From bd7c583c3eb3bb44d56c9de7cfafef97825265d2 Mon Sep 17 00:00:00 2001
From: poka <poka@p2p.legal>
Date: Wed, 20 Dec 2023 13:57:42 +0100
Subject: [PATCH] enh: improve signature errors
---
lib/signature_verify.ts | 29 +++++++++++++++--------------
lib/update_profile.ts | 15 ++++++++-------
2 files changed, 23 insertions(+), 21 deletions(-)
diff --git a/lib/signature_verify.ts b/lib/signature_verify.ts
index 8bbbcdd..9b0c0af 100644
--- a/lib/signature_verify.ts
+++ b/lib/signature_verify.ts
@@ -1,26 +1,27 @@
import { signatureVerify, base64Decode } from 'https://deno.land/x/polkadot@0.2.44/util-crypto/mod.ts';
-export async function verifySignature(address: string, signatureBase64: string, hash: string, playload: string): Promise<boolean> {
- try {
- const messageUint8Array = new TextEncoder().encode(hash);
- const signature = base64Decode(signatureBase64);
- const signedMessage = signatureVerify(messageUint8Array, signature, address)
+export enum SignatureResponse {
+ valid,
+ invalidHash,
+ invalidSignature
+}
+export async function verifySignature(address: string, signatureBase64: string, hash: string, playload: string): Promise<SignatureResponse> {
+ try {
const hashVerify = await createHashedMessage(playload);
-
- // console.log(playload)
- // console.log(hash)
- // console.log(hashVerify)
-
if (hash != hashVerify) {
- console.log('hash documents is invalid')
- return false;
+ console.error('hash documents is invalid')
+ return SignatureResponse.invalidHash;
}
- return signedMessage.isValid;
+ const messageUint8Array = new TextEncoder().encode(hash);
+ const signature = base64Decode(signatureBase64);
+ const signedMessage = signatureVerify(messageUint8Array, signature, address)
+
+ return signedMessage.isValid ? SignatureResponse.valid : SignatureResponse.invalidSignature;
} catch (error) {
console.error('Signature verification failed:', error);
- return false;
+ throw new Error(`Cannot verify signature`);
}
}
diff --git a/lib/update_profile.ts b/lib/update_profile.ts
index 5a9dac2..0f18472 100644
--- a/lib/update_profile.ts
+++ b/lib/update_profile.ts
@@ -1,6 +1,6 @@
import { Context } from "https://deno.land/x/oak@v12.6.1/context.ts";
import { Client } from "https://deno.land/x/postgres@v0.17.0/client.ts";
-import { verifySignature } from "./signature_verify.ts";
+import { SignatureResponse, verifySignature } from "./signature_verify.ts";
import { convertBase64ToBytea } from "./utils.ts";
export async function updateProfile(ctx: Context, client: Client) {
@@ -13,10 +13,11 @@ export async function updateProfile(ctx: Context, client: Client) {
// Verify signature
const playload = JSON.stringify({description, avatarBase64, geoloc, title, city, socials});
- if (!await verifySignature(address, signature, hash, playload)) {
+ const signatureResult = await verifySignature(address, signature, hash, playload);
+ if (signatureResult != SignatureResponse.valid) {
ctx.response.status = 401;
- console.log('Invalid signature')
- ctx.response.body = { success: false, message: 'Invalid signature' };
+ console.error('Invalid signature: ' + SignatureResponse[signatureResult])
+ ctx.response.body = { success: false, message: 'Invalid signature: ' + SignatureResponse[signatureResult]};
return;
}
console.log('Signature is valid')
@@ -43,7 +44,7 @@ export async function updateProfile(ctx: Context, client: Client) {
text: query,
args: [address, description, avatarBytea, geoloc ? geoloc["latitude"] : null, geoloc ? geoloc["longitude"] : null, title, city, socialJson],
});
- console.log('User updated successfully');
+ console.log(`Profile ${address} has been updated`);
} catch (error) {
throw error;
}
@@ -52,10 +53,10 @@ export async function updateProfile(ctx: Context, client: Client) {
ctx.response.status = 200;
ctx.response.body = {
success: true,
- message: "Profile has been updated"
+ message: `Profile ${address} has been updated`
};
} catch (error) {
- console.error('Error updating user:', error);
+ console.error('Error updating profile:', error);
ctx.response.status = 500;
ctx.response.body = { success: false, message: 'Error updating user' };
}
--
GitLab