MOSIP-24522: Added base64-encoding checks

Signed-off-by: HimajaDhanyamraju2 <[email protected]>
mosip · Feb 6, 2024 · df606eb · df606eb
1 parent 5036590
commit df606eb
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/hub/hub_service.bal b/hub/hub_service.bal
@@ -220,11 +220,12 @@ service object {
         if (message.hubSecret is string) {
             string hubSecret = <string> message.hubSecret;
             string encryptionKey = config:HUB_SECRET_ENCRYPTION_KEY;
+            byte[] encryptionKeyInBytes = (config:HUB_SECRET_ENCRYPTION_KEY_FORMAT).equalsIgnoreCaseAscii("base64-encoded-bytes") ? (check array:fromBase64(encryptionKey)) : encryptionKey.toBytes();
             byte[16] initialVector = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
             foreach int i in 0...15 {
                 initialVector[i] = <byte>(check random:createIntInRange(0, 255));
             }
-            byte[] cipherText = check crypto:encryptAesGcm(hubSecret.toBytes(), encryptionKey.toBytes(), initialVector);
+            byte[] cipherText = check crypto:encryptAesGcm(hubSecret.toBytes(), encryptionKeyInBytes, initialVector);
             cipherText.push(...initialVector);
             message.hubSecret = config:ENCRYPTED_SECRET_PREFIX + cipherText.toBase64() + config:ENCRYPTED_SECRET_SUFFIX;
         }