From 50995238bd74786484ef2c208cb583d8c740595b Mon Sep 17 00:00:00 2001 From: Abhinav Adduri Date: Tue, 20 Jun 2017 13:03:04 -0700 Subject: [PATCH] gcm encryption --- frontend/src/fileReceiver.js | 42 ++++++++++++++++-------------------- frontend/src/fileSender.js | 16 ++++++++------ frontend/src/utils.js | 2 +- server/portal_server.js | 2 +- 4 files changed, 30 insertions(+), 32 deletions(-) diff --git a/frontend/src/fileReceiver.js b/frontend/src/fileReceiver.js index d73fae3c..d7fb6a7a 100644 --- a/frontend/src/fileReceiver.js +++ b/frontend/src/fileReceiver.js @@ -54,36 +54,32 @@ class FileReceiver extends EventEmitter { { kty: 'oct', k: location.hash.slice(1), - alg: 'A128CBC', + alg: 'A256GCM', ext: true }, { - name: 'AES-CBC' + name: 'AES-GCM' }, true, ['encrypt', 'decrypt'] ) - ]) - .then(([fdata, key]) => { - const salt = this.salt; - return Promise.all([ - window.crypto.subtle.decrypt( - { - name: 'AES-CBC', - iv: salt - }, - key, - fdata.data - ), - new Promise((resolve, reject) => { - resolve(fdata.fname); - }) - ]); - }) - .catch(err => { - Raven.captureException(err); - return Promise.reject(err); - }); + ]).then(([fdata, key]) => { + const salt = this.salt; + return Promise.all([ + window.crypto.subtle.decrypt( + { + name: 'AES-GCM', + iv: salt, + tagLength: 128 + }, + key, + fdata.data + ), + new Promise((resolve, reject) => { + resolve(fdata.fname); + }) + ]); + }); } } diff --git a/frontend/src/fileSender.js b/frontend/src/fileSender.js index c443443a..ee64ddea 100644 --- a/frontend/src/fileSender.js +++ b/frontend/src/fileSender.js @@ -7,7 +7,7 @@ class FileSender extends EventEmitter { constructor(file) { super(); this.file = file; - this.iv = window.crypto.getRandomValues(new Uint8Array(16)); + this.iv = window.crypto.getRandomValues(new Uint8Array(12)); } static delete(fileId, token) { @@ -39,12 +39,13 @@ class FileSender extends EventEmitter { return Promise.all([ window.crypto.subtle.generateKey( { - name: 'AES-CBC', - length: 128 + name: 'AES-GCM', + length: 256, + tagLength: 128 }, true, ['encrypt', 'decrypt'] - ), + ).catch(err => console.log('There was an error generating a crypto key')), new Promise((resolve, reject) => { const reader = new FileReader(); reader.readAsArrayBuffer(this.file); @@ -57,12 +58,13 @@ class FileSender extends EventEmitter { return Promise.all([ window.crypto.subtle.encrypt( { - name: 'AES-CBC', - iv: this.iv + name: 'AES-GCM', + iv: this.iv, + tagLength: 128 }, secretKey, plaintext - ), + ).catch(err => console.log('Error with encrypting.')), window.crypto.subtle.exportKey('jwk', secretKey) ]); }) diff --git a/frontend/src/utils.js b/frontend/src/utils.js index e17534fa..f46b4f79 100644 --- a/frontend/src/utils.js +++ b/frontend/src/utils.js @@ -12,7 +12,7 @@ function ivToStr(iv) { } function strToIv(str) { - const iv = new Uint8Array(16); + const iv = new Uint8Array(12); for (let i = 0; i < str.length; i += 2) { iv[i / 2] = parseInt(str.charAt(i) + str.charAt(i + 1), 16); } diff --git a/server/portal_server.js b/server/portal_server.js index 8684417f..75317117 100644 --- a/server/portal_server.js +++ b/server/portal_server.js @@ -171,5 +171,5 @@ app.listen(conf.listen_port, () => { }); const validateID = route_id => { - return route_id.match(/^[0-9a-fA-F]{32}$/) !== null; + return route_id.match(/^[0-9a-fA-F]{24}$/) !== null; };