[PM-35105] Extract shared key-envelope helpers in bitwarden-crypto

[quexten]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-35105

📔 Objective

Stacked PR 3/4 (on top of #1202).

Factors the duplicated key-decode and contained-key-id logic out of the symmetric-key and password-protected envelopes into shared helpers (decode_sealed_symmetric_key, extract_key_id, set_contained_key_id) on the safe module, and exposes set_header_value to the module. No behavior change.

Base: km/hazmat-cose-symmetric (#1202).

[github-actions]

🔍 SDK Breaking Change Detection

SDK Version: km/safe-shared-helpers (6bfc6bf)

⚠️ If breaking changes are detected, a corresponding pull request addressing them must be ready for merge in the affected client repository.

Client	Status	Details
typescript	✅ No breaking changes detected	Compilation passed with new SDK version - View Details
android	✅ No breaking changes detected	Compilation passed with new SDK version - View Details

---

Breaking change detection uses the build of the SDK from this branch, including any incompatibities pre-existing on or merged into this branch. Check the workflow logs to confirm.
Results update as workflows complete.

[codecov]

Codecov Report

❌ Patch coverage is 84.61538% with 10 lines in your changes missing coverage. Please review.
✅ Project coverage is 85.16%. Comparing base (f26a006) to head (8d78925).
⚠️ Report is 1 commits behind head on km/hazmat-cose-symmetric.

Files with missing lines	Patch %	Lines
...crypto/src/safe/password_protected_key_envelope.rs	66.66%	6 Missing ⚠️
...itwarden-crypto/src/safe/symmetric_key_envelope.rs	62.50%	3 Missing ⚠️
crates/bitwarden-crypto/src/safe/mod.rs	97.36%	1 Missing ⚠️

Additional details and impacted files

@@                    Coverage Diff                    @@
##           km/hazmat-cose-symmetric    #1203   +/-   ##
=========================================================
  Coverage                     85.16%   85.16%           
=========================================================
  Files                           467      468    +1     
  Lines                         64291    64295    +4     
=========================================================
+ Hits                          54754    54759    +5     
+ Misses                         9537     9536    -1     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

Claude Code is reviewing this pull request...

If this comment does not update with results, check the Actions log.