From cc829dc9347cda2cc5902d9751b418486aee4b19 Mon Sep 17 00:00:00 2001
From: "Clint.Network" <me@clint.network>
Date: Sun, 1 Mar 2020 18:57:18 +0100
Subject: [PATCH 1/2] Prevent empty iv or private key

---
 src/server.rs | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/src/server.rs b/src/server.rs
index 3ae4b06..e366b79 100644
--- a/src/server.rs
+++ b/src/server.rs
@@ -34,10 +34,18 @@ impl Server {
 
         let mut encryption_key = None;
         if configuration.encryption.enabled {
-            encryption_key = Some([
-                configuration.encryption.private_key.as_str(),
-                configuration.encryption.iv.as_str(),
-            ]);
+            if configuration.encryption.private_key.is_empty() {
+                panic!("The private key must be filled.");
+            }
+            else if configuration.encryption.iv.is_empty() {
+                panic!("The initialization vector must be filled.")
+            }
+            else {
+                encryption_key = Some([
+                    configuration.encryption.private_key.as_str(),
+                    configuration.encryption.iv.as_str(),
+                ]);
+            }
         }
         let store = Arc::new(KvStore::new(encryption_key));
         let store = warp::any().map(move || store.clone());

From ac350f99c82f87ac2a23465129b6bf0254c7cbb2 Mon Sep 17 00:00:00 2001
From: "Clint.Network" <me@clint.network>
Date: Sun, 1 Mar 2020 20:03:40 +0100
Subject: [PATCH 2/2] Generate private key and iv at initialization

---
 src/configuration.rs | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/configuration.rs b/src/configuration.rs
index ed82eb3..a331d09 100644
--- a/src/configuration.rs
+++ b/src/configuration.rs
@@ -5,6 +5,7 @@ use std::{
 
 use app_dirs::{AppDataType, AppDirsError};
 use log::LevelFilter;
+use rand::Rng;
 
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct Configuration {
@@ -49,8 +50,8 @@ impl Default for Configuration {
             },
             encryption: Encryption {
                 enabled: false,
-                private_key: String::new(),
-                iv: String::new(),
+                private_key: hex::encode(rand::thread_rng().gen::<[u8; 24]>()),
+                iv: hex::encode(rand::thread_rng().gen::<[u8; 16]>()),
             },
             webui: WebUI { enabled: false },
             store: Store { max_limit: 7340032 },