From 18f027a5789f806241a63b77f0fa9c329aaf7d47 Mon Sep 17 00:00:00 2001
From: Bernd Schoolmann <mail@quexten.com>
Date: Wed, 7 Jan 2026 13:15:45 +0100
Subject: [PATCH] Remove key-pair creation from login strategy

---
 .../login-strategies/login.strategy.spec.ts   | 11 ----------
 .../common/login-strategies/login.strategy.ts | 22 -------------------
 2 files changed, 33 deletions(-)

diff --git a/libs/auth/src/common/login-strategies/login.strategy.spec.ts b/libs/auth/src/common/login-strategies/login.strategy.spec.ts
index ad945848116..77aa948fad9 100644
--- a/libs/auth/src/common/login-strategies/login.strategy.spec.ts
+++ b/libs/auth/src/common/login-strategies/login.strategy.spec.ts
@@ -326,17 +326,6 @@ describe("LoginStrategy", () => {
         userId,
       );
     });
-
-    it("throws if userKey is CoseEncrypt0 (V2 encryption) in createKeyPairForOldAccount", async () => {
-      keyService.userKey$.mockReturnValue(
-        new BehaviorSubject<UserKey>({
-          inner: () => ({ type: 7 }),
-        } as unknown as UserKey).asObservable(),
-      );
-      await expect(passwordLoginStrategy["createKeyPairForOldAccount"](userId)).resolves.toBe(
-        undefined,
-      );
-    });
   });
 
   describe("Two-factor authentication", () => {
diff --git a/libs/auth/src/common/login-strategies/login.strategy.ts b/libs/auth/src/common/login-strategies/login.strategy.ts
index 51bc164912a..9ce24b3710f 100644
--- a/libs/auth/src/common/login-strategies/login.strategy.ts
+++ b/libs/auth/src/common/login-strategies/login.strategy.ts
@@ -318,28 +318,6 @@ export abstract class LoginStrategy {
     return true;
   }
 
-  protected async createKeyPairForOldAccount(userId: UserId) {
-    try {
-      const userKey = await firstValueFrom(this.keyService.userKey$(userId));
-      if (userKey === null) {
-        throw new Error("User key is null when creating key pair for old account");
-      }
-
-      if (userKey.inner().type == EncryptionType.CoseEncrypt0) {
-        throw new Error("Cannot create key pair for account on V2 encryption");
-      }
-
-      const [publicKey, privateKey] = await this.keyService.makeKeyPair(userKey);
-      if (!privateKey.encryptedString) {
-        throw new Error("Failed to create encrypted private key");
-      }
-      await this.apiService.postAccountKeys(new KeysRequest(publicKey, privateKey.encryptedString));
-      return privateKey.encryptedString;
-    } catch (e) {
-      this.logService.error(e);
-    }
-  }
-
   /**
    * Handles the response from the server when a 2FA is required.
    * It clears any existing 2FA token, as it's no longer valid, and sets up the necessary data for the 2FA process.