forked from Mirrors/doipjs
fix: normalize case before hash verification
This commit is contained in:
parent
9c9b387fc9
commit
beb78e8227
2 changed files with 49 additions and 2 deletions
|
@ -89,7 +89,7 @@ const containsProof = async (data, params) => {
|
|||
if (parseInt(match[0].split('$')[2]) > 12) continue
|
||||
|
||||
const hashPromise = bcryptVerify({
|
||||
password: fingerprintURI,
|
||||
password: fingerprintURI.toLowerCase(),
|
||||
hash: match[0]
|
||||
})
|
||||
.then(result => result)
|
||||
|
@ -102,6 +102,28 @@ const containsProof = async (data, params) => {
|
|||
} catch (err) {
|
||||
result = false
|
||||
}
|
||||
|
||||
// Accept mixed-case fingerprints until deadline
|
||||
if (!result) {
|
||||
try {
|
||||
// Patch until promise.race properly works on WASM
|
||||
if (parseInt(match[0].split('$')[2]) > 12) continue
|
||||
|
||||
const hashPromise = bcryptVerify({
|
||||
password: fingerprintURI,
|
||||
hash: match[0]
|
||||
})
|
||||
.then(result => result)
|
||||
.catch(_ => false)
|
||||
|
||||
result = await Promise.race([hashPromise, timeoutPromise]).then((result) => {
|
||||
clearTimeout(timeoutHandle)
|
||||
return result
|
||||
})
|
||||
} catch (err) {
|
||||
result = false
|
||||
}
|
||||
}
|
||||
break
|
||||
|
||||
case 'argon2':
|
||||
|
@ -110,7 +132,7 @@ const containsProof = async (data, params) => {
|
|||
case 'argon2id':
|
||||
try {
|
||||
const hashPromise = argon2Verify({
|
||||
password: fingerprintURI,
|
||||
password: fingerprintURI.toLowerCase(),
|
||||
hash: match[0]
|
||||
})
|
||||
.then(result => result)
|
||||
|
@ -123,6 +145,25 @@ const containsProof = async (data, params) => {
|
|||
} catch (err) {
|
||||
result = false
|
||||
}
|
||||
|
||||
// Accept mixed-case fingerprints until deadline
|
||||
if (!result) {
|
||||
try {
|
||||
const hashPromise = argon2Verify({
|
||||
password: fingerprintURI,
|
||||
hash: match[0]
|
||||
})
|
||||
.then(result => result)
|
||||
.catch(_ => false)
|
||||
|
||||
result = await Promise.race([hashPromise, timeoutPromise]).then((result) => {
|
||||
clearTimeout(timeoutHandle)
|
||||
return result
|
||||
})
|
||||
} catch (err) {
|
||||
result = false
|
||||
}
|
||||
}
|
||||
break
|
||||
|
||||
default:
|
||||
|
|
|
@ -50,6 +50,8 @@ describe('verifications.run', () => {
|
|||
it('should verify a plaintext proof', async () => {
|
||||
const result = await verifications.run(plaintextCorrectProofData, claimData, fingerprint)
|
||||
expect(result.result).to.be.true
|
||||
const result2 = await verifications.run(plaintextCorrectProofData, claimData, fingerprint.toUpperCase())
|
||||
expect(result2.result).to.be.true
|
||||
})
|
||||
// issue #22
|
||||
it('should handle a plaintext proof with whitespace', async () => {
|
||||
|
@ -63,6 +65,8 @@ describe('verifications.run', () => {
|
|||
it('should verify a argon2-hashed proof', async () => {
|
||||
const result = await verifications.run(argon2CorrectProofData, claimData, fingerprint)
|
||||
expect(result.result).to.be.true
|
||||
const result2 = await verifications.run(argon2CorrectProofData, claimData, fingerprint.toUpperCase())
|
||||
expect(result2.result).to.be.true
|
||||
})
|
||||
it('should reject a wrong argon2-hashed proof', async () => {
|
||||
const result = await verifications.run(argon2IncorrectProofData, claimData, fingerprint)
|
||||
|
@ -71,6 +75,8 @@ describe('verifications.run', () => {
|
|||
it('should verify a bcrypt-hashed proof', async () => {
|
||||
const result = await verifications.run(bcryptCorrectProofData, claimData, fingerprint)
|
||||
expect(result.result).to.be.true
|
||||
const result2 = await verifications.run(bcryptCorrectProofData, claimData, fingerprint.toUpperCase())
|
||||
expect(result2.result).to.be.true
|
||||
})
|
||||
it('should reject a wrong bcrypt-hashed proof', async () => {
|
||||
const result = await verifications.run(bcryptIncorrectProofData, claimData, fingerprint)
|
||||
|
|
Loading…
Reference in a new issue