From b8595725334ab0f84f607ebbd7c1ac14aa82eb88 Mon Sep 17 00:00:00 2001
From: Warren Parad <gpg@warrenparad.net>
Date: Thu, 4 Apr 2024 22:49:30 +0200
Subject: [PATCH] Include default generated passphrase when none is specified.

---
 src/components/vanishingKeys.js | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/components/vanishingKeys.js b/src/components/vanishingKeys.js
index f8761e0..05fd302 100644
--- a/src/components/vanishingKeys.js
+++ b/src/components/vanishingKeys.js
@@ -116,8 +116,13 @@ async function handleClick(event) {
   }
 
   const secret = this.shadowRoot.getElementById('secret').value;
-  const passphrase = this.shadowRoot.getElementById('passphrase').value;
-  const includePassphrase = this.shadowRoot.getElementById('includePassphrase').checked || !passphrase;
+  const specifiedPassphrase = this.shadowRoot.getElementById('passphrase').value;
+  const includePassphrase = this.shadowRoot.getElementById('includePassphrase').checked || !specifiedPassphrase;
+
+  // This is not base32 but instead base32hex: https://datatracker.ietf.org/doc/html/rfc4648#section-7
+  const base32hexMap = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ23456789';
+  const fallbackPassphrase = [...(window.crypto || window.msCrypto).getRandomValues(new Uint8Array(24))].map(val => base32hexMap[val % 32]).join('');
+  const passphrase = specifiedPassphrase || fallbackPassphrase;
 
   const result = await encryptionManager.generateLink(secret, passphrase, includePassphrase, lifetime);
   if (!result) {