Resolve follow-up comments (#595)

## 🎟️ Tracking

<!-- Paste the link to the Jira or GitHub issue or otherwise describe /
point to where this change is coming from. -->



## 📔 Objective

<!-- Describe what the purpose of this PR is, for example what bug
you're fixing or new feature you're adding. -->
Resolve:
#592 (review)

## 🚨 Breaking Changes

<!-- Does this PR introduce any breaking changes? If so, please describe
the impact and migration path for clients.

If you're unsure, the automated TypeScript compatibility check will run
when you open/update this PR and provide feedback.

For breaking changes:
1. Describe what changed in the client interface
2. Explain why the change was necessary
3. Provide migration steps for client developers
4. Link to any paired client PRs if needed

Otherwise, you can remove this section. -->

## ⏰ Reminders before review

- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
  team

## 🦮 Reviewer guidelines

<!-- Suggested interactions but feel free to use (or not) as you desire!
-->

- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
  issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or
concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or
indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes

Author: quexten

Cargo.toml

@@ -60,18 +60,21 @@ futures = ">=0.3.31, <0.4"
 js-sys = { version = ">=0.3.72, <0.4" }
 proc-macro2 = ">=1.0.89, <2"
 quote = ">=1.0.37, <2"
+rand = ">=0.8.5, <0.9"
 reqwest = { version = ">=0.12.5, <0.13", features = [
     "json",
     "multipart",
     "http2",
 ], default-features = false }
+rsa = ">=0.9.2, <0.10"
 schemars = { version = ">=1.0.0, <2.0", features = ["uuid1", "chrono04"] }
 serde = { version = ">=1.0, <2.0", features = ["derive"] }
 serde_bytes = { version = ">=0.11.17, <0.12.0" }
 serde_json = ">=1.0.96, <2.0"
 serde_qs = ">=0.12.0, <0.16"
 serde_repr = ">=0.1.12, <0.2"
 serde-wasm-bindgen = ">=0.6.0, <0.7"
+sha1 = ">=0.10.5, <0.11"
 subtle = ">=2.5.0, <3.0"
 syn = ">=2.0.87, <3"
 thiserror = ">=1.0.40, <3"

crates/bitwarden-crypto/Cargo.toml

@@ -45,15 +45,15 @@ hmac = ">=0.12.1, <0.13"
 num-bigint = ">=0.4, <0.5"
 num-traits = ">=0.2.15, <0.3"
 pbkdf2 = { version = ">=0.12.1, <0.13", default-features = false }
-rand = ">=0.8.5, <0.9"
+rand = { workspace = true }
 rand_chacha = ">=0.3.1, <0.4.0"
 rayon = ">=1.8.1, <2.0"
-rsa = ">=0.9.2, <0.10"
+rsa = { workspace = true }
 schemars = { workspace = true }
 serde = { workspace = true }
 serde_bytes = { workspace = true }
 serde_repr.workspace = true
-sha1 = ">=0.10.5, <0.11"
+sha1 = { workspace = true }
 sha2 = ">=0.10.6, <0.11"
 subtle = { workspace = true }
 thiserror = { workspace = true }

crates/bitwarden-wasm-internal/Cargo.toml

@@ -33,10 +33,10 @@ bitwarden-state = { workspace = true, features = ["wasm"] }
 bitwarden-threading = { workspace = true }
 bitwarden-vault = { workspace = true, features = ["wasm"] }
 console_error_panic_hook = "0.1.7"
-rand = ">=0.8.5, <0.9"
-rsa = ">=0.9.2, <0.10"
+rand = { workspace = true }
+rsa = { workspace = true }
 serde = { workspace = true }
-sha1 = ">=0.10.5, <0.11"
+sha1 = { workspace = true }
 tracing = { workspace = true }
 tracing-subscriber = { workspace = true }
 tracing-web = { version = "0.1.3" }

crates/bitwarden-wasm-internal/src/pure_crypto.rs

@@ -326,6 +326,7 @@ impl PureCrypto {
 
     /// Given a decrypted private RSA key PKCS8 DER this
     /// returns the corresponding public RSA key in DER format.
+    /// HAZMAT WARNING: Do not use outside of implementing cryptofunctionservice
     pub fn rsa_extract_public_key(private_key: Vec<u8>) -> Result<Vec<u8>, RsaError> {
         let private_key = AsymmetricCryptoKey::from_der(&Pkcs8PrivateKeyBytes::from(private_key))
             .map_err(|_| RsaError::KeyParse)?;
@@ -337,6 +338,7 @@ impl PureCrypto {
     }
 
     /// Generates a new RSA key pair and returns the private key
+    /// HAZMAT WARNING: Do not use outside of implementing cryptofunctionservice
     pub fn rsa_generate_keypair() -> Result<Vec<u8>, RsaError> {
         let private_key = AsymmetricCryptoKey::make(PublicKeyEncryptionAlgorithm::RsaOaepSha1);
         Ok(private_key
@@ -346,6 +348,7 @@ impl PureCrypto {
     }
 
     /// Decrypts data using RSAES-OAEP with SHA-1
+    /// HAZMAT WARNING: Do not use outside of implementing cryptofunctionservice
     pub fn rsa_decrypt_data(
         encrypted_data: Vec<u8>,
         private_key: Vec<u8>,
@@ -359,6 +362,7 @@ impl PureCrypto {
     }
 
     /// Encrypts data using RSAES-OAEP with SHA-1
+    /// HAZMAT WARNING: Do not use outside of implementing cryptofunctionservice
     pub fn rsa_encrypt_data(plain_data: Vec<u8>, public_key: Vec<u8>) -> Result<Vec<u8>, RsaError> {
         let public_key = RsaPublicKey::from_public_key_der(public_key.as_slice())
             .map_err(|_| RsaError::KeyParse)?;