Skip to content

Commit

Permalink
adds anothe check to invalid sig
Browse files Browse the repository at this point in the history
  • Loading branch information
arch1995 committed Feb 14, 2024
1 parent 30b657a commit 8a6c0c5
Showing 1 changed file with 14 additions and 8 deletions.
22 changes: 14 additions & 8 deletions src/utils/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ export const MAX_BATCH_SIZE = 60 * 1024 * 1024; // 60MB

export const REDIS_NAME_SPACE = "EMAIL_AUTH_DATA";

export const isValidSignature = (data: SetDataInput) => {
export const isValidSignature = (data: SetDataInput): boolean => {
const { pub_key_X: pubKeyX, pub_key_Y: pubKeyY, signature, set_data: setData } = data;
const pubKey = elliptic.keyFromPublic({ x: pubKeyX, y: pubKeyY }, "hex");
const decodedSignature = Buffer.from(signature, "base64").toString("hex");
Expand All @@ -41,16 +41,22 @@ export const isValidSignature = (data: SetDataInput) => {
};
// this is to ensure that the signature is valid for both JSON and stringified data
// and for backward compatibility.
const result1 = elliptic.verify(keccak256(stringify(setData)), ecSignature, pubKey);
if (result1) return true;
return elliptic.verify(keccak256(JSON.stringify(setData)), ecSignature, pubKey);
const casesToCheck = [stringify(setData), JSON.stringify(setData), JSON.stringify({ timestamp: setData.timestamp, data: setData.data })];
for (const dataCase of casesToCheck) {
const result = elliptic.verify(keccak256(dataCase), ecSignature, pubKey);
if (result) return result;
}
return false;
};

export const isValidLockSignature = (lockData: LockDataInput) => {
export const isValidLockSignature = (lockData: LockDataInput): boolean => {
const { key, signature, data } = lockData;
// this is to ensure that the signature is valid for both JSON and stringified data
// and for backward compatibility.
const result = elliptic.verify(keccak256(Buffer.from(stringify(data), "utf8")), signature, Buffer.from(key, "hex"));
if (result) return result;
return elliptic.verify(keccak256(Buffer.from(JSON.stringify(data), "utf8")), signature, Buffer.from(key, "hex"));
const casesToCheck = [stringify(data), JSON.stringify(data), JSON.stringify({ timestamp: data.timestamp, data: data.data })];
for (const dataCase of casesToCheck) {
const result = elliptic.verify(keccak256(Buffer.from(dataCase, "utf8")), signature, Buffer.from(key, "hex"));
if (result) return result;
}
return false;
};

0 comments on commit 8a6c0c5

Please sign in to comment.