Change the SHA1 validation to be case insensitive (nightscout#7780)

Co-authored-by: Ben West <bewest@gmail.com>
stevebell117 · Dec 30, 2022 · bd40046 · bd40046
1 parent 8594a2d
commit bd40046
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/lib/server/enclave.js b/lib/server/enclave.js
@@ -32,7 +32,7 @@ const init = function init () {
   function genHash(data, algorihtm) {
     const hash = crypto.createHash(algorihtm);
     data = hash.update(data, 'utf-8');
-    return data.digest('hex');
+    return data.digest('hex').toLowerCase();
   }
 
   enclave.setApiKey = function setApiKey (keyValue) {
@@ -48,7 +48,7 @@ const init = function init () {
   }
 
   enclave.isApiKey = function isApiKey (keyValue) {
-    return keyValue == secrets[apiKeySHA1] || keyValue == secrets[apiKeySHA512];
+    return keyValue.toLowerCase() == secrets[apiKeySHA1] || keyValue == secrets[apiKeySHA512];
   }
 
   enclave.setJWTKey = function setJWTKey (keyValue) {
@@ -72,7 +72,7 @@ const init = function init () {
     var shasum = crypto.createHash('sha1');
     shasum.update(secrets[apiKeySHA1]);
     shasum.update(id);
-    return shasum.digest('hex');
+    return shasum.digest('hex').toLowerCase();
   }
 
   return enclave;