fix: check that key is 33 bytes and is a ed25519

This commit is contained in:
Derrick Hammer 2024-01-16 15:22:48 -05:00
parent 09216e2817
commit d74d29e2c5
Signed by: pcfreak30
GPG Key ID: C997C339BE476FF2
1 changed files with 3 additions and 3 deletions

View File

@ -205,7 +205,7 @@ func (h *HttpHandler) AccountRegisterChallenge(jc jape.Context) {
return
}
if len(decodedKey) != 32 {
if len(decodedKey) != 33 && int(decodedKey[0]) != int(types.HashTypeEd25519) {
_ = jc.Error(errAccountGenerateChallengeErr, http.StatusInternalServerError)
h.portal.Logger().Error(errAccountGenerateChallenge, zap.Error(err))
return
@ -380,8 +380,8 @@ func (h *HttpHandler) AccountLoginChallenge(jc jape.Context) {
return
}
if len(decodedKey) != 32 {
errored(err)
if len(decodedKey) != 33 && int(decodedKey[0]) != int(types.HashTypeEd25519) {
errored(errPubkeyNotSupported)
return
}