Release de3b6e2bdddb8acf5c31db12a8e649e0042621bd (#21)

Author: Hinton

Package.swift

@@ -27,8 +27,8 @@ let package = Package(
             swiftSettings: [.unsafeFlags(["-suppress-warnings"])]),
         .binaryTarget(
             name: "BitwardenFFI",
-            url: "https://bwlivefronttest.blob.core.windows.net/sdk/0d4c73c-BitwardenFFI.xcframework.zip",
-            checksum: "e4a23c7a03b965a87b1e3fda6711ff9a6c974217f50dfc9a93177eff7300fe6f"),
+            url: "https://bwlivefronttest.blob.core.windows.net/sdk/de3b6e2-BitwardenFFI.xcframework.zip",
+            checksum: "37e884d820907af85e788b5e0ab483bfc5aa0299e5d6b39865ad70659322a202"),
         .testTarget(
             name: "BitwardenSdkTests",
             dependencies: ["BitwardenSdk"])

Sources/BitwardenSdk/BitwardenCore.swift

@@ -703,6 +703,85 @@ public func FfiConverterTypeClientSettings_lower(_ value: ClientSettings) -> Rus
 }
 
 
+public struct DeriveKeyConnectorRequest {
+    /**
+     * Encrypted user key, used to validate the master key
+     */
+    public let userKeyEncrypted: EncString
+    public let password: String
+    public let kdf: Kdf
+    public let email: String
+
+    // Default memberwise initializers are never public by default, so we
+    // declare one manually.
+    public init(
+        /**
+         * Encrypted user key, used to validate the master key
+         */userKeyEncrypted: EncString, password: String, kdf: Kdf, email: String) {
+        self.userKeyEncrypted = userKeyEncrypted
+        self.password = password
+        self.kdf = kdf
+        self.email = email
+    }
+}
+
+
+
+extension DeriveKeyConnectorRequest: Equatable, Hashable {
+    public static func ==(lhs: DeriveKeyConnectorRequest, rhs: DeriveKeyConnectorRequest) -> Bool {
+        if lhs.userKeyEncrypted != rhs.userKeyEncrypted {
+            return false
+        }
+        if lhs.password != rhs.password {
+            return false
+        }
+        if lhs.kdf != rhs.kdf {
+            return false
+        }
+        if lhs.email != rhs.email {
+            return false
+        }
+        return true
+    }
+
+    public func hash(into hasher: inout Hasher) {
+        hasher.combine(userKeyEncrypted)
+        hasher.combine(password)
+        hasher.combine(kdf)
+        hasher.combine(email)
+    }
+}
+
+
+public struct FfiConverterTypeDeriveKeyConnectorRequest: FfiConverterRustBuffer {
+    public static func read(from buf: inout (data: Data, offset: Data.Index)) throws -> DeriveKeyConnectorRequest {
+        return
+            try DeriveKeyConnectorRequest(
+                userKeyEncrypted: FfiConverterTypeEncString.read(from: &buf), 
+                password: FfiConverterString.read(from: &buf), 
+                kdf: FfiConverterTypeKdf.read(from: &buf), 
+                email: FfiConverterString.read(from: &buf)
+        )
+    }
+
+    public static func write(_ value: DeriveKeyConnectorRequest, into buf: inout [UInt8]) {
+        FfiConverterTypeEncString.write(value.userKeyEncrypted, into: &buf)
+        FfiConverterString.write(value.password, into: &buf)
+        FfiConverterTypeKdf.write(value.kdf, into: &buf)
+        FfiConverterString.write(value.email, into: &buf)
+    }
+}
+
+
+public func FfiConverterTypeDeriveKeyConnectorRequest_lift(_ buf: RustBuffer) throws -> DeriveKeyConnectorRequest {
+    return try FfiConverterTypeDeriveKeyConnectorRequest.lift(buf)
+}
+
+public func FfiConverterTypeDeriveKeyConnectorRequest_lower(_ value: DeriveKeyConnectorRequest) -> RustBuffer {
+    return FfiConverterTypeDeriveKeyConnectorRequest.lower(value)
+}
+
+
 public struct DerivePinKeyResponse {
     /**
      * [UserKey](bitwarden_crypto::UserKey) protected by PIN
@@ -993,6 +1072,71 @@ public func FfiConverterTypeInitUserCryptoRequest_lower(_ value: InitUserCryptoR
 }
 
 
+public struct KeyConnectorResponse {
+    public let masterKey: String
+    public let encryptedUserKey: String
+    public let keys: RsaKeyPair
+
+    // Default memberwise initializers are never public by default, so we
+    // declare one manually.
+    public init(masterKey: String, encryptedUserKey: String, keys: RsaKeyPair) {
+        self.masterKey = masterKey
+        self.encryptedUserKey = encryptedUserKey
+        self.keys = keys
+    }
+}
+
+
+
+extension KeyConnectorResponse: Equatable, Hashable {
+    public static func ==(lhs: KeyConnectorResponse, rhs: KeyConnectorResponse) -> Bool {
+        if lhs.masterKey != rhs.masterKey {
+            return false
+        }
+        if lhs.encryptedUserKey != rhs.encryptedUserKey {
+            return false
+        }
+        if lhs.keys != rhs.keys {
+            return false
+        }
+        return true
+    }
+
+    public func hash(into hasher: inout Hasher) {
+        hasher.combine(masterKey)
+        hasher.combine(encryptedUserKey)
+        hasher.combine(keys)
+    }
+}
+
+
+public struct FfiConverterTypeKeyConnectorResponse: FfiConverterRustBuffer {
+    public static func read(from buf: inout (data: Data, offset: Data.Index)) throws -> KeyConnectorResponse {
+        return
+            try KeyConnectorResponse(
+                masterKey: FfiConverterString.read(from: &buf), 
+                encryptedUserKey: FfiConverterString.read(from: &buf), 
+                keys: FfiConverterTypeRsaKeyPair.read(from: &buf)
+        )
+    }
+
+    public static func write(_ value: KeyConnectorResponse, into buf: inout [UInt8]) {
+        FfiConverterString.write(value.masterKey, into: &buf)
+        FfiConverterString.write(value.encryptedUserKey, into: &buf)
+        FfiConverterTypeRsaKeyPair.write(value.keys, into: &buf)
+    }
+}
+
+
+public func FfiConverterTypeKeyConnectorResponse_lift(_ buf: RustBuffer) throws -> KeyConnectorResponse {
+    return try FfiConverterTypeKeyConnectorResponse.lift(buf)
+}
+
+public func FfiConverterTypeKeyConnectorResponse_lower(_ value: KeyConnectorResponse) -> RustBuffer {
+    return FfiConverterTypeKeyConnectorResponse.lower(value)
+}
+
+
 public struct MasterPasswordPolicyOptions {
     public let minComplexity: UInt8
     public let minLength: UInt8
@@ -1672,6 +1816,14 @@ public enum InitUserCryptoMethod {
          * The user's symmetric crypto key, encrypted with the Device Key.
          */deviceProtectedUserKey: AsymmetricEncString
     )
+    case keyConnector(
+        /**
+         * Base64 encoded master key, retrieved from the key connector.
+         */masterKey: String, 
+        /**
+         * The user's encrypted symmetric crypto key
+         */userKey: String
+    )
 }
 
 
@@ -1697,6 +1849,9 @@ public struct FfiConverterTypeInitUserCryptoMethod: FfiConverterRustBuffer {
         case 5: return .deviceKey(deviceKey: try FfiConverterString.read(from: &buf), protectedDevicePrivateKey: try FfiConverterTypeEncString.read(from: &buf), deviceProtectedUserKey: try FfiConverterTypeAsymmetricEncString.read(from: &buf)
         )
 
+        case 6: return .keyConnector(masterKey: try FfiConverterString.read(from: &buf), userKey: try FfiConverterString.read(from: &buf)
+        )
+        
         default: throw UniffiInternalError.unexpectedEnumCase
         }
     }
@@ -1734,6 +1889,12 @@ public struct FfiConverterTypeInitUserCryptoMethod: FfiConverterRustBuffer {
             FfiConverterTypeEncString.write(protectedDevicePrivateKey, into: &buf)
             FfiConverterTypeAsymmetricEncString.write(deviceProtectedUserKey, into: &buf)
 
+        
+        case let .keyConnector(masterKey,userKey):
+            writeInt(&buf, Int32(6))
+            FfiConverterString.write(masterKey, into: &buf)
+            FfiConverterString.write(userKey, into: &buf)
+            
         }
     }
 }

Sources/BitwardenSdk/BitwardenSDK.swift

@@ -869,6 +869,11 @@ public protocol ClientAuthProtocol : AnyObject {
      */
     func hashPassword(email: String, password: String, kdfParams: Kdf, purpose: HashPurpose) async throws  -> String
 
+    /**
+     * Generate keys needed to onboard a new user without master key to key connector
+     */
+    func makeKeyConnectorKeys() throws  -> KeyConnectorResponse
+    
     /**
      * Generate keys needed for registration process
      */
@@ -1003,6 +1008,16 @@ open func hashPassword(email: String, password: String, kdfParams: Kdf, purpose:
         )
 }
 
+    /**
+     * Generate keys needed to onboard a new user without master key to key connector
+     */
+open func makeKeyConnectorKeys()throws  -> KeyConnectorResponse {
+    return try  FfiConverterTypeKeyConnectorResponse_lift(try rustCallWithError(FfiConverterTypeBitwardenError.lift) {
+    uniffi_bitwarden_uniffi_fn_method_clientauth_make_key_connector_keys(self.uniffiClonePointer(),$0
+    )
+})
+}
+    
     /**
      * Generate keys needed for registration process
      */
@@ -1470,6 +1485,11 @@ public func FfiConverterTypeClientCollections_lower(_ value: ClientCollections)
 
 public protocol ClientCryptoProtocol : AnyObject {
 
+    /**
+     * Derive the master key for migrating to the key connector
+     */
+    func deriveKeyConnector(request: DeriveKeyConnectorRequest) throws  -> String
+    
     /**
      * Generates a PIN protected user key from the provided PIN. The result can be stored and later
      * used to initialize another client instance by using the PIN and the PIN key with
@@ -1552,6 +1572,17 @@ open class ClientCrypto:
 
 
 
+    /**
+     * Derive the master key for migrating to the key connector
+     */
+open func deriveKeyConnector(request: DeriveKeyConnectorRequest)throws  -> String {
+    return try  FfiConverterString.lift(try rustCallWithError(FfiConverterTypeBitwardenError.lift) {
+    uniffi_bitwarden_uniffi_fn_method_clientcrypto_derive_key_connector(self.uniffiClonePointer(),
+        FfiConverterTypeDeriveKeyConnectorRequest_lower(request),$0
+    )
+})
+}
+    
     /**
      * Generates a PIN protected user key from the provided PIN. The result can be stored and later
      * used to initialize another client instance by using the PIN and the PIN key with
@@ -4793,6 +4824,10 @@ fileprivate struct FfiConverterDictionaryStringBool: FfiConverterRustBuffer {
 
 
 
+
+
+
+
 
 
 
@@ -4968,6 +5003,9 @@ private var initializationResult: InitializationResult = {
     if (uniffi_bitwarden_uniffi_checksum_method_clientauth_hash_password() != 58719) {
         return InitializationResult.apiChecksumMismatch
     }
+    if (uniffi_bitwarden_uniffi_checksum_method_clientauth_make_key_connector_keys() != 11807) {
+        return InitializationResult.apiChecksumMismatch
+    }
     if (uniffi_bitwarden_uniffi_checksum_method_clientauth_make_register_keys() != 4847) {
         return InitializationResult.apiChecksumMismatch
     }
@@ -5016,6 +5054,9 @@ private var initializationResult: InitializationResult = {
     if (uniffi_bitwarden_uniffi_checksum_method_clientcollections_decrypt_list() != 34441) {
         return InitializationResult.apiChecksumMismatch
     }
+    if (uniffi_bitwarden_uniffi_checksum_method_clientcrypto_derive_key_connector() != 31169) {
+        return InitializationResult.apiChecksumMismatch
+    }
     if (uniffi_bitwarden_uniffi_checksum_method_clientcrypto_derive_pin_key() != 33793) {
         return InitializationResult.apiChecksumMismatch
     }