[PM-24468] Introduce CipherRiskClient (#499)

## 🎟️ Tracking

[PM-24468](https://bitwarden.atlassian.net/browse/PM-24468)

## 📔 Objective

Implement the cipher risk evaluation logic in the Vault SDK as a
separate `CipherRiskClient` so that it can be re-used in mobile and gain
potential performance improvements.

The `CipherRiskClient` contains logic to check if a multiple login
ciphers' passwords are exposed (via HIBP), weak (via zxcvbn), or reused.

## ⏰ Reminders before review

- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
  team

## 🦮 Reviewer guidelines

<!-- Suggested interactions but feel free to use (or not) as you desire!
-->

- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
  issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or
concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or
indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes


[PM-24468]:
https://bitwarden.atlassian.net/browse/PM-24468?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ

Author: shane-melton

Cargo.lock

@@ -56,6 +56,7 @@ chrono = { version = ">=0.4.26, <0.5", features = [
 ], default-features = false }
 data-encoding = ">=2.0, <3"
 ed25519-dalek = { version = ">=2.1.1, <=2.2.0" }
+futures = ">=0.3.31, <0.4"
 js-sys = { version = ">=0.3.72, <0.4" }
 log = ">=0.4.18, <0.5"
 proc-macro2 = ">=1.0.89, <2"
@@ -85,6 +86,7 @@ wasm-bindgen = { version = ">=0.2.91, <0.3", features = ["serde-serialize"] }
 wasm-bindgen-futures = "0.4.41"
 wasm-bindgen-test = "0.3.45"
 wiremock = ">=0.6.0, <0.7"
+zxcvbn = ">=3.0.1, <4.0"
 
 # There is an incompatibility when using pkcs5 and chacha20 on wasm builds. This can be removed once a new
 # rustcrypto-formats crate version is released since the fix has been upstreamed.

Cargo.toml

@@ -65,7 +65,7 @@ uuid = { workspace = true }
 wasm-bindgen = { workspace = true, optional = true }
 wasm-bindgen-futures = { workspace = true, optional = true }
 zeroize = { version = ">=1.7.0, <2.0", features = ["derive", "aarch64"] }
-zxcvbn = { version = ">=3.0.1, <4.0", optional = true }
+zxcvbn = { workspace = true, optional = true }
 
 [target.'cfg(not(target_arch="wasm32"))'.dependencies]
 # By default, we use rustls as the TLS stack and rust-platform-verifier to support user-installed root certificates

crates/bitwarden-core/Cargo.toml

@@ -41,6 +41,7 @@ bitwarden-state = { workspace = true }
 bitwarden-uuid = { workspace = true }
 chrono = { workspace = true }
 data-encoding = { workspace = true }
+futures = { workspace = true }
 hmac = ">=0.12.1, <0.13"
 percent-encoding = ">=2.1, <3.0"
 reqwest = { workspace = true }
@@ -55,6 +56,7 @@ uniffi = { workspace = true, optional = true }
 uuid = { workspace = true }
 wasm-bindgen = { workspace = true, optional = true }
 wasm-bindgen-futures = { workspace = true, optional = true }
+zxcvbn = { workspace = true }
 
 [dev-dependencies]
 bitwarden-api-api = { workspace = true, features = ["mockall"] }