From 22894a68765ad95a4c4101cc7688f6c8fd3882da Mon Sep 17 00:00:00 2001 From: Kyle Spearrin Date: Wed, 9 May 2018 15:48:17 -0400 Subject: [PATCH] cache key meta data for forge decryption --- src/models/domain/symmetricCryptoKey.ts | 2 ++ src/services/webCryptoFunction.service.ts | 30 +++++++++++++++++++---- 2 files changed, 27 insertions(+), 5 deletions(-) diff --git a/src/models/domain/symmetricCryptoKey.ts b/src/models/domain/symmetricCryptoKey.ts index f2b593d402f..e6e63b82ada 100644 --- a/src/models/domain/symmetricCryptoKey.ts +++ b/src/models/domain/symmetricCryptoKey.ts @@ -12,6 +12,8 @@ export class SymmetricCryptoKey { encKeyB64: string; macKeyB64: string; + meta: any; + constructor(key: ArrayBuffer, encType?: EncryptionType) { if (key == null) { throw new Error('Must provide key'); diff --git a/src/services/webCryptoFunction.service.ts b/src/services/webCryptoFunction.service.ts index cc619e5192a..3938b48b9ca 100644 --- a/src/services/webCryptoFunction.service.ts +++ b/src/services/webCryptoFunction.service.ts @@ -40,7 +40,8 @@ export class WebCryptoFunctionService implements CryptoFunctionService { hash: { name: this.toWebCryptoAlgorithm(algorithm) }, }; - const impKey = await this.subtle.importKey('raw', passwordBuf, { name: 'PBKDF2' }, false, ['deriveBits']); + const impKey = await this.subtle.importKey('raw', passwordBuf, { name: 'PBKDF2' } as any, + false, ['deriveBits']); return await this.subtle.deriveBits(pbkdf2Params, impKey, wcLen); } @@ -125,23 +126,42 @@ export class WebCryptoFunctionService implements CryptoFunctionService { } async aesEncrypt(data: ArrayBuffer, iv: ArrayBuffer, key: ArrayBuffer): Promise { - const impKey = await this.subtle.importKey('raw', key, { name: 'AES-CBC' }, false, ['encrypt']); + const impKey = await this.subtle.importKey('raw', key, { name: 'AES-CBC' } as any, false, ['encrypt']); return await this.subtle.encrypt({ name: 'AES-CBC', iv: iv }, impKey, data); } aesDecryptFastParameters(data: string, iv: string, mac: string, key: SymmetricCryptoKey): DecryptParameters { const p = new DecryptParameters(); - p.encKey = forge.util.decode64(key.encKeyB64); + if (key.meta != null) { + p.encKey = key.meta.encKeyByteString; + p.macKey = key.meta.macKeyByteString; + } + + if (p.encKey == null) { + p.encKey = forge.util.decode64(key.encKeyB64); + } p.data = forge.util.decode64(data); p.iv = forge.util.decode64(iv); p.macData = p.iv + p.data; - if (key.macKeyB64 != null) { + if (p.macKey == null && key.macKeyB64 != null) { p.macKey = forge.util.decode64(key.macKeyB64); } if (mac != null) { p.mac = forge.util.decode64(mac); } + + // cache byte string keys for later + if (key.meta == null) { + key.meta = {}; + } + if (key.meta.encKeyByteString == null) { + key.meta.encKeyByteString = p.encKey; + } + if (p.macKey != null && key.meta.macKeyByteString == null) { + key.meta.macKeyByteString = p.macKey; + } + return p; } @@ -156,7 +176,7 @@ export class WebCryptoFunctionService implements CryptoFunctionService { } async aesDecrypt(data: ArrayBuffer, iv: ArrayBuffer, key: ArrayBuffer): Promise { - const impKey = await this.subtle.importKey('raw', key, { name: 'AES-CBC' }, false, ['decrypt']); + const impKey = await this.subtle.importKey('raw', key, { name: 'AES-CBC' } as any, false, ['decrypt']); return await this.subtle.decrypt({ name: 'AES-CBC', iv: iv }, impKey, data); }