Skip to content

Commit 93ac6b2

Browse files
CopilotCopilot
authored
fix: bind EXPORT_VERSION to HKDF info string in key backup (bump to v3.1)
1 parent c075f26 commit 93ac6b2

1 file changed

Lines changed: 9 additions & 5 deletions

File tree

src/lib/crypto/private-key-manager.js

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ import { postQuantumEncryption } from './post-quantum-encryption.js';
1111
/**
1212
* Export format version for compatibility
1313
*/
14-
const EXPORT_VERSION = '3.0'; // Post-quantum: ChaCha20-Poly1305 + HKDF
14+
const EXPORT_VERSION = '3.1'; // Post-quantum: ChaCha20-Poly1305 + HKDF (version-bound HKDF info)
1515

1616
/**
1717
* Private key import/export manager
@@ -62,7 +62,7 @@ export class PrivateKeyManager {
6262
const passwordKey = await this._deriveKeyFromPassword(password, pbkdfSalt);
6363

6464
// Derive ChaCha20 key using HKDF (post-quantum key derivation)
65-
const chachaKey = await HKDF.derive(passwordKey, hkdfSalt, 'QryptChat-KeyBackup-ChaCha20', 32);
65+
const chachaKey = await HKDF.derive(passwordKey, hkdfSalt, `QryptChat-KeyBackup-v${EXPORT_VERSION}-ChaCha20`, 32);
6666

6767
// Generate nonce for ChaCha20-Poly1305
6868
const nonce = SecureRandom.getRandomBytes(12);
@@ -126,15 +126,19 @@ export class PrivateKeyManager {
126126

127127
let decryptedJson;
128128

129-
if (parsedData.version === '3.0' && parsedData.algorithm === 'ChaCha20-Poly1305-HKDF') {
130-
// v3.0: ChaCha20-Poly1305 + HKDF (post-quantum)
129+
if ((parsedData.version === '3.0' || parsedData.version === '3.1') && parsedData.algorithm === 'ChaCha20-Poly1305-HKDF') {
130+
// v3.0/v3.1: ChaCha20-Poly1305 + HKDF (post-quantum)
131+
// v3.0 used a static HKDF info string; v3.1+ binds the version to the info string
131132
const encryptedKeysBuffer = new Uint8Array(Base64.decode(parsedData.encryptedKeys));
132133
const pbkdfSalt = new Uint8Array(Base64.decode(parsedData.pbkdfSalt));
133134
const hkdfSalt = new Uint8Array(Base64.decode(parsedData.hkdfSalt));
134135
const nonce = new Uint8Array(Base64.decode(parsedData.nonce));
135136

136137
const passwordKey = await this._deriveKeyFromPassword(password, pbkdfSalt);
137-
const chachaKey = await HKDF.derive(passwordKey, hkdfSalt, 'QryptChat-KeyBackup-ChaCha20', 32);
138+
const hkdfInfo = parsedData.version === '3.0'
139+
? 'QryptChat-KeyBackup-ChaCha20'
140+
: `QryptChat-KeyBackup-v${parsedData.version}-ChaCha20`;
141+
const chachaKey = await HKDF.derive(passwordKey, hkdfSalt, hkdfInfo, 32);
138142

139143
let plaintext;
140144
try {

0 commit comments

Comments
 (0)