diff --git a/src/app/constants.js b/src/app/constants.js index 5971decc7d..467879b244 100644 --- a/src/app/constants.js +++ b/src/app/constants.js @@ -5,7 +5,8 @@ angular.module('bit') AesCbc256_B64: 0, AesCbc128_HmacSha256_B64: 1, AesCbc256_HmacSha256_B64: 2, - RsaOaep_Sha256_B64: 3 + Rsa2048_OaepSha256_B64: 3, + Rsa2048_OaepSha1_B64: 4 }, orgUserType: { owner: 0, diff --git a/src/app/services/cryptoService.js b/src/app/services/cryptoService.js index 8c0dfc8a8a..a5ab111c9d 100644 --- a/src/app/services/cryptoService.js +++ b/src/app/services/cryptoService.js @@ -293,10 +293,10 @@ angular } var encryptedBytes = publicKey.encrypt(plainValue, 'RSA-OAEP', { - md: forge.md.sha256.create() + md: forge.md.sha1.create() }); - return constants.encType.RsaOaep_Sha256_B64 + '.' + forge.util.encode64(encryptedBytes); + return constants.encType.Rsa2048_OaepSha1_B64 + '.' + forge.util.encode64(encryptedBytes); }; _service.decrypt = function (encValue, key, outputEncoding) { @@ -388,7 +388,7 @@ angular encPiece; if (headerPieces.length === 1) { - encType = constants.encType.RsaOaep_Sha256_B64; + encType = constants.encType.Rsa2048_OaepSha256_B64; encPiece = headerPieces[0]; } else if (headerPieces.length === 2) { @@ -401,13 +401,21 @@ angular } } - if (encType !== constants.encType.RsaOaep_Sha256_B64) { - return null; + var ctBytes = forge.util.decode64(encPiece); + var md; + + if (encType === constants.encType.Rsa2048_OaepSha256_B64) { + md = forge.md.sha256.create(); + } + else if (encType === constants.encType.Rsa2048_OaepSha1_B64) { + md = forge.md.sha1.create(); + } + else { + throw 'encType unavailable.'; } - var ctBytes = forge.util.decode64(encPiece); var decBytes = privateKey.decrypt(ctBytes, 'RSA-OAEP', { - md: forge.md.sha256.create() + md: md }); return decBytes;