Use random salt for each fingerprint key

Salt length depended on fingerprint name length, which lead to weak salts in some cases It's now a fixed length (12 bytes)
2021-06-05 12:20:14 +02:00
parent 3b1755b793
commit d7691e414b
5 changed files with 69 additions and 7 deletions
--- a/Akari.Prototype.Server/Services/TcpProviderService.cs
+++ b/Akari.Prototype.Server/Services/TcpProviderService.cs
@@ -47,7 +47,7 @@ namespace Akari.Prototype.Server.Services

            _logger.LogInformation($"Now listening on: {_listener.LocalEndpoint}");

-            return Task.CompletedTask;
+            return base.StartAsync(cancellationToken);
        }

        protected override async Task ExecuteAsync(CancellationToken stoppingToken)
@@ -126,7 +126,7 @@ namespace Akari.Prototype.Server.Services
                position += read;
            }

-            var text = Encoding.UTF8.GetString(data.Span);
+            var text = Encoding.UTF8.GetString(data[..position].Span);
            var splitIndex = text.IndexOf('$');

            _logger.LogDebug($"Received text: {text}");
@@ -138,9 +138,14 @@ namespace Akari.Prototype.Server.Services

            var handle = GCHandle.Alloc(text, GCHandleType.Pinned);

-            _fingerprintManager.VerifyFingerprint(text[..splitIndex], Convert.FromBase64String(text[(splitIndex + 1)..]));
-
-            handle.Free();
+            try
+            {
+                _fingerprintManager.VerifyFingerprint(text[..splitIndex], Convert.FromBase64String(text[(splitIndex + 1)..]));
+            }
+            finally
+            {
+                handle.Free();
+            }
        }

        public override void Dispose()