]> git.codecow.com Git - libnemo.git/commitdiff
projects / libnemo.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e3ead7a)
Restrict iv to 96 bits per GCM best practice.
authorChris Duncan <chris@zoso.dev>
Fri, 8 Aug 2025 18:41:47 +0000 (11:41 -0700)
committerChris Duncan <chris@zoso.dev>
Fri, 8 Aug 2025 18:41:47 +0000 (11:41 -0700)
src/lib/safe.ts patch | blob | history

diff --git a/src/lib/safe.ts b/src/lib/safe.ts
index a1ef851480ff70d6dfb62b6cb6755771964a5d32..147a50f3105b849aa99e545fb3464dc84cb06fe4 100644 (file)
--- a/src/lib/safe.ts
+++ b/src/lib/safe.ts
@@ -356,7 +356,9 @@ export class Safe {
                        seed: bytes.toHex(new Uint8Array(this.#seed))
                }
                if (this.#mnemonic != null) data.mnemonic = this.#mnemonic
-               const iv = crypto.getRandomValues(new Uint8Array(32)).buffer
+
+               // restrict iv to 96 bits per GCM best practice
+               const iv = crypto.getRandomValues(new Uint8Array(12)).buffer
                const encoded = utf8.toBytes(JSON.stringify(data))
                const encrypted = await crypto.subtle.encrypt({ name: 'AES-GCM', iv }, key, encoded)
                return { iv, encrypted }
Asynchronous, non-blocking Nano cryptocurrency integration toolkit.