diff --git a/package.json b/package.json index c46b2c2..30f33e5 100644 --- a/package.json +++ b/package.json @@ -5,6 +5,7 @@ "dependencies": { "alertify.js": "^1.0.12", "browser-detect": "^0.2.28", + "crypto-js": "^3.1.9-1", "firebase": "^5.4.2", "history": "^4.7.2", "jss": "^9.8.7", diff --git a/src/pages/passwordManager/New.js b/src/components/PasswordManager/New.js similarity index 100% rename from src/pages/passwordManager/New.js rename to src/components/PasswordManager/New.js diff --git a/src/pages/Login.js b/src/pages/Login.js index a1b7d50..57f24e2 100644 --- a/src/pages/Login.js +++ b/src/pages/Login.js @@ -147,6 +147,11 @@ const Login = inject("rootStore") ( observer(
  • Copy the password by just one button click
    • +
    +
  • + For nerds: AES (Rijndael cipher) + encrypted with a 128 bits key, 10 rounds and a blocksize of 128 bits. Established by the U.S. NIST in 2001 and approved by the NSA for "top secret" information. +
    • diff --git a/src/pages/passwordManager/PasswordManager.js b/src/pages/passwordManager/PasswordManager.js index 98739b7..7a977f6 100644 --- a/src/pages/passwordManager/PasswordManager.js +++ b/src/pages/passwordManager/PasswordManager.js @@ -14,7 +14,7 @@ import { decrypt } from '../../stores/functions/encryption'; /* * Component imports */ -import New from './New'; +import New from '../../components/PasswordManager/New'; import Headline from '../../components/Headline'; jss.setup(preset()); @@ -289,6 +289,11 @@ const PasswordManager = inject("rootStore") ( observer(

    I advise you to choose one encryption key and use it for all your passwords in your list. Why? Using the same key makes decrypting easier for you because all entries are being decrypted correctly at the same time by using one single key.

    +
    +

    + For nerds: AES (Rijndael cipher) + encrypted with a 128 bits key, 10 rounds and a blocksize of 128 bits. Established by the U.S. NIST in 2001 and approved by the NSA for "top secret" information. +

    ); } diff --git a/src/stores/functions/encryption.js b/src/stores/functions/encryption.js index bc605eb..765e445 100644 --- a/src/stores/functions/encryption.js +++ b/src/stores/functions/encryption.js @@ -1,13 +1,24 @@ -function norm_to_ascii(string){return unescape(encodeURIComponent(string))}; -function norm_to_unicode(string){return decodeURIComponent(escape(string))}; -function crypt_sym(string,k){return String.fromCharCode.apply(undefined,string.split("").map(function(c){return c.charCodeAt(0)^(k||13)}))}; +import CryptoJS from 'crypto-js'; export function encrypt(string, key) { //Encrypt a string - return btoa(crypt_sym(norm_to_ascii(string), key)); + return CryptoJS.AES.encrypt(string, key).toString(); } -export function decrypt(string, key) { +export function decrypt(ciphertext, key) { //Decrypt a string - return crypt_sym(norm_to_unicode(atob(string)), key); + var bytes = CryptoJS.AES.decrypt(ciphertext, key); + var originalText; + + try { + originalText = bytes.toString(CryptoJS.enc.Utf8); + + if(originalText === '') { + originalText = CryptoJS.HMACMD5(key + ciphertext).toString(CryptoJS.enc.Hex).substring(0, 15); + } + } catch(ex) { + originalText = CryptoJS.SHA256(key + ciphertext).toString(CryptoJS.enc.Hex).substring(0, 15); + } + + return originalText; } \ No newline at end of file diff --git a/yarn.lock b/yarn.lock index c721eee..23ba0f7 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1889,6 +1889,10 @@ crypto-browserify@^3.11.0: randombytes "^2.0.0" randomfill "^1.0.3" +crypto-js@^3.1.9-1: + version "3.1.9-1" + resolved "https://registry.yarnpkg.com/crypto-js/-/crypto-js-3.1.9-1.tgz#fda19e761fc077e01ffbfdc6e9fdfc59e8806cd8" + crypto-random-string@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/crypto-random-string/-/crypto-random-string-1.0.0.tgz#a230f64f568310e1498009940790ec99545bca7e"