From be69e4a50f01305003ff6fd5483b41c05a529cf3 Mon Sep 17 00:00:00 2001 From: El RIDO Date: Fri, 28 Dec 2018 05:49:34 +0100 Subject: [PATCH] simplify password catenation in version 2, to avoid potential key derivation weakening --- js/privatebin.js | 25 ++++++++++++++----------- tpl/bootstrap.php | 2 +- tpl/page.php | 2 +- 3 files changed, 16 insertions(+), 13 deletions(-) diff --git a/js/privatebin.js b/js/privatebin.js index 6d24a58..79b2d40 100644 --- a/js/privatebin.js +++ b/js/privatebin.js @@ -741,15 +741,18 @@ jQuery.PrivateBin = (function($, RawDeflate) { async function deriveKey(key, password, spec) { let keyArray = StrToArr(key); - if ((password || '').trim().length > 0) { - let passwordBuffer = await window.crypto.subtle.digest( - {name: 'SHA-256'}, - StrToArr(utob(password)) - ); - let hexHash = Array.prototype.map.call( - new Uint8Array(passwordBuffer), x => ('00' + x.toString(16)).slice(-2) - ).join(''); - let passwordArray = StrToArr(hexHash), + if (password.length > 0) { + // version 1 pastes did append the passwords SHA-256 hash in hex + if (spec[7] === 'rawdeflate') { + let passwordBuffer = await window.crypto.subtle.digest( + {name: 'SHA-256'}, + StrToArr(utob(password)) + ); + password = Array.prototype.map.call( + new Uint8Array(passwordBuffer), x => ('00' + x.toString(16)).slice(-2) + ).join(''); + } + let passwordArray = StrToArr(password), newKeyArray = new Uint8Array(keyArray.length + passwordArray.length); newKeyArray.set(keyArray, 0); newKeyArray.set(passwordArray, keyArray.length); @@ -779,7 +782,7 @@ jQuery.PrivateBin = (function($, RawDeflate) { length: spec[3] // can be 128, 192 or 256 }, false, // the key may not be exported - ['encrypt', 'decrypt'] // we use it for de- and encryption + ['encrypt', 'decrypt'] // we may only use it for en- and decryption ); } @@ -868,7 +871,7 @@ jQuery.PrivateBin = (function($, RawDeflate) { */ me.decipher = async function(key, password, data) { - let adataString, encodedSpec, compression, cipherMessage; + let adataString, encodedSpec, cipherMessage; if (data instanceof Array) { // version 2 adataString = JSON.stringify(data[1]); diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php index 4bf67fb..13a3d5e 100644 --- a/tpl/bootstrap.php +++ b/tpl/bootstrap.php @@ -71,7 +71,7 @@ if ($MARKDOWN): endif; ?> - + diff --git a/tpl/page.php b/tpl/page.php index 5c38f71..d3c652f 100644 --- a/tpl/page.php +++ b/tpl/page.php @@ -49,7 +49,7 @@ if ($MARKDOWN): endif; ?> - +