george/PrivateBin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

while we do start the collection of randomness even before initializing our logic, raising the 'paranoia' parameter to 10 ensures that in legacy browsers not yet supporting the webcrypto API we would get an exception, instead of a weak key

Browse Source
This commit is contained in:
El RIDO
2018-08-01 21:56:23 +02:00
parent a5e8eeaaf9
commit 1be1047a94
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
js/privatebin.js
View File

@@ -640,7 +640,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
*/ */
me.getSymmetricKey = function() me.getSymmetricKey = function()
{ {
return sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 0), 0); return sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 10), 0);
}; };
return me; return me;

2
tpl/bootstrap.php
View File

@@ -75,7 +75,7 @@ if ($MARKDOWN):
<?php <?php
endif; endif;
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-C/vlB/eumPPeHhG1yef+INPYUqgFX2wZqKEXTdexDscnUfhXQZxQBvmrURPAgMhElJqlk9Tfn+jILk0d2Ds1DQ==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-PEu5amE2sP02bgpzUExfuqPJEXUml1DiVlulUAH1SH4pBx4AQoWFNTwmsG08hhE0QDlZt+mkDDhgrJ6rVRunmQ==" crossorigin="anonymous"></script>
<!--[if lt IE 10]> <!--[if lt IE 10]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style> <style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
<![endif]--> <![endif]-->

2
tpl/page.php
View File

@@ -53,7 +53,7 @@ if ($MARKDOWN):
<?php <?php
endif; endif;
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-C/vlB/eumPPeHhG1yef+INPYUqgFX2wZqKEXTdexDscnUfhXQZxQBvmrURPAgMhElJqlk9Tfn+jILk0d2Ds1DQ==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-PEu5amE2sP02bgpzUExfuqPJEXUml1DiVlulUAH1SH4pBx4AQoWFNTwmsG08hhE0QDlZt+mkDDhgrJ6rVRunmQ==" crossorigin="anonymous"></script>
<!--[if lt IE 10]> <!--[if lt IE 10]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style> <style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
<![endif]--> <![endif]-->