From 165c12ad371dcb74de6d416f49226e67b61ca1e3 Mon Sep 17 00:00:00 2001
From: Sasha Ilieva <sasha.ilieva@vereign.com>
Date: Thu, 21 May 2020 11:17:44 +0300
Subject: [PATCH] Fix checkRecoveryKeyCombine

---
 javascript/src/constants/secrets.js |  1 +
 javascript/src/utilities/secrets.js | 35 +++++++++++++++++------------
 2 files changed, 22 insertions(+), 14 deletions(-)

diff --git a/javascript/src/constants/secrets.js b/javascript/src/constants/secrets.js
index d4adfa2..41b9ef5 100644
--- a/javascript/src/constants/secrets.js
+++ b/javascript/src/constants/secrets.js
@@ -1 +1,2 @@
 export const RECOMMENDED_TRUSTEES = 3;
+export const THRESHOLD = 2;
diff --git a/javascript/src/utilities/secrets.js b/javascript/src/utilities/secrets.js
index 52307d7..8da1897 100644
--- a/javascript/src/utilities/secrets.js
+++ b/javascript/src/utilities/secrets.js
@@ -2,8 +2,7 @@ import secrets from "../lib/secrets";
 import { encryptMessage } from "./signingUtilities";
 import { encodeResponse } from "./appUtility";
 import { getSliceRange } from "./numberUtilities";
-
-const THRESHOLD = 2;
+import { THRESHOLD } from "../constants/secrets";
 
 /** Initialize
  */
@@ -58,21 +57,29 @@ export const getRecoveryKeyShares = (recoveryKey, sharesNumber) => {
   return divideSecretToShares(recoveryKey, sharesNumber, THRESHOLD);
 };
 
+function getSecretSliceRange(max) {
+  const { beginIndex, endIndex } = getSliceRange(max);
+  if (endIndex - beginIndex < THRESHOLD) {
+    return getSecretSliceRange(max);
+  }
+
+  return { beginIndex, endIndex };
+}
+
 export const checkRecoveryKeyCombine = (recoveryKey, recoveryKeyShares) => {
   let checkKey;
 
-  if (recoveryKeyShares.length > 1) {
-    const { beginIndex, endIndex } = getSliceRange(
-      recoveryKeyShares.length - 1
-    );
-    checkKey = combineSecret(recoveryKeyShares.slice(beginIndex, endIndex));
-    if (checkKey !== recoveryKey) {
-      return encodeResponse("400", "", "First sanity check failed");
-    }
-    checkKey = combineSecret(recoveryKeyShares.slice(0, 1));
-    if (checkKey === recoveryKey) {
-      return encodeResponse("400", "", "Second sanity check failed");
-    }
+  const { beginIndex, endIndex } = getSecretSliceRange(
+    recoveryKeyShares.length + 1
+  );
+  console.log({ beginIndex, endIndex });
+  checkKey = combineSecret(recoveryKeyShares.slice(beginIndex, endIndex));
+  if (checkKey !== recoveryKey) {
+    return encodeResponse("400", "", "First sanity check failed");
+  }
+  checkKey = combineSecret(recoveryKeyShares.slice(0, 2));
+  if (checkKey === recoveryKey) {
+    return encodeResponse("400", "", "Second sanity check failed");
   }
   checkKey = combineSecret(recoveryKeyShares);
   if (checkKey !== recoveryKey) {
-- 
GitLab