Closed
Bug 547007
Opened 15 years ago
Closed 15 years ago
Use a per-record IV instead of one for each symkey
Categories
(Firefox :: Sync, defect)
Firefox
Sync
Tracking
()
RESOLVED
FIXED
1.2
People
(Reporter: Mardak, Assigned: Mardak)
References
Details
Attachments
(1 file, 1 obsolete file)
(deleted),
patch
|
mconnor
:
review+
|
Details | Diff | Splinter Review |
This would prevent simple comparisons of encrypted blobs to see if some blocks happen to be the same.
Originally not done because it could be potentially expensive to generate an IV per record each time they're encrypted.
Assignee | ||
Updated•15 years ago
|
Flags: blocking-weave1.2+
Target Milestone: --- → 1.2
Assignee | ||
Comment 1•15 years ago
|
||
Assignee | ||
Updated•15 years ago
|
Assignee | ||
Comment 2•15 years ago
|
||
Attachment #430777 -
Attachment is obsolete: true
Attachment #431450 -
Flags: feedback?(edilee)
Attachment #430777 -
Flags: review?(mconnor)
Assignee | ||
Updated•15 years ago
|
Attachment #431450 -
Flags: feedback?(edilee) → review?(mconnor)
Comment 3•15 years ago
|
||
Comment on attachment 431450 [details] [diff] [review]
v1.1
>+ this.IV = Svc.Crypto.generateRandomIV();
> this.ciphertext = Svc.Crypto.encrypt(JSON.stringify(this.cleartext),
>- symkey, meta.bulkIV);
>+ symkey, this.IV);
nit: alignment (what was there before was correct)
> decrypt: function CryptoWrapper_decrypt(passphrase) {
> let pubkey = PubKeys.getDefaultKey();
> let privkey = PrivKeys.get(pubkey.privateKeyUri);
>
> let meta = CryptoMetas.get(this.encryption);
> let symkey = meta.getKey(privkey, passphrase);
>
>- this.cleartext = JSON.parse(Svc.Crypto.decrypt(this.ciphertext,
>- symkey, meta.bulkIV));
>+ this.cleartext = JSON.parse(Svc.Crypto.decrypt(this.ciphertext, symkey,
>+ this.IV));
nit: align this.IV with this.ciphertext
Attachment #431450 -
Flags: review?(mconnor) → review+
Updated•15 years ago
|
Whiteboard: [has patch][has review]
Assignee | ||
Comment 4•15 years ago
|
||
http://hg.mozilla.org/labs/weave/rev/f21e9a157628
Generate a random IV on every encrypt instead of taking it from the CryptoMeta. Don't bother generating a bulkIV per CryptoMeta.
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Whiteboard: [has patch][has review]
Updated•6 years ago
|
Component: Firefox Sync: Crypto → Sync
Product: Cloud Services → Firefox
You need to log in
before you can comment on or make changes to this bug.
Description
•