bitwarden · quexten · Nov 25, 2025 · Nov 21, 2025 · Nov 24, 2025 · Nov 24, 2025
@@ -3,6 +3,8 @@ use std::{borrow::Cow, str::FromStr};
 use bitwarden_encoding::{B64, FromStrVisitor};
 use coset::{CborSerializable, iana::KeyOperation};
 use serde::Deserialize;
+#[cfg(feature = "wasm")]
+use wasm_bindgen::convert::FromWasmAbi;
 
 use super::{check_length, from_b64, from_b64_vec, split_enc_string};
 use crate::{
@@ -75,6 +77,25 @@ pub enum EncString {
     },
 }
 
+#[cfg(feature = "wasm")]
+impl wasm_bindgen::describe::WasmDescribe for EncString {
+    fn describe() {
+        <String as wasm_bindgen::describe::WasmDescribe>::describe();
+    }
+}
+
+#[cfg(feature = "wasm")]
+impl FromWasmAbi for EncString {
+    type Abi = <String as FromWasmAbi>::Abi;
+
+    unsafe fn from_abi(abi: Self::Abi) -> Self {
+        use wasm_bindgen::UnwrapThrowExt;
+
+        let s = unsafe { String::from_abi(abi) };
+        Self::from_str(&s).unwrap_throw()
+    }
+}
+
 /// Deserializes an [EncString] from a string.
 impl FromStr for EncString {
     type Err = CryptoError;

@@ -318,6 +318,22 @@ impl PureCrypto {
             .map_err(|_| CryptoError::InvalidKey)?;
         Ok(result.to_encoded().to_vec())
     }
+
+    /// Given an encrypted private RSA key and the symmetric key it is wrapped with, this returns
+    /// the corresponding public RSA key in DER format.
+    pub fn rsa_extract_public_key(
+        encrypted_private_key: EncString,
+        wrapping_key: Vec<u8>,
+    ) -> Result<Vec<u8>, CryptoError> {
+        let wrapping_key =
+            SymmetricCryptoKey::try_from(&BitwardenLegacyKeyBytes::from(wrapping_key))?;
+        let decrypted_private_key: Vec<u8> =
+            encrypted_private_key.decrypt_with_key(&wrapping_key)?;
+        let private_key =
+            AsymmetricCryptoKey::from_der(&Pkcs8PrivateKeyBytes::from(decrypted_private_key))?;
+        let public_key = private_key.to_public_key();
+        Ok(public_key.to_der()?.to_vec())
+    }
 }
 
 #[cfg(test)]