handle legacy encrypt-then-mac scheme

This commit is contained in:
Kyle Spearrin 2017-04-19 16:45:16 -04:00
parent cb120d2e75
commit 7627601ff8
1 changed files with 10 additions and 1 deletions

View File

@ -4,6 +4,7 @@ angular
.factory('cryptoService', function ($sessionStorage, constants, $q) { .factory('cryptoService', function ($sessionStorage, constants, $q) {
var _service = {}, var _service = {},
_key, _key,
_legacyEtmKey,
_orgKeys, _orgKeys,
_privateKey, _privateKey,
_publicKey; _publicKey;
@ -168,6 +169,7 @@ angular
_service.clearKey = function () { _service.clearKey = function () {
_key = null; _key = null;
_legacyEtmKey = null;
delete $sessionStorage.key; delete $sessionStorage.key;
}; };
@ -314,8 +316,15 @@ angular
} }
} }
else { else {
encType = constants.encType.AesCbc256_B64;
encPieces = encValue.split('|'); encPieces = encValue.split('|');
encType = encPieces.length === 3 ? constants.encType.AesCbc128_HmacSha256_B64 :
constants.encType.AesCbc256_B64;
}
if (encType === constants.encType.AesCbc128_HmacSha256_B64 && key.encType === constants.encType.AesCbc256_B64) {
// Old encrypt-then-mac scheme, swap out the key
_legacyEtmKey = _legacyEtmKey || new CryptoKey(key.key, false, constants.encType.AesCbc128_HmacSha256_B64);
key = _legacyEtmKey;
} }
if (encType !== key.encType) { if (encType !== key.encType) {