[PM-9527] Add PIN validation support

[dani-garcia]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-9527

📔 Objective

Fede mentioned on Slack some time ago that we currently don't have a simple way to validate the user's PIN like we do with the password. Instead the way to do it was to call init_crypto and check that the result is not an error.

This requires more data than needed and does a lot of unnecessary operations, so I think it makes sense to expose a simpler way to do PIN verification.

In this PR we're decrypting the PIN protected user key and comparing it with the stored user key, similar to what we're doing with validate_password_user_key.

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation
  team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed
  issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – 9800bb59-3070-478d-b7c7-fc52c3c4d5d1

No New Or Fixed Issues Found

[codecov]

Codecov Report

Attention: Patch coverage is 89.18919% with 8 lines in your changes missing coverage. Please review.

Project coverage is 58.07%. Comparing base (acd14e6) to head (ab5427f).

Files	Patch %	Lines
crates/bitwarden-core/src/auth/client_auth.rs	0.00%	3 Missing ⚠️
crates/bitwarden-uniffi/src/auth/mod.rs	0.00%	3 Missing ⚠️
crates/bitwarden-core/src/auth/pin.rs	97.05%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #912      +/-   ##
==========================================
+ Coverage   57.92%   58.07%   +0.15%     
==========================================
  Files         193      194       +1     
  Lines       13120    13194      +74     
==========================================
+ Hits         7600     7663      +63     
- Misses       5520     5531      +11     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[Hinton]

question: Do we expect Api key logins to use pin?

[dani-garcia]

I don't think so, and I'm not sure if they would need password validation either. I think this is mostly a case of copying over the match to get email and kdf. We can return an error for ApiKey if you prefer though.