cleaned up "CBC" from methods since we don't have CTR

2025-11-03 20:06:08 +01:00 · 2017-11-18 12:53:17 -05:00
parent 6b226a319c
commit dec9cad106
11 changed files with 37 additions and 37 deletions
--- a/migrations/0031__change_encryption_to_CBC.js
+++ b/migrations/0031__change_encryption_to_CBC.js
@@ -22,10 +22,10 @@ module.exports = async () => {
    for (const note of protectedNotes) {
        const decryptedTitle = data_encryption.decrypt(dataKey, note.note_title);
-        note.note_title = data_encryption.encryptCbc(dataKey, "0" + note.note_id, decryptedTitle);
+        note.note_title = data_encryption.encrypt(dataKey, "0" + note.note_id, decryptedTitle);
        const decryptedText = data_encryption.decrypt(dataKey, note.note_text);
-        note.note_text = data_encryption.encryptCbc(dataKey, "1" + note.note_id, decryptedText);
+        note.note_text = data_encryption.encrypt(dataKey, "1" + note.note_id, decryptedText);
        await sql.execute("UPDATE notes SET note_title = ?, note_text = ? WHERE note_id = ?", [note.note_title, note.note_text, note.note_id]);
    }
@@ -34,10 +34,10 @@ module.exports = async () => {
    for (const noteHistory of protectedNotesHistory) {
        const decryptedTitle = data_encryption.decrypt(dataKey, noteHistory.note_title);
-        noteHistory.note_title = data_encryption.encryptCbc(dataKey, "0" + noteHistory.note_history_id, decryptedTitle);
+        noteHistory.note_title = data_encryption.encrypt(dataKey, "0" + noteHistory.note_history_id, decryptedTitle);
        const decryptedText = data_encryption.decrypt(dataKey, noteHistory.note_text);
-        noteHistory.note_text = data_encryption.encryptCbc(dataKey, "1" + noteHistory.note_history_id, decryptedText);
+        noteHistory.note_text = data_encryption.encrypt(dataKey, "1" + noteHistory.note_history_id, decryptedText);
        await sql.execute("UPDATE notes SET note_title = ?, note_text = ? WHERE note_id = ?", [noteHistory.note_title, noteHistory.note_text, noteHistory.note_history_id]);
    }
--- a/migrations/0033__change_data_key_encryption_to_cbc.js
+++ b/migrations/0033__change_data_key_encryption_to_cbc.js
@@ -21,5 +21,5 @@ module.exports = async () => {
    console.log("Trimmed data key: ", dataKey);
-    await password_encryption.setDataKeyCbc(password, dataKey);
+    await password_encryption.setDataKey(password, dataKey);
 };
--- a/routes/api/login.js
+++ b/routes/api/login.js
@@ -57,7 +57,7 @@ router.post('/protected', auth.checkApiAuth, async (req, res, next) => {
        return;
    }
-    const decryptedDataKey = await password_encryption.getDecryptedDataKeyCbc(password);
+    const decryptedDataKey = await password_encryption.getDataKey(password);
    const protectedSessionId = protected_session.setDataKey(req, decryptedDataKey);
--- a/routes/api/note_history.js
+++ b/routes/api/note_history.js
@@ -16,8 +16,8 @@ router.get('/:noteId', auth.checkApiAuth, async (req, res, next) => {
    for (const hist of history) {
        if (hist.is_protected) {
-            hist.note_title = data_encryption.decryptCbcString(dataKey, data_encryption.noteTitleIv(hist.note_history_id), hist.note_title);
+            hist.note_title = data_encryption.decryptString(dataKey, data_encryption.noteTitleIv(hist.note_history_id), hist.note_title);
-            hist.note_text = data_encryption.decryptCbcString(dataKey, data_encryption.noteTextIv(hist.note_history_id), hist.note_text);
+            hist.note_text = data_encryption.decryptString(dataKey, data_encryption.noteTextIv(hist.note_history_id), hist.note_text);
        }
    }
--- a/routes/api/notes.js
+++ b/routes/api/notes.js
@@ -21,8 +21,8 @@ router.get('/:noteId', auth.checkApiAuth, async (req, res, next) => {
    if (detail.is_protected) {
        const dataKey = protected_session.getDataKey(req);
-        detail.note_title = data_encryption.decryptCbcString(dataKey, data_encryption.noteTitleIv(noteId), detail.note_title);
+        detail.note_title = data_encryption.decryptString(dataKey, data_encryption.noteTitleIv(noteId), detail.note_title);
-        detail.note_text = data_encryption.decryptCbcString(dataKey, data_encryption.noteTextIv(noteId), detail.note_text);
+        detail.note_text = data_encryption.decryptString(dataKey, data_encryption.noteTextIv(noteId), detail.note_text);
    }
    res.send({
--- a/routes/api/tree.js
+++ b/routes/api/tree.js
@@ -28,7 +28,7 @@ router.get('/', auth.checkApiAuth, async (req, res, next) => {
    for (const note of notes) {
        if (note.is_protected) {
-            note.note_title = data_encryption.decryptCbcString(dataKey, data_encryption.noteTitleIv(note.note_id), note.note_title);
+            note.note_title = data_encryption.decryptString(dataKey, data_encryption.noteTitleIv(note.note_id), note.note_title);
        }
        if (!parentToNotes[note.note_pid]) {
--- a/services/change_password.js
+++ b/services/change_password.js
@@ -18,7 +18,7 @@ async function changePassword(currentPassword, newPassword, req) {
    const newPasswordVerificationKey = utils.toBase64(await my_scrypt.getVerificationHash(newPassword));
    const newPasswordDerivedKey = await my_scrypt.getPasswordDerivedKey(newPassword);
-    const decryptedDataKey = await password_encryption.getDecryptedDataKeyCbc(currentPassword);
+    const decryptedDataKey = await password_encryption.getDataKey(currentPassword);
    await sql.doInTransaction(async () => {
        await password_encryption.setDataKey(newPasswordDerivedKey, decryptedDataKey);
--- a/services/data_encryption.js
+++ b/services/data_encryption.js
@@ -29,7 +29,7 @@ function pad(data) {
    return Buffer.from(padded);
 }
-function encryptCbc(key, iv, plainText) {
+function encrypt(key, iv, plainText) {
    if (!key) {
        throw new Error("No data key!");
    }
@@ -47,7 +47,7 @@ function encryptCbc(key, iv, plainText) {
    return encryptedData.toString('base64');
 }
-function decryptCbc(key, iv, cipherText) {
+function decrypt(key, iv, cipherText) {
    if (!key) {
        return "[protected]";
    }
@@ -69,8 +69,8 @@ function decryptCbc(key, iv, cipherText) {
    return payload;
 }
-function decryptCbcString(dataKey, iv, cipherText) {
+function decryptString(dataKey, iv, cipherText) {
-    const buffer = decryptCbc(dataKey, iv, cipherText);
+    const buffer = decrypt(dataKey, iv, cipherText);
    return buffer.toString('utf-8');
 }
@@ -84,9 +84,9 @@ function noteTextIv(iv) {
 }
 module.exports = {
-    encryptCbc,
+    encrypt,
-    decryptCbc,
+    decrypt,
-    decryptCbcString,
+    decryptString,
    noteTitleIv,
    noteTextIv
 };
--- a/services/notes.js
+++ b/services/notes.js
@@ -62,8 +62,8 @@ async function createNewNote(parentNoteId, note, browserId) {
 }
 async function encryptNote(note, ctx) {
-    note.detail.note_title = data_encryption.encryptCbc(ctx.getDataKey(), data_encryption.noteTitleIv(note.detail.note_id), note.detail.note_title);
+    note.detail.note_title = data_encryption.encrypt(ctx.getDataKey(), data_encryption.noteTitleIv(note.detail.note_id), note.detail.note_title);
-    note.detail.note_text = data_encryption.encryptCbc(ctx.getDataKey(), data_encryption.noteTextIv(note.detail.note_id), note.detail.note_text);
+    note.detail.note_text = data_encryption.encrypt(ctx.getDataKey(), data_encryption.noteTextIv(note.detail.note_id), note.detail.note_text);
 }
 async function protectNoteRecursively(noteId, dataKey, protect) {
@@ -82,15 +82,15 @@ async function protectNote(note, dataKey, protect) {
    let changed = false;
    if (protect && !note.is_protected) {
-        note.note_title = data_encryption.encryptCbc(dataKey, data_encryption.noteTitleIv(note.note_id), note.note_title);
+        note.note_title = data_encryption.encrypt(dataKey, data_encryption.noteTitleIv(note.note_id), note.note_title);
-        note.note_text = data_encryption.encryptCbc(dataKey, data_encryption.noteTextIv(note.note_id), note.note_text);
+        note.note_text = data_encryption.encrypt(dataKey, data_encryption.noteTextIv(note.note_id), note.note_text);
        note.is_protected = true;
        changed = true;
    }
    else if (!protect && note.is_protected) {
-        note.note_title = data_encryption.decryptCbcString(dataKey, data_encryption.noteTitleIv(note.note_id), note.note_title);
+        note.note_title = data_encryption.decryptString(dataKey, data_encryption.noteTitleIv(note.note_id), note.note_title);
-        note.note_text = data_encryption.decryptCbcString(dataKey, data_encryption.noteTextIv(note.note_id), note.note_text);
+        note.note_text = data_encryption.decryptString(dataKey, data_encryption.noteTextIv(note.note_id), note.note_text);
        note.is_protected = false;
        changed = true;
@@ -113,13 +113,13 @@ async function protectNoteHistory(noteId, dataKey, protect) {
    for (const history of historyToChange) {
        if (protect) {
-            history.note_title = data_encryption.encryptCbc(dataKey, data_encryption.noteTitleIv(history.note_history_id), history.note_title);
+            history.note_title = data_encryption.encrypt(dataKey, data_encryption.noteTitleIv(history.note_history_id), history.note_title);
-            history.note_text = data_encryption.encryptCbc(dataKey, data_encryption.noteTextIv(history.note_history_id), history.note_text);
+            history.note_text = data_encryption.encrypt(dataKey, data_encryption.noteTextIv(history.note_history_id), history.note_text);
            history.is_protected = true;
        }
        else {
-            history.note_title = data_encryption.decryptCbcString(dataKey, data_encryption.noteTitleIv(history.note_history_id), history.note_title);
+            history.note_title = data_encryption.decryptString(dataKey, data_encryption.noteTitleIv(history.note_history_id), history.note_title);
-            history.note_text = data_encryption.decryptCbcString(dataKey, data_encryption.noteTextIv(history.note_history_id), history.note_text);
+            history.note_text = data_encryption.decryptString(dataKey, data_encryption.noteTextIv(history.note_history_id), history.note_text);
            history.is_protected = false;
        }
--- a/services/password_encryption.js
+++ b/services/password_encryption.js
@@ -11,7 +11,7 @@ async function verifyPassword(password) {
    return givenPasswordHash === dbPasswordHash;
 }
-async function setDataKeyCbc(password, plainText) {
+async function setDataKey(password, plainText) {
    const passwordDerivedKey = await my_scrypt.getPasswordDerivedKey(password);
    const encryptedDataKeyIv = utils.randomSecureToken(16).slice(0, 16);
@@ -20,24 +20,24 @@ async function setDataKeyCbc(password, plainText) {
    const buffer = Buffer.from(plainText);
-    const newEncryptedDataKey = data_encryption.encryptCbc(passwordDerivedKey, encryptedDataKeyIv, buffer);
+    const newEncryptedDataKey = data_encryption.encrypt(passwordDerivedKey, encryptedDataKeyIv, buffer);
    await options.setOption('encrypted_data_key', newEncryptedDataKey);
 }
-async function getDecryptedDataKeyCbc(password) {
+async function getDataKey(password) {
    const passwordDerivedKey = await my_scrypt.getPasswordDerivedKey(password);
    const encryptedDataKeyIv = await options.getOption('encrypted_data_key_iv');
    const encryptedDataKey = await options.getOption('encrypted_data_key');
-    const decryptedDataKey = data_encryption.decryptCbc(passwordDerivedKey, encryptedDataKeyIv, encryptedDataKey);
+    const decryptedDataKey = data_encryption.decrypt(passwordDerivedKey, encryptedDataKeyIv, encryptedDataKey);
    return decryptedDataKey;
 }
 module.exports = {
    verifyPassword,
-    getDecryptedDataKeyCbc,
+    getDataKey,
-    setDataKeyCbc
+    setDataKey
 };
--- a/test/cbc_encryption.js
+++ b/test/cbc_encryption.js
@@ -6,8 +6,8 @@ test('encrypt & decrypt', t => {
    const iv = [4,5,6];
    const plainText = "Hello World!";
-    const cipherText = data_encryption.encryptCbc(dataKey, iv, plainText);
+    const cipherText = data_encryption.encrypt(dataKey, iv, plainText);
-    const decodedPlainText = data_encryption.decryptCbc(dataKey, iv, cipherText);
+    const decodedPlainText = data_encryption.decrypt(dataKey, iv, cipherText);
    t.equal(decodedPlainText, plainText);
    t.end();