1
0
mirror of https://github.com/moparisthebest/mail synced 2024-12-26 09:18:56 -05:00

integrated refactored item batch encryption

This commit is contained in:
Tankred Hase 2013-06-01 10:58:50 +02:00
parent b1b91850a7
commit 03a60c2546
2 changed files with 64 additions and 80 deletions

View File

@ -7,31 +7,55 @@
var CryptoBatch = function(aes, rsa, util, _) {
/**
* Encrypt a list of items using AES
* @param list [Array] The list of items to encrypt
* Encrypt and sign a an item using AES and RSA
* @param i [Object] The item to encrypt
* @param receiverPubkey [String] The public key used to encrypt
* @param senderKeyId [String] The sender's private key ID used to sign
*/
this.encryptList = function(list) {
list.forEach(function(i) {
// stringify to JSON before encryption
i.ciphertext = aes.encrypt(JSON.stringify(i.plaintext), i.key, i.iv);
delete i.plaintext;
});
this.encryptItemForUser = function(i, receiverPubkey, senderKeyId) {
// set rsa public key used to encrypt
rsa.init(receiverPubkey);
return list;
// stringify to JSON before symmetric encryption
i.ciphertext = aes.encrypt(JSON.stringify(i.plaintext), i.key, i.iv);
// encrypt symmetric item key for user
i.encryptedKey = rsa.encrypt(i.key);
// set sender's keypair id for later verification
i.senderPk = senderKeyId;
// sign the bundle
i.signature = rsa.sign([i.iv, util.str2Base64(i.id), util.str2Base64(i.senderPk), i.encryptedKey, i.ciphertext]);
// delete plaintext values
delete i.plaintext;
delete i.key;
delete i.receiverPk;
};
/**
* Decrypt a list of items using AES
* @param list [Array] The list of items to decrypt
* Decrypt and verify an item using AES and RSA
* @param i [Object] The item to decrypt
* @param senderPubkey [String] A public key used to verify
*/
this.decryptList = function(list) {
list.forEach(function(i) {
// decrypt JSON and parse to object literal
i.plaintext = JSON.parse(aes.decrypt(i.ciphertext, i.key, i.iv));
delete i.ciphertext;
});
this.decryptItemForUser = function(i, senderPubkey) {
// set rsa public key used to verify
rsa.init(senderPubkey);
return list;
// verify signature
if (!rsa.verify([i.iv, util.str2Base64(i.id), util.str2Base64(i.senderPk), i.encryptedKey, i.ciphertext], i.signature)) {
throw new Error('Verifying RSA signature failed!');
}
// decrypt symmetric item key for user
i.key = rsa.decrypt(i.encryptedKey);
// symmetrically decrypt JSON and parse to object literal
i.plaintext = JSON.parse(aes.decrypt(i.ciphertext, i.key, i.iv));
// delete ciphertext values
delete i.signature;
delete i.encryptedKey;
delete i.senderPk;
delete i.ciphertext;
};
/**
@ -41,31 +65,24 @@
* @param senderPrivkey [Array] The sender's private key used to sign
*/
this.encryptListForUser = function(list, receiverPubkeys, senderPrivkey) {
// encrypt list with aes
var encryptedList = this.encryptList(list);
var receiverPk,
self = this;
// set sender private key
rsa.init(null, senderPrivkey.privateKey);
// encrypt keys for user
encryptedList.forEach(function(i) {
// fetch correct public key
var pk = _.findWhere(receiverPubkeys, {
list.forEach(function(i) {
// fetch correct public key for encryption
receiverPk = null;
receiverPk = _.findWhere(receiverPubkeys, {
_id: i.receiverPk
});
// set rsa public key used to encrypt
rsa.init(pk.publicKey);
// process new values
i.encryptedKey = rsa.encrypt(i.key);
i.senderPk = senderPrivkey._id;
i.signature = rsa.sign([i.iv, util.str2Base64(i.id), util.str2Base64(i.senderPk), i.encryptedKey, i.ciphertext]);
// delete old ones
delete i.key;
delete i.receiverPk;
// encrypt item for user
self.encryptItemForUser(i, receiverPk.publicKey, senderPrivkey._id);
});
return encryptedList;
return list;
};
/**
@ -74,42 +91,30 @@
* @param senderPubkeys [Array] A list of public keys used to verify
* @param receiverPrivkey [Array] The receiver's private key used to decrypt
*/
this.decryptListForUser = function(encryptedList, senderPubkeys, receiverPrivkey) {
var j, self = this;
this.decryptListForUser = function(list, senderPubkeys, receiverPrivkey) {
var senderPk, j,
self = this;
// set receiver private key
rsa.init(null, receiverPrivkey.privateKey);
// decrypt keys for user
encryptedList.forEach(function(i) {
// fetch correct public key
var pk = _.findWhere(senderPubkeys, {
list.forEach(function(i) {
// fetch correct public key for verification
senderPk = null;
senderPk = _.findWhere(senderPubkeys, {
_id: i.senderPk
});
// set rsa public key used to verify
rsa.init(pk.publicKey);
// verify signature
if (!rsa.verify([i.iv, util.str2Base64(i.id), util.str2Base64(i.senderPk), i.encryptedKey, i.ciphertext], i.signature)) {
throw new Error('Verifying RSA signature failed!');
}
// process new values
i.key = rsa.decrypt(i.encryptedKey);
// delete old values
delete i.signature;
delete i.encryptedKey;
delete i.senderPk;
// decrypt item for user
self.decryptItemForUser(i, senderPk.publicKey);
});
// decrypt list
var decryptedList = this.decryptList(encryptedList);
// add plaintext to list
for (j = 0; j < decryptedList.length; j++) {
decryptedList[j] = decryptedList[j].plaintext;
// set plaintext as list item
for (j = 0; j < list.length; j++) {
list[j] = list[j].plaintext;
}
return decryptedList;
return list;
};
};

View File

@ -71,27 +71,6 @@ asyncTest("AES en/decrypt (Async/Worker)", 2, function() {
});
});
asyncTest("AES en/decrypt batch (Async/Worker)", 5, function() {
// generate test data
var collection, list, td = new TestData();
collection = td.getEmailCollection(100);
list = td.packageCollectionForEncryption(collection, crypto_test.keySize, crypto_test.ivSize);
crypto_test.crypto.aesEncryptList(list, function(encryptedList) {
ok(encryptedList, 'Encrypt list');
equal(encryptedList.length, list.length, 'Length of list');
crypto_test.crypto.aesDecryptList(encryptedList, function(decryptedList) {
ok(decryptedList, 'Decrypt list');
equal(decryptedList.length, list.length, 'Length of list');
deepEqual(decryptedList, list, 'Decrypted list is correct');
start();
});
});
});
asyncTest("AES/RSA encrypt batch for User (Async/Worker)", 2, function() {
// generate test data
var collection, td = new TestData();