Skip to main content

bitwarden_core/key_management/
mod.rs

1//! This module contains the definition for the key identifiers used by the rest of the crates.
2//! Any code that needs to interact with the [KeyStore] should use these types.
3//!
4//! - [SymmetricKeyId] is used to identify symmetric keys.
5//! - [PrivateKeyId] is used to identify private keys.
6//! - [KeyIds] is a helper type that combines both symmetric and private key identifiers. This is
7//!   usually used in the type bounds of [KeyStore],
8//!   [KeyStoreContext](bitwarden_crypto::KeyStoreContext),
9//!   [PrimitiveEncryptable](bitwarden_crypto::PrimitiveEncryptable),
10//!   [CompositeEncryptable](bitwarden_crypto::CompositeEncryptable), and
11//!   [Decryptable](bitwarden_crypto::Decryptable).
12
13use bitwarden_crypto::{KeyStore, SymmetricCryptoKey, key_ids};
14
15#[cfg(feature = "internal")]
16pub mod account_cryptographic_state;
17#[cfg(feature = "internal")]
18pub mod crypto;
19#[cfg(feature = "internal")]
20mod crypto_client;
21use bitwarden_encoding::B64;
22#[cfg(feature = "internal")]
23pub use crypto_client::CryptoClient;
24
25#[cfg(feature = "internal")]
26mod master_password;
27#[cfg(feature = "internal")]
28pub use master_password::{
29    MasterPasswordAuthenticationData, MasterPasswordError, MasterPasswordUnlockData,
30};
31#[cfg(feature = "internal")]
32mod security_state;
33#[cfg(feature = "internal")]
34pub use security_state::{
35    MINIMUM_ENFORCE_ICON_URI_HASH_VERSION, SecurityState, SignedSecurityState,
36};
37#[cfg(feature = "internal")]
38mod user_decryption;
39use serde::{Deserialize, Serialize};
40#[cfg(feature = "wasm")]
41use tsify::Tsify;
42#[cfg(feature = "internal")]
43pub use user_decryption::UserDecryptionData;
44#[cfg(feature = "internal")]
45mod v2_upgrade_token;
46#[cfg(feature = "internal")]
47pub use v2_upgrade_token::{V2UpgradeToken, V2UpgradeTokenError};
48
49#[cfg(all(feature = "internal", feature = "wasm"))]
50mod wasm_unlock_state;
51
52use crate::OrganizationId;
53
54/// Represents the decrypted symmetric user-key of a user. This is held in ephemeral state of the
55/// client.
56#[derive(Serialize, Deserialize, Debug, Clone)]
57#[repr(transparent)]
58#[cfg_attr(feature = "wasm", derive(Tsify), tsify(into_wasm_abi, from_wasm_abi))]
59#[cfg_attr(feature = "uniffi", derive(uniffi::Record))]
60pub struct UserKeyState {
61    decrypted_user_key: B64,
62}
63
64bitwarden_state::register_repository_item!(String => UserKeyState, "UserKey");
65
66key_ids! {
67    #[symmetric]
68    pub enum SymmetricKeyId {
69        Master,
70        User,
71        Organization(OrganizationId),
72        #[local]
73        Local(LocalId),
74    }
75
76    #[private]
77    pub enum PrivateKeyId {
78        UserPrivateKey,
79        #[local]
80        Local(LocalId),
81    }
82
83    #[signing]
84    pub enum SigningKeyId {
85        UserSigningKey,
86        #[local]
87        Local(LocalId),
88    }
89
90    pub KeyIds => SymmetricKeyId, PrivateKeyId, SigningKeyId;
91}
92
93/// This is a helper function to create a test KeyStore with a single user key.
94/// While this function is not marked as #[cfg(test)], it should only be used for testing purposes.
95/// It's only public so that other crates can make use of it in their own tests.
96pub fn create_test_crypto_with_user_key(key: SymmetricCryptoKey) -> KeyStore<KeyIds> {
97    let store = KeyStore::default();
98
99    #[allow(deprecated)]
100    store
101        .context_mut()
102        .set_symmetric_key(SymmetricKeyId::User, key.clone())
103        .expect("Mutable context");
104
105    store
106}
107
108/// This is a helper function to create a test KeyStore with a single user key and an organization
109/// key using the provided organization uuid. While this function is not marked as #[cfg(test)], it
110/// should only be used for testing purposes. It's only public so that other crates can make use of
111/// it in their own tests.
112pub fn create_test_crypto_with_user_and_org_key(
113    key: SymmetricCryptoKey,
114    org_id: OrganizationId,
115    org_key: SymmetricCryptoKey,
116) -> KeyStore<KeyIds> {
117    let store = KeyStore::default();
118
119    #[allow(deprecated)]
120    store
121        .context_mut()
122        .set_symmetric_key(SymmetricKeyId::User, key.clone())
123        .expect("Mutable context");
124
125    #[allow(deprecated)]
126    store
127        .context_mut()
128        .set_symmetric_key(SymmetricKeyId::Organization(org_id), org_key.clone())
129        .expect("Mutable context");
130
131    store
132}