From d97d73dd1a78a37bbc38c974ae53ba2076b720b3 Mon Sep 17 00:00:00 2001
From: saridsa2 <s.satya.suman@globaluniversityfoundation.com>
Date: Sun, 12 Apr 2026 21:09:00 +0530
Subject: [PATCH] fix: wrap raw base64 public key with PEM headers for Node
 crypto

Ozonetel returns raw base64 public key without PEM headers. Node's
crypto.publicEncrypt requires PEM format.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 src/ozonetel/ozonetel-admin-auth.service.ts | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/ozonetel/ozonetel-admin-auth.service.ts b/src/ozonetel/ozonetel-admin-auth.service.ts
index d3c70ca..c7d1f60 100644
--- a/src/ozonetel/ozonetel-admin-auth.service.ts
+++ b/src/ozonetel/ozonetel-admin-auth.service.ts
@@ -54,10 +54,14 @@ export class OzonetelAdminAuthService implements OnModuleInit {
         return this.login();
     }
 
-    private rsaEncrypt(publicKeyPem: string, plaintext: string): string {
+    private rsaEncrypt(publicKeyRaw: string, plaintext: string): string {
+        // Ozonetel returns raw base64 without PEM headers — wrap it
+        const pem = publicKeyRaw.includes('-----BEGIN')
+            ? publicKeyRaw
+            : `-----BEGIN PUBLIC KEY-----\n${publicKeyRaw}\n-----END PUBLIC KEY-----`;
         const buffer = Buffer.from(plaintext, 'utf8');
         const encrypted = publicEncrypt(
-            { key: publicKeyPem, padding: cryptoConstants.RSA_PKCS1_PADDING },
+            { key: pem, padding: cryptoConstants.RSA_PKCS1_PADDING },
             buffer,
         );
         return encrypted.toString('base64');