From bf434555952b3788185a1a875955fa1acbf170b3 Mon Sep 17 00:00:00 2001
From: metamuffin <metamuffin@disroot.org>
Date: Wed, 6 Sep 2023 23:29:57 +0200
Subject: improve hash strength

---
 client-web/source/protocol/crypto.ts | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

(limited to 'client-web/source/protocol/crypto.ts')

diff --git a/client-web/source/protocol/crypto.ts b/client-web/source/protocol/crypto.ts
index 4a6efab..c5de90f 100644
--- a/client-web/source/protocol/crypto.ts
+++ b/client-web/source/protocol/crypto.ts
@@ -18,17 +18,10 @@ export async function crypto_seeded_key(seed: string): Promise<CryptoKey> {
         false,
         ["deriveKey"]
     )
-    //? TODO is it possible to use a unique seed per session here?
-    // const salt = window.crypto.getRandomValues(new Uint8Array(16));
     const salt = base64_to_buf("thisisagoodsaltAAAAAAA==") // valid "unique" 16-byte base-64 string
     log("crypto", "deriving key…")
     const key = await window.crypto.subtle.deriveKey(
-        {
-            name: "PBKDF2",
-            salt,
-            iterations: 250000,
-            hash: "SHA-256",
-        },
+        { name: "PBKDF2", salt, iterations: 250000, hash: "SHA-256" },
         seed_key,
         { name: "AES-GCM", length: 256 },
         false,
@@ -40,7 +33,7 @@ export async function crypto_seeded_key(seed: string): Promise<CryptoKey> {
 
 export async function crypt_hash(input: string): Promise<string> {
     const buf = new TextEncoder().encode("also-a-very-good-salt" + input)
-    const h = await window.crypto.subtle.digest({ name: "SHA-256" }, buf)
+    const h = await window.crypto.subtle.digest({ name: "SHA-512" }, buf)
     const hex = buf_to_hex(new Uint8Array(h))
     return hex
 }
-- 
cgit v1.2.3-70-g09d2