From 60deaa7eb16a32820f3d7d32a0c4f277251cd997 Mon Sep 17 00:00:00 2001 From: Reza Rahemtola Date: Wed, 30 Oct 2024 18:36:08 +0900 Subject: [PATCH] feat(backend): Better secret and encryption handling --- backend/src/main.py | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/backend/src/main.py b/backend/src/main.py index 40fb50f..01ebd9e 100644 --- a/backend/src/main.py +++ b/backend/src/main.py @@ -1,3 +1,4 @@ +import base64 import time from http import HTTPStatus from uuid import uuid4 @@ -40,15 +41,17 @@ async def setup(body: SetupAgentBody) -> None: agent_id = str(uuid4()) - secret = str.encode(str(uuid4()), "utf-8") + secret = str(uuid4()) # Encrypting the secret ID with our public key - encrypted_secret = encrypt(config.ALEPH_SENDER_PK, secret).decode() + encrypted_secret = encrypt(config.ALEPH_SENDER_PK, secret.encode()) + # Encoding it in base64 to avoid data loss when stored on Aleph + base64_encrypted_secret = base64.b64encode(encrypted_secret).decode() agent = Agent( id=agent_id, subscription_id=body.subscription_id, vm_hash=None, - encrypted_secret=encrypted_secret, + encrypted_secret=base64_encrypted_secret, last_update=int(time.time()), tags=[agent_id, body.subscription_id, body.account.address], ) @@ -80,9 +83,10 @@ async def update(body: UpdateAgentPutBody, code: UploadFile, packages: UploadFil else None ) - decrypted_secret = decrypt( - config.ALEPH_SENDER_SK, str.encode(agent.encrypted_secret, "utf-8") - ).decode() + # Decode the base64 secret + encrypted_secret = base64.b64decode(agent.encrypted_secret) + + decrypted_secret = decrypt(config.ALEPH_SENDER_SK, encrypted_secret).decode() if body.secret != decrypted_secret: raise HTTPException( status_code=HTTPStatus.UNAUTHORIZED,