[PM-27230] Introduce Account Cryptographic State (#563)

## 🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-27230
https://bitwarden.atlassian.net/browse/PM-27313

<!-- Paste the link to the Jira or GitHub issue or otherwise describe /
point to where this change is coming from. -->

Client PR, fixing breaking changes:
bitwarden/clients#17488

## 📔 Objective

Account cryptographic state describes the core cryptographic objects
making up a user. For a V1 encryption user these are: The RSA Keypair.
For a V2 user these are:
- The Public-key Encryption Keypair
- The Signature Keypair
- The Signed public key (used to bind a public-key encryption key pair
to signing keypair)
- The Signed security state (used for a safe upgrade path that prevents
insecure features)

Note: The wrapped version omits the public key and verifying key for the
public-key encryption key-pair and signature key-pair, and only includes
the wrapped private / signing keys.

Not included are:
- Keys shared to the user via an organization memebership or emergency
access
- Cipher keys
which are not part of the user's cryptography, but do interact with it.

Provided is a function to generate such a cryptographic state for v2
users, and conversion to API request models. Further, this changes SDK
initialization to be based on the account cryptographic state.

## 🚨 Breaking Changes

Please note that the public API for initializing the user's account
cryptography is updated to instead take an enum. The variants for the
enum contain the private key for V1 users, and the private key, signing
key, signed public key, signed security state for V2 users.

Aside from re-packaging into an enum variant, no other changes should be
needed on the consuming side.

This both helps prevent inconsistent states from being passed in by
enforcing consistent state via type safetey, but also cleans up the
primitive obsession anti-pattern
(https://contributing.bitwarden.com/architecture/server/#avoid-primitive-obsession)
that the crypto initialization was facing and will make future changes
much easier.

Note that since so far clients did not store the signed public key, it
is optional for now, but will be made mandatory later after clients save
it for a sufficient time.

To migrate, simply repack the existing values into the corresponding
enum. Note that previously the signed public key was not passed in, now
it is passed in (optional for now, but required later on). Please ensure
it is saved to state on sync / login.

<!-- Does this PR introduce any breaking changes? If so, please describe
the impact and migration path for clients.

If you're unsure, the automated TypeScript compatibility check will run
when you open/update this PR and provide feedback.

For breaking changes:
1. Describe what changed in the client interface
2. Explain why the change was necessary
3. Provide migration steps for client developers
4. Link to any paired client PRs if needed

Otherwise, you can remove this section. -->

## ⏰ Reminders before review

- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
  team

## 🦮 Reviewer guidelines

<!-- Suggested interactions but feel free to use (or not) as you desire!
-->

- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
  issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or
concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or
indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes

---------

Co-authored-by: Daniel García <[email protected]>
Co-authored-by: Oscar Hinton <[email protected]>

Author: 3 people

crates/bitwarden-collections/src/collection.rs

@@ -152,7 +152,7 @@ impl From<bitwarden_api_api::models::CollectionType> for CollectionType {
 #[cfg(test)]
 mod tests {
     use bitwarden_core::key_management::{KeyIds, SymmetricKeyId};
-    use bitwarden_crypto::{KeyStore, PrimitiveEncryptable, SymmetricCryptoKey};
+    use bitwarden_crypto::{KeyStore, PrimitiveEncryptable, SymmetricKeyAlgorithm};
 
     use super::*;
 
@@ -162,14 +162,14 @@ mod tests {
     // Helper function to create a test key store with a symmetric key
     fn create_test_key_store() -> KeyStore<KeyIds> {
         let store = KeyStore::<KeyIds>::default();
-        let key = SymmetricCryptoKey::make_aes256_cbc_hmac_key();
         let org_id = ORGANIZATION_ID.parse().unwrap();
 
-        #[allow(deprecated)]
-        store
-            .context_mut()
-            .set_symmetric_key(SymmetricKeyId::Organization(org_id), key)
+        let mut ctx = store.context_mut();
+
+        let local_key_id = ctx.make_symmetric_key(SymmetricKeyAlgorithm::Aes256CbcHmac);
+        ctx.persist_symmetric_key(local_key_id, SymmetricKeyId::Organization(org_id))
             .unwrap();
+        drop(ctx);
 
         store
     }

crates/bitwarden-core/src/auth/auth_request.rs

@@ -112,9 +112,9 @@ mod tests {
     use super::*;
     use crate::{
         UserId,
-        client::internal::UserKeyState,
         key_management::{
             SymmetricKeyId,
+            account_cryptographic_state::WrappedAccountCryptographicState,
             crypto::{AuthRequestMethod, InitUserCryptoMethod, InitUserCryptoRequest},
         },
     };
@@ -165,11 +165,7 @@ mod tests {
             .initialize_user_crypto_master_key(
                 master_key,
                 user_key,
-                UserKeyState {
-                    private_key,
-                    signing_key: None,
-                    security_state: None,
-                },
+                WrappedAccountCryptographicState::V1 { private_key },
             )
             .unwrap();
 
@@ -240,10 +236,8 @@ mod tests {
             .initialize_user_crypto_master_key(
                 master_key,
                 user_key,
-                UserKeyState {
+                WrappedAccountCryptographicState::V1 {
                     private_key: private_key.clone(),
-                    signing_key: None,
-                    security_state: None,
                 },
             )
             .unwrap();
@@ -262,9 +256,7 @@ mod tests {
                 user_id: Some(UserId::new_v4()),
                 kdf_params: kdf,
                 email: email.to_owned(),
-                private_key,
-                signing_key: None,
-                security_state: None,
+                account_cryptographic_state: WrappedAccountCryptographicState::V1 { private_key },
                 method: InitUserCryptoMethod::AuthRequest {
                     request_private_key: auth_req.private_key,
                     method: AuthRequestMethod::UserKey {

crates/bitwarden-core/src/auth/login/api_key.rs

@@ -8,8 +8,10 @@ use crate::{
         api::{request::ApiTokenRequest, response::IdentityTokenResponse},
         login::{LoginError, PasswordLoginResponse, response::two_factor::TwoFactorProviders},
     },
-    client::{LoginMethod, UserLoginMethod, internal::UserKeyState},
-    key_management::UserDecryptionData,
+    client::{LoginMethod, UserLoginMethod},
+    key_management::{
+        UserDecryptionData, account_cryptographic_state::WrappedAccountCryptographicState,
+    },
     require,
 };
 
@@ -31,11 +33,7 @@ pub(crate) async fn login_api_key(
 
         let private_key: EncString = require!(&r.private_key).parse()?;
 
-        let user_key_state = UserKeyState {
-            private_key,
-            signing_key: None,
-            security_state: None,
-        };
+        let user_key_state = WrappedAccountCryptographicState::V1 { private_key };
 
         let master_password_unlock = r
             .user_decryption_options

crates/bitwarden-core/src/auth/login/auth_request.rs

@@ -12,6 +12,7 @@ use crate::{
     },
     key_management::{
         UserDecryptionData,
+        account_cryptographic_state::WrappedAccountCryptographicState,
         crypto::{AuthRequestMethod, InitUserCryptoMethod, InitUserCryptoRequest},
     },
     require,
@@ -127,9 +128,9 @@ pub(crate) async fn complete_auth_request(
                 user_id: None,
                 kdf_params: kdf,
                 email: salt,
-                private_key: require!(r.private_key).parse()?,
-                signing_key: None,
-                security_state: None,
+                account_cryptographic_state: WrappedAccountCryptographicState::V1 {
+                    private_key: require!(r.private_key).parse()?,
+                },
                 method: InitUserCryptoMethod::AuthRequest {
                     request_private_key: auth_req.private_key,
                     method,

crates/bitwarden-core/src/auth/login/password.rs

@@ -21,10 +21,7 @@ pub(crate) async fn login_password(
 ) -> Result<PasswordLoginResponse, LoginError> {
     use bitwarden_crypto::EncString;
 
-    use crate::{
-        client::{UserLoginMethod, internal::UserKeyState},
-        require,
-    };
+    use crate::{client::UserLoginMethod, require};
 
     info!("password logging in");
 
@@ -40,6 +37,8 @@ pub(crate) async fn login_password(
     let response = request_identity_tokens(client, input, &password_hash).await?;
 
     if let IdentityTokenResponse::Authenticated(r) = &response {
+        use crate::key_management::account_cryptographic_state::WrappedAccountCryptographicState;
+
         client.internal.set_tokens(
             r.access_token.clone(),
             r.refresh_token.clone(),
@@ -48,11 +47,7 @@ pub(crate) async fn login_password(
 
         let private_key: EncString = require!(&r.private_key).parse()?;
 
-        let user_key_state = UserKeyState {
-            private_key,
-            signing_key: None,
-            security_state: None,
-        };
+        let user_key_state = WrappedAccountCryptographicState::V1 { private_key };
 
         let master_password_unlock = r
             .user_decryption_options

crates/bitwarden-core/src/auth/password/validate.rs

@@ -85,7 +85,7 @@ mod tests {
 
     use crate::{
         auth::password::{validate::validate_password_user_key, validate_password},
-        client::internal::UserKeyState,
+        key_management::account_cryptographic_state::WrappedAccountCryptographicState,
     };
 
     #[test]
@@ -149,11 +149,7 @@ mod tests {
             .initialize_user_crypto_master_key(
                 master_key,
                 user_key.clone(),
-                UserKeyState {
-                    private_key,
-                    signing_key: None,
-                    security_state: None,
-                },
+                WrappedAccountCryptographicState::V1 { private_key },
             )
             .unwrap();
 
@@ -203,11 +199,7 @@ mod tests {
             .initialize_user_crypto_master_key(
                 master_key,
                 user_key.parse().unwrap(),
-                UserKeyState {
-                    private_key,
-                    signing_key: None,
-                    security_state: None,
-                },
+                WrappedAccountCryptographicState::V1 { private_key },
             )
             .unwrap();
 

crates/bitwarden-core/src/auth/pin.rs

@@ -49,7 +49,10 @@ mod tests {
     use bitwarden_crypto::{Kdf, MasterKey};
 
     use super::*;
-    use crate::client::{Client, LoginMethod, UserLoginMethod, internal::UserKeyState};
+    use crate::{
+        client::{Client, LoginMethod, UserLoginMethod},
+        key_management::account_cryptographic_state::WrappedAccountCryptographicState,
+    };
 
     fn init_client() -> Client {
         let client = Client::new(None);
@@ -78,11 +81,7 @@ mod tests {
             .initialize_user_crypto_master_key(
                 master_key,
                 user_key.parse().unwrap(),
-                UserKeyState {
-                    private_key,
-                    signing_key: None,
-                    security_state: None,
-                },
+                WrappedAccountCryptographicState::V1 { private_key },
             )
             .unwrap();
 

crates/bitwarden-core/src/auth/tde.rs

@@ -5,8 +5,8 @@ use bitwarden_crypto::{
 use bitwarden_encoding::B64;
 
 use crate::{
-    Client,
-    client::{encryption_settings::EncryptionSettingsError, internal::UserKeyState},
+    Client, client::encryption_settings::EncryptionSettingsError,
+    key_management::account_cryptographic_state::WrappedAccountCryptographicState,
 };
 
 /// This function generates a new user key and key pair, initializes the client's crypto with the
@@ -34,12 +34,10 @@ pub(super) fn make_register_tde_keys(
 
     client.internal.initialize_user_crypto_decrypted_key(
         user_key.0,
-        UserKeyState {
+        // TODO (https://bitwarden.atlassian.net/browse/PM-21771) Signing keys are not supported on registration yet. This needs to be changed as
+        // soon as registration is supported.
+        WrappedAccountCryptographicState::V1 {
             private_key: key_pair.private.clone(),
-            // TODO (https://bitwarden.atlassian.net/browse/PM-21771) Signing keys are not supported on registration yet. This needs to be changed as
-            // soon as registration is supported.
-            signing_key: None,
-            security_state: None,
         },
     )?;