Hi! ~~~ On 05/04/2012 11:45 AM, Carsten Wentzlow wrote: > On 05/04/2012 11:17 AM, Tankred Hase wrote: >> You are correct the result would be a different cipher text each time. >> >> >> > According to rfc4880 the block size for AES is 16 octets. Perhaps it >> would make sense to use sha256 and use the bytes 0-15 as the encryption key >> and the bytes 16-31 as the randomPrefix. >> > >> >> As already described the standard defines this prefix to be random. I am >> not a crypto expert and so I can't answer if this is considered secure or >> not. I am tempted to say this could be a solution. >> >> >> Since I am trying to integrate external OAuth storage services such as >> Google Drive, deduplication of encrypted file blobs is currently not an >> issue anymore (Google should have enough storage ;)). >> >> Instead of using convergent encryption and generating a key for the files >> using SHA operations, I would like to generate 256 bit keys and 16 octets >> for the 'randomPrefix' using window.crypto.generateRandomValues()... this >> would be done before invoking the web worker, as to not have a reference to >> window in the worker code. >> >> One question regarding this: Does OpenPGP.js take any extra precautions when >> generating session keys used for symmetric encryption, or can I just use the >> output of crypto.generateRandomValues as my symmetric crypto key? >> > The Key and the Prefixrandom are secure random bytes taken from > openpgp_crypto_getRandomBytes passed to openpgp_crypto_symmetricEncrypt. > Please keep in mind that both strings MUST have the block-size length of the > cipher used. For doing so you can use openpgp_crypto_getPrefixRandom(algo) > with the algorithm number as argument. This calls > openpgp_crypto_getRandomBytes with the correct amount of bytes.
Well, that was incorrect. Only the prefixrandom MUST always be the block-size. To generate the key you can use function openpgp_crypto_generateSessionKey(algo) to create a key which is also just calling openpgp_crypto_getRandomBytes with the correct amount of bytes to generate. Not all algorithms used have the same block and key size, sorry. best regards, carsten _______________________________________________ http://openpgpjs.org
