From a0f45304563e6c02471012801f5a9bd7f70c1f2c Mon Sep 17 00:00:00 2001 From: Andreas Coroiu Date: Mon, 14 Oct 2024 14:44:31 +0200 Subject: [PATCH] [PM-11764] Implement account switching and sdk initialization (#1116) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## 🎟ī¸ Tracking ## 📔 Objective - Expose crypto client - Add error handling ## ⏰ Reminders before review - Contributor guidelines followed - All formatters and local linters executed and passed - Written new unit and / or integration tests where applicable - Protected functional changes with optionality (feature flags) - Used internationalization (i18n) for all UI strings - CI builds passed - Communicated to DevOps any deployment requirements - Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team ## đŸĻŽ Reviewer guidelines - 👍 (`:+1:`) or similar for great changes - 📝 (`:memo:`) or ℹī¸ (`:information_source:`) for notes or general info - ❓ (`:question:`) for questions - 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion - 🎨 (`:art:`) for suggestions / improvements - ❌ (`:x:`) or ⚠ī¸ (`:warning:`) for more significant problems or concerns needing attention - 🌱 (`:seedling:`) or â™ģī¸ (`:recycle:`) for future improvements or indications of technical debt - ⛏ (`:pick:`) for minor or nitpick changes --- Cargo.lock | 6 ++++ crates/bitwarden-core/src/mobile/crypto.rs | 6 ++++ crates/bitwarden-crypto/Cargo.toml | 3 ++ .../src/enc_string/asymmetric.rs | 7 +++- .../src/enc_string/symmetric.rs | 6 ++++ .../bitwarden-crypto/src/keys/master_key.rs | 3 ++ crates/bitwarden-vault/Cargo.toml | 3 ++ crates/bitwarden-vault/src/folder.rs | 4 +++ crates/bitwarden-wasm-internal/Cargo.toml | 2 ++ crates/bitwarden-wasm-internal/src/client.rs | 12 ++++++- crates/bitwarden-wasm-internal/src/crypto.rs | 33 +++++++++++++++++++ .../src/custom_types.rs | 22 +++++++++++++ crates/bitwarden-wasm-internal/src/error.js | 13 ++++++++ crates/bitwarden-wasm-internal/src/error.rs | 27 +++++++++++++++ crates/bitwarden-wasm-internal/src/lib.rs | 8 +++++ .../src/vault/folders.rs | 24 ++++++++++++++ .../bitwarden-wasm-internal/src/vault/mod.rs | 24 ++++++++++++++ languages/js/sdk-internal/.gitignore | 1 + 18 files changed, 202 insertions(+), 2 deletions(-) create mode 100644 crates/bitwarden-wasm-internal/src/crypto.rs create mode 100644 crates/bitwarden-wasm-internal/src/custom_types.rs create mode 100644 crates/bitwarden-wasm-internal/src/error.js create mode 100644 crates/bitwarden-wasm-internal/src/error.rs create mode 100644 crates/bitwarden-wasm-internal/src/vault/folders.rs create mode 100644 crates/bitwarden-wasm-internal/src/vault/mod.rs diff --git a/Cargo.lock b/Cargo.lock index 678c86e57..e9b7646b2 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -475,8 +475,10 @@ dependencies = [ "sha2", "subtle", "thiserror", + "tsify-next", "uniffi", "uuid", + "wasm-bindgen", "zeroize", ] @@ -656,8 +658,10 @@ dependencies = [ "sha2", "thiserror", "tokio", + "tsify-next", "uniffi", "uuid", + "wasm-bindgen", ] [[package]] @@ -682,6 +686,8 @@ name = "bitwarden-wasm-internal" version = "0.1.0" dependencies = [ "bitwarden-core", + "bitwarden-crypto", + "bitwarden-vault", "console_error_panic_hook", "console_log", "js-sys", diff --git a/crates/bitwarden-core/src/mobile/crypto.rs b/crates/bitwarden-core/src/mobile/crypto.rs index 2aae903c5..1b027df43 100644 --- a/crates/bitwarden-core/src/mobile/crypto.rs +++ b/crates/bitwarden-core/src/mobile/crypto.rs @@ -6,6 +6,8 @@ use bitwarden_crypto::{ }; use schemars::JsonSchema; use serde::{Deserialize, Serialize}; +#[cfg(feature = "wasm")] +use {tsify_next::Tsify, wasm_bindgen::prelude::*}; use crate::{ client::{encryption_settings::EncryptionSettingsError, LoginMethod, UserLoginMethod}, @@ -16,6 +18,7 @@ use crate::{ #[derive(Serialize, Deserialize, Debug, JsonSchema)] #[serde(rename_all = "camelCase", deny_unknown_fields)] #[cfg_attr(feature = "uniffi", derive(uniffi::Record))] +#[cfg_attr(feature = "wasm", derive(Tsify), tsify(into_wasm_abi, from_wasm_abi))] pub struct InitUserCryptoRequest { /// The user's KDF parameters, as received from the prelogin request pub kdf_params: Kdf, @@ -30,6 +33,7 @@ pub struct InitUserCryptoRequest { #[derive(Serialize, Deserialize, Debug, JsonSchema)] #[serde(rename_all = "camelCase", deny_unknown_fields)] #[cfg_attr(feature = "uniffi", derive(uniffi::Enum))] +#[cfg_attr(feature = "wasm", derive(Tsify), tsify(into_wasm_abi, from_wasm_abi))] pub enum InitUserCryptoMethod { Password { /// The user's master password @@ -73,6 +77,7 @@ pub enum InitUserCryptoMethod { #[derive(Serialize, Deserialize, Debug, JsonSchema)] #[serde(rename_all = "camelCase", deny_unknown_fields)] #[cfg_attr(feature = "uniffi", derive(uniffi::Enum))] +#[cfg_attr(feature = "wasm", derive(Tsify), tsify(into_wasm_abi, from_wasm_abi))] pub enum AuthRequestMethod { UserKey { /// User Key protected by the private key provided in `AuthRequestResponse`. @@ -185,6 +190,7 @@ pub async fn initialize_user_crypto( #[derive(Serialize, Deserialize, Debug, JsonSchema)] #[serde(rename_all = "camelCase", deny_unknown_fields)] #[cfg_attr(feature = "uniffi", derive(uniffi::Record))] +#[cfg_attr(feature = "wasm", derive(Tsify), tsify(into_wasm_abi, from_wasm_abi))] pub struct InitOrgCryptoRequest { /// The encryption keys for all the organizations the user is a part of pub organization_keys: HashMap, diff --git a/crates/bitwarden-crypto/Cargo.toml b/crates/bitwarden-crypto/Cargo.toml index 3254640fe..7671a7762 100644 --- a/crates/bitwarden-crypto/Cargo.toml +++ b/crates/bitwarden-crypto/Cargo.toml @@ -15,6 +15,7 @@ keywords.workspace = true [features] default = [] +wasm = ["dep:tsify-next", "dep:wasm-bindgen"] # WASM support uniffi = ["dep:uniffi"] # Uniffi bindings no-memory-hardening = [] # Disable memory hardening features @@ -42,8 +43,10 @@ sha1 = ">=0.10.5, <0.11" sha2 = ">=0.10.6, <0.11" subtle = ">=2.5.0, <3.0" thiserror = { workspace = true } +tsify-next = { workspace = true, optional = true } uniffi = { workspace = true, optional = true } uuid = { workspace = true } +wasm-bindgen = { workspace = true, optional = true } zeroize = { version = ">=1.7.0, <2.0", features = ["derive", "aarch64"] } [dev-dependencies] diff --git a/crates/bitwarden-crypto/src/enc_string/asymmetric.rs b/crates/bitwarden-crypto/src/enc_string/asymmetric.rs index f9bda838a..9d4f0d635 100644 --- a/crates/bitwarden-crypto/src/enc_string/asymmetric.rs +++ b/crates/bitwarden-crypto/src/enc_string/asymmetric.rs @@ -11,11 +11,16 @@ use crate::{ rsa::encrypt_rsa2048_oaep_sha1, AsymmetricCryptoKey, AsymmetricEncryptable, KeyDecryptable, }; - // This module is a workaround to avoid deprecated warnings that come from the ZeroizeOnDrop // macro expansion #[allow(deprecated)] mod internal { + #[cfg(feature = "wasm")] + #[wasm_bindgen::prelude::wasm_bindgen(typescript_custom_section)] + const TS_CUSTOM_TYPES: &'static str = r#" + export type AsymmetricEncString = string; + "#; + /// # Encrypted string primitive /// /// [AsymmetricEncString] is a Bitwarden specific primitive that represents an asymmetrically diff --git a/crates/bitwarden-crypto/src/enc_string/symmetric.rs b/crates/bitwarden-crypto/src/enc_string/symmetric.rs index 1fc9b3a9d..69711f74a 100644 --- a/crates/bitwarden-crypto/src/enc_string/symmetric.rs +++ b/crates/bitwarden-crypto/src/enc_string/symmetric.rs @@ -11,6 +11,12 @@ use crate::{ KeyDecryptable, KeyEncryptable, LocateKey, SymmetricCryptoKey, }; +#[cfg(feature = "wasm")] +#[wasm_bindgen::prelude::wasm_bindgen(typescript_custom_section)] +const TS_CUSTOM_TYPES: &'static str = r#" +export type EncString = string; +"#; + /// # Encrypted string primitive /// /// [EncString] is a Bitwarden specific primitive that represents a symmetrically encrypted string. diff --git a/crates/bitwarden-crypto/src/keys/master_key.rs b/crates/bitwarden-crypto/src/keys/master_key.rs index fc9762c3c..7a1e49596 100644 --- a/crates/bitwarden-crypto/src/keys/master_key.rs +++ b/crates/bitwarden-crypto/src/keys/master_key.rs @@ -5,6 +5,8 @@ use generic_array::{typenum::U32, GenericArray}; use rand::Rng; use schemars::JsonSchema; use serde::{Deserialize, Serialize}; +#[cfg(feature = "wasm")] +use {tsify_next::Tsify, wasm_bindgen::prelude::*}; use super::utils::{derive_kdf_key, stretch_kdf_key}; use crate::{util, CryptoError, EncString, KeyDecryptable, Result, SymmetricCryptoKey, UserKey}; @@ -16,6 +18,7 @@ use crate::{util, CryptoError, EncString, KeyDecryptable, Result, SymmetricCrypt #[derive(Serialize, Deserialize, Debug, JsonSchema, Clone)] #[serde(rename_all = "camelCase", deny_unknown_fields)] #[cfg_attr(feature = "uniffi", derive(uniffi::Enum))] +#[cfg_attr(feature = "wasm", derive(Tsify), tsify(into_wasm_abi, from_wasm_abi))] pub enum Kdf { PBKDF2 { iterations: NonZeroU32, diff --git a/crates/bitwarden-vault/Cargo.toml b/crates/bitwarden-vault/Cargo.toml index 4c41e139c..3c7757e2f 100644 --- a/crates/bitwarden-vault/Cargo.toml +++ b/crates/bitwarden-vault/Cargo.toml @@ -19,6 +19,7 @@ uniffi = [ "bitwarden-crypto/uniffi", "dep:uniffi", ] # Uniffi bindings +wasm = ["dep:tsify-next", "dep:wasm-bindgen"] # WASM support [dependencies] base64 = ">=0.22.1, <0.23" @@ -38,6 +39,8 @@ sha2 = ">=0.10.6, <0.11" thiserror = { workspace = true } uniffi = { version = "=0.28.1", optional = true } uuid = { workspace = true } +tsify-next = { workspace = true, optional = true } +wasm-bindgen = { workspace = true, optional = true } [dev-dependencies] tokio = { workspace = true, features = ["rt"] } diff --git a/crates/bitwarden-vault/src/folder.rs b/crates/bitwarden-vault/src/folder.rs index c5ab1401b..f57b8ee15 100644 --- a/crates/bitwarden-vault/src/folder.rs +++ b/crates/bitwarden-vault/src/folder.rs @@ -7,12 +7,15 @@ use chrono::{DateTime, Utc}; use schemars::JsonSchema; use serde::{Deserialize, Serialize}; use uuid::Uuid; +#[cfg(feature = "wasm")] +use {tsify_next::Tsify, wasm_bindgen::prelude::*}; use crate::VaultParseError; #[derive(Serialize, Deserialize, Debug, JsonSchema)] #[serde(rename_all = "camelCase")] #[cfg_attr(feature = "uniffi", derive(uniffi::Record))] +#[cfg_attr(feature = "wasm", derive(Tsify), tsify(into_wasm_abi, from_wasm_abi))] pub struct Folder { id: Option, name: EncString, @@ -22,6 +25,7 @@ pub struct Folder { #[derive(Serialize, Deserialize, Debug, JsonSchema)] #[serde(rename_all = "camelCase")] #[cfg_attr(feature = "uniffi", derive(uniffi::Record))] +#[cfg_attr(feature = "wasm", derive(Tsify), tsify(into_wasm_abi, from_wasm_abi))] pub struct FolderView { pub id: Option, pub name: String, diff --git a/crates/bitwarden-wasm-internal/Cargo.toml b/crates/bitwarden-wasm-internal/Cargo.toml index e943daca8..33f8128e7 100644 --- a/crates/bitwarden-wasm-internal/Cargo.toml +++ b/crates/bitwarden-wasm-internal/Cargo.toml @@ -16,6 +16,8 @@ crate-type = ["cdylib"] [dependencies] bitwarden-core = { workspace = true, features = ["wasm", "internal"] } +bitwarden-crypto = { workspace = true, features = ["wasm"] } +bitwarden-vault = { workspace = true, features = ["wasm"] } console_error_panic_hook = "0.1.7" console_log = { version = "1.0.0", features = ["color"] } js-sys = "0.3.68" diff --git a/crates/bitwarden-wasm-internal/src/client.rs b/crates/bitwarden-wasm-internal/src/client.rs index 8f2fa80dd..ac7779b2f 100644 --- a/crates/bitwarden-wasm-internal/src/client.rs +++ b/crates/bitwarden-wasm-internal/src/client.rs @@ -5,6 +5,8 @@ use bitwarden_core::{Client, ClientSettings}; use log::{set_max_level, Level}; use wasm_bindgen::prelude::*; +use crate::{vault::ClientVault, ClientCrypto}; + #[wasm_bindgen] pub enum LogLevel { Trace, @@ -27,7 +29,7 @@ fn convert_level(level: LogLevel) -> Level { // Rc<...> is to avoid needing to take ownership of the Client during our async run_command // function https://github.com/rustwasm/wasm-bindgen/issues/2195#issuecomment-799588401 #[wasm_bindgen] -pub struct BitwardenClient(Rc); +pub struct BitwardenClient(pub(crate) Rc); #[wasm_bindgen] impl BitwardenClient { @@ -54,4 +56,12 @@ impl BitwardenClient { res.text().await.map_err(|e| e.to_string()) } + + pub fn crypto(&self) -> ClientCrypto { + ClientCrypto::new(self.0.clone()) + } + + pub fn vault(&self) -> ClientVault { + ClientVault::new(self.0.clone()) + } } diff --git a/crates/bitwarden-wasm-internal/src/crypto.rs b/crates/bitwarden-wasm-internal/src/crypto.rs new file mode 100644 index 000000000..f1b581964 --- /dev/null +++ b/crates/bitwarden-wasm-internal/src/crypto.rs @@ -0,0 +1,33 @@ +use std::rc::Rc; + +use bitwarden_core::{ + mobile::crypto::{InitOrgCryptoRequest, InitUserCryptoRequest}, + Client, +}; +use wasm_bindgen::prelude::*; + +use crate::error::Result; + +#[wasm_bindgen] +pub struct ClientCrypto(Rc); + +impl ClientCrypto { + pub fn new(client: Rc) -> Self { + Self(client) + } +} + +#[wasm_bindgen] +impl ClientCrypto { + /// Initialization method for the user crypto. Needs to be called before any other crypto + /// operations. + pub async fn initialize_user_crypto(&self, req: InitUserCryptoRequest) -> Result<()> { + Ok(self.0.crypto().initialize_user_crypto(req).await?) + } + + /// Initialization method for the organization crypto. Needs to be called after + /// `initialize_user_crypto` but before any other crypto operations. + pub async fn initialize_org_crypto(&self, req: InitOrgCryptoRequest) -> Result<()> { + Ok(self.0.crypto().initialize_org_crypto(req).await?) + } +} diff --git a/crates/bitwarden-wasm-internal/src/custom_types.rs b/crates/bitwarden-wasm-internal/src/custom_types.rs new file mode 100644 index 000000000..8d20bf85d --- /dev/null +++ b/crates/bitwarden-wasm-internal/src/custom_types.rs @@ -0,0 +1,22 @@ +/// This file contains custom TypeScript for types defined by external crates. +/// Everything in the string below is appended to the generated TypeScript definition file. +#[wasm_bindgen::prelude::wasm_bindgen(typescript_custom_section)] +const TS_CUSTOM_TYPES: &'static str = r#" +export type Uuid = string; + +/** + * RFC3339 compliant date-time string. + * @typeParam T - Not used in JavaScript. + */ +export type DateTime = string; + +/** + * UTC date-time string. Not used in JavaScript. + */ +export type Utc = unknown; + +/** + * An integer that is known not to equal zero. + */ +export type NonZeroU32 = number; +"#; diff --git a/crates/bitwarden-wasm-internal/src/error.js b/crates/bitwarden-wasm-internal/src/error.js new file mode 100644 index 000000000..cd3d3a346 --- /dev/null +++ b/crates/bitwarden-wasm-internal/src/error.js @@ -0,0 +1,13 @@ +/** + * Error thrown by the WASM module. + * @param {string} message - Error message. + * @extends Error + */ +class WasmError extends Error { + constructor(message) { + super(message); + this.name = "WasmError"; + } +} + +exports.WasmError = WasmError; diff --git a/crates/bitwarden-wasm-internal/src/error.rs b/crates/bitwarden-wasm-internal/src/error.rs new file mode 100644 index 000000000..2750d2629 --- /dev/null +++ b/crates/bitwarden-wasm-internal/src/error.rs @@ -0,0 +1,27 @@ +use wasm_bindgen::prelude::*; + +// Importing an error class defined in JavaScript instead of defining it in Rust +// allows us to extend the `Error` class. It also provides much better console output. +#[wasm_bindgen(module = "/src/error.js")] +extern "C" { + type WasmError; + + #[wasm_bindgen(constructor)] + fn new(message: String) -> WasmError; +} + +pub type Result = std::result::Result; + +pub struct GenericError(pub String); + +impl From for GenericError { + fn from(error: T) -> Self { + GenericError(error.to_string()) + } +} + +impl From for JsValue { + fn from(error: GenericError) -> Self { + WasmError::new(error.0).into() + } +} diff --git a/crates/bitwarden-wasm-internal/src/lib.rs b/crates/bitwarden-wasm-internal/src/lib.rs index b79c47fca..6367ff317 100644 --- a/crates/bitwarden-wasm-internal/src/lib.rs +++ b/crates/bitwarden-wasm-internal/src/lib.rs @@ -1 +1,9 @@ mod client; +mod crypto; +mod custom_types; +mod error; +mod vault; + +pub use client::BitwardenClient; +pub use crypto::ClientCrypto; +pub use vault::{folders::ClientFolders, ClientVault}; diff --git a/crates/bitwarden-wasm-internal/src/vault/folders.rs b/crates/bitwarden-wasm-internal/src/vault/folders.rs new file mode 100644 index 000000000..652892694 --- /dev/null +++ b/crates/bitwarden-wasm-internal/src/vault/folders.rs @@ -0,0 +1,24 @@ +use std::rc::Rc; + +use bitwarden_core::Client; +use bitwarden_vault::{ClientVaultExt, Folder, FolderView}; +use wasm_bindgen::prelude::*; + +use crate::error::Result; + +#[wasm_bindgen] +pub struct ClientFolders(Rc); + +impl ClientFolders { + pub fn new(client: Rc) -> Self { + Self(client) + } +} + +#[wasm_bindgen] +impl ClientFolders { + /// Decrypt folder + pub fn decrypt(&self, folder: Folder) -> Result { + Ok(self.0.vault().folders().decrypt(folder)?) + } +} diff --git a/crates/bitwarden-wasm-internal/src/vault/mod.rs b/crates/bitwarden-wasm-internal/src/vault/mod.rs new file mode 100644 index 000000000..11db0e130 --- /dev/null +++ b/crates/bitwarden-wasm-internal/src/vault/mod.rs @@ -0,0 +1,24 @@ +pub mod folders; + +use std::rc::Rc; + +use bitwarden_core::Client; +use wasm_bindgen::prelude::*; + +use crate::ClientFolders; + +#[wasm_bindgen] +pub struct ClientVault(Rc); + +impl ClientVault { + pub fn new(client: Rc) -> Self { + Self(client) + } +} + +#[wasm_bindgen] +impl ClientVault { + pub fn folders(&self) -> ClientFolders { + ClientFolders::new(self.0.clone()) + } +} diff --git a/languages/js/sdk-internal/.gitignore b/languages/js/sdk-internal/.gitignore index ef69b9de9..99cddcd21 100644 --- a/languages/js/sdk-internal/.gitignore +++ b/languages/js/sdk-internal/.gitignore @@ -1,3 +1,4 @@ +**/snippets/**/*.js bitwarden_wasm_internal_bg.js bitwarden_wasm_internal_bg.wasm bitwarden_wasm_internal_bg.wasm.d.ts