[PM-20492] Refactor symmetric keys - remove key buffer representation, migrate consumers to .toEncoded() (#14371)

* Refactor encrypt service to expose key wrapping * Fix build * Undo ts strict removal * Fix wrong method being used to encrypt key material * Rename parameters and remove todo * Add summary to encrypt * Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update libs/common/src/key-management/crypto/abstractions/encrypt.service.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Add tests for unhappy paths * Add test coverage * Add links * Remove direct buffer access * Fix build on cli --------- Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2025-12-17 00:33:44 +00:00 · 2025-04-25 19:26:39 +02:00
parent b4c4eea229
commit fd0db40f79
15 changed files with 58 additions and 45 deletions
--- a/libs/common/src/platform/models/domain/symmetric-crypto-key.spec.ts
+++ b/libs/common/src/platform/models/domain/symmetric-crypto-key.spec.ts
@@ -19,7 +19,6 @@ describe("SymmetricCryptoKey", () => {
      const cryptoKey = new SymmetricCryptoKey(key);

      expect(cryptoKey).toEqual({
-        key: key,
        keyB64: "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=",
        innerKey: {
          type: EncryptionType.AesCbc256_B64,
@@ -33,7 +32,6 @@ describe("SymmetricCryptoKey", () => {
      const cryptoKey = new SymmetricCryptoKey(key);

      expect(cryptoKey).toEqual({
-        key: key,
        keyB64:
          "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+Pw==",
        innerKey: {
--- a/libs/common/src/platform/models/domain/symmetric-crypto-key.ts
+++ b/libs/common/src/platform/models/domain/symmetric-crypto-key.ts
@@ -24,7 +24,6 @@ export type Aes256CbcKey = {
 export class SymmetricCryptoKey {
  private innerKey: Aes256CbcHmacKey | Aes256CbcKey;

-  key: Uint8Array;
  keyB64: string;

  /**
@@ -40,7 +39,6 @@ export class SymmetricCryptoKey {
        type: EncryptionType.AesCbc256_B64,
        encryptionKey: key,
      };
-      this.key = key;
      this.keyB64 = this.toBase64();
    } else if (key.byteLength === 64) {
      this.innerKey = {
@@ -48,7 +46,6 @@ export class SymmetricCryptoKey {
        encryptionKey: key.slice(0, 32),
        authenticationKey: key.slice(32),
      };
-      this.key = key;
      this.keyB64 = this.toBase64();
    } else {
      throw new Error(`Unsupported encType/key length ${key.byteLength}`);