Converted RC4, RC4Drop and Derive EVP

2025-04-21 07:16:17 -04:00 · 2018-05-14 18:30:52 +01:00 · 2018-05-14 18:30:52 +01:00 · 24e4e268dc
commit 24e4e268dc
parent 4008dbf38a
5 changed files with 345 additions and 155 deletions
--- a/src/core/operations/RC4Drop.mjs
+++ b/src/core/operations/RC4Drop.mjs
@ -0,0 +1,94 @@
+/**
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2016
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation";
+import { format } from "../lib/Ciphers";
+import CryptoJS from "crypto-js";
+
+/**
+ * RC4 Drop operation
+ */
+class RC4Drop extends Operation {
+
+    /**
+     * RC4Drop constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "RC4 Drop";
+        this.module = "Ciphers";
+        this.description = "It was discovered that the first few bytes of the RC4 keystream are strongly non-random and leak information about the key. We can defend against this attack by discarding the initial portion of the keystream. This modified algorithm is traditionally called RC4-drop.";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                "name": "Passphrase",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["UTF8", "UTF16", "UTF16LE", "UTF16BE", "Latin1", "Hex", "Base64"]
+            },
+            {
+                "name": "Input format",
+                "type": "option",
+                "value": ["Latin1", "UTF8", "UTF16", "UTF16LE", "UTF16BE", "Hex", "Base64"]
+            },
+            {
+                "name": "Output format",
+                "type": "option",
+                "value": ["Latin1", "UTF8", "UTF16", "UTF16LE", "UTF16BE", "Hex", "Base64"]
+            },
+            {
+                "name": "Number of bytes to drop",
+                "type": "number",
+                "value": 768
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const message = format[args[1]].parse(input),
+            passphrase = format[args[0].option].parse(args[0].string),
+            drop = args[3],
+            encrypted = CryptoJS.RC4Drop.encrypt(message, passphrase, { drop: drop });
+
+        return encrypted.ciphertext.toString(format[args[2]]);
+    }
+
+    /**
+     * Highlight RC4 Drop
+     *
+     * @param {Object[]} pos
+     * @param {number} pos[].start
+     * @param {number} pos[].end
+     * @param {Object[]} args
+     * @returns {Object[]} pos
+     */
+    highlight(pos, args) {
+        return pos;
+    }
+
+    /**
+     * Highlight RC4 Drop in reverse
+     *
+     * @param {Object[]} pos
+     * @param {number} pos[].start
+     * @param {number} pos[].end
+     * @param {Object[]} args
+     * @returns {Object[]} pos
+     */
+    highlightReverse(pos, args) {
+        return pos;
+    }
+
+}
+
+export default RC4Drop;