Merge branch 'main' of github.com:bitwarden/sdk-internal into arch/more-uuids

# Conflicts:
#	crates/bitwarden-core/src/client/encryption_settings.rs
#	crates/bitwarden-core/src/client/internal.rs

Author: Hinton

.github/workflows/rust-test.yml

@@ -74,7 +74,7 @@ jobs:
         run: cargo install wasm-bindgen-cli --version 0.2.100
 
       - name: Test WASM
-        run: cargo test --target wasm32-unknown-unknown -p bitwarden-wasm-internal -p bitwarden-threading -p bitwarden-error --all-features
+        run: cargo test --target wasm32-unknown-unknown -p bitwarden-wasm-internal -p bitwarden-threading -p bitwarden-error -p bitwarden-uuid --all-features
 
   coverage:
     name: Coverage

.github/workflows/scan.yml

@@ -74,7 +74,7 @@ jobs:
           ref: ${{  github.event.pull_request.head.sha }}
 
       - name: Scan with SonarCloud
-        uses: sonarsource/sonarqube-scan-action@bfd4e558cda28cda6b5defafb9232d191be8c203 # v4.2.1
+        uses: sonarsource/sonarqube-scan-action@2500896589ef8f7247069a56136f8dc177c27ccf # v5.2.0
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
         with:

Cargo.lock

@@ -66,10 +66,11 @@ tsify-next = { version = ">=0.5.4, <0.6", features = [
 ], default-features = false }
 uniffi = "=0.29.1"
 uuid = { version = ">=1.3.3, <2.0", features = ["serde", "v4", "js"] }
-validator = { version = ">=0.18.1, <0.20", features = ["derive"] }
+validator = { version = ">=0.18.1, <0.21", features = ["derive"] }
 wasm-bindgen = { version = ">=0.2.91, <0.3", features = ["serde-serialize"] }
 wasm-bindgen-futures = "0.4.41"
 wasm-bindgen-test = "0.3.45"
+serde-wasm-bindgen = ">=0.6.0, <0.7"
 
 # There is an incompatibility when using pkcs5 and chacha20 on wasm builds. This can be removed once a new
 # rustcrypto-formats crate version is released since the fix has been upstreamed.

Cargo.toml

@@ -221,7 +221,7 @@ mod tests {
         let email = "[email protected]";
 
         let user_key = "2.Q/2PhzcC7GdeiMHhWguYAQ==|GpqzVdr0go0ug5cZh1n+uixeBC3oC90CIe0hd/HWA/pTRDZ8ane4fmsEIcuc8eMKUt55Y2q/fbNzsYu41YTZzzsJUSeqVjT8/iTQtgnNdpo=|dwI+uyvZ1h/iZ03VQ+/wrGEFYVewBUUl/syYgjsNMbE=".parse().unwrap();
-        let private_key = "2.yN7l00BOlUE0Sb0M//Q53w==|EwKG/BduQRQ33Izqc/ogoBROIoI5dmgrxSo82sgzgAMIBt3A2FZ9vPRMY+GWT85JiqytDitGR3TqwnFUBhKUpRRAq4x7rA6A1arHrFp5Tp1p21O3SfjtvB3quiOKbqWk6ZaU1Np9HwqwAecddFcB0YyBEiRX3VwF2pgpAdiPbSMuvo2qIgyob0CUoC/h4Bz1be7Qa7B0Xw9/fMKkB1LpOm925lzqosyMQM62YpMGkjMsbZz0uPopu32fxzDWSPr+kekNNyLt9InGhTpxLmq1go/pXR2uw5dfpXc5yuta7DB0EGBwnQ8Vl5HPdDooqOTD9I1jE0mRyuBpWTTI3FRnu3JUh3rIyGBJhUmHqGZvw2CKdqHCIrQeQkkEYqOeJRJVdBjhv5KGJifqT3BFRwX/YFJIChAQpebNQKXe/0kPivWokHWwXlDB7S7mBZzhaAPidZvnuIhalE2qmTypDwHy22FyqV58T8MGGMchcASDi/QXI6kcdpJzPXSeU9o+NC68QDlOIrMVxKFeE7w7PvVmAaxEo0YwmuAzzKy9QpdlK0aab/xEi8V4iXj4hGepqAvHkXIQd+r3FNeiLfllkb61p6WTjr5urcmDQMR94/wYoilpG5OlybHdbhsYHvIzYoLrC7fzl630gcO6t4nM24vdB6Ymg9BVpEgKRAxSbE62Tqacxqnz9AcmgItb48NiR/He3n3ydGjPYuKk/ihZMgEwAEZvSlNxYONSbYrIGDtOY+8Nbt6KiH3l06wjZW8tcmFeVlWv+tWotnTY9IqlAfvNVTjtsobqtQnvsiDjdEVtNy/s2ci5TH+NdZluca2OVEr91Wayxh70kpM6ib4UGbfdmGgCo74gtKvKSJU0rTHakQ5L9JlaSDD5FamBRyI0qfL43Ad9qOUZ8DaffDCyuaVyuqk7cz9HwmEmvWU3VQ+5t06n/5kRDXttcw8w+3qClEEdGo1KeENcnXCB32dQe3tDTFpuAIMLqwXs6FhpawfZ5kPYvLPczGWaqftIs/RXJ/EltGc0ugw2dmTLpoQhCqrcKEBDoYVk0LDZKsnzitOGdi9mOWse7Se8798ib1UsHFUjGzISEt6upestxOeupSTOh0v4+AjXbDzRUyogHww3V+Bqg71bkcMxtB+WM+pn1XNbVTyl9NR040nhP7KEf6e9ruXAtmrBC2ah5cFEpLIot77VFZ9ilLuitSz+7T8n1yAh1IEG6xxXxninAZIzi2qGbH69O5RSpOJuJTv17zTLJQIIc781JwQ2TTwTGnx5wZLbffhCasowJKd2EVcyMJyhz6ru0PvXWJ4hUdkARJs3Xu8dus9a86N8Xk6aAPzBDqzYb1vyFIfBxP0oO8xFHgd30Cgmz8UrSE3qeWRrF8ftrI6xQnFjHBGWD/JWSvd6YMcQED0aVuQkuNW9ST/DzQThPzRfPUoiL10yAmV7Ytu4fR3x2sF0Yfi87YhHFuCMpV/DsqxmUizyiJuD938eRcH8hzR/VO53Qo3UIsqOLcyXtTv6THjSlTopQ+JOLOnHm1w8dzYbLN44OG44rRsbihMUQp+wUZ6bsI8rrOnm9WErzkbQFbrfAINdoCiNa6cimYIjvvnMTaFWNymqY1vZxGztQiMiHiHYwTfwHTXrb9j0uPM=|09J28iXv9oWzYtzK2LBT6Yht4IT4MijEkk0fwFdrVQ4=";
+        let private_key: EncString = "2.yN7l00BOlUE0Sb0M//Q53w==|EwKG/BduQRQ33Izqc/ogoBROIoI5dmgrxSo82sgzgAMIBt3A2FZ9vPRMY+GWT85JiqytDitGR3TqwnFUBhKUpRRAq4x7rA6A1arHrFp5Tp1p21O3SfjtvB3quiOKbqWk6ZaU1Np9HwqwAecddFcB0YyBEiRX3VwF2pgpAdiPbSMuvo2qIgyob0CUoC/h4Bz1be7Qa7B0Xw9/fMKkB1LpOm925lzqosyMQM62YpMGkjMsbZz0uPopu32fxzDWSPr+kekNNyLt9InGhTpxLmq1go/pXR2uw5dfpXc5yuta7DB0EGBwnQ8Vl5HPdDooqOTD9I1jE0mRyuBpWTTI3FRnu3JUh3rIyGBJhUmHqGZvw2CKdqHCIrQeQkkEYqOeJRJVdBjhv5KGJifqT3BFRwX/YFJIChAQpebNQKXe/0kPivWokHWwXlDB7S7mBZzhaAPidZvnuIhalE2qmTypDwHy22FyqV58T8MGGMchcASDi/QXI6kcdpJzPXSeU9o+NC68QDlOIrMVxKFeE7w7PvVmAaxEo0YwmuAzzKy9QpdlK0aab/xEi8V4iXj4hGepqAvHkXIQd+r3FNeiLfllkb61p6WTjr5urcmDQMR94/wYoilpG5OlybHdbhsYHvIzYoLrC7fzl630gcO6t4nM24vdB6Ymg9BVpEgKRAxSbE62Tqacxqnz9AcmgItb48NiR/He3n3ydGjPYuKk/ihZMgEwAEZvSlNxYONSbYrIGDtOY+8Nbt6KiH3l06wjZW8tcmFeVlWv+tWotnTY9IqlAfvNVTjtsobqtQnvsiDjdEVtNy/s2ci5TH+NdZluca2OVEr91Wayxh70kpM6ib4UGbfdmGgCo74gtKvKSJU0rTHakQ5L9JlaSDD5FamBRyI0qfL43Ad9qOUZ8DaffDCyuaVyuqk7cz9HwmEmvWU3VQ+5t06n/5kRDXttcw8w+3qClEEdGo1KeENcnXCB32dQe3tDTFpuAIMLqwXs6FhpawfZ5kPYvLPczGWaqftIs/RXJ/EltGc0ugw2dmTLpoQhCqrcKEBDoYVk0LDZKsnzitOGdi9mOWse7Se8798ib1UsHFUjGzISEt6upestxOeupSTOh0v4+AjXbDzRUyogHww3V+Bqg71bkcMxtB+WM+pn1XNbVTyl9NR040nhP7KEf6e9ruXAtmrBC2ah5cFEpLIot77VFZ9ilLuitSz+7T8n1yAh1IEG6xxXxninAZIzi2qGbH69O5RSpOJuJTv17zTLJQIIc781JwQ2TTwTGnx5wZLbffhCasowJKd2EVcyMJyhz6ru0PvXWJ4hUdkARJs3Xu8dus9a86N8Xk6aAPzBDqzYb1vyFIfBxP0oO8xFHgd30Cgmz8UrSE3qeWRrF8ftrI6xQnFjHBGWD/JWSvd6YMcQED0aVuQkuNW9ST/DzQThPzRfPUoiL10yAmV7Ytu4fR3x2sF0Yfi87YhHFuCMpV/DsqxmUizyiJuD938eRcH8hzR/VO53Qo3UIsqOLcyXtTv6THjSlTopQ+JOLOnHm1w8dzYbLN44OG44rRsbihMUQp+wUZ6bsI8rrOnm9WErzkbQFbrfAINdoCiNa6cimYIjvvnMTaFWNymqY1vZxGztQiMiHiHYwTfwHTXrb9j0uPM=|09J28iXv9oWzYtzK2LBT6Yht4IT4MijEkk0fwFdrVQ4=".parse().unwrap();
 
         // Initialize an existing client which is unlocked
         let existing_device = Client::new(None);
@@ -230,7 +230,7 @@ mod tests {
 
         existing_device
             .internal
-            .initialize_user_crypto_master_key(master_key, user_key, private_key.parse().unwrap())
+            .initialize_user_crypto_master_key(master_key, user_key, private_key.clone())
             .unwrap();
 
         // Initialize a new device which will request to be logged in
@@ -247,7 +247,7 @@ mod tests {
                 user_id: Some(UserId::new_v4()),
                 kdf_params: kdf,
                 email: email.to_owned(),
-                private_key: private_key.to_owned(),
+                private_key,
                 method: InitUserCryptoMethod::AuthRequest {
                     request_private_key: auth_req.private_key,
                     method: AuthRequestMethod::UserKey {

crates/bitwarden-core/src/auth/auth_request.rs

@@ -118,7 +118,7 @@ pub(crate) async fn complete_auth_request(
                 user_id: None,
                 kdf_params: kdf,
                 email: auth_req.email,
-                private_key: require!(r.private_key),
+                private_key: require!(r.private_key).parse()?,
                 method: InitUserCryptoMethod::AuthRequest {
                     request_private_key: auth_req.private_key,
                     method,

crates/bitwarden-core/src/auth/login/auth_request.rs

@@ -7,14 +7,11 @@ use serde::{Deserialize, Serialize};
 
 use crate::auth::{
     api::response::IdentityTokenResponse,
-    login::{
-        response::{captcha_response::CaptchaResponse, two_factor::TwoFactorProviders},
-        LoginError,
-    },
+    login::response::{captcha_response::CaptchaResponse, two_factor::TwoFactorProviders},
 };
 #[cfg(feature = "internal")]
 use crate::{
-    auth::{api::request::PasswordTokenRequest, login::TwoFactorRequest},
+    auth::{api::request::PasswordTokenRequest, login::LoginError, login::TwoFactorRequest},
     client::LoginMethod,
     Client,
 };

crates/bitwarden-core/src/auth/login/password.rs

@@ -3,7 +3,7 @@ use bitwarden_api_identity::{
     models::{KeysRequestModel, RegisterRequestModel},
 };
 use bitwarden_crypto::{
-    default_pbkdf2_iterations, CryptoError, HashPurpose, Kdf, MasterKey, RsaKeyPair,
+    default_pbkdf2_iterations, CryptoError, EncString, HashPurpose, Kdf, MasterKey, RsaKeyPair,
 };
 use serde::{Deserialize, Serialize};
 use thiserror::Error;
@@ -76,14 +76,14 @@ pub(super) fn make_register_keys(
 
     Ok(RegisterKeyResponse {
         master_password_hash,
-        encrypted_user_key: encrypted_user_key.to_string(),
+        encrypted_user_key,
         keys,
     })
 }
 
 #[cfg_attr(feature = "uniffi", derive(uniffi::Record))]
 pub struct RegisterKeyResponse {
     pub master_password_hash: String,
-    pub encrypted_user_key: String,
+    pub encrypted_user_key: EncString,
     pub keys: RsaKeyPair,
 }

crates/bitwarden-core/src/auth/register.rs

@@ -1,16 +1,17 @@
-use bitwarden_crypto::{AsymmetricCryptoKey, KeyStore, SymmetricCryptoKey};
 #[cfg(feature = "internal")]
-use bitwarden_crypto::{EncString, UnsignedSharedKey};
+use bitwarden_crypto::{AsymmetricCryptoKey, EncString, UnsignedSharedKey};
+#[cfg(any(feature = "internal", feature = "secrets"))]
+use bitwarden_crypto::{KeyStore, SymmetricCryptoKey};
 use bitwarden_error::bitwarden_error;
 use thiserror::Error;
 
+#[cfg(feature = "internal")]
+use crate::key_management::AsymmetricKeyId;
+#[cfg(any(feature = "internal", feature = "secrets"))]
+use crate::key_management::{KeyIds, SymmetricKeyId};
 #[cfg(any(feature = "secrets", feature = "internal"))]
 use crate::OrganizationId;
-use crate::{
-    error::UserIdAlreadySetError,
-    key_management::{AsymmetricKeyId, KeyIds, SymmetricKeyId},
-    MissingPrivateKeyError, VaultLockedError,
-};
+use crate::{error::UserIdAlreadySetError, MissingPrivateKeyError, VaultLockedError};
 
 #[bitwarden_error(flat)]
 #[derive(Debug, Error)]

crates/bitwarden-core/src/client/encryption_settings.rs

@@ -9,12 +9,11 @@ use chrono::Utc;
 
 #[cfg(feature = "secrets")]
 use super::login_method::ServiceAccountLoginMethod;
+#[cfg(any(feature = "internal", feature = "secrets"))]
+use crate::client::encryption_settings::EncryptionSettings;
 use crate::{
-    auth::renew::renew_token,
-    client::{encryption_settings::EncryptionSettings, login_method::LoginMethod},
-    error::UserIdAlreadySetError,
-    key_management::KeyIds,
-    DeviceType, UserId,
+    auth::renew::renew_token, client::login_method::LoginMethod, error::UserIdAlreadySetError,
+    key_management::KeyIds, DeviceType, UserId,
 };
 #[cfg(feature = "internal")]
 use crate::{