kmc7468/arkvault
1
0
Fork 0
mirror of https://github.com/kmc7468/arkvault.git synced 2026-02-04 08:06:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

클라이언트가 Decryption Oracle로 사용될 수 있는 취약점 수정

Browse Source
This commit is contained in:
static
2025-07-04 23:26:58 +09:00
parent 13bac59824
commit c9331ae5b7
12 changed files with 58 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/routes/api/auth/upgradeSession/+server.ts
View File

@@ -15,12 +15,12 @@ export const POST: RequestHandler = async ({ locals, request }) => {
if (!zodRes.success) error(400, "Invalid request body");
const { encPubKey, sigPubKey } = zodRes.data;
const { challenge } = await createSessionUpgradeChallenge(
const { id, challenge } = await createSessionUpgradeChallenge(
sessionId,
userId,
locals.ip,
encPubKey,
sigPubKey,
);
return json(sessionUpgradeResponse.parse({ challenge } satisfies SessionUpgradeResponse));
return json(sessionUpgradeResponse.parse({ id, challenge } satisfies SessionUpgradeResponse));
};