From 69aed23e9b8af5b620576ad5586d37eea99793ef Mon Sep 17 00:00:00 2001 From: Dan Finlay Date: Fri, 14 Oct 2016 16:26:44 -0700 Subject: [PATCH] Fixed vector usage in encryptor --- app/scripts/lib/encryptor.js | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/app/scripts/lib/encryptor.js b/app/scripts/lib/encryptor.js index 207a9fc3c..4b3c7eb8e 100644 --- a/app/scripts/lib/encryptor.js +++ b/app/scripts/lib/encryptor.js @@ -2,12 +2,21 @@ var ethUtil = require('ethereumjs-util') var vector = global.crypto.getRandomValues(new Uint8Array(16)) module.exports = { + + // Simple encryption methods: encrypt, decrypt, - convertArrayBufferViewtoString, + + // More advanced encryption methods: keyFromPassword, encryptWithKey, decryptWithKey, + + // Buffer <-> String methods + convertArrayBufferViewtoString, + convertStringToArrayBufferView, + + // Buffer <-> Hex string methods serializeBufferForStorage, serializeBufferFromStorage, } @@ -23,13 +32,15 @@ function encrypt (password, dataObj) { function encryptWithKey (key, dataObj) { var data = JSON.stringify(dataObj) var dataBuffer = convertStringToArrayBufferView(data) + var vector = global.crypto.getRandomValues(new Uint8Array(16)) return global.crypto.subtle.encrypt({ name: 'AES-GCM', iv: vector }, key, dataBuffer).then(function(buf){ var buffer = new Uint8Array(buf) - return serializeBufferForStorage(buffer) + var vectorStr = serializeBufferForStorage(vector) + return serializeBufferForStorage(buffer) + vectorStr }) } @@ -43,7 +54,10 @@ function decrypt (password, text) { // AUDIT: See if this still works when generating a fresh vector function decryptWithKey (key, text) { - const encryptedData = serializeBufferFromStorage(text) + const parts = text.split('0x') + const encryptedData = serializeBufferFromStorage(parts[1]) + const vector = serializeBufferFromStorage(parts[2]) + debugger return crypto.subtle.decrypt({name: "AES-GCM", iv: vector}, key, encryptedData) .then(function(result){ const decryptedData = new Uint8Array(result)