Skip to content

Commit 31e9d27

Browse files
n1474335n1474335
committedMar 29, 2022
Merge branch 'master' of https://github.com/swesven/CyberChef into swesven-master
·
v10.19.410.6.0
2 parents 0c067d6 + 6155634 commit 31e9d27

File tree

9 files changed

+821
-7
lines changed

9 files changed

+821
-7
lines changed
 

‎src/core/config/Categories.json

+2
Original file line numberDiff line numberDiff line change
@@ -87,6 +87,8 @@
8787
"ROT47",
8888
"XOR",
8989
"XOR Brute Force",
90+
"SM4 Encrypt",
91+
"SM4 Decrypt",
9092
"Vigenère Encode",
9193
"Vigenère Decode",
9294
"To Morse Code",

‎src/core/lib/SM4.mjs

+329
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,329 @@
1+
/**
2+
* Complete implementation of SM4 cipher encryption/decryption with
3+
* ECB, CBC, CFB, OFB, CTR block modes.
4+
* These modes are specified in IETF draft-ribose-cfrg-sm4-09, see:
5+
* https://tools.ietf.org/id/draft-ribose-cfrg-sm4-09.html
6+
* for details.
7+
*
8+
* Follows spec from Cryptography Standardization Technical Comittee:
9+
* http://www.gmbz.org.cn/upload/2018-04-04/1522788048733065051.pdf
10+
*
11+
* @author swesven
12+
* @copyright 2021
13+
* @license Apache-2.0
14+
*/
15+
16+
import OperationError from "../errors/OperationError.mjs";
17+
18+
/** Number of rounds */
19+
const NROUNDS = 32;
20+
21+
/** block size in bytes */
22+
const BLOCKSIZE = 16;
23+
24+
/** The S box, 256 8-bit values */
25+
const Sbox = [
26+
0xd6, 0x90, 0xe9, 0xfe, 0xcc, 0xe1, 0x3d, 0xb7, 0x16, 0xb6, 0x14, 0xc2, 0x28, 0xfb, 0x2c, 0x05,
27+
0x2b, 0x67, 0x9a, 0x76, 0x2a, 0xbe, 0x04, 0xc3, 0xaa, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99,
28+
0x9c, 0x42, 0x50, 0xf4, 0x91, 0xef, 0x98, 0x7a, 0x33, 0x54, 0x0b, 0x43, 0xed, 0xcf, 0xac, 0x62,
29+
0xe4, 0xb3, 0x1c, 0xa9, 0xc9, 0x08, 0xe8, 0x95, 0x80, 0xdf, 0x94, 0xfa, 0x75, 0x8f, 0x3f, 0xa6,
30+
0x47, 0x07, 0xa7, 0xfc, 0xf3, 0x73, 0x17, 0xba, 0x83, 0x59, 0x3c, 0x19, 0xe6, 0x85, 0x4f, 0xa8,
31+
0x68, 0x6b, 0x81, 0xb2, 0x71, 0x64, 0xda, 0x8b, 0xf8, 0xeb, 0x0f, 0x4b, 0x70, 0x56, 0x9d, 0x35,
32+
0x1e, 0x24, 0x0e, 0x5e, 0x63, 0x58, 0xd1, 0xa2, 0x25, 0x22, 0x7c, 0x3b, 0x01, 0x21, 0x78, 0x87,
33+
0xd4, 0x00, 0x46, 0x57, 0x9f, 0xd3, 0x27, 0x52, 0x4c, 0x36, 0x02, 0xe7, 0xa0, 0xc4, 0xc8, 0x9e,
34+
0xea, 0xbf, 0x8a, 0xd2, 0x40, 0xc7, 0x38, 0xb5, 0xa3, 0xf7, 0xf2, 0xce, 0xf9, 0x61, 0x15, 0xa1,
35+
0xe0, 0xae, 0x5d, 0xa4, 0x9b, 0x34, 0x1a, 0x55, 0xad, 0x93, 0x32, 0x30, 0xf5, 0x8c, 0xb1, 0xe3,
36+
0x1d, 0xf6, 0xe2, 0x2e, 0x82, 0x66, 0xca, 0x60, 0xc0, 0x29, 0x23, 0xab, 0x0d, 0x53, 0x4e, 0x6f,
37+
0xd5, 0xdb, 0x37, 0x45, 0xde, 0xfd, 0x8e, 0x2f, 0x03, 0xff, 0x6a, 0x72, 0x6d, 0x6c, 0x5b, 0x51,
38+
0x8d, 0x1b, 0xaf, 0x92, 0xbb, 0xdd, 0xbc, 0x7f, 0x11, 0xd9, 0x5c, 0x41, 0x1f, 0x10, 0x5a, 0xd8,
39+
0x0a, 0xc1, 0x31, 0x88, 0xa5, 0xcd, 0x7b, 0xbd, 0x2d, 0x74, 0xd0, 0x12, 0xb8, 0xe5, 0xb4, 0xb0,
40+
0x89, 0x69, 0x97, 0x4a, 0x0c, 0x96, 0x77, 0x7e, 0x65, 0xb9, 0xf1, 0x09, 0xc5, 0x6e, 0xc6, 0x84,
41+
0x18, 0xf0, 0x7d, 0xec, 0x3a, 0xdc, 0x4d, 0x20, 0x79, 0xee, 0x5f, 0x3e, 0xd7, 0xcb, 0x39, 0x48];
42+
43+
/** "Fixed parameter CK" used in key expansion */
44+
const CK = [
45+
0x00070e15, 0x1c232a31, 0x383f464d, 0x545b6269,
46+
0x70777e85, 0x8c939aa1, 0xa8afb6bd, 0xc4cbd2d9,
47+
0xe0e7eef5, 0xfc030a11, 0x181f262d, 0x343b4249,
48+
0x50575e65, 0x6c737a81, 0x888f969d, 0xa4abb2b9,
49+
0xc0c7ced5, 0xdce3eaf1, 0xf8ff060d, 0x141b2229,
50+
0x30373e45, 0x4c535a61, 0x686f767d, 0x848b9299,
51+
0xa0a7aeb5, 0xbcc3cad1, 0xd8dfe6ed, 0xf4fb0209,
52+
0x10171e25, 0x2c333a41, 0x484f565d, 0x646b7279
53+
];
54+
55+
/** "System parameter FK" */
56+
const FK = [0xa3b1bac6, 0x56aa3350, 0x677d9197, 0xb27022dc];
57+
58+
/**
59+
* Rotating 32-bit shift left
60+
*
61+
* (Note that although JS integers are stored in doubles and thus have 53 bits,
62+
* the JS bitwise operations are 32-bit)
63+
*/
64+
function ROL(i, n) {
65+
return (i << n) | (i >>> (32 - n));
66+
}
67+
68+
/**
69+
* Linear transformation L
70+
*
71+
* @param {integer} b - a 32 bit integer
72+
*/
73+
function transformL(b) {
74+
/* Replace each of the 4 bytes in b with the value at its offset in the Sbox */
75+
b = (Sbox[(b >>> 24) & 0xFF] << 24) | (Sbox[(b >>> 16) & 0xFF] << 16) |
76+
(Sbox[(b >>> 8) & 0xFF] << 8) | Sbox[b & 0xFF];
77+
/* circular rotate and xor */
78+
return b ^ ROL(b, 2) ^ ROL(b, 10) ^ ROL(b, 18) ^ ROL(b, 24);
79+
}
80+
81+
/**
82+
* Linear transformation L'
83+
*
84+
* @param {integer} b - a 32 bit integer
85+
*/
86+
function transformLprime(b) {
87+
/* Replace each of the 4 bytes in b with the value at its offset in the Sbox */
88+
b = (Sbox[(b >>> 24) & 0xFF] << 24) | (Sbox[(b >>> 16) & 0xFF] << 16) |
89+
(Sbox[(b >>> 8) & 0xFF] << 8) | Sbox[b & 0xFF];
90+
return b ^ ROL(b, 13) ^ ROL(b, 23); /* circular rotate and XOR */
91+
}
92+
93+
/**
94+
* Initialize the round key
95+
*/
96+
function initSM4RoundKey(rawkey) {
97+
const K = rawkey.map((a, i) => a ^ FK[i]); /* K = rawkey ^ FK */
98+
const roundKey = [];
99+
for (let i = 0; i < 32; i++)
100+
roundKey[i] = K[i + 4] = K[i] ^ transformLprime(K[i + 1] ^ K[i + 2] ^ K[i + 3] ^ CK[i]);
101+
return roundKey;
102+
}
103+
104+
/**
105+
* Encrypts/decrypts a single block X (4 32-bit values) with a prepared round key.
106+
*
107+
* @param {intArray} X - A cleartext block.
108+
* @param {intArray} roundKey - The round key from initSMRoundKey for encrypting (reversed for decrypting).
109+
* @returns {byteArray} - The cipher text.
110+
*/
111+
function encryptBlockSM4(X, roundKey) {
112+
for (let i = 0; i < NROUNDS; i++)
113+
X[i + 4] = X[i] ^ transformL(X[i + 1] ^ X[i + 2] ^ X[i + 3] ^ roundKey[i]);
114+
return [X[35], X[34], X[33], X[32]];
115+
}
116+
117+
/**
118+
* Takes 16 bytes from an offset in an array and returns an array of 4 32-bit Big-Endian values.
119+
* (DataView won't work portably here as we need Big-Endian)
120+
*
121+
* @param {byteArray} bArray - the array of bytes
122+
* @param {integer} offset - starting offset in the array; 15 bytes must follow it.
123+
*/
124+
function bytesToInts(bArray, offs=0) {
125+
let offset = offs;
126+
const A = (bArray[offset] << 24) | (bArray[offset + 1] << 16) | (bArray[offset + 2] << 8) | bArray[offset + 3];
127+
offset += 4;
128+
const B = (bArray[offset] << 24) | (bArray[offset + 1] << 16) | (bArray[offset + 2] << 8) | bArray[offset + 3];
129+
offset += 4;
130+
const C = (bArray[offset] << 24) | (bArray[offset + 1] << 16) | (bArray[offset + 2] << 8) | bArray[offset + 3];
131+
offset += 4;
132+
const D = (bArray[offset] << 24) | (bArray[offset + 1] << 16) | (bArray[offset + 2] << 8) | bArray[offset + 3];
133+
return [A, B, C, D];
134+
}
135+
136+
/**
137+
* Inverse of bytesToInts above; takes an array of 32-bit integers and turns it into an array of bytes.
138+
* Again, Big-Endian order.
139+
*/
140+
function intsToBytes(ints) {
141+
const bArr = [];
142+
for (let i = 0; i < ints.length; i++) {
143+
bArr.push((ints[i] >> 24) & 0xFF);
144+
bArr.push((ints[i] >> 16) & 0xFF);
145+
bArr.push((ints[i] >> 8) & 0xFF);
146+
bArr.push(ints[i] & 0xFF);
147+
}
148+
return bArr;
149+
}
150+
151+
/**
152+
* Encrypt using SM4 using a given block cipher mode.
153+
*
154+
* @param {byteArray} message - The clear text message; any length under 32 Gb or so.
155+
* @param {byteArray} key - The cipher key, 16 bytes.
156+
* @param {byteArray} iv - The IV or nonce, 16 bytes (not used with ECB mode)
157+
* @param {string} mode - The block cipher mode "CBC", "ECB", "CFB", "OFB", "CTR".
158+
* @param {boolean} noPadding - Don't add PKCS#7 padding if set.
159+
* @returns {byteArray} - The cipher text.
160+
*/
161+
export function encryptSM4(message, key, iv, mode="ECB", noPadding=false) {
162+
const messageLength = message.length;
163+
if (messageLength === 0)
164+
return [];
165+
const roundKey = initSM4RoundKey(bytesToInts(key, 0));
166+
167+
/* Pad with PKCS#7 if requested for ECB/CBC else add zeroes (which are sliced off at the end) */
168+
let padByte = 0;
169+
let nPadding = 16 - (message.length & 0xF);
170+
if (mode === "ECB" || mode === "CBC") {
171+
if (noPadding) {
172+
if (nPadding !== 16)
173+
throw new OperationError("No padding requested in "+mode+" mode but input is not a 16-byte multiple.");
174+
nPadding = 0;
175+
} else
176+
padByte = nPadding;
177+
}
178+
for (let i = 0; i < nPadding; i++)
179+
message.push(padByte);
180+
181+
const cipherText = [];
182+
switch (mode) {
183+
case "ECB":
184+
for (let i = 0; i < message.length; i += BLOCKSIZE)
185+
Array.prototype.push.apply(cipherText, intsToBytes(encryptBlockSM4(bytesToInts(message, i), roundKey)));
186+
break;
187+
case "CBC":
188+
iv = bytesToInts(iv, 0);
189+
for (let i = 0; i < message.length; i += BLOCKSIZE) {
190+
const block = bytesToInts(message, i);
191+
block[0] ^= iv[0]; block[1] ^= iv[1];
192+
block[2] ^= iv[2]; block[3] ^= iv[3];
193+
iv = encryptBlockSM4(block, roundKey);
194+
Array.prototype.push.apply(cipherText, intsToBytes(iv));
195+
}
196+
break;
197+
case "CFB":
198+
iv = bytesToInts(iv, 0);
199+
for (let i = 0; i < message.length; i += BLOCKSIZE) {
200+
iv = encryptBlockSM4(iv, roundKey);
201+
const block = bytesToInts(message, i);
202+
block[0] ^= iv[0]; block[1] ^= iv[1];
203+
block[2] ^= iv[2]; block[3] ^= iv[3];
204+
Array.prototype.push.apply(cipherText, intsToBytes(block));
205+
iv = block;
206+
}
207+
break;
208+
case "OFB":
209+
iv = bytesToInts(iv, 0);
210+
for (let i = 0; i < message.length; i += BLOCKSIZE) {
211+
iv = encryptBlockSM4(iv, roundKey);
212+
const block = bytesToInts(message, i);
213+
block[0] ^= iv[0]; block[1] ^= iv[1];
214+
block[2] ^= iv[2]; block[3] ^= iv[3];
215+
Array.prototype.push.apply(cipherText, intsToBytes(block));
216+
}
217+
break;
218+
case "CTR":
219+
iv = bytesToInts(iv, 0);
220+
for (let i = 0; i < message.length; i += BLOCKSIZE) {
221+
let iv2 = [...iv]; /* containing the IV + counter */
222+
iv2[3] += (i >> 4);/* Using a 32 bit counter here. 64 Gb encrypts should be enough for everyone. */
223+
iv2 = encryptBlockSM4(iv2, roundKey);
224+
const block = bytesToInts(message, i);
225+
block[0] ^= iv2[0]; block[1] ^= iv2[1];
226+
block[2] ^= iv2[2]; block[3] ^= iv2[3];
227+
Array.prototype.push.apply(cipherText, intsToBytes(block));
228+
}
229+
break;
230+
default:
231+
throw new OperationError("Invalid block cipher mode: "+mode);
232+
}
233+
if (mode !== "ECB" && mode !== "CBC")
234+
return cipherText.slice(0, messageLength);
235+
return cipherText;
236+
}
237+
238+
/**
239+
* Decrypt using SM4 using a given block cipher mode.
240+
*
241+
* @param {byteArray} cipherText - The ciphertext
242+
* @param {byteArray} key - The cipher key, 16 bytes.
243+
* @param {byteArray} iv - The IV or nonce, 16 bytes (not used with ECB mode)
244+
* @param {string} mode - The block cipher mode "CBC", "ECB", "CFB", "OFB", "CTR"
245+
* @param {boolean] ignorePadding - If true, ignore padding issues in ECB/CBC mode.
246+
* @returns {byteArray} - The cipher text.
247+
*/
248+
export function decryptSM4(cipherText, key, iv, mode="ECB", ignorePadding=false) {
249+
const originalLength = cipherText.length;
250+
if (originalLength === 0)
251+
return [];
252+
let roundKey = initSM4RoundKey(bytesToInts(key, 0));
253+
254+
if (mode === "ECB" || mode === "CBC") {
255+
/* Init decryption key */
256+
roundKey = roundKey.reverse();
257+
if ((originalLength & 0xF) !== 0 && !ignorePadding)
258+
throw new OperationError("With ECB or CBC modes, the input must be divisible into 16 byte blocks. ("+(cipherText.length & 0xF)+" bytes extra)");
259+
} else /* Pad dummy bytes for other modes, chop them off at the end */
260+
while ((cipherText.length & 0xF) !== 0)
261+
cipherText.push(0);
262+
263+
const clearText = [];
264+
switch (mode) {
265+
case "ECB":
266+
for (let i = 0; i < cipherText.length; i += BLOCKSIZE)
267+
Array.prototype.push.apply(clearText, intsToBytes(encryptBlockSM4(bytesToInts(cipherText, i), roundKey)));
268+
break;
269+
case "CBC":
270+
iv = bytesToInts(iv, 0);
271+
for (let i = 0; i < cipherText.length; i += BLOCKSIZE) {
272+
const block = encryptBlockSM4(bytesToInts(cipherText, i), roundKey);
273+
block[0] ^= iv[0]; block[1] ^= iv[1];
274+
block[2] ^= iv[2]; block[3] ^= iv[3];
275+
Array.prototype.push.apply(clearText, intsToBytes(block));
276+
iv = bytesToInts(cipherText, i);
277+
}
278+
break;
279+
case "CFB":
280+
iv = bytesToInts(iv, 0);
281+
for (let i = 0; i < cipherText.length; i += BLOCKSIZE) {
282+
iv = encryptBlockSM4(iv, roundKey);
283+
const block = bytesToInts(cipherText, i);
284+
block[0] ^= iv[0]; block[1] ^= iv[1];
285+
block[2] ^= iv[2]; block[3] ^= iv[3];
286+
Array.prototype.push.apply(clearText, intsToBytes(block));
287+
iv = bytesToInts(cipherText, i);
288+
}
289+
break;
290+
case "OFB":
291+
iv = bytesToInts(iv, 0);
292+
for (let i = 0; i < cipherText.length; i += BLOCKSIZE) {
293+
iv = encryptBlockSM4(iv, roundKey);
294+
const block = bytesToInts(cipherText, i);
295+
block[0] ^= iv[0]; block[1] ^= iv[1];
296+
block[2] ^= iv[2]; block[3] ^= iv[3];
297+
Array.prototype.push.apply(clearText, intsToBytes(block));
298+
}
299+
break;
300+
case "CTR":
301+
iv = bytesToInts(iv, 0);
302+
for (let i = 0; i < cipherText.length; i += BLOCKSIZE) {
303+
let iv2 = [...iv]; /* containing the IV + counter */
304+
iv2[3] += (i >> 4);/* Using a 32 bit counter here. 64 Gb encrypts should be enough for everyone. */
305+
iv2 = encryptBlockSM4(iv2, roundKey);
306+
const block = bytesToInts(cipherText, i);
307+
block[0] ^= iv2[0]; block[1] ^= iv2[1];
308+
block[2] ^= iv2[2]; block[3] ^= iv2[3];
309+
Array.prototype.push.apply(clearText, intsToBytes(block));
310+
}
311+
break;
312+
default:
313+
throw new OperationError("Invalid block cipher mode: "+mode);
314+
}
315+
/* Check PKCS#7 padding */
316+
if (mode === "ECB" || mode === "CBC") {
317+
if (ignorePadding)
318+
return clearText;
319+
const padByte = clearText[clearText.length - 1];
320+
if (padByte > 16)
321+
throw new OperationError("Invalid PKCS#7 padding.");
322+
for (let i = 0; i < padByte; i++)
323+
if (clearText[clearText.length -i - 1] !== padByte)
324+
throw new OperationError("Invalid PKCS#7 padding.");
325+
return clearText.slice(0, clearText.length - padByte);
326+
}
327+
return clearText.slice(0, originalLength);
328+
}
329+

‎src/core/operations/AESDecrypt.mjs

+16-2
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ class AESDecrypt extends Operation {
2222

2323
this.name = "AES Decrypt";
2424
this.module = "Ciphers";
25-
this.description = "Advanced Encryption Standard (AES) is a U.S. Federal Information Processing Standard (FIPS). It was selected after a 5-year process where 15 competing designs were evaluated.<br><br><b>Key:</b> The following algorithms will be used based on the size of the key:<ul><li>16 bytes = AES-128</li><li>24 bytes = AES-192</li><li>32 bytes = AES-256</li></ul><br><br><b>IV:</b> The Initialization Vector should be 16 bytes long. If not entered, it will default to 16 null bytes.<br><br><b>Padding:</b> In CBC and ECB mode, PKCS#7 padding will be used.<br><br><b>GCM Tag:</b> This field is ignored unless 'GCM' mode is used.";
25+
this.description = "Advanced Encryption Standard (AES) is a U.S. Federal Information Processing Standard (FIPS). It was selected after a 5-year process where 15 competing designs were evaluated.<br><br><b>Key:</b> The following algorithms will be used based on the size of the key:<ul><li>16 bytes = AES-128</li><li>24 bytes = AES-192</li><li>32 bytes = AES-256</li></ul><br><br><b>IV:</b> The Initialization Vector should be 16 bytes long. If not entered, it will default to 16 null bytes.<br><br><b>Padding:</b> In CBC and ECB mode, PKCS#7 padding will be used as a default.<br><br><b>GCM Tag:</b> This field is ignored unless 'GCM' mode is used.";
2626
this.infoURL = "https://wikipedia.org/wiki/Advanced_Encryption_Standard";
2727
this.inputType = "string";
2828
this.outputType = "string";
@@ -66,6 +66,14 @@ class AESDecrypt extends Operation {
6666
{
6767
name: "ECB",
6868
off: [5, 6]
69+
},
70+
{
71+
name: "CBC/NoPadding",
72+
off: [5, 6]
73+
},
74+
{
75+
name: "ECB/NoPadding",
76+
off: [5, 6]
6977
}
7078
]
7179
},
@@ -104,7 +112,7 @@ class AESDecrypt extends Operation {
104112
run(input, args) {
105113
const key = Utils.convertToByteString(args[0].string, args[0].option),
106114
iv = Utils.convertToByteString(args[1].string, args[1].option),
107-
mode = args[2],
115+
mode = args[2].substring(0, 3),
108116
inputType = args[3],
109117
outputType = args[4],
110118
gcmTag = Utils.convertToByteString(args[5].string, args[5].option),
@@ -122,6 +130,12 @@ The following algorithms will be used based on the size of the key:
122130
input = Utils.convertToByteString(input, inputType);
123131

124132
const decipher = forge.cipher.createDecipher("AES-" + mode, key);
133+
/* Allow for a "no padding" mode */
134+
if (args[2].endsWith("NoPadding")) {
135+
decipher.mode.unpad = function(output, options) {
136+
return true;
137+
};
138+
}
125139
decipher.start({
126140
iv: iv.length === 0 ? "" : iv,
127141
tag: mode === "GCM" ? gcmTag : undefined,

‎src/core/operations/DESDecrypt.mjs

+10-3
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ class DESDecrypt extends Operation {
2222

2323
this.name = "DES Decrypt";
2424
this.module = "Ciphers";
25-
this.description = "DES is a previously dominant algorithm for encryption, and was published as an official U.S. Federal Information Processing Standard (FIPS). It is now considered to be insecure due to its small key size.<br><br><b>Key:</b> DES uses a key length of 8 bytes (64 bits).<br>Triple DES uses a key length of 24 bytes (192 bits).<br><br><b>IV:</b> The Initialization Vector should be 8 bytes long. If not entered, it will default to 8 null bytes.<br><br><b>Padding:</b> In CBC and ECB mode, PKCS#7 padding will be used.";
25+
this.description = "DES is a previously dominant algorithm for encryption, and was published as an official U.S. Federal Information Processing Standard (FIPS). It is now considered to be insecure due to its small key size.<br><br><b>Key:</b> DES uses a key length of 8 bytes (64 bits).<br>Triple DES uses a key length of 24 bytes (192 bits).<br><br><b>IV:</b> The Initialization Vector should be 8 bytes long. If not entered, it will default to 8 null bytes.<br><br><b>Padding:</b> In CBC and ECB mode, PKCS#7 padding will be used as a default.";
2626
this.infoURL = "https://wikipedia.org/wiki/Data_Encryption_Standard";
2727
this.inputType = "string";
2828
this.outputType = "string";
@@ -42,7 +42,7 @@ class DESDecrypt extends Operation {
4242
{
4343
"name": "Mode",
4444
"type": "option",
45-
"value": ["CBC", "CFB", "OFB", "CTR", "ECB"]
45+
"value": ["CBC", "CFB", "OFB", "CTR", "ECB", "CBC/NoPadding", "ECB/NoPadding"]
4646
},
4747
{
4848
"name": "Input",
@@ -65,7 +65,8 @@ class DESDecrypt extends Operation {
6565
run(input, args) {
6666
const key = Utils.convertToByteString(args[0].string, args[0].option),
6767
iv = Utils.convertToByteArray(args[1].string, args[1].option),
68-
[,, mode, inputType, outputType] = args;
68+
mode = args[2].substring(0, 3),
69+
[,,, inputType, outputType] = args;
6970

7071
if (key.length !== 8) {
7172
throw new OperationError(`Invalid key length: ${key.length} bytes
@@ -83,6 +84,12 @@ Make sure you have specified the type correctly (e.g. Hex vs UTF8).`);
8384
input = Utils.convertToByteString(input, inputType);
8485

8586
const decipher = forge.cipher.createDecipher("DES-" + mode, key);
87+
/* Allow for a "no padding" mode */
88+
if (args[2].endsWith("NoPadding")) {
89+
decipher.mode.unpad = function(output, options) {
90+
return true;
91+
};
92+
}
8693
decipher.start({iv: iv});
8794
decipher.update(forge.util.createBuffer(input));
8895
const result = decipher.finish();

‎src/core/operations/SM4Decrypt.mjs

+88
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,88 @@
1+
/**
2+
* @author swesven
3+
* @copyright 2021
4+
* @license Apache-2.0
5+
*/
6+
7+
import Operation from "../Operation.mjs";
8+
import Utils from "../Utils.mjs";
9+
import OperationError from "../errors/OperationError.mjs";
10+
import { toHex } from "../lib/Hex.mjs";
11+
import { decryptSM4 } from "../lib/SM4.mjs";
12+
13+
/**
14+
* SM4 Decrypt operation
15+
*/
16+
class SM4Decrypt extends Operation {
17+
18+
/**
19+
* SM4Encrypt constructor
20+
*/
21+
constructor() {
22+
super();
23+
24+
this.name = "SM4 Decrypt";
25+
this.module = "Ciphers";
26+
this.description = "SM4 is a 128-bit block cipher, currently established as a national standard (GB/T 32907-2016) of China.";
27+
this.infoURL = "https://en.wikipedia.org/wiki/SM4_(cipher)";
28+
this.inputType = "string";
29+
this.outputType = "string";
30+
this.args = [
31+
{
32+
"name": "Key",
33+
"type": "toggleString",
34+
"value": "",
35+
"toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
36+
},
37+
{
38+
"name": "IV",
39+
"type": "toggleString",
40+
"value": "",
41+
"toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
42+
},
43+
{
44+
"name": "Mode",
45+
"type": "option",
46+
"value": ["CBC", "CFB", "OFB", "CTR", "ECB", "CBC/NoPadding", "ECB/NoPadding"]
47+
},
48+
{
49+
"name": "Input",
50+
"type": "option",
51+
"value": ["Raw", "Hex"]
52+
},
53+
{
54+
"name": "Output",
55+
"type": "option",
56+
"value": ["Hex", "Raw"]
57+
}
58+
];
59+
}
60+
61+
/**
62+
* @param {string} input
63+
* @param {Object[]} args
64+
* @returns {string}
65+
*/
66+
run(input, args) {
67+
const key = Utils.convertToByteArray(args[0].string, args[0].option),
68+
iv = Utils.convertToByteArray(args[1].string, args[1].option),
69+
[,, mode, inputType, outputType] = args;
70+
71+
if (key.length !== 16)
72+
throw new OperationError(`Invalid key length: ${key.length} bytes
73+
74+
SM4 uses a key length of 16 bytes (128 bits).`);
75+
if (iv.length !== 16 && !mode.startsWith("ECB"))
76+
throw new OperationError(`Invalid IV length: ${iv.length} bytes
77+
78+
SM4 uses an IV length of 16 bytes (128 bits).
79+
Make sure you have specified the type correctly (e.g. Hex vs UTF8).`);
80+
81+
input = Utils.convertToByteArray(input, inputType);
82+
const output = decryptSM4(input, key, iv, mode.substring(0, 3), mode.endsWith("NoPadding"));
83+
return outputType === "Hex" ? toHex(output) : Utils.byteArrayToUtf8(output);
84+
}
85+
86+
}
87+
88+
export default SM4Decrypt;

‎src/core/operations/SM4Encrypt.mjs

+88
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,88 @@
1+
/**
2+
* @author swesven
3+
* @copyright 2021
4+
* @license Apache-2.0
5+
*/
6+
7+
import Operation from "../Operation.mjs";
8+
import Utils from "../Utils.mjs";
9+
import OperationError from "../errors/OperationError.mjs";
10+
import { toHex } from "../lib/Hex.mjs";
11+
import { encryptSM4 } from "../lib/SM4.mjs";
12+
13+
/**
14+
* SM4 Encrypt operation
15+
*/
16+
class SM4Encrypt extends Operation {
17+
18+
/**
19+
* SM4Encrypt constructor
20+
*/
21+
constructor() {
22+
super();
23+
24+
this.name = "SM4 Encrypt";
25+
this.module = "Ciphers";
26+
this.description = "SM4 is a 128-bit block cipher, currently established as a national standard (GB/T 32907-2016) of China. Multiple block cipher modes are supported. When using CBC or ECB mode, the PKCS#7 padding scheme is used.";
27+
this.infoURL = "https://en.wikipedia.org/wiki/SM4_(cipher)";
28+
this.inputType = "string";
29+
this.outputType = "string";
30+
this.args = [
31+
{
32+
"name": "Key",
33+
"type": "toggleString",
34+
"value": "",
35+
"toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
36+
},
37+
{
38+
"name": "IV",
39+
"type": "toggleString",
40+
"value": "",
41+
"toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
42+
},
43+
{
44+
"name": "Mode",
45+
"type": "option",
46+
"value": ["CBC", "CFB", "OFB", "CTR", "ECB"]
47+
},
48+
{
49+
"name": "Input",
50+
"type": "option",
51+
"value": ["Raw", "Hex"]
52+
},
53+
{
54+
"name": "Output",
55+
"type": "option",
56+
"value": ["Hex", "Raw"]
57+
}
58+
];
59+
}
60+
61+
/**
62+
* @param {string} input
63+
* @param {Object[]} args
64+
* @returns {string}
65+
*/
66+
run(input, args) {
67+
const key = Utils.convertToByteArray(args[0].string, args[0].option),
68+
iv = Utils.convertToByteArray(args[1].string, args[1].option),
69+
[,, mode, inputType, outputType] = args;
70+
71+
if (key.length !== 16)
72+
throw new OperationError(`Invalid key length: ${key.length} bytes
73+
74+
SM4 uses a key length of 16 bytes (128 bits).`);
75+
if (iv.length !== 16 && !mode.startsWith("ECB"))
76+
throw new OperationError(`Invalid IV length: ${iv.length} bytes
77+
78+
SM4 uses an IV length of 16 bytes (128 bits).
79+
Make sure you have specified the type correctly (e.g. Hex vs UTF8).`);
80+
81+
input = Utils.convertToByteArray(input, inputType);
82+
const output = encryptSM4(input, key, iv, mode.substring(0, 3), mode.endsWith("NoPadding"));
83+
return outputType === "Hex" ? toHex(output) : Utils.byteArrayToUtf8(output);
84+
}
85+
86+
}
87+
88+
export default SM4Encrypt;

‎src/core/operations/TripleDESDecrypt.mjs

+8-2
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ class TripleDESDecrypt extends Operation {
4242
{
4343
"name": "Mode",
4444
"type": "option",
45-
"value": ["CBC", "CFB", "OFB", "CTR", "ECB"]
45+
"value": ["CBC", "CFB", "OFB", "CTR", "ECB", "CBC/NoPadding", "ECB/NoPadding"]
4646
},
4747
{
4848
"name": "Input",
@@ -65,7 +65,7 @@ class TripleDESDecrypt extends Operation {
6565
run(input, args) {
6666
const key = Utils.convertToByteString(args[0].string, args[0].option),
6767
iv = Utils.convertToByteArray(args[1].string, args[1].option),
68-
mode = args[2],
68+
mode = args[2].substring(0, 3),
6969
inputType = args[3],
7070
outputType = args[4];
7171

@@ -85,6 +85,12 @@ Make sure you have specified the type correctly (e.g. Hex vs UTF8).`);
8585
input = Utils.convertToByteString(input, inputType);
8686

8787
const decipher = forge.cipher.createDecipher("3DES-" + mode, key);
88+
/* Allow for a "no padding" mode */
89+
if (args[2].endsWith("NoPadding")) {
90+
decipher.mode.unpad = function(output, options) {
91+
return true;
92+
};
93+
}
8894
decipher.start({iv: iv});
8995
decipher.update(forge.util.createBuffer(input));
9096
const result = decipher.finish();

‎tests/operations/index.mjs

+1
Original file line numberDiff line numberDiff line change
@@ -75,6 +75,7 @@ import "./tests/SeqUtils.mjs";
7575
import "./tests/SetDifference.mjs";
7676
import "./tests/SetIntersection.mjs";
7777
import "./tests/SetUnion.mjs";
78+
import "./tests/SM4.mjs";
7879
import "./tests/StrUtils.mjs";
7980
import "./tests/SymmetricDifference.mjs";
8081
import "./tests/TextEncodingBruteForce.mjs";

‎tests/operations/tests/SM4.mjs

+279
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,279 @@
1+
/**
2+
* SM4 crypto tests.
3+
*
4+
* Test data used from IETF draft-ribose-cfrg-sm4-09, see:
5+
* https://tools.ietf.org/id/draft-ribose-cfrg-sm4-09.html
6+
*
7+
* @author swesven
8+
* @copyright 2021
9+
* @license Apache-2.0
10+
*/
11+
import TestRegister from "../../lib/TestRegister.mjs";
12+
13+
/* Cleartexts */
14+
const TWO_BLOCK_PLAIN = "aa aa aa aa bb bb bb bb cc cc cc cc dd dd dd dd ee ee ee ee ff ff ff ff aa aa aa aa bb bb bb bb";
15+
const FOUR_BLOCK_PLAIN = "aa aa aa aa aa aa aa aa bb bb bb bb bb bb bb bb cc cc cc cc cc cc cc cc dd dd dd dd dd dd dd dd ee ee ee ee ee ee ee ee ff ff ff ff ff ff ff ff aa aa aa aa aa aa aa aa bb bb bb bb bb bb bb bb";
16+
/* Keys */
17+
const KEY_1 = "01 23 45 67 89 ab cd ef fe dc ba 98 76 54 32 10";
18+
const KEY_2 = "fe dc ba 98 76 54 32 10 01 23 45 67 89 ab cd ef";
19+
/* IV */
20+
const IV = "00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f";
21+
/* Ciphertexts */
22+
const ECB_1 = "5e c8 14 3d e5 09 cf f7 b5 17 9f 8f 47 4b 86 19 2f 1d 30 5a 7f b1 7d f9 85 f8 1c 84 82 19 23 04";
23+
const ECB_2 = "c5 87 68 97 e4 a5 9b bb a7 2a 10 c8 38 72 24 5b 12 dd 90 bc 2d 20 06 92 b5 29 a4 15 5a c9 e6 00";
24+
/* With PKCS#7 padding */
25+
const ECB_1P ="5e c8 14 3d e5 09 cf f7 b5 17 9f 8f 47 4b 86 19 2f 1d 30 5a 7f b1 7d f9 85 f8 1c 84 82 19 23 04 00 2a 8a 4e fa 86 3c ca d0 24 ac 03 00 bb 40 d2";
26+
const ECB_2P= "c5 87 68 97 e4 a5 9b bb a7 2a 10 c8 38 72 24 5b 12 dd 90 bc 2d 20 06 92 b5 29 a4 15 5a c9 e6 00 a2 51 49 20 93 f8 f6 42 89 b7 8d 6e 8a 28 b1 c6";
27+
const CBC_1 = "78 eb b1 1c c4 0b 0a 48 31 2a ae b2 04 02 44 cb 4c b7 01 69 51 90 92 26 97 9b 0d 15 dc 6a 8f 6d";
28+
const CBC_2 = "0d 3a 6d dc 2d 21 c6 98 85 72 15 58 7b 7b b5 9a 91 f2 c1 47 91 1a 41 44 66 5e 1f a1 d4 0b ae 38";
29+
const OFB_1 = "ac 32 36 cb 86 1d d3 16 e6 41 3b 4e 3c 75 24 b7 1d 01 ac a2 48 7c a5 82 cb f5 46 3e 66 98 53 9b";
30+
const OFB_2 = "5d cc cd 25 a8 4b a1 65 60 d7 f2 65 88 70 68 49 33 fa 16 bd 5c d9 c8 56 ca ca a1 e1 01 89 7a 97";
31+
const CFB_1 = "ac 32 36 cb 86 1d d3 16 e6 41 3b 4e 3c 75 24 b7 69 d4 c5 4e d4 33 b9 a0 34 60 09 be b3 7b 2b 3f";
32+
const CFB_2 = "5d cc cd 25 a8 4b a1 65 60 d7 f2 65 88 70 68 49 0d 9b 86 ff 20 c3 bf e1 15 ff a0 2c a6 19 2c c5";
33+
const CTR_1 = "ac 32 36 cb 97 0c c2 07 91 36 4c 39 5a 13 42 d1 a3 cb c1 87 8c 6f 30 cd 07 4c ce 38 5c dd 70 c7 f2 34 bc 0e 24 c1 19 80 fd 12 86 31 0c e3 7b 92 6e 02 fc d0 fa a0 ba f3 8b 29 33 85 1d 82 45 14";
34+
const CTR_2 = "5d cc cd 25 b9 5a b0 74 17 a0 85 12 ee 16 0e 2f 8f 66 15 21 cb ba b4 4c c8 71 38 44 5b c2 9e 5c 0a e0 29 72 05 d6 27 04 17 3b 21 23 9b 88 7f 6c 8c b5 b8 00 91 7a 24 88 28 4b de 9e 16 ea 29 06";
35+
36+
TestRegister.addTests([
37+
{
38+
name: "SM4 Encrypt: ECB 1, No padding",
39+
input: TWO_BLOCK_PLAIN,
40+
expectedOutput: ECB_1,
41+
recipeConfig: [
42+
{
43+
"op": "SM4 Encrypt",
44+
"args": [{string: KEY_1, option: "Hex"}, {string: "", option: "Hex"}, "ECB/NoPadding", "Hex", "Hex"]
45+
}
46+
]
47+
},
48+
{
49+
name: "SM4 Encrypt: ECB 2, No padding",
50+
input: TWO_BLOCK_PLAIN,
51+
expectedOutput: ECB_2,
52+
recipeConfig: [
53+
{
54+
"op": "SM4 Encrypt",
55+
"args": [{string: KEY_2, option: "Hex"}, {string: "", option: "Hex"}, "ECB/NoPadding", "Hex", "Hex"]
56+
}
57+
]
58+
},
59+
{
60+
name: "SM4 Encrypt: ECB 1, With padding",
61+
input: TWO_BLOCK_PLAIN,
62+
expectedOutput: ECB_1P,
63+
recipeConfig: [
64+
{
65+
"op": "SM4 Encrypt",
66+
"args": [{string: KEY_1, option: "Hex"}, {string: "", option: "Hex"}, "ECB", "Hex", "Hex"]
67+
}
68+
]
69+
},
70+
{
71+
name: "SM4 Encrypt: ECB 2, With padding",
72+
input: TWO_BLOCK_PLAIN,
73+
expectedOutput: ECB_2P,
74+
recipeConfig: [
75+
{
76+
"op": "SM4 Encrypt",
77+
"args": [{string: KEY_2, option: "Hex"}, {string: "", option: "Hex"}, "ECB", "Hex", "Hex"]
78+
}
79+
]
80+
},
81+
{
82+
name: "SM4 Encrypt: CBC 1",
83+
input: TWO_BLOCK_PLAIN,
84+
expectedOutput: CBC_1,
85+
recipeConfig: [
86+
{
87+
"op": "SM4 Encrypt",
88+
"args": [{string: KEY_1, option: "Hex"}, {string: IV, option: "Hex"}, "CBC/NoPadding", "Hex", "Hex"]
89+
}
90+
]
91+
},
92+
{
93+
name: "SM4 Encrypt: CBC 2",
94+
input: TWO_BLOCK_PLAIN,
95+
expectedOutput: CBC_2,
96+
recipeConfig: [
97+
{
98+
"op": "SM4 Encrypt",
99+
"args": [{string: KEY_2, option: "Hex"}, {string: IV, option: "Hex"}, "CBC/NoPadding", "Hex", "Hex"]
100+
}
101+
]
102+
},
103+
{
104+
name: "SM4 Encrypt: OFB1",
105+
input: TWO_BLOCK_PLAIN,
106+
expectedOutput: OFB_1,
107+
recipeConfig: [
108+
{
109+
"op": "SM4 Encrypt",
110+
"args": [{string: KEY_1, option: "Hex"}, {string: IV, option: "Hex"}, "OFB", "Hex", "Hex"]
111+
}
112+
]
113+
},
114+
{
115+
name: "SM4 Encrypt: OFB2",
116+
input: TWO_BLOCK_PLAIN,
117+
expectedOutput: OFB_2,
118+
recipeConfig: [
119+
{
120+
"op": "SM4 Encrypt",
121+
"args": [{string: KEY_2, option: "Hex"}, {string: IV, option: "Hex"}, "OFB", "Hex", "Hex"]
122+
}
123+
]
124+
},
125+
{
126+
name: "SM4 Encrypt: CFB1",
127+
input: TWO_BLOCK_PLAIN,
128+
expectedOutput: CFB_1,
129+
recipeConfig: [
130+
{
131+
"op": "SM4 Encrypt",
132+
"args": [{string: KEY_1, option: "Hex"}, {string: IV, option: "Hex"}, "CFB", "Hex", "Hex"]
133+
}
134+
]
135+
},
136+
{
137+
name: "SM4 Encrypt: CFB2",
138+
input: TWO_BLOCK_PLAIN,
139+
expectedOutput: CFB_2,
140+
recipeConfig: [
141+
{
142+
"op": "SM4 Encrypt",
143+
"args": [{string: KEY_2, option: "Hex"}, {string: IV, option: "Hex"}, "CFB", "Hex", "Hex"]
144+
}
145+
]
146+
},
147+
{
148+
name: "SM4 Encrypt: CTR1",
149+
input: FOUR_BLOCK_PLAIN,
150+
expectedOutput: CTR_1,
151+
recipeConfig: [
152+
{
153+
"op": "SM4 Encrypt",
154+
"args": [{string: KEY_1, option: "Hex"}, {string: IV, option: "Hex"}, "CTR", "Hex", "Hex"]
155+
}
156+
]
157+
},
158+
{
159+
name: "SM4 Encrypt: CTR1",
160+
input: FOUR_BLOCK_PLAIN,
161+
expectedOutput: CTR_2,
162+
recipeConfig: [
163+
{
164+
"op": "SM4 Encrypt",
165+
"args": [{string: KEY_2, option: "Hex"}, {string: IV, option: "Hex"}, "CTR", "Hex", "Hex"]
166+
}
167+
]
168+
},
169+
{
170+
name: "SM4 Decrypt: ECB 1",
171+
input: ECB_1,
172+
expectedOutput: TWO_BLOCK_PLAIN,
173+
recipeConfig: [
174+
{
175+
"op": "SM4 Decrypt",
176+
"args": [{string: KEY_1, option: "Hex"}, {string: "", option: "Hex"}, "ECB/NoPadding", "Hex", "Hex"]
177+
}
178+
]
179+
},
180+
{
181+
name: "SM4 Decrypt: ECB 2",
182+
input: ECB_2,
183+
expectedOutput: TWO_BLOCK_PLAIN,
184+
recipeConfig: [
185+
{
186+
"op": "SM4 Decrypt",
187+
"args": [{string: KEY_2, option: "Hex"}, {string: "", option: "Hex"}, "ECB/NoPadding", "Hex", "Hex"]
188+
}
189+
]
190+
},
191+
{
192+
name: "SM4 Decrypt: CBC 1",
193+
input: CBC_1,
194+
expectedOutput: TWO_BLOCK_PLAIN,
195+
recipeConfig: [
196+
{
197+
"op": "SM4 Decrypt",
198+
"args": [{string: KEY_1, option: "Hex"}, {string: IV, option: "Hex"}, "CBC/NoPadding", "Hex", "Hex"]
199+
}
200+
]
201+
},
202+
{
203+
name: "SM4 Decrypt: CBC 2",
204+
input: CBC_2,
205+
expectedOutput: TWO_BLOCK_PLAIN,
206+
recipeConfig: [
207+
{
208+
"op": "SM4 Decrypt",
209+
"args": [{string: KEY_2, option: "Hex"}, {string: IV, option: "Hex"}, "CBC/NoPadding", "Hex", "Hex"]
210+
}
211+
]
212+
},
213+
{
214+
name: "SM4 Decrypt: OFB1",
215+
input: TWO_BLOCK_PLAIN,
216+
expectedOutput: OFB_1,
217+
recipeConfig: [
218+
{
219+
"op": "SM4 Decrypt",
220+
"args": [{string: KEY_1, option: "Hex"}, {string: IV, option: "Hex"}, "OFB", "Hex", "Hex"]
221+
}
222+
]
223+
},
224+
{
225+
name: "SM4 Decrypt: OFB2",
226+
input: OFB_2,
227+
expectedOutput: TWO_BLOCK_PLAIN,
228+
recipeConfig: [
229+
{
230+
"op": "SM4 Decrypt",
231+
"args": [{string: KEY_2, option: "Hex"}, {string: IV, option: "Hex"}, "OFB", "Hex", "Hex"]
232+
}
233+
]
234+
},
235+
{
236+
name: "SM4 Decrypt: CFB1",
237+
input: CFB_1,
238+
expectedOutput: TWO_BLOCK_PLAIN,
239+
recipeConfig: [
240+
{
241+
"op": "SM4 Decrypt",
242+
"args": [{string: KEY_1, option: "Hex"}, {string: IV, option: "Hex"}, "CFB", "Hex", "Hex"]
243+
}
244+
]
245+
},
246+
{
247+
name: "SM4 Decrypt: CFB2",
248+
input: CFB_2,
249+
expectedOutput: TWO_BLOCK_PLAIN,
250+
recipeConfig: [
251+
{
252+
"op": "SM4 Decrypt",
253+
"args": [{string: KEY_2, option: "Hex"}, {string: IV, option: "Hex"}, "CFB", "Hex", "Hex"]
254+
}
255+
]
256+
},
257+
{
258+
name: "SM4 Decrypt: CTR1",
259+
input: CTR_1,
260+
expectedOutput: FOUR_BLOCK_PLAIN,
261+
recipeConfig: [
262+
{
263+
"op": "SM4 Decrypt",
264+
"args": [{string: KEY_1, option: "Hex"}, {string: IV, option: "Hex"}, "CTR", "Hex", "Hex"]
265+
}
266+
]
267+
},
268+
{
269+
name: "SM4 Decrypt: CTR1",
270+
input: CTR_2,
271+
expectedOutput: FOUR_BLOCK_PLAIN,
272+
recipeConfig: [
273+
{
274+
"op": "SM4 Decrypt",
275+
"args": [{string: KEY_2, option: "Hex"}, {string: IV, option: "Hex"}, "CTR", "Hex", "Hex"]
276+
}
277+
]
278+
},
279+
]);

0 commit comments

Comments
 (0)
Please sign in to comment.