Skip to content

feat: replace symmetric encryption algorithm by aes-256-gcm#233

Merged
vrolland merged 7 commits intomasterfrom
encryption-audit-aes-256-gcm
Jun 22, 2020
Merged

feat: replace symmetric encryption algorithm by aes-256-gcm#233
vrolland merged 7 commits intomasterfrom
encryption-audit-aes-256-gcm

Conversation

@vrolland
Copy link
Copy Markdown
Contributor

@vrolland vrolland commented Jun 19, 2020

Description of the changes

Following recommendations in the findings "RN-01-006 WP1" and "RN-01-007 WP1" of the encryption audit by Cure+53

@coveralls
Copy link
Copy Markdown

coveralls commented Jun 19, 2020
edited
Loading

Coverage Status

Coverage increased (+0.02%) to 90.142% when pulling 67d097e on encryption-audit-aes-256-gcm into 20c5e95 on master.

@vrolland vrolland changed the title WIP: replace symmetric encryption algorithm by aes-256-gcm feat: replace symmetric encryption algorithm by aes-256-gcm Jun 19, 2020
@vrolland vrolland requested review from addoxyz, benjlevesque, rittme and yomarion and removed request for rittme June 19, 2020 12:09
yomarion
yomarion approved these changes Jun 22, 2020
View reviewed changes
Copy link
Copy Markdown
Contributor

@yomarion yomarion left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we should specify somewhere that CBC was used before and we have to keep supporting it?

rittme
rittme approved these changes Jun 22, 2020
View reviewed changes
Copy link
Copy Markdown
Contributor

@rittme rittme left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks sleek. I love when good design pays off and something that could be a big undertaking is just a few changed files like this 🙂

packages/utils/src/crypto/crypto-wrapper.ts

// Create the decipher object
const decipher = createDecipheriv(AES_256_CBC_ALGORITHM, key, iv);
// decipher.setAuthTag(authTag);
Copy link
Copy Markdown
Contributor

@rittme rittme Jun 22, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Forgot to remove?

Copy link
Copy Markdown
Contributor Author

@vrolland vrolland Jun 22, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep exactly

@vrolland
Copy link
Copy Markdown
Contributor Author

vrolland commented Jun 22, 2020

This looks sleek. I love when good design pays off and something that could be a big undertaking is just a few changed files like this slightly_smiling_face

I can't agree more!

@vrolland vrolland merged commit 969bebe into master Jun 22, 2020
@vrolland vrolland deleted the encryption-audit-aes-256-gcm branch June 22, 2020 13:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@addoxyz addoxyz Awaiting requested review from addoxyz

3 more reviewers

@rittme rittme rittme approved these changes

@benjlevesque benjlevesque benjlevesque approved these changes

@yomarion yomarion yomarion approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@vrolland @coveralls @rittme @benjlevesque @yomarion