From 55b4320424ce7996b8f19ecbc203e87600f36521 Mon Sep 17 00:00:00 2001
From: Sonny Piers <sonny@fastmail.net>
Date: Tue, 7 Jan 2025 14:32:32 +0100
Subject: [PATCH] use web crypto verify

---
 packages/sasl-ht-sha-256-none/index.js | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/packages/sasl-ht-sha-256-none/index.js b/packages/sasl-ht-sha-256-none/index.js
index ab8da8b6..61879448 100644
--- a/packages/sasl-ht-sha-256-none/index.js
+++ b/packages/sasl-ht-sha-256-none/index.js
@@ -15,26 +15,27 @@ Mechanism.prototype.response = async function response({ username, password }) {
     new TextEncoder().encode(password),
     // https://developer.mozilla.org/en-US/docs/Web/API/HmacImportParams
     { name: "HMAC", hash: "SHA-256" },
-    false, //extractable
+    false, // extractable
     ["sign", "verify"],
   );
-  const digest = await crypto.subtle.sign(
+  const signature = await crypto.subtle.sign(
     "HMAC",
     this.key,
     new TextEncoder().encode("Initiator"),
   );
-  const digestS = String.fromCodePoint(...new Uint8Array(digest));
-  return username + "\0" + digestS;
+  return `${username}\0${String.fromCodePoint(...new Uint8Array(signature))}`;
 };
 
 Mechanism.prototype.final = async function final(data) {
-  const digest = await crypto.subtle.sign(
+  const signature = Uint8Array.from(data, (c) => c.codePointAt(0));
+  // https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/verify
+  const result = await crypto.subtle.verify(
     "HMAC",
     this.key,
+    signature,
     new TextEncoder().encode("Responder"),
   );
-  const digestS = String.fromCodePoint(...new Uint8Array(digest));
-  if (digestS !== data) {
+  if (result !== true) {
     throw new Error("Responder message from server was wrong");
   }
 };