Closed c3ypt1c closed 3 years ago
Current container implementation does not implement a HMAC. Instead it tries to decode JSON. If successful, the program carries on as usual. Implement HMAC to stop possible data corruption upon potential collision or bad key given.
See: https://github.com/c3ypt1c/PasswordManager/blob/a09b60a1afb0f2920d7c73ea98476cc9d3c14e7e/src/crypto/Container.ts#L107
Current container implementation does not implement a HMAC. Instead it tries to decode JSON. If successful, the program carries on as usual. Implement HMAC to stop possible data corruption upon potential collision or bad key given.
See: https://github.com/c3ypt1c/PasswordManager/blob/a09b60a1afb0f2920d7c73ea98476cc9d3c14e7e/src/crypto/Container.ts#L107