2018-05-14 18:23:16 +00:00
/ * *
* @ author n1474335 [ n1474335 @ gmail . com ]
* @ copyright Crown Copyright 2016
* @ license Apache - 2.0
* /
2019-07-09 12:23:59 +01:00
import Operation from "../Operation.mjs" ;
import Utils from "../Utils.mjs" ;
2020-12-11 17:58:23 +00:00
import forge from "node-forge" ;
2019-07-09 12:23:59 +01:00
import OperationError from "../errors/OperationError.mjs" ;
2018-05-14 18:23:16 +00:00
/ * *
* AES Decrypt operation
* /
class AESDecrypt extends Operation {
/ * *
* AESDecrypt constructor
* /
constructor ( ) {
super ( ) ;
this . name = "AES Decrypt" ;
this . module = "Ciphers" ;
Add the SM4 block cipher, also a no-padding option for block ciphers.
This adds an implementation of the SM4 block cipher, and operations
to encrypt and decrypt using it with CBC,ECB,CFB,OFB,CTR modes.
Also, a "no padding" option is added for AES,DES,3DES and SM4
decryption in ECB/CBC modes. This variant does not attempt to
validate the last block as being PKCS#7 padded.
This is useful, both since other padding schemes exist, and also
for decrypting data where the final block is missing.
2021-03-24 00:58:54 +01:00
this . description = "Advanced Encryption Standard (AES) is a U.S. Federal Information Processing Standard (FIPS). It was selected after a 5-year process where 15 competing designs were evaluated.<br><br><b>Key:</b> The following algorithms will be used based on the size of the key:<ul><li>16 bytes = AES-128</li><li>24 bytes = AES-192</li><li>32 bytes = AES-256</li></ul><br><br><b>IV:</b> The Initialization Vector should be 16 bytes long. If not entered, it will default to 16 null bytes.<br><br><b>Padding:</b> In CBC and ECB mode, PKCS#7 padding will be used as a default.<br><br><b>GCM Tag:</b> This field is ignored unless 'GCM' mode is used." ;
2018-08-21 19:07:13 +01:00
this . infoURL = "https://wikipedia.org/wiki/Advanced_Encryption_Standard" ;
2018-05-14 18:23:16 +00:00
this . inputType = "string" ;
this . outputType = "string" ;
this . args = [
{
"name" : "Key" ,
"type" : "toggleString" ,
"value" : "" ,
"toggleValues" : [ "Hex" , "UTF8" , "Latin1" , "Base64" ]
} ,
{
"name" : "IV" ,
"type" : "toggleString" ,
"value" : "" ,
"toggleValues" : [ "Hex" , "UTF8" , "Latin1" , "Base64" ]
} ,
{
"name" : "Mode" ,
2021-02-02 17:18:35 +00:00
"type" : "argSelector" ,
"value" : [
{
name : "CBC" ,
off : [ 5 , 6 ]
} ,
{
name : "CFB" ,
off : [ 5 , 6 ]
} ,
{
name : "OFB" ,
off : [ 5 , 6 ]
} ,
{
name : "CTR" ,
off : [ 5 , 6 ]
} ,
{
name : "GCM" ,
on : [ 5 , 6 ]
} ,
{
name : "ECB" ,
off : [ 5 , 6 ]
Add the SM4 block cipher, also a no-padding option for block ciphers.
This adds an implementation of the SM4 block cipher, and operations
to encrypt and decrypt using it with CBC,ECB,CFB,OFB,CTR modes.
Also, a "no padding" option is added for AES,DES,3DES and SM4
decryption in ECB/CBC modes. This variant does not attempt to
validate the last block as being PKCS#7 padded.
This is useful, both since other padding schemes exist, and also
for decrypting data where the final block is missing.
2021-03-24 00:58:54 +01:00
} ,
{
name : "CBC/NoPadding" ,
off : [ 5 , 6 ]
} ,
{
name : "ECB/NoPadding" ,
off : [ 5 , 6 ]
2021-02-02 17:18:35 +00:00
}
]
2018-05-14 18:23:16 +00:00
} ,
{
"name" : "Input" ,
"type" : "option" ,
"value" : [ "Hex" , "Raw" ]
} ,
{
"name" : "Output" ,
"type" : "option" ,
"value" : [ "Raw" , "Hex" ]
} ,
{
"name" : "GCM Tag" ,
"type" : "toggleString" ,
"value" : "" ,
"toggleValues" : [ "Hex" , "UTF8" , "Latin1" , "Base64" ]
2021-02-02 17:18:35 +00:00
} ,
{
"name" : "Additional Authenticated Data" ,
2021-02-22 19:33:52 +00:00
"type" : "toggleString" ,
"value" : "" ,
"toggleValues" : [ "Hex" , "UTF8" , "Latin1" , "Base64" ]
2018-05-14 18:23:16 +00:00
}
] ;
}
/ * *
* @ param { string } input
* @ param { Object [ ] } args
* @ returns { string }
2018-05-15 18:01:04 +01:00
*
* @ throws { OperationError } if cannot decrypt input or invalid key length
2018-05-14 18:23:16 +00:00
* /
run ( input , args ) {
2019-08-22 14:54:58 +01:00
const key = Utils . convertToByteString ( args [ 0 ] . string , args [ 0 ] . option ) ,
iv = Utils . convertToByteString ( args [ 1 ] . string , args [ 1 ] . option ) ,
Add the SM4 block cipher, also a no-padding option for block ciphers.
This adds an implementation of the SM4 block cipher, and operations
to encrypt and decrypt using it with CBC,ECB,CFB,OFB,CTR modes.
Also, a "no padding" option is added for AES,DES,3DES and SM4
decryption in ECB/CBC modes. This variant does not attempt to
validate the last block as being PKCS#7 padded.
This is useful, both since other padding schemes exist, and also
for decrypting data where the final block is missing.
2021-03-24 00:58:54 +01:00
mode = args [ 2 ] . substring ( 0 , 3 ) ,
2022-03-29 18:01:57 +01:00
noPadding = args [ 2 ] . endsWith ( "NoPadding" ) ,
2018-05-14 18:23:16 +00:00
inputType = args [ 3 ] ,
outputType = args [ 4 ] ,
2021-02-02 17:18:35 +00:00
gcmTag = Utils . convertToByteString ( args [ 5 ] . string , args [ 5 ] . option ) ,
2021-02-22 19:33:52 +00:00
aad = Utils . convertToByteString ( args [ 6 ] . string , args [ 6 ] . option ) ;
2018-05-14 18:23:16 +00:00
if ( [ 16 , 24 , 32 ] . indexOf ( key . length ) < 0 ) {
2018-05-15 18:01:04 +01:00
throw new OperationError ( ` Invalid key length: ${ key . length } bytes
2018-05-14 18:23:16 +00:00
The following algorithms will be used based on the size of the key :
16 bytes = AES - 128
24 bytes = AES - 192
2018-05-15 18:01:04 +01:00
32 bytes = AES - 256 ` );
2018-05-14 18:23:16 +00:00
}
input = Utils . convertToByteString ( input , inputType ) ;
const decipher = forge . cipher . createDecipher ( "AES-" + mode , key ) ;
2022-03-29 18:01:57 +01:00
Add the SM4 block cipher, also a no-padding option for block ciphers.
This adds an implementation of the SM4 block cipher, and operations
to encrypt and decrypt using it with CBC,ECB,CFB,OFB,CTR modes.
Also, a "no padding" option is added for AES,DES,3DES and SM4
decryption in ECB/CBC modes. This variant does not attempt to
validate the last block as being PKCS#7 padded.
This is useful, both since other padding schemes exist, and also
for decrypting data where the final block is missing.
2021-03-24 00:58:54 +01:00
/* Allow for a "no padding" mode */
2022-03-29 18:01:57 +01:00
if ( noPadding ) {
Add the SM4 block cipher, also a no-padding option for block ciphers.
This adds an implementation of the SM4 block cipher, and operations
to encrypt and decrypt using it with CBC,ECB,CFB,OFB,CTR modes.
Also, a "no padding" option is added for AES,DES,3DES and SM4
decryption in ECB/CBC modes. This variant does not attempt to
validate the last block as being PKCS#7 padded.
This is useful, both since other padding schemes exist, and also
for decrypting data where the final block is missing.
2021-03-24 00:58:54 +01:00
decipher . mode . unpad = function ( output , options ) {
return true ;
} ;
}
2022-03-29 18:01:57 +01:00
2018-05-14 18:23:16 +00:00
decipher . start ( {
2019-08-21 14:27:56 +01:00
iv : iv . length === 0 ? "" : iv ,
2021-02-02 17:18:35 +00:00
tag : mode === "GCM" ? gcmTag : undefined ,
additionalData : mode === "GCM" ? aad : undefined
2018-05-14 18:23:16 +00:00
} ) ;
decipher . update ( forge . util . createBuffer ( input ) ) ;
const result = decipher . finish ( ) ;
if ( result ) {
return outputType === "Hex" ? decipher . output . toHex ( ) : decipher . output . getBytes ( ) ;
} else {
2018-05-15 18:01:04 +01:00
throw new OperationError ( "Unable to decrypt input with these parameters." ) ;
2018-05-14 18:23:16 +00:00
}
}
}
export default AESDecrypt ;
