handle legacy encrypt-then-mac scheme
This commit is contained in:
parent
cb120d2e75
commit
7627601ff8
|
@ -4,6 +4,7 @@ angular
|
||||||
.factory('cryptoService', function ($sessionStorage, constants, $q) {
|
.factory('cryptoService', function ($sessionStorage, constants, $q) {
|
||||||
var _service = {},
|
var _service = {},
|
||||||
_key,
|
_key,
|
||||||
|
_legacyEtmKey,
|
||||||
_orgKeys,
|
_orgKeys,
|
||||||
_privateKey,
|
_privateKey,
|
||||||
_publicKey;
|
_publicKey;
|
||||||
|
@ -168,6 +169,7 @@ angular
|
||||||
|
|
||||||
_service.clearKey = function () {
|
_service.clearKey = function () {
|
||||||
_key = null;
|
_key = null;
|
||||||
|
_legacyEtmKey = null;
|
||||||
delete $sessionStorage.key;
|
delete $sessionStorage.key;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -314,8 +316,15 @@ angular
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
encType = constants.encType.AesCbc256_B64;
|
|
||||||
encPieces = encValue.split('|');
|
encPieces = encValue.split('|');
|
||||||
|
encType = encPieces.length === 3 ? constants.encType.AesCbc128_HmacSha256_B64 :
|
||||||
|
constants.encType.AesCbc256_B64;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (encType === constants.encType.AesCbc128_HmacSha256_B64 && key.encType === constants.encType.AesCbc256_B64) {
|
||||||
|
// Old encrypt-then-mac scheme, swap out the key
|
||||||
|
_legacyEtmKey = _legacyEtmKey || new CryptoKey(key.key, false, constants.encType.AesCbc128_HmacSha256_B64);
|
||||||
|
key = _legacyEtmKey;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (encType !== key.encType) {
|
if (encType !== key.encType) {
|
||||||
|
|
Loading…
Reference in New Issue