From 02e2b85d227e009cd6ffb8da8958a53b4793d925 Mon Sep 17 00:00:00 2001
From: "H. Andres Tournour" <andres.tournour@pangea.cloud>
Date: Tue, 16 Jan 2024 14:14:09 -0300
Subject: [PATCH 1/3] Add Vault encrypting algorithms support

---
 packages/pangea-node-sdk/src/types.ts         |  2 ++
 .../tests/integration/vault.test.ts           | 26 ++++++++++++-------
 2 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/packages/pangea-node-sdk/src/types.ts b/packages/pangea-node-sdk/src/types.ts
index cfda81d9b..7b5d528d4 100644
--- a/packages/pangea-node-sdk/src/types.ts
+++ b/packages/pangea-node-sdk/src/types.ts
@@ -637,6 +637,8 @@ export namespace Vault {
     AES128_CFB = "AES-CFB-128",
     AES256_CFB = "AES-CFB-256",
     AES256_GCM = "AES-GCM-256",
+    AES128_CBC = "AES-CBC-128",
+    AES256_CBC = "AES-CBC-256",
     AES = "AES-CFB-128", // deprecated, use AES128_CFB instead
   }
 
diff --git a/packages/pangea-node-sdk/tests/integration/vault.test.ts b/packages/pangea-node-sdk/tests/integration/vault.test.ts
index e3918a86d..0b0cd4ac1 100644
--- a/packages/pangea-node-sdk/tests/integration/vault.test.ts
+++ b/packages/pangea-node-sdk/tests/integration/vault.test.ts
@@ -484,16 +484,24 @@ it("RSA encrypting life cycle", async () => {
 });
 
 it("AES encrypting life cycle", async () => {
-  const algorithm = Vault.SymmetricAlgorithm.AES;
+  const algorithms = [
+    Vault.SymmetricAlgorithm.AES128_CBC,
+    Vault.SymmetricAlgorithm.AES256_CBC,
+    Vault.SymmetricAlgorithm.AES128_CFB,
+    Vault.SymmetricAlgorithm.AES256_CFB,
+    Vault.SymmetricAlgorithm.AES256_GCM,
+  ];
   const purpose = Vault.KeyPurpose.ENCRYPTION;
-  try {
-    const id = await symGenerateDefault(algorithm, purpose);
-    await encryptingCycle(id);
-    await vault.delete(id);
-  } catch (e) {
-    console.log(`Failed symmetric encrypting life cycle with ${algorithm} and ${purpose}`);
-    expect(false).toBeTruthy();
-  }
+  algorithms.forEach(async (algorithm) => {
+    try {
+      const id = await symGenerateDefault(algorithm, purpose);
+      await encryptingCycle(id);
+      await vault.delete(id);
+    } catch (e) {
+      console.log(`Failed symmetric encrypting life cycle with ${algorithm} and ${purpose}`);
+      expect(false).toBeTruthy();
+    }
+  });
 });
 
 it("JWT asymmetric signing life cycle", async () => {

From 283e6ad76c30f926a226b7b3af1289b92fbf65c4 Mon Sep 17 00:00:00 2001
From: "H. Andres Tournour" <andres.tournour@pangea.cloud>
Date: Tue, 16 Jan 2024 15:47:34 -0300
Subject: [PATCH 2/3] remove commented tests

---
 packages/pangea-node-sdk/tests/integration/vault.test.ts | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/packages/pangea-node-sdk/tests/integration/vault.test.ts b/packages/pangea-node-sdk/tests/integration/vault.test.ts
index 0b0cd4ac1..4f160c55d 100644
--- a/packages/pangea-node-sdk/tests/integration/vault.test.ts
+++ b/packages/pangea-node-sdk/tests/integration/vault.test.ts
@@ -281,10 +281,6 @@ async function encryptingCycle(id: string) {
   const decDefaultResp = await vault.decrypt(id, enc2Resp.result.cipher_text);
   expect(decDefaultResp.result.plain_text).toBe(dataB64);
 
-  // // Decrypt wrong version
-  // const decBad1Resp = await vault.decrypt(id, enc1Resp.result.cipher_text);
-  // expect(decBad1Resp.result.plain_text).not.toBe(dataB64);
-
   let f = async () => {
     await vault.decrypt("notandid", enc2Resp.result.cipher_text);
   };

From ad47bcb59c632e99f200db061b0f95a44abe1f14 Mon Sep 17 00:00:00 2001
From: "H. Andres Tournour" <andres.tournour@pangea.cloud>
Date: Wed, 17 Jan 2024 12:19:47 -0300
Subject: [PATCH 3/3] Updates: - throw exception - Replace foreach - Add JWT
 symmetric encryption tests

---
 .../tests/integration/vault.test.ts           | 42 +++++++++++--------
 1 file changed, 24 insertions(+), 18 deletions(-)

diff --git a/packages/pangea-node-sdk/tests/integration/vault.test.ts b/packages/pangea-node-sdk/tests/integration/vault.test.ts
index 4f160c55d..ae2b0aa7d 100644
--- a/packages/pangea-node-sdk/tests/integration/vault.test.ts
+++ b/packages/pangea-node-sdk/tests/integration/vault.test.ts
@@ -199,7 +199,7 @@ async function jwtAsymSigningCycle(id: string) {
     expect(verify1Resp.result.valid_signature).toBe(true);
   } catch (e) {
     e instanceof PangeaErrors.APIError ? console.log(e.toString()) : console.log(e);
-    expect(false).toBeTruthy();
+    throw e;
   }
 }
 
@@ -240,7 +240,7 @@ async function jwtSymSigningCycle(id: string) {
     expect(verify1Resp.result.valid_signature).toBe(true);
   } catch (e) {
     e instanceof PangeaErrors.APIError ? console.log(e.toString()) : console.log(e);
-    expect(false).toBeTruthy();
+    throw e;
   }
 }
 
@@ -475,7 +475,7 @@ it("RSA encrypting life cycle", async () => {
   } catch (e) {
     e instanceof PangeaErrors.APIError ? console.log(e.toString()) : console.log(e);
     console.log(`Failed asymmetric encrypting life cycle with ${algorithm} and ${purpose}`);
-    expect(false).toBeTruthy();
+    throw e;
   }
 });
 
@@ -488,16 +488,16 @@ it("AES encrypting life cycle", async () => {
     Vault.SymmetricAlgorithm.AES256_GCM,
   ];
   const purpose = Vault.KeyPurpose.ENCRYPTION;
-  algorithms.forEach(async (algorithm) => {
+  for (const algorithm of algorithms) {
     try {
       const id = await symGenerateDefault(algorithm, purpose);
       await encryptingCycle(id);
       await vault.delete(id);
     } catch (e) {
       console.log(`Failed symmetric encrypting life cycle with ${algorithm} and ${purpose}`);
-      expect(false).toBeTruthy();
+      throw e;
     }
-  });
+  }
 });
 
 it("JWT asymmetric signing life cycle", async () => {
@@ -507,29 +507,35 @@ it("JWT asymmetric signing life cycle", async () => {
     Vault.AsymmetricAlgorithm.ES512,
   ];
   const purpose = Vault.KeyPurpose.JWT;
-  algorithms.forEach(async (algorithm) => {
+  for (const algorithm of algorithms) {
     try {
       const id = await asymGenerateDefault(algorithm, purpose);
       await jwtAsymSigningCycle(id);
       await vault.delete(id);
     } catch (e) {
       console.log(`Failed JWT asymmetric signing life cycle with ${algorithm} and ${purpose}`);
-      expect(false).toBeTruthy();
+      throw e;
     }
-  });
+  }
 });
 
 it("JWT symmetric signing life cycle", async () => {
-  const algorithm = Vault.SymmetricAlgorithm.HS256;
   const purpose = Vault.KeyPurpose.JWT;
-  try {
-    const id = await symGenerateDefault(algorithm, purpose);
-    await jwtSymSigningCycle(id);
-    await vault.delete(id);
-  } catch (e) {
-    e instanceof PangeaErrors.APIError ? console.log(e.toString()) : console.log(e);
-    console.log(`Failed JWT symmetric signing life cycle with ${algorithm} and ${purpose}`);
-    expect(false).toBeTruthy();
+  const algorithms = [
+    Vault.SymmetricAlgorithm.HS256,
+    Vault.SymmetricAlgorithm.HS384,
+    Vault.SymmetricAlgorithm.HS512,
+  ];
+  for (const algorithm of algorithms) {
+    try {
+      const id = await symGenerateDefault(algorithm, purpose);
+      await jwtSymSigningCycle(id);
+      await vault.delete(id);
+    } catch (e) {
+      e instanceof PangeaErrors.APIError ? console.log(e.toString()) : console.log(e);
+      console.log(`Failed JWT symmetric signing life cycle with ${algorithm} and ${purpose}`);
+      throw e;
+    }
   }
 });