mirrors/CyberChef
1
0
Fork 0
mirror of https://github.com/gchq/CyberChef.git synced 2025-04-20 14:56:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Initial migration to library; add decryption operation

Browse source
This commit is contained in:
Dan Flack 2024-09-20 19:17:00 +02:00
parent 99ba6b487c
commit 54cfb17145
4 changed files with 306 additions and 169 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/core/config/Categories.json
View file

@ -190,7 +190,8 @@
"Parse CSR", "Parse CSR",
"Public Key from Certificate", "Public Key from Certificate",
"Public Key from Private Key", "Public Key from Private Key",
"SM2 Encrypt" "SM2 Encrypt",
"SM2 Decrypt"
] ]
}, },
{ {

232
src/core/lib/SM2.mjs Normal file
View file

@ -0,0 +1,232 @@
/**
* Utilities and operations utilized for SM2 encryption and decryption
* @author flakjacket95 [dflack95@gmail.com]
* @copyright Crown Copyright 2024
* @license Apache-2.0
*/
import { fromHex } from "../lib/Hex.mjs";
import Utils from "../Utils.mjs";
import Sm3 from "crypto-api/src/hasher/sm3.mjs";
import {toHex} from "crypto-api/src/encoder/hex.mjs";
import r from "jsrsasign";
export class SM2 {
constructor(curve, format) {
this.ecParams = null;
this.rng = new r.SecureRandom();
/*
For any additional curve definitions utilized by SM2, add another block like the below for that curve, then add the curve name to the Curve selection dropdown
*/
r.crypto.ECParameterDB.regist(
'sm2p256v1', // name / p = 2**256 - 2**224 - 2**96 + 2**64 - 1
256,
'FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF', // p
'FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC', // a
'28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93', // b
'FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123', // n
'1', // h
'32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7', // gx
'BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0', // gy
[]
) // alias
this.ecParams = r.crypto.ECParameterDB.getByName(curve);
this.format = format;
}
/**
* Set the public key coordinates for the SM2 class
*
* @param {string} publicKeyX
* @param {string} publicKeyY
*/
setPublicKey(publicKeyX, publicKeyY) {
console.log('Set public key')
/*
* TODO: This needs some additional length validation; and checking for errors in the decoding process
* TODO: Can probably support other public key encoding methods here as well in the future
*/
this.publicKey = this.ecParams.curve.decodePointHex("04" + publicKeyX + publicKeyY);
if (this.publicKey.isInfinity()) {
throw new OperationError("Invalid Public Key");
}
}
/**
* Set the private key value for the SM2 class
*
* @param {string} privateKey
*/
setPrivateKey(privateKey) {
this.privateKey = null; //Somehow take hex input and translate back to a BigInteger???
}
/**
* Main encryption function; takes user input, processes encryption and returns the result in hex (with the components arranged as configured by the user args)
*
* @param {*} input
* @returns {string}
*/
encrypt(input) {
const G = this.ecParams.G
/*
* Compute a new, random public key along the same elliptic curve to form the starting point for our encryption process (record the resulting X and Y as hex to provide as part of the operation output)
* k: Randomly generated BigInteger
* c1: Result of dotting our curve generator point `G` with the value of `k`
*/
var k = this.generatePublicKey();
var c1 = G.multiply(k);
const [hexC1X, hexC1Y] = this.getPointAsHex(c1);
/*
* Compute p2 (secret) using the public key, and the chosen k value above
*/
const p2 = this.publicKey.multiply(k);
/*
* Compute the C3 SM3 hash before we transform the array
*/
var c3 = this.c3(p2, input);
/*
* Genreate a proper length encryption key, XOR iteratively, and convert newly encrypted data to hex
*/
var key = this.kdf(p2, input.byteLength);
for (let i = 0; i < input.byteLength; i++) {
input[i] ^= Utils.ord(key[i]);
}
var c2 = Buffer.from(input).toString('hex');
/*
* Check user input specs; order the output components as selected
*/
if (this.format == "C1C3C2") {
return hexC1X + hexC1Y + c3 + c2;
} else {
return hexC1X + hexC1Y + c2 + c3;
}
}
/**
* Function to decrypt an SM2 encrypted message
*
* @param {*} input
*/
decrypt(input) {
/*
*
*/
var c1 = this.ecParams.curve.decodePointHex("04" + publicKeyX + publicKeyY);
/*
* Compute the p2 (secret) value by taking the C1 point provided in the encrypted package, and multiplying by the private k value
*/
var p2 = c1.multiply(this.privateKey);
/*
* Similar to encryption; compute sufficient length key material and XOR the input data to recover the original message
*/
var key = this.kdf(p2, input.byteLength);
for (let i = 0; i < input.byteLength; i++) {
input[i] ^= Utils.ord(key[i]);
}
console.log(input)
//var dec = Buffer.from(input).toString('hex');
}
/**
* Generates a large random number
*
* @param {*} limit
* @returns
*/
getBigRandom(limit) {
return new r.BigInteger(limit.bitLength(), this.rng)
.mod(limit.subtract(r.BigInteger.ONE))
.add(r.BigInteger.ONE);
}
/**
* Helper function for generating a large random K number; utilized for generating our initial C1 point
* TODO: Do we need to do any sort of validation on the resulting k values?
*
* @returns {BigInteger}
*/
generatePublicKey() {
const n = this.ecParams.n;
var k = this.getBigRandom(n);
return k;
}
/**
* SM2 Key Derivation Function (KDF); Takes P2 point, and generates a key material stream large enough to encrypt all of the input data
*
* @param {*} p2
* @param {*} len
* @returns {string}
*/
kdf(p2, len) {
const [hX, hY] = this.getPointAsHex(p2);
var total = Math.ceil(len / 32) + 1;
var cnt = 1;
var keyMaterial = ""
while (cnt < total) {
var num = Utils.intToByteArray(cnt, 4, "big");
var overall = fromHex(hX).concat(fromHex(hY)).concat(num)
keyMaterial += this.sm3(overall);
cnt++;
}
return keyMaterial
}
/**
* Calculates the C3 component of our final encrypted payload; which is the SM3 hash of the P2 point and the original, unencrypted input data
*
* @param {*} p2
* @param {*} input
* @returns {string}
*/
c3(p2, input) {
const [hX, hY] = this.getPointAsHex(p2);
var overall = fromHex(hX).concat(Array.from(input)).concat(fromHex(hY));
return toHex(this.sm3(overall));
}
/**
* SM3 setup helper function; takes input data as an array, processes the hash and returns the result
*
* @param {*} data
* @returns {string}
*/
sm3(data) {
var hashData = Utils.arrayBufferToStr(Uint8Array.from(data).buffer, false);
const hasher = new Sm3();
hasher.update(hashData);
return hasher.finalize();
}
/**
* Utility function, returns an elliptic curve points X and Y values as hex;
*
* @param {EcPointFp} point
* @returns {[]}
*/
getPointAsHex(point) {
var biX = point.getX().toBigInteger();
var biY = point.getY().toBigInteger();
var charlen = this.ecParams.keycharlen;
var hX = ("0000000000" + biX.toString(16)).slice(- charlen);
var hY = ("0000000000" + biY.toString(16)).slice(- charlen);
return [hX, hY]
}
}

65
src/core/operations/SM2Decrypt.mjs Normal file
View file

@ -0,0 +1,65 @@
/**
* @author flakjacket95 [dflack95@gmail.com]
* @copyright Crown Copyright 2024
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import OperationError from "../errors/OperationError.mjs";
import { SM2 } from "../lib/SM2.mjs";
/**
* SM2Decrypt operation
*/
class SM2Decrypt extends Operation {
/**
* SM2Decrypt constructor
*/
constructor() {
super();
this.name = "SM2 Decrypt";
this.module = "Crypto";
this.description = "Decrypts a message utilizing the SM2 standard";
this.infoURL = ""; // Usually a Wikipedia link. Remember to remove localisation (i.e. https://wikipedia.org/etc rather than https://en.wikipedia.org/etc)
this.inputType = "string";
this.outputType = "ArrayBuffer";
this.args = [
{
name: "Private Key",
type: "string",
value: "DEADBEEF"
},
{
"name": "Input Format",
"type": "option",
"value": ["C1C3C2", "C1C2C3"]
},
{
name: "Curve",
type: "option",
"value": ["sm2p256v1"]
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {ArrayBuffer}
*/
run(input, args) {
const [privateKey, inputFormat, curveName] = args;
var sm2 = new SM2(curveName, inputFormat);
sm2.setPrivateKey(privateKey);
var result = sm2.decrypt(new Uint8Array(input))
return result
}
}
export default SM2Decrypt;

175
src/core/operations/SM2Encrypt.mjs
View file

@ -6,12 +6,13 @@
import Operation from "../Operation.mjs"; import Operation from "../Operation.mjs";
import OperationError from "../errors/OperationError.mjs"; import OperationError from "../errors/OperationError.mjs";
import { SM2 } from "../lib/SM2.mjs";
import { fromHex } from "../lib/Hex.mjs"; import { fromHex } from "../lib/Hex.mjs";
import { toBase64 } from "../lib/Base64.mjs";
import Utils from "../Utils.mjs"; import Utils from "../Utils.mjs";
import Sm3 from "crypto-api/src/hasher/sm3.mjs"; import Sm3 from "crypto-api/src/hasher/sm3.mjs";
import {toHex} from "crypto-api/src/encoder/hex.mjs"; import {toHex} from "crypto-api/src/encoder/hex.mjs";
//import { ECCurveFp } from "jsrsasign";
import r from "jsrsasign"; import r from "jsrsasign";
/** /**
@ -54,23 +55,6 @@ class SM2Encrypt extends Operation {
"value": ["sm2p256v1"] "value": ["sm2p256v1"]
} }
]; ];
this.ecParams = null;
this.rng = new r.SecureRandom();
/*
For any additional curve definitions utilized by SM2, add another block like the below for that curve, then add the curve name to the Curve selection dropdown
*/
r.crypto.ECParameterDB.regist(
'sm2p256v1', // name / p = 2**256 - 2**224 - 2**96 + 2**64 - 1
256,
'FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF', // p
'FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC', // a
'28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93', // b
'FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123', // n
'1', // h
'32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7', // gx
'BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0', // gy
[]
) // alias
} }
/** /**
@ -79,20 +63,13 @@ class SM2Encrypt extends Operation {
* @returns {byteArray} * @returns {byteArray}
*/ */
run(input, args) { run(input, args) {
const [privateKeyX, privateKeyY, outputFormat, curveName] = args; const [publicKeyX, publicKeyY, outputFormat, curveName] = args;
this.outputFormat = outputFormat; this.outputFormat = outputFormat;
this.ecParams = r.crypto.ECParameterDB.getByName(curveName);
/*
* TODO: This needs some additional length validation; and checking for errors in the decoding process
* TODO: Can probably support other public key encoding methods here as well in the future
*/
this.publicKey = this.ecParams.curve.decodePointHex("04" + privateKeyX + privateKeyY);
if (this.publicKey.isInfinity()) { var sm2 = new SM2(curveName, outputFormat);
throw new OperationError("Invalid Public Key"); sm2.setPublicKey(publicKeyX, publicKeyY);
}
var result = this.encrypt(new Uint8Array(input)) var result = sm2.encrypt(new Uint8Array(input))
return result return result
} }
@ -116,144 +93,6 @@ class SM2Encrypt extends Operation {
pos[0].end = Math.floor(pos[0].end + adjust + num); pos[0].end = Math.floor(pos[0].end + adjust + num);
return pos; return pos;
} }
/**
* Main encryption function; takes user input, processes encryption and returns the result in hex (with the components arranged as configured by the user args)
*
* @param {*} input
* @returns {string}
*/
encrypt(input) {
const G = this.ecParams.G
/*
* Compute a new, random public key along the same elliptic curve to form the starting point for our encryption process (record the resulting X and Y as hex to provide as part of the operation output)
* k: Randomly generated BigInteger
* c1: Result of dotting our curve generator point `G` with the value of `k`
*/
var k = this.generatePublicKey();
var c1 = G.multiply(k);
const [hexC1X, hexC1Y] = this.getPointAsHex(c1);
const p2 = this.publicKey.multiply(k);
/*
* Compute the C3 SM3 hash before we transform the array
*/
var c3 = this.c3(p2, input);
/*
* Genreate a proper length encryption key, XOR iteratively, and convert newly encrypted data to hex
*/
var key = this.kdf(p2, input.byteLength);
for (let i = 0; i < input.byteLength; i++) {
input[i] ^= Utils.ord(key[i]);
}
var c2 = Buffer.from(input).toString('hex');
/*
* Check user input specs; order the output components as selected
*/
if (this.outputFormat == "C1C3C2") {
return hexC1X + hexC1Y + c3 + c2;
} else {
return hexC1X + hexC1Y + c2 + c3;
}
}
/**
* Generates a large random number
*
* @param {*} limit
* @returns
*/
getBigRandom(limit) {
return new r.BigInteger(limit.bitLength(), this.rng)
.mod(limit.subtract(r.BigInteger.ONE))
.add(r.BigInteger.ONE);
}
/**
* Helper function for generating a large random K number; utilized for generating our initial C1 point
* TODO: Do we need to do any sort of validation on the resulting k values?
*
* @returns {BigInteger}
*/
generatePublicKey() {
const n = this.ecParams.n;
var k = this.getBigRandom(n);
return k;
}
/**
* SM2 Key Derivation Function (KDF); Takes P2 point, and generates a key material stream large enough to encrypt all of the input data
*
* @param {*} p2
* @param {*} len
* @returns {string}
*/
kdf(p2, len) {
const [hX, hY] = this.getPointAsHex(p2);
var total = Math.ceil(len / 32) + 1;
var cnt = 1;
var keyMaterial = ""
while (cnt < total) {
var num = Utils.intToByteArray(cnt, 4, "big");
var overall = fromHex(hX).concat(fromHex(hY)).concat(num)
keyMaterial += this.sm3(overall);
cnt++;
}
return keyMaterial
}
/**
* Calculates the C3 component of our final encrypted payload; which is the SM3 hash of the P2 point and the original, unencrypted input data
*
* @param {*} p2
* @param {*} input
* @returns {string}
*/
c3(p2, input) {
const [hX, hY] = this.getPointAsHex(p2);
var overall = fromHex(hX).concat(Array.from(input)).concat(fromHex(hY));
return toHex(this.sm3(overall));
}
/**
* SM3 setup helper function; takes input data as an array, processes the hash and returns the result
*
* @param {*} data
* @returns {string}
*/
sm3(data) {
var hashData = Utils.arrayBufferToStr(Uint8Array.from(data).buffer, false);
const hasher = new Sm3();
hasher.update(hashData);
return hasher.finalize();
}
/**
* Utility function, returns an elliptic curve points X and Y values as hex;
*
* @param {EcPointFp} point
* @returns {[]}
*/
getPointAsHex(point) {
var biX = point.getX().toBigInteger();
var biY = point.getY().toBigInteger();
var charlen = this.ecParams.keycharlen;
var hX = ("0000000000" + biX.toString(16)).slice(- charlen);
var hY = ("0000000000" + biY.toString(16)).slice(- charlen);
return [hX, hY]
}
} }
export default SM2Encrypt; export default SM2Encrypt;