further code deduplication

2018-10-20 23:08:13 +02:00 · 2018-10-20 23:08:13 +02:00 · 5b00f4ead7
parent 4c3fb3fe63
commit 5b00f4ead7
3 changed files with 31 additions and 27 deletions
--- a/js/privatebin.js
+++ b/js/privatebin.js
@ -699,15 +699,12 @@ jQuery.PrivateBin = (function($, RawDeflate) {
         * @async
         * @function
         * @private
-         * @param  {string} mode of AES (ctr, cbc, cmac, gcm, cfb, kw)
         * @param  {string} key
         * @param  {string} password
-         * @param  {string} salt used in HMAC
-         * @param  {int} iterations amount to apply
-         * @param  {int} keysize (128, 192 or 256)
+         * @param  {object} object cryptographic message
         * @return {CryptoKey} derived key
         */
-        async function deriveKey(mode, key, password, salt, iterations, keysize)
+        async function deriveKey(key, password, object)
        {
            let keyArray = StrToArr(key);
            if ((password || '').trim().length > 0) {
@ -730,21 +727,39 @@ jQuery.PrivateBin = (function($, RawDeflate) {
            return await window.crypto.subtle.deriveKey(
                {
                    name: 'PBKDF2', // we use PBKDF2 for key derivation
-                    salt: StrToArr(atob(salt)), // salt used in HMAC
-                    iterations: iterations, // amount of iterations to apply
+                    salt: StrToArr(atob(object.salt)), // salt used in HMAC
+                    iterations: object.iter, // amount of iterations to apply
                    hash: {name: 'SHA-256'} // can be "SHA-1", "SHA-256", "SHA-384" or "SHA-512"
                },
                importedKey,
                {
-                    // can be any supported AES algorithm ("AES-CTR", "AES-CBC", "AES-CMAC", "AES-GCM", "AES-CFB", "AES-KW", "ECDH", "DH" or "HMAC")
-                    name: 'AES-' + mode.toUpperCase(),
-                    length: keysize // can be 128, 192 or 256
+                    name: 'AES-' + object.mode.toUpperCase(), // can be any supported AES algorithm ("AES-CTR", "AES-CBC", "AES-CMAC", "AES-GCM", "AES-CFB", "AES-KW", "ECDH", "DH" or "HMAC")
+                    length: object.ks // can be 128, 192 or 256
                },
                false, // the key may not be exported
                ['encrypt'] // we may only use it for decryption
            );
        }

+        /**
+         * gets crypto settings from given object
+         *
+         * @name   CryptTool.cryptoSettings
+         * @function
+         * @private
+         * @param  {object} object cryptographic message
+         * @return {object} crypto settings
+         */
+        function cryptoSettings(object)
+        {
+            return {
+                name: 'AES-' + object.mode.toUpperCase(), // can be any supported AES algorithm ("AES-CTR", "AES-CBC", "AES-CMAC", "AES-GCM", "AES-CFB", "AES-KW", "ECDH", "DH" or "HMAC")
+                iv: StrToArr(atob(object.iv)), // the initialization vector you used to encrypt
+                additionalData: StrToArr(atob(object.adata)), // the addtional data you used during encryption (if any)
+                tagLength: object.ts // the length of the tag you used to encrypt (if any)
+            };
+        }
+
        /**
         * compress, then encrypt message with given key and password
         *
@ -774,14 +789,8 @@ jQuery.PrivateBin = (function($, RawDeflate) {

            // finally, encrypt message
            const encrypted = await window.crypto.subtle.encrypt(
-                {
-                    // can be any supported AES algorithm ("AES-CTR", "AES-CBC", "AES-CMAC", "AES-GCM", "AES-CFB", "AES-KW", "ECDH", "DH" or "HMAC")
-                    name: algo,
-                    iv: StrToArr(iv), // the initialization vector you used to encrypt
-                    additionalData: StrToArr(atob(object.adata)), // the addtional data you used during encryption (if any)
-                    tagLength: object.ts // the length of the tag you used to encrypt (if any)
-                },
-                await deriveKey(object.mode, key, password, object.salt, object.iter, object.ks),
+                cryptoSettings(object),
+                await deriveKey(key, password, object),
                StrToArr(compress(message)) // compressed plain text to encrypt
            );
            object.ct = btoa(ArrToStr(encrypted));
@ -806,13 +815,8 @@ jQuery.PrivateBin = (function($, RawDeflate) {
                return decompress(
                    ArrToStr(
                        await window.crypto.subtle.decrypt(
-                            {
-                                name: algo, // can be any supported AES algorithm ("AES-CTR", "AES-CBC", "AES-CMAC", "AES-GCM", "AES-CFB", "AES-KW", "ECDH", "DH" or "HMAC")
-                                iv: StrToArr(atob(object.iv)), // the initialization vector you used to encrypt
-                                additionalData: StrToArr(atob(object.adata)), // the addtional data you used during encryption (if any)
-                                tagLength: object.ts // the length of the tag you used to encrypt (if any)
-                            },
-                            await deriveKey(object.mode, key, password, object.salt, object.iter, object.ks),
+                            cryptoSettings(object),
+                            await deriveKey(key, password, object),
                            StrToArr(atob(object.ct)) // cipher text to decrypt
                        )
                    )
--- a/tpl/bootstrap.php
+++ b/tpl/bootstrap.php
@ -70,7 +70,7 @@ if ($MARKDOWN):
 endif;
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.7.js" integrity="sha512-VnKJHLosO8z2ojNvWk9BEKYqnhZyWK9rM90FgZUUEp/PRnUqR5OLLKE0a3BkVmn7YgB7LXRrjHgFHQYKd6DAIA==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-JNheFJ1QBN8s4U4lfDXguGVvnqJtrnt508Ew5PgAKWOTA2osRDgDJJYViz/A7XEd1NVAafN/qMDnIz/oqJkH/g==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-/hqrAlB/+OWfUg9D/0knhNkmUCzSJNqK2GIU3KBt/vhgfFiKGByOAzFYsyNxINu7c1pEwc/F/ZL5A/iF1rnK0Q==" crossorigin="anonymous"></script>
 		<!--[if lt IE 10]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
 		<![endif]-->
--- a/tpl/page.php
+++ b/tpl/page.php
@ -48,7 +48,7 @@ if ($MARKDOWN):
 endif;
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.7.js" integrity="sha512-VnKJHLosO8z2ojNvWk9BEKYqnhZyWK9rM90FgZUUEp/PRnUqR5OLLKE0a3BkVmn7YgB7LXRrjHgFHQYKd6DAIA==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-JNheFJ1QBN8s4U4lfDXguGVvnqJtrnt508Ew5PgAKWOTA2osRDgDJJYViz/A7XEd1NVAafN/qMDnIz/oqJkH/g==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-/hqrAlB/+OWfUg9D/0knhNkmUCzSJNqK2GIU3KBt/vhgfFiKGByOAzFYsyNxINu7c1pEwc/F/ZL5A/iF1rnK0Q==" crossorigin="anonymous"></script>
 		<!--[if lt IE 10]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
 		<![endif]-->