[PM-30580] Add encryptMany to SDK for batch cipher encryption (#18942)

* Migrated encrypt many to the sdk * removed comment * updated sdk package
2026-02-22 04:14:04 +00:00 · 2026-02-13 18:13:41 -05:00
parent 2297082b1a
commit 8bd1e5a855
4 changed files with 37 additions and 29 deletions
--- a/libs/common/src/vault/services/default-cipher-encryption.service.spec.ts
+++ b/libs/common/src/vault/services/default-cipher-encryption.service.spec.ts
@@ -95,6 +95,7 @@ describe("DefaultCipherEncryptionService", () => {
    vault: jest.fn().mockReturnValue({
      ciphers: jest.fn().mockReturnValue({
        encrypt: jest.fn(),
+        encrypt_list: jest.fn(),
        encrypt_cipher_for_rotation: jest.fn(),
        set_fido2_credentials: jest.fn(),
        decrypt: jest.fn(),
@@ -280,10 +281,23 @@ describe("DefaultCipherEncryptionService", () => {
        name: "encrypted-name-3",
      } as unknown as Cipher;

-      mockSdkClient.vault().ciphers().encrypt.mockReturnValue({
-        cipher: sdkCipher,
-        encryptedFor: userId,
-      });
+      mockSdkClient
+        .vault()
+        .ciphers()
+        .encrypt_list.mockReturnValue([
+          {
+            cipher: sdkCipher,
+            encryptedFor: userId,
+          },
+          {
+            cipher: sdkCipher,
+            encryptedFor: userId,
+          },
+          {
+            cipher: sdkCipher,
+            encryptedFor: userId,
+          },
+        ]);

      jest
        .spyOn(Cipher, "fromSdkCipher")
@@ -299,7 +313,8 @@ describe("DefaultCipherEncryptionService", () => {
      expect(results[1].cipher).toEqual(expectedCipher2);
      expect(results[2].cipher).toEqual(expectedCipher3);

-      expect(mockSdkClient.vault().ciphers().encrypt).toHaveBeenCalledTimes(3);
+      expect(mockSdkClient.vault().ciphers().encrypt_list).toHaveBeenCalledTimes(1);
+      expect(mockSdkClient.vault().ciphers().encrypt).not.toHaveBeenCalled();

      expect(results[0].encryptedFor).toBe(userId);
      expect(results[1].encryptedFor).toBe(userId);
@@ -311,7 +326,7 @@ describe("DefaultCipherEncryptionService", () => {

      expect(results).toBeDefined();
      expect(results.length).toBe(0);
-      expect(mockSdkClient.vault().ciphers().encrypt).not.toHaveBeenCalled();
+      expect(mockSdkClient.vault().ciphers().encrypt_list).not.toHaveBeenCalled();
    });
  });

--- a/libs/common/src/vault/services/default-cipher-encryption.service.ts
+++ b/libs/common/src/vault/services/default-cipher-encryption.service.ts
@@ -65,21 +65,14 @@ export class DefaultCipherEncryptionService implements CipherEncryptionService {

          using ref = sdk.take();

-          const results: EncryptionContext[] = [];
-
-          // TODO: https://bitwarden.atlassian.net/browse/PM-30580
-          // Replace this loop with a native SDK encryptMany method for better performance.
-          for (const model of models) {
-            const sdkCipherView = this.toSdkCipherView(model, ref.value);
-            const encryptionContext = ref.value.vault().ciphers().encrypt(sdkCipherView);
-
-            results.push({
+          return ref.value
+            .vault()
+            .ciphers()
+            .encrypt_list(models.map((model) => this.toSdkCipherView(model, ref.value)))
+            .map((encryptionContext) => ({
              cipher: Cipher.fromSdkCipher(encryptionContext.cipher)!,
              encryptedFor: uuidAsString(encryptionContext.encryptedFor) as UserId,
-            });
-          }
-
-          return results;
+            }));
        }),
        catchError((error: unknown) => {
          this.logService.error(`Failed to encrypt ciphers in batch: ${error}`);