mirror of
https://github.com/PretendoNetwork/miiverse-api.git
synced 2026-07-05 01:51:05 -05:00
Updated Access Token decryption function
This commit is contained in:
parent
66906ebc0a
commit
191c9013ea
|
|
@ -200,7 +200,6 @@ class CommunityPostGen {
|
|||
.e("topics");
|
||||
for (const community of communities) {
|
||||
let posts = await database.getPostsByCommunity(community, 30);
|
||||
console.log(posts.length);
|
||||
xml = xml.e('topic')
|
||||
.e('empathy_count', community.empathy_count).up()
|
||||
.e('has_shop_page', community.has_shop_page).up()
|
||||
|
|
|
|||
|
|
@ -101,11 +101,11 @@ let methods = {
|
|||
|
||||
return decryptedBody;
|
||||
}
|
||||
const cryptoPath = `${__dirname}/../certs/access`;
|
||||
const cryptoPath = `${__dirname}/certs/access`;
|
||||
|
||||
const cryptoOptions = {
|
||||
private_key: fs.readFileSync(`${cryptoPath}/private.pem`),
|
||||
hmac_secret: config.secret
|
||||
hmac_secret: config.account_server_secret
|
||||
};
|
||||
|
||||
const privateKey = new NodeRSA(cryptoOptions.private_key, 'pkcs1-private-pem', {
|
||||
|
|
@ -115,12 +115,18 @@ let methods = {
|
|||
}
|
||||
});
|
||||
|
||||
const cryptoConfig = token.subarray(0, 0x90);
|
||||
const signature = token.subarray(0x90, 0xA4);
|
||||
const encryptedBody = token.subarray(0xA4);
|
||||
const cryptoConfig = token.subarray(0, 0x82);
|
||||
const signature = token.subarray(0x82, 0x96);
|
||||
const encryptedBody = token.subarray(0x96);
|
||||
|
||||
const encryptedAESKey = cryptoConfig.subarray(0, 128);
|
||||
const iv = cryptoConfig.subarray(128);
|
||||
const point1 = cryptoConfig.readInt8(0x80);
|
||||
const point2 = cryptoConfig.readInt8(0x81);
|
||||
|
||||
const iv = Buffer.concat([
|
||||
Buffer.from(encryptedAESKey.subarray(point1, point1 + 8)),
|
||||
Buffer.from(encryptedAESKey.subarray(point2, point2 + 8))
|
||||
]);
|
||||
|
||||
const decryptedAESKey = privateKey.decrypt(encryptedAESKey);
|
||||
|
||||
|
|
@ -128,12 +134,15 @@ let methods = {
|
|||
|
||||
let decryptedBody = decipher.update(encryptedBody);
|
||||
decryptedBody = Buffer.concat([decryptedBody, decipher.final()]);
|
||||
|
||||
const hmac = crypto.createHmac('sha1', cryptoOptions.hmac_secret).update(decryptedBody);
|
||||
const calculatedSignature = hmac.digest();
|
||||
if (!calculatedSignature.equals(signature)) {
|
||||
|
||||
if (calculatedSignature !== signature) {
|
||||
console.log('Token signature did not match');
|
||||
return null;
|
||||
}
|
||||
|
||||
return decryptedBody;
|
||||
},
|
||||
processPainting: function (painting) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user