From 201bdf752b3ff57dba3581d13c026d55db12cdb5 Mon Sep 17 00:00:00 2001
From: Bernd Schoolmann <mail@quexten.com>
Date: Mon, 21 Apr 2025 14:14:13 +0200
Subject: [PATCH] [PM-19728] Device bulk get keys during key rotation (#14216)

* Add support for device list endpoint keys during key rotation

* Update libs/common/src/auth/abstractions/devices/responses/device.response.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
---
 .../auth/abstractions/devices/responses/device.response.ts   | 5 +++++
 .../services/device-trust.service.implementation.ts          | 3 +--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/libs/common/src/auth/abstractions/devices/responses/device.response.ts b/libs/common/src/auth/abstractions/devices/responses/device.response.ts
index 84a2fb03c28..6b7f17f65ce 100644
--- a/libs/common/src/auth/abstractions/devices/responses/device.response.ts
+++ b/libs/common/src/auth/abstractions/devices/responses/device.response.ts
@@ -15,6 +15,9 @@ export class DeviceResponse extends BaseResponse {
   creationDate: string;
   revisionDate: string;
   isTrusted: boolean;
+  encryptedUserKey: string | null;
+  encryptedPublicKey: string | null;
+
   devicePendingAuthRequest: DevicePendingAuthRequest | null;
 
   constructor(response: any) {
@@ -27,6 +30,8 @@ export class DeviceResponse extends BaseResponse {
     this.creationDate = this.getResponseProperty("CreationDate");
     this.revisionDate = this.getResponseProperty("RevisionDate");
     this.isTrusted = this.getResponseProperty("IsTrusted");
+    this.encryptedUserKey = this.getResponseProperty("EncryptedUserKey");
+    this.encryptedPublicKey = this.getResponseProperty("EncryptedPublicKey");
     this.devicePendingAuthRequest = this.getResponseProperty("DevicePendingAuthRequest");
   }
 }
diff --git a/libs/common/src/key-management/device-trust/services/device-trust.service.implementation.ts b/libs/common/src/key-management/device-trust/services/device-trust.service.implementation.ts
index a2211753f4e..c82efa0c571 100644
--- a/libs/common/src/key-management/device-trust/services/device-trust.service.implementation.ts
+++ b/libs/common/src/key-management/device-trust/services/device-trust.service.implementation.ts
@@ -209,9 +209,8 @@ export class DeviceTrustService implements DeviceTrustServiceAbstraction {
       devices.data
         .filter((device) => device.isTrusted)
         .map(async (device) => {
-          const deviceWithKeys = await this.devicesApiService.getDeviceKeys(device.identifier);
           const publicKey = await this.encryptService.decryptToBytes(
-            deviceWithKeys.encryptedPublicKey,
+            new EncString(device.encryptedPublicKey),
             oldUserKey,
           );