[PM-19603] Asymmetric encrypt/encapsulate interface (#202)

## 🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-19603

## 📔 Objective

The goal of this PR is to provide a consistent, clear interface for
asymmetric encryption. For asymmetric encryption we should never encrypt
data, only share keys - "encapsulate". If data access is to be shared to
another account, then this should be done via creating a new symmetric
key, and sharing access to it.

Further, currently our asymmetric data sharing makes no proofs about
authenticity of the sender, that is, the data is unsigned. This makes
that clear on the publicly exposed interface, and leaves the room open
to add an interface that explicitly does provide sender authenticity via
signing.

This PR renames the interfaces to reflect that. Further, we drop the
AsymmetricKey impl of the KeyEncryptable trait, specifically since it
should *not* be able to encrypt arbitrary data, but also because a new
interface that does provide sender authenticity should be the primarily
used interface, which does not line up with the encryptable trait.

## ⏰ Reminders before review

- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
  team

## 🦮 Reviewer guidelines

<!-- Suggested interactions but feel free to use (or not) as you desire!
-->

- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
  issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or
concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or
indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes

Author: quexten

crates/bitwarden-core/src/auth/auth_client.rs

@@ -1,6 +1,6 @@
 #[cfg(feature = "internal")]
 use bitwarden_crypto::{
-    AsymmetricEncString, CryptoError, DeviceKey, EncString, Kdf, TrustDeviceResponse,
+    CryptoError, DeviceKey, EncString, Kdf, TrustDeviceResponse, UnsignedSharedKey,
 };
 
 #[cfg(feature = "secrets")]
@@ -152,7 +152,7 @@ impl AuthClient {
     pub fn approve_auth_request(
         &self,
         public_key: String,
-    ) -> Result<AsymmetricEncString, ApproveAuthRequestError> {
+    ) -> Result<UnsignedSharedKey, ApproveAuthRequestError> {
         approve_auth_request(&self.client, public_key)
     }
 

crates/bitwarden-core/src/auth/auth_request.rs

@@ -1,10 +1,10 @@
 use base64::{engine::general_purpose::STANDARD, Engine};
 use bitwarden_crypto::{
-    fingerprint, generate_random_alphanumeric, AsymmetricCryptoKey, AsymmetricEncString,
-    AsymmetricPublicCryptoKey, CryptoError,
+    fingerprint, generate_random_alphanumeric, AsymmetricCryptoKey, AsymmetricPublicCryptoKey,
+    CryptoError, UnsignedSharedKey,
 };
 #[cfg(feature = "internal")]
-use bitwarden_crypto::{EncString, KeyDecryptable, SymmetricCryptoKey};
+use bitwarden_crypto::{EncString, SymmetricCryptoKey};
 use thiserror::Error;
 
 #[cfg(feature = "internal")]
@@ -52,26 +52,25 @@ pub(crate) fn new_auth_request(email: &str) -> Result<AuthRequestResponse, Crypt
 #[cfg(feature = "internal")]
 pub(crate) fn auth_request_decrypt_user_key(
     private_key: String,
-    user_key: AsymmetricEncString,
+    user_key: UnsignedSharedKey,
 ) -> Result<SymmetricCryptoKey, EncryptionSettingsError> {
     let key = AsymmetricCryptoKey::from_der(&STANDARD.decode(private_key)?)?;
-    let mut key: Vec<u8> = user_key.decrypt_with_key(&key)?;
-
-    Ok(SymmetricCryptoKey::try_from(key.as_mut_slice())?)
+    let key: SymmetricCryptoKey = user_key.decapsulate_key_unsigned(&key)?;
+    Ok(key)
 }
 
 /// Decrypt the user key using the private key generated previously.
 #[cfg(feature = "internal")]
 pub(crate) fn auth_request_decrypt_master_key(
     private_key: String,
-    master_key: AsymmetricEncString,
+    master_key: UnsignedSharedKey,
     user_key: EncString,
 ) -> Result<SymmetricCryptoKey, EncryptionSettingsError> {
     use bitwarden_crypto::MasterKey;
 
     let key = AsymmetricCryptoKey::from_der(&STANDARD.decode(private_key)?)?;
-    let mut master_key: Vec<u8> = master_key.decrypt_with_key(&key)?;
-    let master_key = MasterKey::try_from(master_key.as_mut_slice())?;
+    let master_key: SymmetricCryptoKey = master_key.decapsulate_key_unsigned(&key)?;
+    let master_key = MasterKey::try_from(&master_key)?;
 
     Ok(master_key.decrypt_user_key(user_key)?)
 }
@@ -93,7 +92,7 @@ pub enum ApproveAuthRequestError {
 pub(crate) fn approve_auth_request(
     client: &Client,
     public_key: String,
-) -> Result<AsymmetricEncString, ApproveAuthRequestError> {
+) -> Result<UnsignedSharedKey, ApproveAuthRequestError> {
     let public_key = AsymmetricPublicCryptoKey::from_der(&STANDARD.decode(public_key)?)?;
 
     let key_store = client.internal.get_key_store();
@@ -103,8 +102,8 @@ pub(crate) fn approve_auth_request(
     #[allow(deprecated)]
     let key = ctx.dangerous_get_symmetric_key(SymmetricKeyId::User)?;
 
-    Ok(AsymmetricEncString::encrypt_rsa2048_oaep_sha1(
-        &key.to_vec(),
+    Ok(UnsignedSharedKey::encapsulate_key_unsigned(
+        key,
         &public_key,
     )?)
 }
@@ -113,7 +112,7 @@ pub(crate) fn approve_auth_request(
 fn test_auth_request() {
     let request = new_auth_request("[email protected]").unwrap();
 
-    let secret: &[u8] = &[
+    let secret = vec![
         111, 32, 97, 169, 4, 241, 174, 74, 239, 206, 113, 86, 174, 68, 216, 238, 52, 85, 156, 27,
         134, 149, 54, 55, 91, 147, 45, 130, 131, 237, 51, 31, 191, 106, 155, 14, 160, 82, 47, 40,
         96, 31, 114, 127, 212, 187, 167, 110, 205, 116, 198, 243, 218, 72, 137, 53, 248, 43, 255,
@@ -123,11 +122,15 @@ fn test_auth_request() {
     let private_key =
         AsymmetricCryptoKey::from_der(&STANDARD.decode(&request.private_key).unwrap()).unwrap();
 
-    let encrypted = AsymmetricEncString::encrypt_rsa2048_oaep_sha1(secret, &private_key).unwrap();
+    let encrypted = UnsignedSharedKey::encapsulate_key_unsigned(
+        &SymmetricCryptoKey::try_from(secret.clone()).unwrap(),
+        &private_key,
+    )
+    .unwrap();
 
     let decrypted = auth_request_decrypt_user_key(request.private_key, encrypted).unwrap();
 
-    assert_eq!(&decrypted.to_vec(), secret);
+    assert_eq!(decrypted.to_vec(), secret);
 }
 
 #[cfg(test)]

crates/bitwarden-core/src/auth/tde.rs

@@ -1,7 +1,7 @@
 use base64::{engine::general_purpose::STANDARD, Engine};
 use bitwarden_crypto::{
-    AsymmetricEncString, AsymmetricPublicCryptoKey, DeviceKey, EncString, Kdf, SymmetricCryptoKey,
-    TrustDeviceResponse, UserKey,
+    AsymmetricPublicCryptoKey, DeviceKey, EncString, Kdf, SymmetricCryptoKey, TrustDeviceResponse,
+    UnsignedSharedKey, UserKey,
 };
 
 use crate::{client::encryption_settings::EncryptionSettingsError, Client};
@@ -22,8 +22,7 @@ pub(super) fn make_register_tde_keys(
     let user_key = UserKey::new(SymmetricCryptoKey::generate(&mut rng));
     let key_pair = user_key.make_key_pair()?;
 
-    let admin_reset =
-        AsymmetricEncString::encrypt_rsa2048_oaep_sha1(&user_key.0.to_vec(), &public_key)?;
+    let admin_reset = UnsignedSharedKey::encapsulate_key_unsigned(&user_key.0, &public_key)?;
 
     let device_key = if remember_device {
         Some(DeviceKey::trust_device(&user_key.0)?)
@@ -58,6 +57,6 @@ pub struct RegisterTdeKeyResponse {
     pub private_key: EncString,
     pub public_key: String,
 
-    pub admin_reset: AsymmetricEncString,
+    pub admin_reset: UnsignedSharedKey,
     pub device_key: Option<TrustDeviceResponse>,
 }

crates/bitwarden-core/src/client/encryption_settings.rs

@@ -1,6 +1,6 @@
 use bitwarden_crypto::{AsymmetricCryptoKey, KeyStore, SymmetricCryptoKey};
 #[cfg(feature = "internal")]
-use bitwarden_crypto::{AsymmetricEncString, EncString};
+use bitwarden_crypto::{EncString, UnsignedSharedKey};
 use bitwarden_error::bitwarden_error;
 use thiserror::Error;
 use uuid::Uuid;
@@ -91,7 +91,7 @@ impl EncryptionSettings {
 
     #[cfg(feature = "internal")]
     pub(crate) fn set_org_keys(
-        org_enc_keys: Vec<(Uuid, AsymmetricEncString)>,
+        org_enc_keys: Vec<(Uuid, UnsignedSharedKey)>,
         store: &KeyStore<KeyIds>,
     ) -> Result<(), EncryptionSettingsError> {
         let mut ctx = store.context_mut();
@@ -111,7 +111,7 @@ impl EncryptionSettings {
 
         // Decrypt the org keys with the private key
         for (org_id, org_enc_key) in org_enc_keys {
-            ctx.decrypt_symmetric_key_with_asymmetric_key(
+            ctx.decapsulate_key_unsigned(
                 AsymmetricKeyId::UserPrivateKey,
                 SymmetricKeyId::Organization(org_id),
                 &org_enc_key,

crates/bitwarden-core/src/client/internal.rs

@@ -4,7 +4,7 @@ use bitwarden_crypto::KeyStore;
 #[cfg(any(feature = "internal", feature = "secrets"))]
 use bitwarden_crypto::SymmetricCryptoKey;
 #[cfg(feature = "internal")]
-use bitwarden_crypto::{AsymmetricEncString, EncString, Kdf, MasterKey, PinKey};
+use bitwarden_crypto::{EncString, Kdf, MasterKey, PinKey, UnsignedSharedKey};
 use chrono::Utc;
 use uuid::Uuid;
 
@@ -215,7 +215,7 @@ impl InternalClient {
     #[cfg(feature = "internal")]
     pub fn initialize_org_crypto(
         &self,
-        org_keys: Vec<(Uuid, AsymmetricEncString)>,
+        org_keys: Vec<(Uuid, UnsignedSharedKey)>,
     ) -> Result<(), EncryptionSettingsError> {
         EncryptionSettings::set_org_keys(org_keys, &self.key_store)
     }

crates/bitwarden-core/src/mobile/crypto.rs

@@ -8,8 +8,8 @@ use std::collections::HashMap;
 
 use base64::{engine::general_purpose::STANDARD, Engine};
 use bitwarden_crypto::{
-    AsymmetricCryptoKey, AsymmetricEncString, CryptoError, EncString, Kdf, KeyDecryptable,
-    KeyEncryptable, MasterKey, SymmetricCryptoKey, UserKey,
+    AsymmetricCryptoKey, CryptoError, EncString, Kdf, KeyDecryptable, KeyEncryptable, MasterKey,
+    SymmetricCryptoKey, UnsignedSharedKey, UserKey,
 };
 use schemars::JsonSchema;
 use serde::{Deserialize, Serialize};
@@ -90,7 +90,7 @@ pub enum InitUserCryptoMethod {
         /// The Device Private Key
         protected_device_private_key: EncString,
         /// The user's symmetric crypto key, encrypted with the Device Key.
-        device_protected_user_key: AsymmetricEncString,
+        device_protected_user_key: UnsignedSharedKey,
     },
     /// Key connector
     KeyConnector {
@@ -110,12 +110,12 @@ pub enum AuthRequestMethod {
     /// User Key
     UserKey {
         /// User Key protected by the private key provided in `AuthRequestResponse`.
-        protected_user_key: AsymmetricEncString,
+        protected_user_key: UnsignedSharedKey,
     },
     /// Master Key
     MasterKey {
         /// Master Key protected by the private key provided in `AuthRequestResponse`.
-        protected_master_key: AsymmetricEncString,
+        protected_master_key: UnsignedSharedKey,
         /// User Key protected by the MasterKey, provided by the auth response.
         auth_request_key: EncString,
     },
@@ -228,7 +228,7 @@ pub async fn initialize_user_crypto(
 #[cfg_attr(feature = "wasm", derive(Tsify), tsify(into_wasm_abi, from_wasm_abi))]
 pub struct InitOrgCryptoRequest {
     /// The encryption keys for all the organizations the user is a part of
-    pub organization_keys: HashMap<uuid::Uuid, AsymmetricEncString>,
+    pub organization_keys: HashMap<uuid::Uuid, UnsignedSharedKey>,
 }
 
 /// Initialize the user's organizational cryptographic state.
@@ -386,7 +386,7 @@ pub enum EnrollAdminPasswordResetError {
 pub(super) fn enroll_admin_password_reset(
     client: &Client,
     public_key: String,
-) -> Result<AsymmetricEncString, EnrollAdminPasswordResetError> {
+) -> Result<UnsignedSharedKey, EnrollAdminPasswordResetError> {
     use base64::{engine::general_purpose::STANDARD, Engine};
     use bitwarden_crypto::AsymmetricPublicCryptoKey;
 
@@ -397,8 +397,8 @@ pub(super) fn enroll_admin_password_reset(
     #[allow(deprecated)]
     let key = ctx.dangerous_get_symmetric_key(SymmetricKeyId::User)?;
 
-    Ok(AsymmetricEncString::encrypt_rsa2048_oaep_sha1(
-        &key.to_vec(),
+    Ok(UnsignedSharedKey::encapsulate_key_unsigned(
+        key,
         &public_key,
     )?)
 }
@@ -767,7 +767,8 @@ mod tests {
         let private_key = "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCzLtEUdxfcLxDj84yaGFsVF5hZ8Hjlb08NMQDy1RnBma06I3ZESshLYzVz4r/gegMn9OOltfV/Yxlyvida8oW6qdlfJ7AVz6Oa8pV7BiL40C7b76+oqraQpyYw2HChANB1AhXL9SqWngKmLZwjA7qiCrmcc0kZHeOb4KnKtp9iVvPVs+8veFvKgYO4ba2AAOHKFdR0W55/agXfAy+fWUAkC8mc9ikyJdQWaPV6OZvC2XFkOseBQm9Rynudh3BQpoWiL6w620efe7t5k+02/EyOFJL9f/XEEjM/+Yo0t3LAfkuhHGeKiRST59Xc9hTEmyJTeVXROtz+0fjqOp3xkaObAgMBAAECggEACs4xhnO0HaZhh1/iH7zORMIRXKeyxP2LQiTR8xwN5JJ9wRWmGAR9VasS7EZFTDidIGVME2u/h4s5EqXnhxfO+0gGksVvgNXJ/qw87E8K2216g6ZNo6vSGA7H1GH2voWwejJ4/k/cJug6dz2S402rRAKh2Wong1arYHSkVlQp3diiMa5FHAOSE+Cy09O2ZsaF9IXQYUtlW6AVXFrBEPYH2kvkaPXchh8VETMijo6tbvoKLnUHe+wTaDMls7hy8exjtVyI59r3DNzjy1lNGaGb5QSnFMXR+eHhPZc844Wv02MxC15zKABADrl58gpJyjTl6XpDdHCYGsmGpVGH3X9TQQKBgQDz/9beFjzq59ve6rGwn+EtnQfSsyYT+jr7GN8lNEXb3YOFXBgPhfFIcHRh2R00Vm9w2ApfAx2cd8xm2I6HuvQ1Os7g26LWazvuWY0Qzb+KaCLQTEGH1RnTq6CCG+BTRq/a3J8M4t38GV5TWlzv8wr9U4dl6FR4efjb65HXs1GQ4QKBgQC7/uHfrOTEHrLeIeqEuSl0vWNqEotFKdKLV6xpOvNuxDGbgW4/r/zaxDqt0YBOXmRbQYSEhmO3oy9J6XfE1SUln0gbavZeW0HESCAmUIC88bDnspUwS9RxauqT5aF8ODKN/bNCWCnBM1xyonPOs1oT1nyparJVdQoG//Y7vkB3+wKBgBqLqPq8fKAp3XfhHLfUjREDVoiLyQa/YI9U42IOz9LdxKNLo6p8rgVthpvmnRDGnpUuS+KOWjhdqDVANjF6G3t3DG7WNl8Rh5Gk2H4NhFswfSkgQrjebFLlBy9gjQVCWXt8KSmjvPbiY6q52Aaa8IUjA0YJAregvXxfopxO+/7BAoGARicvEtDp7WWnSc1OPoj6N14VIxgYcI7SyrzE0d/1x3ffKzB5e7qomNpxKzvqrVP8DzG7ydh8jaKPmv1MfF8tpYRy3AhmN3/GYwCnPqT75YYrhcrWcVdax5gmQVqHkFtIQkRSCIftzPLlpMGKha/YBV8c1fvC4LD0NPh/Ynv0gtECgYEAyOZg95/kte0jpgUEgwuMrzkhY/AaUJULFuR5MkyvReEbtSBQwV5tx60+T95PHNiFooWWVXiLMsAgyI2IbkxVR1Pzdri3gWK5CTfqb7kLuaj/B7SGvBa2Sxo478KS5K8tBBBWkITqo+wLC0mn3uZi1dyMWO1zopTA+KtEGF2dtGQ=";
         let private_key =
             AsymmetricCryptoKey::from_der(&STANDARD.decode(private_key).unwrap()).unwrap();
-        let decrypted: Vec<u8> = encrypted.decrypt_with_key(&private_key).unwrap();
+        let decrypted: SymmetricCryptoKey =
+            encrypted.decapsulate_key_unsigned(&private_key).unwrap();
 
         let key_store = client.internal.get_key_store();
         let ctx = key_store.context();
@@ -776,7 +777,7 @@ mod tests {
             .dangerous_get_symmetric_key(SymmetricKeyId::User)
             .unwrap();
 
-        assert_eq!(&decrypted, &expected.to_vec());
+        assert_eq!(&decrypted.to_vec(), &expected.to_vec());
     }
 
     #[test]

crates/bitwarden-core/src/mobile/crypto_client.rs

@@ -1,6 +1,6 @@
 use bitwarden_crypto::CryptoError;
 #[cfg(feature = "internal")]
-use bitwarden_crypto::{AsymmetricEncString, EncString};
+use bitwarden_crypto::{EncString, UnsignedSharedKey};
 
 use super::crypto::{
     derive_key_connector, make_key_pair, verify_asymmetric_keys, DeriveKeyConnectorError,
@@ -75,7 +75,7 @@ impl CryptoClient {
     pub fn enroll_admin_password_reset(
         &self,
         public_key: String,
-    ) -> Result<AsymmetricEncString, EnrollAdminPasswordResetError> {
+    ) -> Result<UnsignedSharedKey, EnrollAdminPasswordResetError> {
         enroll_admin_password_reset(&self.client, public_key)
     }
 

crates/bitwarden-core/src/uniffi_support.rs

@@ -2,15 +2,15 @@
 
 use std::num::NonZeroU32;
 
-use bitwarden_crypto::{AsymmetricEncString, EncString};
+use bitwarden_crypto::{EncString, UnsignedSharedKey};
 use uuid::Uuid;
 
 use crate::UniffiCustomTypeConverter;
 
 uniffi::ffi_converter_forward!(NonZeroU32, bitwarden_crypto::UniFfiTag, crate::UniFfiTag);
 uniffi::ffi_converter_forward!(EncString, bitwarden_crypto::UniFfiTag, crate::UniFfiTag);
 uniffi::ffi_converter_forward!(
-    AsymmetricEncString,
+    UnsignedSharedKey,
     bitwarden_crypto::UniFfiTag,
     crate::UniFfiTag
 );

crates/bitwarden-crypto/Cargo.toml

@@ -38,6 +38,7 @@ num-bigint = ">=0.4, <0.5"
 num-traits = ">=0.2.15, <0.3"
 pbkdf2 = { version = ">=0.12.1, <0.13", default-features = false }
 rand = ">=0.8.5, <0.9"
+rand_chacha = ">=0.3.1, <0.4.0"
 rayon = ">=1.8.1, <2.0"
 rsa = ">=0.9.2, <0.10"
 schemars = { workspace = true }