diff --git a/src/client.js b/src/client.js index 9c211df..4e0424f 100644 --- a/src/client.js +++ b/src/client.js @@ -55,7 +55,7 @@ function processDataFromUser(data) { return reject(INVALID("Incorrect Supernode")); if (!floCrypto.validateAddr(data.senderID)) return reject(INVALID("Invalid senderID")); - if (data.senderID !== floCrypto.getFloID(data.pubKey)) + if (!floCrypto.verifyPubKey(data.pubKey, data.senderID)) return reject(INVALID("Invalid pubKey")); let hashcontent = ["receiverID", "time", "application", "type", "message", "comment"] .map(d => data[d]).join("|"); @@ -110,7 +110,7 @@ function processTagFromUser(data) { if (!floCrypto.validateAddr(data.requestorID) || !floGlobals.appSubAdmins[result.application].includes(data.requestorID)) return reject(INVALID("Invalid requestorID")); - if (data.requestorID !== floCrypto.getFloID(data.pubKey)) + if (!floCrypto.verifyPubKey(data.pubKey, data.requestorID)) return reject(INVALID("Invalid pubKey")); let hashcontent = ["time", "vectorClock", "tag"].map(d => data[d]).join("|"); if (!floCrypto.verifySign(hashcontent, data.sign, data.pubKey)) @@ -141,7 +141,7 @@ function processNoteFromUser(data) { return reject(INVALID("Invalid requestorID")); } else if (result.receiverID !== data.requestorID) return reject(INVALID("Invalid requestorID")); - if (data.requestorID !== floCrypto.getFloID(data.pubKey)) + if (!floCrypto.verifyPubKey(data.pubKey, data.requestorID)) return reject(INVALID("Invalid pubKey")); let hashcontent = ["time", "vectorClock", "note"].map(d => data[d]).join("|"); if (!floCrypto.verifySign(hashcontent, data.sign, data.pubKey)) @@ -188,7 +188,7 @@ function processStatusFromUser(request, ws) { //Set user-online status if (!request.floID || !request.application || !request.sign || !request.pubKey || !request.time) return ws.send("Invalid request parameters"); - if (request.floID !== floCrypto.getFloID(request.pubKey)) + if (!floCrypto.verifyPubKey(request.pubKey, request.floID)) return ws.send("Invalid pubKey"); let hashcontent = ["time", "application", "floID"].map(d => request[d]).join("|"); if (!floCrypto.verifySign(hashcontent, request.sign, request.pubKey)) diff --git a/src/floCrypto.js b/src/floCrypto.js index e32882e..8d000da 100644 --- a/src/floCrypto.js +++ b/src/floCrypto.js @@ -1,4 +1,4 @@ -(function(EXPORTS) { //floCrypto v2.3.2b +(function(EXPORTS) { //floCrypto v2.3.3 /* FLO Crypto Operators */ 'use strict'; const floCrypto = EXPORTS; @@ -242,6 +242,35 @@ return false; } + floCrypto.verifyPubKey = function(pubKeyHex, address) { + let pub_hash = Crypto.util.bytesToHex(ripemd160(Crypto.SHA256(Crypto.util.hexToBytes(pubKeyHex), { + asBytes: true + }))); + if (address.length == 34) { //legacy encoding + let decode = bitjs.Base58.decode(address); + var raw = decode.slice(0, decode.length - 4), + checksum = decode.slice(decode.length - 4); + var hash = Crypto.SHA256(Crypto.SHA256(raw, { + asBytes: true + }), { + asBytes: true + }); + if (hash[0] != checksum[0] || hash[1] != checksum[1] || hash[2] != checksum[2] || hash[3] != checksum[3]) + return false; + raw.shift(); + return pub_hash === Crypto.util.bytesToHex(raw); + } else if (address.length == 42 || address.length == 62) { //bech encoding + let decode = coinjs.bech32_decode(address); + if (!decode) + return false; + var raw = decode.data; + raw.shift(); + raw = coinjs.bech32_convert(raw, 5, 8, false); + return pub_hash === Crypto.util.bytesToHex(raw); + } else //unknown length + return false; + } + //Split the str using shamir's Secret and Returns the shares floCrypto.createShamirsSecretShares = function(str, total_shares, threshold_limit) { try {