Pushing only to test and experiment with

libs/common/src/vault/abstractions/cipher-encryption.service.ts

@@ -93,4 +93,6 @@ export abstract class CipherEncryptionService {
     encryptedContent: Uint8Array,
     userId: UserId,
   ): Promise<Uint8Array>;
+
+  abstract migrateCiphers(ciphers: Cipher[], userId: UserId): Promise<Cipher[]>;
 }

libs/common/src/vault/models/data/cipher.data.ts

@@ -42,6 +42,8 @@ export class CipherData {
   deletedDate: string | null;
   reprompt: CipherRepromptType;
   key: string;
+  version?: number;
+  data?: string;
 
   constructor(response?: CipherResponse, collectionIds?: string[]) {
     if (response == null) {
@@ -65,6 +67,8 @@ export class CipherData {
     this.deletedDate = response.deletedDate;
     this.reprompt = response.reprompt;
     this.key = response.key;
+    // this.version = response.version || 1;
+    this.data = response.data || null;
 
     switch (this.type) {
       case CipherType.Login:

libs/common/src/vault/models/domain/cipher.ts

@@ -59,6 +59,8 @@ export class Cipher extends Domain implements Decryptable<CipherView> {
   deletedDate: Date;
   reprompt: CipherRepromptType;
   key: EncString;
+  // version: number;
+  data: string;
 
   constructor(obj?: CipherData, localData: LocalData = null) {
     super();
@@ -96,6 +98,8 @@ export class Cipher extends Domain implements Decryptable<CipherView> {
     this.creationDate = obj.creationDate != null ? new Date(obj.creationDate) : null;
     this.deletedDate = obj.deletedDate != null ? new Date(obj.deletedDate) : null;
     this.reprompt = obj.reprompt;
+    // this.version = obj.version || 1;
+    this.data = obj.data;
 
     switch (this.type) {
       case CipherType.Login:
@@ -376,6 +380,8 @@ export class Cipher extends Domain implements Decryptable<CipherView> {
       card: undefined,
       secureNote: undefined,
       sshKey: undefined,
+      // version: 1,
+      data: typeof this.data === "string" ? this.data : JSON.stringify(this.data),
     };
 
     switch (this.type) {
@@ -444,6 +450,8 @@ export class Cipher extends Domain implements Decryptable<CipherView> {
     cipher.identity = Identity.fromSdkIdentity(sdkCipher.identity);
     cipher.sshKey = SshKey.fromSdkSshKey(sdkCipher.sshKey);
 
+    cipher.data = sdkCipher.data;
+
     return cipher;
   }
 }

libs/common/src/vault/models/response/cipher.response.ts

@@ -40,6 +40,9 @@ export class CipherResponse extends BaseResponse {
   deletedDate: string;
   reprompt: CipherRepromptType;
   key: string;
+  // Cipher versioning POC
+  data: string;
+  // version: number;
 
   constructor(response: any) {
     super(response);
@@ -105,5 +108,8 @@ export class CipherResponse extends BaseResponse {
 
     this.reprompt = this.getResponseProperty("Reprompt") || CipherRepromptType.None;
     this.key = this.getResponseProperty("Key") || null;
+    // Cipher versioning POC
+    // this.version = this.getResponseProperty("Version") || 1;
+    this.data = this.getResponseProperty("Data") || null;
   }
 }

libs/common/src/vault/models/view/cipher.view.ts

@@ -340,6 +340,7 @@ export class CipherView implements View, InitializerMetadata {
       identity: undefined,
       secureNote: undefined,
       sshKey: undefined,
+      // version: undefined,
     };
 
     switch (this.type) {

libs/common/src/vault/services/cipher.service.ts

@@ -1125,6 +1125,14 @@ export class CipherService implements CipherServiceAbstraction {
   }
 
   async replace(ciphers: { [id: string]: CipherData }, userId: UserId): Promise<any> {
+    // use cipher from the sdk and convert to cipher data to store in the state
+    // uncomment to test migration
+    // const cipherObjects = Object.values(ciphers).map((cipherData) => new Cipher(cipherData));
+    // const migratedCiphers = await this.cipherEncryptionService.migrateCiphers(
+    //   cipherObjects,
+    //   userId,
+    // );
+
     await this.updateEncryptedCipherState(() => ciphers, userId);
   }
 

libs/common/src/vault/services/default-cipher-encryption.service.ts

@@ -283,6 +283,43 @@ export class DefaultCipherEncryptionService implements CipherEncryptionService {
     );
   }
 
+  migrateCiphers(ciphers: Cipher[], userId: UserId): Promise<Cipher[]> {
+    return firstValueFrom(
+      this.sdkService.userClient$(userId).pipe(
+        map((sdk) => {
+          if (!sdk) {
+            this.logService.warning(
+              "SDK not available for cipher migration, returning original ciphers",
+            );
+            return ciphers;
+          }
+
+          try {
+            using ref = sdk.take();
+            const migratedSdkCiphers = ref.value
+              .vault()
+              .ciphers()
+              .migrate(ciphers.map((cipher) => cipher.toSdkCipher()));
+
+            const migratedCiphers = migratedSdkCiphers.map(
+              (sdkCipher) => Cipher.fromSdkCipher(sdkCipher)!,
+            );
+
+            this.logService.info(`Successfully migrated ${ciphers.length} ciphers`);
+            return migratedCiphers;
+          } catch (error) {
+            this.logService.error(`Cipher migration failed: ${error}`);
+            return ciphers;
+          }
+        }),
+        catchError((error: unknown) => {
+          this.logService.error(`Failed to access SDK for cipher migration: ${error}`);
+          // Return original ciphers as fallback
+          return [ciphers];
+        }),
+      ),
+    );
+  }
   /**
    * Helper method to convert a CipherView model to an SDK CipherView. Has special handling for Fido2 credentials
    * that need to be encrypted before being sent to the SDK.