diff --git a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/CoseSignatureServiceImpl.java b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/CoseSignatureServiceImpl.java index a2b2e3a3..f683409b 100644 --- a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/CoseSignatureServiceImpl.java +++ b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/CoseSignatureServiceImpl.java @@ -385,8 +385,9 @@ public String getKeyId(String kidPrepend, SignatureCertificate certificateRespon (requestDto.getUnprotectedHeader() != null && requestDto.getUnprotectedHeader().containsKey(SignatureConstant.COSE_HEADER_KID))) { String kidPrefix = kidPrepend; if (kidPrepend.equalsIgnoreCase(SignatureConstant.KEY_ID_PREFIX)) { - String payload = Objects.isNull(requestDto.getPayload()) ? "" : requestDto.getPayload(); - kidPrefix = SignatureUtil.getIssuerFromPayload(payload); + String payload = Objects.isNull(requestDto.getPayload()) ? SignatureConstant.BLANK : requestDto.getPayload(); + String jsonData = SignatureUtil.isDataValid(payload) ? (new String(CryptoUtil.decodeURLSafeBase64(payload))) : SignatureConstant.BLANK; + kidPrefix = SignatureUtil.getIssuerFromPayload(jsonData); if (kidPrefix.isEmpty()) kidPrefix = SignatureConstant.BLANK; else diff --git a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/util/SignatureUtil.java b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/util/SignatureUtil.java index c31c6529..59ef5dc1 100644 --- a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/util/SignatureUtil.java +++ b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/util/SignatureUtil.java @@ -232,7 +232,7 @@ public static String getIssuerFromPayload(String jsonPayload) { return SignatureConstant.BLANK; } - JsonNode jsonNode = mapper.readTree(new String(CryptoUtil.decodeURLSafeBase64(jsonPayload))); + JsonNode jsonNode = mapper.readTree(jsonPayload); if (jsonNode.has(SignatureConstant.ISSUER)) { return jsonNode.get(SignatureConstant.ISSUER).asText(); diff --git a/kernel/kernel-keymanager-service/src/test/java/io/mosip/kernel/signature/test/Util/SignatureUtilTest.java b/kernel/kernel-keymanager-service/src/test/java/io/mosip/kernel/signature/test/Util/SignatureUtilTest.java index 6562b76e..d7e6ac78 100644 --- a/kernel/kernel-keymanager-service/src/test/java/io/mosip/kernel/signature/test/Util/SignatureUtilTest.java +++ b/kernel/kernel-keymanager-service/src/test/java/io/mosip/kernel/signature/test/Util/SignatureUtilTest.java @@ -154,16 +154,14 @@ public void testGetSignAlgorithm() { @Test public void testGetIssuerFromPayload() { - // getIssuerFromPayload expects URL-safe Base64 encoded JSON payload - String payload = CryptoUtil.encodeToURLSafeBase64("{\"iss\":\"test-issuer\",\"data\":\"value\"}".getBytes()); + String payload = "{\"iss\":\"test-issuer\",\"data\":\"value\"}"; String issuer = SignatureUtil.getIssuerFromPayload(payload); Assert.assertEquals("test-issuer", issuer); - String noIssuer = SignatureUtil.getIssuerFromPayload(CryptoUtil.encodeToURLSafeBase64("{\"data\":\"value\"}".getBytes())); + String noIssuer = SignatureUtil.getIssuerFromPayload("{\"data\":\"value\"}"); Assert.assertEquals("", noIssuer); - // Test with invalid base64-encoded JSON (malformed JSON after decoding) - String invalidJson = SignatureUtil.getIssuerFromPayload(CryptoUtil.encodeToURLSafeBase64("invalid json".getBytes())); + String invalidJson = SignatureUtil.getIssuerFromPayload("invalid json"); Assert.assertEquals("", invalidJson); }