From 926a3b6ea8f3bc0d71f294adc78d4bbd545c20ab Mon Sep 17 00:00:00 2001 From: Weirdo Date: Mon, 29 Mar 2021 01:12:30 +0200 Subject: [PATCH] Added client side redundant response validation --- src/ChecksumResolver.js | 22 ++++++++++++++---- src/Utils/AaxHashAlgorithm.js | 44 +++++++++++++++++++++++++++++++++++ 2 files changed, 62 insertions(+), 4 deletions(-) create mode 100644 src/Utils/AaxHashAlgorithm.js diff --git a/src/ChecksumResolver.js b/src/ChecksumResolver.js index 2493b2c..c4f3cb9 100644 --- a/src/ChecksumResolver.js +++ b/src/ChecksumResolver.js @@ -32,6 +32,8 @@ import ReactNotification from 'react-notifications-component' import { store } from 'react-notifications-component'; // import 'animate.css/animate.compat.css' +import AaxHashAlgorithm from './Utils/AaxHashAlgorithm' + const useStyles = theme => ({ paper: { @@ -137,12 +139,24 @@ class ChecksumResolver extends React.Component { let request = await fetch("https://aax.api.j-kit.me/api/v2/activation/" + checksum); let result = await request.json(); const { success, activationBytes } = result; - if (success === true) { - this.setState({ activationBytes: activationBytes }); - this.addNotification("Successfully resolved the activation bytes"); - } else { + + if (success !== true) { this.setState({ activationBytes: 'UNKNOWN' }); this.addNotification("An error occured while resolving the activation bytes, please check your inputs", false); + return; + } + + if (success === true) { + const calculatedChecksum = await AaxHashAlgorithm.CalculateChecksum(activationBytes); + if (calculatedChecksum == checksum) { + this.setState({ activationBytes: activationBytes }); + this.addNotification("Successfully resolved the activation bytes"); + return; + } + + this.setState({ activationBytes: "API ERROR" }); + this.addNotification("An unexpected error occured while resolving the activation bytes, please try again", false); + } } catch (error) { this.setState({ activationBytes: error }); diff --git a/src/Utils/AaxHashAlgorithm.js b/src/Utils/AaxHashAlgorithm.js new file mode 100644 index 0000000..244f232 --- /dev/null +++ b/src/Utils/AaxHashAlgorithm.js @@ -0,0 +1,44 @@ +export default class AaxHashAlgorithm { + static Instance = new AaxHashAlgorithm(); + + __fixed_key = [0x77, 0x21, 0x4d, 0x4b, 0x19, 0x6a, 0x87, 0xcd, 0x52, 0x00, 0x45, 0xfd, 0x20, 0xa5, 0x1d, 0x67]; + + + // Convert a hex string to a byte array + __hexToBytes(hex) { + for (var bytes = [], c = 0; c < hex.length; c += 2) + bytes.push(parseInt(hex.substr(c, 2), 16)); + + return bytes; + } + + // Convert a byte array to a hex string + __bytesToHex(bytes) { + for (var hex = [], i = 0; i < bytes.length; i++) { + var current = bytes[i] < 0 ? bytes[i] + 256 : bytes[i]; + hex.push((current >>> 4).toString(16)); + hex.push((current & 0xF).toString(16)); + } + return hex.join(""); + } + + async __HashData(data) { + let source = new Uint8Array(data); + let buffer = await crypto.subtle.digest('SHA-1', source); + return Array.from(new Uint8Array(buffer)); + } + + async CalculateChecksum(activationBytes) { + let data = this.__hexToBytes(activationBytes); + + let intermediate_key = await this.__HashData(this.__fixed_key.concat(data)); + let intermediate_iv = await this.__HashData(this.__fixed_key.concat(intermediate_key).concat(data)); + let checksum = await this.__HashData(intermediate_key.slice(0, 16).concat(intermediate_iv.slice(0, 16))); + + return this.__bytesToHex(checksum); + } + + static async CalculateChecksum(activationBytes){ + return AaxHashAlgorithm.Instance.CalculateChecksum(activationBytes); + } +} \ No newline at end of file