diff --git a/javascript/src/iframe/viamapi-iframe.js b/javascript/src/iframe/viamapi-iframe.js
index d2280ae8716dc29122e2ceef25d1a04ca01b9563..4de95e5939217c6bb6d2d3f1ccc471587387ebe3 100644
--- a/javascript/src/iframe/viamapi-iframe.js
+++ b/javascript/src/iframe/viamapi-iframe.js
@@ -1073,6 +1073,7 @@ const connection = Penpal.connectToParent({
recoveryKey,
sharesNumber
);
+
const sanityCheckResponse = checkRecoveryKeyCombine(
recoveryKey,
recoveryKeyShares
@@ -1566,10 +1567,7 @@ const connection = Penpal.connectToParent({
vCardImageClaimValue = vCardClaimResponse.data;
}
- if (
- vCardImageClaimValue &&
- "state" in vCardImageClaimValue
- ) {
+ if (vCardImageClaimValue && "state" in vCardImageClaimValue) {
return encodeResponse("200", vCardImageClaimValue.state, "OK");
}
@@ -1629,14 +1627,13 @@ message SignatureData {
return encodeResponse("400", "", "Identity not authenticated");
}
-
// Get vCard and QR Code Coordinates
let vCardImageData;
let vCardImageClaimValue;
let qrCodeImageData;
- let qrCodeCoordinates = {fromL: -1, fromR: -1, toL: -1, toR: -1};
+ let qrCodeCoordinates = { fromL: -1, fromR: -1, toL: -1, toR: -1 };
if (signatureData) {
const vCardImageClaimName = "vCardImage";
@@ -1822,7 +1819,7 @@ message SignatureData {
let vCardImageClaimValue;
let qrCodeImageData;
- let qrCodeCoordinates = {fromL: -1, fromR: -1, toL: -1, toR: -1};
+ let qrCodeCoordinates = { fromL: -1, fromR: -1, toL: -1, toR: -1 };
const vCardImageClaimName = "vCardImage";
const defaultTagName = "notag";
@@ -1958,7 +1955,6 @@ message SignatureData {
passportChain.reverse();
-
const signVCardResponse = await executeRestfulFunction(
"private",
window.viamApi,
@@ -2076,7 +2072,7 @@ message SignatureData {
return encodeResponse("200", response.data, "Document created");
},
- getVcardWithQrCode: async (passportUUID, QRCodeContent = null) =>{
+ getVcardWithQrCode: async (passportUUID, QRCodeContent = null) => {
//TODO: IMPLEMENT QR CODE backend method needed
const authenticationPublicKey = localStorage.getItem(
"authenticatedIdentity"
@@ -2144,7 +2140,7 @@ message SignatureData {
);
}
}
- return encodeResponse("200",vCardImageData, 'vCard got');
+ return encodeResponse("200", vCardImageData, "vCard got");
},
documentPutDocument: async (
passportUUID,
diff --git a/javascript/src/utilities/numberUtilities.js b/javascript/src/utilities/numberUtilities.js
new file mode 100644
index 0000000000000000000000000000000000000000..dbee13839522df1f54fe79ff2fa57befd736ae68
--- /dev/null
+++ b/javascript/src/utilities/numberUtilities.js
@@ -0,0 +1,14 @@
+export function getRandomInt(max) {
+ return Math.floor(Math.random() * Math.floor(max));
+}
+
+export function getSliceRange(max) {
+ const beginIndex = getRandomInt(max);
+ const endIndex = getRandomInt(max);
+
+ if (beginIndex === endIndex) {
+ return getSliceRange(max);
+ }
+
+ return { beginIndex, endIndex };
+}
diff --git a/javascript/src/utilities/secrets.js b/javascript/src/utilities/secrets.js
index 764649eecffbde63c0726baa1b50edd5a89d8725..df1e2bd2308aff955f9cc208ea7be17e67e9003b 100644
--- a/javascript/src/utilities/secrets.js
+++ b/javascript/src/utilities/secrets.js
@@ -1,6 +1,7 @@
import secrets from "../lib/secrets";
-import { encryptMessage } from "./signingUtilities.js";
+import { encryptMessage } from "./signingUtilities";
import { encodeResponse } from "./appUtility";
+import { getSliceRange } from "./numberUtilities";
/** Initialize
*/
@@ -61,7 +62,8 @@ export const getRecoveryKeyShares = (recoveryKey, sharesNumber) => {
export const checkRecoveryKeyCombine = (recoveryKey, recoveryKeyShares) => {
let checkKey;
- checkKey = combineSecret(recoveryKeyShares.slice(0, 2));
+ const { beginIndex, endIndex } = getSliceRange(recoveryKeyShares.length);
+ checkKey = combineSecret(recoveryKeyShares.slice(beginIndex, endIndex));
if (checkKey !== recoveryKey) {
return encodeResponse("400", "", "First sanity check failed");
}