Converted RC4, RC4Drop and Derive EVP

2025-04-23 08:16:17 -04:00 · 2018-05-14 18:30:52 +01:00 · 2018-05-14 18:30:52 +01:00 · 24e4e268dc
commit 24e4e268dc
parent 4008dbf38a
5 changed files with 345 additions and 155 deletions
--- a/src/core/operations/legacy/Cipher.js
+++ b/src/core/operations/legacy/Cipher.js
@ -444,80 +444,6 @@ DES uses a key length of 8 bytes (64 bits).`;
    },


-    /**
-     * Derive EVP key operation.
-     *
-     * @param {string} input
-     * @param {Object[]} args
-     * @returns {string}
-     */
-    runEvpkdf: function (input, args) {
-        const passphrase = Utils.convertToByteString(args[0].string, args[0].option),
-            keySize = args[1] / 32,
-            iterations = args[2],
-            hasher = args[3],
-            salt = Utils.convertToByteString(args[4].string, args[4].option),
-            key = CryptoJS.EvpKDF(passphrase, salt, {
-                keySize: keySize,
-                hasher: CryptoJS.algo[hasher],
-                iterations: iterations,
-            });
-
-        return key.toString(CryptoJS.enc.Hex);
-    },
-
-
-    /**
-     * @constant
-     * @default
-     */
-    RC4_KEY_FORMAT: ["UTF8", "UTF16", "UTF16LE", "UTF16BE", "Latin1", "Hex", "Base64"],
-    /**
-     * @constant
-     * @default
-     */
-    CJS_IO_FORMAT: ["Latin1", "UTF8", "UTF16", "UTF16LE", "UTF16BE", "Hex", "Base64"],
-
-
-    /**
-     * RC4 operation.
-     *
-     * @param {string} input
-     * @param {Object[]} args
-     * @returns {string}
-     */
-    runRc4: function (input, args) {
-        let message = Cipher._format[args[1]].parse(input),
-            passphrase = Cipher._format[args[0].option].parse(args[0].string),
-            encrypted = CryptoJS.RC4.encrypt(message, passphrase);
-
-        return encrypted.ciphertext.toString(Cipher._format[args[2]]);
-    },
-
-
-    /**
-     * @constant
-     * @default
-     */
-    RC4DROP_BYTES: 768,
-
-    /**
-     * RC4 Drop operation.
-     *
-     * @param {string} input
-     * @param {Object[]} args
-     * @returns {string}
-     */
-    runRc4drop: function (input, args) {
-        let message = Cipher._format[args[1]].parse(input),
-            passphrase = Cipher._format[args[0].option].parse(args[0].string),
-            drop = args[3],
-            encrypted = CryptoJS.RC4Drop.encrypt(message, passphrase, { drop: drop });
-
-        return encrypted.ciphertext.toString(Cipher._format[args[2]]);
-    },
-
-
    /**
     * @constant
     * @default
@ -568,87 +494,6 @@ DES uses a key length of 8 bytes (64 bits).`;
        }
    },

-    /**
-     * A mapping of string formats to their classes in the CryptoJS library.
-     *
-     * @private
-     * @constant
-     */
-    _format: {
-        "Hex":     CryptoJS.enc.Hex,
-        "Base64":  CryptoJS.enc.Base64,
-        "UTF8":    CryptoJS.enc.Utf8,
-        "UTF16":   CryptoJS.enc.Utf16,
-        "UTF16LE": CryptoJS.enc.Utf16LE,
-        "UTF16BE": CryptoJS.enc.Utf16BE,
-        "Latin1":  CryptoJS.enc.Latin1,
-    },
-
 };

 export default Cipher;
-
-
-/**
- * Overwriting the CryptoJS OpenSSL key derivation function so that it is possible to not pass a
- * salt in.
-
- * @param {string} password - The password to derive from.
- * @param {number} keySize - The size in words of the key to generate.
- * @param {number} ivSize - The size in words of the IV to generate.
- * @param {WordArray|string} salt (Optional) A 64-bit salt to use. If omitted, a salt will be
- *                 generated randomly. If set to false, no salt will be added.
- *
- * @returns {CipherParams} A cipher params object with the key, IV, and salt.
- *
- * @static
- *
- * @example
- * // Randomly generates a salt
- * var derivedParams = CryptoJS.kdf.OpenSSL.execute('Password', 256/32, 128/32);
- * // Uses the salt 'saltsalt'
- * var derivedParams = CryptoJS.kdf.OpenSSL.execute('Password', 256/32, 128/32, 'saltsalt');
- * // Does not use a salt
- * var derivedParams = CryptoJS.kdf.OpenSSL.execute('Password', 256/32, 128/32, false);
- */
-CryptoJS.kdf.OpenSSL.execute = function (password, keySize, ivSize, salt) {
-    // Generate random salt if no salt specified and not set to false
-    // This line changed from `if (!salt) {` to the following
-    if (salt === undefined || salt === null) {
-        salt = CryptoJS.lib.WordArray.random(64/8);
-    }
-
-    // Derive key and IV
-    const key = CryptoJS.algo.EvpKDF.create({ keySize: keySize + ivSize }).compute(password, salt);
-
-    // Separate key and IV
-    const iv = CryptoJS.lib.WordArray.create(key.words.slice(keySize), ivSize * 4);
-    key.sigBytes = keySize * 4;
-
-    // Return params
-    return CryptoJS.lib.CipherParams.create({ key: key, iv: iv, salt: salt });
-};
-
-
-/**
- * Override for the CryptoJS Hex encoding parser to remove whitespace before attempting to parse
- * the hex string.
- *
- * @param {string} hexStr
- * @returns {CryptoJS.lib.WordArray}
- */
-CryptoJS.enc.Hex.parse = function (hexStr) {
-    // Remove whitespace
-    hexStr = hexStr.replace(/\s/g, "");
-
-    // Shortcut
-    const hexStrLength = hexStr.length;
-
-    // Convert
-    const words = [];
-    for (let i = 0; i < hexStrLength; i += 2) {
-        words[i >>> 3] |= parseInt(hexStr.substr(i, 2), 16) << (24 - (i % 8) * 4);
-    }
-
-    return new CryptoJS.lib.WordArray.init(words, hexStrLength / 2);
-};