Skip to content

[PM-28135] Add crypto tracing logs #555

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
quexten merged 37 commits into from
Dec 11, 2025
Merged

[PM-28135] Add crypto tracing logs #555

quexten merged 37 commits into from
Dec 11, 2025

Conversation

@quexten
Copy link
Contributor

@quexten quexten commented Nov 12, 2025
edited
Loading

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-28135

📔 Objective

Enables tracing, but does not yet remove the old logging (follow-up). It adds tracing to the most important crypto paths. Follow-up tickets may add more tracing.

Example log output:

ERROR log{cipher_id=Some(CipherId(18c99ec6-af2b-407a-a5d0-b39201386413))}:decrypt: bitwarden_crypto::traits::decryptable: Function returned error error=The cipher's MAC doesn't match the expected value

__wbg_error_a7f8fbb0523dae15 @ bitwarden_wasm_internal_bg.js:4508
$func7041 @ 43dc2d8abaf76eb338eb.module.wasm:0x2c3395
$func3785 @ 43dc2d8abaf76eb338eb.module.wasm:0x297ed0
$func232 @ 43dc2d8abaf76eb338eb.module.wasm:0xa3c75
$func6915 @ 43dc2d8abaf76eb338eb.module.wasm:0x2c23e3
$func2456 @ 43dc2d8abaf76eb338eb.module.wasm:0x2687b1
$func817 @ 43dc2d8abaf76eb338eb.module.wasm:0x1b8e06
$func192 @ 43dc2d8abaf76eb338eb.module.wasm:0x5ce74
$func2995 @ 43dc2d8abaf76eb338eb.module.wasm:0x27f181
...

⏰ Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation
    team

🦮 Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
  • ❓ (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed
    issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

@quexten quexten changed the title Km/tracing Add crypto tracing logs Nov 12, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Nov 12, 2025
edited
Loading

Logo
Checkmarx One – Scan Summary & Details610297f6-c55b-4275-8280-978dedd2083a

Great job! No new security vulnerabilities introduced in this pull request

@quexten quexten changed the title Add crypto tracing logs [POC] Add crypto tracing logs Nov 12, 2025
@codecov
Copy link

codecov bot commented Nov 12, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 66.66667% with 7 lines in your changes missing coverage. Please review.
✅ Project coverage is 78.60%. Comparing base (a004d82) to head (678368f).
⚠️ Report is 3 commits behind head on main.

Files with missing lines Patch % Lines
crates/bitwarden-core/src/key_management/crypto.rs 66.66% 7 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #555      +/-   ##
==========================================
- Coverage   78.67%   78.60%   -0.08%     
==========================================
  Files         283      283              
  Lines       29285    29179     -106     
==========================================
- Hits        23041    22937     -104     
+ Misses       6244     6242       -2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

dani-garcia
dani-garcia reviewed Nov 12, 2025
View reviewed changes
@quexten quexten changed the title [POC] Add crypto tracing logs [POC|PM-28135] Add crypto tracing logs Nov 13, 2025
@quexten quexten marked this pull request as ready for review November 13, 2025 14:36
@quexten quexten requested review from a team as code owners November 13, 2025 14:36
@quexten quexten changed the title [POC|PM-28135] Add crypto tracing logs [PM-28135] Add crypto tracing logs Dec 8, 2025
coroiu
coroiu previously approved these changes Dec 8, 2025
View reviewed changes
Jingo88
Jingo88 previously approved these changes Dec 8, 2025
View reviewed changes
@quexten quexten dismissed stale reviews from Jingo88 and coroiu via 3d2367a December 8, 2025 15:33
@quexten
Copy link
Contributor Author

quexten commented Dec 8, 2025

Apologies, had to fix another clippy error

mzieniukbw
mzieniukbw previously approved these changes Dec 8, 2025
View reviewed changes
coroiu
coroiu previously approved these changes Dec 8, 2025
View reviewed changes
@quexten quexten enabled auto-merge (squash) December 10, 2025 13:02
@quexten quexten dismissed stale reviews from coroiu and mzieniukbw via 678368f December 11, 2025 11:25
claude[bot]
claude bot reviewed Dec 11, 2025
View reviewed changes
claude[bot]
claude bot reviewed Dec 11, 2025
View reviewed changes
crates/bitwarden-core/src/client/internal.rs
}

#[cfg(feature = "internal")]
#[instrument(err, skip_all)]
Copy link

@claude claude bot Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Proper use of skip_all to prevent logging sensitive parameters like master_key and user_key.

claude[bot]
claude bot reviewed Dec 11, 2025
View reviewed changes
claude[bot]
claude bot reviewed Dec 11, 2025
View reviewed changes
crates/bitwarden-vault/src/cipher/cipher.rs
}

impl Decryptable<KeyIds, SymmetricKeyId, CipherView> for Cipher {
#[instrument(err, skip_all, fields(cipher_id = ?self.id, org_id = ?self.organization_id, kind = ?self.r#type))]
Copy link

@claude claude bot Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Excellent instrumentation! Logging only non-sensitive metadata (cipher_id, org_id, kind) is exactly the right approach for observability without compromising security.

@quexten quexten merged commit 4e0ec8d into main Dec 11, 2025
86 checks passed
@quexten quexten deleted the km/tracing branch December 11, 2025 16:31
bw-ghapp bot pushed a commit to bitwarden/sdk-swift that referenced this pull request Dec 11, 2025
@bitwarden-devops-bot
bitwarden/sdk-internal@4e0ec8d 2.0.0-3405-4e0ec8d - [PM-28135] Add cr…
a1e4258 
…ypto tracing logs (bitwarden/sdk-internal#555)
This was referenced Dec 11, 2025
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dani-garcia dani-garcia dani-garcia left review comments

@claude claude[bot] claude[bot] left review comments

@coroiu coroiu coroiu approved these changes

@Jingo88 Jingo88 Jingo88 approved these changes

@mzieniukbw mzieniukbw mzieniukbw approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@quexten @Hinton @dani-garcia @coroiu @Jingo88 @mzieniukbw