Merge pull request 'Encrypt and Decrypt method in Security class was always returns same value becaue : both the key and IV (Initialization Vector) are derived deterministically from fixed values:' (#3 ) from main into production

Reviewed-on: #3
Encrypt and Decrypt method in Security class was always returns same value becaue : both the key and IV (Initialization Vector) are derived deterministically from fixed values:
2025-10-31 06:29:00 +00:00 · 2025-10-31 11:45:13 +05:30
7 changed files with 179 additions and 32 deletions
--- a/gateway/ocelot.json
+++ b/gateway/ocelot.json
@ -8,7 +8,7 @@
      "DownstreamScheme": "http",
      "DownstreamHostAndPorts": [
        {
-          "Host": "api-admin.odiprojects.com",
+          "Host": "api-admin.practicekea.com",
          "Port": 80
        }
      ],
@ -16,9 +16,9 @@
      "UpstreamHttpMethod": [ "Get", "Post", "Put", "Delete", "Options" ],
      "Priority": 1,
-      "“AuthenticationOptions”": {
+      "<EFBFBD>AuthenticationOptions<EFBFBD>": {
-        "“AuthenticationProviderKey”": "IdentityApiKey",
+        "<EFBFBD>AuthenticationProviderKey<EFBFBD>": "IdentityApiKey",
-        "“AllowedScopes”": []
+        "<EFBFBD>AllowedScopes<EFBFBD>": []
      }
    },
    //====================================================
@ -29,7 +29,7 @@
      "DownstreamScheme": "http",
      "DownstreamHostAndPorts": [
        {
-          "Host": "api-institute.odiprojects.com",
+          "Host": "api-institute.practicekea.com",
          "Port": 80
        }
      ],
@ -47,7 +47,7 @@
      "DownstreamScheme": "http",
      "DownstreamHostAndPorts": [
        {
-          "Host": "api-teacher.odiprojects.com",
+          "Host": "api-teacher.practicekea.com",
          "Port": 80
        }
      ],
@ -64,7 +64,7 @@
      "DownstreamScheme": "http",
      "DownstreamHostAndPorts": [
        {
-          "Host": "api-user.odiprojects.com",
+          "Host": "api-user.practicekea.com",
          "Port": 80
        }
      ],
@ -80,7 +80,7 @@
      "DownstreamScheme": "http",
      "DownstreamHostAndPorts": [
        {
-          "Host": "api-bucket.odiprojects.com",
+          "Host": "api-bucket.practicekea.com",
          "Port": 80
        }
      ],
@ -98,7 +98,7 @@
      "DownstreamScheme": "http",
      "DownstreamHostAndPorts": [
        {
-          "Host": "api-student.odiprojects.com",
+          "Host": "api-student.practicekea.com",
          "Port": 80
        }
      ],
@ -109,6 +109,6 @@
  ],
  "GlobalConfiguration": {
-    "BaseUrl": "http://api.odiprojects.com"
+    "BaseUrl": "http://api.practicekea.com"
  }
 }
--- a/microservices/_layers/common/Security.cs
+++ b/microservices/_layers/common/Security.cs
@ -1,4 +1,7 @@
-using System;
+using FirebaseAdmin.Auth;
 using Microsoft.IdentityModel.Tokens;
 using OnlineAssessment.Domain.ViewModels;
 using System;
 using System.Collections.Generic;
 using System.IdentityModel.Tokens.Jwt;
 using System.IO;
@ -6,10 +9,8 @@ using System.Linq;
 using System.Security.Claims;
 using System.Security.Cryptography;
 using System.Text;
-using Microsoft.IdentityModel.Tokens;
+
-using OnlineAssessment.Domain.ViewModels;
+
 using FirebaseAdmin;
 using FirebaseAdmin.Auth;
 namespace OnlineAssessment.Common
 {
@ -200,7 +201,85 @@ namespace OnlineAssessment.Common
        /// </summary>
        /// <param name="encryptString"></param>
        /// <returns></returns>
        //public static string Encrypt(string encryptString)
        //{
        //    string EncryptionKey = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
        //    byte[] clearBytes = Encoding.Unicode.GetBytes(encryptString);
        //    using (Aes encryptor = Aes.Create())
        //    {
        //        Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
        //        encryptor.Key = pdb.GetBytes(32);
        //        encryptor.IV = pdb.GetBytes(16);
        //        using (MemoryStream ms = new MemoryStream())
        //        {
        //            using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
        //            {
        //                cs.Write(clearBytes, 0, clearBytes.Length);
        //                cs.Close();
        //            }
        //            encryptString = Convert.ToBase64String(ms.ToArray());
        //        }
        //    }
        //    return encryptString;
        //}
        public static string Encrypt(string encryptString)
        {
            string EncryptionKey = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
            byte[] clearBytes = Encoding.Unicode.GetBytes(encryptString);
            using (Aes encryptor = Aes.Create())
            {
                var pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] {
                                                                0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64,
                                                                0x76, 0x65, 0x64, 0x65, 0x76
                                                                });
                encryptor.Key = pdb.GetBytes(32);
                encryptor.GenerateIV(); // <--- random IV each time
                using (MemoryStream ms = new MemoryStream())
                {
                    // prepend IV to the ciphertext
                    ms.Write(encryptor.IV, 0, encryptor.IV.Length);
                    using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
                    {
                        cs.Write(clearBytes, 0, clearBytes.Length);
                        cs.Close();
                    }
                    encryptString = Convert.ToBase64String(ms.ToArray());
                }
            }
            return encryptString;
        }
        public static string Encrypt2(string encryptString2)
        {
            string EncryptionKey = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
            byte[] clearBytes = Encoding.Unicode.GetBytes(encryptString2);
            using (Aes encryptor = Aes.Create())
            {
                Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
                encryptor.Key = pdb.GetBytes(32);
                encryptor.IV = pdb.GetBytes(16);
                using (MemoryStream ms = new MemoryStream())
                {
                    using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
                    {
                        cs.Write(clearBytes, 0, clearBytes.Length);
                        cs.Close();
                    }
                    encryptString2 = Convert.ToBase64String(ms.ToArray());
                }
            }
            return encryptString2;
        }
        public static string EncryptString(string encryptString)
        {
            string EncryptionKey = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
            byte[] clearBytes = Encoding.Unicode.GetBytes(encryptString);
@ -254,7 +333,7 @@ namespace OnlineAssessment.Common
        }
-        public static string EncryptString(string s)
+        public static string EncryptString1(string s)
        {
            byte[] b = System.Text.ASCIIEncoding.ASCII.GetBytes(s);
            string encrypted = Convert.ToBase64String(b);
@ -278,4 +357,70 @@ namespace OnlineAssessment.Common
        }
    }
 public static class AesEncryptionHelper
    {
        private static readonly string EncryptionKey = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
        private static readonly byte[] Salt = new byte[] { 0x21, 0x42, 0x63, 0x84, 0xA5, 0xC6, 0xE7, 0x08, 0x29, 0x4A, 0x6B, 0x8C, 0xAD, 0xCE, 0xEF, 0x10 };
        public static string Encrypt(string plainText)
        {
            byte[] clearBytes = Encoding.UTF8.GetBytes(plainText);
            using (Aes aes = Aes.Create())
            {
                var pdb = new Rfc2898DeriveBytes(EncryptionKey, Salt);
                aes.Key = pdb.GetBytes(32);
                aes.GenerateIV(); // random IV each time
                using (var ms = new MemoryStream())
                {
                    // write IV to the start of the ciphertext
                    ms.Write(aes.IV, 0, aes.IV.Length);
                    using (var cs = new CryptoStream(ms, aes.CreateEncryptor(), CryptoStreamMode.Write))
                    {
                        cs.Write(clearBytes, 0, clearBytes.Length);
                        cs.FlushFinalBlock();
                    }
                    return Convert.ToBase64String(ms.ToArray());
                }
            }
        }
        public static string Decrypt(string cipherText)
        {
            byte[] fullCipher = Convert.FromBase64String(cipherText);
            using (Aes aes = Aes.Create())
            {
                var pdb = new Rfc2898DeriveBytes(EncryptionKey, Salt);
                aes.Key = pdb.GetBytes(32);
                // extract IV
                byte[] iv = new byte[16];
                Array.Copy(fullCipher, 0, iv, 0, iv.Length);
                aes.IV = iv;
                int cipherOffset = iv.Length;
                int cipherCount = fullCipher.Length - cipherOffset;
                using (var ms = new MemoryStream())
                {
                    using (var cs = new CryptoStream(ms, aes.CreateDecryptor(), CryptoStreamMode.Write))
                    {
                        cs.Write(fullCipher, cipherOffset, cipherCount);
                        cs.FlushFinalBlock();
                    }
                    return Encoding.UTF8.GetString(ms.ToArray());
                }
            }
        }
    }
 }
--- a/microservices/_layers/common/StartupExtensions.cs
+++ b/microservices/_layers/common/StartupExtensions.cs
@ -13,12 +13,15 @@ namespace OnlineAssessment
        /// </summary>
        public static IServiceCollection AddDbConnections(this IServiceCollection services, IConfiguration configuration)
        {
            string text = configuration.GetConnectionString("DefaultConnectionString");
            //string newConn = @"Server=94.249.213.139;Database=OA_UAT;User Id=sa;Password=Odiware@1234!;TrustServerCertificate=True;MultipleActiveResultSets=true";
            string newConn = @"Server=94.249.213.139;Database=OA_PROD;User Id=sa;Password=Odiware@1234!;TrustServerCertificate=True;MultipleActiveResultSets=true";
            string encString = Security.Encrypt(newConn);
-            string connection = Security.Decrypt(text);
+            string connString1 = @"Server=94.249.213.139;Database=OA_STAGING;User Id=sa;Password=Odiware@1234!;TrustServerCertificate=True;MultipleActiveResultSets=true";
            string connection1 = AesEncryptionHelper.Encrypt(connString1);
            string connString = configuration.GetConnectionString("DefaultConnectionString");
            string connection = AesEncryptionHelper.Decrypt(connString);
            //============================================
            return services
                .AddEntityFrameworkSqlServer()
--- a/microservices/user/API.User.csproj
+++ b/microservices/user/API.User.csproj
@ -103,6 +103,7 @@
 	</ItemGroup>
 	<ItemGroup>
 		<ProjectReference Include="..\_layers\common\Common.csproj" />
 		<ProjectReference Include="..\_layers\data\Data.csproj" />
 		<ProjectReference Include="..\_layers\domain\Domain.csproj" />
 	</ItemGroup>
--- a/microservices/user/appsettings.Development.json
+++ b/microservices/user/appsettings.Development.json
@ -4,8 +4,7 @@
  },
  "AllowedHosts": "*",
  "ConnectionStrings": {
-    "DefaultConnectionString": "CWl5kdPv3XVgCewNZ9xsMWbKUfspY55eD30t624CW5XFBxN2arokRw5kglCPdfNE9fc0xdbYTyXrFJ1s/KVEknD0+Zz3unUPUcZjqtJrgZaOSTpxPANvf3pERJbTDELV91SrUGHsY/VugofFmzMLPTgsv9tXeGSsK/YE0uPS1i6ekiEPjm3P7t3K8Eho4rtkS+2SRFLPNIgp/tBDJ7t71yoNYZzk+zoh58jS3WiZni6BeT37eNfgCcqNg/7Jn7wW6c3IcDll6Pbw7hlQvHvxX4Xl3YFEb2x+bPCZELacMC11548Ax0nnRumfdzryCDI/ohfO3ZMA/Fni4j0g5A8qiruTtM2wwfaaDNZAPLA2aJU="
+    "DefaultConnectionString": "3O5IBcQilkuCpSiL2/78srPWCHpYVGryBrDmdDH7ymmzevrvLYfgEbsScCZKknceXynyLeTn/5v0PJ4ddIyj6xF/wS+l7ElwqwaaGlpVEFNG4RetA1YQ/dKg92Y9czBU9QeEkT7DVwsBpb4LX+3X0uOd0VlQYhIQ1bmF0YNmlubv3O0k8c4UFM8sVzPexSIx8JuqhjWgfDw5sAgyKqvg/Q=="
    //"DefaultConnectionString": "B58MwWJom8ajCI4ia0DN+uXUcjx9/6VSwwwQLNRr0ALJmE2hmLwzJV6FYk3YezpmAQxcFLiBG1mToDKYxumHzWoyyr3/8JrMxcxJWctehH6XLaoreNgAG4pfVoNqXdy2LLDfxrh+MfXMe5vTzSRd/wgsiNcfFYzvoOA6ecg/K15a6/aM4CBWkylwwihQdCn/u567QL8IlAeUkPSM97dI6OGUYDzuGNoubGBDd2bBEKpY+HZ5gdF+hOxiC68XlkSykjk7vCDg5oIO2wNXvi2D0BmwEpXxhCMUFNaqJN7qpmo="
  },
  "Jwt": {
    "Key": "THIS_IS_ODIWARE_SECRET_KEY",
--- a/microservices/user/appsettings.json
+++ b/microservices/user/appsettings.json
@ -4,8 +4,7 @@
  },
  "AllowedHosts": "*",
  "ConnectionStrings": {
-    "DefaultConnectionString": "CWl5kdPv3XVgCewNZ9xsMWbKUfspY55eD30t624CW5XFBxN2arokRw5kglCPdfNE9fc0xdbYTyXrFJ1s/KVEknD0+Zz3unUPUcZjqtJrgZaOSTpxPANvf3pERJbTDELV91SrUGHsY/VugofFmzMLPTgsv9tXeGSsK/YE0uPS1i6ekiEPjm3P7t3K8Eho4rtkS+2SRFLPNIgp/tBDJ7t71yoNYZzk+zoh58jS3WiZni6BeT37eNfgCcqNg/7Jn7wW6c3IcDll6Pbw7hlQvHvxX4Xl3YFEb2x+bPCZELacMC11548Ax0nnRumfdzryCDI/ohfO3ZMA/Fni4j0g5A8qiruTtM2wwfaaDNZAPLA2aJU="
+    "DefaultConnectionString": "3O5IBcQilkuCpSiL2/78srPWCHpYVGryBrDmdDH7ymmzevrvLYfgEbsScCZKknceXynyLeTn/5v0PJ4ddIyj6xF/wS+l7ElwqwaaGlpVEFNG4RetA1YQ/dKg92Y9czBU9QeEkT7DVwsBpb4LX+3X0uOd0VlQYhIQ1bmF0YNmlubv3O0k8c4UFM8sVzPexSIx8JuqhjWgfDw5sAgyKqvg/Q=="
    //"DefaultConnectionString": "B58MwWJom8ajCI4ia0DN+uXUcjx9/6VSwwwQLNRr0ALJmE2hmLwzJV6FYk3YezpmAQxcFLiBG1mToDKYxumHzWoyyr3/8JrMxcxJWctehH6XLaoreNgAG4pfVoNqXdy2LLDfxrh+MfXMe5vTzSRd/wgsiNcfFYzvoOA6ecg/K15a6/aM4CBWkylwwihQdCn/u567QL8IlAeUkPSM97dI6OGUYDzuGNoubGBDd2bBEKpY+HZ5gdF+hOxiC68XlkSykjk7vCDg5oIO2wNXvi2D0BmwEpXxhCMUFNaqJN7qpmo="
  },
  "Jwt": {
    "Key": "THIS_IS_ODIWARE_SECRET_KEY",
--- a/microservices/user/web.config
+++ b/microservices/user/web.config
@ -18,7 +18,7 @@
        <add name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" requireAccess="Script" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
        <add name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" requireAccess="Script" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
      </handlers>
-      <aspNetCore processPath="dotnet" arguments=".\Api.User.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="inprocess" />
+      <aspNetCore processPath="dotnet" arguments=".\Api.User.dll" stdoutLogEnabled="true" stdoutLogFile=".\logs\stdout" hostingModel="inprocess" />
    </system.webServer>
  </location>
 </configuration>
Author	SHA1	Message	Date
Kishor Tripathy	0eec33ef5c	Merge pull request 'Encrypt and Decrypt method in Security class was always returns same value becaue : both the key and IV (Initialization Vector) are derived deterministically from fixed values:' (#3 ) from main into production Reviewed-on: #3	2025-10-31 06:29:00 +00:00
Kishor Tripathy	44b4341fe7	Encrypt and Decrypt method in Security class was always returns same value becaue : both the key and IV (Initialization Vector) are derived deterministically from fixed values: https://chatgpt.com/s/t_690453eccae481918c45d78d2223490f	2025-10-31 11:45:13 +05:30