From 0cdc0b850a696be41a40305cee619abc97d6ab66 Mon Sep 17 00:00:00 2001
From: Nevo David <me@nevos.io>
Date: Fri, 17 Oct 2025 01:34:05 +0700
Subject: [PATCH] feat: fix iv

---
 .../src/api/routes/agencies.controller.ts     |  2 +-
 apps/workers/src/app/posts.controller.ts      |  2 +-
 libraries/helpers/src/auth/auth.service.ts    | 29 ++++++++-----------
 3 files changed, 14 insertions(+), 19 deletions(-)

diff --git a/apps/backend/src/api/routes/agencies.controller.ts b/apps/backend/src/api/routes/agencies.controller.ts
index e2849f96..5eb98c60 100644
--- a/apps/backend/src/api/routes/agencies.controller.ts
+++ b/apps/backend/src/api/routes/agencies.controller.ts
@@ -10,7 +10,7 @@ import { CreateAgencyDto } from '@gitroom/nestjs-libraries/dtos/agencies/create.
 export class AgenciesController {
   constructor(private _agenciesService: AgenciesService) {}
   @Get('/')
-  async getAgencyByUser(@GetUserFromRequest() user: User) {
+  async getAgencyByUsers(@GetUserFromRequest() user: User) {
     return (await this._agenciesService.getAgencyByUser(user)) || {};
   }
 
diff --git a/apps/workers/src/app/posts.controller.ts b/apps/workers/src/app/posts.controller.ts
index 8d27b1df..f41b77fc 100644
--- a/apps/workers/src/app/posts.controller.ts
+++ b/apps/workers/src/app/posts.controller.ts
@@ -14,7 +14,7 @@ export class PostsController {
 
   @EventPattern('post', Transport.REDIS)
   async post(data: { id: string }) {
-    console.log('process', data);
+    console.log('processing', data);
     try {
       return await this._postsService.post(data.id);
     } catch (err) {
diff --git a/libraries/helpers/src/auth/auth.service.ts b/libraries/helpers/src/auth/auth.service.ts
index 2db11f64..a61f1a49 100644
--- a/libraries/helpers/src/auth/auth.service.ts
+++ b/libraries/helpers/src/auth/auth.service.ts
@@ -1,42 +1,37 @@
 import { sign, verify } from 'jsonwebtoken';
 import { hashSync, compareSync } from 'bcrypt';
 import crypto from 'crypto';
+// @ts-ignore
 import EVP_BytesToKey from 'evp_bytestokey';
 const algorithm = 'aes-256-cbc';
 const { keyLength, ivLength } = crypto.getCipherInfo(algorithm);
 
-function deriveLegacyKeyIv(secret) {
-  const pass = Buffer.isBuffer(secret)
-    ? secret
-    : Buffer.from(secret ?? '', 'utf8');
-  // EVP_BytesToKey(password, salt, keyLen, ivLen) — lengths are BYTES
-  const { key, iv } = EVP_BytesToKey(pass, null, keyLength, ivLength); // MD5, 1 iter, no salt (legacy)
+function deriveLegacyKeyIv(secret: string) {
+  const { keyLength, ivLength } = crypto.getCipherInfo(algorithm); // 32, 16
+  const pass = Buffer.isBuffer(secret) ? secret : Buffer.from(secret ?? '', 'utf8');
+
+  // evp_bytestokey: key length in **bits**, IV length in **bytes**
+  const { key, iv } = EVP_BytesToKey(pass, null, keyLength * 8, ivLength, 'md5');
+
   if (key.length !== keyLength || iv.length !== ivLength) {
     throw new Error(`Derived wrong sizes (key=${key.length}, iv=${iv.length})`);
   }
   return { key, iv };
 }
 
-export function decrypt_legacy_using_IV(hexCiphertext) {
+export function decrypt_legacy_using_IV(hexCiphertext: string) {
   const { key, iv } = deriveLegacyKeyIv(process.env.JWT_SECRET);
   const decipher = crypto.createDecipheriv(algorithm, key, iv);
-  const out = Buffer.concat([
-    decipher.update(hexCiphertext, 'hex'),
-    decipher.final(),
-  ]);
+  const out = Buffer.concat([decipher.update(hexCiphertext, 'hex'), decipher.final()]);
   return out.toString('utf8');
 }
 
-export function encrypt_legacy_using_IV(utf8Plaintext) {
+export function encrypt_legacy_using_IV(utf8Plaintext: string) {
   const { key, iv } = deriveLegacyKeyIv(process.env.JWT_SECRET);
   const cipher = crypto.createCipheriv(algorithm, key, iv);
-  const out = Buffer.concat([
-    cipher.update(utf8Plaintext, 'utf8'),
-    cipher.final(),
-  ]);
+  const out = Buffer.concat([cipher.update(utf8Plaintext, 'utf8'), cipher.final()]);
   return out.toString('hex');
 }
-
 export class AuthService {
   static hashPassword(password: string) {
     return hashSync(password, 10);