fix: convert base64 encoding/decoding to utf8

[manishdex25]

Summary

What is the background of this pull request?

Changes

• What are the changes made in this pull request?
• Change this and that, etc...

Issues

What are the related issues or stories?

Summary by CodeRabbit

Release Notes

• Tests

  • Updated encryption and decryption test cases to validate standard base64 encoding format.

• Changes

  • Modified document encoding to use standard base64 format.
  • Simplified type declarations in encryption utilities.

• Documentation

  • Updated documentation for encryption and key generation functions.

[coderabbitai]

Warning

Rate limit exceeded

@manishdex25 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 9 minutes and 41 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 9c61bc1d-ae73-49f2-9a18-b60947bc449d

📥 Commits

Reviewing files that changed from the base of the PR and between c64dde6 and 258957d.

📒 Files selected for processing (2)

• src/__tests__/open-attestation/encrypt-decrypt.test.ts
• src/open-attestation/utils.ts

📝 Walkthrough

Walkthrough

The PR removes explicit type annotations from encryption utility functions and updates test assertions to validate standard base64 encoding instead of base64url encoding. Changes span the test file, encryption helper, and utility functions with adjustments to JSDoc comments alongside signature modifications.

Changes

Cohort / File(s)	Summary
Test Updates src/__tests__/open-attestation/encrypt-decrypt.test.ts	Updated test assertions to validate standard base64 regex pattern instead of base64url behavior; changed test input from Unicode symbols to 'hello' string.
Encryption Helper src/open-attestation/encrypt.ts	Removed explicit type annotations from generateIv parameter; updated JSDoc descriptions for makeCipher and encryptString without altering function signatures or runtime behavior.
Utility Functions src/open-attestation/utils.ts	Removed explicit return type annotations from generateEncryptionKey, encodeDocument, and decodeDocument; changed encoding logic from base64url to standard base64 in encode/decode operations.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• feat: added encrypt and decrypt oa functionlities #131: Directly related as it introduced the encodeDocument, decodeDocument, and generateEncryptionKey implementations that are being modified in this PR, particularly regarding base64url vs. standard base64 handling.

Suggested labels

released

Suggested reviewers

• RishabhS7
• rongquan1

Poem

🐰 With types untethered and base64 made plain,
Our cryptographic friends dance in the code's domain,
No more base64url's tangled embrace—
Just standard encoding in its proper place! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The pull request description contains only placeholder template text with no concrete details about background, specific changes, or related issues.	Fill in the template sections with actual information: explain the background of the UTF-8 encoding changes, detail the specific modifications to encodeDocument/decodeDocument functions, and reference any related issues or stories.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'fix: convert base64 encoding/decoding to utf8' directly aligns with the main changes made to the encoding/decoding functions in utils.ts and encrypt.ts, which involve modifications to base64 handling and removal of explicit type annotations.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/utf8-encoding

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/__tests__/open-attestation/encrypt-decrypt.test.ts`:
- Around line 124-128: The test for encodeDocument/decodeDocument doesn't
exercise the '+'/'/' alphabet difference because using 'hello' produces only
ASCII letters; update the test around encodeDocument and decodeDocument to
either assert the exact expected base64 output for a known input (e.g., assert
encodeDocument('hello') === 'aGVsbG8=') or use an input whose UTF-8 bytes will
produce '+' or '/' when base64-encoded (for example a Buffer with bytes that map
to those characters) so the test truly verifies standard base64 vs base64url
behavior and still round-trips with decodeDocument.

In `@src/open-attestation/utils.ts`:
- Around line 40-53: The decoder decodeDocument must remain backward-compatible
with legacy base64url payloads emitted under ENCRYPTION_PARAMETERS.version
"OPEN-ATTESTATION-TYPE-1"; change decodeDocument to first normalize base64url to
standard base64 (replace '-'->'+', '_'->'/', add padding as needed) before
calling forge.util.decode64 so it accepts both alphabets (or attempt decode64
and fall back to URL-to-standard normalization), ensuring decryptString
continues to handle existing type-1 ciphertexts without bumping the wire-format
version; reference functions: decodeDocument, encodeDocument and the
ENCRYPTION_PARAMETERS.version "OPEN-ATTESTATION-TYPE-1".

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: b26275f0-b75a-4a4d-b291-1c1494e91088

📥 Commits

Reviewing files that changed from the base of the PR and between e496fc7 and c64dde6.

📒 Files selected for processing (3)

• src/__tests__/open-attestation/encrypt-decrypt.test.ts
• src/open-attestation/encrypt.ts
• src/open-attestation/utils.ts

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

This case doesn't really prove standard base64 vs base64url.

'hello' encodes to aGVsbG8=, so this assertion never exercises the + / / alphabet difference. Use an input whose UTF-8 bytes produce one of those characters, or assert the exact expected encoding for a known value.

Suggested test update

   it('encodeDocument should return standard base64 (matches `@govtechsg/oa-encryption` / tradetrust-cli)', () => {
-    const input = 'hello';
+    const input = '🦄';
     const encoded = encodeDocument(input);
-    expect(encoded).toMatch(base64Regex);
+    expect(encoded).toBe('8J+mhA==');
     expect(decodeDocument(encoded)).toBe(input);
   });

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	it('encodeDocument should return standard base64 (matches @govtechsg/oa-encryption / tradetrust-cli)', () => {
	const input = 'hello';
	const encoded = encodeDocument(input);
	// encodeURIComponent encodes +, /, = — so this only passes when output is truly query-safe (base64url).
	expect(encodeURIComponent(encoded)).toBe(encoded);
	expect(encoded).toMatch(base64Regex);
	expect(decodeDocument(encoded)).toBe(input);
	it('encodeDocument should return standard base64 (matches `@govtechsg/oa-encryption` / tradetrust-cli)', () => {
	const input = '🦄';
	const encoded = encodeDocument(input);
	expect(encoded).toBe('8J+mhA==');
	expect(decodeDocument(encoded)).toBe(input);
	});

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/__tests__/open-attestation/encrypt-decrypt.test.ts` around lines 124 -
128, The test for encodeDocument/decodeDocument doesn't exercise the '+'/'/'
alphabet difference because using 'hello' produces only ASCII letters; update
the test around encodeDocument and decodeDocument to either assert the exact
expected base64 output for a known input (e.g., assert encodeDocument('hello')
=== 'aGVsbG8=') or use an input whose UTF-8 bytes will produce '+' or '/' when
base64-encoded (for example a Buffer with bytes that map to those characters) so
the test truly verifies standard base64 vs base64url behavior and still
round-trips with decodeDocument.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[tradetrustimda]

🎉 This PR is included in version 2.11.1 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀