Merge branch 'main' into km/tracing

quexten · web-flow · commit d10d59920487 · 2025-12-02T14:50:49.000+01:00
diff --git a/Cargo.toml b/Cargo.toml
@@ -60,18 +60,21 @@ futures = ">=0.3.31, <0.4"
 js-sys = { version = ">=0.3.72, <0.4" }
 proc-macro2 = ">=1.0.89, <2"
 quote = ">=1.0.37, <2"
+rand = ">=0.8.5, <0.9"
 reqwest = { version = ">=0.12.5, <0.13", features = [
     "json",
     "multipart",
     "http2",
 ], default-features = false }
+rsa = ">=0.9.2, <0.10"
 schemars = { version = ">=1.0.0, <2.0", features = ["uuid1", "chrono04"] }
 serde = { version = ">=1.0, <2.0", features = ["derive"] }
 serde_bytes = { version = ">=0.11.17, <0.12.0" }
 serde_json = ">=1.0.96, <2.0"
 serde_qs = ">=0.12.0, <0.16"
 serde_repr = ">=0.1.12, <0.2"
 serde-wasm-bindgen = ">=0.6.0, <0.7"
+sha1 = ">=0.10.5, <0.11"
 subtle = ">=2.5.0, <3.0"
 syn = ">=2.0.87, <3"
 thiserror = ">=1.0.40, <3"
diff --git a/crates/bitwarden-crypto/Cargo.toml b/crates/bitwarden-crypto/Cargo.toml
@@ -45,15 +45,15 @@ hmac = ">=0.12.1, <0.13"
 num-bigint = ">=0.4, <0.5"
 num-traits = ">=0.2.15, <0.3"
 pbkdf2 = { version = ">=0.12.1, <0.13", default-features = false }
-rand = ">=0.8.5, <0.9"
+rand = { workspace = true }
 rand_chacha = ">=0.3.1, <0.4.0"
 rayon = ">=1.8.1, <2.0"
-rsa = ">=0.9.2, <0.10"
+rsa = { workspace = true }
 schemars = { workspace = true }
 serde = { workspace = true }
 serde_bytes = { workspace = true }
 serde_repr.workspace = true
-sha1 = ">=0.10.5, <0.11"
+sha1 = { workspace = true }
 sha2 = ">=0.10.6, <0.11"
 subtle = { workspace = true }
 thiserror = { workspace = true }
diff --git a/crates/bitwarden-wasm-internal/Cargo.toml b/crates/bitwarden-wasm-internal/Cargo.toml
@@ -33,10 +33,10 @@ bitwarden-state = { workspace = true, features = ["wasm"] }
 bitwarden-threading = { workspace = true }
 bitwarden-vault = { workspace = true, features = ["wasm"] }
 console_error_panic_hook = "0.1.7"
-rand = ">=0.8.5, <0.9"
-rsa = ">=0.9.2, <0.10"
+rand = { workspace = true }
+rsa = { workspace = true }
 serde = { workspace = true }
-sha1 = ">=0.10.5, <0.11"
+sha1 = { workspace = true }
 tracing = { workspace = true }
 tracing-subscriber = { workspace = true }
 tracing-web = { version = "0.1.3" }
diff --git a/crates/bitwarden-wasm-internal/src/pure_crypto.rs b/crates/bitwarden-wasm-internal/src/pure_crypto.rs
@@ -326,6 +326,7 @@ impl PureCrypto {
 
     /// Given a decrypted private RSA key PKCS8 DER this
     /// returns the corresponding public RSA key in DER format.
+    /// HAZMAT WARNING: Do not use outside of implementing cryptofunctionservice
     pub fn rsa_extract_public_key(private_key: Vec<u8>) -> Result<Vec<u8>, RsaError> {
         let private_key = AsymmetricCryptoKey::from_der(&Pkcs8PrivateKeyBytes::from(private_key))
             .map_err(|_| RsaError::KeyParse)?;
@@ -337,6 +338,7 @@ impl PureCrypto {
     }
 
     /// Generates a new RSA key pair and returns the private key
+    /// HAZMAT WARNING: Do not use outside of implementing cryptofunctionservice
     pub fn rsa_generate_keypair() -> Result<Vec<u8>, RsaError> {
         let private_key = AsymmetricCryptoKey::make(PublicKeyEncryptionAlgorithm::RsaOaepSha1);
         Ok(private_key
@@ -346,6 +348,7 @@ impl PureCrypto {
     }
 
     /// Decrypts data using RSAES-OAEP with SHA-1
+    /// HAZMAT WARNING: Do not use outside of implementing cryptofunctionservice
     pub fn rsa_decrypt_data(
         encrypted_data: Vec<u8>,
         private_key: Vec<u8>,
@@ -359,6 +362,7 @@ impl PureCrypto {
     }
 
     /// Encrypts data using RSAES-OAEP with SHA-1
+    /// HAZMAT WARNING: Do not use outside of implementing cryptofunctionservice
     pub fn rsa_encrypt_data(plain_data: Vec<u8>, public_key: Vec<u8>) -> Result<Vec<u8>, RsaError> {
         let public_key = RsaPublicKey::from_public_key_der(public_key.as_slice())
             .map_err(|_| RsaError::KeyParse)?;
