCryptoKey) -> KeyStore<KeyIds> {
70    let store = KeyStore::default();
71
72    #[allow(deprecated)]
73    store
74        .context_mut()
75        .set_symmetric_key(SymmetricKeyId::User, key.clone())
76        .expect("Mutable context");
77
78    store
79}
80
81/// This is a helper function to create a test KeyStore with a single user key and an organization
82/// key using the provided organization uuid. While this function is not marked as #[cfg(test)], it
83/// should only be used for testing purposes. It's only public so that other crates can make use of
84/// it in their own tests.
85pub fn create_test_crypto_with_user_and_org_key(
86    key: SymmetricCryptoKey,
87    org_id: OrganizationId,
88    org_key: SymmetricCryptoKey,
89) -> KeyStore<KeyIds> {
90    let store = KeyStore::default();
91
92    #[allow(deprecated)]
93    store
94        .context_mut()
95        .set_symmetric_key(SymmetricKeyId::User, key.clone())
96        .expect("Mutable context");
97
98    #[allow(deprecated)]
99    store
100        .context_mut()
101        .set_symmetric_key(SymmetricKeyId::Organization(org_id), org_key.clone())
102        .expect("Mutable context");
103
104    store
105}