From 0e4c09ebdfcb44b8c0be738ce70e4034ffbedc11 Mon Sep 17 00:00:00 2001 From: Tankred Hase Date: Wed, 15 May 2013 14:14:08 +0200 Subject: [PATCH] added unique id to rsa signature --- src/js/crypto/crypto-batch-worker.js | 4 +++- src/js/crypto/crypto-batch.js | 6 +++--- src/js/crypto/crypto.js | 4 ++-- src/js/crypto/util.js | 8 ++++++-- test/test-data.js | 2 +- 5 files changed, 15 insertions(+), 9 deletions(-) diff --git a/src/js/crypto/crypto-batch-worker.js b/src/js/crypto/crypto-batch-worker.js index c933f68..57650b3 100644 --- a/src/js/crypto/crypto-batch-worker.js +++ b/src/js/crypto/crypto-batch-worker.js @@ -6,6 +6,7 @@ importScripts('../app-config.js'); importScripts('./crypto-batch.js'); importScripts('./aes-cbc.js'); + importScripts('./util.js'); importScripts('./rsa.js'); /** @@ -18,7 +19,8 @@ output = null, aes = new app.crypto.AesCBC(forge), rsa = new app.crypto.RSA(forge), - batch = new app.crypto.CryptoBatch(aes, rsa); + util = new app.crypto.Util(), + batch = new app.crypto.CryptoBatch(aes, rsa, util); // pass RSA keys to module rsa.init(i.pubkeyPem, i.privkeyPem); diff --git a/src/js/crypto/crypto-batch.js b/src/js/crypto/crypto-batch.js index 30ddb0f..c5db6db 100644 --- a/src/js/crypto/crypto-batch.js +++ b/src/js/crypto/crypto-batch.js @@ -1,7 +1,7 @@ /** * Crypto batch library for processing large sets of data */ -var CryptoBatch = function(aes, rsa) { +var CryptoBatch = function(aes, rsa, util) { 'use strict'; /** @@ -56,7 +56,7 @@ var CryptoBatch = function(aes, rsa) { encryptedList.forEach(function(i) { // process new values i.encryptedKey = rsa.encrypt(i.key); - i.signature = rsa.sign([i.iv, i.encryptedKey, i.ciphertext]); + i.signature = rsa.sign([i.iv, util.str2Base64(i.id), i.encryptedKey, i.ciphertext]); // delete old ones delete i.key; }); @@ -75,7 +75,7 @@ var CryptoBatch = function(aes, rsa) { // decrypt keys for user encryptedList.forEach(function(i) { // verify signature - if (!rsa.verify([i.iv, i.encryptedKey, i.ciphertext], i.signature)) { + if (!rsa.verify([i.iv, util.str2Base64(i.id), i.encryptedKey, i.ciphertext], i.signature)) { throw new Error('Verifying RSA signature failed!'); } // precoess new values diff --git a/src/js/crypto/crypto.js b/src/js/crypto/crypto.js index c141e25..b942a86 100644 --- a/src/js/crypto/crypto.js +++ b/src/js/crypto/crypto.js @@ -242,7 +242,7 @@ app.crypto.Crypto = function(window, util) { }); } else { - var batch = new app.crypto.CryptoBatch(aes, rsa); + var batch = new app.crypto.CryptoBatch(aes, rsa, util); var encryptedList = batch.encryptListForUser(envelopes); callback(null, encryptedList); } @@ -265,7 +265,7 @@ app.crypto.Crypto = function(window, util) { }); } else { - var batch = new app.crypto.CryptoBatch(aes, rsa); + var batch = new app.crypto.CryptoBatch(aes, rsa, util); var decryptedList = batch.decryptListForUser(list); callback(null, decryptedList); } diff --git a/src/js/crypto/util.js b/src/js/crypto/util.js index 13069f1..ec24cab 100644 --- a/src/js/crypto/util.js +++ b/src/js/crypto/util.js @@ -174,8 +174,10 @@ var Util = function(window, uuid, crypt) { this.str2Base64 = function(str) { if (typeof module !== 'undefined' && module.exports) { return new Buffer(str, 'binary').toString('base64'); - } else { + } else if (typeof window !== 'undefined' && window.btoa) { return window.btoa(str); + } else { + return forge.util.encode64(str); } }; @@ -185,8 +187,10 @@ var Util = function(window, uuid, crypt) { this.base642Str = function(str) { if (typeof module !== 'undefined' && module.exports) { return new Buffer(str, 'base64').toString('binary'); - } else { + } else if (typeof window !== 'undefined' && window.atob) { return window.atob(str); + } else { + return forge.util.decode64(str); } }; diff --git a/test/test-data.js b/test/test-data.js index 607edf0..8bec276 100644 --- a/test/test-data.js +++ b/test/test-data.js @@ -9,7 +9,7 @@ var TestData = function() { for (i = 0; i < size; i++) { mail = new app.model.Email({ - id: i, + id: i + '', from: 'john@from.com', to: ['jack@to.com'], subject: 'Important stuff ' + i,