Beta

WeakStore

Description:

Here is a service that implements the storage of entities under password protection.

The service has the following API:

  • read(pass:string, fieldName:string)
  • write(pass:string, fieldName:string, fieldValue:any)
  • addField(pass:string, fieldName:string, fieldValue:any)

Here is an example of work:

const service = GET_SERVICE('pass123');

const addRes = service.addField('pass123', 'fieldNameSecret', 'secretData');
console.log(addRes); // { code: 0, msg: 'ok' }

// ...

// ok
const data = service.read('pass123', 'fieldNameSecret');
console.log(data); // 'secretData'

// wrong pass
const errorData = service.read('wrongPassBlaBla', 'fieldNameSecret');
console.log(errorData); // { code: 1, msg: 'access forbidden' }

// wrong field name
const missData = service.read('pass123', 'fieldNameSecret1234567');
console.log(missData); // { code: 2, msg: 'not found' }

// field already created
const alreadyCreatedData = service.addField('pass123', 'fieldNameSecret', '123');
console.log(missData); // { code: 3, msg: 'already created' }

// *many wrong pass entered*
const blockedData = service.read('wrongPassBla-bla', 'fieldNameSecret');
console.log(blockedData); // { code: 4, msg: 'blocked' }

// after blocking
const okDataAfterBlocking = service.read('pass123', 'fieldNameSecret');
console.log(okDataAfterBlocking); // { code: 4, msg: 'blocked' }

Your task is to access the secret string without having a password (but having the name of the field with the secret string).

Here are more facts about task parameters:

  • the password always is 62 characters long (with 62 possible characters per position)
  • the secret string is 512 characters long (with 62 possible characters per position)
  • password and secret string contain only letters and numbers ([0-9A-Za-z])
  • the password is hashed during service initialization and then compared with the hash of the entered password

Spoiler: Since the secret string has a large length and a large number of possible characters per position, the number of variants of the secret string is 512 to the power of 62. Or 943 490 600 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000. And this is for every test. As you understand, it is impossible to pick up a secret string using brute-force in a reasonable time.

Also, the following global variables are available to you:

ALPHABET:string is a string with a set of characters (62 pieces) that are used to generate passwords.

GET_SERVICE:function is a function that returns a new service instance.

GET_RANDOM_HASH(length:number):string is a function that returns a random set of characters from ALPHABET with a length equal to the length argument.

After a detailed study, if you get stuck, remember these words: pay attention to one of the items on the list "more facts about task parameters"

Warning: This is a difficult kata. In it you have a whole study.

I won't leave any more hints. This is your research. Good luck!

Security

More By Author:

Check out these other kata created by Alexander-jsdev

Stats:

CreatedSep 26, 2022
PublishedOct 13, 2022
Warriors Trained21
Total Skips0
Total Code Submissions18
Total Times Completed6
JavaScript Completions6
Total Stars3
% of votes with a positive feedback rating50% of 3
Total "Very Satisfied" Votes1
Total "Somewhat Satisfied" Votes1
Total "Not Satisfied" Votes1
Total Rank Assessments2
Average Assessed Rank
5 kyu
Highest Assessed Rank
4 kyu
Lowest Assessed Rank
5 kyu
Ad
Contributors
  • Alexander-jsdev Avatar
Ad