imterah/hermes
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases 1 Packages Wiki Activity Actions

fix: makes pubkey auth work

Browse source
This commit is contained in:
valerie 2024-05-10 18:00:58 -04:00
parent d1da42b7ec
commit 4209e01e96
No known key found for this signature in database
GPG key ID: BC4072495F2567DE
1 changed files with 10 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

12
lom/src/index.ts
View file

@ -1,5 +1,6 @@
import { readFile, writeFile, mkdir } from "node:fs/promises"; import { readFile, writeFile, mkdir } from "node:fs/promises";
import { format } from "node:util"; import { format } from "node:util";
import { timingSafeEqual } from "node:crypto";
import parseArgsStringToArgv from "string-argv"; import parseArgsStringToArgv from "string-argv";
import baseAxios from "axios"; import baseAxios from "axios";
@ -15,6 +16,13 @@ export type ClientKeys = {
password: string, password: string,
}[]; }[];
function checkValue(input: Buffer, allowed: Buffer): boolean {
const autoReject = (input.length !== allowed.length);
if (autoReject) allowed = input;
const isMatch = timingSafeEqual(input, allowed);
return (!autoReject && isMatch);
}
let serverKeyFile: Buffer | string | undefined; let serverKeyFile: Buffer | string | undefined;
let clientKeys: ClientKeys = []; let clientKeys: ClientKeys = [];
@ -101,8 +109,8 @@ server.on("connection", client => {
if ( if (
rawKey.username == auth.username && rawKey.username == auth.username &&
auth.key.algo == key.type && auth.key.algo == key.type &&
auth.key.data == key.getPublicSSH() && checkValue(auth.key.data, key.getPublicSSH()) ||
auth.signature && key.verify(auth.blob as Buffer, auth.signature, auth.key.algo) (auth.signature && key.verify(auth.blob as Buffer, auth.signature, auth.key.algo))
) { ) {
console.log(" -- VERIFIED PUBLIC KEY --"); console.log(" -- VERIFIED PUBLIC KEY --");
userData.username = rawKey.username; userData.username = rawKey.username;