Commit c74cc306 authored by Bob Hageman's avatar Bob Hageman

split iv from ciphertext and other modifications, testing and trying

parent 23df9731
This diff is collapsed.
......@@ -708,7 +708,8 @@ $(function(){
let encryptedPayload = await promiseWorker.postMessage({action : 'encrypt', plaintext : e.params['payload'], password : privateKey});
// 2: store payload in IPFS
let hash = await context.setDoc({content : encryptedPayload, version : '0.0.1'});
let hash = await context.setDoc({content : encryptedPayload.ciphertext, iv: encryptedPayload.iv, version : '0.0.1'});
//let hash = await context.setDoc({content : encryptedPayload, version : '0.0.1'});
// 3: make and store index
var indexId = tools.uuidv4();
......@@ -778,7 +779,8 @@ $(function(){
let encDoc = await context.getDoc(index.hash);
// 4: decrypt each doc with personal key
let decDoc = await promiseWorker.postMessage({action : 'decrypt', ciphertext : encDoc.content, password : entity.session.getKey()});
let decDoc = await promiseWorker.postMessage({action : 'decrypt', ciphertext : encDoc.content, iv : encDoc.iv, password : entity.session.getKey()});
//let decDoc = await promiseWorker.postMessage({action : 'decrypt', ciphertext : encDoc.content, password : entity.session.getKey()});
// 5: encrypt each doc with contract key
let encContractDoc = await promiseWorker.postMessage({action : 'encrypt', plaintext : decDoc, password : contractKey});
......@@ -786,7 +788,8 @@ $(function(){
// 6: store doc in IPFS
// actually optional for now: because the contract (with data) will be sent to provider
// in future scenarios it is desired to keep the data yourself and only send the link to it - todo: deletions from ipfs for example!
let hash = await context.setDoc({content : encContractDoc, version : '0.0.1'});
let hash = await context.setDoc({content : encContractDoc.ciphertext, iv: encContractDoc.iv, version : '0.0.1'});
//let hash = await context.setDoc({content : encContractDoc, version : '0.0.1'});
// add hash to it in request to keep track
request.shares[i].location = hash;
......@@ -828,14 +831,16 @@ $(function(){
/// todo
const payload = {
contract : contractEnc, // decrypt with contractKey
contract : contractEnc.ciphertext, // decrypt with contractKey
//contract : contractEnc, // decrypt with contractKey
contractIv : contractEnc.iv, // needed when decrypting contract
contractKey : contractKeyEnc, // decrypt with privateKey of provider
contractSignature : '', // signed result of contract
publicKey : '' // users public key, to verify signed contract
};
tools.log('Final contract payload:');
tools.log(payload);
tools.log(JSON.stringify(payload));
// update state
var stateUrl = provider.settings.endpoints.state;
......
......@@ -34,7 +34,8 @@ registerPromiseWorker(function(message){
case 'encrypt' : return worker.encrypt(message.plaintext, message.password);
break;
case 'decrypt' : return worker.decrypt(message.ciphertext, message.password);
case 'decrypt' : return worker.decrypt(message.ciphertext, message.iv, message.password);
//case 'decrypt' : return worker.decrypt(message.ciphertext, message.password);
break;
// asymmetrical crypto
......@@ -145,6 +146,19 @@ var worker = (function(){
return key;
};
// use a generateSymmetricKey - key, convert it to PEM (base64 encoded binary)
x.exportKey = async function(key)
{
let expKey = await window.crypto.subtle.exportKey("raw", key);
const expKeyBase64 = btoa(expKey);
console.log(expKeyBase64);
return expKeyBase64;
};
x.generateAsymmetricKey = async function()
{
let keyPair = window.crypto.subtle.generateKey(
......@@ -339,7 +353,9 @@ x.PEMtoCyptoKey = async function(PemStr){
const pwUtf8 = new TextEncoder().encode(password); // encode password as UTF-8
const pwHash = await crypto.subtle.digest('SHA-256', pwUtf8); // hash the password
//const pwHash = await crypto.subtle.digest('SHA-256', password); // hash the password
//const pwHash = password;
const iv = crypto.getRandomValues(new Uint8Array(12)); // get 96-bit random iv
const alg = { name: 'AES-GCM', iv: iv }; // specify algorithm to use
......@@ -357,29 +373,38 @@ x.PEMtoCyptoKey = async function(PemStr){
//console.log('encrypted in worker:');
//console.log(ivHex+ctBase64);
return ivHex+ctBase64;
//return ivHex+ctBase64;
return {iv: ivHex, ciphertext : ctBase64};
};
// Encrypt ciphertext (encrypted with AES-GCM 256bit) with password as symmetrical key
x.decrypt = async function(ciphertext, password)
x.decrypt = async function(ciphertext, iv, password)
//x.decrypt = async function(ciphertext, password)
{
console.log('ciphertext:');
console.log(ciphertext);
console.log('iv:');
console.log(iv);
const pwUtf8 = new TextEncoder().encode(password); // encode password as UTF-8
const pwHash = await crypto.subtle.digest('SHA-256', pwUtf8); // hash the password
const iv = ciphertext.slice(0,24).match(/.{2}/g).map(byte => parseInt(byte, 16)); // get iv from ciphertext
//const pwHash = password;
//const iv = ciphertext.slice(0,24).match(/.{2}/g).map(byte => parseInt(byte, 16)); // get iv from ciphertext
iv = iv.match(/.{2}/g).map(byte => parseInt(byte, 16));
console.log('iv2:');
console.log(iv);
const alg = { name: 'AES-GCM', iv: new Uint8Array(iv) }; // specify algorithm to use
const key = await crypto.subtle.importKey('raw', pwHash, alg, false, ['decrypt']); // use pw to generate key
const ctStr = atob(ciphertext.slice(24)); // decode base64 ciphertext
//const ctStr = atob(ciphertext.slice(24)); // decode base64 ciphertext
const ctStr = atob(ciphertext); // decode base64 ciphertext
const ctUint8 = new Uint8Array(ctStr.match(/[\s\S]/g).map(ch => ch.charCodeAt(0))); // ciphertext as Uint8Array
// note: why doesn't ctUint8 = new TextEncoder().encode(ctStr) work?
const plainBuffer = await crypto.subtle.decrypt(alg, key, ctUint8); // decrypt ciphertext using key
const plaintext = new TextDecoder().decode(plainBuffer); // decode password from UTF-8
console.log("plaintext:");
console.log(plaintext);
return plaintext; // return the plaintext
};
......
......@@ -103,7 +103,7 @@
<div id="doneOverlay">
<div>
<img src="/assets/img/check.svg" width="50" />
<img src="assets/img/check.svg" width="50" />
<br/>
<br/>
<h1>Je kluis is<br/>klaar</h1>
......@@ -135,7 +135,7 @@
<br/>
<br/>
<img src="/assets/img/maus-lockswing.png" alt="" />
<img src="assets/img/maus-lockswing.png" alt="" />
</div>
</div>
......@@ -152,7 +152,7 @@
<br/>
<br/>
<img src="/assets/img/maus-contents.png" alt="" />
<img src="assets/img/maus-contents.png" alt="" />
</div>
......@@ -169,7 +169,7 @@
<br/>
<br/>
<img src="/assets/img/maus-carryon.png" alt="" />
<img src="assets/img/maus-carryon.png" alt="" />
</div>
</div>
......@@ -186,7 +186,7 @@
<br/>
<br/>
<img src="/assets/img/maus-readlaxed.png" alt="" />
<img src="assets/img/maus-readlaxed.png" alt="" />
</div>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment