From 62c23a29a7cb0577967b0f601c09e00b713781ea Mon Sep 17 00:00:00 2001
From: ansuz <ansuz@transitiontech.ca>
Date: Fri, 23 Aug 2019 12:28:17 +0200
Subject: [PATCH] simplify validateKey validation

---
 historyKeeper.js | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/historyKeeper.js b/historyKeeper.js
index 52ae95b2c..b1bf49fd5 100644
--- a/historyKeeper.js
+++ b/historyKeeper.js
@@ -66,15 +66,14 @@ const isMetadataMessage = function (parsed) {
     return Boolean(parsed && parsed.channel);
 };
 
-const isValidValidateKey = function (key) {
-    if (typeof(key) !== 'string') { return false; }
-    let valid = false;
+// validateKeyStrings supplied by clients must decode to 32-byte Uint8Arrays
+const isValidValidateKeyString = function (key) {
     try {
-        if (Nacl.util.decodeBase64(key).length !== Nacl.sign.publicKeyLength) { return false; }
+        return typeof(key) === 'string' &&
+            Nacl.util.decodeBase64(key).length === Nacl.sign.publicKeyLength;
     } catch (e) {
-        return valid;
+        return false;
     }
-    return valid;
 };
 
 module.exports.create = function (cfg) {
@@ -765,7 +764,7 @@ module.exports.create = function (cfg) {
             // so they'll never get written to the log anyway. Let's just drop their message
             // on the floor instead of doing a bunch of extra work
             // TODO send them an error message so they know something is wrong
-            if (metadata.validateKey && !isValidValidateKey(metadata.validateKey)) {
+            if (metadata.validateKey && !isValidValidateKeyString(metadata.validateKey)) {
                 return void Log.error('HK_INVALID_KEY', metadata.validateKey);
             }