From b0eba350326918ab045eee0bf2ccc6f3f5d77944 Mon Sep 17 00:00:00 2001 From: Robert Eggl Date: Fri, 18 Oct 2024 10:13:44 +0200 Subject: [PATCH 1/2] perf(encryption): update encryption method to AES-GCM --- rogue-thi-app/lib/credential-storage.js | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/rogue-thi-app/lib/credential-storage.js b/rogue-thi-app/lib/credential-storage.js index b546ab5a..ae6accde 100644 --- a/rogue-thi-app/lib/credential-storage.js +++ b/rogue-thi-app/lib/credential-storage.js @@ -53,17 +53,17 @@ export default class CredentialStorage { async write(id, data) { const key = await crypto.subtle.generateKey( { - name: 'AES-CBC', + name: 'AES-GCM', length: 256, }, false, ['encrypt', 'decrypt'] ) - const iv = crypto.getRandomValues(new Uint8Array(16)) + const iv = crypto.getRandomValues(new Uint8Array(12)) // AES-GCM typically uses a 12-byte IV const encrypted = await crypto.subtle.encrypt( { - name: 'AES-CBC', + name: 'AES-GCM', iv, }, key, @@ -94,7 +94,7 @@ export default class CredentialStorage { const decrypted = await crypto.subtle.decrypt( { - name: 'AES-CBC', + name: 'AES-GCM', iv, }, key, @@ -119,4 +119,4 @@ export default class CredentialStorage { db.close() } } -} +} \ No newline at end of file From 29546605fab2ab3eeb2a6b11985e247c5e945624 Mon Sep 17 00:00:00 2001 From: Robert Eggl Date: Fri, 18 Oct 2024 10:18:09 +0200 Subject: [PATCH 2/2] fix: add missing newline at end of file in credential-storage.js --- rogue-thi-app/lib/credential-storage.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rogue-thi-app/lib/credential-storage.js b/rogue-thi-app/lib/credential-storage.js index ae6accde..7f59d3ac 100644 --- a/rogue-thi-app/lib/credential-storage.js +++ b/rogue-thi-app/lib/credential-storage.js @@ -119,4 +119,4 @@ export default class CredentialStorage { db.close() } } -} \ No newline at end of file +}