sigit/sigit.io
7
2
Fork 0
Code Issues 51 Pull Requests 3 Actions Packages Projects 1 Releases Wiki Activity

feat(signature): verify hash
All checks were successful
Open PR on Staging / audit_and_check (pull_request) Successful in 38s
Details

Browse Source
This commit is contained in:
enes 2024-11-22 16:31:38 +01:00
parent 3255e93121
commit a371e98e9e
1 changed files with 19 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/components/MarkTypeStrategy/Signature/index.tsx
View File

@ -15,14 +15,9 @@ export const SignatureStrategy: MarkStrategy = {
render: MarkRenderSignature,
encryptAndUpload: async (value, encryptionKey) => {
// Value is the stringified signature object
// Encode it as text to the arrayBuffer
// Encode it to the arrayBuffer
const encoder = new TextEncoder()
const uint8Array = encoder.encode(value)
const hash = await getHash(uint8Array)
if (!hash) {
throw new Error("Can't get file hash.")
}
if (!encryptionKey) {
throw new Error('Signature requires an encryption key')
@ -34,6 +29,11 @@ export const SignatureStrategy: MarkStrategy = {
encryptionKey
)
const hash = await getHash(encryptedArrayBuffer)
if (!hash) {
throw new Error("Can't get encrypted file hash.")
}
// Create the encrypted json file from array buffer and hash
const file = new File([encryptedArrayBuffer], `${hash}.json`)
@ -51,7 +51,7 @@ export const SignatureStrategy: MarkStrategy = {
}
}
} else {
// Handle offline?
// TOOD: offline
}
return value
@ -65,6 +65,15 @@ export const SignatureStrategy: MarkStrategy = {
responseType: 'arraybuffer'
})
// Verify hash
const parts = value.split('/')
const urlHash = parts[parts.length - 1]
const hash = await getHash(encryptedArrayBuffer.data)
if (hash !== urlHash) {
// TODO: handle hash verification failing
throw new Error('Unable to verify signature')
}
const arrayBuffer = await decryptArrayBuffer(
encryptedArrayBuffer.data,
encryptionKey
@ -76,11 +85,11 @@ export const SignatureStrategy: MarkStrategy = {
if (arrayBuffer) {
// decode json
const decoder = new TextDecoder()
const value = decoder.decode(arrayBuffer)
return value
const json = decoder.decode(arrayBuffer)
return json
}
// Handle offline?
// TOOD: offline
return value
}
}