[PM-18697] Remove old symmetric key representations in symmetriccryptokey (#13598)

* Remove AES128CBC-HMAC encryption * Increase test coverage * Refactor symmetric keys and increase test coverage * Re-add type 0 encryption * Fix ts strict warning * Remove old symmetric key representations in symmetriccryptokey * Fix desktop build * Fix test * Fix build * Update libs/common/src/key-management/crypto/services/web-crypto-function.service.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update libs/node/src/services/node-crypto-function.service.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Undo changes * Remove cast * Undo changes to tests * Fix linting * Undo removing new Uint8Array in aesDecryptFastParameters * Fix merge conflicts * Fix test * Fix another test * Fix test --------- Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2025-12-17 00:33:44 +00:00 · 2025-04-21 16:57:26 +02:00
parent a250395e6d
commit 43b1f55360
12 changed files with 111 additions and 106 deletions
--- a/libs/common/src/platform/models/domain/symmetric-crypto-key.spec.ts
+++ b/libs/common/src/platform/models/domain/symmetric-crypto-key.spec.ts
@@ -2,7 +2,7 @@ import { makeStaticByteArray } from "../../../../spec";
 import { EncryptionType } from "../../enums";
 import { Utils } from "../../misc/utils";

-import { SymmetricCryptoKey } from "./symmetric-crypto-key";
+import { Aes256CbcHmacKey, SymmetricCryptoKey } from "./symmetric-crypto-key";

 describe("SymmetricCryptoKey", () => {
  it("errors if no key", () => {
@@ -19,13 +19,8 @@ describe("SymmetricCryptoKey", () => {
      const cryptoKey = new SymmetricCryptoKey(key);

      expect(cryptoKey).toEqual({
-        encKey: key,
-        encKeyB64: "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=",
-        encType: EncryptionType.AesCbc256_B64,
        key: key,
        keyB64: "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=",
-        macKey: null,
-        macKeyB64: undefined,
        innerKey: {
          type: EncryptionType.AesCbc256_B64,
          encryptionKey: key,
@@ -38,14 +33,9 @@ describe("SymmetricCryptoKey", () => {
      const cryptoKey = new SymmetricCryptoKey(key);

      expect(cryptoKey).toEqual({
-        encKey: key.slice(0, 32),
-        encKeyB64: "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=",
-        encType: EncryptionType.AesCbc256_HmacSha256_B64,
        key: key,
        keyB64:
          "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+Pw==",
-        macKey: key.slice(32, 64),
-        macKeyB64: "ICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj8=",
        innerKey: {
          type: EncryptionType.AesCbc256_HmacSha256_B64,
          encryptionKey: key.slice(0, 32),
@@ -86,8 +76,8 @@ describe("SymmetricCryptoKey", () => {

    expect(actual).toEqual({
      type: EncryptionType.AesCbc256_HmacSha256_B64,
-      encryptionKey: key.encKey,
-      authenticationKey: key.macKey,
+      encryptionKey: key.inner().encryptionKey,
+      authenticationKey: (key.inner() as Aes256CbcHmacKey).authenticationKey,
    });
  });

@@ -95,7 +85,7 @@ describe("SymmetricCryptoKey", () => {
    const key = new SymmetricCryptoKey(makeStaticByteArray(32));
    const actual = key.toEncoded();

-    expect(actual).toEqual(key.encKey);
+    expect(actual).toEqual(key.inner().encryptionKey);
  });

  it("toEncoded returns encoded key for AesCbc256_HmacSha256_B64", () => {
--- a/libs/common/src/platform/models/domain/symmetric-crypto-key.ts
+++ b/libs/common/src/platform/models/domain/symmetric-crypto-key.ts
@@ -25,15 +25,7 @@ export class SymmetricCryptoKey {
  private innerKey: Aes256CbcHmacKey | Aes256CbcKey;

  key: Uint8Array;
-  encKey: Uint8Array;
-  macKey?: Uint8Array;
-  encType: EncryptionType;
-
  keyB64: string;
-  encKeyB64: string;
-  macKeyB64: string;
-
-  meta: any;

  /**
   * @param key The key in one of the permitted serialization formats
@@ -48,30 +40,16 @@ export class SymmetricCryptoKey {
        type: EncryptionType.AesCbc256_B64,
        encryptionKey: key,
      };
-      this.encType = EncryptionType.AesCbc256_B64;
      this.key = key;
-      this.keyB64 = Utils.fromBufferToB64(this.key);
-
-      this.encKey = key;
-      this.encKeyB64 = Utils.fromBufferToB64(this.encKey);
-
-      this.macKey = null;
-      this.macKeyB64 = undefined;
+      this.keyB64 = this.toBase64();
    } else if (key.byteLength === 64) {
      this.innerKey = {
        type: EncryptionType.AesCbc256_HmacSha256_B64,
        encryptionKey: key.slice(0, 32),
        authenticationKey: key.slice(32),
      };
-      this.encType = EncryptionType.AesCbc256_HmacSha256_B64;
      this.key = key;
-      this.keyB64 = Utils.fromBufferToB64(this.key);
-
-      this.encKey = key.slice(0, 32);
-      this.encKeyB64 = Utils.fromBufferToB64(this.encKey);
-
-      this.macKey = key.slice(32);
-      this.macKeyB64 = Utils.fromBufferToB64(this.macKey);
+      this.keyB64 = this.toBase64();
    } else {
      throw new Error(`Unsupported encType/key length ${key.byteLength}`);
    }