MCPcopy Index your code
hub / github.com/simstudioai/sim / decryptApiKey

Function decryptApiKey

packages/db/scripts/backfill-api-key-hash.ts:46–67  ·  view source on GitHub ↗
(encryptedValue: string, apiEncryptionKey: string)

Source from the content-addressed store, hash-verified

44}
45
46function decryptApiKey(encryptedValue: string, apiEncryptionKey: string): string {
47 const parts = encryptedValue.split(':')
48 if (parts.length !== 3) {
49 return encryptedValue
50 }
51
52 const key = Buffer.from(apiEncryptionKey, 'hex')
53 const [ivHex, encrypted, authTagHex] = parts
54 if (!ivHex || !encrypted || !authTagHex) {
55 throw new Error('Invalid encrypted api_key format. Expected "iv:encrypted:authTag"')
56 }
57
58 const iv = Buffer.from(ivHex, 'hex')
59 const authTag = Buffer.from(authTagHex, 'hex')
60
61 const decipher = createDecipheriv('aes-256-gcm', key, iv, { authTagLength: 16 })
62 decipher.setAuthTag(authTag)
63
64 let decrypted = decipher.update(encrypted, 'hex', 'utf8')
65 decrypted += decipher.final('utf8')
66 return decrypted
67}
68
69/**
70 * Computes the hash to write to `key_hash` for a row during backfill. Pure:

Callers 2

assertCryptoRoundTripFunction · 0.70

Calls

no outgoing calls

Tested by

no test coverage detected