Unify WASM crypto client with mobile #226
Conversation
|
Great job, no security vulnerabilities found in this Pull Request |
|
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #226 +/- ##
==========================================
+ Coverage 70.29% 70.36% +0.07%
==========================================
Files 216 215 -1
Lines 17060 17043 -17
==========================================
+ Hits 11992 11993 +1
+ Misses 5068 5050 -18 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
# Conflicts: # Cargo.lock # crates/bitwarden-core/src/mobile/crypto.rs # crates/bitwarden-wasm-internal/src/client.rs # crates/bitwarden-wasm-internal/src/lib.rs
There was a problem hiding this comment.
suggestion: Could we lift this out of mobile?
There was a problem hiding this comment.
Sounds reasonable yeah, do you think we should just lift it into the root? Or maybe into the key-management folder?
There was a problem hiding this comment.
I think we can lift it into KM, @quexten would you be alright with that, I think everything currently falls under KM domain.
There was a problem hiding this comment.
Seems reasonable!
My question here (non-blocking, but needs clarification): Does key-management (the folder) really refer to the KM team, or the key-management capabilities (key store, key context) of the sdk?
The KM domain is not directly the same (Biometrics, Crypto Primitives).
There was a problem hiding this comment.
So the way I'm thinking about this is like this:
The crypto client that I'm moving to the key_management folder is mostly a thin compatibility layer on top of the bitwarden-crypto types to make the functionality more usable for FFI (By exposing a client, instead of relying on types like MasterKey, etc, which aren't usable in FFI). In that sense, once KM officially owns bitwarden-crypto, this folder should come with, as it's fairly tied to the API exposed by bitwarden-crypto. In the future, if we find a way to expose the normal bitwarden-crypto API through FFI this module could be removed.
The other thing in the key_management folder is the definition of KeyIds used by the Key Store from bitwarden-crypto. I think of this and the Key Store as part of KM's field to expose safe to use crypto, so in my mind it would be part of your domain. The reason I defined these outside the crypto crate was to ensure the system was generic and easily expandable, but I'm not sure if that's worth it. If not, we can always move it into bitwarden-crypto directly and simplify ownership.
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [sonarsource/sonarqube-scan-action](https://redirect.github.com/sonarsource/sonarqube-scan-action) | action | major | `v4.2.1` -> `v5.2.0` | --- ### Release Notes <details> <summary>sonarsource/sonarqube-scan-action (sonarsource/sonarqube-scan-action)</summary> ### [`v5.2.0`](https://redirect.github.com/SonarSource/sonarqube-scan-action/releases/tag/v5.2.0) [Compare Source](https://redirect.github.com/sonarsource/sonarqube-scan-action/compare/v5.1.0...v5.2.0) ##### What's Changed - SQSCANGHA-90 remove mend dead conf by [@​pierre-guillot-gh](https://redirect.github.com/pierre-guillot-gh) in [https://github.com/SonarSource/sonarqube-scan-action/pull/184](https://redirect.github.com/SonarSource/sonarqube-scan-action/pull/184) - SQSCANGHA-89 Attempt to fix command injection by [@​henryju](https://redirect.github.com/henryju) in [https://github.com/SonarSource/sonarqube-scan-action/pull/186](https://redirect.github.com/SonarSource/sonarqube-scan-action/pull/186) - SQSCANGHA-93 Fix madhead/semver-utils' version by [@​csaba-feher-sonarsource](https://redirect.github.com/csaba-feher-sonarsource) in [https://github.com/SonarSource/sonarqube-scan-action/pull/187](https://redirect.github.com/SonarSource/sonarqube-scan-action/pull/187) - SQSCANGHA-94 Update version update logic by [@​csaba-feher-sonarsource](https://redirect.github.com/csaba-feher-sonarsource) in [https://github.com/SonarSource/sonarqube-scan-action/pull/188](https://redirect.github.com/SonarSource/sonarqube-scan-action/pull/188) - SQSCANGHA-92 Validate scanner version by [@​csaba-feher-sonarsource](https://redirect.github.com/csaba-feher-sonarsource) in [https://github.com/SonarSource/sonarqube-scan-action/pull/189](https://redirect.github.com/SonarSource/sonarqube-scan-action/pull/189) **Full Changelog**: SonarSource/sonarqube-scan-action@v5...v5.2.0 ### [`v5.1.0`](https://redirect.github.com/SonarSource/sonarqube-scan-action/releases/tag/v5.1.0) [Compare Source](https://redirect.github.com/sonarsource/sonarqube-scan-action/compare/v5.0.0...v5.1.0) #### What's Changed - Update SonarScanner CLI to 7.1.0.4889 to support sonar.region=us by [@​github-actions](https://redirect.github.com/github-actions) in [https://github.com/SonarSource/sonarqube-scan-action/pull/183](https://redirect.github.com/SonarSource/sonarqube-scan-action/pull/183) **Full Changelog**: SonarSource/sonarqube-scan-action@v5.0.0...v5.1.0 ### [`v5.0.0`](https://redirect.github.com/SonarSource/sonarqube-scan-action/releases/tag/v5.0.0) [Compare Source](https://redirect.github.com/sonarsource/sonarqube-scan-action/compare/v4.2.1...v5.0.0) ##### What's Changed - SQSCANGHA-81 Update SonarScanner CLI to 7.0.2.4839 by [@​github-actions](https://redirect.github.com/github-actions) in [https://github.com/SonarSource/sonarqube-scan-action/pull/175](https://redirect.github.com/SonarSource/sonarqube-scan-action/pull/175) **Full Changelog**: SonarSource/sonarqube-scan-action@v4...v5.0.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "every 2nd week starting on the 2 week of the year before 4am on Monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/bitwarden/sdk-internal). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MC4xNi4wIiwidXBkYXRlZEluVmVyIjoiNDAuMTYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
## 🎟️ Tracking <!-- Paste the link to the Jira or GitHub issue or otherwise describe / point to where this change is coming from. --> ## 📔 Objective <!-- Describe what the purpose of this PR is, for example what bug you're fixing or new feature you're adding. --> This is an old type we created before we supported `EncString` as an FFI type. ## ⏰ Reminders before review - Contributor guidelines followed - All formatters and local linters executed and passed - Written new unit and / or integration tests where applicable - Protected functional changes with optionality (feature flags) - Used internationalization (i18n) for all UI strings - CI builds passed - Communicated to DevOps any deployment requirements - Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team ## 🦮 Reviewer guidelines <!-- Suggested interactions but feel free to use (or not) as you desire! --> - 👍 (`:+1:`) or similar for great changes - 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info - ❓ (`:question:`) for questions - 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion - 🎨 (`:art:`) for suggestions / improvements - ❌ (`:x:`) or⚠️ (`:warning:`) for more significant problems or concerns needing attention - 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or indications of technical debt - ⛏ (`:pick:`) for minor or nitpick changes
# Conflicts: # crates/bitwarden-wasm-internal/src/client.rs # crates/bitwarden-wasm-internal/src/crypto.rs
|
🎟️ Tracking
📔 Objective
With the removal of the lifetimes of the clients, we can remove the wasm-specific crypto client and instead use the one in bitwarden-core.
⏰ Reminders before review
team
🦮 Reviewer guidelines
:+1:) or similar for great changes:memo:) or ℹ️ (:information_source:) for notes or general info:question:) for questions:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmedissue and could potentially benefit from discussion
:art:) for suggestions / improvements:x:) or:warning:) for more significant problems or concerns needing attention:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt:pick:) for minor or nitpick changes