From 9f376e47466bdad929db8a038e83f1dbf77e1b59 Mon Sep 17 00:00:00 2001
From: Adrian Chifor <me@adrianchifor.com>
Date: Mon, 29 May 2017 14:00:58 +0100
Subject: [PATCH] Updated encryption mode to GCM

---
 README.md            | 2 +-
 templates/index.html | 4 ++--
 templates/paste.html | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index 040af29..323a9f0 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # [Ctrl + V Space](https://ctrlv.space)
 
-Encrypted paste service. **Encryption (AES256 using [Stanford Javascript Crypto Library](http://bitwiseshiftleft.github.io/sjcl/)) only happens on the client-side** and the **password is never sent to the server**.
+Encrypted paste service. **Encryption (AES256 GCM using [Stanford Javascript Crypto Library](http://bitwiseshiftleft.github.io/sjcl/)) only happens on the client-side** and the **password is never sent to the server**.
 
 The paste creation process:
 - Save button triggers `save()` function in *index.html*.
diff --git a/templates/index.html b/templates/index.html
index 342a742..c22aef6 100644
--- a/templates/index.html
+++ b/templates/index.html
@@ -175,7 +175,7 @@ <h2 id="instruction" onclick="selectText('instruction')">Just write, save and sh
             }
 
             var password = generatePassword(16, false);
-            var ciphertext = sjcl.encrypt(password, mde.value(), { ks:256 });
+            var ciphertext = sjcl.encrypt(password, mde.value(), { mode: "gcm", ks:256 });
 
             var formData = {};
 
@@ -184,7 +184,7 @@ <h2 id="instruction" onclick="selectText('instruction')">Just write, save and sh
 
                 if (destructOption == "read") {
                     var token = generatePassword(64, false);
-                    var encryptedToken = sjcl.encrypt(password, token, { ks:256 });
+                    var encryptedToken = sjcl.encrypt(password, token, { mode: "gcm", ks:256 });
 
                     formData = {
                         "ciphertext": String(ciphertext),
diff --git a/templates/paste.html b/templates/paste.html
index 19458ee..297e987 100644
--- a/templates/paste.html
+++ b/templates/paste.html
@@ -37,7 +37,7 @@
             if (ciphertext && ciphertext.length > 1) {
                 ciphertext = ciphertext.replace(/&#34;/g, '"');
                 try {
-                    var text = sjcl.decrypt(password, ciphertext, { ks:256 });
+                    var text = sjcl.decrypt(password, ciphertext, { mode: "gcm", ks:256 });
                     mde.value(text);
                 } catch (err) {
                     mde.value("Failed to decrypt content. **" + password + "** is not the right password.")
@@ -48,7 +48,7 @@
                 encryptedToken = encryptedToken.replace(/&#34;/g, '"');
 
                 try {
-                    var token = sjcl.decrypt(password, encryptedToken, { ks:256 });
+                    var token = sjcl.decrypt(password, encryptedToken, { mode: "gcm", ks:256 });
                     $.post("/api/v1/destruct", { "key": "{{ key }}", "token": token }, function(data) {});
                 } catch (err) {}
             }