Testing with base64 encoded encryption key

Signed-off-by: HimajaDhanyamraju2 <[email protected]>
mosip · Feb 6, 2024 · 738c901 · 738c901
1 parent 1260066
commit 738c901
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 5 deletions.
diff --git a/hub/hub_service.bal b/hub/hub_service.bal
@@ -227,6 +227,11 @@ service object {
             foreach int i in 0...15 {
                 initialVector[i] = <byte>(check random:createIntInRange(0, 255));
             }
+            byte[32] randomEncKey = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
+            foreach int i in 0...31 {
+                randomEncKey[i] = <byte>(check random:createIntInRange(0, 255));
+            }
+            log:printInfo("Base64 encoded random encryption key for testing", base64EncodedKey = randomEncKey.toBase64());
             byte[] cipherText = check crypto:encryptAesGcm(hubSecret.toBytes(), encryptionKeyInBytes, initialVector);
             cipherText.push(...initialVector);
             message.hubSecret = config:ENCRYPTED_SECRET_PREFIX + cipherText.toBase64() + config:ENCRYPTED_SECRET_SUFFIX;

diff --git a/hub/start_hub.bal b/hub/start_hub.bal
@@ -195,18 +195,17 @@ function startMissingSubscribers(websubhub:VerifiedSubscription[] persistedSubsc
            string consumerGroup = check value:ensureType(subscriber["consumerGroup"]);
             kafka:Consumer consumerEp = check conn:createMessageConsumer(topicName, consumerGroup);
 
-            if (subscriber.hubSecret is string) {
-                string hubSecret = <string>subscriber.hubSecret;
+            if (subscriber.hubSecret is string && (<string>subscriber.hubSecret).startsWith(config:ENCRYPTED_SECRET_PREFIX) && (<string>subscriber.hubSecret).endsWith(config:ENCRYPTED_SECRET_SUFFIX)) {
+                string hubSecretWithPattern = <string> subscriber.hubSecret;
+                string hubSecret = hubSecretWithPattern.substring((config:ENCRYPTED_SECRET_PREFIX).length(), hubSecretWithPattern.length() - (config:ENCRYPTED_SECRET_SUFFIX).length());
                 byte[] ivAppendedCipherText = check array:fromBase64(hubSecret);
                 int cipherLength = ivAppendedCipherText.length();
                 byte[] cipher = ivAppendedCipherText.slice(0, cipherLength-16);
                 byte[] iv = ivAppendedCipherText.slice(cipherLength-16, cipherLength);
-                log:printInfo("Extracted iv before decryption", iv = iv);
                 string encryptionKey = config:HUB_SECRET_ENCRYPTION_KEY;
-                log:printInfo("Key used for decryption", key = encryptionKey);
                 byte[] plainText = check crypto:decryptAesGcm(cipher, encryptionKey.toBytes(), iv);
                 subscriber.hubSecret = check string:fromBytes(plainText);
-                log:printInfo("secret after decryption", secret = subscriber.hubSecret);
+                log:printInfo("Decrypted the hubSecret", topic = subscriber.hubTopic);
             }
 
             websubhub:HubClient hubClientEp = check new (subscriber, {