web/cryptpad
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

simplify validateKey validation

Browse Source
This commit is contained in:
ansuz 2019-08-23 12:28:17 +02:00
parent b82c0a420a
commit 62c23a29a7
1 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
historyKeeper.js
View File

@ -66,15 +66,14 @@ const isMetadataMessage = function (parsed) {
return Boolean(parsed && parsed.channel); return Boolean(parsed && parsed.channel);
}; };
const isValidValidateKey = function (key) { // validateKeyStrings supplied by clients must decode to 32-byte Uint8Arrays
if (typeof(key) !== 'string') { return false; } const isValidValidateKeyString = function (key) {
let valid = false;
try { try {
if (Nacl.util.decodeBase64(key).length !== Nacl.sign.publicKeyLength) { return false; } return typeof(key) === 'string' &&
Nacl.util.decodeBase64(key).length === Nacl.sign.publicKeyLength;
} catch (e) { } catch (e) {
return valid; return false;
} }
return valid;
}; };
module.exports.create = function (cfg) { module.exports.create = function (cfg) {
@ -765,7 +764,7 @@ module.exports.create = function (cfg) {
// so they'll never get written to the log anyway. Let's just drop their message // so they'll never get written to the log anyway. Let's just drop their message
// on the floor instead of doing a bunch of extra work // on the floor instead of doing a bunch of extra work
// TODO send them an error message so they know something is wrong // TODO send them an error message so they know something is wrong
if (metadata.validateKey && !isValidValidateKey(metadata.validateKey)) { if (metadata.validateKey && !isValidValidateKeyString(metadata.validateKey)) {
return void Log.error('HK_INVALID_KEY', metadata.validateKey); return void Log.error('HK_INVALID_KEY', metadata.validateKey);
} }