use 128-bit GCM

2017-06-28 11:30:14 -07:00 · 2017-06-28 11:30:14 -07:00 · 4cb34844aa
commit 4cb34844aa
parent 34c367c49f
3 changed files with 15 additions and 24 deletions
--- a/frontend/src/fileReceiver.js
+++ b/frontend/src/fileReceiver.js
@ -1,12 +1,12 @@
 const EventEmitter = require('events');
-const { strToIv, strToUintArr } = require('./utils');
+const { hexToArray } = require('./utils');

 const Raven = window.Raven;

 class FileReceiver extends EventEmitter {
  constructor() {
    super();
-    this.salt = strToIv(location.pathname.slice(10, -1));
+    this.salt = hexToArray(location.pathname.slice(10, -1));
  }

  download() {
@ -55,7 +55,7 @@ class FileReceiver extends EventEmitter {
        {
          kty: 'oct',
          k: location.hash.slice(1),
-          alg: 'A256GCM',
+          alg: 'A128GCM',
          ext: true
        },
        {
@ -66,15 +66,13 @@ class FileReceiver extends EventEmitter {
      )
    ]).then(([fdata, key]) => {
      const salt = this.salt;
-      console.log(strToUintArr(fdata.aad));
-      
+
      return Promise.all([
        window.crypto.subtle.decrypt(
          {
            name: 'AES-GCM',
            iv: salt,
-            tagLength: 128,
-            additionalData: strToUintArr(fdata.aad)
+            additionalData: hexToArray(fdata.aad)
          },
          key,
          fdata.data
--- a/frontend/src/fileSender.js
+++ b/frontend/src/fileSender.js
@ -1,5 +1,5 @@
 const EventEmitter = require('events');
-const { ivToStr } = require('./utils');
+const { arrayToHex } = require('./utils');

 const Raven = window.Raven;

@ -41,8 +41,7 @@ class FileSender extends EventEmitter {
      window.crypto.subtle.generateKey(
        {
          name: 'AES-GCM',
-          length: 256,
-          tagLength: 128
+          length: 128
        },
        true,
        ['encrypt', 'decrypt']
@ -61,7 +60,6 @@ class FileSender extends EventEmitter {
            {
              name: 'AES-GCM',
              iv: this.iv,
-              tagLength: 128,
              additionalData: this.aad
            },
            secretKey,
@ -73,13 +71,13 @@ class FileSender extends EventEmitter {
      .then(([encrypted, keydata]) => {
        return new Promise((resolve, reject) => {
          const file = this.file;
-          const fileId = ivToStr(this.iv);
+          const fileId = arrayToHex(this.iv);
          const dataView = new DataView(encrypted);
          const blob = new Blob([dataView], { type: file.type });
          const fd = new FormData();
          fd.append('fname', file.name);
          fd.append('data', blob, file.name);
-          fd.append('aad', this.aad);
+          fd.append('aad', arrayToHex(this.aad));

          const xhr = new XMLHttpRequest();

--- a/frontend/src/utils.js
+++ b/frontend/src/utils.js
@ -1,4 +1,4 @@
-function ivToStr(iv) {
+function arrayToHex(iv) {
  let hexStr = '';
  for (const i in iv) {
    if (iv[i] < 16) {
@ -11,8 +11,8 @@ function ivToStr(iv) {
  return hexStr;
 }

-function strToIv(str) {
-  const iv = new Uint8Array(12);
+function hexToArray(str) {
+  const iv = new Uint8Array(str.length / 2);
  for (let i = 0; i < str.length; i += 2) {
    iv[i / 2] = parseInt(str.charAt(i) + str.charAt(i + 1), 16);
  }
@ -33,13 +33,8 @@ function notify(str) {
  }
 }

-function strToUintArr(str) {
-  return new Uint8Array(str.split(",").map(x => parseInt(x)));
-}
-
 module.exports = {
-  ivToStr,
-  strToIv,
-  notify,
-  strToUintArr
+  arrayToHex,
+  hexToArray,
+  notify
 };