[PM-30920] Server changes to encrypt send access email list (#6867)

* models, entity, and stored procs updated to work with EmailHashes with migrations

* configure data protection for EmailHashes

* update SendAuthenticationQuery to use EmailHashes and perform validation

* respond to Claude's comments and update tests

* fix send.sql alignment

Co-authored-by: mkincaid-bw <mkincaid@bitwarden.com>

---------

Co-authored-by: Alex Dragovich <46065570+itsadrago@users.noreply.github.com>
Co-authored-by: mkincaid-bw <mkincaid@bitwarden.com>

src/Sql/dbo/Tools/Stored Procedures/Send_Create.sql

@@ -18,7 +18,8 @@
 --  FIXME: remove null default value once this argument has been
 --         in 2 server releases
     @Emails NVARCHAR(4000) = NULL,
-    @AuthType TINYINT = NULL
+    @AuthType TINYINT = NULL,
+    @EmailHashes NVARCHAR(4000) = NULL
 AS
 BEGIN
     SET NOCOUNT ON
@@ -42,7 +43,8 @@ BEGIN
         [HideEmail],
         [CipherId],
         [Emails],
-        [AuthType]
+        [AuthType],
+        [EmailHashes]
     )
     VALUES
     (
@@ -63,7 +65,8 @@ BEGIN
         @HideEmail,
         @CipherId,
         @Emails,
-        @AuthType
+        @AuthType,
+        @EmailHashes
     )
 
     IF @UserId IS NOT NULL

src/Sql/dbo/Tools/Stored Procedures/Send_Update.sql

@@ -16,7 +16,8 @@
     @HideEmail BIT,
     @CipherId UNIQUEIDENTIFIER = NULL,
     @Emails NVARCHAR(4000) = NULL,
-    @AuthType TINYINT = NULL
+    @AuthType TINYINT = NULL,
+    @EmailHashes NVARCHAR(4000) = NULL
 AS
 BEGIN
     SET NOCOUNT ON
@@ -40,7 +41,8 @@ BEGIN
         [HideEmail] = @HideEmail,
         [CipherId] = @CipherId,
         [Emails] = @Emails,
-        [AuthType] = @AuthType
+        [AuthType] = @AuthType,
+        [EmailHashes] = @EmailHashes
     WHERE
         [Id] = @Id
 

src/Sql/dbo/Tools/Tables/Send.sql

@@ -1,22 +1,24 @@
-CREATE TABLE [dbo].[Send] (
+CREATE TABLE [dbo].[Send]
+(
     [Id]             UNIQUEIDENTIFIER NOT NULL,
     [UserId]         UNIQUEIDENTIFIER NULL,
     [OrganizationId] UNIQUEIDENTIFIER NULL,
     [Type]           TINYINT          NOT NULL,
     [Data]           VARCHAR(MAX)     NOT NULL,
-    [Key]            VARCHAR (MAX)    NOT NULL,
-    [Password]       NVARCHAR (300)   NULL,
-    [Emails]         NVARCHAR (4000)  NULL,
+    [Key]            VARCHAR(MAX)     NOT NULL,
+    [Password]       NVARCHAR(300)    NULL,
+    [Emails]         NVARCHAR(4000)   NULL,
     [MaxAccessCount] INT              NULL,
     [AccessCount]    INT              NOT NULL,
-    [CreationDate]   DATETIME2 (7)    NOT NULL,
-    [RevisionDate]   DATETIME2 (7)    NOT NULL,
-    [ExpirationDate] DATETIME2 (7)    NULL,
-    [DeletionDate]   DATETIME2 (7)    NOT NULL,
+    [CreationDate]   DATETIME2(7)     NOT NULL,
+    [RevisionDate]   DATETIME2(7)     NOT NULL,
+    [ExpirationDate] DATETIME2(7)     NULL,
+    [DeletionDate]   DATETIME2(7)     NOT NULL,
     [Disabled]       BIT              NOT NULL,
     [HideEmail]      BIT              NULL,
     [CipherId]       UNIQUEIDENTIFIER NULL,
     [AuthType]       TINYINT          NULL,
+    [EmailHashes]    NVARCHAR(4000)   NULL,
     CONSTRAINT [PK_Send] PRIMARY KEY CLUSTERED ([Id] ASC),
     CONSTRAINT [FK_Send_Organization] FOREIGN KEY ([OrganizationId]) REFERENCES [dbo].[Organization] ([Id]),
     CONSTRAINT [FK_Send_User] FOREIGN KEY ([UserId]) REFERENCES [dbo].[User] ([Id]),
@@ -26,9 +28,9 @@
 
 GO
 CREATE NONCLUSTERED INDEX [IX_Send_UserId_OrganizationId]
-    ON [dbo].[Send]([UserId] ASC, [OrganizationId] ASC);
+    ON [dbo].[Send] ([UserId] ASC, [OrganizationId] ASC);
 
 GO
 CREATE NONCLUSTERED INDEX [IX_Send_DeletionDate]
-    ON [dbo].[Send]([DeletionDate] ASC);
+    ON [dbo].[Send] ([DeletionDate] ASC);