From a5fe05124b6a01ef71239041b040368927823fc8 Mon Sep 17 00:00:00 2001
From: Hinton <hinton@users.noreply.github.com>
Date: Fri, 12 Jan 2024 16:28:08 +0100
Subject: [PATCH] Add rsa2048_oaep_sha1 operation to asymmetric

---
 .../src/crypto/enc_string/asymmetric.rs          | 10 +++++++++-
 crates/bitwarden/src/crypto/rsa.rs               | 16 +++++++++++++++-
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/crates/bitwarden/src/crypto/enc_string/asymmetric.rs b/crates/bitwarden/src/crypto/enc_string/asymmetric.rs
index a2bbee8cb..817ce070f 100644
--- a/crates/bitwarden/src/crypto/enc_string/asymmetric.rs
+++ b/crates/bitwarden/src/crypto/enc_string/asymmetric.rs
@@ -5,7 +5,7 @@ use rsa::Oaep;
 use serde::Deserialize;
 
 use crate::{
-    crypto::{AsymmetricCryptoKey, KeyDecryptable},
+    crypto::{rsa::encrypt_rsa2048_oaep_sha1, AsymmetricCryptoKey, KeyDecryptable},
     error::{CryptoError, EncStringParseError, Error, Result},
 };
 
@@ -137,6 +137,14 @@ impl serde::Serialize for AsymmEncString {
 }
 
 impl AsymmEncString {
+    pub(crate) fn encrypt_rsa2048_oaep_sha1(
+        data_dec: &[u8],
+        key: AsymmetricCryptoKey,
+    ) -> Result<AsymmEncString> {
+        let enc = encrypt_rsa2048_oaep_sha1(key.key, data_dec)?;
+        Ok(AsymmEncString::Rsa2048_OaepSha1_B64 { data: enc })
+    }
+
     /// The numerical representation of the encryption type of the [AsymmEncString].
     const fn enc_type(&self) -> u8 {
         match self {
diff --git a/crates/bitwarden/src/crypto/rsa.rs b/crates/bitwarden/src/crypto/rsa.rs
index 693d32a10..9514bb1ed 100644
--- a/crates/bitwarden/src/crypto/rsa.rs
+++ b/crates/bitwarden/src/crypto/rsa.rs
@@ -1,8 +1,9 @@
 use base64::{engine::general_purpose::STANDARD, Engine};
 use rsa::{
     pkcs8::{EncodePrivateKey, EncodePublicKey},
-    RsaPrivateKey, RsaPublicKey,
+    Oaep, RsaPrivateKey, RsaPublicKey,
 };
+use sha1::Sha1;
 
 use crate::{
     crypto::{EncString, SymmetricCryptoKey},
@@ -38,6 +39,19 @@ pub(super) fn make_key_pair(key: &SymmetricCryptoKey) -> Result<RsaKeyPair> {
     })
 }
 
+pub(super) fn encrypt_rsa2048_oaep_sha1(
+    private_key: RsaPrivateKey,
+    data: &[u8],
+) -> Result<Vec<u8>> {
+    let mut rng = rand::thread_rng();
+
+    let padding = Oaep::new::<Sha1>();
+    private_key
+        .to_public_key()
+        .encrypt(&mut rng, padding, data)
+        .map_err(|e| e.to_string().into())
+}
+
 // TODO: Move this to AsymmCryptoKey
 /// Generate a new random AsymmetricCryptoKey (RSA-2048)
 pub(crate) fn generate_rsa() -> RsaPrivateKey {