From 0e4f47ea47876a5e89ad2fcb7472595ab7a3c70c Mon Sep 17 00:00:00 2001
From: Nik Gilmore <ngilmore@bitwarden.com>
Date: Fri, 2 Jan 2026 14:39:48 -0800
Subject: [PATCH] Update CLI and Desktop to use new cipherSErvice interfaces

---
 apps/cli/src/commands/edit.command.ts                    | 4 +---
 apps/cli/src/vault/create.command.ts                     | 9 +++++----
 .../services/desktop-fido2-user-interface.service.ts     | 8 ++++----
 .../src/services/encrypted-message-handler.service.ts    | 6 ++----
 4 files changed, 12 insertions(+), 15 deletions(-)

diff --git a/apps/cli/src/commands/edit.command.ts b/apps/cli/src/commands/edit.command.ts
index d95e8333dca..dbcb0489187 100644
--- a/apps/cli/src/commands/edit.command.ts
+++ b/apps/cli/src/commands/edit.command.ts
@@ -138,10 +138,8 @@ export class EditCommand {
       );
     }
 
-    const encCipher = await this.cipherService.encrypt(cipherView, activeUserId);
     try {
-      const updatedCipher = await this.cipherService.updateWithServer(encCipher);
-      const decCipher = await this.cipherService.decrypt(updatedCipher, activeUserId);
+      const decCipher = await this.cipherService.updateWithServer(cipherView, activeUserId);
       const res = new CipherResponse(decCipher);
       return Response.success(res);
     } catch (e) {
diff --git a/apps/cli/src/vault/create.command.ts b/apps/cli/src/vault/create.command.ts
index d826766dc65..e1a91966afd 100644
--- a/apps/cli/src/vault/create.command.ts
+++ b/apps/cli/src/vault/create.command.ts
@@ -103,10 +103,11 @@ export class CreateCommand {
         return Response.error("Creating this item type is restricted by organizational policy.");
       }
 
-      const cipher = await this.cipherService.encrypt(CipherExport.toView(req), activeUserId);
-      const newCipher = await this.cipherService.createWithServer(cipher);
-      const decCipher = await this.cipherService.decrypt(newCipher, activeUserId);
-      const res = new CipherResponse(decCipher);
+      const newCipher = await this.cipherService.createWithServer(
+        CipherExport.toView(req),
+        activeUserId,
+      );
+      const res = new CipherResponse(newCipher);
       return Response.success(res);
     } catch (e) {
       return Response.error(e);
diff --git a/apps/desktop/src/autofill/services/desktop-fido2-user-interface.service.ts b/apps/desktop/src/autofill/services/desktop-fido2-user-interface.service.ts
index cf29370840d..b4daf281317 100644
--- a/apps/desktop/src/autofill/services/desktop-fido2-user-interface.service.ts
+++ b/apps/desktop/src/autofill/services/desktop-fido2-user-interface.service.ts
@@ -302,9 +302,10 @@ export class DesktopFido2UserInterfaceSession implements Fido2UserInterfaceSessi
     const encCipher = await this.cipherService.encrypt(cipher, activeUserId);
 
     try {
-      const createdCipher = await this.cipherService.createWithServer(encCipher);
+      const createdCipher = await this.cipherService.createWithServer(cipher, activeUserId);
+      const encryptedCreatedCipher = await this.cipherService.encrypt(createdCipher, activeUserId);
 
-      return createdCipher;
+      return encryptedCreatedCipher.cipher;
     } catch {
       throw new Error("Unable to create cipher");
     }
@@ -316,8 +317,7 @@ export class DesktopFido2UserInterfaceSession implements Fido2UserInterfaceSessi
       this.accountService.activeAccount$.pipe(
         map(async (a) => {
           if (a) {
-            const encCipher = await this.cipherService.encrypt(cipher, a.id);
-            await this.cipherService.updateWithServer(encCipher);
+            await this.cipherService.updateWithServer(cipher, a.id);
           }
         }),
       ),
diff --git a/apps/desktop/src/services/encrypted-message-handler.service.ts b/apps/desktop/src/services/encrypted-message-handler.service.ts
index 366a144c021..ccbc7c539d0 100644
--- a/apps/desktop/src/services/encrypted-message-handler.service.ts
+++ b/apps/desktop/src/services/encrypted-message-handler.service.ts
@@ -166,8 +166,7 @@ export class EncryptedMessageHandlerService {
 
     try {
       const activeUserId = await firstValueFrom(getUserId(this.accountService.activeAccount$));
-      const encrypted = await this.cipherService.encrypt(cipherView, activeUserId);
-      await this.cipherService.createWithServer(encrypted);
+      await this.cipherService.createWithServer(cipherView, activeUserId);
 
       // Notify other clients of new login
       await this.messagingService.send("addedCipher");
@@ -212,9 +211,8 @@ export class EncryptedMessageHandlerService {
       cipherView.login.password = credentialUpdatePayload.password;
       cipherView.login.username = credentialUpdatePayload.userName;
       cipherView.login.uris[0].uri = credentialUpdatePayload.uri;
-      const encrypted = await this.cipherService.encrypt(cipherView, activeUserId);
 
-      await this.cipherService.updateWithServer(encrypted);
+      await this.cipherService.updateWithServer(cipherView, activeUserId);
 
       // Notify other clients of update
       await this.messagingService.send("editedCipher");