changing from AES-256-CTR to AES-128-CBC for note encryption

2025-10-28 08:46:43 +01:00 · 2017-11-15 22:13:45 -05:00
parent 2533b8e121
commit 5313ac47e6
10 changed files with 184 additions and 31 deletions
--- a/services/data_encryption.js
+++ b/services/data_encryption.js
@@ -12,6 +12,15 @@ function getDataAes(dataKey) {
    return new aesjs.ModeOfOperation.ctr(dataKey, new aesjs.Counter(5));
 }

+function arraysIdentical(a, b) {
+    let i = a.length;
+    if (i !== b.length) return false;
+    while (i--) {
+        if (a[i] !== b[i]) return false;
+    }
+    return true;
+}
+
 function decrypt(dataKey, encryptedBase64) {
    if (!dataKey) {
        return "[protected]";
@@ -54,21 +63,78 @@ function encrypt(dataKey, plainText) {
    return utils.toBase64(encryptedBytes);
 }

+function shaArray(content) {
+    // we use this as simple checksum and don't rely on its security so SHA-1 is good enough
+    return crypto.createHash('sha1').update(content).digest('base64');
+}
+
 function sha256Array(content) {
    return crypto.createHash('sha256').update(content).digest();
 }

-function arraysIdentical(a, b) {
-    let i = a.length;
-    if (i !== b.length) return false;
-    while (i--) {
-        if (a[i] !== b[i]) return false;
+function pad(data) {
+    let padded = Array.from(data);
+
+    if (data.length >= 16) {
+        padded = padded.slice(0, 16);
    }
-    return true;
+    else {
+        padded = padded.concat(Array(16 - padded.length).fill(0));
+    }
+
+    return Buffer.from(padded);
+}
+
+function encryptCbc(dataKey, iv, plainText) {
+    if (!dataKey) {
+        throw new Error("No data key!");
+    }
+
+    const cipher = crypto.createCipheriv('aes-128-cbc', pad(dataKey), pad(iv));
+
+    const digest = shaArray(plainText).slice(0, 4);
+
+    const digestWithPayload = digest + plainText;
+
+    const encryptedData = cipher.update(digestWithPayload, 'utf8', 'base64') + cipher.final('base64');
+
+    return encryptedData;
+}
+
+function decryptCbc(dataKey, iv, cipherText) {
+    if (!dataKey) {
+        return "[protected]";
+    }
+
+    const decipher = crypto.createDecipheriv('aes-128-cbc', pad(dataKey), pad(iv));
+    const decryptedBytes  = decipher.update(cipherText, 'base64', 'utf-8') + decipher.final('utf-8');
+
+    const digest = decryptedBytes.slice(0, 4);
+    const payload = decryptedBytes.slice(4);
+
+    const computedDigest = shaArray(payload).slice(0, 4);
+
+    if (!arraysIdentical(digest, computedDigest)) {
+        return false;
+    }
+
+    return payload;
+}
+
+function noteTitleIv(iv) {
+    return "0" + iv;
+}
+
+function noteTextIv(iv) {
+    return "1" + iv;
 }

 module.exports = {
    getProtectedSessionId,
    decrypt,
-    encrypt
+    encrypt,
+    encryptCbc,
+    decryptCbc,
+    noteTitleIv,
+    noteTextIv
 };