mirrors/CyberChef
1
0
Fork 0
mirror of https://github.com/gchq/CyberChef.git synced 2025-04-20 14:56:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Removed CryptoJS from Utils.js. UTF8 conversion is now achieved with the much smaller and actively maintained utf8 library.

Browse source
This commit is contained in:
n1474335 2017-12-25 23:11:52 +00:00
parent 4e00ac9300
commit 0e7989111f
9 changed files with 151 additions and 123 deletions
Download patch file Download diff file Expand all files Collapse all files

5
package-lock.json generated
View file

@ -8663,6 +8663,11 @@
} }
} }
}, },
"utf8": {
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/utf8/-/utf8-3.0.0.tgz",
"integrity": "sha512-E8VjFIQ/TyQgp+TZfS6l8yp/xWppSAHzidGiRrqe4bK4XP9pTRyKFgGJpO3SN7zdX4DeomTrwaseCHovfpFcqQ=="
},
"util": { "util": {
"version": "0.10.3", "version": "0.10.3",
"resolved": "https://registry.npmjs.org/util/-/util-0.10.3.tgz", "resolved": "https://registry.npmjs.org/util/-/util-0.10.3.tgz",

1
package.json
View file

@ -93,6 +93,7 @@
"sladex-blowfish": "^0.8.1", "sladex-blowfish": "^0.8.1",
"sortablejs": "^1.7.0", "sortablejs": "^1.7.0",
"split.js": "^1.3.5", "split.js": "^1.3.5",
"utf8": "^3.0.0",
"vkbeautify": "^0.99.3", "vkbeautify": "^0.99.3",
"xmldom": "^0.1.27", "xmldom": "^0.1.27",
"xpath": "0.0.24", "xpath": "0.0.24",

24
src/core/Dish.js
View file

@ -217,4 +217,28 @@ Dish.prototype.valid = function() {
} }
}; };
/**
* Determines how much space the Dish takes up.
* Numbers in JavaScript are 64-bit floating point, however for the purposes of the Dish,
* we measure how many bytes are taken up when the number is written as a string.
*
* @returns {number}
*/
Dish.prototype.size = function() {
switch (this.type) {
case Dish.BYTE_ARRAY:
case Dish.STRING:
case Dish.HTML:
return this.value.length;
case Dish.NUMBER:
return this.value.toString().length;
case Dish.ARRAY_BUFFER:
return this.value.byteLength;
default:
return -1;
}
};
export default Dish; export default Dish;

118
src/core/Utils.js
View file

@ -1,4 +1,4 @@
import CryptoJS from "crypto-js"; import utf8 from "utf8";
/** /**
@ -340,6 +340,32 @@ const Utils = {
}, },
/**
* Coverts data of varying types to a byteArray.
* Accepts hex, Base64, UTF8 and Latin1 strings.
*
* @param {string} str
* @param {string} type - One of "Hex", "Base64", "UTF8" or "Latin1"
* @returns {byteArray}
*
* @example
* // returns []
*/
convertToByteArray: function(str, type) {
switch (type.toLowerCase()) {
case "hex":
return Utils.fromHex(str);
case "base64":
return Utils.fromBase64(str, null, "byteArray");
case "utf8":
return Utils.strToUtf8ByteArray(str);
case "latin1":
default:
return Utils.strToByteArray(str);
}
},
/** /**
* Converts a string to a byte array. * Converts a string to a byte array.
* Treats the string as UTF-8 if any values are over 255. * Treats the string as UTF-8 if any values are over 255.
@ -381,17 +407,17 @@ const Utils = {
* Utils.strToUtf8ByteArray("你好"); * Utils.strToUtf8ByteArray("你好");
*/ */
strToUtf8ByteArray: function(str) { strToUtf8ByteArray: function(str) {
let wordArray = CryptoJS.enc.Utf8.parse(str), const utf8Str = utf8.encode(str);
byteArray = Utils.wordArrayToByteArray(wordArray);
if (str.length !== wordArray.sigBytes) { if (str.length !== utf8Str.length) {
if (ENVIRONMENT_IS_WORKER()) { if (ENVIRONMENT_IS_WORKER()) {
self.setOption("attemptHighlight", false); self.setOption("attemptHighlight", false);
} else if (ENVIRONMENT_IS_WEB()) { } else if (ENVIRONMENT_IS_WEB()) {
window.app.options.attemptHighlight = false; window.app.options.attemptHighlight = false;
} }
} }
return byteArray;
return Utils.strToByteArray(utf8Str);
}, },
@ -443,26 +469,21 @@ const Utils = {
* Utils.byteArrayToUtf8([228,189,160,229,165,189]); * Utils.byteArrayToUtf8([228,189,160,229,165,189]);
*/ */
byteArrayToUtf8: function(byteArray) { byteArrayToUtf8: function(byteArray) {
const str = Utils.byteArrayToChars(byteArray);
try { try {
// Try to output data as UTF-8 string const utf8Str = utf8.decode(str);
const words = [];
for (let i = 0; i < byteArray.length; i++) {
words[i >>> 2] |= byteArray[i] << (24 - (i % 4) * 8);
}
let wordArray = new CryptoJS.lib.WordArray.init(words, byteArray.length),
str = CryptoJS.enc.Utf8.stringify(wordArray);
if (str.length !== wordArray.sigBytes) { if (str.length !== utf8Str.length) {
if (ENVIRONMENT_IS_WORKER()) { if (ENVIRONMENT_IS_WORKER()) {
self.setOption("attemptHighlight", false); self.setOption("attemptHighlight", false);
} else if (ENVIRONMENT_IS_WEB()) { } else if (ENVIRONMENT_IS_WEB()) {
window.app.options.attemptHighlight = false; window.app.options.attemptHighlight = false;
} }
} }
return str; return utf8Str;
} catch (err) { } catch (err) {
// If it fails, treat it as ANSI // If it fails, treat it as ANSI
return Utils.byteArrayToChars(byteArray); return str;
} }
}, },
@ -490,30 +511,6 @@ const Utils = {
}, },
/**
* Converts a CryptoJS.lib.WordArray to a byteArray.
*
* @param {CryptoJS.lib.WordArray} wordArray
* @returns {byteArray}
*
* @example
* // returns [84, 101, 115, 116]
* Utils.wordArrayToByteArray(CryptoJS.enc.Hex.parse("54657374"));
*/
wordArrayToByteArray: function(wordArray) {
if (wordArray.sigBytes <= 0) return [];
let words = wordArray.words,
byteArray = [];
for (let i = 0; i < wordArray.sigBytes; i++) {
byteArray.push((words[i >>> 2] >>> (24 - (i % 4) * 8)) & 0xff);
}
return byteArray;
},
/** /**
* Base64's the input byte array using the given alphabet, returning a string. * Base64's the input byte array using the given alphabet, returning a string.
* *
@ -1248,21 +1245,6 @@ const Utils = {
"None": /\s+/g // Included here to remove whitespace when there shouldn't be any "None": /\s+/g // Included here to remove whitespace when there shouldn't be any
}, },
/**
* A mapping of string formats to their classes in the CryptoJS library.
* @constant
*/
format: {
"Hex": CryptoJS.enc.Hex,
"Base64": CryptoJS.enc.Base64,
"UTF8": CryptoJS.enc.Utf8,
"UTF16": CryptoJS.enc.Utf16,
"UTF16LE": CryptoJS.enc.Utf16LE,
"UTF16BE": CryptoJS.enc.Utf16BE,
"Latin1": CryptoJS.enc.Latin1,
},
}; };
export default Utils; export default Utils;
@ -1374,31 +1356,3 @@ Array.prototype.equals = function(other) {
String.prototype.count = function(chr) { String.prototype.count = function(chr) {
return this.split(chr).length - 1; return this.split(chr).length - 1;
}; };
////////////////////////////////////////////////////////////////////////////////////////////////////
// Library overrides ///////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////////////////////////
/**
* Override for the CryptoJS Hex encoding parser to remove whitespace before attempting to parse
* the hex string.
*
* @param {string} hexStr
* @returns {CryptoJS.lib.WordArray}
*/
CryptoJS.enc.Hex.parse = function (hexStr) {
// Remove whitespace
hexStr = hexStr.replace(/\s/g, "");
// Shortcut
const hexStrLength = hexStr.length;
// Convert
const words = [];
for (let i = 0; i < hexStrLength; i += 2) {
words[i >>> 3] |= parseInt(hexStr.substr(i, 2), 16) << (24 - (i % 8) * 4);
}
return new CryptoJS.lib.WordArray.init(words, hexStrLength / 2);
};

1
src/core/config/modules/Default.js
View file

@ -37,7 +37,6 @@ import UUID from "../../operations/UUID.js";
* *
* Libraries: * Libraries:
* - Utils.js * - Utils.js
* - CryptoJS
* - otp * - otp
* *
* @author n1474335 [n1474335@gmail.com] * @author n1474335 [n1474335@gmail.com]

18
src/core/operations/BitwiseOp.js
View file

@ -67,7 +67,7 @@ const BitwiseOp = {
* @constant * @constant
* @default * @default
*/ */
KEY_FORMAT: ["Hex", "Base64", "UTF8", "UTF16", "UTF16LE", "UTF16BE", "Latin1"], KEY_FORMAT: ["Hex", "Base64", "UTF8", "Latin1"],
/** /**
* XOR operation. * XOR operation.
@ -77,12 +77,10 @@ const BitwiseOp = {
* @returns {byteArray} * @returns {byteArray}
*/ */
runXor: function (input, args) { runXor: function (input, args) {
let key = Utils.format[args[0].option].parse(args[0].string || ""), const key = Utils.convertToByteArray(args[0].string || "", args[0].option),
scheme = args[1], scheme = args[1],
nullPreserving = args[2]; nullPreserving = args[2];
key = Utils.wordArrayToByteArray(key);
return BitwiseOp._bitOp(input, key, BitwiseOp._xor, nullPreserving, scheme); return BitwiseOp._bitOp(input, key, BitwiseOp._xor, nullPreserving, scheme);
}, },
@ -200,8 +198,7 @@ const BitwiseOp = {
* @returns {byteArray} * @returns {byteArray}
*/ */
runAnd: function (input, args) { runAnd: function (input, args) {
let key = Utils.format[args[0].option].parse(args[0].string || ""); const key = Utils.convertToByteArray(args[0].string || "", args[0].option);
key = Utils.wordArrayToByteArray(key);
return BitwiseOp._bitOp(input, key, BitwiseOp._and); return BitwiseOp._bitOp(input, key, BitwiseOp._and);
}, },
@ -215,8 +212,7 @@ const BitwiseOp = {
* @returns {byteArray} * @returns {byteArray}
*/ */
runOr: function (input, args) { runOr: function (input, args) {
let key = Utils.format[args[0].option].parse(args[0].string || ""); const key = Utils.convertToByteArray(args[0].string || "", args[0].option);
key = Utils.wordArrayToByteArray(key);
return BitwiseOp._bitOp(input, key, BitwiseOp._or); return BitwiseOp._bitOp(input, key, BitwiseOp._or);
}, },
@ -230,8 +226,7 @@ const BitwiseOp = {
* @returns {byteArray} * @returns {byteArray}
*/ */
runAdd: function (input, args) { runAdd: function (input, args) {
let key = Utils.format[args[0].option].parse(args[0].string || ""); const key = Utils.convertToByteArray(args[0].string || "", args[0].option);
key = Utils.wordArrayToByteArray(key);
return BitwiseOp._bitOp(input, key, BitwiseOp._add); return BitwiseOp._bitOp(input, key, BitwiseOp._add);
}, },
@ -245,8 +240,7 @@ const BitwiseOp = {
* @returns {byteArray} * @returns {byteArray}
*/ */
runSub: function (input, args) { runSub: function (input, args) {
let key = Utils.format[args[0].option].parse(args[0].string || ""); const key = Utils.convertToByteArray(args[0].string || "", args[0].option);
key = Utils.wordArrayToByteArray(key);
return BitwiseOp._bitOp(input, key, BitwiseOp._sub); return BitwiseOp._bitOp(input, key, BitwiseOp._sub);
}, },

95
src/core/operations/Cipher.js
View file

@ -61,9 +61,9 @@ const Cipher = {
* @returns {string} * @returns {string}
*/ */
_enc: function (algo, input, args) { _enc: function (algo, input, args) {
let key = Utils.format[args[0].option].parse(args[0].string || ""), let key = Cipher._format[args[0].option].parse(args[0].string || ""),
iv = Utils.format[args[1].option].parse(args[1].string || ""), iv = Cipher._format[args[1].option].parse(args[1].string || ""),
salt = Utils.format[args[2].option].parse(args[2].string || ""), salt = Cipher._format[args[2].option].parse(args[2].string || ""),
mode = CryptoJS.mode[args[3]], mode = CryptoJS.mode[args[3]],
padding = CryptoJS.pad[args[4]], padding = CryptoJS.pad[args[4]],
resultOption = args[5].toLowerCase(), resultOption = args[5].toLowerCase(),
@ -83,12 +83,12 @@ const Cipher = {
let result = ""; let result = "";
if (resultOption === "show all") { if (resultOption === "show all") {
result += "Key: " + encrypted.key.toString(Utils.format[outputFormat]); result += "Key: " + encrypted.key.toString(Cipher._format[outputFormat]);
result += "\nIV: " + encrypted.iv.toString(Utils.format[outputFormat]); result += "\nIV: " + encrypted.iv.toString(Cipher._format[outputFormat]);
if (encrypted.salt) result += "\nSalt: " + encrypted.salt.toString(Utils.format[outputFormat]); if (encrypted.salt) result += "\nSalt: " + encrypted.salt.toString(Cipher._format[outputFormat]);
result += "\n\nCiphertext: " + encrypted.ciphertext.toString(Utils.format[outputFormat]); result += "\n\nCiphertext: " + encrypted.ciphertext.toString(Cipher._format[outputFormat]);
} else { } else {
result = encrypted[resultOption].toString(Utils.format[outputFormat]); result = encrypted[resultOption].toString(Cipher._format[outputFormat]);
} }
return result; return result;
@ -105,9 +105,9 @@ const Cipher = {
* @returns {string} * @returns {string}
*/ */
_dec: function (algo, input, args) { _dec: function (algo, input, args) {
let key = Utils.format[args[0].option].parse(args[0].string || ""), let key = Cipher._format[args[0].option].parse(args[0].string || ""),
iv = Utils.format[args[1].option].parse(args[1].string || ""), iv = Cipher._format[args[1].option].parse(args[1].string || ""),
salt = Utils.format[args[2].option].parse(args[2].string || ""), salt = Cipher._format[args[2].option].parse(args[2].string || ""),
mode = CryptoJS.mode[args[3]], mode = CryptoJS.mode[args[3]],
padding = CryptoJS.pad[args[4]], padding = CryptoJS.pad[args[4]],
inputFormat = args[5], inputFormat = args[5],
@ -118,7 +118,7 @@ const Cipher = {
return "No input"; return "No input";
} }
const ciphertext = Utils.format[inputFormat].parse(input); const ciphertext = Cipher._format[inputFormat].parse(input);
if (iv.sigBytes === 0) { if (iv.sigBytes === 0) {
// Use passphrase rather than key. Need to convert it to a string. // Use passphrase rather than key. Need to convert it to a string.
@ -136,7 +136,7 @@ const Cipher = {
let result; let result;
try { try {
result = decrypted.toString(Utils.format[outputFormat]); result = decrypted.toString(Cipher._format[outputFormat]);
} catch (err) { } catch (err) {
result = "Decrypt error: " + err.message; result = "Decrypt error: " + err.message;
} }
@ -260,7 +260,7 @@ const Cipher = {
* @returns {string} * @returns {string}
*/ */
runBlowfishEnc: function (input, args) { runBlowfishEnc: function (input, args) {
let key = Utils.format[args[0].option].parse(args[0].string).toString(Utils.format.Latin1), let key = Cipher._format[args[0].option].parse(args[0].string).toString(Cipher._format.Latin1),
mode = args[1], mode = args[1],
outputFormat = args[2]; outputFormat = args[2];
@ -272,7 +272,7 @@ const Cipher = {
}), }),
enc = CryptoJS.enc.Hex.parse(encHex); enc = CryptoJS.enc.Hex.parse(encHex);
return enc.toString(Utils.format[outputFormat]); return enc.toString(Cipher._format[outputFormat]);
}, },
@ -284,13 +284,13 @@ const Cipher = {
* @returns {string} * @returns {string}
*/ */
runBlowfishDec: function (input, args) { runBlowfishDec: function (input, args) {
let key = Utils.format[args[0].option].parse(args[0].string).toString(Utils.format.Latin1), let key = Cipher._format[args[0].option].parse(args[0].string).toString(Cipher._format.Latin1),
mode = args[1], mode = args[1],
inputFormat = args[2]; inputFormat = args[2];
if (key.length === 0) return "Enter a key"; if (key.length === 0) return "Enter a key";
input = Utils.format[inputFormat].parse(input); input = Cipher._format[inputFormat].parse(input);
return Blowfish.decrypt(input.toString(CryptoJS.enc.Base64), key, { return Blowfish.decrypt(input.toString(CryptoJS.enc.Base64), key, {
outputType: 0, // This actually means inputType. The library is weird. outputType: 0, // This actually means inputType. The library is weird.
@ -329,14 +329,14 @@ const Cipher = {
salt = CryptoJS.enc.Hex.parse(args[3] || ""), salt = CryptoJS.enc.Hex.parse(args[3] || ""),
inputFormat = args[4], inputFormat = args[4],
outputFormat = args[5], outputFormat = args[5],
passphrase = Utils.format[inputFormat].parse(input), passphrase = Cipher._format[inputFormat].parse(input),
key = CryptoJS.PBKDF2(passphrase, salt, { key = CryptoJS.PBKDF2(passphrase, salt, {
keySize: keySize, keySize: keySize,
hasher: CryptoJS.algo[hasher], hasher: CryptoJS.algo[hasher],
iterations: iterations, iterations: iterations,
}); });
return key.toString(Utils.format[outputFormat]); return key.toString(Cipher._format[outputFormat]);
}, },
@ -354,14 +354,14 @@ const Cipher = {
salt = CryptoJS.enc.Hex.parse(args[3] || ""), salt = CryptoJS.enc.Hex.parse(args[3] || ""),
inputFormat = args[4], inputFormat = args[4],
outputFormat = args[5], outputFormat = args[5],
passphrase = Utils.format[inputFormat].parse(input), passphrase = Cipher._format[inputFormat].parse(input),
key = CryptoJS.EvpKDF(passphrase, salt, { key = CryptoJS.EvpKDF(passphrase, salt, {
keySize: keySize, keySize: keySize,
hasher: CryptoJS.algo[hasher], hasher: CryptoJS.algo[hasher],
iterations: iterations, iterations: iterations,
}); });
return key.toString(Utils.format[outputFormat]); return key.toString(Cipher._format[outputFormat]);
}, },
@ -373,11 +373,11 @@ const Cipher = {
* @returns {string} * @returns {string}
*/ */
runRc4: function (input, args) { runRc4: function (input, args) {
let message = Utils.format[args[1]].parse(input), let message = Cipher._format[args[1]].parse(input),
passphrase = Utils.format[args[0].option].parse(args[0].string), passphrase = Cipher._format[args[0].option].parse(args[0].string),
encrypted = CryptoJS.RC4.encrypt(message, passphrase); encrypted = CryptoJS.RC4.encrypt(message, passphrase);
return encrypted.ciphertext.toString(Utils.format[args[2]]); return encrypted.ciphertext.toString(Cipher._format[args[2]]);
}, },
@ -395,12 +395,12 @@ const Cipher = {
* @returns {string} * @returns {string}
*/ */
runRc4drop: function (input, args) { runRc4drop: function (input, args) {
let message = Utils.format[args[1]].parse(input), let message = Cipher._format[args[1]].parse(input),
passphrase = Utils.format[args[0].option].parse(args[0].string), passphrase = Cipher._format[args[0].option].parse(args[0].string),
drop = args[3], drop = args[3],
encrypted = CryptoJS.RC4Drop.encrypt(message, passphrase, { drop: drop }); encrypted = CryptoJS.RC4Drop.encrypt(message, passphrase, { drop: drop });
return encrypted.ciphertext.toString(Utils.format[args[2]]); return encrypted.ciphertext.toString(Cipher._format[args[2]]);
}, },
@ -783,6 +783,23 @@ const Cipher = {
return output; return output;
}, },
/**
* A mapping of string formats to their classes in the CryptoJS library.
*
* @private
* @constant
*/
_format: {
"Hex": CryptoJS.enc.Hex,
"Base64": CryptoJS.enc.Base64,
"UTF8": CryptoJS.enc.Utf8,
"UTF16": CryptoJS.enc.Utf16,
"UTF16LE": CryptoJS.enc.Utf16LE,
"UTF16BE": CryptoJS.enc.Utf16BE,
"Latin1": CryptoJS.enc.Latin1,
},
}; };
export default Cipher; export default Cipher;
@ -827,3 +844,27 @@ CryptoJS.kdf.OpenSSL.execute = function (password, keySize, ivSize, salt) {
// Return params // Return params
return CryptoJS.lib.CipherParams.create({ key: key, iv: iv, salt: salt }); return CryptoJS.lib.CipherParams.create({ key: key, iv: iv, salt: salt });
}; };
/**
* Override for the CryptoJS Hex encoding parser to remove whitespace before attempting to parse
* the hex string.
*
* @param {string} hexStr
* @returns {CryptoJS.lib.WordArray}
*/
CryptoJS.enc.Hex.parse = function (hexStr) {
// Remove whitespace
hexStr = hexStr.replace(/\s/g, "");
// Shortcut
const hexStrLength = hexStr.length;
// Convert
const words = [];
for (let i = 0; i < hexStrLength; i += 2) {
words[i >>> 3] |= parseInt(hexStr.substr(i, 2), 16) << (24 - (i % 8) * 4);
}
return new CryptoJS.lib.WordArray.init(words, hexStrLength / 2);
};

2
src/web/HighlighterWaiter.js
View file

@ -402,7 +402,7 @@ HighlighterWaiter.prototype.highlight = function(textarea, highlighter, pos) {
// Check if there is a carriage return in the output dish as this will not // Check if there is a carriage return in the output dish as this will not
// be displayed by the HTML textarea and will mess up highlighting offsets. // be displayed by the HTML textarea and will mess up highlighting offsets.
if (!this.app.dishStr || this.app.dishStr.indexOf("\r") >= 0) return false; if (this.manager.output.containsCR()) return false;
const startPlaceholder = "[startHighlight]"; const startPlaceholder = "[startHighlight]";
const startPlaceholderRegex = /\[startHighlight\]/g; const startPlaceholderRegex = /\[startHighlight\]/g;

10
src/web/OutputWaiter.js
View file

@ -282,4 +282,14 @@ OutputWaiter.prototype.setStatusMsg = function(msg) {
el.textContent = msg; el.textContent = msg;
}; };
/**
* Returns true if the output contains carriage returns
*
* @returns {boolean}
*/
OutputWaiter.prototype.containsCR = function() {
return this.app.dishStr.indexOf("\r") >= 0;
};
export default OutputWaiter; export default OutputWaiter;