This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

APIGEE encrypted KVM is not case sensitive

Posted on 08-02-2019 02:57 PM
preranaprakash
New Member
Reply posted on --/--/---- --:-- AM

While testing out the product I found that APIGEE KVM converts all values in the KVM map to lower case before encrypting it. Is this a known behavior?

e.g.: I add a key-value to the encrypted KVM cache as Key1-Secret123

When I get it back its Key1-secret123

Solved Solved
1 5 326
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
g-gagan1000
New Member
Reply posted on --/--/---- --:-- AM

Hi,

I haven't seen this before and this should never be the case.

I tested with the value "Key1-Secret123" and got back the same.

Maybe you added the value "Key1-secret123" before and cache was not expired when you sent the request again? If that was the case, you can update the value in your KVM using management API as this will update the value immediately.

This section has more details on how KVM works.

https://docs.apigee.com/api-platform/reference/policies/key-value-map-operations-policy#ExclusiveCac...

View solution in original post

Jump to Solution
5 REPLIES 5

Posted on --/--/---- --:-- AM
g-gagan1000
New Member
Reply posted on --/--/---- --:-- AM

Hi,

I haven't seen this before and this should never be the case.

I tested with the value "Key1-Secret123" and got back the same.

Maybe you added the value "Key1-secret123" before and cache was not expired when you sent the request again? If that was the case, you can update the value in your KVM using management API as this will update the value immediately.

This section has more details on how KVM works.

https://docs.apigee.com/api-platform/reference/policies/key-value-map-operations-policy#ExclusiveCac...
Jump to Solution

Posted on --/--/---- --:-- AM
itravindrasingh
New Member
In response to g-gagan1000
Reply posted on --/--/---- --:-- AM

Do agree with @Gagandeep Singh KVM is case sensitive for plain as well as encrypted storage.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
preranaprakash
New Member
In response to g-gagan1000
Reply posted on --/--/---- --:-- AM

Here is my case. Also make sure you use the encrypted KVM and not the regular.

1. Generate a JWT using the assign message policy to assign a variable "private.secretkey" as "Secret123".

2. Create an encrypted KVM with Key as private.secretkey and value as "Secret123"

3. Create a policy to validate the Jwt after getting this private.secretkey from the KVM

You will notice that the validation of JWT fails. Now if you update the assign message policy in Step 1 as "secret123" it will pass.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
itravindrasingh
New Member
In response to preranaprakash
Reply posted on --/--/---- --:-- AM

you must be doing something wrong. I have following the steps you have mentioned and see the output as same as input.

8967-screen-shot-2019-08-05-at-105518-pm.png

8965-screen-shot-2019-08-05-at-105501-pm.png

Please share the test proxy if possible so we can have a look in the exact issue.

Jump to Solution

Posted on --/--/---- --:-- AM
preranaprakash
New Member
In response to g-gagan1000
Reply posted on --/--/---- --:-- AM

I figured out, its not an issue with Case Sensitive characters. Its just if I use the Edge UI to update the KVM values multiple times and try to retrieve them using a KVM policy, they are sometimes (<10%) not able to pick up the most recent changes.

I will mark this thread resolved. Thank you

Jump to Solution
0 Likes