diff --git a/js/privatebin.js b/js/privatebin.js
index 6d24a58..79b2d40 100644
--- a/js/privatebin.js
+++ b/js/privatebin.js
@@ -741,15 +741,18 @@ jQuery.PrivateBin = (function($, RawDeflate) {
async function deriveKey(key, password, spec)
{
let keyArray = StrToArr(key);
- if ((password || '').trim().length > 0) {
- let passwordBuffer = await window.crypto.subtle.digest(
- {name: 'SHA-256'},
- StrToArr(utob(password))
- );
- let hexHash = Array.prototype.map.call(
- new Uint8Array(passwordBuffer), x => ('00' + x.toString(16)).slice(-2)
- ).join('');
- let passwordArray = StrToArr(hexHash),
+ if (password.length > 0) {
+ // version 1 pastes did append the passwords SHA-256 hash in hex
+ if (spec[7] === 'rawdeflate') {
+ let passwordBuffer = await window.crypto.subtle.digest(
+ {name: 'SHA-256'},
+ StrToArr(utob(password))
+ );
+ password = Array.prototype.map.call(
+ new Uint8Array(passwordBuffer), x => ('00' + x.toString(16)).slice(-2)
+ ).join('');
+ }
+ let passwordArray = StrToArr(password),
newKeyArray = new Uint8Array(keyArray.length + passwordArray.length);
newKeyArray.set(keyArray, 0);
newKeyArray.set(passwordArray, keyArray.length);
@@ -779,7 +782,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
length: spec[3] // can be 128, 192 or 256
},
false, // the key may not be exported
- ['encrypt', 'decrypt'] // we use it for de- and encryption
+ ['encrypt', 'decrypt'] // we may only use it for en- and decryption
);
}
@@ -868,7 +871,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
*/
me.decipher = async function(key, password, data)
{
- let adataString, encodedSpec, compression, cipherMessage;
+ let adataString, encodedSpec, cipherMessage;
if (data instanceof Array) {
// version 2
adataString = JSON.stringify(data[1]);
diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php
index 4bf67fb..13a3d5e 100644
--- a/tpl/bootstrap.php
+++ b/tpl/bootstrap.php
@@ -71,7 +71,7 @@ if ($MARKDOWN):
endif;
?>
-
+
diff --git a/tpl/page.php b/tpl/page.php
index 5c38f71..d3c652f 100644
--- a/tpl/page.php
+++ b/tpl/page.php
@@ -49,7 +49,7 @@ if ($MARKDOWN):
endif;
?>
-
+