diff --git a/Cargo.lock b/Cargo.lock index 375bf3687..f4aa8633a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -635,7 +635,8 @@ dependencies = [ "sha1", "sha2 0.10.9", "subtle", - "thiserror 1.0.69", + "thiserror 2.0.12", + "tracing", "tsify", "typenum", "uniffi", @@ -1008,6 +1009,7 @@ dependencies = [ "subtle", "thiserror 1.0.69", "tokio", + "tracing", "tsify", "uniffi", "uuid", diff --git a/crates/bitwarden-core/src/client/encryption_settings.rs b/crates/bitwarden-core/src/client/encryption_settings.rs index 629d2a222..826cdbf76 100644 --- a/crates/bitwarden-core/src/client/encryption_settings.rs +++ b/crates/bitwarden-core/src/client/encryption_settings.rs @@ -6,6 +6,8 @@ use bitwarden_crypto::SymmetricCryptoKey; use bitwarden_crypto::UnsignedSharedKey; use bitwarden_error::bitwarden_error; use thiserror::Error; +#[cfg(feature = "internal")] +use tracing::instrument; #[cfg(any(feature = "secrets", feature = "internal"))] use crate::OrganizationId; @@ -54,6 +56,7 @@ impl EncryptionSettings { } #[cfg(feature = "internal")] + #[instrument(err, skip_all)] pub(crate) fn set_org_keys( org_enc_keys: Vec<(OrganizationId, UnsignedSharedKey)>, store: &KeyStore, diff --git a/crates/bitwarden-core/src/client/internal.rs b/crates/bitwarden-core/src/client/internal.rs index b1609c624..73d5d0aee 100644 --- a/crates/bitwarden-core/src/client/internal.rs +++ b/crates/bitwarden-core/src/client/internal.rs @@ -10,6 +10,8 @@ use bitwarden_crypto::{ #[cfg(feature = "internal")] use bitwarden_state::registry::StateRegistry; use chrono::Utc; +#[cfg(feature = "internal")] +use tracing::instrument; #[cfg(any(feature = "internal", feature = "secrets"))] use crate::client::encryption_settings::EncryptionSettings; @@ -268,6 +270,7 @@ impl InternalClient { } #[cfg(feature = "internal")] + #[instrument(err, skip_all)] pub(crate) fn initialize_user_crypto_master_key( &self, master_key: MasterKey, @@ -279,6 +282,7 @@ impl InternalClient { } #[cfg(feature = "internal")] + #[instrument(err, skip_all, fields(user_id = ?self.get_user_id()))] pub(crate) fn initialize_user_crypto_decrypted_key( &self, user_key: SymmetricCryptoKey, @@ -292,6 +296,7 @@ impl InternalClient { } #[cfg(feature = "internal")] + #[instrument(err, skip_all)] pub(crate) fn initialize_user_crypto_pin( &self, pin_key: PinKey, @@ -303,6 +308,7 @@ impl InternalClient { } #[cfg(feature = "internal")] + #[instrument(err, skip_all)] pub(crate) fn initialize_user_crypto_pin_envelope( &self, pin: String, @@ -345,6 +351,7 @@ impl InternalClient { } #[cfg(feature = "internal")] + #[instrument(err, skip_all)] pub(crate) fn initialize_user_crypto_master_password_unlock( &self, password: String, diff --git a/crates/bitwarden-core/src/key_management/crypto.rs b/crates/bitwarden-core/src/key_management/crypto.rs index f6287de13..040668b2f 100644 --- a/crates/bitwarden-core/src/key_management/crypto.rs +++ b/crates/bitwarden-core/src/key_management/crypto.rs @@ -18,6 +18,7 @@ use bitwarden_encoding::B64; use bitwarden_error::bitwarden_error; use schemars::JsonSchema; use serde::{Deserialize, Serialize}; +use tracing::info; #[cfg(feature = "wasm")] use {tsify::Tsify, wasm_bindgen::prelude::*}; @@ -165,14 +166,21 @@ pub(super) async fn initialize_user_crypto( client.internal.init_user_id(user_id)?; } - let key_state = req.account_cryptographic_state; + let account_crypto_state = req.account_cryptographic_state.to_owned(); + let _span_guard = tracing::info_span!( + "User Crypto Initialization", + user_id = ?client.internal.get_user_id(), + ) + .entered(); match req.method { InitUserCryptoMethod::Password { password, user_key } => { let master_key = MasterKey::derive(&password, &req.email, &req.kdf_params)?; - client - .internal - .initialize_user_crypto_master_key(master_key, user_key, key_state)?; + client.internal.initialize_user_crypto_master_key( + master_key, + user_key, + account_crypto_state, + )?; } InitUserCryptoMethod::MasterPasswordUnlock { password, @@ -183,14 +191,14 @@ pub(super) async fn initialize_user_crypto( .initialize_user_crypto_master_password_unlock( password, master_password_unlock, - key_state, + account_crypto_state, )?; } InitUserCryptoMethod::DecryptedKey { decrypted_user_key } => { let user_key = SymmetricCryptoKey::try_from(decrypted_user_key)?; client .internal - .initialize_user_crypto_decrypted_key(user_key, key_state)?; + .initialize_user_crypto_decrypted_key(user_key, account_crypto_state)?; } InitUserCryptoMethod::Pin { pin, @@ -200,7 +208,7 @@ pub(super) async fn initialize_user_crypto( client.internal.initialize_user_crypto_pin( pin_key, pin_protected_user_key, - key_state, + account_crypto_state, )?; } InitUserCryptoMethod::PinEnvelope { @@ -210,7 +218,7 @@ pub(super) async fn initialize_user_crypto( client.internal.initialize_user_crypto_pin_envelope( pin, pin_protected_user_key_envelope, - key_state, + account_crypto_state, )?; } InitUserCryptoMethod::AuthRequest { @@ -232,7 +240,7 @@ pub(super) async fn initialize_user_crypto( }; client .internal - .initialize_user_crypto_decrypted_key(user_key, key_state)?; + .initialize_user_crypto_decrypted_key(user_key, account_crypto_state)?; } InitUserCryptoMethod::DeviceKey { device_key, @@ -245,7 +253,7 @@ pub(super) async fn initialize_user_crypto( client .internal - .initialize_user_crypto_decrypted_key(user_key, key_state)?; + .initialize_user_crypto_decrypted_key(user_key, account_crypto_state)?; } InitUserCryptoMethod::KeyConnector { master_key, @@ -254,12 +262,16 @@ pub(super) async fn initialize_user_crypto( let mut bytes = master_key.into_bytes(); let master_key = MasterKey::try_from(bytes.as_mut_slice())?; - client - .internal - .initialize_user_crypto_master_key(master_key, user_key, key_state)?; + client.internal.initialize_user_crypto_master_key( + master_key, + user_key, + account_crypto_state, + )?; } } + info!("User crypto initialized successfully"); + client .internal .set_login_method(LoginMethod::User(UserLoginMethod::Username { diff --git a/crates/bitwarden-crypto/Cargo.toml b/crates/bitwarden-crypto/Cargo.toml index 8b6b57ebd..0075d94ab 100644 --- a/crates/bitwarden-crypto/Cargo.toml +++ b/crates/bitwarden-crypto/Cargo.toml @@ -57,6 +57,7 @@ sha1 = { workspace = true } sha2 = ">=0.10.6, <0.11" subtle = { workspace = true } thiserror = { workspace = true } +tracing = { workspace = true } tsify = { workspace = true, optional = true } typenum = ">=1.18.0, <1.19.0" uniffi = { workspace = true, optional = true } diff --git a/crates/bitwarden-crypto/src/cose.rs b/crates/bitwarden-crypto/src/cose.rs index 957c9282c..2fcc408c3 100644 --- a/crates/bitwarden-crypto/src/cose.rs +++ b/crates/bitwarden-crypto/src/cose.rs @@ -9,6 +9,7 @@ use coset::{ }; use generic_array::GenericArray; use thiserror::Error; +use tracing::instrument; use typenum::U32; use crate::{ @@ -135,6 +136,7 @@ const SYMMETRIC_KEY: Label = Label::Int(iana::SymmetricKeyParameter::K as i64); impl TryFrom<&coset::CoseKey> for SymmetricCryptoKey { type Error = CryptoError; + #[instrument(err, skip_all)] fn try_from(cose_key: &coset::CoseKey) -> Result { let key_bytes = cose_key .params diff --git a/crates/bitwarden-crypto/src/enc_string/symmetric.rs b/crates/bitwarden-crypto/src/enc_string/symmetric.rs index 12d47d4da..d00827187 100644 --- a/crates/bitwarden-crypto/src/enc_string/symmetric.rs +++ b/crates/bitwarden-crypto/src/enc_string/symmetric.rs @@ -3,6 +3,7 @@ use std::{borrow::Cow, str::FromStr}; use bitwarden_encoding::{B64, FromStrVisitor}; use coset::{CborSerializable, iana::KeyOperation}; use serde::Deserialize; +use tracing::instrument; #[cfg(feature = "wasm")] use wasm_bindgen::convert::FromWasmAbi; @@ -367,6 +368,7 @@ impl KeyEncryptable for &str { } impl KeyDecryptable for EncString { + #[instrument(err, skip_all)] fn decrypt_with_key(&self, key: &SymmetricCryptoKey) -> Result { let dec: Vec = self.decrypt_with_key(key)?; String::from_utf8(dec).map_err(|_| CryptoError::InvalidUtf8String) diff --git a/crates/bitwarden-crypto/src/traits/decryptable.rs b/crates/bitwarden-crypto/src/traits/decryptable.rs index e517fdf61..68c051b3b 100644 --- a/crates/bitwarden-crypto/src/traits/decryptable.rs +++ b/crates/bitwarden-crypto/src/traits/decryptable.rs @@ -1,3 +1,5 @@ +use tracing::instrument; + use crate::{CryptoError, EncString, KeyId, KeyIds, store::KeyStoreContext}; /// A decryption operation that takes the input value and decrypts it into the output value. @@ -9,6 +11,7 @@ pub trait Decryptable { } impl Decryptable> for EncString { + #[instrument(err, skip_all)] fn decrypt( &self, ctx: &mut KeyStoreContext, @@ -19,6 +22,7 @@ impl Decryptable> for EncString { } impl Decryptable for EncString { + #[instrument(err, skip_all)] fn decrypt( &self, ctx: &mut KeyStoreContext, diff --git a/crates/bitwarden-vault/Cargo.toml b/crates/bitwarden-vault/Cargo.toml index 24385e6ec..22139f29b 100644 --- a/crates/bitwarden-vault/Cargo.toml +++ b/crates/bitwarden-vault/Cargo.toml @@ -53,6 +53,7 @@ sha1 = ">=0.10.5, <0.11" sha2 = ">=0.10.6, <0.11" subtle = { workspace = true } thiserror = { workspace = true } +tracing = { workspace = true } tsify = { workspace = true, optional = true } uniffi = { workspace = true, optional = true } uuid = { workspace = true } diff --git a/crates/bitwarden-vault/src/cipher/cipher.rs b/crates/bitwarden-vault/src/cipher/cipher.rs index fdf60f753..fc4bf1355 100644 --- a/crates/bitwarden-vault/src/cipher/cipher.rs +++ b/crates/bitwarden-vault/src/cipher/cipher.rs @@ -22,6 +22,7 @@ use chrono::{DateTime, SecondsFormat, Utc}; use serde::{Deserialize, Serialize}; use serde_repr::{Deserialize_repr, Serialize_repr}; use thiserror::Error; +use tracing::instrument; #[cfg(feature = "wasm")] use tsify::Tsify; #[cfg(feature = "wasm")] @@ -512,6 +513,7 @@ impl CompositeEncryptable for CipherView { } impl Decryptable for Cipher { + #[instrument(err, skip_all, fields(cipher_id = ?self.id, org_id = ?self.organization_id, kind = ?self.r#type))] fn decrypt( &self, ctx: &mut KeyStoreContext, @@ -576,6 +578,7 @@ impl Cipher { /// * `key` - The key to use to decrypt the cipher key, this should be the user or organization /// key /// * `ciphers_key` - The encrypted cipher key + #[instrument(err, skip_all)] pub(super) fn decrypt_cipher_key( ctx: &mut KeyStoreContext, key: SymmetricKeyId,