diff --git a/js/privatebin.js b/js/privatebin.js
index c3ece7b0..5b3d9266 100644
--- a/js/privatebin.js
+++ b/js/privatebin.js
@@ -699,15 +699,12 @@ jQuery.PrivateBin = (function($, RawDeflate) {
          * @async
          * @function
          * @private
-         * @param  {string} mode of AES (ctr, cbc, cmac, gcm, cfb, kw)
          * @param  {string} key
          * @param  {string} password
-         * @param  {string} salt used in HMAC
-         * @param  {int} iterations amount to apply
-         * @param  {int} keysize (128, 192 or 256)
+         * @param  {object} object cryptographic message
          * @return {CryptoKey} derived key
          */
-        async function deriveKey(mode, key, password, salt, iterations, keysize)
+        async function deriveKey(key, password, object)
         {
             let keyArray = StrToArr(key);
             if ((password || '').trim().length > 0) {
@@ -730,21 +727,39 @@ jQuery.PrivateBin = (function($, RawDeflate) {
             return await window.crypto.subtle.deriveKey(
                 {
                     name: 'PBKDF2', // we use PBKDF2 for key derivation
-                    salt: StrToArr(atob(salt)), // salt used in HMAC
-                    iterations: iterations, // amount of iterations to apply
+                    salt: StrToArr(atob(object.salt)), // salt used in HMAC
+                    iterations: object.iter, // amount of iterations to apply
                     hash: {name: 'SHA-256'} // can be "SHA-1", "SHA-256", "SHA-384" or "SHA-512"
                 },
                 importedKey,
                 {
-                    // can be any supported AES algorithm ("AES-CTR", "AES-CBC", "AES-CMAC", "AES-GCM", "AES-CFB", "AES-KW", "ECDH", "DH" or "HMAC")
-                    name: 'AES-' + mode.toUpperCase(),
-                    length: keysize // can be 128, 192 or 256
+                    name: 'AES-' + object.mode.toUpperCase(), // can be any supported AES algorithm ("AES-CTR", "AES-CBC", "AES-CMAC", "AES-GCM", "AES-CFB", "AES-KW", "ECDH", "DH" or "HMAC")
+                    length: object.ks // can be 128, 192 or 256
                 },
                 false, // the key may not be exported
                 ['encrypt'] // we may only use it for decryption
             );
         }
 
+        /**
+         * gets crypto settings from given object
+         *
+         * @name   CryptTool.cryptoSettings
+         * @function
+         * @private
+         * @param  {object} object cryptographic message
+         * @return {object} crypto settings
+         */
+        function cryptoSettings(object)
+        {
+            return {
+                name: 'AES-' + object.mode.toUpperCase(), // can be any supported AES algorithm ("AES-CTR", "AES-CBC", "AES-CMAC", "AES-GCM", "AES-CFB", "AES-KW", "ECDH", "DH" or "HMAC")
+                iv: StrToArr(atob(object.iv)), // the initialization vector you used to encrypt
+                additionalData: StrToArr(atob(object.adata)), // the addtional data you used during encryption (if any)
+                tagLength: object.ts // the length of the tag you used to encrypt (if any)
+            };
+        }
+
         /**
          * compress, then encrypt message with given key and password
          *
@@ -774,14 +789,8 @@ jQuery.PrivateBin = (function($, RawDeflate) {
 
             // finally, encrypt message
             const encrypted = await window.crypto.subtle.encrypt(
-                {
-                    // can be any supported AES algorithm ("AES-CTR", "AES-CBC", "AES-CMAC", "AES-GCM", "AES-CFB", "AES-KW", "ECDH", "DH" or "HMAC")
-                    name: algo,
-                    iv: StrToArr(iv), // the initialization vector you used to encrypt
-                    additionalData: StrToArr(atob(object.adata)), // the addtional data you used during encryption (if any)
-                    tagLength: object.ts // the length of the tag you used to encrypt (if any)
-                },
-                await deriveKey(object.mode, key, password, object.salt, object.iter, object.ks),
+                cryptoSettings(object),
+                await deriveKey(key, password, object),
                 StrToArr(compress(message)) // compressed plain text to encrypt
             );
             object.ct = btoa(ArrToStr(encrypted));
@@ -806,13 +815,8 @@ jQuery.PrivateBin = (function($, RawDeflate) {
                 return decompress(
                     ArrToStr(
                         await window.crypto.subtle.decrypt(
-                            {
-                                name: algo, // can be any supported AES algorithm ("AES-CTR", "AES-CBC", "AES-CMAC", "AES-GCM", "AES-CFB", "AES-KW", "ECDH", "DH" or "HMAC")
-                                iv: StrToArr(atob(object.iv)), // the initialization vector you used to encrypt
-                                additionalData: StrToArr(atob(object.adata)), // the addtional data you used during encryption (if any)
-                                tagLength: object.ts // the length of the tag you used to encrypt (if any)
-                            },
-                            await deriveKey(object.mode, key, password, object.salt, object.iter, object.ks),
+                            cryptoSettings(object),
+                            await deriveKey(key, password, object),
                             StrToArr(atob(object.ct)) // cipher text to decrypt
                         )
                     )
diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php
index 03dd724d..64c4e252 100644
--- a/tpl/bootstrap.php
+++ b/tpl/bootstrap.php
@@ -70,7 +70,7 @@ if ($MARKDOWN):
 endif;
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.7.js" integrity="sha512-VnKJHLosO8z2ojNvWk9BEKYqnhZyWK9rM90FgZUUEp/PRnUqR5OLLKE0a3BkVmn7YgB7LXRrjHgFHQYKd6DAIA==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-JNheFJ1QBN8s4U4lfDXguGVvnqJtrnt508Ew5PgAKWOTA2osRDgDJJYViz/A7XEd1NVAafN/qMDnIz/oqJkH/g==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-/hqrAlB/+OWfUg9D/0knhNkmUCzSJNqK2GIU3KBt/vhgfFiKGByOAzFYsyNxINu7c1pEwc/F/ZL5A/iF1rnK0Q==" crossorigin="anonymous"></script>
 		<!--[if lt IE 10]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
 		<![endif]-->
diff --git a/tpl/page.php b/tpl/page.php
index b6a245d5..1983ff57 100644
--- a/tpl/page.php
+++ b/tpl/page.php
@@ -48,7 +48,7 @@ if ($MARKDOWN):
 endif;
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.7.js" integrity="sha512-VnKJHLosO8z2ojNvWk9BEKYqnhZyWK9rM90FgZUUEp/PRnUqR5OLLKE0a3BkVmn7YgB7LXRrjHgFHQYKd6DAIA==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-JNheFJ1QBN8s4U4lfDXguGVvnqJtrnt508Ew5PgAKWOTA2osRDgDJJYViz/A7XEd1NVAafN/qMDnIz/oqJkH/g==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-/hqrAlB/+OWfUg9D/0knhNkmUCzSJNqK2GIU3KBt/vhgfFiKGByOAzFYsyNxINu7c1pEwc/F/ZL5A/iF1rnK0Q==" crossorigin="anonymous"></script>
 		<!--[if lt IE 10]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
 		<![endif]-->