Skip to content

Commit

Permalink
Added the time-based counter in the debug endpoints
Browse files Browse the repository at this point in the history
  • Loading branch information
jairajdev committed Aug 30, 2024
1 parent ec6e346 commit 2b3fc53
Showing 1 changed file with 7 additions and 2 deletions.
9 changes: 7 additions & 2 deletions src/DebugMode.ts
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
import { config } from './Config'
import * as Crypto from './Crypto'

const MAX_COUNTER_BUFFER_MILLISECONDS = 10000
let lastCounter = 0

export function isDebugMode(): boolean {
Expand Down Expand Up @@ -29,13 +30,17 @@ export const isDebugMiddleware = (_req, res): void => {
sign: { owner: ownerPk, sig: requestSig },
}
const currentCounter = parseInt(sigObj.count)
//reguire a larger counter than before.
if (currentCounter < lastCounter) {
//reguire a larger counter than before. This prevents replay attacks
const currentTime = new Date().getTime()
if (currentCounter > lastCounter && currentCounter <= currentTime + MAX_COUNTER_BUFFER_MILLISECONDS) {
const verified = Crypto.verify(sigObj)
if (!verified) {
throw new Error('FORBIDDEN. signature authentication is failed.')
}
} else {
console.log(
`isDebugMiddleware: currentCounter=${currentCounter}, lastCounter=${lastCounter}, currentTime=${currentTime}`
)
throw new Error('FORBIDDEN. signature counter is failed.')
}
lastCounter = currentCounter //update counter so we can't use it again
Expand Down

0 comments on commit 2b3fc53

Please sign in to comment.