jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

encryption: do not allow password and hint to be the same

Browse Source
This commit is contained in:
Girish Ramakrishnan
2025-10-07 16:49:57 +02:00
parent 55091cfe8d
commit 02ba2fe59b
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/backupsites.js
+3 -1
View File
@@ -304,6 +304,7 @@ async function setEncryption(backupSite, data, auditSource) {
if (data.encryptionPassword) {
const encryptionPasswordError = validateEncryptionPassword(data.encryptionPassword);
if (encryptionPasswordError) throw encryptionPasswordError;
if (data.encryptionPassword === data.encryptionPasswordHint) throw new BoxError(BoxError.BAD_FIELD, 'password hint cannot be the same as password');
encryption = hush.generateEncryptionKeysSync(data.encryptionPassword);
encryption.encryptedFilenames = !!data.encryptedFilenames;
encryption.encryptionPasswordHint = data.encryptionPasswordHint || '';
@@ -519,7 +520,7 @@ async function add(data, auditSource) {
const limits = data.limits || null,
encryptionPassword = data.encryptionPassword || null,
encryptedFilenames = data.encryptedFilenames || false,
encryptionPasswordHint = data.encryptionPasswordHint || null;
encryptionPasswordHint = data.encryptionPasswordHint || '';
const formatError = backupFormats.validateFormat(format);
if (formatError) throw formatError;
@@ -534,6 +535,7 @@ async function add(data, auditSource) {
if (encryptionPassword) {
const encryptionPasswordError = validateEncryptionPassword(encryptionPassword);
if (encryptionPasswordError) throw encryptionPasswordError;
if (data.encryptionPassword === data.encryptionPasswordHint) throw new BoxError(BoxError.BAD_FIELD, 'Password hint cannot be the same as password');
encryption = hush.generateEncryptionKeysSync(encryptionPassword);
encryption.encryptedFilenames = !!encryptedFilenames;
encryption.encryptionPasswordHint = encryptionPasswordHint;