From ebdff505eb262dc1b6af18d0aaefac17bef5f1c3 Mon Sep 17 00:00:00 2001
From: Hubert Chathi <hubert@uhoreg.ca>
Date: Fri, 15 May 2020 16:52:53 -0400
Subject: [PATCH] make MAC check robust against unpadded vs padded base64
 differences

---
 src/crypto/SecretStorage.js | 2 +-
 src/crypto/aes.js           | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/crypto/SecretStorage.js b/src/crypto/SecretStorage.js
index 830c42af4e1..cb21b1c155f 100644
--- a/src/crypto/SecretStorage.js
+++ b/src/crypto/SecretStorage.js
@@ -167,7 +167,7 @@ export class SecretStorage extends EventEmitter {
         if (info.algorithm === SECRET_STORAGE_ALGORITHM_V1_AES) {
             if (info.mac) {
                 const {mac} = await SecretStorage._calculateKeyCheck(key, info.iv);
-                return info.mac === mac;
+                return info.mac.replace(/=+$/g, '') === mac.replace(/=+$/g, '');
             } else {
                 // if we have no information, we have to assume the key is right
                 return true;
diff --git a/src/crypto/aes.js b/src/crypto/aes.js
index 6c351330faf..1556413f7c4 100644
--- a/src/crypto/aes.js
+++ b/src/crypto/aes.js
@@ -84,9 +84,9 @@ async function decryptNode(data, key, name) {
     const [aesKey, hmacKey] = deriveKeysNode(key, name);
 
     const hmac = crypto.createHmac("sha256", hmacKey)
-        .update(data.ciphertext, "base64").digest("base64");
+        .update(data.ciphertext, "base64").digest("base64").replace(/=+$/g, '');
 
-    if (hmac !== data.mac) {
+    if (hmac !== data.mac.replace(/=+$/g, '')) {
         throw new Error(`Error decrypting secret ${name}: bad MAC`);
     }