diff --git a/Cargo.lock b/Cargo.lock index 6242826e0..8d8a676b1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -626,7 +626,7 @@ dependencies = [ "rand 0.8.5", "rand_chacha 0.3.1", "rayon", - "rsa 0.9.8", + "rsa 0.9.9", "schemars 1.0.0", "serde", "serde_bytes", @@ -636,6 +636,7 @@ dependencies = [ "sha2 0.10.9", "subtle", "thiserror 2.0.12", + "tracing", "tsify", "typenum", "uniffi", @@ -996,6 +997,7 @@ dependencies = [ "subtle", "thiserror 2.0.12", "tokio", + "tracing", "tsify", "uniffi", "uuid", @@ -1022,7 +1024,7 @@ dependencies = [ "bitwarden-vault", "console_error_panic_hook", "rand 0.8.5", - "rsa", + "rsa 0.9.9", "serde", "sha1", "tracing", diff --git a/crates/bitwarden-core/src/client/encryption_settings.rs b/crates/bitwarden-core/src/client/encryption_settings.rs index 0ab5c6f08..d79ca9477 100644 --- a/crates/bitwarden-core/src/client/encryption_settings.rs +++ b/crates/bitwarden-core/src/client/encryption_settings.rs @@ -11,7 +11,7 @@ use bitwarden_crypto::{KeyStore, SymmetricCryptoKey}; use bitwarden_error::bitwarden_error; use thiserror::Error; #[cfg(feature = "internal")] -use tracing::warn; +use tracing::{info, instrument, warn}; #[cfg(any(feature = "secrets", feature = "internal"))] use crate::OrganizationId; @@ -108,11 +108,13 @@ impl EncryptionSettings { } #[cfg(feature = "internal")] + #[instrument(err, skip_all)] fn init_v1( user_key: Aes256CbcHmacKey, private_key: EncString, store: &KeyStore, ) -> Result<(), EncryptionSettingsError> { + info!("Account has v1 encryption keys"); let user_key = SymmetricCryptoKey::Aes256CbcHmacKey(user_key); let private_key = { @@ -146,6 +148,7 @@ impl EncryptionSettings { } #[cfg(feature = "internal")] + #[instrument(err, skip_all)] fn init_v2( user_key: XChaCha20Poly1305Key, private_key: EncString, @@ -154,6 +157,7 @@ impl EncryptionSettings { store: &KeyStore, sdk_security_state: &RwLock>, ) -> Result<(), EncryptionSettingsError> { + info!("Account has v2 encryption keys"); use crate::key_management::SecurityState; let user_key = SymmetricCryptoKey::XChaCha20Poly1305Key(user_key); @@ -201,6 +205,7 @@ impl EncryptionSettings { } #[cfg(feature = "internal")] + #[instrument(err, skip_all)] pub(crate) fn set_org_keys( org_enc_keys: Vec<(OrganizationId, UnsignedSharedKey)>, store: &KeyStore, diff --git a/crates/bitwarden-core/src/client/internal.rs b/crates/bitwarden-core/src/client/internal.rs index 03ff95864..0ae7ad48e 100644 --- a/crates/bitwarden-core/src/client/internal.rs +++ b/crates/bitwarden-core/src/client/internal.rs @@ -11,6 +11,8 @@ use bitwarden_crypto::{ #[cfg(feature = "internal")] use bitwarden_state::registry::StateRegistry; use chrono::Utc; +#[cfg(feature = "internal")] +use tracing::instrument; #[cfg(any(feature = "internal", feature = "secrets"))] use crate::client::encryption_settings::EncryptionSettings; @@ -288,6 +290,7 @@ impl InternalClient { } #[cfg(feature = "internal")] + #[instrument(err, skip_all)] pub(crate) fn initialize_user_crypto_master_key( &self, master_key: MasterKey, @@ -299,6 +302,7 @@ impl InternalClient { } #[cfg(feature = "internal")] + #[instrument(err, skip_all, fields(user_id = ?self.get_user_id()))] pub(crate) fn initialize_user_crypto_decrypted_key( &self, user_key: SymmetricCryptoKey, @@ -340,6 +344,7 @@ impl InternalClient { } #[cfg(feature = "internal")] + #[instrument(err, skip_all)] pub(crate) fn initialize_user_crypto_pin( &self, pin_key: PinKey, @@ -351,6 +356,7 @@ impl InternalClient { } #[cfg(feature = "internal")] + #[instrument(err, skip_all)] pub(crate) fn initialize_user_crypto_pin_envelope( &self, pin: String, @@ -393,6 +399,7 @@ impl InternalClient { } #[cfg(feature = "internal")] + #[instrument(err, skip_all)] pub(crate) fn initialize_user_crypto_master_password_unlock( &self, password: String, diff --git a/crates/bitwarden-core/src/key_management/crypto.rs b/crates/bitwarden-core/src/key_management/crypto.rs index 57f497efe..95e1c2075 100644 --- a/crates/bitwarden-core/src/key_management/crypto.rs +++ b/crates/bitwarden-core/src/key_management/crypto.rs @@ -17,6 +17,7 @@ use bitwarden_encoding::B64; use bitwarden_error::bitwarden_error; use schemars::JsonSchema; use serde::{Deserialize, Serialize}; +use tracing::info; #[cfg(feature = "wasm")] use {tsify::Tsify, wasm_bindgen::prelude::*}; @@ -167,6 +168,12 @@ pub(super) async fn initialize_user_crypto( } let key_state = (&req).into(); + let _span_guard = tracing::info_span!( + "User Crypto Initialization", + user_id = ?client.internal.get_user_id(), + method = ?req.method + ) + .entered(); match req.method { InitUserCryptoMethod::Password { password, user_key } => { @@ -261,6 +268,8 @@ pub(super) async fn initialize_user_crypto( } } + info!("User crypto initialized successfully"); + client .internal .set_login_method(LoginMethod::User(UserLoginMethod::Username { diff --git a/crates/bitwarden-crypto/Cargo.toml b/crates/bitwarden-crypto/Cargo.toml index 8b6b57ebd..0075d94ab 100644 --- a/crates/bitwarden-crypto/Cargo.toml +++ b/crates/bitwarden-crypto/Cargo.toml @@ -57,6 +57,7 @@ sha1 = { workspace = true } sha2 = ">=0.10.6, <0.11" subtle = { workspace = true } thiserror = { workspace = true } +tracing = { workspace = true } tsify = { workspace = true, optional = true } typenum = ">=1.18.0, <1.19.0" uniffi = { workspace = true, optional = true } diff --git a/crates/bitwarden-crypto/src/cose.rs b/crates/bitwarden-crypto/src/cose.rs index 957c9282c..2fcc408c3 100644 --- a/crates/bitwarden-crypto/src/cose.rs +++ b/crates/bitwarden-crypto/src/cose.rs @@ -9,6 +9,7 @@ use coset::{ }; use generic_array::GenericArray; use thiserror::Error; +use tracing::instrument; use typenum::U32; use crate::{ @@ -135,6 +136,7 @@ const SYMMETRIC_KEY: Label = Label::Int(iana::SymmetricKeyParameter::K as i64); impl TryFrom<&coset::CoseKey> for SymmetricCryptoKey { type Error = CryptoError; + #[instrument(err, skip_all)] fn try_from(cose_key: &coset::CoseKey) -> Result { let key_bytes = cose_key .params diff --git a/crates/bitwarden-crypto/src/enc_string/symmetric.rs b/crates/bitwarden-crypto/src/enc_string/symmetric.rs index 12d47d4da..d00827187 100644 --- a/crates/bitwarden-crypto/src/enc_string/symmetric.rs +++ b/crates/bitwarden-crypto/src/enc_string/symmetric.rs @@ -3,6 +3,7 @@ use std::{borrow::Cow, str::FromStr}; use bitwarden_encoding::{B64, FromStrVisitor}; use coset::{CborSerializable, iana::KeyOperation}; use serde::Deserialize; +use tracing::instrument; #[cfg(feature = "wasm")] use wasm_bindgen::convert::FromWasmAbi; @@ -367,6 +368,7 @@ impl KeyEncryptable for &str { } impl KeyDecryptable for EncString { + #[instrument(err, skip_all)] fn decrypt_with_key(&self, key: &SymmetricCryptoKey) -> Result { let dec: Vec = self.decrypt_with_key(key)?; String::from_utf8(dec).map_err(|_| CryptoError::InvalidUtf8String) diff --git a/crates/bitwarden-crypto/src/traits/decryptable.rs b/crates/bitwarden-crypto/src/traits/decryptable.rs index e517fdf61..68c051b3b 100644 --- a/crates/bitwarden-crypto/src/traits/decryptable.rs +++ b/crates/bitwarden-crypto/src/traits/decryptable.rs @@ -1,3 +1,5 @@ +use tracing::instrument; + use crate::{CryptoError, EncString, KeyId, KeyIds, store::KeyStoreContext}; /// A decryption operation that takes the input value and decrypts it into the output value. @@ -9,6 +11,7 @@ pub trait Decryptable { } impl Decryptable> for EncString { + #[instrument(err, skip_all)] fn decrypt( &self, ctx: &mut KeyStoreContext, @@ -19,6 +22,7 @@ impl Decryptable> for EncString { } impl Decryptable for EncString { + #[instrument(err, skip_all)] fn decrypt( &self, ctx: &mut KeyStoreContext, diff --git a/crates/bitwarden-vault/Cargo.toml b/crates/bitwarden-vault/Cargo.toml index 8e1ee7e10..29ab63cfa 100644 --- a/crates/bitwarden-vault/Cargo.toml +++ b/crates/bitwarden-vault/Cargo.toml @@ -52,6 +52,7 @@ sha1 = ">=0.10.5, <0.11" sha2 = ">=0.10.6, <0.11" subtle = { workspace = true } thiserror = { workspace = true } +tracing = { workspace = true } tsify = { workspace = true, optional = true } uniffi = { workspace = true, optional = true } uuid = { workspace = true } diff --git a/crates/bitwarden-vault/src/cipher/cipher.rs b/crates/bitwarden-vault/src/cipher/cipher.rs index fdf60f753..fc4bf1355 100644 --- a/crates/bitwarden-vault/src/cipher/cipher.rs +++ b/crates/bitwarden-vault/src/cipher/cipher.rs @@ -22,6 +22,7 @@ use chrono::{DateTime, SecondsFormat, Utc}; use serde::{Deserialize, Serialize}; use serde_repr::{Deserialize_repr, Serialize_repr}; use thiserror::Error; +use tracing::instrument; #[cfg(feature = "wasm")] use tsify::Tsify; #[cfg(feature = "wasm")] @@ -512,6 +513,7 @@ impl CompositeEncryptable for CipherView { } impl Decryptable for Cipher { + #[instrument(err, skip_all, fields(cipher_id = ?self.id, org_id = ?self.organization_id, kind = ?self.r#type))] fn decrypt( &self, ctx: &mut KeyStoreContext, @@ -576,6 +578,7 @@ impl Cipher { /// * `key` - The key to use to decrypt the cipher key, this should be the user or organization /// key /// * `ciphers_key` - The encrypted cipher key + #[instrument(err, skip_all)] pub(super) fn decrypt_cipher_key( ctx: &mut KeyStoreContext, key: SymmetricKeyId,