[PM-21001] Move vault code to new encrypt service interface (#14546)

* Move vault code to new encrypt service interface

* Fix tests

libs/common/src/vault/models/domain/attachment.spec.ts

@@ -77,7 +77,10 @@ describe("Attachment", () => {
       attachment.key = mockEnc("key");
       attachment.fileName = mockEnc("fileName");
 
-      encryptService.decryptToBytes.mockResolvedValue(makeStaticByteArray(32));
+      encryptService.decryptFileData.mockResolvedValue(makeStaticByteArray(32));
+      encryptService.unwrapSymmetricKey.mockResolvedValue(
+        new SymmetricCryptoKey(makeStaticByteArray(64)),
+      );
 
       const view = await attachment.decrypt(null);
 
@@ -105,7 +108,7 @@ describe("Attachment", () => {
         await attachment.decrypt(null, "", providedKey);
 
         expect(keyService.getUserKeyWithLegacySupport).not.toHaveBeenCalled();
-        expect(encryptService.decryptToBytes).toHaveBeenCalledWith(attachment.key, providedKey);
+        expect(encryptService.unwrapSymmetricKey).toHaveBeenCalledWith(attachment.key, providedKey);
       });
 
       it("gets an organization key if required", async () => {
@@ -115,7 +118,7 @@ describe("Attachment", () => {
         await attachment.decrypt("orgId", "", null);
 
         expect(keyService.getOrgKey).toHaveBeenCalledWith("orgId");
-        expect(encryptService.decryptToBytes).toHaveBeenCalledWith(attachment.key, orgKey);
+        expect(encryptService.unwrapSymmetricKey).toHaveBeenCalledWith(attachment.key, orgKey);
       });
 
       it("gets the user's decryption key if required", async () => {
@@ -125,7 +128,7 @@ describe("Attachment", () => {
         await attachment.decrypt(null, "", null);
 
         expect(keyService.getUserKeyWithLegacySupport).toHaveBeenCalled();
-        expect(encryptService.decryptToBytes).toHaveBeenCalledWith(attachment.key, userKey);
+        expect(encryptService.unwrapSymmetricKey).toHaveBeenCalledWith(attachment.key, userKey);
       });
     });
   });

libs/common/src/vault/models/domain/attachment.ts

@@ -66,8 +66,8 @@ export class Attachment extends Domain {
       }
 
       const encryptService = Utils.getContainerService().getEncryptService();
-      const decValue = await encryptService.decryptToBytes(this.key, encKey);
-      return new SymmetricCryptoKey(decValue);
+      const decValue = await encryptService.unwrapSymmetricKey(this.key, encKey);
+      return decValue;
       // FIXME: Remove when updating file. Eslint update
       // eslint-disable-next-line @typescript-eslint/no-unused-vars
     } catch (e) {

libs/common/src/vault/models/domain/cipher.spec.ts

@@ -1,6 +1,7 @@
 import { mock } from "jest-mock-extended";
 import { Jsonify } from "type-fest";
 
+import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";
 import { KeyService } from "@bitwarden/key-management";
 
 import { makeStaticByteArray, mockEnc, mockFromJson } from "../../../../spec/utils";
@@ -246,7 +247,9 @@ describe("Cipher DTO", () => {
       const encryptService = mock<EncryptService>();
       const cipherService = mock<CipherService>();
 
-      encryptService.decryptToBytes.mockResolvedValue(makeStaticByteArray(64));
+      encryptService.unwrapSymmetricKey.mockResolvedValue(
+        new SymmetricCryptoKey(makeStaticByteArray(64)),
+      );
 
       (window as any).bitwardenContainerService = new ContainerService(keyService, encryptService);
 
@@ -367,7 +370,9 @@ describe("Cipher DTO", () => {
       const encryptService = mock<EncryptService>();
       const cipherService = mock<CipherService>();
 
-      encryptService.decryptToBytes.mockResolvedValue(makeStaticByteArray(64));
+      encryptService.unwrapSymmetricKey.mockResolvedValue(
+        new SymmetricCryptoKey(makeStaticByteArray(64)),
+      );
 
       (window as any).bitwardenContainerService = new ContainerService(keyService, encryptService);
 
@@ -506,7 +511,9 @@ describe("Cipher DTO", () => {
       const encryptService = mock<EncryptService>();
       const cipherService = mock<CipherService>();
 
-      encryptService.decryptToBytes.mockResolvedValue(makeStaticByteArray(64));
+      encryptService.unwrapSymmetricKey.mockResolvedValue(
+        new SymmetricCryptoKey(makeStaticByteArray(64)),
+      );
 
       (window as any).bitwardenContainerService = new ContainerService(keyService, encryptService);
 
@@ -669,7 +676,9 @@ describe("Cipher DTO", () => {
       const encryptService = mock<EncryptService>();
       const cipherService = mock<CipherService>();
 
-      encryptService.decryptToBytes.mockResolvedValue(makeStaticByteArray(64));
+      encryptService.unwrapSymmetricKey.mockResolvedValue(
+        new SymmetricCryptoKey(makeStaticByteArray(64)),
+      );
 
       (window as any).bitwardenContainerService = new ContainerService(keyService, encryptService);
 

libs/common/src/vault/models/domain/cipher.ts

@@ -143,17 +143,13 @@ export class Cipher extends Domain implements Decryptable<CipherView> {
     if (this.key != null) {
       const encryptService = Utils.getContainerService().getEncryptService();
 
-      const keyBytes = await encryptService.decryptToBytes(
-        this.key,
-        encKey,
-        `Cipher Id: ${this.id}; Content: CipherKey; IsEncryptedByOrgKey: ${this.organizationId != null}`,
-      );
-      if (keyBytes == null) {
+      const cipherKey = await encryptService.unwrapSymmetricKey(this.key, encKey);
+      if (cipherKey == null) {
         model.name = "[error: cannot decrypt]";
         model.decryptionFailure = true;
         return model;
       }
-      encKey = new SymmetricCryptoKey(keyBytes);
+      encKey = cipherKey;
       bypassValidation = false;
     }
 

libs/common/src/vault/models/domain/folder.spec.ts

@@ -1,5 +1,7 @@
 import { mock, MockProxy } from "jest-mock-extended";
 
+import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";
+
 import { makeEncString, makeSymmetricCryptoKey, mockEnc, mockFromJson } from "../../../../spec";
 import { EncryptService } from "../../../key-management/crypto/abstractions/encrypt.service";
 import { EncryptedString, EncString } from "../../../platform/models/domain/enc-string";
@@ -70,7 +72,13 @@ describe("Folder", () => {
 
     beforeEach(() => {
       encryptService = mock<EncryptService>();
-      encryptService.decryptToUtf8.mockImplementation((value) => {
+      // Platform code is not migrated yet
+      encryptService.decryptToUtf8.mockImplementation(
+        (value: EncString, key: SymmetricCryptoKey, decryptTrace: string) => {
+          return Promise.resolve(value.data);
+        },
+      );
+      encryptService.decryptString.mockImplementation((value) => {
         return Promise.resolve(value.data);
       });
     });