suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix GCM and EAX in Edge

Browse Source 
Web Crypto AES-GCM in Edge seems to require non-empty ADATA and an
explicit tagLength.

AES-CTR doesn't seem to be supported at all, so this disables Web Crypto
for EAX in Edge.
This commit is contained in:
Daniel Huigens 2018-08-09 19:02:05 +02:00
parent 08216bab13
commit e5a3095894
2 changed files with 18 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/crypto/eax.js
View File

@ -49,7 +49,11 @@ async function OMAC(key) {
} }
async function CTR(key) { async function CTR(key) {
if (util.getWebCrypto() && key.length !== 24) { // WebCrypto (no 192 bit support) see: https://www.chromium.org/blink/webcrypto#TOC-AES-support if (
util.getWebCrypto() &&
key.length !== 24 && // WebCrypto (no 192 bit support) see: https://www.chromium.org/blink/webcrypto#TOC-AES-support
navigator.userAgent.indexOf('Edge') === -1
) {
key = await webCrypto.importKey('raw', key, { name: 'AES-CTR', length: key.length * 8 }, false, ['encrypt']); key = await webCrypto.importKey('raw', key, { name: 'AES-CTR', length: key.length * 8 }, false, ['encrypt']);
return async function(pt, iv) { return async function(pt, iv) {
const ct = await webCrypto.encrypt({ name: 'AES-CTR', counter: iv, length: blockLength * 8 }, key, pt); const ct = await webCrypto.encrypt({ name: 'AES-CTR', counter: iv, length: blockLength * 8 }, key, pt);

16
src/crypto/gcm.js
View File

@ -50,22 +50,30 @@ async function GCM(cipher, key) {
return { return {
encrypt: async function(pt, iv, adata=new Uint8Array()) { encrypt: async function(pt, iv, adata=new Uint8Array()) {
if (!pt.length) { if (
!pt.length ||
// iOS does not support GCM-en/decrypting empty messages // iOS does not support GCM-en/decrypting empty messages
// Also, synchronous en/decryption might be faster in this case. // Also, synchronous en/decryption might be faster in this case.
(!adata.length && navigator.userAgent.indexOf('Edge') !== -1)
// Edge does not support GCM-en/decrypting without ADATA
) {
return AES_GCM.encrypt(pt, key, iv, adata); return AES_GCM.encrypt(pt, key, iv, adata);
} }
const ct = await webCrypto.encrypt({ name: ALGO, iv, additionalData: adata }, _key, pt); const ct = await webCrypto.encrypt({ name: ALGO, iv, additionalData: adata, tagLength: tagLength * 8 }, _key, pt);
return new Uint8Array(ct); return new Uint8Array(ct);
}, },
decrypt: async function(ct, iv, adata=new Uint8Array()) { decrypt: async function(ct, iv, adata=new Uint8Array()) {
if (ct.length === tagLength) { if (
ct.length === tagLength ||
// iOS does not support GCM-en/decrypting empty messages // iOS does not support GCM-en/decrypting empty messages
// Also, synchronous en/decryption might be faster in this case. // Also, synchronous en/decryption might be faster in this case.
(!adata.length && navigator.userAgent.indexOf('Edge') !== -1)
// Edge does not support GCM-en/decrypting without ADATA
) {
return AES_GCM.decrypt(ct, key, iv, adata); return AES_GCM.decrypt(ct, key, iv, adata);
} }
const pt = await webCrypto.decrypt({ name: ALGO, iv, additionalData: adata }, _key, ct); const pt = await webCrypto.decrypt({ name: ALGO, iv, additionalData: adata, tagLength: tagLength * 8 }, _key, ct);
return new Uint8Array(pt); return new Uint8Array(pt);
} }
}; };