[fix!!!] IV reuse is totally wrong

2019-09-24 11:43:09 +02:00 · 2019-09-24 11:43:09 +02:00 · 200dfe8a51
commit 200dfe8a51
parent 7789945247
3 changed files with 13 additions and 10 deletions
--- a/README.md
+++ b/README.md
@ -11,4 +11,4 @@ Encryption
 * Key length is 256 bytes
 * Key is stored in the fragmen
 * Initialization Vector is stored in the first 12 bytes of the file
-* File name is also AES encrypted using the same key and the directory name as IV result is base32 encoded
+* File name is also AES encrypted using the same key and random IV, stored in the first 12 bytes of filename,  result is base32 encoded
--- a/client/crypto.js
+++ b/client/crypto.js
@ -48,9 +48,9 @@ var CryptoUtils = {
    	});
    },

-    encryptFilename: function(data, iv) {
+    encryptFilename: function(data) {
 	var self = this;
-	iv = this.stringToArrayBuffer(iv);
+	var iv = window.crypto.getRandomValues(new Uint8Array(12));
 	data = this.stringToArrayBuffer(data);
 	return window.crypto.subtle.encrypt(
 	    {		
@ -60,7 +60,10 @@ var CryptoUtils = {
 	    this.key,
 	    data
 	).then(function(encrypted){
-	    return base32.encode(encrypted);
+	    var fn = new Uint8Array(iv.length+encrypted.byteLength);
+	    fn.set(iv);
+	    fn.set(new Uint8Array(encrypted), iv.length);
+	    return base32.encode(fn);
    	});
    },

@ -76,17 +79,17 @@ var CryptoUtils = {
 	);
    },

-    decryptFileName: function(data, iv) {
+    decryptFileName: function(data) {
 	var self = this;
 	var data = new Uint8Array(base32.decode.asBytes(data)).buffer;
-	iv = this.stringToArrayBuffer(iv);
+	var iv = data.slice(0, 12);
 	return window.crypto.subtle.decrypt(
 	    {
 		name: this.cypher,
 		iv: iv,
 	    },
 	    this.key,
-	    data
+	    data.slice(12)
 	);	    
    },
    
--- a/client/main.js
+++ b/client/main.js
@ -87,7 +87,7 @@ var CryptoUploader = {
 	fileReader.onload = function(e) {
 	    self.data = fileReader.result;
 	    $("#progress-bar").show();
-	    CryptoUtils.encryptFilename(file.name, Uploader.roomId)
+	    CryptoUtils.encryptFilename(file.name)
 		.then(function(encrypted) {
 		    var fileName = encrypted;
 		    console.log(self.data);
@ -160,7 +160,7 @@ var CryptoUploader = {
 	Uploader.getRoom(path, function(data){
 	    for(let f of data.entries()) {
 		let file = f[1];
-		CryptoUtils.decryptFileName(file.name, Uploader.roomId)
+		CryptoUtils.decryptFileName(file.name)
 		    .then(function(fileName) {
 			var fileName = CryptoUtils.arrayBufferToString(fileName);
 			var e = $("<li></li>").appendTo("#file-list > ul");
@ -198,7 +198,7 @@ var CryptoUploader = {
 	var directoryName = $("#directory-name");
 	if(directoryName.css('display') != 'none') {
 	    if(directoryName.val() != '') {
-		CryptoUtils.encryptFilename(directoryName.val(), Uploader.roomId)
+		CryptoUtils.encryptFilename(directoryName.val())
 		    .then(function(encrypted) {
 			Uploader.createDirectory(path+'/'+encrypted, CryptoUploader.showRoomContent);
 		    }).catch(function(err) {