We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent 2e43339 commit ff4206aCopy full SHA for ff4206a
packages/plugin-nft-collections/src/services/security-manager.ts
@@ -64,9 +64,13 @@ export class SecurityManager {
64
65
verifySignature(data: any, timestamp: number, signature: string): boolean {
66
const expectedSignature = this.generateSignature(data, timestamp);
67
- return crypto.timingSafeEqual(
68
- Buffer.from(signature),
69
- Buffer.from(expectedSignature)
70
- );
+ const signatureBuffer = Buffer.from(signature);
+ const expectedBuffer = Buffer.from(expectedSignature);
+
+ if (signatureBuffer.length !== expectedBuffer.length) {
71
+ return false;
72
+ }
73
74
+ return crypto.timingSafeEqual(signatureBuffer, expectedBuffer);
75
}
76
0 commit comments