diff --git a/CHANGELOG.md b/CHANGELOG.md index 145d1b14..e9fbb154 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,56 @@ All major and minor version changes will be documented in this file. Details of ## Details +### [10.18.0] - 2024-04-24 +- Added 'XXTEA Encrypt' and 'XXTEA Decrypt' operations [@n1474335] | [0a353ee] + +### [10.17.0] - 2024-04-13 +- Fix unit test 'expectOutput' implementation [@zb3] | [#1783] +- Add accessibility labels for icons [@e218736] | [#1743] +- Add focus styling for keyboard navigation [@e218736] | [#1739] +- Add support for operation option hiding [@TheZ3ro] | [#541] +- Improve efficiency of RAKE implementation [@sw5678] | [#1751] +- Require (a, 26) to be coprime in 'Affine Encode' [@EvieHarv] | [#1788] +- Added 'JWK to PEM' operation [@cplussharp] | [#1277] +- Added 'PEM to JWK' operation [@cplussharp] | [#1277] +- Added 'Public Key from Certificate' operation [@cplussharp] | [#1642] +- Added 'Public Key from Private Key' operation [@cplussharp] | [#1642] + +### [10.16.0] - 2024-04-12 +- Added 'JA4Server Fingerprint' operation [@n1474335] | [#1789] + +### [10.15.0] - 2024-04-02 +- Fix Ciphersaber2 key concatenation [@zb3] | [#1765] +- Fix DeriveEVPKey's array parsing [@zb3] | [#1767] +- Fix JWT operations [@a3957273] | [#1769] +- Added 'Parse Certificate Signing Request' operation [@jkataja] | [#1504] +- Added 'Extract Hash Values' operation [@MShwed] | [#512] +- Added 'DateTime Delta' operation [@tomgond] | [#1732] + +### [10.14.0] - 2024-03-31 +- Added 'To Float' and 'From Float' operations [@tcode2k16] | [#1762] +- Fix ChaCha raw export option [@joostrijneveld] | [#1606] +- Update x86 disassembler vendor library [@evanreichard] | [#1197] +- Allow variable Blowfish key sizes [@cbeuw] | [#933] +- Added 'XXTEA' operation [@devcydo] | [#1361] + +### [10.13.0] - 2024-03-30 +- Added 'FangURL' operation [@breakersall] [@arnydo] | [#1591] [#654] + +### [10.12.0] - 2024-03-29 +- Added 'Salsa20' and 'XSalsa20' operation [@joostrijneveld] | [#1750] + +### [10.11.0] - 2024-03-29 +- Add HEIC/HEIF file signatures [@simonw] | [#1757] +- Update xmldom to fix medium security vulnerability [@chriswhite199] | [#1752] +- Update JSONWebToken to fix medium security vulnerability [@chriswhite199] | [#1753] + +### [10.10.0] - 2024-03-27 +- Added 'JA4 Fingerprint' operation [@n1474335] | [#1759] + +### [10.9.0] - 2024-03-26 +- Line ending sequences and UTF-8 character encoding are now detected automatically [@n1474335] | [65ffd8d] + ### [10.8.0] - 2024-02-13 - Add official Docker images [@AshCorr] | [#1699] @@ -386,6 +436,16 @@ All major and minor version changes will be documented in this file. Details of ## [4.0.0] - 2016-11-28 - Initial open source commit [@n1474335] | [b1d73a72](https://github.com/gchq/CyberChef/commit/b1d73a725dc7ab9fb7eb789296efd2b7e4b08306) +[10.18.0]: https://github.com/gchq/CyberChef/releases/tag/v10.18.0 +[10.17.0]: https://github.com/gchq/CyberChef/releases/tag/v10.17.0 +[10.16.0]: https://github.com/gchq/CyberChef/releases/tag/v10.16.0 +[10.15.0]: https://github.com/gchq/CyberChef/releases/tag/v10.15.0 +[10.14.0]: https://github.com/gchq/CyberChef/releases/tag/v10.14.0 +[10.13.0]: https://github.com/gchq/CyberChef/releases/tag/v10.13.0 +[10.12.0]: https://github.com/gchq/CyberChef/releases/tag/v10.12.0 +[10.11.0]: https://github.com/gchq/CyberChef/releases/tag/v10.11.0 +[10.10.0]: https://github.com/gchq/CyberChef/releases/tag/v10.10.0 +[10.9.0]: https://github.com/gchq/CyberChef/releases/tag/v10.9.0 [10.8.0]: https://github.com/gchq/CyberChef/releases/tag/v10.7.0 [10.7.0]: https://github.com/gchq/CyberChef/releases/tag/v10.7.0 [10.6.0]: https://github.com/gchq/CyberChef/releases/tag/v10.6.0 @@ -551,6 +611,18 @@ All major and minor version changes will be documented in this file. Details of [@sg5506844]: https://github.com/sg5506844 [@AliceGrey]: https://github.com/AliceGrey [@AshCorr]: https://github.com/AshCorr +[@simonw]: https://github.com/simonw +[@chriswhite199]: https://github.com/chriswhite199 +[@breakersall]: https://github.com/breakersall +[@evanreichard]: https://github.com/evanreichard +[@devcydo]: https://github.com/devcydo +[@zb3]: https://github.com/zb3 +[@jkataja]: https://github.com/jkataja +[@tomgond]: https://github.com/tomgond +[@e218736]: https://github.com/e218736 +[@TheZ3ro]: https://github.com/TheZ3ro +[@EvieHarv]: https://github.com/EvieHarv +[@cplussharp]: https://github.com/cplussharp [8ad18b]: https://github.com/gchq/CyberChef/commit/8ad18bc7db6d9ff184ba3518686293a7685bf7b7 @@ -561,6 +633,8 @@ All major and minor version changes will be documented in this file. Details of [a895d1d]: https://github.com/gchq/CyberChef/commit/a895d1d82a2f92d440a0c5eca2bc7c898107b737 [31a7f83]: https://github.com/gchq/CyberChef/commit/31a7f83b82e78927f89689f323fcb9185144d6ff [760eff4]: https://github.com/gchq/CyberChef/commit/760eff49b5307aaa3104c5e5b437ffe62299acd1 +[65ffd8d]: https://github.com/gchq/CyberChef/commit/65ffd8d65d88eb369f6f61a5d1d0f807179bffb7 +[0a353ee]: https://github.com/gchq/CyberChef/commit/0a353eeb378b9ca5d49e23c7dfc175ae07107b08 [#95]: https://github.com/gchq/CyberChef/pull/299 [#173]: https://github.com/gchq/CyberChef/pull/173 @@ -677,4 +751,24 @@ All major and minor version changes will be documented in this file. Details of [#1667]: https://github.com/gchq/CyberChef/issues/1667 [#1555]: https://github.com/gchq/CyberChef/issues/1555 [#1694]: https://github.com/gchq/CyberChef/issues/1694 -[#1699]: https://github.com/gchq/CyberChef/issues/1694 +[#1699]: https://github.com/gchq/CyberChef/issues/1699 +[#1757]: https://github.com/gchq/CyberChef/issues/1757 +[#1752]: https://github.com/gchq/CyberChef/issues/1752 +[#1753]: https://github.com/gchq/CyberChef/issues/1753 +[#1750]: https://github.com/gchq/CyberChef/issues/1750 +[#1591]: https://github.com/gchq/CyberChef/issues/1591 +[#654]: https://github.com/gchq/CyberChef/issues/654 +[#1762]: https://github.com/gchq/CyberChef/issues/1762 +[#1606]: https://github.com/gchq/CyberChef/issues/1606 +[#1197]: https://github.com/gchq/CyberChef/issues/1197 +[#933]: https://github.com/gchq/CyberChef/issues/933 +[#1361]: https://github.com/gchq/CyberChef/issues/1361 +[#1765]: https://github.com/gchq/CyberChef/issues/1765 +[#1767]: https://github.com/gchq/CyberChef/issues/1767 +[#1769]: https://github.com/gchq/CyberChef/issues/1769 +[#1759]: https://github.com/gchq/CyberChef/issues/1759 +[#1504]: https://github.com/gchq/CyberChef/issues/1504 +[#512]: https://github.com/gchq/CyberChef/issues/512 +[#1732]: https://github.com/gchq/CyberChef/issues/1732 +[#1789]: https://github.com/gchq/CyberChef/issues/1789 + diff --git a/Gruntfile.js b/Gruntfile.js index 32ba9007..b040d98d 100755 --- a/Gruntfile.js +++ b/Gruntfile.js @@ -86,10 +86,12 @@ module.exports = function (grunt) { // Project configuration - const compileTime = grunt.template.today("UTC:dd/mm/yyyy HH:MM:ss") + " UTC", + const compileYear = grunt.template.today("UTC:yyyy"), + compileTime = grunt.template.today("UTC:dd/mm/yyyy HH:MM:ss") + " UTC", pkg = grunt.file.readJSON("package.json"), webpackConfig = require("./webpack.config.js"), BUILD_CONSTANTS = { + COMPILE_YEAR: JSON.stringify(compileYear), COMPILE_TIME: JSON.stringify(compileTime), COMPILE_MSG: JSON.stringify(grunt.option("compile-msg") || grunt.option("msg") || ""), PKG_VERSION: JSON.stringify(pkg.version), @@ -125,6 +127,7 @@ module.exports = function (grunt) { filename: "index.html", template: "./src/web/html/index.html", chunks: ["main"], + compileYear: compileYear, compileTime: compileTime, version: pkg.version, minify: { @@ -227,6 +230,7 @@ module.exports = function (grunt) { filename: "index.html", template: "./src/web/html/index.html", chunks: ["main"], + compileYear: compileYear, compileTime: compileTime, version: pkg.version, }) diff --git a/package-lock.json b/package-lock.json index 5e6671a5..89f59346 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "cyberchef", - "version": "10.8.2", + "version": "10.18.6", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "cyberchef", - "version": "10.8.2", + "version": "10.18.6", "hasInstallScript": true, "license": "Apache-2.0", "dependencies": { @@ -14,6 +14,7 @@ "@babel/polyfill": "^7.12.1", "@blu3r4y/lzma": "^2.3.3", "@wavesenterprise/crypto-gost-js": "^2.1.0-RC1", + "@xmldom/xmldom": "^0.8.0", "argon2-browser": "^1.18.0", "arrive": "^2.4.1", "avsc": "^5.7.7", @@ -45,6 +46,7 @@ "flat": "^6.0.1", "geodesy": "1.1.3", "highlight.js": "^11.9.0", + "ieee754": "^1.1.13", "jimp": "^0.16.13", "jquery": "3.7.1", "js-crc": "^0.2.0", @@ -92,7 +94,6 @@ "unorm": "^1.6.0", "utf8": "^3.0.0", "vkbeautify": "^0.99.3", - "xmldom": "^0.6.0", "xpath": "0.0.34", "xregexp": "^5.1.1", "zlibjs": "^0.3.1" @@ -114,7 +115,7 @@ "babel-plugin-dynamic-import-node": "^2.3.3", "babel-plugin-transform-builtin-extend": "1.1.2", "base64-loader": "^1.0.0", - "chromedriver": "^121.0.0", + "chromedriver": "^123.0.4", "cli-progress": "^3.12.0", "colors": "^1.4.0", "copy-webpack-plugin": "^12.0.2", @@ -2830,6 +2831,12 @@ "resolved": "https://registry.npmjs.org/@tokenizer/token/-/token-0.3.0.tgz", "integrity": "sha512-OvjF+z51L3ov0OyAU0duzsYuvO01PH7x4t6DJx+guahgTnBHkhJdG7soQeTSFLWN3efnHyibZ4Z8l2EuWwJN3A==" }, + "node_modules/@tootallnate/quickjs-emscripten": { + "version": "0.23.0", + "resolved": "https://registry.npmjs.org/@tootallnate/quickjs-emscripten/-/quickjs-emscripten-0.23.0.tgz", + "integrity": "sha512-C5Mc6rdnsaJDjO3UpGW/CQTHtCKaYlScZTly4JIu97Jxo/odCiH0ITnDXSJPTOrEKk/ycSZ0AOgTmkDtkOsvIA==", + "dev": true + }, "node_modules/@types/body-parser": { "version": "1.19.2", "dev": true, @@ -3174,6 +3181,14 @@ "@xtuc/long": "4.2.2" } }, + "node_modules/@xmldom/xmldom": { + "version": "0.8.10", + "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.10.tgz", + "integrity": "sha512-2WALfTl4xo2SkGCYRt6rDTFfk9R1czmBvUQy12gK2KuRKIpWEhcbbzy8EZXtz/jkRqHX8bFEc6FC1HjX4TUWYw==", + "engines": { + "node": ">=10.0.0" + } + }, "node_modules/@xtuc/ieee754": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/@xtuc/ieee754/-/ieee754-1.2.0.tgz", @@ -3242,15 +3257,15 @@ } }, "node_modules/agent-base": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", - "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.0.tgz", + "integrity": "sha512-o/zjMZRhJxny7OyEF+Op8X+efiELC7k7yOjMzgfzVqOzXqkBkWI79YoTdOtsuWd5BWhAGAuOY/Xa6xpiaWXiNg==", "dev": true, "dependencies": { - "debug": "4" + "debug": "^4.3.4" }, "engines": { - "node": ">= 6.0.0" + "node": ">= 14" } }, "node_modules/ajv": { @@ -3601,6 +3616,18 @@ "node": "*" } }, + "node_modules/ast-types": { + "version": "0.13.4", + "resolved": "https://registry.npmjs.org/ast-types/-/ast-types-0.13.4.tgz", + "integrity": "sha512-x1FCFnFifvYDDzTaLII71vG5uvDwgtmDTEVWAxrgeiR8VjMONcCXJx7E+USjDtHlwFmt9MysbqgF9b9Vjr6w+w==", + "dev": true, + "dependencies": { + "tslib": "^2.0.1" + }, + "engines": { + "node": ">=4" + } + }, "node_modules/async": { "version": "3.2.3", "dev": true, @@ -3976,6 +4003,15 @@ "node": ">= 0.8" } }, + "node_modules/basic-ftp": { + "version": "5.0.5", + "resolved": "https://registry.npmjs.org/basic-ftp/-/basic-ftp-5.0.5.tgz", + "integrity": "sha512-4Bcg1P8xhUuqcii/S0Z9wiHIrQVPMermM1any+MX5GeGD7faD3/msQUDGLol9wOcz4/jbg/WJnGqoJF6LiBdtg==", + "dev": true, + "engines": { + "node": ">=10.0.0" + } + }, "node_modules/batch": { "version": "0.6.1", "dev": true, @@ -4708,17 +4744,17 @@ } }, "node_modules/chromedriver": { - "version": "121.0.0", - "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-121.0.0.tgz", - "integrity": "sha512-ZIKEdZrQAfuzT/RRofjl8/EZR99ghbdBXNTOcgJMKGP6N/UL6lHUX4n6ONWBV18pDvDFfQJ0x58h5AdOaXIOMw==", + "version": "123.0.4", + "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-123.0.4.tgz", + "integrity": "sha512-3Yi7y7q35kkSAOTbRisiww/SL2w+DqafDPAaUShpSuLMmPaOvHQR0i3bm2/33QBiQ8fUb1J/MzppzVL6IDqvhA==", "dev": true, "hasInstallScript": true, "dependencies": { "@testim/chrome-version": "^1.1.4", - "axios": "^1.6.5", + "axios": "^1.6.7", "compare-versions": "^6.1.0", "extract-zip": "^2.0.1", - "https-proxy-agent": "^5.0.1", + "proxy-agent": "^6.4.0", "proxy-from-env": "^1.1.0", "tcp-port-used": "^1.0.2" }, @@ -5817,6 +5853,15 @@ "node": ">=12" } }, + "node_modules/data-uri-to-buffer": { + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-6.0.2.tgz", + "integrity": "sha512-7hvf7/GW8e86rW0ptuwS3OcBGDjIi6SZva7hCyWC0yYry2cOPmLIjXAUHI6DK2HsnwJd9ifmt57i8eV2n4YNpw==", + "dev": true, + "engines": { + "node": ">= 14" + } + }, "node_modules/data-urls": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-5.0.0.tgz", @@ -5975,6 +6020,20 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/degenerator": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/degenerator/-/degenerator-5.0.1.tgz", + "integrity": "sha512-TllpMR/t0M5sqCXfj85i4XaAzxmS5tVA16dqvdkMwGmzI+dXLXnw3J+3Vdv7VKw+ThlTMboK6i9rnZ6Nntj5CQ==", + "dev": true, + "dependencies": { + "ast-types": "^0.13.4", + "escodegen": "^2.1.0", + "esprima": "^4.0.1" + }, + "engines": { + "node": ">= 14" + } + }, "node_modules/delaunator": { "version": "5.0.0", "license": "ISC", @@ -7408,6 +7467,29 @@ "integrity": "sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow==", "dev": true }, + "node_modules/fs-extra": { + "version": "11.2.0", + "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.2.0.tgz", + "integrity": "sha512-PmDi3uwK5nFuXh7XDTlVnS17xJS7vW36is2+w3xcv8SVxiB4NyATf4ctkVY5bkSjX0Y4nbvZCq1/EjtEyr9ktw==", + "dev": true, + "dependencies": { + "graceful-fs": "^4.2.0", + "jsonfile": "^6.0.1", + "universalify": "^2.0.0" + }, + "engines": { + "node": ">=14.14" + } + }, + "node_modules/fs-extra/node_modules/universalify": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz", + "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==", + "dev": true, + "engines": { + "node": ">= 10.0.0" + } + }, "node_modules/fs-monkey": { "version": "1.0.3", "dev": true, @@ -7511,6 +7593,21 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/get-uri": { + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/get-uri/-/get-uri-6.0.3.tgz", + "integrity": "sha512-BzUrJBS9EcUb4cFol8r4W3v1cPsSyajLSthNkz5BxbpDcHN5tIrM10E2eNvfnvBn3DaT3DUgx0OpsBKkaOpanw==", + "dev": true, + "dependencies": { + "basic-ftp": "^5.0.2", + "data-uri-to-buffer": "^6.0.2", + "debug": "^4.3.4", + "fs-extra": "^11.2.0" + }, + "engines": { + "node": ">= 14" + } + }, "node_modules/getobject": { "version": "1.0.2", "dev": true, @@ -8603,9 +8700,9 @@ } }, "node_modules/http-proxy-agent": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-7.0.0.tgz", - "integrity": "sha512-+ZT+iBxVUQ1asugqnD6oWoRiS25AkjNfG085dKJGtGxkdwLQrMKU5wJr2bOOFAXzKcTuqq+7fZlTMgG3SRfIYQ==", + "version": "7.0.2", + "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-7.0.2.tgz", + "integrity": "sha512-T1gkAiYYDWYx3V5Bmyu7HcfcvL7mUrTWiM6yOfa3PIphViJ/gFPbvidQ+veqSOHci/PxBcDabeUNCzpOODJZig==", "dev": true, "dependencies": { "agent-base": "^7.1.0", @@ -8615,18 +8712,6 @@ "node": ">= 14" } }, - "node_modules/http-proxy-agent/node_modules/agent-base": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.0.tgz", - "integrity": "sha512-o/zjMZRhJxny7OyEF+Op8X+efiELC7k7yOjMzgfzVqOzXqkBkWI79YoTdOtsuWd5BWhAGAuOY/Xa6xpiaWXiNg==", - "dev": true, - "dependencies": { - "debug": "^4.3.4" - }, - "engines": { - "node": ">= 14" - } - }, "node_modules/http-proxy-middleware": { "version": "2.0.4", "dev": true, @@ -8667,16 +8752,16 @@ "license": "MIT" }, "node_modules/https-proxy-agent": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz", - "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==", + "version": "7.0.4", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.4.tgz", + "integrity": "sha512-wlwpilI7YdjSkWaQ/7omYBMTliDcmCN8OLihO6I9B86g06lMyAoqgoDpV0XqoaPOKj+0DIdAvnsWfyAAhmimcg==", "dev": true, "dependencies": { - "agent-base": "6", + "agent-base": "^7.0.2", "debug": "4" }, "engines": { - "node": ">= 6" + "node": ">= 14" } }, "node_modules/human-signals": { @@ -8875,6 +8960,19 @@ "loose-envify": "^1.0.0" } }, + "node_modules/ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "dev": true, + "dependencies": { + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, + "engines": { + "node": ">= 12" + } + }, "node_modules/ip-regex": { "version": "4.3.0", "dev": true, @@ -9502,6 +9600,12 @@ "js-yaml": "bin/js-yaml.js" } }, + "node_modules/jsbn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "dev": true + }, "node_modules/jsdom": { "version": "23.2.0", "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-23.2.0.tgz", @@ -9542,31 +9646,6 @@ } } }, - "node_modules/jsdom/node_modules/agent-base": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.0.tgz", - "integrity": "sha512-o/zjMZRhJxny7OyEF+Op8X+efiELC7k7yOjMzgfzVqOzXqkBkWI79YoTdOtsuWd5BWhAGAuOY/Xa6xpiaWXiNg==", - "dev": true, - "dependencies": { - "debug": "^4.3.4" - }, - "engines": { - "node": ">= 14" - } - }, - "node_modules/jsdom/node_modules/https-proxy-agent": { - "version": "7.0.2", - "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.2.tgz", - "integrity": "sha512-NmLNjm6ucYwtcUmL7JQC1ZQ57LmHP4lT15FQ8D61nak1rO6DH+fz5qNK2Ap5UN4ZapYICE3/0KodcLYSPsPbaA==", - "dev": true, - "dependencies": { - "agent-base": "^7.0.2", - "debug": "4" - }, - "engines": { - "node": ">= 14" - } - }, "node_modules/jsesc": { "version": "3.0.2", "license": "MIT", @@ -9603,6 +9682,27 @@ "node": ">=6" } }, + "node_modules/jsonfile": { + "version": "6.1.0", + "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz", + "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==", + "dev": true, + "dependencies": { + "universalify": "^2.0.0" + }, + "optionalDependencies": { + "graceful-fs": "^4.1.6" + } + }, + "node_modules/jsonfile/node_modules/universalify": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz", + "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==", + "dev": true, + "engines": { + "node": ">= 10.0.0" + } + }, "node_modules/jsonpath-plus": { "version": "8.0.0", "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-8.0.0.tgz", @@ -10696,6 +10796,15 @@ "dev": true, "license": "MIT" }, + "node_modules/netmask": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/netmask/-/netmask-2.0.2.tgz", + "integrity": "sha512-dBpDMdxv9Irdq66304OLfEmQ9tbNRFnFTuZiLo+bD+r332bBmMJ8GBLXklIXXgxd3+v9+KUnZaUR5PJMa75Gsg==", + "dev": true, + "engines": { + "node": ">= 0.4.0" + } + }, "node_modules/ngeohash": { "version": "0.6.3", "license": "MIT", @@ -11488,6 +11597,38 @@ "node": ">= 4" } }, + "node_modules/pac-proxy-agent": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/pac-proxy-agent/-/pac-proxy-agent-7.0.1.tgz", + "integrity": "sha512-ASV8yU4LLKBAjqIPMbrgtaKIvxQri/yh2OpI+S6hVa9JRkUI3Y3NPFbfngDtY7oFtSMD3w31Xns89mDa3Feo5A==", + "dev": true, + "dependencies": { + "@tootallnate/quickjs-emscripten": "^0.23.0", + "agent-base": "^7.0.2", + "debug": "^4.3.4", + "get-uri": "^6.0.1", + "http-proxy-agent": "^7.0.0", + "https-proxy-agent": "^7.0.2", + "pac-resolver": "^7.0.0", + "socks-proxy-agent": "^8.0.2" + }, + "engines": { + "node": ">= 14" + } + }, + "node_modules/pac-resolver": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/pac-resolver/-/pac-resolver-7.0.1.tgz", + "integrity": "sha512-5NPgf87AT2STgwa2ntRMr45jTKrYBGkVU36yT0ig/n/GMAa3oPqhZfIQ2kMEimReg0+t9kZViDVZ83qfVUlckg==", + "dev": true, + "dependencies": { + "degenerator": "^5.0.0", + "netmask": "^2.0.2" + }, + "engines": { + "node": ">= 14" + } + }, "node_modules/pad-stream": { "version": "2.0.0", "dev": true, @@ -12259,6 +12400,34 @@ "node": ">= 0.10" } }, + "node_modules/proxy-agent": { + "version": "6.4.0", + "resolved": "https://registry.npmjs.org/proxy-agent/-/proxy-agent-6.4.0.tgz", + "integrity": "sha512-u0piLU+nCOHMgGjRbimiXmA9kM/L9EHh3zL81xCdp7m+Y2pHIsnmbdDoEDoAz5geaonNR6q6+yOPQs6n4T6sBQ==", + "dev": true, + "dependencies": { + "agent-base": "^7.0.2", + "debug": "^4.3.4", + "http-proxy-agent": "^7.0.1", + "https-proxy-agent": "^7.0.3", + "lru-cache": "^7.14.1", + "pac-proxy-agent": "^7.0.1", + "proxy-from-env": "^1.1.0", + "socks-proxy-agent": "^8.0.2" + }, + "engines": { + "node": ">= 14" + } + }, + "node_modules/proxy-agent/node_modules/lru-cache": { + "version": "7.18.3", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.18.3.tgz", + "integrity": "sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==", + "dev": true, + "engines": { + "node": ">=12" + } + }, "node_modules/proxy-from-env": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", @@ -13192,6 +13361,16 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", + "dev": true, + "engines": { + "node": ">= 6.0.0", + "npm": ">= 3.0.0" + } + }, "node_modules/snackbarjs": { "version": "1.1.0", "license": "ISC" @@ -13217,6 +13396,34 @@ "node": ">=0.8.0" } }, + "node_modules/socks": { + "version": "2.8.1", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.1.tgz", + "integrity": "sha512-B6w7tkwNid7ToxjZ08rQMT8M9BJAf8DKx8Ft4NivzH0zBUfd6jldGcisJn/RLgxcX3FPNDdNQCUEMMT79b+oCQ==", + "dev": true, + "dependencies": { + "ip-address": "^9.0.5", + "smart-buffer": "^4.2.0" + }, + "engines": { + "node": ">= 10.0.0", + "npm": ">= 3.0.0" + } + }, + "node_modules/socks-proxy-agent": { + "version": "8.0.2", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.2.tgz", + "integrity": "sha512-8zuqoLv1aP/66PHF5TqwJ7Czm3Yv32urJQHrVyhD7mmA6d61Zv8cIXQYPTWwmg6qlupnPvs/QKDmfa4P/qct2g==", + "dev": true, + "dependencies": { + "agent-base": "^7.0.2", + "debug": "^4.3.4", + "socks": "^2.7.1" + }, + "engines": { + "node": ">= 14" + } + }, "node_modules/sortablejs": { "version": "1.15.2", "resolved": "https://registry.npmjs.org/sortablejs/-/sortablejs-1.15.2.tgz", @@ -13288,9 +13495,10 @@ } }, "node_modules/sprintf-js": { - "version": "1.1.2", - "dev": true, - "license": "BSD-3-Clause" + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "dev": true }, "node_modules/ssdeep.js": { "version": "0.0.3" @@ -14835,13 +15043,6 @@ "integrity": "sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==", "dev": true }, - "node_modules/xmldom": { - "version": "0.6.0", - "license": "MIT", - "engines": { - "node": ">=10.0.0" - } - }, "node_modules/xpath": { "version": "0.0.34", "resolved": "https://registry.npmjs.org/xpath/-/xpath-0.0.34.tgz", diff --git a/package.json b/package.json index 334d88b5..cd5d4ca5 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "cyberchef", - "version": "10.8.2", + "version": "10.18.6", "description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.", "author": "n1474335 ", "homepage": "https://gchq.github.io/CyberChef", @@ -55,7 +55,7 @@ "babel-plugin-dynamic-import-node": "^2.3.3", "babel-plugin-transform-builtin-extend": "1.1.2", "base64-loader": "^1.0.0", - "chromedriver": "^121.0.0", + "chromedriver": "^123.0.4", "cli-progress": "^3.12.0", "colors": "^1.4.0", "copy-webpack-plugin": "^12.0.2", @@ -96,6 +96,7 @@ "@babel/polyfill": "^7.12.1", "@blu3r4y/lzma": "^2.3.3", "@wavesenterprise/crypto-gost-js": "^2.1.0-RC1", + "@xmldom/xmldom": "^0.8.0", "argon2-browser": "^1.18.0", "arrive": "^2.4.1", "avsc": "^5.7.7", @@ -127,6 +128,7 @@ "flat": "^6.0.1", "geodesy": "1.1.3", "highlight.js": "^11.9.0", + "ieee754": "^1.1.13", "jimp": "^0.16.13", "jquery": "3.7.1", "js-crc": "^0.2.0", @@ -174,7 +176,6 @@ "unorm": "^1.6.0", "utf8": "^3.0.0", "vkbeautify": "^0.99.3", - "xmldom": "^0.6.0", "xpath": "0.0.34", "xregexp": "^5.1.1", "zlibjs": "^0.3.1" diff --git a/src/core/Utils.mjs b/src/core/Utils.mjs index 18b0e688..a9c381d7 100755 --- a/src/core/Utils.mjs +++ b/src/core/Utils.mjs @@ -893,7 +893,7 @@ class Utils { /** - * Converts a string to it's title case equivalent. + * Converts a string to its title case equivalent. * * @param {string} str * @returns string diff --git a/src/core/config/Categories.json b/src/core/config/Categories.json index ee823a35..8a0b0d79 100644 --- a/src/core/config/Categories.json +++ b/src/core/config/Categories.json @@ -14,6 +14,8 @@ "From Charcode", "To Decimal", "From Decimal", + "To Float", + "From Float", "To Binary", "From Binary", "To Octal", @@ -96,6 +98,8 @@ "RC4", "RC4 Drop", "ChaCha", + "Salsa20", + "XSalsa20", "Rabbit", "SM4 Encrypt", "SM4 Decrypt", @@ -114,6 +118,8 @@ "XOR Brute Force", "Vigenère Encode", "Vigenère Decode", + "XXTEA Encrypt", + "XXTEA Decrypt", "To Morse Code", "From Morse Code", "Bacon Cipher Encode", @@ -164,6 +170,8 @@ "Hex to PEM", "Hex to Object Identifier", "Object Identifier to Hex", + "PEM to JWK", + "JWK to PEM", "Generate PGP Key Pair", "PGP Encrypt", "PGP Decrypt", @@ -175,7 +183,14 @@ "RSA Verify", "RSA Encrypt", "RSA Decrypt", - "Parse SSH Host Key" + "Generate ECDSA Key Pair", + "ECDSA Signature Conversion", + "ECDSA Sign", + "ECDSA Verify", + "Parse SSH Host Key", + "Parse CSR", + "Public Key from Certificate", + "Public Key from Private Key" ] }, { @@ -232,6 +247,8 @@ "VarInt Decode", "JA3 Fingerprint", "JA3S Fingerprint", + "JA4 Fingerprint", + "JA4Server Fingerprint", "HASSH Client Fingerprint", "HASSH Server Fingerprint", "Format MAC addresses", @@ -240,6 +257,7 @@ "Encode NetBIOS Name", "Decode NetBIOS Name", "Defang URL", + "Fang URL", "Defang IP Addresses" ] }, @@ -315,6 +333,7 @@ "To UNIX Timestamp", "Windows Filetime to UNIX Timestamp", "UNIX Timestamp to Windows Filetime", + "DateTime Delta", "Extract dates", "Get Time", "Sleep" @@ -331,6 +350,7 @@ "Extract domains", "Extract file paths", "Extract dates", + "Extract hashes", "Regular expression", "XPath expression", "JPath expression", @@ -379,7 +399,6 @@ "SHA2", "SHA3", "SM3", - "MurmurHash3", "Keccak", "Shake", "RIPEMD", @@ -404,6 +423,7 @@ "Scrypt", "NT Hash", "LM Hash", + "MurmurHash3", "Fletcher-8 Checksum", "Fletcher-16 Checksum", "Fletcher-32 Checksum", diff --git a/src/core/config/scripts/newOperation.mjs b/src/core/config/scripts/newOperation.mjs index fddeff97..1686f6eb 100644 --- a/src/core/config/scripts/newOperation.mjs +++ b/src/core/config/scripts/newOperation.mjs @@ -147,7 +147,7 @@ class ${moduleName} extends Operation { this.name = "${result.opName}"; this.module = "${result.module}"; this.description = "${(new EscapeString).run(result.description, ["Special chars", "Double"])}"; - this.infoURL = "${result.infoURL}"; + this.infoURL = "${result.infoURL}"; // Usually a Wikipedia link. Remember to remove localisation (i.e. https://wikipedia.org/etc rather than https://en.wikipedia.org/etc) this.inputType = "${result.inputType}"; this.outputType = "${result.outputType}"; this.args = [ diff --git a/src/core/lib/ChrEnc.mjs b/src/core/lib/ChrEnc.mjs index 6879d736..55fe3761 100644 --- a/src/core/lib/ChrEnc.mjs +++ b/src/core/lib/ChrEnc.mjs @@ -224,8 +224,85 @@ export function chrEncWidth(page) { * @copyright Crown Copyright 2019 * @license Apache-2.0 */ +export const UNICODE_NORMALISATION_FORMS = ["NFD", "NFC", "NFKD", "NFKC"]; + /** - * Character encoding format mappings. + * Detects whether the input buffer is valid UTF8. + * + * @param {ArrayBuffer} data + * @returns {number} - 0 = not UTF8, 1 = ASCII, 2 = UTF8 */ -export const UNICODE_NORMALISATION_FORMS = ["NFD", "NFC", "NFKD", "NFKC"]; +export function isUTF8(data) { + const bytes = new Uint8Array(data); + let i = 0; + let onlyASCII = true; + while (i < bytes.length) { + if (( // ASCII + bytes[i] === 0x09 || + bytes[i] === 0x0A || + bytes[i] === 0x0D || + (0x20 <= bytes[i] && bytes[i] <= 0x7E) + )) { + i += 1; + continue; + } + + onlyASCII = false; + + if (( // non-overlong 2-byte + (0xC2 <= bytes[i] && bytes[i] <= 0xDF) && + (0x80 <= bytes[i+1] && bytes[i+1] <= 0xBF) + )) { + i += 2; + continue; + } + + if (( // excluding overlongs + bytes[i] === 0xE0 && + (0xA0 <= bytes[i + 1] && bytes[i + 1] <= 0xBF) && + (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF) + ) || + ( // straight 3-byte + ((0xE1 <= bytes[i] && bytes[i] <= 0xEC) || + bytes[i] === 0xEE || + bytes[i] === 0xEF) && + (0x80 <= bytes[i + 1] && bytes[i+1] <= 0xBF) && + (0x80 <= bytes[i+2] && bytes[i+2] <= 0xBF) + ) || + ( // excluding surrogates + bytes[i] === 0xED && + (0x80 <= bytes[i+1] && bytes[i+1] <= 0x9F) && + (0x80 <= bytes[i+2] && bytes[i+2] <= 0xBF) + )) { + i += 3; + continue; + } + + if (( // planes 1-3 + bytes[i] === 0xF0 && + (0x90 <= bytes[i + 1] && bytes[i + 1] <= 0xBF) && + (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF) && + (0x80 <= bytes[i + 3] && bytes[i + 3] <= 0xBF) + ) || + ( // planes 4-15 + (0xF1 <= bytes[i] && bytes[i] <= 0xF3) && + (0x80 <= bytes[i + 1] && bytes[i + 1] <= 0xBF) && + (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF) && + (0x80 <= bytes[i + 3] && bytes[i + 3] <= 0xBF) + ) || + ( // plane 16 + bytes[i] === 0xF4 && + (0x80 <= bytes[i + 1] && bytes[i + 1] <= 0x8F) && + (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF) && + (0x80 <= bytes[i + 3] && bytes[i + 3] <= 0xBF) + )) { + i += 4; + continue; + } + + return 0; + } + + return onlyASCII ? 1 : 2; +} diff --git a/src/core/lib/CipherSaber2.mjs b/src/core/lib/CipherSaber2.mjs index bf3954e9..8189d961 100644 --- a/src/core/lib/CipherSaber2.mjs +++ b/src/core/lib/CipherSaber2.mjs @@ -4,7 +4,7 @@ * @license Apache-2.0 */ export function encode(tempIVP, key, rounds, input) { - const ivp = new Uint8Array(key.concat(tempIVP)); + const ivp = new Uint8Array([...key, ...tempIVP]); const state = new Array(256).fill(0); let j = 0, i = 0; const result = []; diff --git a/src/core/lib/Ciphers.mjs b/src/core/lib/Ciphers.mjs index a4d174b5..6266a8e1 100644 --- a/src/core/lib/Ciphers.mjs +++ b/src/core/lib/Ciphers.mjs @@ -3,6 +3,7 @@ * * @author Matt C [matt@artemisbot.uk] * @author n1474335 [n1474335@gmail.com] + * @author Evie H [evie@evie.sh] * * @copyright Crown Copyright 2018 * @license Apache-2.0 @@ -10,6 +11,7 @@ */ import OperationError from "../errors/OperationError.mjs"; +import Utils from "../Utils.mjs"; import CryptoJS from "crypto-js"; /** @@ -30,6 +32,10 @@ export function affineEncode(input, args) { throw new OperationError("The values of a and b can only be integers."); } + if (Utils.gcd(a, 26) !== 1) { + throw new OperationError("The value of `a` must be coprime to 26."); + } + for (let i = 0; i < input.length; i++) { if (alphabet.indexOf(input[i]) >= 0) { // Uses the affine function ax+b % m = y (where m is length of the alphabet) diff --git a/src/core/lib/FileSignatures.mjs b/src/core/lib/FileSignatures.mjs index 4cba4bc7..22132823 100644 --- a/src/core/lib/FileSignatures.mjs +++ b/src/core/lib/FileSignatures.mjs @@ -72,6 +72,27 @@ export const FILE_SIGNATURES = { }, extractor: extractWEBP }, + { + name: "High Efficiency Image File Format", + extension: "heic,heif", + mime: "image/heif", + description: "", + signature: { + 0: 0x00, + 1: 0x00, + 2: 0x00, + 3: [0x24, 0x18], + 4: 0x66, // ftypheic + 5: 0x74, + 6: 0x79, + 7: 0x70, + 8: 0x68, + 9: 0x65, + 10: 0x69, + 11: 0x63 + }, + extractor: null + }, { name: "Camera Image File Format", extension: "crw", @@ -2727,7 +2748,7 @@ export function extractGIF(bytes, offset) { stream.moveForwardsBy(11); // Loop until next Graphic Control Extension. - while (stream.getBytes(2) !== [0x21, 0xf9]) { + while (!Array.from(stream.getBytes(2)).equals([0x21, 0xf9])) { stream.moveBackwardsBy(2); stream.moveForwardsBy(stream.readInt(1)); if (!stream.readInt(1)) diff --git a/src/core/lib/JA4.mjs b/src/core/lib/JA4.mjs new file mode 100644 index 00000000..5e606f46 --- /dev/null +++ b/src/core/lib/JA4.mjs @@ -0,0 +1,264 @@ +/** + * JA4 resources. + * + * @author n1474335 [n1474335@gmail.com] + * @copyright Crown Copyright 2024 + * @license Apache-2.0 + * + * JA4 Copyright 2023 FoxIO, LLC. + * @license BSD-3-Clause + */ + +import OperationError from "../errors/OperationError.mjs"; +import { parseTLSRecord, parseHighestSupportedVersion, parseFirstALPNValue } from "./TLS.mjs"; +import { toHexFast } from "./Hex.mjs"; +import { runHash } from "./Hash.mjs"; +import Utils from "../Utils.mjs"; + + +/** + * Calculate the JA4 from a given TLS Client Hello Stream + * @param {Uint8Array} bytes + * @returns {string} + */ +export function toJA4(bytes) { + let tlsr = {}; + try { + tlsr = parseTLSRecord(bytes); + if (tlsr.handshake.value.handshakeType.value !== 0x01) { + throw new Error(); + } + } catch (err) { + throw new OperationError("Data is not a valid TLS Client Hello. QUIC is not yet supported.\n" + err); + } + + /* QUIC + “q” or “t”, which denotes whether the hello packet is for QUIC or TCP. + TODO: Implement QUIC + */ + const ptype = "t"; + + /* TLS Version + TLS version is shown in 3 different places. If extension 0x002b exists (supported_versions), then the version + is the highest value in the extension. Remember to ignore GREASE values. If the extension doesn’t exist, then + the TLS version is the value of the Protocol Version. Handshake version (located at the top of the packet) + should be ignored. + */ + let version = tlsr.version.value; + for (const ext of tlsr.handshake.value.extensions.value) { + if (ext.type.value === "supported_versions") { + version = parseHighestSupportedVersion(ext.value.data); + break; + } + } + version = tlsVersionMapper(version); + + /* SNI + If the SNI extension (0x0000) exists, then the destination of the connection is a domain, or “d” in the fingerprint. + If the SNI does not exist, then the destination is an IP address, or “i”. + */ + let sni = "i"; + for (const ext of tlsr.handshake.value.extensions.value) { + if (ext.type.value === "server_name") { + sni = "d"; + break; + } + } + + /* Number of Ciphers + 2 character number of cipher suites, so if there’s 6 cipher suites in the hello packet, then the value should be “06”. + If there’s > 99, which there should never be, then output “99”. Remember, ignore GREASE values. They don’t count. + */ + let cipherLen = 0; + for (const cs of tlsr.handshake.value.cipherSuites.value) { + if (cs.value !== "GREASE") cipherLen++; + } + cipherLen = cipherLen > 99 ? "99" : cipherLen.toString().padStart(2, "0"); + + /* Number of Extensions + Same as counting ciphers. Ignore GREASE. Include SNI and ALPN. + */ + let extLen = 0; + for (const ext of tlsr.handshake.value.extensions.value) { + if (ext.type.value !== "GREASE") extLen++; + } + extLen = extLen > 99 ? "99" : extLen.toString().padStart(2, "0"); + + /* ALPN Extension Value + The first and last characters of the ALPN (Application-Layer Protocol Negotiation) first value. + If there are no ALPN values or no ALPN extension then we print “00” as the value in the fingerprint. + */ + let alpn = "00"; + for (const ext of tlsr.handshake.value.extensions.value) { + if (ext.type.value === "application_layer_protocol_negotiation") { + alpn = parseFirstALPNValue(ext.value.data); + alpn = alpn.charAt(0) + alpn.charAt(alpn.length - 1); + if (alpn.charCodeAt(0) > 127) alpn = "99"; + break; + } + } + + /* Cipher hash + A 12 character truncated sha256 hash of the list of ciphers sorted in hex order, first 12 characters. + The list is created using the 4 character hex values of the ciphers, lower case, comma delimited, ignoring GREASE. + */ + const originalCiphersList = []; + for (const cs of tlsr.handshake.value.cipherSuites.value) { + if (cs.value !== "GREASE") { + originalCiphersList.push(toHexFast(cs.data)); + } + } + const sortedCiphersList = [...originalCiphersList].sort(); + const sortedCiphersRaw = sortedCiphersList.join(","); + const originalCiphersRaw = originalCiphersList.join(","); + const sortedCiphers = runHash( + "sha256", + Utils.strToArrayBuffer(sortedCiphersRaw) + ).substring(0, 12); + const originalCiphers = runHash( + "sha256", + Utils.strToArrayBuffer(originalCiphersRaw) + ).substring(0, 12); + + /* Extension hash + A 12 character truncated sha256 hash of the list of extensions, sorted by hex value, followed by the list of signature + algorithms, in the order that they appear (not sorted). + The extension list is created using the 4 character hex values of the extensions, lower case, comma delimited, sorted + (not in the order they appear). Ignore the SNI extension (0000) and the ALPN extension (0010) as we’ve already captured + them in the a section of the fingerprint. These values are omitted so that the same application would have the same b + section of the fingerprint regardless of if it were going to a domain, IP, or changing ALPNs. + */ + const originalExtensionsList = []; + let signatureAlgorithms = ""; + for (const ext of tlsr.handshake.value.extensions.value) { + if (ext.type.value !== "GREASE") { + originalExtensionsList.push(toHexFast(ext.type.data)); + } + if (ext.type.value === "signature_algorithms") { + signatureAlgorithms = toHexFast(ext.value.data.slice(2)); + signatureAlgorithms = signatureAlgorithms.replace(/(.{4})/g, "$1,"); + signatureAlgorithms = signatureAlgorithms.substring(0, signatureAlgorithms.length - 1); + } + } + const sortedExtensionsList = [...originalExtensionsList].filter(e => e !== "0000" && e !== "0010").sort(); + const sortedExtensionsRaw = sortedExtensionsList.join(",") + "_" + signatureAlgorithms; + const originalExtensionsRaw = originalExtensionsList.join(",") + "_" + signatureAlgorithms; + const sortedExtensions = runHash( + "sha256", + Utils.strToArrayBuffer(sortedExtensionsRaw) + ).substring(0, 12); + const originalExtensions = runHash( + "sha256", + Utils.strToArrayBuffer(originalExtensionsRaw) + ).substring(0, 12); + + return { + "JA4": `${ptype}${version}${sni}${cipherLen}${extLen}${alpn}_${sortedCiphers}_${sortedExtensions}`, + "JA4_o": `${ptype}${version}${sni}${cipherLen}${extLen}${alpn}_${originalCiphers}_${originalExtensions}`, + "JA4_r": `${ptype}${version}${sni}${cipherLen}${extLen}${alpn}_${sortedCiphersRaw}_${sortedExtensionsRaw}`, + "JA4_ro": `${ptype}${version}${sni}${cipherLen}${extLen}${alpn}_${originalCiphersRaw}_${originalExtensionsRaw}`, + }; +} + + +/** + * Calculate the JA4Server from a given TLS Server Hello Stream + * @param {Uint8Array} bytes + * @returns {string} + */ +export function toJA4S(bytes) { + let tlsr = {}; + try { + tlsr = parseTLSRecord(bytes); + if (tlsr.handshake.value.handshakeType.value !== 0x02) { + throw new Error(); + } + } catch (err) { + throw new OperationError("Data is not a valid TLS Server Hello. QUIC is not yet supported.\n" + err); + } + + /* QUIC + “q” or “t”, which denotes whether the hello packet is for QUIC or TCP. + TODO: Implement QUIC + */ + const ptype = "t"; + + /* TLS Version + TLS version is shown in 3 different places. If extension 0x002b exists (supported_versions), then the version + is the highest value in the extension. Remember to ignore GREASE values. If the extension doesn’t exist, then + the TLS version is the value of the Protocol Version. Handshake version (located at the top of the packet) + should be ignored. + */ + let version = tlsr.version.value; + for (const ext of tlsr.handshake.value.extensions.value) { + if (ext.type.value === "supported_versions") { + version = parseHighestSupportedVersion(ext.value.data); + break; + } + } + version = tlsVersionMapper(version); + + /* Number of Extensions + 2 character number of cipher suites, so if there’s 6 cipher suites in the hello packet, then the value should be “06”. + If there’s > 99, which there should never be, then output “99”. + */ + let extLen = tlsr.handshake.value.extensions.value.length; + extLen = extLen > 99 ? "99" : extLen.toString().padStart(2, "0"); + + /* ALPN Extension Chosen Value + The first and last characters of the ALPN (Application-Layer Protocol Negotiation) first value. + If there are no ALPN values or no ALPN extension then we print “00” as the value in the fingerprint. + */ + let alpn = "00"; + for (const ext of tlsr.handshake.value.extensions.value) { + if (ext.type.value === "application_layer_protocol_negotiation") { + alpn = parseFirstALPNValue(ext.value.data); + alpn = alpn.charAt(0) + alpn.charAt(alpn.length - 1); + if (alpn.charCodeAt(0) > 127) alpn = "99"; + break; + } + } + + /* Chosen Cipher + The hex value of the chosen cipher suite + */ + const cipher = toHexFast(tlsr.handshake.value.cipherSuite.data); + + /* Extension hash + A 12 character truncated sha256 hash of the list of extensions. + The extension list is created using the 4 character hex values of the extensions, lower case, comma delimited. + */ + const extensionsList = []; + for (const ext of tlsr.handshake.value.extensions.value) { + extensionsList.push(toHexFast(ext.type.data)); + } + const extensionsRaw = extensionsList.join(","); + const extensionsHash = runHash( + "sha256", + Utils.strToArrayBuffer(extensionsRaw) + ).substring(0, 12); + + return { + "JA4S": `${ptype}${version}${extLen}${alpn}_${cipher}_${extensionsHash}`, + "JA4S_r": `${ptype}${version}${extLen}${alpn}_${cipher}_${extensionsRaw}`, + }; +} + + +/** + * Takes a TLS version value and returns a JA4 TLS version string + * @param {Uint8Array} version - Two byte array of version number + * @returns {string} + */ +function tlsVersionMapper(version) { + switch (version) { + case 0x0304: return "13"; // TLS 1.3 + case 0x0303: return "12"; // TLS 1.2 + case 0x0302: return "11"; // TLS 1.1 + case 0x0301: return "10"; // TLS 1.0 + case 0x0300: return "s3"; // SSL 3.0 + case 0x0200: return "s2"; // SSL 2.0 + case 0x0100: return "s1"; // SSL 1.0 + default: return "00"; // Unknown + } +} diff --git a/src/core/lib/Magic.mjs b/src/core/lib/Magic.mjs index 921fc3f6..14111ec7 100644 --- a/src/core/lib/Magic.mjs +++ b/src/core/lib/Magic.mjs @@ -3,6 +3,7 @@ import Utils, { isWorkerEnvironment } from "../Utils.mjs"; import Recipe from "../Recipe.mjs"; import Dish from "../Dish.mjs"; import {detectFileType, isType} from "./FileType.mjs"; +import {isUTF8} from "./ChrEnc.mjs"; import chiSquared from "chi-squared"; /** @@ -111,82 +112,6 @@ class Magic { }; } - /** - * Detects whether the input buffer is valid UTF8. - * - * @returns {boolean} - */ - isUTF8() { - const bytes = new Uint8Array(this.inputBuffer); - let i = 0; - while (i < bytes.length) { - if (( // ASCII - bytes[i] === 0x09 || - bytes[i] === 0x0A || - bytes[i] === 0x0D || - (0x20 <= bytes[i] && bytes[i] <= 0x7E) - )) { - i += 1; - continue; - } - - if (( // non-overlong 2-byte - (0xC2 <= bytes[i] && bytes[i] <= 0xDF) && - (0x80 <= bytes[i+1] && bytes[i+1] <= 0xBF) - )) { - i += 2; - continue; - } - - if (( // excluding overlongs - bytes[i] === 0xE0 && - (0xA0 <= bytes[i + 1] && bytes[i + 1] <= 0xBF) && - (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF) - ) || - ( // straight 3-byte - ((0xE1 <= bytes[i] && bytes[i] <= 0xEC) || - bytes[i] === 0xEE || - bytes[i] === 0xEF) && - (0x80 <= bytes[i + 1] && bytes[i+1] <= 0xBF) && - (0x80 <= bytes[i+2] && bytes[i+2] <= 0xBF) - ) || - ( // excluding surrogates - bytes[i] === 0xED && - (0x80 <= bytes[i+1] && bytes[i+1] <= 0x9F) && - (0x80 <= bytes[i+2] && bytes[i+2] <= 0xBF) - )) { - i += 3; - continue; - } - - if (( // planes 1-3 - bytes[i] === 0xF0 && - (0x90 <= bytes[i + 1] && bytes[i + 1] <= 0xBF) && - (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF) && - (0x80 <= bytes[i + 3] && bytes[i + 3] <= 0xBF) - ) || - ( // planes 4-15 - (0xF1 <= bytes[i] && bytes[i] <= 0xF3) && - (0x80 <= bytes[i + 1] && bytes[i + 1] <= 0xBF) && - (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF) && - (0x80 <= bytes[i + 3] && bytes[i + 3] <= 0xBF) - ) || - ( // plane 16 - bytes[i] === 0xF4 && - (0x80 <= bytes[i + 1] && bytes[i + 1] <= 0x8F) && - (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF) && - (0x80 <= bytes[i + 3] && bytes[i + 3] <= 0xBF) - )) { - i += 4; - continue; - } - - return false; - } - - return true; - } - /** * Calculates the Shannon entropy of the input data. * @@ -336,7 +261,7 @@ class Magic { data: this.inputStr.slice(0, 100), languageScores: this.detectLanguage(extLang), fileType: this.detectFileType(), - isUTF8: this.isUTF8(), + isUTF8: !!isUTF8(this.inputBuffer), entropy: this.calcEntropy(), matchingOps: matchingOps, useful: useful, diff --git a/src/core/lib/Salsa20.mjs b/src/core/lib/Salsa20.mjs new file mode 100644 index 00000000..d72831bf --- /dev/null +++ b/src/core/lib/Salsa20.mjs @@ -0,0 +1,144 @@ +/** + * @author joostrijneveld [joost@joostrijneveld.nl] + * @copyright Crown Copyright 2024 + * @license Apache-2.0 + */ + +import Utils from "../Utils.mjs"; + +/** + * Computes the Salsa20 permute function + * + * @param {byteArray} x + * @param {integer} rounds + */ +function salsa20Permute(x, rounds) { + /** + * Macro to compute a 32-bit rotate-left operation + * + * @param {integer} x + * @param {integer} n + * @returns {integer} + */ + function ROL32(x, n) { + return ((x << n) & 0xFFFFFFFF) | (x >>> (32 - n)); + } + + /** + * Macro to compute a single Salsa20 quarterround operation + * + * @param {integer} x + * @param {integer} a + * @param {integer} b + * @param {integer} c + * @param {integer} d + * @returns {integer} + */ + function quarterround(x, a, b, c, d) { + x[b] ^= ROL32((x[a] + x[d]) & 0xFFFFFFFF, 7); + x[c] ^= ROL32((x[b] + x[a]) & 0xFFFFFFFF, 9); + x[d] ^= ROL32((x[c] + x[b]) & 0xFFFFFFFF, 13); + x[a] ^= ROL32((x[d] + x[c]) & 0xFFFFFFFF, 18); + } + + for (let i = 0; i < rounds / 2; i++) { + quarterround(x, 0, 4, 8, 12); + quarterround(x, 5, 9, 13, 1); + quarterround(x, 10, 14, 2, 6); + quarterround(x, 15, 3, 7, 11); + quarterround(x, 0, 1, 2, 3); + quarterround(x, 5, 6, 7, 4); + quarterround(x, 10, 11, 8, 9); + quarterround(x, 15, 12, 13, 14); + } +} + +/** + * Computes the Salsa20 block function + * + * @param {byteArray} key + * @param {byteArray} nonce + * @param {byteArray} counter + * @param {integer} rounds + * @returns {byteArray} + */ +export function salsa20Block(key, nonce, counter, rounds) { + const tau = "expand 16-byte k"; + const sigma = "expand 32-byte k"; + let state, c; + if (key.length === 16) { + c = Utils.strToByteArray(tau); + key = key.concat(key); + } else { + c = Utils.strToByteArray(sigma); + } + + state = c.slice(0, 4); + state = state.concat(key.slice(0, 16)); + state = state.concat(c.slice(4, 8)); + state = state.concat(nonce); + state = state.concat(counter); + state = state.concat(c.slice(8, 12)); + state = state.concat(key.slice(16, 32)); + state = state.concat(c.slice(12, 16)); + + const x = Array(); + for (let i = 0; i < 64; i += 4) { + x.push(Utils.byteArrayToInt(state.slice(i, i + 4), "little")); + } + const a = [...x]; + + salsa20Permute(x, rounds); + + for (let i = 0; i < 16; i++) { + x[i] = (x[i] + a[i]) & 0xFFFFFFFF; + } + + let output = Array(); + for (let i = 0; i < 16; i++) { + output = output.concat(Utils.intToByteArray(x[i], 4, "little")); + } + return output; +} + +/** + * Computes the hSalsa20 function + * + * @param {byteArray} key + * @param {byteArray} nonce + * @param {integer} rounds + * @returns {byteArray} + */ +export function hsalsa20(key, nonce, rounds) { + const tau = "expand 16-byte k"; + const sigma = "expand 32-byte k"; + let state, c; + if (key.length === 16) { + c = Utils.strToByteArray(tau); + key = key.concat(key); + } else { + c = Utils.strToByteArray(sigma); + } + + state = c.slice(0, 4); + state = state.concat(key.slice(0, 16)); + state = state.concat(c.slice(4, 8)); + state = state.concat(nonce); + state = state.concat(c.slice(8, 12)); + state = state.concat(key.slice(16, 32)); + state = state.concat(c.slice(12, 16)); + + const x = Array(); + for (let i = 0; i < 64; i += 4) { + x.push(Utils.byteArrayToInt(state.slice(i, i + 4), "little")); + } + + salsa20Permute(x, rounds); + + let output = Array(); + const idx = [0, 5, 10, 15, 6, 7, 8, 9]; + for (let i = 0; i < 8; i++) { + output = output.concat(Utils.intToByteArray(x[idx[i]], 4, "little")); + } + return output; +} diff --git a/src/core/lib/Stream.mjs b/src/core/lib/Stream.mjs index 18ce71c3..8253c4cf 100644 --- a/src/core/lib/Stream.mjs +++ b/src/core/lib/Stream.mjs @@ -18,12 +18,23 @@ export default class Stream { * Stream constructor. * * @param {Uint8Array} input + * @param {number} pos + * @param {number} bitPos */ - constructor(input) { + constructor(input, pos=0, bitPos=0) { this.bytes = input; this.length = this.bytes.length; - this.position = 0; - this.bitPos = 0; + this.position = pos; + this.bitPos = bitPos; + } + + /** + * Clone this Stream returning a new identical Stream. + * + * @returns {Stream} + */ + clone() { + return new Stream(this.bytes, this.position, this.bitPos); } /** diff --git a/src/core/lib/TLS.mjs b/src/core/lib/TLS.mjs new file mode 100644 index 00000000..6373bfa2 --- /dev/null +++ b/src/core/lib/TLS.mjs @@ -0,0 +1,877 @@ +/** + * TLS resources. + * + * @author n1474335 [n1474335@gmail.com] + * @copyright Crown Copyright 2024 + * @license Apache-2.0 + */ + +import OperationError from "../errors/OperationError.mjs"; +import Stream from "../lib/Stream.mjs"; + +/** + * Parse a TLS Record + * @param {Uint8Array} bytes + * @returns {JSON} + */ +export function parseTLSRecord(bytes) { + const s = new Stream(bytes); + const b = s.clone(); + const r = {}; + + // Content type + r.contentType = { + description: "Content Type", + length: 1, + data: b.getBytes(1), + value: s.readInt(1) + }; + if (r.contentType.value !== 0x16) + throw new OperationError("Not handshake data."); + + // Version + r.version = { + description: "Protocol Version", + length: 2, + data: b.getBytes(2), + value: s.readInt(2) + }; + + // Length + r.length = { + description: "Record Length", + length: 2, + data: b.getBytes(2), + value: s.readInt(2) + }; + if (s.length !== r.length.value + 5) + throw new OperationError("Incorrect handshake length."); + + // Handshake + r.handshake = { + description: "Handshake", + length: r.length.value, + data: b.getBytes(r.length.value), + value: parseHandshake(s.getBytes(r.length.value)) + }; + + return r; +} + +/** + * Parse a TLS Handshake + * @param {Uint8Array} bytes + * @returns {JSON} + */ +function parseHandshake(bytes) { + const s = new Stream(bytes); + const b = s.clone(); + const h = {}; + + // Handshake type + h.handshakeType = { + description: "Handshake Type", + length: 1, + data: b.getBytes(1), + value: s.readInt(1) + }; + + // Handshake length + h.handshakeLength = { + description: "Handshake Length", + length: 3, + data: b.getBytes(3), + value: s.readInt(3) + }; + if (s.length !== h.handshakeLength.value + 4) + throw new OperationError("Not enough data in Handshake message."); + + + switch (h.handshakeType.value) { + case 0x01: + h.handshakeType.description = "Client Hello"; + parseClientHello(s, b, h); + break; + case 0x02: + h.handshakeType.description = "Server Hello"; + parseServerHello(s, b, h); + break; + default: + throw new OperationError("Not a known handshake message."); + } + + return h; +} + +/** + * Parse a TLS Client Hello + * @param {Stream} s + * @param {Stream} b + * @param {Object} h + * @returns {JSON} + */ +function parseClientHello(s, b, h) { + // Hello version + h.helloVersion = { + description: "Client Hello Version", + length: 2, + data: b.getBytes(2), + value: s.readInt(2) + }; + + // Random + h.random = { + description: "Client Random", + length: 32, + data: b.getBytes(32), + value: s.getBytes(32) + }; + + // Session ID Length + h.sessionIDLength = { + description: "Session ID Length", + length: 1, + data: b.getBytes(1), + value: s.readInt(1) + }; + + // Session ID + h.sessionID = { + description: "Session ID", + length: h.sessionIDLength.value, + data: b.getBytes(h.sessionIDLength.value), + value: s.getBytes(h.sessionIDLength.value) + }; + + // Cipher Suites Length + h.cipherSuitesLength = { + description: "Cipher Suites Length", + length: 2, + data: b.getBytes(2), + value: s.readInt(2) + }; + + // Cipher Suites + h.cipherSuites = { + description: "Cipher Suites", + length: h.cipherSuitesLength.value, + data: b.getBytes(h.cipherSuitesLength.value), + value: parseCipherSuites(s.getBytes(h.cipherSuitesLength.value)) + }; + + // Compression Methods Length + h.compressionMethodsLength = { + description: "Compression Methods Length", + length: 1, + data: b.getBytes(1), + value: s.readInt(1) + }; + + // Compression Methods + h.compressionMethods = { + description: "Compression Methods", + length: h.compressionMethodsLength.value, + data: b.getBytes(h.compressionMethodsLength.value), + value: parseCompressionMethods(s.getBytes(h.compressionMethodsLength.value)) + }; + + // Extensions Length + h.extensionsLength = { + description: "Extensions Length", + length: 2, + data: b.getBytes(2), + value: s.readInt(2) + }; + + // Extensions + h.extensions = { + description: "Extensions", + length: h.extensionsLength.value, + data: b.getBytes(h.extensionsLength.value), + value: parseExtensions(s.getBytes(h.extensionsLength.value)) + }; + + return h; +} + +/** + * Parse a TLS Server Hello + * @param {Stream} s + * @param {Stream} b + * @param {Object} h + * @returns {JSON} + */ +function parseServerHello(s, b, h) { + // Hello version + h.helloVersion = { + description: "Server Hello Version", + length: 2, + data: b.getBytes(2), + value: s.readInt(2) + }; + + // Random + h.random = { + description: "Server Random", + length: 32, + data: b.getBytes(32), + value: s.getBytes(32) + }; + + // Session ID Length + h.sessionIDLength = { + description: "Session ID Length", + length: 1, + data: b.getBytes(1), + value: s.readInt(1) + }; + + // Session ID + h.sessionID = { + description: "Session ID", + length: h.sessionIDLength.value, + data: b.getBytes(h.sessionIDLength.value), + value: s.getBytes(h.sessionIDLength.value) + }; + + // Cipher Suite + h.cipherSuite = { + description: "Selected Cipher Suite", + length: 2, + data: b.getBytes(2), + value: CIPHER_SUITES_LOOKUP[s.readInt(2)] || "Unknown" + }; + + // Compression Method + h.compressionMethod = { + description: "Selected Compression Method", + length: 1, + data: b.getBytes(1), + value: s.readInt(1) // TODO: Compression method name here + }; + + // Extensions Length + h.extensionsLength = { + description: "Extensions Length", + length: 2, + data: b.getBytes(2), + value: s.readInt(2) + }; + + // Extensions + h.extensions = { + description: "Extensions", + length: h.extensionsLength.value, + data: b.getBytes(h.extensionsLength.value), + value: parseExtensions(s.getBytes(h.extensionsLength.value)) + }; +} + +/** + * Parse Cipher Suites + * @param {Uint8Array} bytes + * @returns {JSON} + */ +function parseCipherSuites(bytes) { + const s = new Stream(bytes); + const b = s.clone(); + const cs = []; + + while (s.hasMore()) { + cs.push({ + description: "Cipher Suite", + length: 2, + data: b.getBytes(2), + value: CIPHER_SUITES_LOOKUP[s.readInt(2)] || "Unknown" + }); + } + return cs; +} + +/** + * Parse Compression Methods + * @param {Uint8Array} bytes + * @returns {JSON} + */ +function parseCompressionMethods(bytes) { + const s = new Stream(bytes); + const b = s.clone(); + const cm = []; + + while (s.hasMore()) { + cm.push({ + description: "Compression Method", + length: 1, + data: b.getBytes(1), + value: s.readInt(1) // TODO: Compression method name here + }); + } + return cm; +} + +/** + * Parse Extensions + * @param {Uint8Array} bytes + * @returns {JSON} + */ +function parseExtensions(bytes) { + const s = new Stream(bytes); + const b = s.clone(); + + const exts = []; + while (s.hasMore()) { + const ext = {}; + + // Type + ext.type = { + description: "Extension Type", + length: 2, + data: b.getBytes(2), + value: EXTENSION_LOOKUP[s.readInt(2)] || "unknown" + }; + + // Length + ext.length = { + description: "Extension Length", + length: 2, + data: b.getBytes(2), + value: s.readInt(2) + }; + + // Value + ext.value = { + description: "Extension Value", + length: ext.length.value, + data: b.getBytes(ext.length.value), + value: s.getBytes(ext.length.value) + }; + + exts.push(ext); + } + + return exts; +} + +/** + * Extension type lookup table + */ +const EXTENSION_LOOKUP = { + 0: "server_name", + 1: "max_fragment_length", + 2: "client_certificate_url", + 3: "trusted_ca_keys", + 4: "truncated_hmac", + 5: "status_request", + 6: "user_mapping", + 7: "client_authz", + 8: "server_authz", + 9: "cert_type", + 10: "supported_groups", + 11: "ec_point_formats", + 12: "srp", + 13: "signature_algorithms", + 14: "use_srtp", + 15: "heartbeat", + 16: "application_layer_protocol_negotiation", + 17: "status_request_v2", + 18: "signed_certificate_timestamp", + 19: "client_certificate_type", + 20: "server_certificate_type", + 21: "padding", + 22: "encrypt_then_mac", + 23: "extended_master_secret", + 24: "token_binding", + 25: "cached_info", + 26: "tls_lts", + 27: "compress_certificate", + 28: "record_size_limit", + 29: "pwd_protect", + 30: "pwd_clear", + 31: "password_salt", + 32: "ticket_pinning", + 33: "tls_cert_with_extern_psk", + 34: "delegated_credential", + 35: "session_ticket", + 36: "TLMSP", + 37: "TLMSP_proxying", + 38: "TLMSP_delegate", + 39: "supported_ekt_ciphers", + 40: "Reserved", + 41: "pre_shared_key", + 42: "early_data", + 43: "supported_versions", + 44: "cookie", + 45: "psk_key_exchange_modes", + 46: "Reserved", + 47: "certificate_authorities", + 48: "oid_filters", + 49: "post_handshake_auth", + 50: "signature_algorithms_cert", + 51: "key_share", + 52: "transparency_info", + 53: "connection_id (deprecated)", + 54: "connection_id", + 55: "external_id_hash", + 56: "external_session_id", + 57: "quic_transport_parameters", + 58: "ticket_request", + 59: "dnssec_chain", + 60: "sequence_number_encryption_algorithms", + 61: "rrc", + 2570: "GREASE", + 6682: "GREASE", + 10794: "GREASE", + 14906: "GREASE", + 17513: "application_settings", + 19018: "GREASE", + 23130: "GREASE", + 27242: "GREASE", + 31354: "GREASE", + 35466: "GREASE", + 39578: "GREASE", + 43690: "GREASE", + 47802: "GREASE", + 51914: "GREASE", + 56026: "GREASE", + 60138: "GREASE", + 64250: "GREASE", + 64768: "ech_outer_extensions", + 65037: "encrypted_client_hello", + 65281: "renegotiation_info" +}; + +/** + * Cipher suites lookup table + */ +const CIPHER_SUITES_LOOKUP = { + 0x0000: "TLS_NULL_WITH_NULL_NULL", + 0x0001: "TLS_RSA_WITH_NULL_MD5", + 0x0002: "TLS_RSA_WITH_NULL_SHA", + 0x0003: "TLS_RSA_EXPORT_WITH_RC4_40_MD5", + 0x0004: "TLS_RSA_WITH_RC4_128_MD5", + 0x0005: "TLS_RSA_WITH_RC4_128_SHA", + 0x0006: "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", + 0x0007: "TLS_RSA_WITH_IDEA_CBC_SHA", + 0x0008: "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", + 0x0009: "TLS_RSA_WITH_DES_CBC_SHA", + 0x000A: "TLS_RSA_WITH_3DES_EDE_CBC_SHA", + 0x000B: "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", + 0x000C: "TLS_DH_DSS_WITH_DES_CBC_SHA", + 0x000D: "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", + 0x000E: "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", + 0x000F: "TLS_DH_RSA_WITH_DES_CBC_SHA", + 0x0010: "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", + 0x0011: "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + 0x0012: "TLS_DHE_DSS_WITH_DES_CBC_SHA", + 0x0013: "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + 0x0014: "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + 0x0015: "TLS_DHE_RSA_WITH_DES_CBC_SHA", + 0x0016: "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", + 0x0017: "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", + 0x0018: "TLS_DH_anon_WITH_RC4_128_MD5", + 0x0019: "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + 0x001A: "TLS_DH_anon_WITH_DES_CBC_SHA", + 0x001B: "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", + 0x001E: "TLS_KRB5_WITH_DES_CBC_SHA", + 0x001F: "TLS_KRB5_WITH_3DES_EDE_CBC_SHA", + 0x0020: "TLS_KRB5_WITH_RC4_128_SHA", + 0x0021: "TLS_KRB5_WITH_IDEA_CBC_SHA", + 0x0022: "TLS_KRB5_WITH_DES_CBC_MD5", + 0x0023: "TLS_KRB5_WITH_3DES_EDE_CBC_MD5", + 0x0024: "TLS_KRB5_WITH_RC4_128_MD5", + 0x0025: "TLS_KRB5_WITH_IDEA_CBC_MD5", + 0x0026: "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", + 0x0027: "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA", + 0x0028: "TLS_KRB5_EXPORT_WITH_RC4_40_SHA", + 0x0029: "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", + 0x002A: "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5", + 0x002B: "TLS_KRB5_EXPORT_WITH_RC4_40_MD5", + 0x002C: "TLS_PSK_WITH_NULL_SHA", + 0x002D: "TLS_DHE_PSK_WITH_NULL_SHA", + 0x002E: "TLS_RSA_PSK_WITH_NULL_SHA", + 0x002F: "TLS_RSA_WITH_AES_128_CBC_SHA", + 0x0030: "TLS_DH_DSS_WITH_AES_128_CBC_SHA", + 0x0031: "TLS_DH_RSA_WITH_AES_128_CBC_SHA", + 0x0032: "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + 0x0033: "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + 0x0034: "TLS_DH_anon_WITH_AES_128_CBC_SHA", + 0x0035: "TLS_RSA_WITH_AES_256_CBC_SHA", + 0x0036: "TLS_DH_DSS_WITH_AES_256_CBC_SHA", + 0x0037: "TLS_DH_RSA_WITH_AES_256_CBC_SHA", + 0x0038: "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", + 0x0039: "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + 0x003A: "TLS_DH_anon_WITH_AES_256_CBC_SHA", + 0x003B: "TLS_RSA_WITH_NULL_SHA256", + 0x003C: "TLS_RSA_WITH_AES_128_CBC_SHA256", + 0x003D: "TLS_RSA_WITH_AES_256_CBC_SHA256", + 0x003E: "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", + 0x003F: "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", + 0x0040: "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", + 0x0041: "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", + 0x0042: "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", + 0x0043: "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", + 0x0044: "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", + 0x0045: "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", + 0x0046: "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", + 0x0067: "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", + 0x0068: "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", + 0x0069: "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", + 0x006A: "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", + 0x006B: "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", + 0x006C: "TLS_DH_anon_WITH_AES_128_CBC_SHA256", + 0x006D: "TLS_DH_anon_WITH_AES_256_CBC_SHA256", + 0x0084: "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", + 0x0085: "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", + 0x0086: "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", + 0x0087: "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", + 0x0088: "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", + 0x0089: "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", + 0x008A: "TLS_PSK_WITH_RC4_128_SHA", + 0x008B: "TLS_PSK_WITH_3DES_EDE_CBC_SHA", + 0x008C: "TLS_PSK_WITH_AES_128_CBC_SHA", + 0x008D: "TLS_PSK_WITH_AES_256_CBC_SHA", + 0x008E: "TLS_DHE_PSK_WITH_RC4_128_SHA", + 0x008F: "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA", + 0x0090: "TLS_DHE_PSK_WITH_AES_128_CBC_SHA", + 0x0091: "TLS_DHE_PSK_WITH_AES_256_CBC_SHA", + 0x0092: "TLS_RSA_PSK_WITH_RC4_128_SHA", + 0x0093: "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA", + 0x0094: "TLS_RSA_PSK_WITH_AES_128_CBC_SHA", + 0x0095: "TLS_RSA_PSK_WITH_AES_256_CBC_SHA", + 0x0096: "TLS_RSA_WITH_SEED_CBC_SHA", + 0x0097: "TLS_DH_DSS_WITH_SEED_CBC_SHA", + 0x0098: "TLS_DH_RSA_WITH_SEED_CBC_SHA", + 0x0099: "TLS_DHE_DSS_WITH_SEED_CBC_SHA", + 0x009A: "TLS_DHE_RSA_WITH_SEED_CBC_SHA", + 0x009B: "TLS_DH_anon_WITH_SEED_CBC_SHA", + 0x009C: "TLS_RSA_WITH_AES_128_GCM_SHA256", + 0x009D: "TLS_RSA_WITH_AES_256_GCM_SHA384", + 0x009E: "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", + 0x009F: "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", + 0x00A0: "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", + 0x00A1: "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", + 0x00A2: "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", + 0x00A3: "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", + 0x00A4: "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", + 0x00A5: "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", + 0x00A6: "TLS_DH_anon_WITH_AES_128_GCM_SHA256", + 0x00A7: "TLS_DH_anon_WITH_AES_256_GCM_SHA384", + 0x00A8: "TLS_PSK_WITH_AES_128_GCM_SHA256", + 0x00A9: "TLS_PSK_WITH_AES_256_GCM_SHA384", + 0x00AA: "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256", + 0x00AB: "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384", + 0x00AC: "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256", + 0x00AD: "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384", + 0x00AE: "TLS_PSK_WITH_AES_128_CBC_SHA256", + 0x00AF: "TLS_PSK_WITH_AES_256_CBC_SHA384", + 0x00B0: "TLS_PSK_WITH_NULL_SHA256", + 0x00B1: "TLS_PSK_WITH_NULL_SHA384", + 0x00B2: "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256", + 0x00B3: "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384", + 0x00B4: "TLS_DHE_PSK_WITH_NULL_SHA256", + 0x00B5: "TLS_DHE_PSK_WITH_NULL_SHA384", + 0x00B6: "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256", + 0x00B7: "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384", + 0x00B8: "TLS_RSA_PSK_WITH_NULL_SHA256", + 0x00B9: "TLS_RSA_PSK_WITH_NULL_SHA384", + 0x00BA: "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", + 0x00BB: "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256", + 0x00BC: "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256", + 0x00BD: "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", + 0x00BE: "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + 0x00BF: "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256", + 0x00C0: "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", + 0x00C1: "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256", + 0x00C2: "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256", + 0x00C3: "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", + 0x00C4: "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", + 0x00C5: "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256", + 0x00C6: "TLS_SM4_GCM_SM3", + 0x00C7: "TLS_SM4_CCM_SM3", + 0x00FF: "TLS_EMPTY_RENEGOTIATION_INFO_SCSV", + 0x0A0A: "GREASE", + 0x1301: "TLS_AES_128_GCM_SHA256", + 0x1302: "TLS_AES_256_GCM_SHA384", + 0x1303: "TLS_CHACHA20_POLY1305_SHA256", + 0x1304: "TLS_AES_128_CCM_SHA256", + 0x1305: "TLS_AES_128_CCM_8_SHA256", + 0x1306: "TLS_AEGIS_256_SHA512", + 0x1307: "TLS_AEGIS_128L_SHA256", + 0x1A1A: "GREASE", + 0x2A2A: "GREASE", + 0x3A3A: "GREASE", + 0x4A4A: "GREASE", + 0x5600: "TLS_FALLBACK_SCSV", + 0x5A5A: "GREASE", + 0x6A6A: "GREASE", + 0x7A7A: "GREASE", + 0x8A8A: "GREASE", + 0x9A9A: "GREASE", + 0xAAAA: "GREASE", + 0xBABA: "GREASE", + 0xC001: "TLS_ECDH_ECDSA_WITH_NULL_SHA", + 0xC002: "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + 0xC003: "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + 0xC004: "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + 0xC005: "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + 0xC006: "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + 0xC007: "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + 0xC008: "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + 0xC009: "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + 0xC00A: "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + 0xC00B: "TLS_ECDH_RSA_WITH_NULL_SHA", + 0xC00C: "TLS_ECDH_RSA_WITH_RC4_128_SHA", + 0xC00D: "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + 0xC00E: "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + 0xC00F: "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + 0xC010: "TLS_ECDHE_RSA_WITH_NULL_SHA", + 0xC011: "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + 0xC012: "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + 0xC013: "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + 0xC014: "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + 0xC015: "TLS_ECDH_anon_WITH_NULL_SHA", + 0xC016: "TLS_ECDH_anon_WITH_RC4_128_SHA", + 0xC017: "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + 0xC018: "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + 0xC019: "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", + 0xC01A: "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA", + 0xC01B: "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA", + 0xC01C: "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA", + 0xC01D: "TLS_SRP_SHA_WITH_AES_128_CBC_SHA", + 0xC01E: "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA", + 0xC01F: "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA", + 0xC020: "TLS_SRP_SHA_WITH_AES_256_CBC_SHA", + 0xC021: "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA", + 0xC022: "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA", + 0xC023: "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", + 0xC024: "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", + 0xC025: "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", + 0xC026: "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", + 0xC027: "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", + 0xC028: "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", + 0xC029: "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", + 0xC02A: "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", + 0xC02B: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + 0xC02C: "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + 0xC02D: "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", + 0xC02E: "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", + 0xC02F: "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + 0xC030: "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + 0xC031: "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", + 0xC032: "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", + 0xC033: "TLS_ECDHE_PSK_WITH_RC4_128_SHA", + 0xC034: "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA", + 0xC035: "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA", + 0xC036: "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA", + 0xC037: "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256", + 0xC038: "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384", + 0xC039: "TLS_ECDHE_PSK_WITH_NULL_SHA", + 0xC03A: "TLS_ECDHE_PSK_WITH_NULL_SHA256", + 0xC03B: "TLS_ECDHE_PSK_WITH_NULL_SHA384", + 0xC03C: "TLS_RSA_WITH_ARIA_128_CBC_SHA256", + 0xC03D: "TLS_RSA_WITH_ARIA_256_CBC_SHA384", + 0xC03E: "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256", + 0xC03F: "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384", + 0xC040: "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256", + 0xC041: "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384", + 0xC042: "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256", + 0xC043: "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384", + 0xC044: "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256", + 0xC045: "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384", + 0xC046: "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256", + 0xC047: "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384", + 0xC048: "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256", + 0xC049: "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384", + 0xC04A: "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256", + 0xC04B: "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384", + 0xC04C: "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256", + 0xC04D: "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384", + 0xC04E: "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256", + 0xC04F: "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384", + 0xC050: "TLS_RSA_WITH_ARIA_128_GCM_SHA256", + 0xC051: "TLS_RSA_WITH_ARIA_256_GCM_SHA384", + 0xC052: "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", + 0xC053: "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", + 0xC054: "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256", + 0xC055: "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384", + 0xC056: "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", + 0xC057: "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", + 0xC058: "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256", + 0xC059: "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384", + 0xC05A: "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256", + 0xC05B: "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384", + 0xC05C: "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", + 0xC05D: "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", + 0xC05E: "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256", + 0xC05F: "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384", + 0xC060: "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", + 0xC061: "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", + 0xC062: "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256", + 0xC063: "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384", + 0xC064: "TLS_PSK_WITH_ARIA_128_CBC_SHA256", + 0xC065: "TLS_PSK_WITH_ARIA_256_CBC_SHA384", + 0xC066: "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256", + 0xC067: "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384", + 0xC068: "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256", + 0xC069: "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384", + 0xC06A: "TLS_PSK_WITH_ARIA_128_GCM_SHA256", + 0xC06B: "TLS_PSK_WITH_ARIA_256_GCM_SHA384", + 0xC06C: "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256", + 0xC06D: "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384", + 0xC06E: "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256", + 0xC06F: "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384", + 0xC070: "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256", + 0xC071: "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384", + 0xC072: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", + 0xC073: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", + 0xC074: "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", + 0xC075: "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", + 0xC076: "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", + 0xC077: "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", + 0xC078: "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256", + 0xC079: "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384", + 0xC07A: "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256", + 0xC07B: "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384", + 0xC07C: "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", + 0xC07D: "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", + 0xC07E: "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256", + 0xC07F: "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384", + 0xC080: "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256", + 0xC081: "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384", + 0xC082: "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256", + 0xC083: "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384", + 0xC084: "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256", + 0xC085: "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384", + 0xC086: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", + 0xC087: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", + 0xC088: "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", + 0xC089: "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", + 0xC08A: "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", + 0xC08B: "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", + 0xC08C: "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256", + 0xC08D: "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384", + 0xC08E: "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256", + 0xC08F: "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384", + 0xC090: "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256", + 0xC091: "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384", + 0xC092: "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256", + 0xC093: "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384", + 0xC094: "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256", + 0xC095: "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384", + 0xC096: "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256", + 0xC097: "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384", + 0xC098: "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256", + 0xC099: "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384", + 0xC09A: "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256", + 0xC09B: "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384", + 0xC09C: "TLS_RSA_WITH_AES_128_CCM", + 0xC09D: "TLS_RSA_WITH_AES_256_CCM", + 0xC09E: "TLS_DHE_RSA_WITH_AES_128_CCM", + 0xC09F: "TLS_DHE_RSA_WITH_AES_256_CCM", + 0xC0A0: "TLS_RSA_WITH_AES_128_CCM_8", + 0xC0A1: "TLS_RSA_WITH_AES_256_CCM_8", + 0xC0A2: "TLS_DHE_RSA_WITH_AES_128_CCM_8", + 0xC0A3: "TLS_DHE_RSA_WITH_AES_256_CCM_8", + 0xC0A4: "TLS_PSK_WITH_AES_128_CCM", + 0xC0A5: "TLS_PSK_WITH_AES_256_CCM", + 0xC0A6: "TLS_DHE_PSK_WITH_AES_128_CCM", + 0xC0A7: "TLS_DHE_PSK_WITH_AES_256_CCM", + 0xC0A8: "TLS_PSK_WITH_AES_128_CCM_8", + 0xC0A9: "TLS_PSK_WITH_AES_256_CCM_8", + 0xC0AA: "TLS_PSK_DHE_WITH_AES_128_CCM_8", + 0xC0AB: "TLS_PSK_DHE_WITH_AES_256_CCM_8", + 0xC0AC: "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", + 0xC0AD: "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", + 0xC0AE: "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", + 0xC0AF: "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", + 0xC0B0: "TLS_ECCPWD_WITH_AES_128_GCM_SHA256", + 0xC0B1: "TLS_ECCPWD_WITH_AES_256_GCM_SHA384", + 0xC0B2: "TLS_ECCPWD_WITH_AES_128_CCM_SHA256", + 0xC0B3: "TLS_ECCPWD_WITH_AES_256_CCM_SHA384", + 0xC0B4: "TLS_SHA256_SHA256", + 0xC0B5: "TLS_SHA384_SHA384", + 0xC100: "TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC", + 0xC101: "TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC", + 0xC102: "TLS_GOSTR341112_256_WITH_28147_CNT_IMIT", + 0xC103: "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L", + 0xC104: "TLS_GOSTR341112_256_WITH_MAGMA_MGM_L", + 0xC105: "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S", + 0xC106: "TLS_GOSTR341112_256_WITH_MAGMA_MGM_S", + 0xCACA: "GREASE", + 0xCCA8: "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + 0xCCA9: "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", + 0xCCAA: "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + 0xCCAB: "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256", + 0xCCAC: "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256", + 0xCCAD: "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256", + 0xCCAE: "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256", + 0xD001: "TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256", + 0xD002: "TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384", + 0xD003: "TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256", + 0xD005: "TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256", + 0xDADA: "GREASE", + 0xEAEA: "GREASE", + 0xFAFA: "GREASE", +}; + +/** + * GREASE values + */ +export const GREASE_VALUES = [ + 0x0a0a, + 0x1a1a, + 0x2a2a, + 0x3a3a, + 0x4a4a, + 0x5a5a, + 0x6a6a, + 0x7a7a, + 0x8a8a, + 0x9a9a, + 0xaaaa, + 0xbaba, + 0xcaca, + 0xdada, + 0xeaea, + 0xfafa +]; + +/** + * Parses the supported_versions extension and returns the highest supported version. + * @param {Uint8Array} bytes + * @returns {number} + */ +export function parseHighestSupportedVersion(bytes) { + const s = new Stream(bytes); + + // The Server Hello supported_versions extension simply contains the chosen version + if (s.length === 2) { + return s.readInt(2); + } + + // Length + let i = s.readInt(1); + + let highestVersion = 0; + while (s.hasMore() && i-- > 0) { + const v = s.readInt(2); + if (GREASE_VALUES.includes(v)) continue; + if (v > highestVersion) highestVersion = v; + } + + return highestVersion; +} + +/** + * Parses the application_layer_protocol_negotiation extension and returns the first value. + * @param {Uint8Array} bytes + * @returns {number} + */ +export function parseFirstALPNValue(bytes) { + const s = new Stream(bytes); + const alpnExtLen = s.readInt(2); + if (alpnExtLen < 3) return "00"; + const strLen = s.readInt(1); + if (strLen < 2) return "00"; + return s.readString(strLen); +} diff --git a/src/core/lib/XXTEA.mjs b/src/core/lib/XXTEA.mjs new file mode 100644 index 00000000..6d556fc5 --- /dev/null +++ b/src/core/lib/XXTEA.mjs @@ -0,0 +1,174 @@ +/** + * XXTEA library + * + * Encryption Algorithm Authors: + * David J. Wheeler + * Roger M. Needham + * + * @author Ma Bingyao [mabingyao@gmail.com] + * @author n1474335 [n1474335@gmail.com] + * @license MIT + */ + +const DELTA = 0x9E3779B9; + +/** + * Convert a buffer to a Uint8Array + * @param {Uint32Array} v + * @param {boolean} includeLength + * @returns {Uint8Array} + */ +function toUint8Array(v, includeLength) { + const length = v.length; + let n = length << 2; + if (includeLength) { + const m = v[length - 1]; + n -= 4; + if ((m < n - 3) || (m > n)) { + return null; + } + n = m; + } + const bytes = new Uint8Array(n); + for (let i = 0; i < n; i++) { + bytes[i] = v[i >> 2] >> ((i & 3) << 3); + } + return bytes; +} + +/** + * Convert a buffer to a Uint32Array + * @param {TypedArray} bs + * @param {boolean} includeLength + * @returns {Uint32Array} + */ +function toUint32Array(bs, includeLength) { + const length = bs.length; + let n = length >> 2; + if ((length & 3) !== 0) { + ++n; + } + let v; + if (includeLength) { + v = new Uint32Array(n + 1); + v[n] = length; + } else { + v = new Uint32Array(n); + } + for (let i = 0; i < length; ++i) { + v[i >> 2] |= bs[i] << ((i & 3) << 3); + } + return v; +} + +/** + * Mask an int to 32 bits + * @param {number} i + * @returns {number} + */ +function int32(i) { + return i & 0xFFFFFFFF; +} + +/** + * MX function for data randomisation + * @param {number} sum + * @param {number} y + * @param {number} z + * @param {number} p + * @param {number} e + * @param {number} k + * @returns {number} + */ +function mx(sum, y, z, p, e, k) { + return ((z >>> 5 ^ y << 2) + (y >>> 3 ^ z << 4)) ^ ((sum ^ y) + (k[p & 3 ^ e] ^ z)); +} + +/** + * Ensure an array is a multiple of 16 bits + * @param {TypedArray} k + * @returns {TypedArray} + */ +function fixk(k) { + if (k.length < 16) { + const key = new Uint8Array(16); + key.set(k); + return key; + } + return k; +} + +/** + * Performs XXTEA encryption on a Uint32Array + * @param {Uint32Array} v + * @param {Uint32Array} k + * @returns {Uint32Array} + */ +function encryptUint32Array(v, k) { + const length = v.length; + const n = length - 1; + let y, z, sum, e, p, q; + z = v[n]; + sum = 0; + for (q = Math.floor(6 + 52 / length) | 0; q > 0; --q) { + sum = int32(sum + DELTA); + e = sum >>> 2 & 3; + for (p = 0; p < n; ++p) { + y = v[p + 1]; + z = v[p] = int32(v[p] + mx(sum, y, z, p, e, k)); + } + y = v[0]; + z = v[n] = int32(v[n] + mx(sum, y, z, n, e, k)); + } + return v; +} + +/** + * Performs XXTEA decryption on a Uint32Array + * @param {Uint32Array} v + * @param {Uint32Array} k + * @returns {Uint32Array} + */ +function decryptUint32Array(v, k) { + const length = v.length; + const n = length - 1; + let y, z, sum, e, p; + y = v[0]; + const q = Math.floor(6 + 52 / length); + for (sum = int32(q * DELTA); sum !== 0; sum = int32(sum - DELTA)) { + e = sum >>> 2 & 3; + for (p = n; p > 0; --p) { + z = v[p - 1]; + y = v[p] = int32(v[p] - mx(sum, y, z, p, e, k)); + } + z = v[n]; + y = v[0] = int32(v[0] - mx(sum, y, z, 0, e, k)); + } + return v; +} + +/** + * Encrypt function + * @param {TypedArray} data + * @param {TypedArray} key + * @returns {Uint8Array} + */ +export function encrypt(data, key) { + if (data === undefined || data === null || data.length === 0) { + return data; + } + return toUint8Array(encryptUint32Array(toUint32Array(data, true), toUint32Array(fixk(key), false)), false); +} + +/** + * Decrypt function + * @param {TypedArray} data + * @param {TypedArray} key + * @returns {Uint8Array} + */ +export function decrypt(data, key) { + if (data === undefined || data === null || data.length === 0) { + return data; + } + return toUint8Array(decryptUint32Array(toUint32Array(data, false), toUint32Array(fixk(key), false)), true); +} diff --git a/src/core/operations/BlowfishDecrypt.mjs b/src/core/operations/BlowfishDecrypt.mjs index f7dc8d17..43d6718a 100644 --- a/src/core/operations/BlowfishDecrypt.mjs +++ b/src/core/operations/BlowfishDecrypt.mjs @@ -70,10 +70,14 @@ class BlowfishDecrypt extends Operation { inputType = args[3], outputType = args[4]; - if (key.length !== 8) { + if (key.length < 4 || key.length > 56) { throw new OperationError(`Invalid key length: ${key.length} bytes -Blowfish uses a key length of 8 bytes (64 bits).`); +Blowfish's key length needs to be between 4 and 56 bytes (32-448 bits).`); + } + + if (iv.length !== 8) { + throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes`); } input = Utils.convertToByteString(input, inputType); diff --git a/src/core/operations/BlowfishEncrypt.mjs b/src/core/operations/BlowfishEncrypt.mjs index 2cf3672b..eab3d286 100644 --- a/src/core/operations/BlowfishEncrypt.mjs +++ b/src/core/operations/BlowfishEncrypt.mjs @@ -70,10 +70,14 @@ class BlowfishEncrypt extends Operation { inputType = args[3], outputType = args[4]; - if (key.length !== 8) { + if (key.length < 4 || key.length > 56) { throw new OperationError(`Invalid key length: ${key.length} bytes + +Blowfish's key length needs to be between 4 and 56 bytes (32-448 bits).`); + } -Blowfish uses a key length of 8 bytes (64 bits).`); + if (iv.length !== 8) { + throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes`); } input = Utils.convertToByteString(input, inputType); diff --git a/src/core/operations/CSSSelector.mjs b/src/core/operations/CSSSelector.mjs index d6b8da11..639726c4 100644 --- a/src/core/operations/CSSSelector.mjs +++ b/src/core/operations/CSSSelector.mjs @@ -6,7 +6,7 @@ import Operation from "../Operation.mjs"; import OperationError from "../errors/OperationError.mjs"; -import xmldom from "xmldom"; +import xmldom from "@xmldom/xmldom"; import nwmatcher from "nwmatcher"; /** diff --git a/src/core/operations/ChaCha.mjs b/src/core/operations/ChaCha.mjs index 166c1663..2d186d35 100644 --- a/src/core/operations/ChaCha.mjs +++ b/src/core/operations/ChaCha.mjs @@ -100,7 +100,7 @@ class ChaCha extends Operation { super(); this.name = "ChaCha"; - this.module = "Default"; + this.module = "Ciphers"; this.description = "ChaCha is a stream cipher designed by Daniel J. Bernstein. It is a variant of the Salsa stream cipher. Several parameterizations exist; 'ChaCha' may refer to the original construction, or to the variant as described in RFC-8439. ChaCha is often used with Poly1305, in the ChaCha20-Poly1305 AEAD construction.

Key: ChaCha uses a key of 16 or 32 bytes (128 or 256 bits).

Nonce: ChaCha uses a nonce of 8 or 12 bytes (64 or 96 bits).

Counter: ChaCha uses a counter of 4 or 8 bytes (32 or 64 bits); together, the nonce and counter must add up to 16 bytes. The counter starts at zero at the start of the keystream, and is incremented at every 64 bytes."; this.infoURL = "https://wikipedia.org/wiki/Salsa20#ChaCha_variant"; this.inputType = "string"; @@ -191,7 +191,7 @@ ChaCha uses a nonce of 8 or 12 bytes (64 or 96 bits).`); if (outputType === "Hex") { return toHex(output); } else { - return Utils.arrayBufferToStr(output); + return Utils.arrayBufferToStr(Uint8Array.from(output).buffer); } } diff --git a/src/core/operations/DateTimeDelta.mjs b/src/core/operations/DateTimeDelta.mjs new file mode 100644 index 00000000..7f82cf01 --- /dev/null +++ b/src/core/operations/DateTimeDelta.mjs @@ -0,0 +1,107 @@ +/** + * @author tomgond [tom.gonda@gmail.com] + * @copyright Crown Copyright 2024 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import moment from "moment-timezone"; +import {DATETIME_FORMATS, FORMAT_EXAMPLES} from "../lib/DateTime.mjs"; + +/** + * DateTime Delta operation + */ +class DateTimeDelta extends Operation { + + /** + * DateTimeDelta constructor + */ + constructor() { + super(); + + this.name = "DateTime Delta"; + this.module = "Default"; + this.description = "Calculates a new DateTime value given an input DateTime value and a time difference (delta) from the input DateTime value."; + this.inputType = "string"; + this.outputType = "html"; + this.args = [ + { + "name": "Built in formats", + "type": "populateOption", + "value": DATETIME_FORMATS, + "target": 1 + }, + { + "name": "Input format string", + "type": "binaryString", + "value": "DD/MM/YYYY HH:mm:ss" + }, + { + "name": "Time Operation", + "type": "option", + "value": ["Add", "Subtract"] + }, + { + "name": "Days", + "type": "number", + "value": 0 + }, + { + "name": "Hours", + "type": "number", + "value": 0 + }, + { + "name": "Minutes", + "type": "number", + "value": 0 + }, + { + "name": "Seconds", + "type": "number", + "value": 0 + } + + ]; + } + + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const inputTimezone = "UTC"; + const inputFormat = args[1]; + const operationType = args[2]; + const daysDelta = args[3]; + const hoursDelta = args[4]; + const minutesDelta = args[5]; + const secondsDelta = args[6]; + let date = ""; + + try { + date = moment.tz(input, inputFormat, inputTimezone); + if (!date || date.format() === "Invalid date") throw Error; + } catch (err) { + return `Invalid format.\n\n${FORMAT_EXAMPLES}`; + } + let newDate; + if (operationType === "Add") { + newDate = date.add(daysDelta, "days") + .add(hoursDelta, "hours") + .add(minutesDelta, "minutes") + .add(secondsDelta, "seconds"); + + } else { + newDate = date.add(-daysDelta, "days") + .add(-hoursDelta, "hours") + .add(-minutesDelta, "minutes") + .add(-secondsDelta, "seconds"); + } + return newDate.tz(inputTimezone).format(inputFormat.replace(/[<>]/g, "")); + } +} + +export default DateTimeDelta; diff --git a/src/core/operations/DeriveEVPKey.mjs b/src/core/operations/DeriveEVPKey.mjs index 5885f892..3d67aa51 100644 --- a/src/core/operations/DeriveEVPKey.mjs +++ b/src/core/operations/DeriveEVPKey.mjs @@ -62,11 +62,13 @@ class DeriveEVPKey extends Operation { * @returns {string} */ run(input, args) { - const passphrase = Utils.convertToByteString(args[0].string, args[0].option), + const passphrase = CryptoJS.enc.Latin1.parse( + Utils.convertToByteString(args[0].string, args[0].option)), keySize = args[1] / 32, iterations = args[2], hasher = args[3], - salt = Utils.convertToByteString(args[4].string, args[4].option), + salt = CryptoJS.enc.Latin1.parse( + Utils.convertToByteString(args[4].string, args[4].option)), key = CryptoJS.EvpKDF(passphrase, salt, { // lgtm [js/insufficient-password-hash] keySize: keySize, hasher: CryptoJS.algo[hasher], diff --git a/src/core/operations/ECDSASign.mjs b/src/core/operations/ECDSASign.mjs new file mode 100644 index 00000000..7b8f57f1 --- /dev/null +++ b/src/core/operations/ECDSASign.mjs @@ -0,0 +1,107 @@ +/** + * @author cplussharp + * @copyright Crown Copyright 2021 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import OperationError from "../errors/OperationError.mjs"; +import { fromHex } from "../lib/Hex.mjs"; +import { toBase64 } from "../lib/Base64.mjs"; +import r from "jsrsasign"; + +/** + * ECDSA Sign operation + */ +class ECDSASign extends Operation { + + /** + * ECDSASign constructor + */ + constructor() { + super(); + + this.name = "ECDSA Sign"; + this.module = "Ciphers"; + this.description = "Sign a plaintext message with a PEM encoded EC key."; + this.infoURL = "https://wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + name: "ECDSA Private Key (PEM)", + type: "text", + value: "-----BEGIN EC PRIVATE KEY-----" + }, + { + name: "Message Digest Algorithm", + type: "option", + value: [ + "SHA-256", + "SHA-384", + "SHA-512", + "SHA-1", + "MD5" + ] + }, + { + name: "Output Format", + type: "option", + value: [ + "ASN.1 HEX", + "P1363 HEX", + "JSON Web Signature", + "Raw JSON" + ] + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const [keyPem, mdAlgo, outputFormat] = args; + + if (keyPem.replace("-----BEGIN EC PRIVATE KEY-----", "").length === 0) { + throw new OperationError("Please enter a private key."); + } + + const internalAlgorithmName = mdAlgo.replace("-", "") + "withECDSA"; + const sig = new r.KJUR.crypto.Signature({ alg: internalAlgorithmName }); + const key = r.KEYUTIL.getKey(keyPem); + if (key.type !== "EC") { + throw new OperationError("Provided key is not an EC key."); + } + if (!key.isPrivate) { + throw new OperationError("Provided key is not a private key."); + } + sig.init(key); + const signatureASN1Hex = sig.signString(input); + + let result; + switch (outputFormat) { + case "ASN.1 HEX": + result = signatureASN1Hex; + break; + case "P1363 HEX": + result = r.KJUR.crypto.ECDSA.asn1SigToConcatSig(signatureASN1Hex); + break; + case "JSON Web Signature": + result = r.KJUR.crypto.ECDSA.asn1SigToConcatSig(signatureASN1Hex); + result = toBase64(fromHex(result), "A-Za-z0-9-_"); // base64url + break; + case "Raw JSON": { + const signatureRS = r.KJUR.crypto.ECDSA.parseSigHexInHexRS(signatureASN1Hex); + result = JSON.stringify(signatureRS); + break; + } + } + + return result; + } +} + +export default ECDSASign; diff --git a/src/core/operations/ECDSASignatureConversion.mjs b/src/core/operations/ECDSASignatureConversion.mjs new file mode 100644 index 00000000..3f6c6bfb --- /dev/null +++ b/src/core/operations/ECDSASignatureConversion.mjs @@ -0,0 +1,146 @@ +/** + * @author cplussharp + * @copyright Crown Copyright 2021 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import OperationError from "../errors/OperationError.mjs"; +import { fromBase64, toBase64 } from "../lib/Base64.mjs"; +import { fromHex, toHexFast } from "../lib/Hex.mjs"; +import r from "jsrsasign"; + +/** + * ECDSA Sign operation + */ +class ECDSASignatureConversion extends Operation { + + /** + * ECDSASignatureConversion constructor + */ + constructor() { + super(); + + this.name = "ECDSA Signature Conversion"; + this.module = "Ciphers"; + this.description = "Convert an ECDSA signature between hex, asn1 and json."; + this.infoURL = "https://wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + name: "Input Format", + type: "option", + value: [ + "Auto", + "ASN.1 HEX", + "P1363 HEX", + "JSON Web Signature", + "Raw JSON" + ] + }, + { + name: "Output Format", + type: "option", + value: [ + "ASN.1 HEX", + "P1363 HEX", + "JSON Web Signature", + "Raw JSON" + ] + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + let inputFormat = args[0]; + const outputFormat = args[1]; + + // detect input format + let inputJson; + if (inputFormat === "Auto") { + try { + inputJson = JSON.parse(input); + if (typeof(inputJson) === "object") { + inputFormat = "Raw JSON"; + } + } catch {} + } + + if (inputFormat === "Auto") { + const hexRegex = /^[a-f\d]{2,}$/gi; + if (hexRegex.test(input)) { + if (input.substring(0, 2) === "30" && r.ASN1HEX.isASN1HEX(input)) { + inputFormat = "ASN.1 HEX"; + } else { + inputFormat = "P1363 HEX"; + } + } + } + + let inputBase64; + if (inputFormat === "Auto") { + try { + inputBase64 = fromBase64(input, "A-Za-z0-9-_", false); + inputFormat = "JSON Web Signature"; + } catch {} + } + + // convert input to ASN.1 hex + let signatureASN1Hex; + switch (inputFormat) { + case "Auto": + throw new OperationError("Signature format could not be detected"); + case "ASN.1 HEX": + signatureASN1Hex = input; + break; + case "P1363 HEX": + signatureASN1Hex = r.KJUR.crypto.ECDSA.concatSigToASN1Sig(input); + break; + case "JSON Web Signature": + if (!inputBase64) inputBase64 = fromBase64(input, "A-Za-z0-9-_"); + signatureASN1Hex = r.KJUR.crypto.ECDSA.concatSigToASN1Sig(toHexFast(inputBase64)); + break; + case "Raw JSON": { + if (!inputJson) inputJson = JSON.parse(input); + if (!inputJson.r) { + throw new OperationError('No "r" value in the signature JSON'); + } + if (!inputJson.s) { + throw new OperationError('No "s" value in the signature JSON'); + } + signatureASN1Hex = r.KJUR.crypto.ECDSA.hexRSSigToASN1Sig(inputJson.r, inputJson.s); + break; + } + } + + // convert ASN.1 hex to output format + let result; + switch (outputFormat) { + case "ASN.1 HEX": + result = signatureASN1Hex; + break; + case "P1363 HEX": + result = r.KJUR.crypto.ECDSA.asn1SigToConcatSig(signatureASN1Hex); + break; + case "JSON Web Signature": + result = r.KJUR.crypto.ECDSA.asn1SigToConcatSig(signatureASN1Hex); + result = toBase64(fromHex(result), "A-Za-z0-9-_"); // base64url + break; + case "Raw JSON": { + const signatureRS = r.KJUR.crypto.ECDSA.parseSigHexInHexRS(signatureASN1Hex); + result = JSON.stringify(signatureRS); + break; + } + } + + return result; + } +} + +export default ECDSASignatureConversion; diff --git a/src/core/operations/ECDSAVerify.mjs b/src/core/operations/ECDSAVerify.mjs new file mode 100644 index 00000000..7e46e867 --- /dev/null +++ b/src/core/operations/ECDSAVerify.mjs @@ -0,0 +1,154 @@ +/** + * @author cplussharp + * @copyright Crown Copyright 2021 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import OperationError from "../errors/OperationError.mjs"; +import { fromBase64 } from "../lib/Base64.mjs"; +import { toHexFast } from "../lib/Hex.mjs"; +import r from "jsrsasign"; + +/** + * ECDSA Verify operation + */ +class ECDSAVerify extends Operation { + + /** + * ECDSAVerify constructor + */ + constructor() { + super(); + + this.name = "ECDSA Verify"; + this.module = "Ciphers"; + this.description = "Verify a message against a signature and a public PEM encoded EC key."; + this.infoURL = "https://wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + name: "Input Format", + type: "option", + value: [ + "Auto", + "ASN.1 HEX", + "P1363 HEX", + "JSON Web Signature", + "Raw JSON" + ] + }, + { + name: "Message Digest Algorithm", + type: "option", + value: [ + "SHA-256", + "SHA-384", + "SHA-512", + "SHA-1", + "MD5" + ] + }, + { + name: "ECDSA Public Key (PEM)", + type: "text", + value: "-----BEGIN PUBLIC KEY-----" + }, + { + name: "Message", + type: "text", + value: "" + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + let inputFormat = args[0]; + const [, mdAlgo, keyPem, msg] = args; + + if (keyPem.replace("-----BEGIN PUBLIC KEY-----", "").length === 0) { + throw new OperationError("Please enter a public key."); + } + + // detect input format + let inputJson; + if (inputFormat === "Auto") { + try { + inputJson = JSON.parse(input); + if (typeof(inputJson) === "object") { + inputFormat = "Raw JSON"; + } + } catch {} + } + + if (inputFormat === "Auto") { + const hexRegex = /^[a-f\d]{2,}$/gi; + if (hexRegex.test(input)) { + if (input.substring(0, 2) === "30" && r.ASN1HEX.isASN1HEX(input)) { + inputFormat = "ASN.1 HEX"; + } else { + inputFormat = "P1363 HEX"; + } + } + } + + let inputBase64; + if (inputFormat === "Auto") { + try { + inputBase64 = fromBase64(input, "A-Za-z0-9-_", false); + inputFormat = "JSON Web Signature"; + } catch {} + } + + // convert to ASN.1 signature + let signatureASN1Hex; + switch (inputFormat) { + case "Auto": + throw new OperationError("Signature format could not be detected"); + case "ASN.1 HEX": + signatureASN1Hex = input; + break; + case "P1363 HEX": + signatureASN1Hex = r.KJUR.crypto.ECDSA.concatSigToASN1Sig(input); + break; + case "JSON Web Signature": + if (!inputBase64) inputBase64 = fromBase64(input, "A-Za-z0-9-_"); + signatureASN1Hex = r.KJUR.crypto.ECDSA.concatSigToASN1Sig(toHexFast(inputBase64)); + break; + case "Raw JSON": { + if (!inputJson) inputJson = JSON.parse(input); + if (!inputJson.r) { + throw new OperationError('No "r" value in the signature JSON'); + } + if (!inputJson.s) { + throw new OperationError('No "s" value in the signature JSON'); + } + signatureASN1Hex = r.KJUR.crypto.ECDSA.hexRSSigToASN1Sig(inputJson.r, inputJson.s); + break; + } + } + + // verify signature + const internalAlgorithmName = mdAlgo.replace("-", "") + "withECDSA"; + const sig = new r.KJUR.crypto.Signature({ alg: internalAlgorithmName }); + const key = r.KEYUTIL.getKey(keyPem); + if (key.type !== "EC") { + throw new OperationError("Provided key is not an EC key."); + } + if (!key.isPublic) { + throw new OperationError("Provided key is not a public key."); + } + sig.init(key); + sig.updateString(msg); + const result = sig.verify(signatureASN1Hex); + return result ? "Verified OK" : "Verification Failure"; + } +} + +export default ECDSAVerify; diff --git a/src/core/operations/ExtractHashes.mjs b/src/core/operations/ExtractHashes.mjs new file mode 100644 index 00000000..fd50089f --- /dev/null +++ b/src/core/operations/ExtractHashes.mjs @@ -0,0 +1,84 @@ +/** + * @author mshwed [m@ttshwed.com] + * @copyright Crown Copyright 2019 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import { search } from "../lib/Extract.mjs"; + +/** + * Extract Hash Values operation + */ +class ExtractHashes extends Operation { + + /** + * ExtractHashValues constructor + */ + constructor() { + super(); + + this.name = "Extract hashes"; + this.module = "Regex"; + this.description = "Extracts potential hashes based on hash character length"; + this.infoURL = "https://wikipedia.org/wiki/Comparison_of_cryptographic_hash_functions"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + name: "Hash character length", + type: "number", + value: 40 + }, + { + name: "All hashes", + type: "boolean", + value: false + }, + { + name: "Display Total", + type: "boolean", + value: false + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const results = []; + let hashCount = 0; + + const [hashLength, searchAllHashes, showDisplayTotal] = args; + + // Convert character length to bit length + let hashBitLengths = [(hashLength / 2) * 8]; + + if (searchAllHashes) hashBitLengths = [4, 8, 16, 32, 64, 128, 160, 192, 224, 256, 320, 384, 512, 1024]; + + for (const hashBitLength of hashBitLengths) { + // Convert bit length to character length + const hashCharacterLength = (hashBitLength / 8) * 2; + + const regex = new RegExp(`(\\b|^)[a-f0-9]{${hashCharacterLength}}(\\b|$)`, "g"); + const searchResults = search(input, regex, null, false); + + hashCount += searchResults.length; + results.push(...searchResults); + } + + let output = ""; + if (showDisplayTotal) { + output = `Total Results: ${hashCount}\n\n`; + } + + output = output + results.join("\n"); + return output; + } + +} + +export default ExtractHashes; diff --git a/src/core/operations/FangURL.mjs b/src/core/operations/FangURL.mjs new file mode 100644 index 00000000..ad5bf525 --- /dev/null +++ b/src/core/operations/FangURL.mjs @@ -0,0 +1,78 @@ +/** + * @author arnydo [github@arnydo.com] + * @copyright Crown Copyright 2019 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; + +/** + * FangURL operation + */ +class FangURL extends Operation { + + /** + * FangURL constructor + */ + constructor() { + super(); + + this.name = "Fang URL"; + this.module = "Default"; + this.description = "Takes a 'Defanged' Universal Resource Locator (URL) and 'Fangs' it. Meaning, it removes the alterations (defanged) that render it useless so that it can be used again."; + this.infoURL = "https://isc.sans.edu/forums/diary/Defang+all+the+things/22744/"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + name: "Restore [.]", + type: "boolean", + value: true + }, + { + name: "Restore hxxp", + type: "boolean", + value: true + }, + { + name: "Restore ://", + type: "boolean", + value: true + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const [dots, http, slashes] = args; + + input = fangURL(input, dots, http, slashes); + + return input; + } + +} + + +/** + * Defangs a given URL + * + * @param {string} url + * @param {boolean} dots + * @param {boolean} http + * @param {boolean} slashes + * @returns {string} + */ +function fangURL(url, dots, http, slashes) { + if (dots) url = url.replace(/\[\.\]/g, "."); + if (http) url = url.replace(/hxxp/g, "http"); + if (slashes) url = url.replace(/\[:\/\/\]/g, "://"); + + return url; +} + +export default FangURL; diff --git a/src/core/operations/FileTree.mjs b/src/core/operations/FileTree.mjs index 8321f8f5..9484313f 100644 --- a/src/core/operations/FileTree.mjs +++ b/src/core/operations/FileTree.mjs @@ -1,6 +1,6 @@ /** * @author sw5678 - * @copyright Crown Copyright 2016 + * @copyright Crown Copyright 2023 * @license Apache-2.0 */ @@ -21,7 +21,8 @@ class FileTree extends Operation { this.name = "File Tree"; this.module = "Default"; - this.description = "Creates file tree from list of file paths (similar to the tree command in Linux)"; + this.description = "Creates a file tree from a list of file paths (similar to the tree command in Linux)"; + this.infoURL = "https://wikipedia.org/wiki/Tree_(command)"; this.inputType = "string"; this.outputType = "string"; this.args = [ diff --git a/src/core/operations/FromBase58.mjs b/src/core/operations/FromBase58.mjs index f5a9ac3d..cb491159 100644 --- a/src/core/operations/FromBase58.mjs +++ b/src/core/operations/FromBase58.mjs @@ -60,7 +60,7 @@ class FromBase58 extends Operation { run(input, args) { let alphabet = args[0] || ALPHABET_OPTIONS[0].value; const removeNonAlphaChars = args[1] === undefined ? true : args[1], - result = [0]; + result = []; alphabet = Utils.expandAlphRange(alphabet).join(""); @@ -87,11 +87,9 @@ class FromBase58 extends Operation { } } - let carry = result[0] * 58 + index; - result[0] = carry & 0xFF; - carry = carry >> 8; + let carry = index; - for (let i = 1; i < result.length; i++) { + for (let i = 0; i < result.length; i++) { carry += result[i] * 58; result[i] = carry & 0xFF; carry = carry >> 8; diff --git a/src/core/operations/FromFloat.mjs b/src/core/operations/FromFloat.mjs new file mode 100644 index 00000000..8bf56d81 --- /dev/null +++ b/src/core/operations/FromFloat.mjs @@ -0,0 +1,78 @@ +/** + * @author tcode2k16 [tcode2k16@gmail.com] + * @copyright Crown Copyright 2019 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import Utils from "../Utils.mjs"; +import ieee754 from "ieee754"; +import {DELIM_OPTIONS} from "../lib/Delim.mjs"; + +/** + * From Float operation + */ +class FromFloat extends Operation { + + /** + * FromFloat constructor + */ + constructor() { + super(); + + this.name = "From Float"; + this.module = "Default"; + this.description = "Convert from IEEE754 Floating Point Numbers"; + this.infoURL = "https://wikipedia.org/wiki/IEEE_754"; + this.inputType = "string"; + this.outputType = "byteArray"; + this.args = [ + { + "name": "Endianness", + "type": "option", + "value": [ + "Big Endian", + "Little Endian" + ] + }, + { + "name": "Size", + "type": "option", + "value": [ + "Float (4 bytes)", + "Double (8 bytes)" + ] + }, + { + "name": "Delimiter", + "type": "option", + "value": DELIM_OPTIONS + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {byteArray} + */ + run(input, args) { + if (input.length === 0) return []; + + const [endianness, size, delimiterName] = args; + const delim = Utils.charRep(delimiterName || "Space"); + const byteSize = size === "Double (8 bytes)" ? 8 : 4; + const isLE = endianness === "Little Endian"; + const mLen = byteSize === 4 ? 23 : 52; + const floats = input.split(delim); + + const output = new Array(floats.length*byteSize); + for (let i = 0; i < floats.length; i++) { + ieee754.write(output, parseFloat(floats[i]), i*byteSize, isLE, mLen, byteSize); + } + return output; + } + +} + +export default FromFloat; diff --git a/src/core/operations/GOSTDecrypt.mjs b/src/core/operations/GOSTDecrypt.mjs index 8259a0d4..e9699f84 100644 --- a/src/core/operations/GOSTDecrypt.mjs +++ b/src/core/operations/GOSTDecrypt.mjs @@ -55,22 +55,19 @@ class GOSTDecrypt extends Operation { type: "argSelector", value: [ { - name: "GOST 28147 (Magma, 1989)", - off: [5], + name: "GOST 28147 (1989)", on: [6] }, + { + name: "GOST R 34.12 (Magma, 2015)", + off: [5] + }, { name: "GOST R 34.12 (Kuznyechik, 2015)", - on: [5], - off: [6] + off: [5] } ] }, - { - name: "Block length", - type: "option", - value: ["64", "128"] - }, { name: "sBox", type: "option", @@ -100,14 +97,30 @@ class GOSTDecrypt extends Operation { * @returns {string} */ async run(input, args) { - const [keyObj, ivObj, inputType, outputType, version, length, sBox, blockMode, keyMeshing, padding] = args; + const [keyObj, ivObj, inputType, outputType, version, sBox, blockMode, keyMeshing, padding] = args; const key = toHexFast(Utils.convertToByteArray(keyObj.string, keyObj.option)); const iv = toHexFast(Utils.convertToByteArray(ivObj.string, ivObj.option)); input = inputType === "Hex" ? input : toHexFast(Utils.strToArrayBuffer(input)); - const versionNum = version === "GOST 28147 (Magma, 1989)" ? 1989 : 2015; - const blockLength = versionNum === 1989 ? 64 : parseInt(length, 10); + let blockLength, versionNum; + switch (version) { + case "GOST 28147 (1989)": + versionNum = 1989; + blockLength = 64; + break; + case "GOST R 34.12 (Magma, 2015)": + versionNum = 2015; + blockLength = 64; + break; + case "GOST R 34.12 (Kuznyechik, 2015)": + versionNum = 2015; + blockLength = 128; + break; + default: + throw new OperationError(`Unknown algorithm version: ${version}`); + } + const sBoxVal = versionNum === 1989 ? sBox : null; const algorithm = { diff --git a/src/core/operations/GOSTEncrypt.mjs b/src/core/operations/GOSTEncrypt.mjs index ce92ecda..cb67476c 100644 --- a/src/core/operations/GOSTEncrypt.mjs +++ b/src/core/operations/GOSTEncrypt.mjs @@ -55,22 +55,19 @@ class GOSTEncrypt extends Operation { type: "argSelector", value: [ { - name: "GOST 28147 (Magma, 1989)", - off: [5], + name: "GOST 28147 (1989)", on: [6] }, + { + name: "GOST R 34.12 (Magma, 2015)", + off: [5] + }, { name: "GOST R 34.12 (Kuznyechik, 2015)", - on: [5], - off: [6] + off: [5] } ] }, - { - name: "Block length", - type: "option", - value: ["64", "128"] - }, { name: "sBox", type: "option", @@ -100,14 +97,30 @@ class GOSTEncrypt extends Operation { * @returns {string} */ async run(input, args) { - const [keyObj, ivObj, inputType, outputType, version, length, sBox, blockMode, keyMeshing, padding] = args; + const [keyObj, ivObj, inputType, outputType, version, sBox, blockMode, keyMeshing, padding] = args; const key = toHexFast(Utils.convertToByteArray(keyObj.string, keyObj.option)); const iv = toHexFast(Utils.convertToByteArray(ivObj.string, ivObj.option)); input = inputType === "Hex" ? input : toHexFast(Utils.strToArrayBuffer(input)); - const versionNum = version === "GOST 28147 (Magma, 1989)" ? 1989 : 2015; - const blockLength = versionNum === 1989 ? 64 : parseInt(length, 10); + let blockLength, versionNum; + switch (version) { + case "GOST 28147 (1989)": + versionNum = 1989; + blockLength = 64; + break; + case "GOST R 34.12 (Magma, 2015)": + versionNum = 2015; + blockLength = 64; + break; + case "GOST R 34.12 (Kuznyechik, 2015)": + versionNum = 2015; + blockLength = 128; + break; + default: + throw new OperationError(`Unknown algorithm version: ${version}`); + } + const sBoxVal = versionNum === 1989 ? sBox : null; const algorithm = { diff --git a/src/core/operations/GOSTKeyUnwrap.mjs b/src/core/operations/GOSTKeyUnwrap.mjs index afcd6287..7a3e29cb 100644 --- a/src/core/operations/GOSTKeyUnwrap.mjs +++ b/src/core/operations/GOSTKeyUnwrap.mjs @@ -55,22 +55,19 @@ class GOSTKeyUnwrap extends Operation { type: "argSelector", value: [ { - name: "GOST 28147 (Magma, 1989)", - off: [5], + name: "GOST 28147 (1989)", on: [6] }, + { + name: "GOST R 34.12 (Magma, 2015)", + off: [5] + }, { name: "GOST R 34.12 (Kuznyechik, 2015)", - on: [5], - off: [6] + off: [5] } ] }, - { - name: "Block length", - type: "option", - value: ["64", "128"] - }, { name: "sBox", type: "option", @@ -90,14 +87,30 @@ class GOSTKeyUnwrap extends Operation { * @returns {string} */ async run(input, args) { - const [keyObj, ukmObj, inputType, outputType, version, length, sBox, keyWrapping] = args; + const [keyObj, ukmObj, inputType, outputType, version, sBox, keyWrapping] = args; const key = toHexFast(Utils.convertToByteArray(keyObj.string, keyObj.option)); const ukm = toHexFast(Utils.convertToByteArray(ukmObj.string, ukmObj.option)); input = inputType === "Hex" ? input : toHexFast(Utils.strToArrayBuffer(input)); - const versionNum = version === "GOST 28147 (Magma, 1989)" ? 1989 : 2015; - const blockLength = versionNum === 1989 ? 64 : parseInt(length, 10); + let blockLength, versionNum; + switch (version) { + case "GOST 28147 (1989)": + versionNum = 1989; + blockLength = 64; + break; + case "GOST R 34.12 (Magma, 2015)": + versionNum = 2015; + blockLength = 64; + break; + case "GOST R 34.12 (Kuznyechik, 2015)": + versionNum = 2015; + blockLength = 128; + break; + default: + throw new OperationError(`Unknown algorithm version: ${version}`); + } + const sBoxVal = versionNum === 1989 ? sBox : null; const algorithm = { diff --git a/src/core/operations/GOSTKeyWrap.mjs b/src/core/operations/GOSTKeyWrap.mjs index 5a3fd4e6..d8692023 100644 --- a/src/core/operations/GOSTKeyWrap.mjs +++ b/src/core/operations/GOSTKeyWrap.mjs @@ -55,22 +55,19 @@ class GOSTKeyWrap extends Operation { type: "argSelector", value: [ { - name: "GOST 28147 (Magma, 1989)", - off: [5], + name: "GOST 28147 (1989)", on: [6] }, + { + name: "GOST R 34.12 (Magma, 2015)", + off: [5] + }, { name: "GOST R 34.12 (Kuznyechik, 2015)", - on: [5], - off: [6] + off: [5] } ] }, - { - name: "Block length", - type: "option", - value: ["64", "128"] - }, { name: "sBox", type: "option", @@ -90,14 +87,30 @@ class GOSTKeyWrap extends Operation { * @returns {string} */ async run(input, args) { - const [keyObj, ukmObj, inputType, outputType, version, length, sBox, keyWrapping] = args; + const [keyObj, ukmObj, inputType, outputType, version, sBox, keyWrapping] = args; const key = toHexFast(Utils.convertToByteArray(keyObj.string, keyObj.option)); const ukm = toHexFast(Utils.convertToByteArray(ukmObj.string, ukmObj.option)); input = inputType === "Hex" ? input : toHexFast(Utils.strToArrayBuffer(input)); - const versionNum = version === "GOST 28147 (Magma, 1989)" ? 1989 : 2015; - const blockLength = versionNum === 1989 ? 64 : parseInt(length, 10); + let blockLength, versionNum; + switch (version) { + case "GOST 28147 (1989)": + versionNum = 1989; + blockLength = 64; + break; + case "GOST R 34.12 (Magma, 2015)": + versionNum = 2015; + blockLength = 64; + break; + case "GOST R 34.12 (Kuznyechik, 2015)": + versionNum = 2015; + blockLength = 128; + break; + default: + throw new OperationError(`Unknown algorithm version: ${version}`); + } + const sBoxVal = versionNum === 1989 ? sBox : null; const algorithm = { diff --git a/src/core/operations/GOSTSign.mjs b/src/core/operations/GOSTSign.mjs index 9195f469..d83caab7 100644 --- a/src/core/operations/GOSTSign.mjs +++ b/src/core/operations/GOSTSign.mjs @@ -55,22 +55,19 @@ class GOSTSign extends Operation { type: "argSelector", value: [ { - name: "GOST 28147 (Magma, 1989)", - off: [5], + name: "GOST 28147 (1989)", on: [6] }, + { + name: "GOST R 34.12 (Magma, 2015)", + off: [5] + }, { name: "GOST R 34.12 (Kuznyechik, 2015)", - on: [5], - off: [6] + off: [5] } ] }, - { - name: "Block length", - type: "option", - value: ["64", "128"] - }, { name: "sBox", type: "option", @@ -93,14 +90,30 @@ class GOSTSign extends Operation { * @returns {string} */ async run(input, args) { - const [keyObj, ivObj, inputType, outputType, version, length, sBox, macLength] = args; + const [keyObj, ivObj, inputType, outputType, version, sBox, macLength] = args; const key = toHexFast(Utils.convertToByteArray(keyObj.string, keyObj.option)); const iv = toHexFast(Utils.convertToByteArray(ivObj.string, ivObj.option)); input = inputType === "Hex" ? input : toHexFast(Utils.strToArrayBuffer(input)); - const versionNum = version === "GOST 28147 (Magma, 1989)" ? 1989 : 2015; - const blockLength = versionNum === 1989 ? 64 : parseInt(length, 10); + let blockLength, versionNum; + switch (version) { + case "GOST 28147 (1989)": + versionNum = 1989; + blockLength = 64; + break; + case "GOST R 34.12 (Magma, 2015)": + versionNum = 2015; + blockLength = 64; + break; + case "GOST R 34.12 (Kuznyechik, 2015)": + versionNum = 2015; + blockLength = 128; + break; + default: + throw new OperationError(`Unknown algorithm version: ${version}`); + } + const sBoxVal = versionNum === 1989 ? sBox : null; const algorithm = { diff --git a/src/core/operations/GOSTVerify.mjs b/src/core/operations/GOSTVerify.mjs index a270e7c5..085a46c2 100644 --- a/src/core/operations/GOSTVerify.mjs +++ b/src/core/operations/GOSTVerify.mjs @@ -56,22 +56,19 @@ class GOSTVerify extends Operation { type: "argSelector", value: [ { - name: "GOST 28147 (Magma, 1989)", - off: [5], + name: "GOST 28147 (1989)", on: [6] }, + { + name: "GOST R 34.12 (Magma, 2015)", + off: [5] + }, { name: "GOST R 34.12 (Kuznyechik, 2015)", - on: [5], - off: [6] + off: [5] } ] }, - { - name: "Block length", - type: "option", - value: ["64", "128"] - }, { name: "sBox", type: "option", @@ -86,15 +83,31 @@ class GOSTVerify extends Operation { * @returns {string} */ async run(input, args) { - const [keyObj, ivObj, macObj, inputType, version, length, sBox] = args; + const [keyObj, ivObj, macObj, inputType, version, sBox] = args; const key = toHexFast(Utils.convertToByteArray(keyObj.string, keyObj.option)); const iv = toHexFast(Utils.convertToByteArray(ivObj.string, ivObj.option)); const mac = toHexFast(Utils.convertToByteArray(macObj.string, macObj.option)); input = inputType === "Hex" ? input : toHexFast(Utils.strToArrayBuffer(input)); - const versionNum = version === "GOST 28147 (Magma, 1989)" ? 1989 : 2015; - const blockLength = versionNum === 1989 ? 64 : parseInt(length, 10); + let blockLength, versionNum; + switch (version) { + case "GOST 28147 (1989)": + versionNum = 1989; + blockLength = 64; + break; + case "GOST R 34.12 (Magma, 2015)": + versionNum = 2015; + blockLength = 64; + break; + case "GOST R 34.12 (Kuznyechik, 2015)": + versionNum = 2015; + blockLength = 128; + break; + default: + throw new OperationError(`Unknown algorithm version: ${version}`); + } + const sBoxVal = versionNum === 1989 ? sBox : null; const algorithm = { diff --git a/src/core/operations/GenerateECDSAKeyPair.mjs b/src/core/operations/GenerateECDSAKeyPair.mjs new file mode 100644 index 00000000..14714a02 --- /dev/null +++ b/src/core/operations/GenerateECDSAKeyPair.mjs @@ -0,0 +1,102 @@ +/** + * @author cplussharp + * @copyright Crown Copyright 2021 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import { cryptNotice } from "../lib/Crypt.mjs"; +import r from "jsrsasign"; + +/** + * Generate ECDSA Key Pair operation + */ +class GenerateECDSAKeyPair extends Operation { + + /** + * GenerateECDSAKeyPair constructor + */ + constructor() { + super(); + + this.name = "Generate ECDSA Key Pair"; + this.module = "Ciphers"; + this.description = `Generate an ECDSA key pair with a given Curve.

${cryptNotice}`; + this.infoURL = "https://wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + name: "Elliptic Curve", + type: "option", + value: [ + "P-256", + "P-384", + "P-521" + ] + }, + { + name: "Output Format", + type: "option", + value: [ + "PEM", + "DER", + "JWK" + ] + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + async run(input, args) { + const [curveName, outputFormat] = args; + + return new Promise((resolve, reject) => { + let internalCurveName; + switch (curveName) { + case "P-256": + internalCurveName = "secp256r1"; + break; + case "P-384": + internalCurveName = "secp384r1"; + break; + case "P-521": + internalCurveName = "secp521r1"; + break; + } + const keyPair = r.KEYUTIL.generateKeypair("EC", internalCurveName); + + let pubKey; + let privKey; + let result; + switch (outputFormat) { + case "PEM": + pubKey = r.KEYUTIL.getPEM(keyPair.pubKeyObj).replace(/\r/g, ""); + privKey = r.KEYUTIL.getPEM(keyPair.prvKeyObj, "PKCS8PRV").replace(/\r/g, ""); + result = pubKey + "\n" + privKey; + break; + case "DER": + result = keyPair.prvKeyObj.prvKeyHex; + break; + case "JWK": + pubKey = r.KEYUTIL.getJWKFromKey(keyPair.pubKeyObj); + pubKey.key_ops = ["verify"]; // eslint-disable-line camelcase + pubKey.kid = "PublicKey"; + privKey = r.KEYUTIL.getJWKFromKey(keyPair.prvKeyObj); + privKey.key_ops = ["sign"]; // eslint-disable-line camelcase + privKey.kid = "PrivateKey"; + result = JSON.stringify({keys: [privKey, pubKey]}, null, 4); + break; + } + + resolve(result); + }); + } + +} + +export default GenerateECDSAKeyPair; diff --git a/src/core/operations/JA4Fingerprint.mjs b/src/core/operations/JA4Fingerprint.mjs new file mode 100644 index 00000000..31f57525 --- /dev/null +++ b/src/core/operations/JA4Fingerprint.mjs @@ -0,0 +1,73 @@ +/** + * @author n1474335 [n1474335@gmail.com] + * @copyright Crown Copyright 2024 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import Utils from "../Utils.mjs"; +import {toJA4} from "../lib/JA4.mjs"; + +/** + * JA4 Fingerprint operation + */ +class JA4Fingerprint extends Operation { + + /** + * JA4Fingerprint constructor + */ + constructor() { + super(); + + this.name = "JA4 Fingerprint"; + this.module = "Crypto"; + this.description = "Generates a JA4 fingerprint to help identify TLS clients based on hashing together values from the Client Hello.

Input: A hex stream of the TLS or QUIC Client Hello packet application layer."; + this.infoURL = "https://medium.com/foxio/ja4-network-fingerprinting-9376fe9ca637"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + name: "Input format", + type: "option", + value: ["Hex", "Base64", "Raw"] + }, + { + name: "Output format", + type: "option", + value: ["JA4", "JA4 Original Rendering", "JA4 Raw", "JA4 Raw Original Rendering", "All"] + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const [inputFormat, outputFormat] = args; + input = Utils.convertToByteArray(input, inputFormat); + const ja4 = toJA4(new Uint8Array(input)); + + // Output + switch (outputFormat) { + case "JA4": + return ja4.JA4; + case "JA4 Original Rendering": + return ja4.JA4_o; + case "JA4 Raw": + return ja4.JA4_r; + case "JA4 Raw Original Rendering": + return ja4.JA4_ro; + case "All": + default: + return `JA4: ${ja4.JA4} +JA4_o: ${ja4.JA4_o} +JA4_r: ${ja4.JA4_r} +JA4_ro: ${ja4.JA4_ro}`; + } + } + +} + +export default JA4Fingerprint; diff --git a/src/core/operations/JA4ServerFingerprint.mjs b/src/core/operations/JA4ServerFingerprint.mjs new file mode 100644 index 00000000..662285a8 --- /dev/null +++ b/src/core/operations/JA4ServerFingerprint.mjs @@ -0,0 +1,66 @@ +/** + * @author n1474335 [n1474335@gmail.com] + * @copyright Crown Copyright 2024 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import Utils from "../Utils.mjs"; +import {toJA4S} from "../lib/JA4.mjs"; + +/** + * JA4Server Fingerprint operation + */ +class JA4ServerFingerprint extends Operation { + + /** + * JA4ServerFingerprint constructor + */ + constructor() { + super(); + + this.name = "JA4Server Fingerprint"; + this.module = "Crypto"; + this.description = "Generates a JA4Server Fingerprint (JA4S) to help identify TLS servers or sessions based on hashing together values from the Server Hello.

Input: A hex stream of the TLS or QUIC Server Hello packet application layer."; + this.infoURL = "https://medium.com/foxio/ja4-network-fingerprinting-9376fe9ca637"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + name: "Input format", + type: "option", + value: ["Hex", "Base64", "Raw"] + }, + { + name: "Output format", + type: "option", + value: ["JA4S", "JA4S Raw", "Both"] + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const [inputFormat, outputFormat] = args; + input = Utils.convertToByteArray(input, inputFormat); + const ja4s = toJA4S(new Uint8Array(input)); + + // Output + switch (outputFormat) { + case "JA4S": + return ja4s.JA4S; + case "JA4S Raw": + return ja4s.JA4S_r; + case "Both": + default: + return `JA4S: ${ja4s.JA4S}\nJA4S_r: ${ja4s.JA4S_r}`; + } + } + +} + +export default JA4ServerFingerprint; diff --git a/src/core/operations/JWKToPem.mjs b/src/core/operations/JWKToPem.mjs new file mode 100644 index 00000000..c8c00270 --- /dev/null +++ b/src/core/operations/JWKToPem.mjs @@ -0,0 +1,80 @@ +/** + * @author cplussharp + * @copyright Crown Copyright 2021 + * @license Apache-2.0 + */ + +import r from "jsrsasign"; +import Operation from "../Operation.mjs"; +import OperationError from "../errors/OperationError.mjs"; + +/** + * PEM to JWK operation + */ +class PEMToJWK extends Operation { + + /** + * PEMToJWK constructor + */ + constructor() { + super(); + + this.name = "JWK to PEM"; + this.module = "PublicKey"; + this.description = "Converts Keys in JSON Web Key format to PEM format (PKCS#8)."; + this.infoURL = "https://datatracker.ietf.org/doc/html/rfc7517"; + this.inputType = "string"; + this.outputType = "string"; + this.args = []; + this.checks = [ + { + "pattern": "\"kty\":\\s*\"(EC|RSA)\"", + "flags": "gm", + "args": [] + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const inputJson = JSON.parse(input); + + let keys = []; + if (Array.isArray(inputJson)) { + // list of keys => transform all keys + keys = inputJson; + } else if (Array.isArray(inputJson.keys)) { + // JSON Web Key Set => transform all keys + keys = inputJson.keys; + } else if (typeof inputJson === "object") { + // single key + keys.push(inputJson); + } else { + throw new OperationError("Input is not a JSON Web Key"); + } + + let output = ""; + for (let i=0; i 0) { + output += "\n"; + } + output += JSON.stringify(jwk); + } else if (match[1] === "CERTIFICATE") { + const cert = new r.X509(); + cert.readCertPEM(pem); + const key = cert.getPublicKey(); + const jwk = r.KEYUTIL.getJWKFromKey(key); + if (output.length > 0) { + output += "\n"; + } + output += JSON.stringify(jwk); + } else { + throw new OperationError(`Unsupported PEM type '${match[1]}'`); + } + } + return output; + } +} + +export default PEMToJWK; diff --git a/src/core/operations/ParseCSR.mjs b/src/core/operations/ParseCSR.mjs new file mode 100644 index 00000000..6ab44cb2 --- /dev/null +++ b/src/core/operations/ParseCSR.mjs @@ -0,0 +1,273 @@ +/** + * @author jkataja + * @copyright Crown Copyright 2023 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import forge from "node-forge"; +import Utils from "../Utils.mjs"; + +/** + * Parse CSR operation + */ +class ParseCSR extends Operation { + + /** + * ParseCSR constructor + */ + constructor() { + super(); + + this.name = "Parse CSR"; + this.module = "PublicKey"; + this.description = "Parse Certificate Signing Request (CSR) for an X.509 certificate"; + this.infoURL = "https://wikipedia.org/wiki/Certificate_signing_request"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + "name": "Input format", + "type": "option", + "value": ["PEM"] + }, + { + "name": "Key type", + "type": "option", + "value": ["RSA"] + }, + { + "name": "Strict ASN.1 value lengths", + "type": "boolean", + "value": true + } + ]; + this.checks = [ + { + "pattern": "^-+BEGIN CERTIFICATE REQUEST-+\\r?\\n[\\da-z+/\\n\\r]+-+END CERTIFICATE REQUEST-+\\r?\\n?$", + "flags": "i", + "args": ["PEM"] + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} Human-readable description of a Certificate Signing Request (CSR). + */ + run(input, args) { + if (!input.length) { + return "No input"; + } + + const csr = forge.pki.certificationRequestFromPem(input, args[1]); + + // RSA algorithm is the only one supported for CSR in node-forge as of 1.3.1 + return `Version: ${1 + csr.version} (0x${Utils.hex(csr.version)}) +Subject${formatSubject(csr.subject)} +Subject Alternative Names${formatSubjectAlternativeNames(csr)} +Public Key + Algorithm: RSA + Length: ${csr.publicKey.n.bitLength()} bits + Modulus: ${formatMultiLine(chop(csr.publicKey.n.toString(16).replace(/(..)/g, "$&:")))} + Exponent: ${csr.publicKey.e} (0x${Utils.hex(csr.publicKey.e)}) +Signature + Algorithm: ${forge.pki.oids[csr.signatureOid]} + Signature: ${formatMultiLine(Utils.strToByteArray(csr.signature).map(b => Utils.hex(b)).join(":"))} +Extensions${formatExtensions(csr)}`; + } +} + +/** + * Format Subject of the request as a multi-line string + * @param {*} subject CSR Subject + * @returns Multi-line string describing Subject + */ +function formatSubject(subject) { + let out = "\n"; + + for (const attribute of subject.attributes) { + out += ` ${attribute.shortName} = ${attribute.value}\n`; + } + + return chop(out); +} + + +/** + * Format Subject Alternative Names from the name `subjectAltName` extension + * @param {*} extension CSR object + * @returns Multi-line string describing Subject Alternative Names + */ +function formatSubjectAlternativeNames(csr) { + let out = "\n"; + + for (const attribute of csr.attributes) { + for (const extension of attribute.extensions) { + if (extension.name === "subjectAltName") { + const names = []; + for (const altName of extension.altNames) { + switch (altName.type) { + case 1: + names.push(`EMAIL: ${altName.value}`); + break; + case 2: + names.push(`DNS: ${altName.value}`); + break; + case 6: + names.push(`URI: ${altName.value}`); + break; + case 7: + names.push(`IP: ${altName.ip}`); + break; + default: + names.push(`(unable to format type ${altName.type} name)\n`); + } + } + out += indent(2, names); + } + } + } + + return chop(out); +} + +/** + * Format known extensions of a CSR + * @param {*} csr CSR object + * @returns Multi-line string describing attributes + */ +function formatExtensions(csr) { + let out = "\n"; + + for (const attribute of csr.attributes) { + for (const extension of attribute.extensions) { + // formatted separately + if (extension.name === "subjectAltName") { + continue; + } + out += ` ${extension.name}${(extension.critical ? " CRITICAL" : "")}:\n`; + let parts = []; + switch (extension.name) { + case "basicConstraints" : + parts = describeBasicConstraints(extension); + break; + case "keyUsage" : + parts = describeKeyUsage(extension); + break; + case "extKeyUsage" : + parts = describeExtendedKeyUsage(extension); + break; + default : + parts = ["(unable to format extension)"]; + } + out += indent(4, parts); + } + } + + return chop(out); +} + + +/** + * Format hex string onto multiple lines + * @param {*} longStr + * @returns Hex string as a multi-line hex string + */ +function formatMultiLine(longStr) { + const lines = []; + + for (let remain = longStr ; remain !== "" ; remain = remain.substring(48)) { + lines.push(remain.substring(0, 48)); + } + + return lines.join("\n "); +} + +/** + * Describe Basic Constraints + * @see RFC 5280 4.2.1.9. Basic Constraints https://www.ietf.org/rfc/rfc5280.txt + * @param {*} extension CSR extension with the name `basicConstraints` + * @returns Array of strings describing Basic Constraints + */ +function describeBasicConstraints(extension) { + const constraints = []; + + constraints.push(`CA = ${extension.cA}`); + if (extension.pathLenConstraint !== undefined) constraints.push(`PathLenConstraint = ${extension.pathLenConstraint}`); + + return constraints; +} + +/** + * Describe Key Usage extension permitted use cases + * @see RFC 5280 4.2.1.3. Key Usage https://www.ietf.org/rfc/rfc5280.txt + * @param {*} extension CSR extension with the name `keyUsage` + * @returns Array of strings describing Key Usage extension permitted use cases + */ +function describeKeyUsage(extension) { + const usage = []; + + if (extension.digitalSignature) usage.push("Digital signature"); + if (extension.nonRepudiation) usage.push("Non-repudiation"); + if (extension.keyEncipherment) usage.push("Key encipherment"); + if (extension.dataEncipherment) usage.push("Data encipherment"); + if (extension.keyAgreement) usage.push("Key agreement"); + if (extension.keyCertSign) usage.push("Key certificate signing"); + if (extension.cRLSign) usage.push("CRL signing"); + if (extension.encipherOnly) usage.push("Encipher only"); + if (extension.decipherOnly) usage.push("Decipher only"); + + if (usage.length === 0) usage.push("(none)"); + + return usage; +} + +/** + * Describe Extended Key Usage extension permitted use cases + * @see RFC 5280 4.2.1.12. Extended Key Usage https://www.ietf.org/rfc/rfc5280.txt + * @param {*} extension CSR extension with the name `extendedKeyUsage` + * @returns Array of strings describing Extended Key Usage extension permitted use cases + */ +function describeExtendedKeyUsage(extension) { + const usage = []; + + if (extension.serverAuth) usage.push("TLS Web Server Authentication"); + if (extension.clientAuth) usage.push("TLS Web Client Authentication"); + if (extension.codeSigning) usage.push("Code signing"); + if (extension.emailProtection) usage.push("E-mail Protection (S/MIME)"); + if (extension.timeStamping) usage.push("Trusted Timestamping"); + if (extension.msCodeInd) usage.push("Microsoft Individual Code Signing"); + if (extension.msCodeCom) usage.push("Microsoft Commercial Code Signing"); + if (extension.msCTLSign) usage.push("Microsoft Trust List Signing"); + if (extension.msSGC) usage.push("Microsoft Server Gated Crypto"); + if (extension.msEFS) usage.push("Microsoft Encrypted File System"); + if (extension.nsSGC) usage.push("Netscape Server Gated Crypto"); + + if (usage.length === 0) usage.push("(none)"); + + return usage; +} + +/** + * Join an array of strings and add leading spaces to each line. + * @param {*} n How many leading spaces + * @param {*} parts Array of strings + * @returns Joined and indented string. + */ +function indent(n, parts) { + const fluff = " ".repeat(n); + return fluff + parts.join("\n" + fluff) + "\n"; +} + +/** + * Remove last character from a string. + * @param {*} s String + * @returns Chopped string. + */ +function chop(s) { + return s.substring(0, s.length - 1); +} + +export default ParseCSR; diff --git a/src/core/operations/PubKeyFromCert.mjs b/src/core/operations/PubKeyFromCert.mjs new file mode 100644 index 00000000..0233b04a --- /dev/null +++ b/src/core/operations/PubKeyFromCert.mjs @@ -0,0 +1,68 @@ +/** + * @author cplussharp + * @copyright Crown Copyright 2023 + * @license Apache-2.0 + */ + +import r from "jsrsasign"; +import Operation from "../Operation.mjs"; +import OperationError from "../errors/OperationError.mjs"; + +/** + * Public Key from Certificate operation + */ +class PubKeyFromCert extends Operation { + + /** + * PubKeyFromCert constructor + */ + constructor() { + super(); + + this.name = "Public Key from Certificate"; + this.module = "PublicKey"; + this.description = "Extracts the Public Key from a Certificate."; + this.infoURL = "https://en.wikipedia.org/wiki/X.509"; + this.inputType = "string"; + this.outputType = "string"; + this.args = []; + this.checks = []; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + let output = ""; + let match; + const regex = /-----BEGIN CERTIFICATE-----/g; + while ((match = regex.exec(input)) !== null) { + // find corresponding end tag + const indexBase64 = match.index + match[0].length; + const footer = "-----END CERTIFICATE-----"; + const indexFooter = input.indexOf(footer, indexBase64); + if (indexFooter === -1) { + throw new OperationError(`PEM footer '${footer}' not found`); + } + + const certPem = input.substring(match.index, indexFooter + footer.length); + const cert = new r.X509(); + cert.readCertPEM(certPem); + let pubKey; + try { + pubKey = cert.getPublicKey(); + } catch { + throw new OperationError("Unsupported public key type"); + } + const pubKeyPem = r.KEYUTIL.getPEM(pubKey); + + // PEM ends with '\n', so a new key always starts on a new line + output += pubKeyPem; + } + return output; + } +} + +export default PubKeyFromCert; diff --git a/src/core/operations/PubKeyFromPrivKey.mjs b/src/core/operations/PubKeyFromPrivKey.mjs new file mode 100644 index 00000000..5a08882b --- /dev/null +++ b/src/core/operations/PubKeyFromPrivKey.mjs @@ -0,0 +1,82 @@ +/** + * @author cplussharp + * @copyright Crown Copyright 2023 + * @license Apache-2.0 + */ + +import r from "jsrsasign"; +import Operation from "../Operation.mjs"; +import OperationError from "../errors/OperationError.mjs"; + +/** + * Public Key from Private Key operation + */ +class PubKeyFromPrivKey extends Operation { + + /** + * PubKeyFromPrivKey constructor + */ + constructor() { + super(); + + this.name = "Public Key from Private Key"; + this.module = "PublicKey"; + this.description = "Extracts the Public Key from a Private Key."; + this.infoURL = "https://en.wikipedia.org/wiki/PKCS_8"; + this.inputType = "string"; + this.outputType = "string"; + this.args = []; + this.checks = []; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + let output = ""; + let match; + const regex = /-----BEGIN ((RSA |EC |DSA )?PRIVATE KEY)-----/g; + while ((match = regex.exec(input)) !== null) { + // find corresponding end tag + const indexBase64 = match.index + match[0].length; + const footer = `-----END ${match[1]}-----`; + const indexFooter = input.indexOf(footer, indexBase64); + if (indexFooter === -1) { + throw new OperationError(`PEM footer '${footer}' not found`); + } + + const privKeyPem = input.substring(match.index, indexFooter + footer.length); + let privKey; + try { + privKey = r.KEYUTIL.getKey(privKeyPem); + } catch (err) { + throw new OperationError(`Unsupported key type: ${err}`); + } + let pubKey; + if (privKey.type && privKey.type === "EC") { + pubKey = new r.KJUR.crypto.ECDSA({ curve: privKey.curve }); + pubKey.setPublicKeyHex(privKey.generatePublicKeyHex()); + } else if (privKey.type && privKey.type === "DSA") { + if (!privKey.y) { + throw new OperationError(`DSA Private Key in PKCS#8 is not supported`); + } + pubKey = new r.KJUR.crypto.DSA(); + pubKey.setPublic(privKey.p, privKey.q, privKey.g, privKey.y); + } else if (privKey.n && privKey.e) { + pubKey = new r.RSAKey(); + pubKey.setPublic(privKey.n, privKey.e); + } else { + throw new OperationError(`Unsupported key type`); + } + const pubKeyPem = r.KEYUTIL.getPEM(pubKey); + + // PEM ends with '\n', so a new key always starts on a new line + output += pubKeyPem; + } + return output; + } +} + +export default PubKeyFromPrivKey; diff --git a/src/core/operations/RAKE.mjs b/src/core/operations/RAKE.mjs index d1165b51..1470f5f0 100644 --- a/src/core/operations/RAKE.mjs +++ b/src/core/operations/RAKE.mjs @@ -101,22 +101,17 @@ class RAKE extends Operation { phrases = phrases.filter(subArray => subArray.length > 0); // Remove duplicate phrases - const uniquePhrases = [...new Set(phrases.map(function (phrase) { - return phrase.join(" "); - }))]; - phrases = uniquePhrases.map(function (phrase) { - return phrase.split(" "); - }); + phrases = phrases.unique(); // Generate word_degree_matrix and populate - const wordDegreeMatrix = Array.from(Array(tokens.length), _ => Array(tokens.length).fill(0)); - phrases.forEach(function (phrase) { - phrase.forEach(function (word1) { - phrase.forEach(function (word2) { + const wordDegreeMatrix = Array(tokens.length).fill().map(() => Array(tokens.length).fill(0)); + for (const phrase of phrases) { + for (const word1 of phrase) { + for (const word2 of phrase) { wordDegreeMatrix[tokens.indexOf(word1)][tokens.indexOf(word2)]++; - }); - }); - }); + } + } + } // Calculate degree score for each token const degreeScores = Array(tokens.length).fill(0); diff --git a/src/core/operations/RegularExpression.mjs b/src/core/operations/RegularExpression.mjs index 18d3fda9..9ea17e83 100644 --- a/src/core/operations/RegularExpression.mjs +++ b/src/core/operations/RegularExpression.mjs @@ -67,6 +67,10 @@ class RegularExpression extends Operation { name: "MAC address", value: "[A-Fa-f\\d]{2}(?:[:-][A-Fa-f\\d]{2}){5}" }, + { + name: "UUID", + value: "[0-9a-fA-F]{8}\\b-[0-9a-fA-F]{4}\\b-[0-9a-fA-F]{4}\\b-[0-9a-fA-F]{4}\\b-[0-9a-fA-F]{12}" + }, { name: "Date (yyyy-mm-dd)", value: "((?:19|20)\\d\\d)[- /.](0[1-9]|1[012])[- /.](0[1-9]|[12][0-9]|3[01])" @@ -83,10 +87,6 @@ class RegularExpression extends Operation { name: "Strings", value: "[A-Za-z\\d/\\-:.,_$%\\x27\"()<>= !\\[\\]{}@]{4,}" }, - { - name: "UUID (any version)", - value: "[0-9a-fA-F]{8}\\b-[0-9a-fA-F]{4}\\b-[0-9a-fA-F]{4}\\b-[0-9a-fA-F]{4}\\b-[0-9a-fA-F]{12}" - }, ], "target": 1 }, diff --git a/src/core/operations/RisonDecode.mjs b/src/core/operations/RisonDecode.mjs index 1b9741a8..d4e36f80 100644 --- a/src/core/operations/RisonDecode.mjs +++ b/src/core/operations/RisonDecode.mjs @@ -20,7 +20,7 @@ class RisonDecode extends Operation { super(); this.name = "Rison Decode"; - this.module = "Default"; + this.module = "Encodings"; this.description = "Rison, a data serialization format optimized for compactness in URIs. Rison is a slight variation of JSON that looks vastly superior after URI encoding. Rison still expresses exactly the same set of data structures as JSON, so data can be translated back and forth without loss or guesswork."; this.infoURL = "https://github.com/Nanonid/rison"; this.inputType = "string"; @@ -29,11 +29,7 @@ class RisonDecode extends Operation { { name: "Decode Option", type: "editableOption", - value: [ - { name: "Decode", value: "Decode", }, - { name: "Decode Object", value: "Decode Object", }, - { name: "Decode Array", value: "Decode Array", }, - ] + value: ["Decode", "Decode Object", "Decode Array"] }, ]; } @@ -52,8 +48,9 @@ class RisonDecode extends Operation { return rison.decode_object(input); case "Decode Array": return rison.decode_array(input); + default: + throw new OperationError("Invalid Decode option"); } - throw new OperationError("Invalid Decode option"); } } diff --git a/src/core/operations/RisonEncode.mjs b/src/core/operations/RisonEncode.mjs index 36a61017..12b13b66 100644 --- a/src/core/operations/RisonEncode.mjs +++ b/src/core/operations/RisonEncode.mjs @@ -20,7 +20,7 @@ class RisonEncode extends Operation { super(); this.name = "Rison Encode"; - this.module = "Default"; + this.module = "Encodings"; this.description = "Rison, a data serialization format optimized for compactness in URIs. Rison is a slight variation of JSON that looks vastly superior after URI encoding. Rison still expresses exactly the same set of data structures as JSON, so data can be translated back and forth without loss or guesswork."; this.infoURL = "https://github.com/Nanonid/rison"; this.inputType = "Object"; @@ -28,13 +28,8 @@ class RisonEncode extends Operation { this.args = [ { name: "Encode Option", - type: "editableOption", - value: [ - { name: "Encode", value: "Encode", }, - { name: "Encode Object", value: "Encode Object", }, - { name: "Encode Array", value: "Encode Array", }, - { name: "Encode URI", value: "Encode URI", } - ] + type: "option", + value: ["Encode", "Encode Object", "Encode Array", "Encode URI"] }, ]; } @@ -55,8 +50,9 @@ class RisonEncode extends Operation { return rison.encode_array(input); case "Encode URI": return rison.encode_uri(input); + default: + throw new OperationError("Invalid encode option"); } - throw new OperationError("Invalid encode option"); } } diff --git a/src/core/operations/Salsa20.mjs b/src/core/operations/Salsa20.mjs new file mode 100644 index 00000000..7a76cf26 --- /dev/null +++ b/src/core/operations/Salsa20.mjs @@ -0,0 +1,154 @@ +/** + * @author joostrijneveld [joost@joostrijneveld.nl] + * @copyright Crown Copyright 2024 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import OperationError from "../errors/OperationError.mjs"; +import Utils from "../Utils.mjs"; +import { toHex } from "../lib/Hex.mjs"; +import { salsa20Block } from "../lib/Salsa20.mjs"; + +/** + * Salsa20 operation + */ +class Salsa20 extends Operation { + + /** + * Salsa20 constructor + */ + constructor() { + super(); + + this.name = "Salsa20"; + this.module = "Ciphers"; + this.description = "Salsa20 is a stream cipher designed by Daniel J. Bernstein and submitted to the eSTREAM project; Salsa20/8 and Salsa20/12 are round-reduced variants. It is closely related to the ChaCha stream cipher.

Key: Salsa20 uses a key of 16 or 32 bytes (128 or 256 bits).

Nonce: Salsa20 uses a nonce of 8 bytes (64 bits).

Counter: Salsa uses a counter of 8 bytes (64 bits). The counter starts at zero at the start of the keystream, and is incremented at every 64 bytes."; + this.infoURL = "https://wikipedia.org/wiki/Salsa20"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + "name": "Key", + "type": "toggleString", + "value": "", + "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"] + }, + { + "name": "Nonce", + "type": "toggleString", + "value": "", + "toggleValues": ["Hex", "UTF8", "Latin1", "Base64", "Integer"] + }, + { + "name": "Counter", + "type": "number", + "value": 0, + "min": 0 + }, + { + "name": "Rounds", + "type": "option", + "value": ["20", "12", "8"] + }, + { + "name": "Input", + "type": "option", + "value": ["Hex", "Raw"] + }, + { + "name": "Output", + "type": "option", + "value": ["Raw", "Hex"] + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const key = Utils.convertToByteArray(args[0].string, args[0].option), + nonceType = args[1].option, + rounds = parseInt(args[3], 10), + inputType = args[4], + outputType = args[5]; + + if (key.length !== 16 && key.length !== 32) { + throw new OperationError(`Invalid key length: ${key.length} bytes. + +Salsa20 uses a key of 16 or 32 bytes (128 or 256 bits).`); + } + + let counter, nonce; + if (nonceType === "Integer") { + nonce = Utils.intToByteArray(parseInt(args[1].string, 10), 8, "little"); + } else { + nonce = Utils.convertToByteArray(args[1].string, args[1].option); + if (!(nonce.length === 8)) { + throw new OperationError(`Invalid nonce length: ${nonce.length} bytes. + +Salsa20 uses a nonce of 8 bytes (64 bits).`); + } + } + counter = Utils.intToByteArray(args[2], 8, "little"); + + const output = []; + input = Utils.convertToByteArray(input, inputType); + + let counterAsInt = Utils.byteArrayToInt(counter, "little"); + for (let i = 0; i < input.length; i += 64) { + counter = Utils.intToByteArray(counterAsInt, 8, "little"); + const stream = salsa20Block(key, nonce, counter, rounds); + for (let j = 0; j < 64 && i + j < input.length; j++) { + output.push(input[i + j] ^ stream[j]); + } + counterAsInt++; + } + + if (outputType === "Hex") { + return toHex(output); + } else { + return Utils.arrayBufferToStr(Uint8Array.from(output).buffer); + } + } + + /** + * Highlight Salsa20 + * + * @param {Object[]} pos + * @param {number} pos[].start + * @param {number} pos[].end + * @param {Object[]} args + * @returns {Object[]} pos + */ + highlight(pos, args) { + const inputType = args[4], + outputType = args[5]; + if (inputType === "Raw" && outputType === "Raw") { + return pos; + } + } + + /** + * Highlight Salsa20 in reverse + * + * @param {Object[]} pos + * @param {number} pos[].start + * @param {number} pos[].end + * @param {Object[]} args + * @returns {Object[]} pos + */ + highlightReverse(pos, args) { + const inputType = args[4], + outputType = args[5]; + if (inputType === "Raw" && outputType === "Raw") { + return pos; + } + } + +} + +export default Salsa20; diff --git a/src/core/operations/ToBase58.mjs b/src/core/operations/ToBase58.mjs index 5353c40e..2e71b20e 100644 --- a/src/core/operations/ToBase58.mjs +++ b/src/core/operations/ToBase58.mjs @@ -43,7 +43,7 @@ class ToBase58 extends Operation { run(input, args) { input = new Uint8Array(input); let alphabet = args[0] || ALPHABET_OPTIONS[0].value, - result = [0]; + result = []; alphabet = Utils.expandAlphRange(alphabet).join(""); @@ -60,11 +60,9 @@ class ToBase58 extends Operation { } input.forEach(function(b) { - let carry = (result[0] << 8) + b; - result[0] = carry % 58; - carry = (carry / 58) | 0; + let carry = b; - for (let i = 1; i < result.length; i++) { + for (let i = 0; i < result.length; i++) { carry += result[i] << 8; result[i] = carry % 58; carry = (carry / 58) | 0; diff --git a/src/core/operations/ToFloat.mjs b/src/core/operations/ToFloat.mjs new file mode 100644 index 00000000..e0c70bc6 --- /dev/null +++ b/src/core/operations/ToFloat.mjs @@ -0,0 +1,80 @@ +/** + * @author tcode2k16 [tcode2k16@gmail.com] + * @copyright Crown Copyright 2019 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import OperationError from "../errors/OperationError.mjs"; +import Utils from "../Utils.mjs"; +import ieee754 from "ieee754"; +import {DELIM_OPTIONS} from "../lib/Delim.mjs"; + +/** + * To Float operation + */ +class ToFloat extends Operation { + + /** + * ToFloat constructor + */ + constructor() { + super(); + + this.name = "To Float"; + this.module = "Default"; + this.description = "Convert to IEEE754 Floating Point Numbers"; + this.infoURL = "https://wikipedia.org/wiki/IEEE_754"; + this.inputType = "byteArray"; + this.outputType = "string"; + this.args = [ + { + "name": "Endianness", + "type": "option", + "value": [ + "Big Endian", + "Little Endian" + ] + }, + { + "name": "Size", + "type": "option", + "value": [ + "Float (4 bytes)", + "Double (8 bytes)" + ] + }, + { + "name": "Delimiter", + "type": "option", + "value": DELIM_OPTIONS + } + ]; + } + + /** + * @param {byteArray} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const [endianness, size, delimiterName] = args; + const delim = Utils.charRep(delimiterName || "Space"); + const byteSize = size === "Double (8 bytes)" ? 8 : 4; + const isLE = endianness === "Little Endian"; + const mLen = byteSize === 4 ? 23 : 52; + + if (input.length % byteSize !== 0) { + throw new OperationError(`Input is not a multiple of ${byteSize}`); + } + + const output = []; + for (let i = 0; i < input.length; i+=byteSize) { + output.push(ieee754.read(input, i, isLE, mLen, byteSize)); + } + return output.join(delim); + } + +} + +export default ToFloat; diff --git a/src/core/operations/XPathExpression.mjs b/src/core/operations/XPathExpression.mjs index 7bfe3ee1..c850104b 100644 --- a/src/core/operations/XPathExpression.mjs +++ b/src/core/operations/XPathExpression.mjs @@ -6,7 +6,7 @@ import Operation from "../Operation.mjs"; import OperationError from "../errors/OperationError.mjs"; -import xmldom from "xmldom"; +import xmldom from "@xmldom/xmldom"; import xpath from "xpath"; /** diff --git a/src/core/operations/XSalsa20.mjs b/src/core/operations/XSalsa20.mjs new file mode 100644 index 00000000..d289585b --- /dev/null +++ b/src/core/operations/XSalsa20.mjs @@ -0,0 +1,156 @@ +/** + * @author joostrijneveld [joost@joostrijneveld.nl] + * @copyright Crown Copyright 2024 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import OperationError from "../errors/OperationError.mjs"; +import Utils from "../Utils.mjs"; +import { toHex } from "../lib/Hex.mjs"; +import { salsa20Block, hsalsa20 } from "../lib/Salsa20.mjs"; + +/** + * XSalsa20 operation + */ +class XSalsa20 extends Operation { + + /** + * XSalsa20 constructor + */ + constructor() { + super(); + + this.name = "XSalsa20"; + this.module = "Ciphers"; + this.description = "XSalsa20 is a variant of the Salsa20 stream cipher designed by Daniel J. Bernstein; XSalsa uses longer nonces.

Key: XSalsa20 uses a key of 16 or 32 bytes (128 or 256 bits).

Nonce: XSalsa20 uses a nonce of 24 bytes (192 bits).

Counter: XSalsa uses a counter of 8 bytes (64 bits). The counter starts at zero at the start of the keystream, and is incremented at every 64 bytes."; + this.infoURL = "https://en.wikipedia.org/wiki/Salsa20#XSalsa20_with_192-bit_nonce"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + "name": "Key", + "type": "toggleString", + "value": "", + "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"] + }, + { + "name": "Nonce", + "type": "toggleString", + "value": "", + "toggleValues": ["Hex", "UTF8", "Latin1", "Base64", "Integer"] + }, + { + "name": "Counter", + "type": "number", + "value": 0, + "min": 0 + }, + { + "name": "Rounds", + "type": "option", + "value": ["20", "12", "8"] + }, + { + "name": "Input", + "type": "option", + "value": ["Hex", "Raw"] + }, + { + "name": "Output", + "type": "option", + "value": ["Raw", "Hex"] + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const key = Utils.convertToByteArray(args[0].string, args[0].option), + nonceType = args[1].option, + rounds = parseInt(args[3], 10), + inputType = args[4], + outputType = args[5]; + + if (key.length !== 16 && key.length !== 32) { + throw new OperationError(`Invalid key length: ${key.length} bytes. + +XSalsa20 uses a key of 16 or 32 bytes (128 or 256 bits).`); + } + + let counter, nonce; + if (nonceType === "Integer") { + nonce = Utils.intToByteArray(parseInt(args[1].string, 10), 8, "little"); + } else { + nonce = Utils.convertToByteArray(args[1].string, args[1].option); + if (!(nonce.length === 24)) { + throw new OperationError(`Invalid nonce length: ${nonce.length} bytes. + +XSalsa20 uses a nonce of 24 bytes (192 bits).`); + } + } + counter = Utils.intToByteArray(args[2], 8, "little"); + + const xsalsaKey = hsalsa20(key, nonce.slice(0, 16), rounds); + + const output = []; + input = Utils.convertToByteArray(input, inputType); + + let counterAsInt = Utils.byteArrayToInt(counter, "little"); + for (let i = 0; i < input.length; i += 64) { + counter = Utils.intToByteArray(counterAsInt, 8, "little"); + const stream = salsa20Block(xsalsaKey, nonce.slice(16, 24), counter, rounds); + for (let j = 0; j < 64 && i + j < input.length; j++) { + output.push(input[i + j] ^ stream[j]); + } + counterAsInt++; + } + + if (outputType === "Hex") { + return toHex(output); + } else { + return Utils.arrayBufferToStr(Uint8Array.from(output).buffer); + } + } + + /** + * Highlight XSalsa20 + * + * @param {Object[]} pos + * @param {number} pos[].start + * @param {number} pos[].end + * @param {Object[]} args + * @returns {Object[]} pos + */ + highlight(pos, args) { + const inputType = args[4], + outputType = args[5]; + if (inputType === "Raw" && outputType === "Raw") { + return pos; + } + } + + /** + * Highlight XSalsa20 in reverse + * + * @param {Object[]} pos + * @param {number} pos[].start + * @param {number} pos[].end + * @param {Object[]} args + * @returns {Object[]} pos + */ + highlightReverse(pos, args) { + const inputType = args[4], + outputType = args[5]; + if (inputType === "Raw" && outputType === "Raw") { + return pos; + } + } + +} + +export default XSalsa20; diff --git a/src/core/operations/XXTEADecrypt.mjs b/src/core/operations/XXTEADecrypt.mjs new file mode 100644 index 00000000..496e5409 --- /dev/null +++ b/src/core/operations/XXTEADecrypt.mjs @@ -0,0 +1,57 @@ +/** + * @author devcydo [devcydo@gmail.com] + * @author Ma Bingyao [mabingyao@gmail.com] + * @author n1474335 [n1474335@gmail.com] + * @copyright Crown Copyright 2024 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import Utils from "../Utils.mjs"; +import OperationError from "../errors/OperationError.mjs"; +import {decrypt} from "../lib/XXTEA.mjs"; + +/** + * XXTEA Decrypt operation + */ +class XXTEADecrypt extends Operation { + + /** + * XXTEADecrypt constructor + */ + constructor() { + super(); + + this.name = "XXTEA Decrypt"; + this.module = "Ciphers"; + this.description = "Corrected Block TEA (often referred to as XXTEA) is a block cipher designed to correct weaknesses in the original Block TEA. XXTEA operates on variable-length blocks that are some arbitrary multiple of 32 bits in size (minimum 64 bits). The number of full cycles depends on the block size, but there are at least six (rising to 32 for small block sizes). The original Block TEA applies the XTEA round function to each word in the block and combines it additively with its leftmost neighbour. Slow diffusion rate of the decryption process was immediately exploited to break the cipher. Corrected Block TEA uses a more involved round function which makes use of both immediate neighbours in processing each word in the block."; + this.infoURL = "https://wikipedia.org/wiki/XXTEA"; + this.inputType = "ArrayBuffer"; + this.outputType = "ArrayBuffer"; + this.args = [ + { + "name": "Key", + "type": "toggleString", + "value": "", + "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"] + }, + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const key = new Uint8Array(Utils.convertToByteArray(args[0].string, args[0].option)); + try { + return decrypt(new Uint8Array(input), key).buffer; + } catch (err) { + throw new OperationError("Unable to decrypt using this key"); + } + } + +} + +export default XXTEADecrypt; diff --git a/src/core/operations/XXTEAEncrypt.mjs b/src/core/operations/XXTEAEncrypt.mjs new file mode 100644 index 00000000..85379de0 --- /dev/null +++ b/src/core/operations/XXTEAEncrypt.mjs @@ -0,0 +1,52 @@ +/** + * @author devcydo [devcydo@gmail.com] + * @author Ma Bingyao [mabingyao@gmail.com] + * @author n1474335 [n1474335@gmail.com] + * @copyright Crown Copyright 2024 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import Utils from "../Utils.mjs"; +import {encrypt} from "../lib/XXTEA.mjs"; + +/** + * XXTEA Encrypt operation + */ +class XXTEAEncrypt extends Operation { + + /** + * XXTEAEncrypt constructor + */ + constructor() { + super(); + + this.name = "XXTEA Encrypt"; + this.module = "Ciphers"; + this.description = "Corrected Block TEA (often referred to as XXTEA) is a block cipher designed to correct weaknesses in the original Block TEA. XXTEA operates on variable-length blocks that are some arbitrary multiple of 32 bits in size (minimum 64 bits). The number of full cycles depends on the block size, but there are at least six (rising to 32 for small block sizes). The original Block TEA applies the XTEA round function to each word in the block and combines it additively with its leftmost neighbour. Slow diffusion rate of the decryption process was immediately exploited to break the cipher. Corrected Block TEA uses a more involved round function which makes use of both immediate neighbours in processing each word in the block."; + this.infoURL = "https://wikipedia.org/wiki/XXTEA"; + this.inputType = "ArrayBuffer"; + this.outputType = "ArrayBuffer"; + this.args = [ + { + "name": "Key", + "type": "toggleString", + "value": "", + "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"] + }, + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const key = new Uint8Array(Utils.convertToByteArray(args[0].string, args[0].option)); + return encrypt(new Uint8Array(input), key).buffer; + } + +} + +export default XXTEAEncrypt; diff --git a/src/core/vendor/DisassembleX86-64.mjs b/src/core/vendor/DisassembleX86-64.mjs index 5f0ac65d..bbaf7a9b 100644 --- a/src/core/vendor/DisassembleX86-64.mjs +++ b/src/core/vendor/DisassembleX86-64.mjs @@ -4054,7 +4054,7 @@ function DecodeImmediate( type, BySize, SizeSetting ) //Sign bit adjust. - if( V32 >= ( n >> 1 ) ) { V32 -= n; } + if( V32 >= ( n / 2 ) ) { V32 -= n; } //Add position. diff --git a/src/web/App.mjs b/src/web/App.mjs index cce91b1e..3ebfe1be 100755 --- a/src/web/App.mjs +++ b/src/web/App.mjs @@ -39,13 +39,14 @@ class App { this.baking = false; this.autoBake_ = false; - this.autoBakePause = false; this.progress = 0; this.ingId = 0; this.appLoaded = false; this.workerLoaded = false; this.waitersLoaded = false; + + this.snackbars = []; } @@ -153,12 +154,12 @@ class App { * Runs Auto Bake if it is set. */ autoBake() { - // If autoBakePause is set, we are loading a full recipe (and potentially input), so there is no - // need to set the staleness indicator. Just exit and wait until auto bake is called after loading - // has completed. - if (this.autoBakePause) return false; + if (this.baking) { + this.manager.worker.cancelBakeForAutoBake(); + this.baking = false; + } - if (this.autoBake_ && !this.baking) { + if (this.autoBake_) { log.debug("Auto-baking"); this.manager.worker.bakeInputs({ nums: [this.manager.tabs.getActiveTab("input")], @@ -471,7 +472,6 @@ class App { * @fires Manager#statechange */ loadURIParams(params=this.getURIParams()) { - this.autoBakePause = true; this.uriParams = params; // Read in recipe from URI params @@ -500,22 +500,22 @@ class App { // Input Character Encoding // Must be set before the input is loaded if (this.uriParams.ienc) { - this.manager.input.chrEncChange(parseInt(this.uriParams.ienc, 10)); + this.manager.input.chrEncChange(parseInt(this.uriParams.ienc, 10), true, true); } // Output Character Encoding if (this.uriParams.oenc) { - this.manager.output.chrEncChange(parseInt(this.uriParams.oenc, 10)); + this.manager.output.chrEncChange(parseInt(this.uriParams.oenc, 10), true); } // Input EOL sequence if (this.uriParams.ieol) { - this.manager.input.eolChange(this.uriParams.ieol); + this.manager.input.eolChange(this.uriParams.ieol, true); } // Output EOL sequence if (this.uriParams.oeol) { - this.manager.output.eolChange(this.uriParams.oeol); + this.manager.output.eolChange(this.uriParams.oeol, true); } // Read in input data from URI params @@ -538,7 +538,6 @@ class App { this.manager.options.changeTheme(Utils.escapeHtml(this.uriParams.theme)); } - this.autoBakePause = false; window.dispatchEvent(this.manager.statechange); } @@ -572,10 +571,6 @@ class App { setRecipeConfig(recipeConfig) { document.getElementById("rec-list").innerHTML = null; - // Pause auto-bake while loading but don't modify `this.autoBake_` - // otherwise `manualBake` cannot trigger. - this.autoBakePause = true; - for (let i = 0; i < recipeConfig.length; i++) { const item = this.manager.recipe.addOperation(recipeConfig[i].op); @@ -610,9 +605,6 @@ class App { this.progress = 0; } - - // Unpause auto bake - this.autoBakePause = false; } @@ -708,14 +700,14 @@ class App { log.info("[" + time.toLocaleString() + "] " + str); if (silent) return; - this.currentSnackbar = $.snackbar({ + this.snackbars.push($.snackbar({ content: str, timeout: timeout, htmlAllowed: true, onClose: () => { - this.currentSnackbar.remove(); + this.snackbars.shift().remove(); } - }); + })); } diff --git a/src/web/HTMLCategory.mjs b/src/web/HTMLCategory.mjs index 0414fd71..b61a6740 100755 --- a/src/web/HTMLCategory.mjs +++ b/src/web/HTMLCategory.mjs @@ -42,6 +42,9 @@ class HTMLCategory { let html = `
${this.name} +
    `; diff --git a/src/web/HTMLOperation.mjs b/src/web/HTMLOperation.mjs index ae61b58d..30cfd1d9 100755 --- a/src/web/HTMLOperation.mjs +++ b/src/web/HTMLOperation.mjs @@ -85,6 +85,7 @@ class HTMLOperation {
    pause not_interested + keyboard_arrow_up
     
    `; diff --git a/src/web/Manager.mjs b/src/web/Manager.mjs index b02a7eee..2020b2a0 100755 --- a/src/web/Manager.mjs +++ b/src/web/Manager.mjs @@ -139,6 +139,7 @@ class Manager { document.getElementById("load-delete-button").addEventListener("click", this.controls.loadDeleteClick.bind(this.controls)); document.getElementById("load-name").addEventListener("change", this.controls.loadNameChange.bind(this.controls)); document.getElementById("load-button").addEventListener("click", this.controls.loadButtonClick.bind(this.controls)); + document.getElementById("hide-icon").addEventListener("click", this.controls.hideRecipeArgsClick.bind(this.recipe)); document.getElementById("support").addEventListener("click", this.controls.supportButtonClick.bind(this.controls)); this.addMultiEventListeners("#save-texts textarea", "keyup paste", this.controls.saveTextChange, this.controls); @@ -154,6 +155,7 @@ class Manager { // Recipe this.addDynamicListener(".arg:not(select)", "input", this.recipe.ingChange, this.recipe); this.addDynamicListener(".arg[type=checkbox], .arg[type=radio], select.arg", "change", this.recipe.ingChange, this.recipe); + this.addDynamicListener(".hide-args-icon", "click", this.recipe.hideArgsClick, this.recipe); this.addDynamicListener(".disable-icon", "click", this.recipe.disableClick, this.recipe); this.addDynamicListener(".breakpoint", "click", this.recipe.breakpointClick, this.recipe); this.addDynamicListener("#rec-list li.operation", "dblclick", this.recipe.operationDblclick, this.recipe); @@ -227,6 +229,7 @@ class Manager { this.addDynamicListener(".option-item input[type=checkbox]", "change", this.options.switchChange, this.options); this.addDynamicListener(".option-item input[type=checkbox]#wordWrap", "change", this.options.setWordWrap, this.options); this.addDynamicListener(".option-item input[type=checkbox]#useMetaKey", "change", this.bindings.updateKeybList, this.bindings); + this.addDynamicListener(".option-item input[type=checkbox]#showCatCount", "change", this.ops.setCatCount, this.ops); this.addDynamicListener(".option-item input[type=number]", "keyup", this.options.numberChange, this.options); this.addDynamicListener(".option-item input[type=number]", "change", this.options.numberChange, this.options); this.addDynamicListener(".option-item select", "change", this.options.selectChange, this.options); diff --git a/src/web/html/index.html b/src/web/html/index.html index 5c3c3263..38bf7ccc 100755 --- a/src/web/html/index.html +++ b/src/web/html/index.html @@ -1,10 +1,10 @@ -
    -
    +
    @@ -280,17 +284,17 @@ - - - - @@ -518,6 +522,13 @@ Keep the current tab in sync between the input and output
    + +
    + +
    @@ -562,10 +573,10 @@

    - Version <%= htmlWebpackPlugin.options.version %>
    + Version <%= htmlWebpackPlugin.options.version %>
    Compile time: <%= htmlWebpackPlugin.options.compileTime %>

    -

    © Crown Copyright 2016.

    +

    © Crown Copyright 2016-<%= htmlWebpackPlugin.options.compileYear %>.

    Released under the Apache Licence, Version 2.0.

    @@ -608,7 +619,7 @@ What sort of things can I do with CyberChef?

    -

    There are around 300 operations in CyberChef allowing you to carry out simple and complex tasks easily. Here are some examples:

    +

    There are hundreds of operations in CyberChef allowing you to carry out simple and complex tasks easily. Here are some examples:

    • Decode a Base64-encoded string
    • Convert a date and time to a different time zone
      • @@ -679,7 +690,7 @@
      -

      There are around 200 useful operations in CyberChef for anyone working on anything vaguely Internet-related, whether you just want to convert a timestamp to a different format, decompress gzipped data, create a SHA3 hash, or parse an X.509 certificate to find out who issued it.

      +

      There are hundreds of useful operations in CyberChef for anyone working on anything vaguely Internet-related, whether you just want to convert a timestamp to a different format, decompress gzipped data, create a SHA3 hash, or parse an X.509 certificate to find out who issued it.

      It’s the Cyber Swiss Army Knife.

    @@ -860,8 +871,8 @@
    CyberChef v<%= htmlWebpackPlugin.options.version %>
    • Build time: <%= htmlWebpackPlugin.options.compileTime %>
      • -
    • The changelog for this version can be viewed here
      • -
    • © Crown Copyright 2016
      • +
    • The changelog for this version can be viewed here
      • +
    • © Crown Copyright 2016-<%= htmlWebpackPlugin.options.compileYear %>
    • Released under the Apache Licence, Version 2.0
    • SHA256 hash: DOWNLOAD_HASH_PLACEHOLDER
    diff --git a/src/web/index.js b/src/web/index.js index 82039931..90142b34 100755 --- a/src/web/index.js +++ b/src/web/index.js @@ -51,7 +51,8 @@ function main() { logLevel: "info", autoMagic: true, imagePreview: true, - syncTabs: true + syncTabs: true, + showCatCount: false, }; document.removeEventListener("DOMContentLoaded", main, false); diff --git a/src/web/stylesheets/components/_list.css b/src/web/stylesheets/components/_list.css index 31e40837..b732b4c1 100755 --- a/src/web/stylesheets/components/_list.css +++ b/src/web/stylesheets/components/_list.css @@ -40,4 +40,13 @@ margin: 0 !important; border-radius: 0 !important; border: none; -} \ No newline at end of file +} + +.op-count { + float: right; + color: var(--subtext-font-colour); + font-weight: normal; + font-size: xx-small; + opacity: 0.5; + padding-left: .5em; +} diff --git a/src/web/stylesheets/components/_operation.css b/src/web/stylesheets/components/_operation.css index 685a368a..a97fed70 100755 --- a/src/web/stylesheets/components/_operation.css +++ b/src/web/stylesheets/components/_operation.css @@ -69,6 +69,10 @@ select.arg { min-width: 100px; } +select.arg.form-control:not([size]):not([multiple]), select.custom-file-control:not([size]):not([multiple]) { + height: 100% !important; +} + textarea.arg { min-height: 74px; resize: vertical; @@ -80,7 +84,7 @@ div.toggle-string { input.toggle-string { border-top-right-radius: 0 !important; - height: 42px !important; + height: 100%; } .operation [class^='bmd-label'], diff --git a/src/web/stylesheets/layout/_modals.css b/src/web/stylesheets/layout/_modals.css index affc372d..3cd0ce09 100755 --- a/src/web/stylesheets/layout/_modals.css +++ b/src/web/stylesheets/layout/_modals.css @@ -99,10 +99,12 @@ .bmd-form-group.is-focused [class^='bmd-label'], .bmd-form-group.is-focused [class*=' bmd-label'], .bmd-form-group.is-focused label, -.checkbox label:hover { +.checkbox label:hover, +.bmd-form-group.is-filled:focus-within .checkbox.option-item label { color: var(--input-highlight-colour); } + .bmd-form-group.option-item label+.form-control{ background-image: linear-gradient(to top, var(--input-highlight-colour) 2px, rgba(0, 0, 0, 0) 2px), diff --git a/src/web/stylesheets/utils/_general.css b/src/web/stylesheets/utils/_general.css index 56a8cbfe..fd4a7d34 100755 --- a/src/web/stylesheets/utils/_general.css +++ b/src/web/stylesheets/utils/_general.css @@ -36,6 +36,10 @@ body { line-height: 0; } +.hidden { + display: none; +} + .blur { color: transparent !important; text-shadow: rgba(0, 0, 0, 0.95) 0 0 10px !important; diff --git a/src/web/utils/editorUtils.mjs b/src/web/utils/editorUtils.mjs index e02e692b..fe1b6749 100644 --- a/src/web/utils/editorUtils.mjs +++ b/src/web/utils/editorUtils.mjs @@ -95,3 +95,42 @@ export function escapeControlChars(str, preserveWs=false, lineBreak="\n") { return n.outerHTML; }); } + +/** + * Convert and EOL sequence to its name + */ +export const eolSeqToCode = { + "\u000a": "LF", + "\u000b": "VT", + "\u000c": "FF", + "\u000d": "CR", + "\u000d\u000a": "CRLF", + "\u0085": "NEL", + "\u2028": "LS", + "\u2029": "PS" +}; + +/** + * Convert an EOL name to its sequence + */ +export const eolCodeToSeq = { + "LF": "\u000a", + "VT": "\u000b", + "FF": "\u000c", + "CR": "\u000d", + "CRLF": "\u000d\u000a", + "NEL": "\u0085", + "LS": "\u2028", + "PS": "\u2029" +}; + +export const eolCodeToName = { + "LF": "Line Feed", + "VT": "Vertical Tab", + "FF": "Form Feed", + "CR": "Carriage Return", + "CRLF": "Carriage Return + Line Feed", + "NEL": "Next Line", + "LS": "Line Separator", + "PS": "Paragraph Separator" +}; diff --git a/src/web/utils/statusBar.mjs b/src/web/utils/statusBar.mjs index 6469379a..1adcd5be 100644 --- a/src/web/utils/statusBar.mjs +++ b/src/web/utils/statusBar.mjs @@ -6,6 +6,7 @@ import {showPanel} from "@codemirror/view"; import {CHR_ENC_SIMPLE_LOOKUP, CHR_ENC_SIMPLE_REVERSE_LOOKUP} from "../../core/lib/ChrEnc.mjs"; +import { eolCodeToName, eolSeqToCode } from "./editorUtils.mjs"; /** * A Status bar extension for CodeMirror @@ -23,6 +24,8 @@ class StatusBarPanel { this.eolHandler = opts.eolHandler; this.chrEncHandler = opts.chrEncHandler; this.chrEncGetter = opts.chrEncGetter; + this.getEncodingState = opts.getEncodingState; + this.getEOLState = opts.getEOLState; this.htmlOutput = opts.htmlOutput; this.eolVal = null; @@ -92,22 +95,12 @@ class StatusBarPanel { // preventDefault is required to stop the URL being modified and popState being triggered e.preventDefault(); - const eolLookup = { - "LF": "\u000a", - "VT": "\u000b", - "FF": "\u000c", - "CR": "\u000d", - "CRLF": "\u000d\u000a", - "NEL": "\u0085", - "LS": "\u2028", - "PS": "\u2029" - }; - const eolval = eolLookup[e.target.getAttribute("data-val")]; - - if (eolval === undefined) return; + const eolCode = e.target.getAttribute("data-val"); + if (!eolCode) return; // Call relevant EOL change handler - this.eolHandler(eolval); + this.eolHandler(e.target.getAttribute("data-val"), true); + hideElement(e.target.closest(".cm-status-bar-select-content")); } @@ -124,7 +117,7 @@ class StatusBarPanel { if (isNaN(chrEncVal)) return; - this.chrEncHandler(chrEncVal); + this.chrEncHandler(chrEncVal, true); this.updateCharEnc(chrEncVal); hideElement(e.target.closest(".cm-status-bar-select-content")); } @@ -221,25 +214,34 @@ class StatusBarPanel { * @param {EditorState} state */ updateEOL(state) { - if (state.lineBreak === this.eolVal) return; - - const eolLookup = { - "\u000a": ["LF", "Line Feed"], - "\u000b": ["VT", "Vertical Tab"], - "\u000c": ["FF", "Form Feed"], - "\u000d": ["CR", "Carriage Return"], - "\u000d\u000a": ["CRLF", "Carriage Return + Line Feed"], - "\u0085": ["NEL", "Next Line"], - "\u2028": ["LS", "Line Separator"], - "\u2029": ["PS", "Paragraph Separator"] - }; + if (this.getEOLState() < 2 && state.lineBreak === this.eolVal) return; const val = this.dom.querySelector(".eol-value"); const button = val.closest(".cm-status-bar-select-btn"); - const eolName = eolLookup[state.lineBreak]; - val.textContent = eolName[0]; - button.setAttribute("title", `End of line sequence:
    ${eolName[1]}`); - button.setAttribute("data-original-title", `End of line sequence:
    ${eolName[1]}`); + let eolCode = eolSeqToCode[state.lineBreak]; + let eolName = eolCodeToName[eolCode]; + + switch (this.getEOLState()) { + case 1: // Detected + val.classList.add("font-italic"); + eolCode += " (detected)"; + eolName += " (detected)"; + // Pulse + val.classList.add("pulse"); + setTimeout(() => { + val.classList.remove("pulse"); + }, 2000); + break; + case 0: // Unset + case 2: // Manually set + default: + val.classList.remove("font-italic"); + break; + } + + val.textContent = eolCode; + button.setAttribute("title", `End of line sequence:
    ${eolName}`); + button.setAttribute("data-original-title", `End of line sequence:
    ${eolName}`); this.eolVal = state.lineBreak; } @@ -249,12 +251,30 @@ class StatusBarPanel { */ updateCharEnc() { const chrEncVal = this.chrEncGetter(); - if (chrEncVal === this.chrEncVal) return; + if (this.getEncodingState() < 2 && chrEncVal === this.chrEncVal) return; - const name = CHR_ENC_SIMPLE_REVERSE_LOOKUP[chrEncVal] ? CHR_ENC_SIMPLE_REVERSE_LOOKUP[chrEncVal] : "Raw Bytes"; + let name = CHR_ENC_SIMPLE_REVERSE_LOOKUP[chrEncVal] ? CHR_ENC_SIMPLE_REVERSE_LOOKUP[chrEncVal] : "Raw Bytes"; const val = this.dom.querySelector(".chr-enc-value"); const button = val.closest(".cm-status-bar-select-btn"); + + switch (this.getEncodingState()) { + case 1: // Detected + val.classList.add("font-italic"); + name += " (detected)"; + // Pulse + val.classList.add("pulse"); + setTimeout(() => { + val.classList.remove("pulse"); + }, 2000); + break; + case 0: // Unset + case 2: // Manually set + default: + val.classList.remove("font-italic"); + break; + } + val.textContent = name; button.setAttribute("title", `${this.label} character encoding:
    ${name}`); button.setAttribute("data-original-title", `${this.label} character encoding:
    ${name}`); diff --git a/src/web/waiters/ControlsWaiter.mjs b/src/web/waiters/ControlsWaiter.mjs index 6a0ef6f2..b57940a3 100755 --- a/src/web/waiters/ControlsWaiter.mjs +++ b/src/web/waiters/ControlsWaiter.mjs @@ -5,6 +5,7 @@ */ import Utils from "../../core/Utils.mjs"; +import { eolSeqToCode } from "../utils/editorUtils.mjs"; /** @@ -35,6 +36,11 @@ class ControlsWaiter { boundary: "viewport", trigger: "hover" }); + + // Set number of operations in various places in the DOM + document.querySelectorAll(".num-ops").forEach(el => { + el.innerHTML = Object.keys(this.app.operations).length; + }); } @@ -140,16 +146,16 @@ class ControlsWaiter { const inputChrEnc = this.manager.input.getChrEnc(); const outputChrEnc = this.manager.output.getChrEnc(); - const inputEOLSeq = this.manager.input.getEOLSeq(); - const outputEOLSeq = this.manager.output.getEOLSeq(); + const inputEOL = eolSeqToCode[this.manager.input.getEOLSeq()]; + const outputEOL = eolSeqToCode[this.manager.output.getEOLSeq()]; const params = [ includeRecipe ? ["recipe", recipeStr] : undefined, includeInput && input.length ? ["input", Utils.escapeHtml(input)] : undefined, inputChrEnc !== 0 ? ["ienc", inputChrEnc] : undefined, outputChrEnc !== 0 ? ["oenc", outputChrEnc] : undefined, - inputEOLSeq !== "\n" ? ["ieol", inputEOLSeq] : undefined, - outputEOLSeq !== "\n" ? ["oeol", outputEOLSeq] : undefined + inputEOL !== "LF" ? ["ieol", inputEOL] : undefined, + outputEOL !== "LF" ? ["oeol", outputEOL] : undefined ]; const hash = params @@ -344,6 +350,36 @@ class ControlsWaiter { } + /** + * Hides the arguments for all the operations in the current recipe. + */ + hideRecipeArgsClick() { + const icon = document.getElementById("hide-icon"); + + if (icon.getAttribute("hide-args") === "false") { + icon.setAttribute("hide-args", "true"); + icon.setAttribute("data-original-title", "Show arguments"); + icon.children[0].innerText = "keyboard_arrow_down"; + Array.from(document.getElementsByClassName("hide-args-icon")).forEach(function(item) { + item.setAttribute("hide-args", "true"); + item.innerText = "keyboard_arrow_down"; + item.classList.add("hide-args-selected"); + item.parentNode.previousElementSibling.style.display = "none"; + }); + } else { + icon.setAttribute("hide-args", "false"); + icon.setAttribute("data-original-title", "Hide arguments"); + icon.children[0].innerText = "keyboard_arrow_up"; + Array.from(document.getElementsByClassName("hide-args-icon")).forEach(function(item) { + item.setAttribute("hide-args", "false"); + item.innerText = "keyboard_arrow_up"; + item.classList.remove("hide-args-selected"); + item.parentNode.previousElementSibling.style.display = "grid"; + }); + } + } + + /** * Populates the bug report information box with useful technical info. * diff --git a/src/web/waiters/InputWaiter.mjs b/src/web/waiters/InputWaiter.mjs index 25c1629d..3999fd2f 100644 --- a/src/web/waiters/InputWaiter.mjs +++ b/src/web/waiters/InputWaiter.mjs @@ -42,7 +42,7 @@ import { import {statusBar} from "../utils/statusBar.mjs"; import {fileDetailsPanel} from "../utils/fileDetails.mjs"; -import {renderSpecialChar} from "../utils/editorUtils.mjs"; +import {eolCodeToSeq, eolCodeToName, renderSpecialChar} from "../utils/editorUtils.mjs"; /** @@ -62,6 +62,8 @@ class InputWaiter { this.inputTextEl = document.getElementById("input-text"); this.inputChrEnc = 0; + this.eolState = 0; // 0 = unset, 1 = detected, 2 = manual + this.encodingState = 0; // 0 = unset, 1 = detected, 2 = manual this.initEditor(); this.inputWorker = null; @@ -92,6 +94,7 @@ class InputWaiter { fileDetailsPanel: new Compartment }; + const self = this; const initialState = EditorState.create({ doc: null, extensions: [ @@ -114,7 +117,9 @@ class InputWaiter { label: "Input", eolHandler: this.eolChange.bind(this), chrEncHandler: this.chrEncChange.bind(this), - chrEncGetter: this.getChrEnc.bind(this) + chrEncGetter: this.getChrEnc.bind(this), + getEncodingState: this.getEncodingState.bind(this), + getEOLState: this.getEOLState.bind(this) }), // Mutable state @@ -141,10 +146,21 @@ class InputWaiter { if (e.docChanged && !this.silentInputChange) this.inputChange(e); this.silentInputChange = false; + }), + + // Event handlers + EditorView.domEventHandlers({ + paste(event, view) { + setTimeout(() => { + self.afterPaste(event); + }); + } }) ] }); + + if (this.inputEditorView) this.inputEditorView.destroy(); this.inputEditorView = new EditorView({ state: initialState, parent: this.inputTextEl @@ -154,12 +170,23 @@ class InputWaiter { /** * Handler for EOL change events * Sets the line separator - * @param {string} eolVal + * @param {string} eol + * @param {boolean} [manual=false] */ - eolChange(eolVal) { - const oldInputVal = this.getInput(); + eolChange(eol, manual=false) { + const eolVal = eolCodeToSeq[eol]; + if (eolVal === undefined) return; + + this.eolState = manual ? 2 : this.eolState; + if (this.eolState < 2 && eolVal === this.getEOLSeq()) return; + + if (this.eolState === 1) { + // Alert + this.app.alert(`Input end of line separator has been detected and changed to ${eolCodeToName[eol]}`, 5000); + } // Update the EOL value + const oldInputVal = this.getInput(); this.inputEditorView.dispatch({ effects: this.inputEditorConf.eol.reconfigure(EditorState.lineSeparator.of(eolVal)) }); @@ -176,15 +203,28 @@ class InputWaiter { return this.inputEditorView.state.lineBreak; } + /** + * Returns whether the input EOL sequence was set manually or has been detected automatically + * @returns {number} - 0 = unset, 1 = detected, 2 = manual + */ + getEOLState() { + return this.eolState; + } + /** * Handler for Chr Enc change events * Sets the input character encoding * @param {number} chrEncVal + * @param {boolean} [manual=false] - Flag to indicate the encoding was set by the user + * @param {boolean} [internal=false] - Flag to indicate this was set internally, i.e. by loading from URI */ - chrEncChange(chrEncVal) { + chrEncChange(chrEncVal, manual=false, internal=false) { if (typeof chrEncVal !== "number") return; this.inputChrEnc = chrEncVal; - this.inputChange(); + this.encodingState = manual ? 2 : this.encodingState; + if (!internal) { + this.inputChange(); + } } /** @@ -195,6 +235,14 @@ class InputWaiter { return this.inputChrEnc; } + /** + * Returns whether the input character encoding was set manually or has been detected automatically + * @returns {number} - 0 = unset, 1 = detected, 2 = manual + */ + getEncodingState() { + return this.encodingState; + } + /** * Sets word wrap on the input editor * @param {boolean} wrap @@ -594,10 +642,6 @@ class InputWaiter { const inputStr = toBase64(inputVal, "A-Za-z0-9+/"); this.app.updateURL(true, inputStr); } - - // Trigger a state change - if (!silent) window.dispatchEvent(this.manager.statechange); - }.bind(this)); } @@ -866,6 +910,55 @@ class InputWaiter { }, delay, "inputChange", this, [e])(); } + /** + * Handler that fires just after input paste events. + * Checks whether the EOL separator or character encoding should be updated. + * + * @param {event} e + */ + afterPaste(e) { + // If EOL has been fixed, skip this. + if (this.eolState > 1) return; + + const inputText = this.getInput(); + + // Detect most likely EOL sequence + const eolCharCounts = { + "LF": inputText.count("\u000a"), + "VT": inputText.count("\u000b"), + "FF": inputText.count("\u000c"), + "CR": inputText.count("\u000d"), + "CRLF": inputText.count("\u000d\u000a"), + "NEL": inputText.count("\u0085"), + "LS": inputText.count("\u2028"), + "PS": inputText.count("\u2029") + }; + + // If all zero, leave alone + const total = Object.values(eolCharCounts).reduce((acc, curr) => { + return acc + curr; + }, 0); + if (total === 0) return; + + // Find most prevalent line ending sequence + const highest = Object.entries(eolCharCounts).reduce((acc, curr) => { + return curr[1] > acc[1] ? curr : acc; + }, ["LF", 0]); + let choice = highest[0]; + + // If CRLF not zero and more than half the highest alternative, choose CRLF + if ((eolCharCounts.CRLF * 2) > highest[1]) { + choice = "CRLF"; + } + + const eolVal = eolCodeToSeq[choice]; + if (eolVal === this.getEOLSeq()) return; + + // Setting automatically + this.eolState = 1; + this.eolChange(choice); + } + /** * Handler for input dragover events. * Gives the user a visual cue to show that items can be dropped here. @@ -1199,6 +1292,14 @@ class InputWaiter { this.manager.output.removeAllOutputs(); this.manager.output.terminateZipWorker(); + this.eolState = 0; + this.encodingState = 0; + this.manager.output.eolState = 0; + this.manager.output.encodingState = 0; + + this.initEditor(); + this.manager.output.initEditor(); + const tabsList = document.getElementById("input-tabs"); const tabsListChildren = tabsList.children; diff --git a/src/web/waiters/OperationsWaiter.mjs b/src/web/waiters/OperationsWaiter.mjs index dee0dd06..45a40c82 100755 --- a/src/web/waiters/OperationsWaiter.mjs +++ b/src/web/waiters/OperationsWaiter.mjs @@ -168,6 +168,10 @@ class OperationsWaiter { */ opListCreate(e) { this.manager.recipe.createSortableSeedList(e.target); + + // Populate ops total + document.querySelector("#operations .title .op-count").innerText = Object.keys(this.app.operations).length; + this.enableOpsListPopovers(e.target); } @@ -293,6 +297,18 @@ class OperationsWaiter { this.app.resetFavourites(); } + + /** + * Sets whether operation counts are displayed next to a category title + */ + setCatCount() { + if (this.app.options.showCatCount) { + document.querySelectorAll(".category-title .op-count").forEach(el => el.classList.remove("hidden")); + } else { + document.querySelectorAll(".category-title .op-count").forEach(el => el.classList.add("hidden")); + } + } + } export default OperationsWaiter; diff --git a/src/web/waiters/OptionsWaiter.mjs b/src/web/waiters/OptionsWaiter.mjs index b09ddd87..f5134133 100755 --- a/src/web/waiters/OptionsWaiter.mjs +++ b/src/web/waiters/OptionsWaiter.mjs @@ -50,6 +50,7 @@ class OptionsWaiter { // Initialise options this.setWordWrap(); + this.manager.ops.setCatCount(); } diff --git a/src/web/waiters/OutputWaiter.mjs b/src/web/waiters/OutputWaiter.mjs index dae27f3e..2b2cb096 100755 --- a/src/web/waiters/OutputWaiter.mjs +++ b/src/web/waiters/OutputWaiter.mjs @@ -7,6 +7,7 @@ import Utils, {debounce} from "../../core/Utils.mjs"; import Dish from "../../core/Dish.mjs"; +import {isUTF8, CHR_ENC_SIMPLE_REVERSE_LOOKUP} from "../../core/lib/ChrEnc.mjs"; import {detectFileType} from "../../core/lib/FileType.mjs"; import FileSaver from "file-saver"; import ZipWorker from "worker-loader?inline=no-fallback!../workers/ZipWorker.mjs"; @@ -38,7 +39,7 @@ import { import {statusBar} from "../utils/statusBar.mjs"; import {htmlPlugin} from "../utils/htmlWidget.mjs"; import {copyOverride} from "../utils/copyOverride.mjs"; -import {renderSpecialChar} from "../utils/editorUtils.mjs"; +import {eolCodeToSeq, eolCodeToName, renderSpecialChar} from "../utils/editorUtils.mjs"; /** @@ -70,6 +71,8 @@ class OutputWaiter { this.zipWorker = null; this.maxTabs = this.manager.tabs.calcMaxTabs(); this.tabTimeout = null; + this.eolState = 0; // 0 = unset, 1 = detected, 2 = manual + this.encodingState = 0; // 0 = unset, 1 = detected, 2 = manual } /** @@ -109,6 +112,8 @@ class OutputWaiter { eolHandler: this.eolChange.bind(this), chrEncHandler: this.chrEncChange.bind(this), chrEncGetter: this.getChrEnc.bind(this), + getEncodingState: this.getEncodingState.bind(this), + getEOLState: this.getEOLState.bind(this), htmlOutput: this.htmlOutput }), htmlPlugin(this.htmlOutput), @@ -137,6 +142,7 @@ class OutputWaiter { ] }); + if (this.outputEditorView) this.outputEditorView.destroy(); this.outputEditorView = new EditorView({ state: initialState, parent: this.outputTextEl @@ -146,9 +152,21 @@ class OutputWaiter { /** * Handler for EOL change events * Sets the line separator - * @param {string} eolVal + * @param {string} eol + * @param {boolean} [manual=false] */ - async eolChange(eolVal) { + async eolChange(eol, manual=false) { + const eolVal = eolCodeToSeq[eol]; + if (eolVal === undefined) return; + + this.eolState = manual ? 2 : this.eolState; + if (this.eolState < 2 && eolVal === this.getEOLSeq()) return; + + if (this.eolState === 1) { + // Alert + this.app.alert(`Output end of line separator has been detected and changed to ${eolCodeToName[eol]}`, 5000); + } + const currentTabNum = this.manager.tabs.getActiveTab("output"); if (currentTabNum >= 0) { this.outputs[currentTabNum].eolSequence = eolVal; @@ -180,13 +198,23 @@ class OutputWaiter { return this.outputs[currentTabNum].eolSequence; } + /** + * Returns whether the output EOL sequence was set manually or has been detected automatically + * @returns {number} - 0 = unset, 1 = detected, 2 = manual + */ + getEOLState() { + return this.eolState; + } + /** * Handler for Chr Enc change events * Sets the output character encoding * @param {number} chrEncVal + * @param {boolean} [manual=false] */ - async chrEncChange(chrEncVal) { + async chrEncChange(chrEncVal, manual=false) { if (typeof chrEncVal !== "number") return; + const currentEnc = this.getChrEnc(); const currentTabNum = this.manager.tabs.getActiveTab("output"); if (currentTabNum >= 0) { @@ -195,10 +223,17 @@ class OutputWaiter { throw new Error(`Cannot change output ${currentTabNum} chrEnc to ${chrEncVal}`); } - // Reset the output, forcing it to re-decode the data with the new character encoding - await this.setOutput(this.currentOutputCache, true); - // Update the URL manually since we aren't firing a statechange event - this.app.updateURL(true); + this.encodingState = manual ? 2 : this.encodingState; + + if (this.encodingState > 1) { + // Reset the output, forcing it to re-decode the data with the new character encoding + await this.setOutput(this.currentOutputCache, true); + // Update the URL manually since we aren't firing a statechange event + this.app.updateURL(true); + } else if (currentEnc !== chrEncVal) { + // Alert + this.app.alert(`Output character encoding has been detected and changed to ${CHR_ENC_SIMPLE_REVERSE_LOOKUP[chrEncVal] || "Raw Bytes"}`, 5000); + } } /** @@ -213,6 +248,14 @@ class OutputWaiter { return this.outputs[currentTabNum].encoding; } + /** + * Returns whether the output character encoding was set manually or has been detected automatically + * @returns {number} - 0 = unset, 1 = detected, 2 = manual + */ + getEncodingState() { + return this.encodingState; + } + /** * Sets word wrap on the output editor * @param {boolean} wrap @@ -248,6 +291,7 @@ class OutputWaiter { const tabNum = this.manager.tabs.getActiveTab("output"); this.manager.timing.recordTime("outputDecodingStart", tabNum); if (data instanceof ArrayBuffer) { + await this.detectEncoding(data); data = await this.bufferToStr(data); } this.manager.timing.recordTime("outputDecodingEnd", tabNum); @@ -276,6 +320,9 @@ class OutputWaiter { // If turning word wrap off, do it before we populate the editor for performance reasons if (!wrap) this.setWordWrap(wrap); + // Detect suitable EOL sequence + this.detectEOLSequence(data); + // We use setTimeout here to delay the editor dispatch until the next event cycle, // ensuring all async actions have completed before attempting to set the contents // of the editor. This is mainly with the above call to setWordWrap() in mind. @@ -345,6 +392,85 @@ class OutputWaiter { }); } + /** + * Checks whether the EOL separator should be updated + * + * @param {string} data + */ + detectEOLSequence(data) { + // If EOL has been fixed, skip this. + if (this.eolState > 1) return; + // If data is too long, skip this. + if (data.length > 1000000) return; + + // Detect most likely EOL sequence + const eolCharCounts = { + "LF": data.count("\u000a"), + "VT": data.count("\u000b"), + "FF": data.count("\u000c"), + "CR": data.count("\u000d"), + "CRLF": data.count("\u000d\u000a"), + "NEL": data.count("\u0085"), + "LS": data.count("\u2028"), + "PS": data.count("\u2029") + }; + + // If all zero, leave alone + const total = Object.values(eolCharCounts).reduce((acc, curr) => { + return acc + curr; + }, 0); + if (total === 0) return; + + // Find most prevalent line ending sequence + const highest = Object.entries(eolCharCounts).reduce((acc, curr) => { + return curr[1] > acc[1] ? curr : acc; + }, ["LF", 0]); + let choice = highest[0]; + + // If CRLF not zero and more than half the highest alternative, choose CRLF + if ((eolCharCounts.CRLF * 2) > highest[1]) { + choice = "CRLF"; + } + + const eolVal = eolCodeToSeq[choice]; + if (eolVal === this.getEOLSeq()) return; + + // Setting automatically + this.eolState = 1; + this.eolChange(choice); + } + + /** + * Checks whether the character encoding should be updated. + * + * @param {ArrayBuffer} data + */ + async detectEncoding(data) { + // If encoding has been fixed, skip this. + if (this.encodingState > 1) return; + // If data is too long, skip this. + if (data.byteLength > 1000000) return; + + const enc = isUTF8(data); // 0 = not UTF8, 1 = ASCII, 2 = UTF8 + + switch (enc) { + case 0: // not UTF8 + // Set to Raw Bytes + this.encodingState = 1; + await this.chrEncChange(0, false); + break; + case 2: // UTF8 + // Set to UTF8 + this.encodingState = 1; + await this.chrEncChange(65001, false); + break; + case 1: // ASCII + default: + // Ignore + break; + } + } + /** * Calculates the maximum number of tabs to display */ @@ -1415,10 +1541,12 @@ class OutputWaiter { this.app.ioSplitter.collapse(0); $(el).attr("data-original-title", "Restore output pane"); + $(el).attr("aria-label", "Restore output pane"); el.querySelector("i").innerHTML = "fullscreen_exit"; } else { document.body.classList.remove("output-maximised"); $(el).attr("data-original-title", "Maximise output pane"); + $(el).attr("aria-label", "Maximise output pane"); el.querySelector("i").innerHTML = "fullscreen"; this.app.initialiseSplitter(false); this.app.resetLayout(); diff --git a/src/web/waiters/RecipeWaiter.mjs b/src/web/waiters/RecipeWaiter.mjs index 42e763b0..3f5aa302 100755 --- a/src/web/waiters/RecipeWaiter.mjs +++ b/src/web/waiters/RecipeWaiter.mjs @@ -215,6 +215,45 @@ class RecipeWaiter { window.dispatchEvent(this.manager.statechange); } + /** + * Handler for hide-args click events. + * Updates the icon status. + * + * @fires Manager#statechange + * @param {event} e + */ + hideArgsClick(e) { + const icon = e.target; + + if (icon.getAttribute("hide-args") === "false") { + icon.setAttribute("hide-args", "true"); + icon.innerText = "keyboard_arrow_down"; + icon.classList.add("hide-args-selected"); + icon.parentNode.previousElementSibling.style.display = "none"; + } else { + icon.setAttribute("hide-args", "false"); + icon.innerText = "keyboard_arrow_up"; + icon.classList.remove("hide-args-selected"); + icon.parentNode.previousElementSibling.style.display = "grid"; + } + + const icons = Array.from(document.getElementsByClassName("hide-args-icon")); + if (icons.length > 1) { + // Check if ALL the icons are hidden/shown + const uniqueIcons = icons.map(function(item) { + return item.getAttribute("hide-args"); + }).unique(); + + const controlsIconStatus = document.getElementById("hide-icon").getAttribute("hide-args"); + + // If all icons are in the same state and the global icon isn't, fix it + if (uniqueIcons.length === 1 && icon.getAttribute("hide-args") !== controlsIconStatus) { + this.manager.controls.hideRecipeArgsClick(); + } + } + + window.dispatchEvent(this.manager.statechange); + } /** * Handler for disable click events. diff --git a/src/web/waiters/WorkerWaiter.mjs b/src/web/waiters/WorkerWaiter.mjs index 3ad9695e..296aa956 100644 --- a/src/web/waiters/WorkerWaiter.mjs +++ b/src/web/waiters/WorkerWaiter.mjs @@ -322,6 +322,28 @@ class WorkerWaiter { }; } + /** + * Cancels the current bake making it possible to autobake again + */ + cancelBakeForAutoBake() { + if (this.totalOutputs > 1) { + this.cancelBake(); + } else { + // In this case the UI changes can be skipped + + for (let i = this.chefWorkers.length - 1; i >= 0; i--) { + if (this.chefWorkers[i].active) { + this.removeChefWorker(this.chefWorkers[i]); + } + } + + this.inputs = []; + this.inputNums = []; + this.totalOutputs = 0; + this.loadingOutputs = 0; + } + } + /** * Cancels the current bake by terminating and removing all ChefWorkers * diff --git a/tests/browser/00_nightwatch.js b/tests/browser/00_nightwatch.js index 3ba2a865..e64b476b 100644 --- a/tests/browser/00_nightwatch.js +++ b/tests/browser/00_nightwatch.js @@ -194,6 +194,9 @@ module.exports = { // Open category browser + .useCss() + .waitForElementNotVisible("#snackbar-container", 10000) + .useXpath() .click(otherCat) .expect.element(genUUID).to.be.visible; @@ -230,8 +233,8 @@ module.exports = { // Alert bar shows and contains correct content browser + .waitForElementNotVisible("#snackbar-container") .click("#copy-output") - .waitForElementVisible("#snackbar-container") .waitForElementVisible("#snackbar-container .snackbar-content") .expect.element("#snackbar-container .snackbar-content").text.to.equal("Copied raw output successfully."); diff --git a/tests/browser/01_io.js b/tests/browser/01_io.js index 67d1fdff..f8f7f9e1 100644 --- a/tests/browser/01_io.js +++ b/tests/browser/01_io.js @@ -167,6 +167,37 @@ module.exports = { browser.expect.element("#output-text .cm-status-bar .eol-value").text.to.equal("LF"); }, + "Autobaking the latest input": browser => { + // Use the sleep recipe to simulate a long running task + utils.loadRecipe(browser, "Sleep", "input", [2000]); + + browser.waitForElementVisible("#stale-indicator"); + + // Enable previously disabled autobake + browser.expect.element("#auto-bake").to.not.be.selected; + browser.click("#auto-bake-label"); + browser.expect.element("#auto-bake").to.be.selected.before(1000); + + // Add content to the input + browser.pause(100); + browser.sendKeys("#input-text .cm-content", "1"); + browser.waitForElementVisible("#output-loader"); + browser.pause(500); + + // Make another change while the previous input is being baked + browser + .sendKeys("#input-text .cm-content", "2") + .waitForElementNotVisible("#stale-indicator") + .waitForElementNotVisible("#output-loader"); + + // Ensure we got the latest input baked + utils.expectOutput(browser, "input12"); + + // Turn autobake off again + browser.click("#auto-bake-label"); + browser.expect.element("#auto-bake").to.not.be.selected.before(1000); + }, + "Special content": browser => { /* Special characters are rendered correctly */ utils.setInput(browser, SPECIAL_CHARS, false); @@ -383,13 +414,17 @@ module.exports = { utils.setInput(browser, CHINESE_CHARS, false); utils.setChrEnc(browser, "input", "UTF-8"); utils.bake(browser); - utils.expectOutput(browser, "\u00E4\u00B8\u008D\u00E8\u00A6\u0081\u00E6\u0081\u0090\u00E6\u0085\u008C\u00E3\u0080\u0082"); - /* Changing output to match input works as expected */ - utils.setChrEnc(browser, "output", "UTF-8"); - utils.bake(browser); + /* Output encoding should be autodetected */ + browser + .waitForElementVisible("#snackbar-container .snackbar-content", 5000) + .expect.element("#snackbar-container .snackbar-content").text.to.equal("Output character encoding has been detected and changed to UTF-8"); + utils.expectOutput(browser, CHINESE_CHARS); + /* Change the output encoding manually to test for URL presence */ + utils.setChrEnc(browser, "output", "UTF-8"); + /* Encodings appear in the URL */ browser.assert.urlContains("ienc=65001"); browser.assert.urlContains("oenc=65001"); @@ -545,8 +580,8 @@ module.exports = { browser.expect.element("#output-text .cm-status-bar .stats-lines-value").text.to.equal("2"); /* Line endings appear in the URL */ - browser.assert.urlContains("ieol=%0D%0A"); - browser.assert.urlContains("oeol=%0D"); + browser.assert.urlContains("ieol=CRLF"); + browser.assert.urlContains("oeol=CR"); /* Preserved when changing tabs */ browser @@ -641,9 +676,23 @@ module.exports = { }, "Loading from URL": browser => { + utils.clear(browser); + + /* Side panel displays correct info */ + utils.uploadFile(browser, "files/TowelDay.jpeg"); + + browser + .waitForElementVisible("#input-text .cm-file-details") + .waitForElementVisible("#input-text .cm-file-details .file-details-toggle-shown") + .waitForElementVisible("#input-text .cm-file-details .file-details-thumbnail") + .waitForElementVisible("#input-text .cm-file-details .file-details-name") + .waitForElementVisible("#input-text .cm-file-details .file-details-size") + .waitForElementVisible("#input-text .cm-file-details .file-details-type") + .waitForElementVisible("#input-text .cm-file-details .file-details-loaded"); + /* Complex deep link populates the input correctly (encoding, eol, input) */ browser - .urlHash("recipe=To_Base64('A-Za-z0-9%2B/%3D')&input=VGhlIHNoaXBzIGh1bmcgaW4gdGhlIHNreSBpbiBtdWNoIHRoZSBzYW1lIHdheSB0aGF0IGJyaWNrcyBkb24ndC4M&ienc=21866&oenc=1201&ieol=%0C&oeol=%E2%80%A9") + .urlHash("recipe=To_Base64('A-Za-z0-9%2B/%3D')&input=VGhlIHNoaXBzIGh1bmcgaW4gdGhlIHNreSBpbiBtdWNoIHRoZSBzYW1lIHdheSB0aGF0IGJyaWNrcyBkb24ndC4M&ienc=21866&oenc=1201&ieol=FF&oeol=PS") .waitForElementVisible("#rec-list li.operation"); browser.expect.element(`#input-text .cm-content`).to.have.property("textContent").match(/^.{65}$/); diff --git a/tests/browser/02_ops.js b/tests/browser/02_ops.js index 7cb0e941..37f75f58 100644 --- a/tests/browser/02_ops.js +++ b/tests/browser/02_ops.js @@ -37,7 +37,7 @@ module.exports = { testOp(browser, ["From Hex", "Add Text To Image", "To Base64"], Images.PNG_HEX, Images.PNG_CHEF_B64, [[], ["Chef", "Center", "Middle", 0, 0, 16], []]); testOp(browser, "Adler-32 Checksum", "test input", "16160411"); testOp(browser, "Affine Cipher Decode", "test input", "rcqr glnsr", [1, 2]); - testOp(browser, "Affine Cipher Encode", "test input", "njln rbfpn", [2, 1]); + testOp(browser, "Affine Cipher Encode", "test input", "gndg zoujg", [3, 1]); testOp(browser, "AMF Decode", "\u000A\u0013\u0001\u0003a\u0006\u0009test", /"\$value": "test"/); testOp(browser, "AMF Encode", '{"a": "test"}', "\u000A\u0013\u0001\u0003a\u0006\u0009test"); testOp(browser, "Analyse hash", "0123456789abcdef", /CRC-64/); @@ -126,8 +126,8 @@ module.exports = { // testOp(browser, "Extract email addresses", "test input", "test_output"); // testOp(browser, "Extract file paths", "test input", "test_output"); testOpFile(browser, "Extract Files", "files/Hitchhikers_Guide.jpeg", ".card:last-child .collapsed", "extracted_at_0x3d38.zlib"); - testOpFile(browser, "Extract ID3", "files/mp3example.mp3", "tr:last-child td:last-child", "Kevin MacLeod"); - // testOp(browser, "Extract IP addresses", "test input", "test_output"); + // This test seems unreliable on GitHub Actions, not reproducible locally. + // testOpFile(browser, "Extract ID3", "files/mp3example.mp3", "tr:last-child td:last-child", "Kevin MacLeod"); // testOp(browser, "Extract IP addresses", "test input", "test_output"); // testOp(browser, "Extract LSB", "test input", "test_output"); // testOp(browser, "Extract MAC addresses", "test input", "test_output"); // testOp(browser, "Extract RGBA", "test input", "test_output"); @@ -430,7 +430,7 @@ function bakeOp(browser, opName, input, args=[]) { */ function testOp(browser, opName, input, output, args=[]) { bakeOp(browser, opName, input, args); - utils.expectOutput(browser, output); + utils.expectOutput(browser, output, true); } /** @function diff --git a/tests/browser/browserUtils.js b/tests/browser/browserUtils.js index b73dca91..dc0774af 100644 --- a/tests/browser/browserUtils.js +++ b/tests/browser/browserUtils.js @@ -39,7 +39,9 @@ function setInput(browser, input, type=true) { browser.execute(text => { window.app.setInput(text); }, [input]); + browser.pause(100); } + expectInput(browser, input); } /** @function @@ -48,6 +50,11 @@ function setInput(browser, input, type=true) { * @param {Browser} browser - Nightwatch client */ function bake(browser) { + browser + // Ensure we're not currently busy + .waitForElementNotVisible("#output-loader", 5000) + .expect.element("#bake span").text.to.equal("BAKE!"); + browser .click("#bake") .waitForElementNotVisible("#stale-indicator", 5000) @@ -65,6 +72,7 @@ function setChrEnc(browser, io, enc) { io = `#${io}-text`; browser .useCss() + .waitForElementNotVisible("#snackbar-container", 6000) .click(io + " .chr-enc-value") .waitForElementVisible(io + " .chr-enc-select .cm-status-bar-select-scroll") .click("link text", enc) @@ -83,6 +91,7 @@ function setEOLSeq(browser, io, eol) { io = `#${io}-text`; browser .useCss() + .waitForElementNotVisible("#snackbar-container", 6000) .click(io + " .eol-value") .waitForElementVisible(io + " .eol-select .cm-status-bar-select-content") .click(`${io} .cm-status-bar-select-content a[data-val=${eol}]`) @@ -159,7 +168,6 @@ function loadRecipe(browser, opName, input, args) { throw new Error("Invalid operation type. Must be string or array of strings. Received: " + typeof(opName)); } - clear(browser); setInput(browser, input, false); browser .urlHash("recipe=" + recipeConfig) @@ -171,16 +179,45 @@ function loadRecipe(browser, opName, input, args) { * * @param {Browser} browser - Nightwatch client * @param {string|RegExp} expected - The expected output value + * @param {boolean} [waitNotNull=false] - Wait for the output to not be empty before testing the value */ -function expectOutput(browser, expected) { +function expectOutput(browser, expected, waitNotNull=false) { + if (waitNotNull && expected !== "") { + browser.waitUntil(async function() { + const output = await this.execute(function() { + return window.app.manager.output.outputEditorView.state.doc.toString(); + }); + return output.length; + }, 1000); + } + browser.execute(expected => { - const output = window.app.manager.output.outputEditorView.state.doc.toString(); + return window.app.manager.output.outputEditorView.state.doc.toString(); + }, [expected], function({value}) { if (expected instanceof RegExp) { - return expected.test(output); + browser.expect(value).match(expected); } else { - return expected === output; + browser.expect(value).to.be.equal(expected); } - }, [expected]); + }); +} + +/** @function + * Tests whether the input matches a given value + * + * @param {Browser} browser - Nightwatch client + * @param {string|RegExp} expected - The expected input value + */ +function expectInput(browser, expected) { + browser.execute(expected => { + return window.app.manager.input.inputEditorView.state.doc.toString(); + }, [expected], function({value}) { + if (expected instanceof RegExp) { + browser.expect(value).match(expected); + } else { + browser.expect(value).to.be.equal(expected); + } + }); } /** @function @@ -242,6 +279,7 @@ module.exports = { paste: paste, loadRecipe: loadRecipe, expectOutput: expectOutput, + expectInput: expectInput, uploadFile: uploadFile, uploadFolder: uploadFolder }; diff --git a/tests/node/tests/operations.mjs b/tests/node/tests/operations.mjs index 86dbee50..a092ef69 100644 --- a/tests/node/tests/operations.mjs +++ b/tests/node/tests/operations.mjs @@ -432,7 +432,7 @@ color: white; it("Disassemble x86", () => { const result = chef.disassembleX86(chef.toBase64("one two three")); const expected = `0000000000000000 0000 ADD BYTE PTR [RAX],AL\r -0000000000000002 0B250000000B OR ESP,DWORD PTR [0000000-F4FFFFF8]\r +0000000000000002 0B250000000B OR ESP,DWORD PTR [000000000B000008]\r `; assert.strictEqual(result.toString(), expected); }), diff --git a/tests/operations/index.mjs b/tests/operations/index.mjs index e85b6ad3..40ce7a2e 100644 --- a/tests/operations/index.mjs +++ b/tests/operations/index.mjs @@ -59,9 +59,12 @@ import "./tests/Crypt.mjs"; import "./tests/CSV.mjs"; import "./tests/DateTime.mjs"; import "./tests/DefangIP.mjs"; +import "./tests/ECDSA.mjs"; import "./tests/ELFInfo.mjs"; import "./tests/Enigma.mjs"; import "./tests/ExtractEmailAddresses.mjs"; +import "./tests/ExtractHashes.mjs"; +import "./tests/Float.mjs"; import "./tests/FileTree.mjs"; import "./tests/FletcherChecksum.mjs"; import "./tests/Fork.mjs"; @@ -81,11 +84,13 @@ import "./tests/HKDF.mjs"; import "./tests/Image.mjs"; import "./tests/IndexOfCoincidence.mjs"; import "./tests/JA3Fingerprint.mjs"; +import "./tests/JA4.mjs"; import "./tests/JA3SFingerprint.mjs"; import "./tests/JSONBeautify.mjs"; import "./tests/JSONMinify.mjs"; import "./tests/JSONtoCSV.mjs"; import "./tests/Jump.mjs"; +import "./tests/JWK.mjs"; import "./tests/JWTDecode.mjs"; import "./tests/JWTSign.mjs"; import "./tests/JWTVerify.mjs"; @@ -117,6 +122,8 @@ import "./tests/PGP.mjs"; import "./tests/PHP.mjs"; import "./tests/PowerSet.mjs"; import "./tests/Protobuf.mjs"; +import "./tests/PubKeyFromCert.mjs"; +import "./tests/PubKeyFromPrivKey.mjs"; import "./tests/Rabbit.mjs"; import "./tests/RAKE.mjs"; import "./tests/Regex.mjs"; @@ -124,6 +131,8 @@ import "./tests/Register.mjs"; import "./tests/RisonEncodeDecode.mjs"; import "./tests/Rotate.mjs"; import "./tests/RSA.mjs"; +import "./tests/Salsa20.mjs"; +import "./tests/XSalsa20.mjs"; import "./tests/SeqUtils.mjs"; import "./tests/SetDifference.mjs"; import "./tests/SetIntersection.mjs"; @@ -143,6 +152,8 @@ import "./tests/Typex.mjs"; import "./tests/UnescapeString.mjs"; import "./tests/Unicode.mjs"; import "./tests/YARA.mjs"; +import "./tests/ParseCSR.mjs"; +import "./tests/XXTEA.mjs"; const testStatus = { allTestsPassing: true, diff --git a/tests/operations/tests/Base58.mjs b/tests/operations/tests/Base58.mjs index c23ba9ab..8090b84b 100644 --- a/tests/operations/tests/Base58.mjs +++ b/tests/operations/tests/Base58.mjs @@ -53,6 +53,28 @@ TestRegister.addTests([ }, ], }, + { + name: "To Base58 all null", + input: "\0\0\0\0\0\0", + expectedOutput: "111111", + recipeConfig: [ + { + op: "To Base58", + args: ["123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"], + }, + ], + }, + { + name: "From Base58 all null", + input: "111111", + expectedOutput: "\0\0\0\0\0\0", + recipeConfig: [ + { + op: "From Base58", + args: ["123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"], + }, + ], + }, { name: "To Base58 with null prefix and suffix", input: "\0\0\0Hello\0\0\0", diff --git a/tests/operations/tests/ChaCha.mjs b/tests/operations/tests/ChaCha.mjs index 44b39a67..d194390d 100644 --- a/tests/operations/tests/ChaCha.mjs +++ b/tests/operations/tests/ChaCha.mjs @@ -58,6 +58,25 @@ ChaCha uses a nonce of 8 or 12 bytes (64 or 96 bits).`, } ], }, + { + name: "ChaCha: RFC8439 Raw output", + input: "Ladies and Gentlemen of the class of '99: If I could offer you only one tip for the future, sunscreen would be it.", + expectedOutput: "6e 2e 35 9a 25 68 f9 80 41 ba 07 28 dd 0d 69 81 e9 7e 7a ec 1d 43 60 c2 0a 27 af cc fd 9f ae 0b f9 1b 65 c5 52 47 33 ab 8f 59 3d ab cd 62 b3 57 16 39 d6 24 e6 51 52 ab 8f 53 0c 35 9f 08 61 d8 07 ca 0d bf 50 0d 6a 61 56 a3 8e 08 8a 22 b6 5e 52 bc 51 4d 16 cc f8 06 81 8c e9 1a b7 79 37 36 5a f9 0b bf 74 a3 5b e6 b4 0b 8e ed f2 78 5e 42 87 4d", + recipeConfig: [ + { + "op": "ChaCha", + "args": [ + {"option": "Hex", "string": "00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f:10:11:12:13:14:15:16:17:18:19:1a:1b:1c:1d:1e:1f"}, + {"option": "Hex", "string": "00:00:00:00:00:00:00:4a:00:00:00:00"}, + 1, "20", "Raw", "Raw", + ] + }, + { + "op": "To Hex", + "args": [] + }, + ], + }, { name: "ChaCha: draft-strombergson-chacha-test-vectors-01 TC7.1", input: "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00", diff --git a/tests/operations/tests/CipherSaber2.mjs b/tests/operations/tests/CipherSaber2.mjs index dd675d45..9872c7ef 100644 --- a/tests/operations/tests/CipherSaber2.mjs +++ b/tests/operations/tests/CipherSaber2.mjs @@ -21,13 +21,16 @@ TestRegister.addTests([ ], }, { + // input taken from https://ciphersaber.gurus.org/ name: "CipherSaber2 Decrypt", - input: "\x5d\xd9\x7f\xeb\x77\x3c\x42\x9d\xfe\x9c\x3b\x21\x63\xbd\x53\x38\x18\x7c\x36\x37", - expectedOutput: "helloworld", + input: "\x6f\x6d\x0b\xab\xf3\xaa\x67\x19\x03\x15\x30\xed\xb6\x77" + + "\xca\x74\xe0\x08\x9d\xd0\xe7\xb8\x85\x43\x56\xbb\x14\x48\xe3" + + "\x7c\xdb\xef\xe7\xf3\xa8\x4f\x4f\x5f\xb3\xfd", + expectedOutput: "This is a test of CipherSaber.", recipeConfig: [ { op: "CipherSaber2 Decrypt", - args: [{ "option": "Latin1", "string": "test" }, 20], + args: [{ "option": "Latin1", "string": "asdfg" }, 1], }, ], }, diff --git a/tests/operations/tests/Crypt.mjs b/tests/operations/tests/Crypt.mjs index 0c424050..69123d66 100644 --- a/tests/operations/tests/Crypt.mjs +++ b/tests/operations/tests/Crypt.mjs @@ -1948,4 +1948,38 @@ DES uses a key length of 8 bytes (64 bits).`, } ], }, + { + name: "Blowfish Encrypt with variable key length: CBC, ASCII, 4 bytes", + input: "The quick brown fox jumps over the lazy dog.", + expectedOutput: "823f337a53ecf121aa9ec1b111bd5064d1d7586abbdaaa0c8fd0c6cc43c831c88bf088ee3e07287e3f36cf2e45f9c7e6", + recipeConfig: [ + { + "op": "Blowfish Encrypt", + "args": [ + {"option": "Hex", "string": "00112233"}, // Key + {"option": "Hex", "string": "0000000000000000"}, // IV + "CBC", // Mode + "Raw", // Input + "Hex" // Output + ] + } + ], + }, + { + name: "Blowfish Encrypt with variable key length: CBC, ASCII, 42 bytes", + input: "The quick brown fox jumps over the lazy dog.", + expectedOutput: "19f5a68145b34321cfba72226b0f33922ce44dd6e7869fe328db64faae156471216f12ed2a37fd0bdd7cebf867b3cff0", + recipeConfig: [ + { + "op": "Blowfish Encrypt", + "args": [ + {"option": "Hex", "string": "deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdead"}, // Key + {"option": "Hex", "string": "0000000000000000"}, // IV + "CBC", // Mode + "Raw", // Input + "Hex" // Output + ] + } + ], + } ]); diff --git a/tests/operations/tests/DateTime.mjs b/tests/operations/tests/DateTime.mjs index 6276890d..16848bcc 100644 --- a/tests/operations/tests/DateTime.mjs +++ b/tests/operations/tests/DateTime.mjs @@ -31,4 +31,26 @@ TestRegister.addTests([ }, ], }, + { + name: "DateTime Delta Positive", + input: "20/02/2024 13:36:00", + expectedOutput: "20/02/2024 13:37:00", + recipeConfig: [ + { + op: "DateTime Delta", + args: ["Standard date and time", "DD/MM/YYYY HH:mm:ss", "Add", 0, 0, 1, 0], + }, + ], + }, + { + name: "DateTime Delta Negative", + input: "20/02/2024 14:37:00", + expectedOutput: "20/02/2024 13:37:00", + recipeConfig: [ + { + op: "DateTime Delta", + args: ["Standard date and time", "DD/MM/YYYY HH:mm:ss", "Subtract", 0, 1, 0, 0], + }, + ], + }, ]); diff --git a/tests/operations/tests/ECDSA.mjs b/tests/operations/tests/ECDSA.mjs new file mode 100644 index 00000000..560afc5c --- /dev/null +++ b/tests/operations/tests/ECDSA.mjs @@ -0,0 +1,464 @@ +/** + * ECDSA tests. + * + * @author cplussharp + * @copyright Crown Copyright 2021 + * @license Apache-2.0 + */ +import TestRegister from "../../lib/TestRegister.mjs"; +import { ASCII_TEXT } from "../../samples/Ciphers.mjs"; + +const P256 = { + // openssl ecparam -name prime256v1 -genkey -noout -out p256.priv.key + privateKeyPkcs1: `-----BEGIN EC PRIVATE KEY----- +MHcCAQEEINtTjwUkgfAiSwqgcGAXWyE0ueIW6n2k395dmQZ3vGr4oAoGCCqGSM49 +AwEHoUQDQgAEDUc8A0EDNKoCYIPWMHz1yUzqE5mJgusgcAE8H6810fkJ8ZmTNiCC +a6sLgR2vD1VNh2diirWgKPH4PVMKav5e6Q== +-----END EC PRIVATE KEY-----`, + privateKeyPkcs8: `-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg21OPBSSB8CJLCqBw +YBdbITS54hbqfaTf3l2ZBne8avihRANCAAQNRzwDQQM0qgJgg9YwfPXJTOoTmYmC +6yBwATwfrzXR+QnxmZM2IIJrqwuBHa8PVU2HZ2KKtaAo8fg9Uwpq/l7p +-----END PRIVATE KEY-----`, + + // openssl ec -in p256.priv.key -pubout -out p256.pub.key + publicKey: `-----BEGIN PUBLIC KEY----- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDUc8A0EDNKoCYIPWMHz1yUzqE5mJ +gusgcAE8H6810fkJ8ZmTNiCCa6sLgR2vD1VNh2diirWgKPH4PVMKav5e6Q== +-----END PUBLIC KEY-----`, + + signature: { + sha256: { + asn1: "3046022100e06905608a2fa7dbda9e284c2a7959dfb68fb527a5f003b2d7975ff135145127022100b6baa253793334f8b93ea1dd622bc600124d8090babd807efe3f77b8b324388d", + p1363: "e06905608a2fa7dbda9e284c2a7959dfb68fb527a5f003b2d7975ff135145127b6baa253793334f8b93ea1dd622bc600124d8090babd807efe3f77b8b324388d", + jws: "4GkFYIovp9vanihMKnlZ37aPtSel8AOy15df8TUUUSe2uqJTeTM0-Lk-od1iK8YAEk2AkLq9gH7-P3e4syQ4jQ", + json: `{"r":"00e06905608a2fa7dbda9e284c2a7959dfb68fb527a5f003b2d7975ff135145127","s":"00b6baa253793334f8b93ea1dd622bc600124d8090babd807efe3f77b8b324388d"}` + } + } +}; + +// openssl pkcs8 -topk8 -in p256.priv.key -out p256.enc-priv.key -v2 des3 -v2prf hmacWithSHA1 -passout pass:Test1234 +/* const PEM_PRIV_P256_ENCRYPTED_PASS = "Test1234"; +const PEM_PRIV_P256_ENCRYPTED = `-----BEGIN ENCRYPTED PRIVATE KEY----- +MIHsMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAg+4ckqI9Q9ZAICCAAw +DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEOnMUW15Hn/ub0OcCCj9lksEgZCk +kxaK4d430lZHovcA4ZeKTt94QcfjnIHRk65aZt93l17l52pv6n/srs3aRo/n5RV+ +wZ5sTLF0925ZQWJB5cIhzc8KQIvguGCX1znLQJJaRHyYOUXIN77AKEfALKAinBit +25paDnbXAqGn1CR3UwFWUZZW+c3UEhWhmpghQpS1tIl0KI6IAvnrGIdw2kKIouo= +-----END ENCRYPTED PRIVATE KEY-----`;*/ + +const P384 = { + privateKeyPkcs8: `-----BEGIN PRIVATE KEY----- +MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAYo22xn2kZjN8MInom +NDsgD/zhpUwnCYch634jUgO59fN9m2lR5ekaI1XABHz39rihZANiAAQwXoCsPOLv +Nn2STUs/hpL41CQveSL3WUmJ4QdtD7UFCl1mBO6ME0xSUgIQTUNkHt5k9CpOq3x9 +r+LG5+GcisoLn7R54R+bRoGp/p1ZBeuBXoCgthvs+RFoT3OewUmA8oQ= +-----END PRIVATE KEY-----`, + publicKey: `-----BEGIN PUBLIC KEY----- +MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEMF6ArDzi7zZ9kk1LP4aS+NQkL3ki91lJ +ieEHbQ+1BQpdZgTujBNMUlICEE1DZB7eZPQqTqt8fa/ixufhnIrKC5+0eeEfm0aB +qf6dWQXrgV6AoLYb7PkRaE9znsFJgPKE +-----END PUBLIC KEY-----` +}; + +const P521 = { + privateKeyPkcs8: `-----BEGIN PRIVATE KEY----- +MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAifBaJDqNwOtKgThc +FU34GzPQ73ubOQg9dnighpVGwA3b/KwCifimCNKDmKnXJaE04mEcxg8yzcFKausF +5I8o206hgYkDgYYABAGwpkwrBBlZOdx4u9mxqYxJvtzAHaFFAzl21WQVbAjyrqXe +nFPMkhbFpEEWr1ualPYKQkHe14AX33iU3fQ9MlBkgAAripsPbiKggAaog74cUERo +qbrUFZwMbptGgovpE6pU93h7A1wb3Vtw9DZQCgiNbwzMbdsft+p2RJ8iSxWEC6Gd +mw== +-----END PRIVATE KEY-----`, + publicKey: `-----BEGIN PUBLIC KEY----- +MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBsKZMKwQZWTnceLvZsamMSb7cwB2h +RQM5dtVkFWwI8q6l3pxTzJIWxaRBFq9bmpT2CkJB3teAF994lN30PTJQZIAAK4qb +D24ioIAGqIO+HFBEaKm61BWcDG6bRoKL6ROqVPd4ewNcG91bcPQ2UAoIjW8MzG3b +H7fqdkSfIksVhAuhnZs= +-----END PUBLIC KEY-----` +}; + +const PEM_PPRIV_RSA512 = `-----BEGIN RSA PRIVATE KEY----- +MIIBOQIBAAJBAPKr0Dp6YdItzOfk6a7ma7L4BF4LnelMYKtboGLrk6ihtqFPZFRL +NcJi68Hvnt8stMrP50t6jqwWQ2EjMdkj6fsCAwEAAQJAOJUpM0lv36MAQR3WAwsF +F7DOy+LnigteCvaNWiNVxZ6jByB5Qb7sall/Qlu9sFI0ZwrlVcKS0kldee7JTYlL +WQIhAP3UKEfOtpTgT1tYmdhaqjxqMfxBom0Ri+rt9ajlzs6vAiEA9L85B8/Gnb7p +6Af7/wpmafL277OV4X4xBfzMR+TUzHUCIBq+VLQkInaTH6lXL3ZtLwyIf9W9MJjf +RWeuRLjT5bM/AiBF7Kw6kx5Hy1fAtydEApCoDIaIjWJw/kC7WTJ0B+jUUQIgV6dw +NSyj0feakeD890gmId+lvl/w/3oUXiczqvl/N9o= +-----END RSA PRIVATE KEY-----`; +const PEM_PUB_RSA512 = `-----BEGIN PUBLIC KEY----- +MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAPKr0Dp6YdItzOfk6a7ma7L4BF4LnelM +YKtboGLrk6ihtqFPZFRLNcJi68Hvnt8stMrP50t6jqwWQ2EjMdkj6fsCAwEAAQ== +-----END PUBLIC KEY-----`; + +TestRegister.addTests([ + { + name: "ECDSA Sign/Verify: P-256 with MD5", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P256.privateKeyPkcs1, "MD5", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "MD5", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Sign/Verify: P-256 with SHA1", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P256.privateKeyPkcs1, "SHA-1", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-1", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Sign/Verify: P-256 with SHA256", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P256.privateKeyPkcs1, "SHA-256", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-256", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Sign/Verify: P-256 with SHA384", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P256.privateKeyPkcs1, "SHA-384", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-384", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Sign/Verify: P-256 with SHA512", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P256.privateKeyPkcs1, "SHA-512", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-512", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Sign/Verify:: Using a private key in PKCS#8 format works", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P256.privateKeyPkcs8, "SHA-256", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-256", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Sign/Verify: P-384 with SHA384", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P384.privateKeyPkcs8, "SHA-384", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-384", P384.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Sign/Verify: P-521 with SHA512", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P521.privateKeyPkcs8, "SHA-512", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-512", P521.publicKey, ASCII_TEXT] + } + ] + }, + + // ECDSA Sign + { + name: "ECDSA Sign: Using public key fails", + input: ASCII_TEXT, + expectedOutput: "Provided key is not a private key.", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P256.publicKey, "SHA-256", "ASN.1 HEX"] + } + ] + }, + { + name: "ECDSA Sign: Using an RSA key fails", + input: ASCII_TEXT, + expectedOutput: "Provided key is not an EC key.", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [PEM_PPRIV_RSA512, "SHA-256", "ASN.1 HEX"] + } + ] + }, + + // ECDSA Verify + { + name: "ECDSA Verify: P-256 with SHA256 (ASN.1 signature)", + input: P256.signature.sha256.asn1, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Verify", + "args": ["Auto", "SHA-256", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Verify: P-256 with SHA256 (P1363 signature)", + input: P256.signature.sha256.p1363, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Verify", + "args": ["Auto", "SHA-256", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Verify: P-256 with SHA256 (JWS signature)", + input: P256.signature.sha256.jws, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Verify", + "args": ["Auto", "SHA-256", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Verify: P-256 with SHA256 (JSON signature)", + input: P256.signature.sha256.json, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Verify", + "args": ["Auto", "SHA-256", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Verify: JSON signature missing r", + input: JSON.stringify({s: JSON.parse(P256.signature.sha256.json).s}), + expectedOutput: 'No "r" value in the signature JSON', + recipeConfig: [ + { + "op": "ECDSA Verify", + "args": ["Auto", "SHA-256", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Verify: JSON signature missing s", + input: JSON.stringify({r: JSON.parse(P256.signature.sha256.json).r}), + expectedOutput: 'No "s" value in the signature JSON', + recipeConfig: [ + { + "op": "ECDSA Verify", + "args": ["Auto", "SHA-256", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Verify: Using private key fails", + input: P256.signature.sha256.asn1, + expectedOutput: "Provided key is not a public key.", + recipeConfig: [ + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-256", P256.privateKeyPkcs1, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Verify: Using an RSA key fails", + input: P256.signature.sha256.asn1, + expectedOutput: "Provided key is not an EC key.", + recipeConfig: [ + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-256", PEM_PUB_RSA512, ASCII_TEXT] + } + ] + }, + + // ECDSA Signatur Conversion + { + name: "ECDSA Signature Conversion: ASN.1 To ASN.1", + input: P256.signature.sha256.asn1, + expectedOutput: P256.signature.sha256.asn1, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "ASN.1 HEX"] + } + ] + }, + { + name: "ECDSA Signature Conversion: ASN.1 To P1363", + input: P256.signature.sha256.asn1, + expectedOutput: P256.signature.sha256.p1363, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "P1363 HEX"] + } + ] + }, + { + name: "ECDSA Signature Conversion: ASN.1 To JWS", + input: P256.signature.sha256.asn1, + expectedOutput: P256.signature.sha256.jws, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "JSON Web Signature"] + } + ] + }, + { + name: "ECDSA Signature Conversion: ASN.1 To JSON", + input: P256.signature.sha256.asn1, + expectedOutput: P256.signature.sha256.json, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "Raw JSON"] + } + ] + }, + { + name: "ECDSA Signature Conversion: P1363 To ASN.1", + input: P256.signature.sha256.p1363, + expectedOutput: P256.signature.sha256.asn1, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "ASN.1 HEX"] + } + ] + }, + { + name: "ECDSA Signature Conversion: P1363 To P1363", + input: P256.signature.sha256.p1363, + expectedOutput: P256.signature.sha256.p1363, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "P1363 HEX"] + } + ] + }, + { + name: "ECDSA Signature Conversion: P1363 To JWS", + input: P256.signature.sha256.p1363, + expectedOutput: P256.signature.sha256.jws, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "JSON Web Signature"] + } + ] + }, + { + name: "ECDSA Signature Conversion: P1363 To JSON", + input: P256.signature.sha256.p1363, + expectedOutput: P256.signature.sha256.json, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "Raw JSON"] + } + ] + }, + { + name: "ECDSA Signature Conversion: JSON To ASN.1", + input: P256.signature.sha256.json, + expectedOutput: P256.signature.sha256.asn1, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "ASN.1 HEX"] + } + ] + }, + { + name: "ECDSA Signature Conversion: JSON To P1363", + input: P256.signature.sha256.json, + expectedOutput: P256.signature.sha256.p1363, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "P1363 HEX"] + } + ] + }, + { + name: "ECDSA Signature Conversion: JSON To JWS", + input: P256.signature.sha256.json, + expectedOutput: P256.signature.sha256.jws, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "JSON Web Signature"] + } + ] + }, + { + name: "ECDSA Signature Conversion: JSON To JSON", + input: P256.signature.sha256.json, + expectedOutput: P256.signature.sha256.json, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "Raw JSON"] + } + ] + } +]); diff --git a/tests/operations/tests/ExtractHashes.mjs b/tests/operations/tests/ExtractHashes.mjs new file mode 100644 index 00000000..fe739418 --- /dev/null +++ b/tests/operations/tests/ExtractHashes.mjs @@ -0,0 +1,77 @@ +/** + * ExtractHashes tests. + * + * @author mshwed [m@ttshwed.com] + * @copyright Crown Copyright 2024 + * @license Apache-2.0 + */ +import TestRegister from "../../lib/TestRegister.mjs"; + +TestRegister.addTests([ + { + name: "Extract MD5 hash", + input: "The quick brown fox jumps over the lazy dog\n\nMD5: 9e107d9d372bb6826bd81d3542a419d6", + expectedOutput: "9e107d9d372bb6826bd81d3542a419d6", + recipeConfig: [ + { + "op": "Extract hashes", + "args": [32, false, false] + }, + ], + }, + { + name: "Extract SHA1 hash", + input: "The quick brown fox jumps over the lazy dog\n\nSHA1: 2fd4e1c67a2d28fced849ee1bb76e7391b93eb12", + expectedOutput: "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12", + recipeConfig: [ + { + "op": "Extract hashes", + "args": [40, false, false] + }, + ], + }, + { + name: "Extract SHA256 hash", + input: "The quick brown fox jumps over the lazy dog\n\nSHA256: d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592", + expectedOutput: "d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592", + recipeConfig: [ + { + "op": "Extract hashes", + "args": [64, false, false] + }, + ], + }, + { + name: "Extract SHA512 hash", + input: "The quick brown fox jumps over the lazy dog\n\nSHA512: 07e547d9586f6a73f73fbac0435ed76951218fb7d0c8d788a309d785436bbb642e93a252a954f23912547d1e8a3b5ed6e1bfd7097821233fa0538f3db854fee6", + expectedOutput: "07e547d9586f6a73f73fbac0435ed76951218fb7d0c8d788a309d785436bbb642e93a252a954f23912547d1e8a3b5ed6e1bfd7097821233fa0538f3db854fee6", + recipeConfig: [ + { + "op": "Extract hashes", + "args": [128, false, false] + }, + ], + }, + { + name: "Extract all hashes", + input: "The quick brown fox jumps over the lazy dog\n\nMD5: 9e107d9d372bb6826bd81d3542a419d6\nSHA1: 2fd4e1c67a2d28fced849ee1bb76e7391b93eb12\nSHA256: d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592", + expectedOutput: "9e107d9d372bb6826bd81d3542a419d6\n2fd4e1c67a2d28fced849ee1bb76e7391b93eb12\nd7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592", + recipeConfig: [ + { + "op": "Extract hashes", + "args": [0, true, false] + }, + ], + }, + { + name: "Extract hashes with total count", + input: "The quick brown fox jumps over the lazy dog\n\nMD5: 9e107d9d372bb6826bd81d3542a419d6\nSHA1: 2fd4e1c67a2d28fced849ee1bb76e7391b93eb12\nSHA256: d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592", + expectedOutput: "Total Results: 3\n\n9e107d9d372bb6826bd81d3542a419d6\n2fd4e1c67a2d28fced849ee1bb76e7391b93eb12\nd7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592", + recipeConfig: [ + { + "op": "Extract hashes", + "args": [0, true, true] + }, + ], + } +]); diff --git a/tests/operations/tests/Float.mjs b/tests/operations/tests/Float.mjs new file mode 100644 index 00000000..3977834c --- /dev/null +++ b/tests/operations/tests/Float.mjs @@ -0,0 +1,164 @@ +/** + * Float tests. + * + * @author tcode2k16 [tcode2k16@gmail.com] + * + * @copyright Crown Copyright 2019 + * @license Apache-2.0 + */ + +import TestRegister from "../../lib/TestRegister.mjs"; + + +TestRegister.addTests([ + { + name: "To Float: nothing", + input: "", + expectedOutput: "", + recipeConfig: [ + { + op: "From Hex", + args: ["Auto"] + }, + { + op: "To Float", + args: ["Big Endian", "Float (4 bytes)", "Space"] + } + ], + }, + { + name: "To Float (Big Endian, 4 bytes): 0.5", + input: "3f0000003f000000", + expectedOutput: "0.5 0.5", + recipeConfig: [ + { + op: "From Hex", + args: ["Auto"] + }, + { + op: "To Float", + args: ["Big Endian", "Float (4 bytes)", "Space"] + } + ] + }, + { + name: "To Float (Little Endian, 4 bytes): 0.5", + input: "0000003f0000003f", + expectedOutput: "0.5 0.5", + recipeConfig: [ + { + op: "From Hex", + args: ["Auto"] + }, + { + op: "To Float", + args: ["Little Endian", "Float (4 bytes)", "Space"] + } + ] + }, + { + name: "To Float (Big Endian, 8 bytes): 0.5", + input: "3fe00000000000003fe0000000000000", + expectedOutput: "0.5 0.5", + recipeConfig: [ + { + op: "From Hex", + args: ["Auto"] + }, + { + op: "To Float", + args: ["Big Endian", "Double (8 bytes)", "Space"] + } + ] + }, + { + name: "To Float (Little Endian, 8 bytes): 0.5", + input: "000000000000e03f000000000000e03f", + expectedOutput: "0.5 0.5", + recipeConfig: [ + { + op: "From Hex", + args: ["Auto"] + }, + { + op: "To Float", + args: ["Little Endian", "Double (8 bytes)", "Space"] + } + ] + }, + { + name: "From Float: nothing", + input: "", + expectedOutput: "", + recipeConfig: [ + { + op: "From Float", + args: ["Big Endian", "Float (4 bytes)", "Space"] + }, + { + op: "To Hex", + args: ["None"] + } + ] + }, + { + name: "From Float (Big Endian, 4 bytes): 0.5", + input: "0.5 0.5", + expectedOutput: "3f0000003f000000", + recipeConfig: [ + { + op: "From Float", + args: ["Big Endian", "Float (4 bytes)", "Space"] + }, + { + op: "To Hex", + args: ["None"] + } + ] + }, + { + name: "From Float (Little Endian, 4 bytes): 0.5", + input: "0.5 0.5", + expectedOutput: "0000003f0000003f", + recipeConfig: [ + { + op: "From Float", + args: ["Little Endian", "Float (4 bytes)", "Space"] + }, + { + op: "To Hex", + args: ["None"] + } + ] + }, + { + name: "From Float (Big Endian, 8 bytes): 0.5", + input: "0.5 0.5", + expectedOutput: "3fe00000000000003fe0000000000000", + recipeConfig: [ + { + op: "From Float", + args: ["Big Endian", "Double (8 bytes)", "Space"] + }, + { + op: "To Hex", + args: ["None"] + } + ] + }, + { + name: "From Float (Little Endian, 8 bytes): 0.5", + input: "0.5 0.5", + expectedOutput: "000000000000e03f000000000000e03f", + recipeConfig: [ + { + op: "From Float", + args: ["Little Endian", "Double (8 bytes)", "Space"] + }, + { + op: "To Hex", + args: ["None"] + } + ] + } +]); diff --git a/tests/operations/tests/GOST.mjs b/tests/operations/tests/GOST.mjs index f332051b..bf1f7c19 100644 --- a/tests/operations/tests/GOST.mjs +++ b/tests/operations/tests/GOST.mjs @@ -14,7 +14,7 @@ import TestRegister from "../../lib/TestRegister.mjs"; TestRegister.addTests([ { - name: "GOST Encrypt: Magma", + name: "GOST Encrypt: 1989", input: "Hello, World!", expectedOutput: "f124ac5c0853870906dbaf9b56", recipeConfig: [ @@ -25,8 +25,7 @@ TestRegister.addTests([ { "option": "Hex", "string": "0011223344556677" }, "Raw", "Hex", - "GOST 28147 (Magma, 1989)", - "64", + "GOST 28147 (1989)", "E-SC", "OFB", "CP", @@ -48,7 +47,6 @@ TestRegister.addTests([ "Raw", "Hex", "GOST R 34.12 (Kuznyechik, 2015)", - "128", "E-SC", "CBC", "CP", @@ -58,7 +56,7 @@ TestRegister.addTests([ ], }, { - name: "GOST Decrypt: Magma", + name: "GOST Decrypt: 1989", input: "f124ac5c0853870906dbaf9b56", expectedOutput: "Hello, World!", recipeConfig: [ @@ -69,8 +67,7 @@ TestRegister.addTests([ { "option": "Hex", "string": "0011223344556677" }, "Hex", "Raw", - "GOST 28147 (Magma, 1989)", - "128", + "GOST 28147 (1989)", "E-SC", "OFB", "CP", @@ -92,7 +89,6 @@ TestRegister.addTests([ "Hex", "Raw", "GOST R 34.12 (Kuznyechik, 2015)", - "128", "E-TEST", "CBC", "CP", @@ -113,8 +109,7 @@ TestRegister.addTests([ { "option": "Hex", "string": "0011223344556677" }, "Raw", "Hex", - "GOST 28147 (Magma, 1989)", - "64", + "GOST 28147 (1989)", "E-C", 48 ] @@ -134,7 +129,6 @@ TestRegister.addTests([ { "option": "Hex", "string": "42b77fb3d6f6bf04" }, "Raw", "GOST R 34.12 (Kuznyechik, 2015)", - "128", "E-TEST" ] } @@ -152,8 +146,7 @@ TestRegister.addTests([ { "option": "Hex", "string": "0011223344556677" }, "Raw", "Hex", - "GOST R 34.12 (Kuznyechik, 2015)", - "64", + "GOST R 34.12 (Magma, 2015)", "E-TEST", "CP" ] @@ -172,8 +165,7 @@ TestRegister.addTests([ { "option": "Latin1", "string": "00112233" }, "Hex", "Raw", - "GOST 28147 (Magma, 1989)", - "64", + "GOST 28147 (1989)", "E-Z", "CP" ] diff --git a/tests/operations/tests/JA4.mjs b/tests/operations/tests/JA4.mjs new file mode 100644 index 00000000..0fb4624e --- /dev/null +++ b/tests/operations/tests/JA4.mjs @@ -0,0 +1,121 @@ +/** + * JA4 tests. + * + * @author n1474335 [n1474335@gmail.com] + * @copyright Crown Copyright 2024 + * @license Apache-2.0 + */ +import TestRegister from "../../lib/TestRegister.mjs"; + +TestRegister.addTests([ + { + name: "JA4 Fingerprint: TLS 1.3", + input: "1603010200010001fc0303b2c03e7ba990ef540c316a665d4d925f8e9079ac4b15687e587dc99016e75a6c20d0b0099243c9296a0c84153ea4ada7d87ad017f4211c2ea1350b0b3cc5514d5f00205a5a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f003501000193fafa000000000024002200001f636f6e74656e742d6175746f66696c6c2e676f6f676c65617069732e636f6d0033002b00293a3a000100001d0020fb2cd8ef3d605b96ab03119ec4f30a6e2088cb1af86c41a81feace8706068c50000d001200100403080404010503080505010806060100230000000b00020100ff01000100000a000a00083a3a001d00170018001b000302000244690005000302683200120000002d000201010010000e000c02683208687474702f312e31000500050100000000002b0007060a0a03040303001700001a1a000100001500b800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + expectedOutput: "t13d1516h2_8daaf6152771_e5627efa2ab1", + recipeConfig: [ + { + "op": "JA4 Fingerprint", + "args": ["Hex", "JA4"] + } + ], + }, + { + name: "JA4 Fingerprint: TLS 1.3 Original Rendering", + input: "1603010200010001fc0303b2c03e7ba990ef540c316a665d4d925f8e9079ac4b15687e587dc99016e75a6c20d0b0099243c9296a0c84153ea4ada7d87ad017f4211c2ea1350b0b3cc5514d5f00205a5a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f003501000193fafa000000000024002200001f636f6e74656e742d6175746f66696c6c2e676f6f676c65617069732e636f6d0033002b00293a3a000100001d0020fb2cd8ef3d605b96ab03119ec4f30a6e2088cb1af86c41a81feace8706068c50000d001200100403080404010503080505010806060100230000000b00020100ff01000100000a000a00083a3a001d00170018001b000302000244690005000302683200120000002d000201010010000e000c02683208687474702f312e31000500050100000000002b0007060a0a03040303001700001a1a000100001500b800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + expectedOutput: "t13d1516h2_acb858a92679_5276cb03a33b", + recipeConfig: [ + { + "op": "JA4 Fingerprint", + "args": ["Hex", "JA4 Original Rendering"] + } + ], + }, + { + name: "JA4 Fingerprint: TLS 1.2", + input: "1603010200010001fc0303ecb2691addb2bf6c599c7aaae23de5f42561cc04eb41029acc6fc050a16ac1d22046f8617b580ac9358e2aa44e306d52466bcc989c87c8ca64309f5faf50ba7b4d0022130113031302c02bc02fcca9cca8c02cc030c00ac009c013c014009c009d002f00350100019100000021001f00001c636f6e74696c652e73657276696365732e6d6f7a696c6c612e636f6d00170000ff01000100000a000e000c001d00170018001901000101000b00020100002300000010000e000c02683208687474702f312e310005000501000000000022000a000804030503060302030033006b0069001d00208909858fbeb6ed2f1248ba5b9e2978bead0e840110192c61daed0096798b184400170041044d183d91f5eed35791fa982464e3b0214aaa5f5d1b78616d9b9fbebc22d11f535b2f94c686143136aa795e6e5a875d6c08064ad5b76d44caad766e2483012748002b00050403040303000d0018001604030503060308040805080604010501060102030201002d00020101001c000240010015007a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + expectedOutput: "t13d1715h2_5b57614c22b0_3d5424432f57", + recipeConfig: [ + { + "op": "JA4 Fingerprint", + "args": ["Hex", "JA4"] + } + ], + }, + { + name: "JA4 Fingerprint: TLS 1.2 Original Rendering", + input: "1603010200010001fc0303ecb2691addb2bf6c599c7aaae23de5f42561cc04eb41029acc6fc050a16ac1d22046f8617b580ac9358e2aa44e306d52466bcc989c87c8ca64309f5faf50ba7b4d0022130113031302c02bc02fcca9cca8c02cc030c00ac009c013c014009c009d002f00350100019100000021001f00001c636f6e74696c652e73657276696365732e6d6f7a696c6c612e636f6d00170000ff01000100000a000e000c001d00170018001901000101000b00020100002300000010000e000c02683208687474702f312e310005000501000000000022000a000804030503060302030033006b0069001d00208909858fbeb6ed2f1248ba5b9e2978bead0e840110192c61daed0096798b184400170041044d183d91f5eed35791fa982464e3b0214aaa5f5d1b78616d9b9fbebc22d11f535b2f94c686143136aa795e6e5a875d6c08064ad5b76d44caad766e2483012748002b00050403040303000d0018001604030503060308040805080604010501060102030201002d00020101001c000240010015007a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + expectedOutput: "t13d1715h2_5b234860e130_014157ec0da2", + recipeConfig: [ + { + "op": "JA4 Fingerprint", + "args": ["Hex", "JA4 Original Rendering"] + } + ], + }, + { + name: "JA4Server Fingerprint: TLS 1.2 h2 ALPN", + input: "16030300640200006003035f0236c07f47bfb12dc2da706ecb3fe7f9eeac9968cc2ddf444f574e4752440120b89ff1ab695278c69b8a73f76242ef755e0b13dc6d459aaaa784fec9c2dfce34cca900001800000000ff01000100000b00020100001000050003026832", + expectedOutput: "t1204h2_cca9_1428ce7b4018", + recipeConfig: [ + { + "op": "JA4Server Fingerprint", + "args": ["Hex", "JA4S"] + } + ] + }, + { + name: "JA4Server Fingerprint: TLS 1.2 h2 ALPN Raw", + input: "16030300640200006003035f0236c07f47bfb12dc2da706ecb3fe7f9eeac9968cc2ddf444f574e4752440120b89ff1ab695278c69b8a73f76242ef755e0b13dc6d459aaaa784fec9c2dfce34cca900001800000000ff01000100000b00020100001000050003026832", + expectedOutput: "t1204h2_cca9_0000,ff01,000b,0010", + recipeConfig: [ + { + "op": "JA4Server Fingerprint", + "args": ["Hex", "JA4S Raw"] + } + ] + }, + { + name: "JA4Server Fingerprint: TLS 1.3", + input: "160303007a020000760303236d214556452c55a0754487e64b1a8b0262c50ba23004c9d504166a6de3439920d0b0099243c9296a0c84153ea4ada7d87ad017f4211c2ea1350b0b3cc5514d5f130100002e00330024001d002099e3cc43a2c9941ae75af1b2c7a629bee3ee7031973cad85c82f2f23677fb244002b00020304", + expectedOutput: "t130200_1301_234ea6891581", + recipeConfig: [ + { + "op": "JA4Server Fingerprint", + "args": ["Hex", "JA4S"] + } + ] + }, + { + name: "JA4Server Fingerprint: TLS 1.3 Raw", + input: "160303007a020000760303236d214556452c55a0754487e64b1a8b0262c50ba23004c9d504166a6de3439920d0b0099243c9296a0c84153ea4ada7d87ad017f4211c2ea1350b0b3cc5514d5f130100002e00330024001d002099e3cc43a2c9941ae75af1b2c7a629bee3ee7031973cad85c82f2f23677fb244002b00020304", + expectedOutput: "t130200_1301_0033,002b", + recipeConfig: [ + { + "op": "JA4Server Fingerprint", + "args": ["Hex", "JA4S Raw"] + } + ] + }, + { + name: "JA4Server Fingerprint: TLS 1.3 non-ascii ALPN", + input: "160303007a020000760303897c232e3ee313314f2b662307ff4f7e2cf1caeec1b27711bca77f469519168520bc58b92f865e6b9aa4a6371cadcb0afe1da1c0f705209a11d52357f56d5dd962130100002e00330024001d002076b8b7ed0f96b63a773d85ab6f3a87a151c130529785b41a4defb53184055957002b00020304", + expectedOutput: "t130200_1301_234ea6891581", + recipeConfig: [ + { + "op": "JA4Server Fingerprint", + "args": ["Hex", "JA4S"] + } + ] + }, + { + name: "JA4Server Fingerprint: TLS 1.3 non-ascii ALPN Raw", + input: "160303007a020000760303897c232e3ee313314f2b662307ff4f7e2cf1caeec1b27711bca77f469519168520bc58b92f865e6b9aa4a6371cadcb0afe1da1c0f705209a11d52357f56d5dd962130100002e00330024001d002076b8b7ed0f96b63a773d85ab6f3a87a151c130529785b41a4defb53184055957002b00020304", + expectedOutput: "t130200_1301_0033,002b", + recipeConfig: [ + { + "op": "JA4Server Fingerprint", + "args": ["Hex", "JA4S Raw"] + } + ] + }, +]); diff --git a/tests/operations/tests/JWK.mjs b/tests/operations/tests/JWK.mjs new file mode 100644 index 00000000..c77c983e --- /dev/null +++ b/tests/operations/tests/JWK.mjs @@ -0,0 +1,359 @@ +/** + * JWK conversion + * + * @author cplussharp + * @copyright Crown Copyright 2021 + * @license Apache-2.0 + */ +import TestRegister from "../../lib/TestRegister.mjs"; + +// test data for RSA key pair +const RSA_512 = { + private: { + pem1: `-----BEGIN RSA PRIVATE KEY----- +MIIBOQIBAAJBAPKr0Dp6YdItzOfk6a7ma7L4BF4LnelMYKtboGLrk6ihtqFPZFRL +NcJi68Hvnt8stMrP50t6jqwWQ2EjMdkj6fsCAwEAAQJAOJUpM0lv36MAQR3WAwsF +F7DOy+LnigteCvaNWiNVxZ6jByB5Qb7sall/Qlu9sFI0ZwrlVcKS0kldee7JTYlL +WQIhAP3UKEfOtpTgT1tYmdhaqjxqMfxBom0Ri+rt9ajlzs6vAiEA9L85B8/Gnb7p +6Af7/wpmafL277OV4X4xBfzMR+TUzHUCIBq+VLQkInaTH6lXL3ZtLwyIf9W9MJjf +RWeuRLjT5bM/AiBF7Kw6kx5Hy1fAtydEApCoDIaIjWJw/kC7WTJ0B+jUUQIgV6dw +NSyj0feakeD890gmId+lvl/w/3oUXiczqvl/N9o= +-----END RSA PRIVATE KEY-----`, + pem8: `-----BEGIN PRIVATE KEY----- +MIIBUwIBADANBgkqhkiG9w0BAQEFAASCAT0wggE5AgEAAkEA8qvQOnph0i3M5+Tp +ruZrsvgEXgud6Uxgq1ugYuuTqKG2oU9kVEs1wmLrwe+e3yy0ys/nS3qOrBZDYSMx +2SPp+wIDAQABAkA4lSkzSW/fowBBHdYDCwUXsM7L4ueKC14K9o1aI1XFnqMHIHlB +vuxqWX9CW72wUjRnCuVVwpLSSV157slNiUtZAiEA/dQoR862lOBPW1iZ2FqqPGox +/EGibRGL6u31qOXOzq8CIQD0vzkHz8advunoB/v/CmZp8vbvs5XhfjEF/MxH5NTM +dQIgGr5UtCQidpMfqVcvdm0vDIh/1b0wmN9FZ65EuNPlsz8CIEXsrDqTHkfLV8C3 +J0QCkKgMhoiNYnD+QLtZMnQH6NRRAiBXp3A1LKPR95qR4Pz3SCYh36W+X/D/ehRe +JzOq+X832g== +-----END PRIVATE KEY-----`, + jwk: { + "kty": "RSA", + "n": "8qvQOnph0i3M5-TpruZrsvgEXgud6Uxgq1ugYuuTqKG2oU9kVEs1wmLrwe-e3yy0ys_nS3qOrBZDYSMx2SPp-w", + "e": "AQAB", + "d": "OJUpM0lv36MAQR3WAwsFF7DOy-LnigteCvaNWiNVxZ6jByB5Qb7sall_Qlu9sFI0ZwrlVcKS0kldee7JTYlLWQ", + "p": "_dQoR862lOBPW1iZ2FqqPGox_EGibRGL6u31qOXOzq8", + "q": "9L85B8_Gnb7p6Af7_wpmafL277OV4X4xBfzMR-TUzHU", + "dp": "Gr5UtCQidpMfqVcvdm0vDIh_1b0wmN9FZ65EuNPlsz8", + "dq": "ReysOpMeR8tXwLcnRAKQqAyGiI1icP5Au1kydAfo1FE", + "qi": "V6dwNSyj0feakeD890gmId-lvl_w_3oUXiczqvl_N9o" + } + }, + public: { + pem1: `-----BEGIN RSA PUBLIC KEY----- +MEgCQQDyq9A6emHSLczn5Omu5muy+AReC53pTGCrW6Bi65OoobahT2RUSzXCYuvB +757fLLTKz+dLeo6sFkNhIzHZI+n7AgMBAAE= +-----END RSA PUBLIC KEY-----`, + pem8: `-----BEGIN PUBLIC KEY----- +MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAPKr0Dp6YdItzOfk6a7ma7L4BF4LnelM +YKtboGLrk6ihtqFPZFRLNcJi68Hvnt8stMrP50t6jqwWQ2EjMdkj6fsCAwEAAQ== +-----END PUBLIC KEY-----`, + cert: `-----BEGIN CERTIFICATE----- +MIIBfTCCASegAwIBAgIUeisK5Nwss2DGg5PCs4uSxxXyyNkwDQYJKoZIhvcNAQEL +BQAwEzERMA8GA1UEAwwIUlNBIHRlc3QwHhcNMjExMTE5MTcyMDI2WhcNMzExMTE3 +MTcyMDI2WjATMREwDwYDVQQDDAhSU0EgdGVzdDBcMA0GCSqGSIb3DQEBAQUAA0sA +MEgCQQDyq9A6emHSLczn5Omu5muy+AReC53pTGCrW6Bi65OoobahT2RUSzXCYuvB +757fLLTKz+dLeo6sFkNhIzHZI+n7AgMBAAGjUzBRMB0GA1UdDgQWBBRO+jvkqq5p +pnQgwMMnRoun6e7eiTAfBgNVHSMEGDAWgBRO+jvkqq5ppnQgwMMnRoun6e7eiTAP +BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA0EAR/5HAZM5qBhU/ezDUIFx +gmUGoFbIb5kJD41YCnaSdrgWglh4He4melSs42G/oxBBjuCJ0bUpqWnLl+lJkv1z +IA== +-----END CERTIFICATE-----`, + jwk: { + "kty": "RSA", + "n": "8qvQOnph0i3M5-TpruZrsvgEXgud6Uxgq1ugYuuTqKG2oU9kVEs1wmLrwe-e3yy0ys_nS3qOrBZDYSMx2SPp-w", + "e": "AQAB" + } + } +}; + +// test data for EC key pair +const EC_P256 = { + private: { + pem1: `-----BEGIN EC PRIVATE KEY----- +MHcCAQEEINtTjwUkgfAiSwqgcGAXWyE0ueIW6n2k395dmQZ3vGr4oAoGCCqGSM49 +AwEHoUQDQgAEDUc8A0EDNKoCYIPWMHz1yUzqE5mJgusgcAE8H6810fkJ8ZmTNiCC +a6sLgR2vD1VNh2diirWgKPH4PVMKav5e6Q== +-----END EC PRIVATE KEY-----`, + pem8: `-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg21OPBSSB8CJLCqBw +YBdbITS54hbqfaTf3l2ZBne8avihRANCAAQNRzwDQQM0qgJgg9YwfPXJTOoTmYmC +6yBwATwfrzXR+QnxmZM2IIJrqwuBHa8PVU2HZ2KKtaAo8fg9Uwpq/l7p +-----END PRIVATE KEY-----`, + jwk: { + "kty": "EC", + "crv": "P-256", + "x": "DUc8A0EDNKoCYIPWMHz1yUzqE5mJgusgcAE8H6810fk", + "y": "CfGZkzYggmurC4Edrw9VTYdnYoq1oCjx-D1TCmr-Xuk", + "d": "21OPBSSB8CJLCqBwYBdbITS54hbqfaTf3l2ZBne8avg" + } + }, + public: { + pem8: `-----BEGIN PUBLIC KEY----- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDUc8A0EDNKoCYIPWMHz1yUzqE5mJ +gusgcAE8H6810fkJ8ZmTNiCCa6sLgR2vD1VNh2diirWgKPH4PVMKav5e6Q== +-----END PUBLIC KEY-----`, + cert: `-----BEGIN CERTIFICATE----- +MIIBfzCCASWgAwIBAgIUK4H8J3Hr7NpRLPrACj8Pje4JJJ0wCgYIKoZIzj0EAwIw +FTETMBEGA1UEAwwKUC0yNTYgdGVzdDAeFw0yMTExMTkxNzE5NDVaFw0zMTExMTcx +NzE5NDVaMBUxEzARBgNVBAMMClAtMjU2IHRlc3QwWTATBgcqhkjOPQIBBggqhkjO +PQMBBwNCAAQNRzwDQQM0qgJgg9YwfPXJTOoTmYmC6yBwATwfrzXR+QnxmZM2IIJr +qwuBHa8PVU2HZ2KKtaAo8fg9Uwpq/l7po1MwUTAdBgNVHQ4EFgQU/SxodXrpkybM +gcIgkxnRKd7HMzowHwYDVR0jBBgwFoAU/SxodXrpkybMgcIgkxnRKd7HMzowDwYD +VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNIADBFAiBU9PrOa/kXCpTTBInRf/sN +ac2iDHmbdpWzcXI+xLKNYAIhAIRR1LRSHVwOTLQ/iBXd+8LCkm5aTB27RW46LN80 +ylxt +-----END CERTIFICATE-----`, + jwk: { + "kty": "EC", + "crv": "P-256", + "x": "DUc8A0EDNKoCYIPWMHz1yUzqE5mJgusgcAE8H6810fk", + "y": "CfGZkzYggmurC4Edrw9VTYdnYoq1oCjx-D1TCmr-Xuk" + } + } +}; + +const PEM_PRIV_DSA1024 = `-----BEGIN DSA PRIVATE KEY----- +MIIBuwIBAAKBgQCkFEttBrPHEJRgcvaT8HbZs9h1pVQLHhn2F452izusRox1czMM +IC8Z7YQiM1pt6bgEmf0h8ldx6UFT0YL9JWSbyBy1U5pHKfnz/xjeg7ZMReL4F0/T +Gwmu4ercqfM//TmEg9nL3nDxb4WmF2al/SmHN3qlzYmYaIDEFfEuu8vWbwIVAMOq +7pqQiMGUu6uJY/nQTWW0c3IfAoGARWryStp2AElj538qN9tWRuyobRA93Q1ujrdM +EqsqVpMZd1a8qtRyMaZVVdB7N3EweNUuFOoSAp10s/SQEH9qhVo6NwvzhB7lEtm4 +5FjWW9+9WCuuFOGZpTy8PSFAvQcfUqunP/DeaDliNmgKci+n0nfIBakuQn10Zmqk +vGu8NZICgYBUsoQeXSJ19e6XZenk6G8wVI3yXFqnRAwb6s7sAVoPwfDCsOXTxC7W +Mlfz0HcYMiifFKEd28NnuAZ2e0ngyPHsb9s5phzTgRfO3GFzOjsjwgx3DmQI2Ck2 +yOWHSAtaNhH4DoBZEyNsb1akiB50vx9b09EHN4weqbgAu743NMDHRQIVAIG5uiiO +OnWUYieHAiVIPkBCrYUd +-----END DSA PRIVATE KEY-----`; + +// https://datatracker.ietf.org/doc/html/rfc8037#appendix-A.2 +const JWK_PUB_ED25591 = { + "kty": "OKP", + "crv": "Ed25519", + "x": "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo" +}; + +TestRegister.addTests([ + { + name: "PEM to JWK: Missing footer", + input: RSA_512.private.pem1.substring(0, RSA_512.private.pem1.length / 2), + expectedOutput: "PEM footer '-----END RSA PRIVATE KEY-----' not found", + recipeConfig: [ + { + op: "PEM to JWK", + args: [], + } + ], + }, + { + name: "PEM to JWK: DSA not supported", + input: PEM_PRIV_DSA1024, + expectedOutput: "DSA keys are not supported for JWK", + recipeConfig: [ + { + op: "PEM to JWK", + args: [], + } + ], + }, + + // test RSA key convertion + { + name: "PEM to JWK: RSA Private Key PKCS1", + input: RSA_512.private.pem1, + expectedOutput: JSON.stringify(RSA_512.private.jwk), + recipeConfig: [ + { + op: "PEM to JWK", + args: [], + } + ], + }, + { + name: "PEM to JWK: RSA Private Key PKCS8", + input: RSA_512.private.pem8, + expectedOutput: JSON.stringify(RSA_512.private.jwk), + recipeConfig: [ + { + op: "PEM to JWK", + args: [], + } + ], + }, + { + name: "PEM to JWK: RSA Public Key PKCS1", + input: RSA_512.public.pem1, + expectedOutput: "Unsupported RSA public key format. Only PKCS#8 is supported.", + recipeConfig: [ + { + op: "PEM to JWK", + args: [], + } + ], + }, + { + name: "PEM to JWK: RSA Public Key PKCS8", + input: RSA_512.public.pem8, + expectedOutput: JSON.stringify(RSA_512.public.jwk), + recipeConfig: [ + { + op: "PEM to JWK", + args: [], + } + ], + }, + { + name: "PEM to JWK: Certificate with RSA Public Key", + input: RSA_512.public.cert, + expectedOutput: JSON.stringify(RSA_512.public.jwk), + recipeConfig: [ + { + op: "PEM to JWK", + args: [], + } + ], + }, + + // test EC key conversion + { + name: "PEM to JWK: EC Private Key PKCS1", + input: EC_P256.private.pem1, + expectedOutput: JSON.stringify(EC_P256.private.jwk), + recipeConfig: [ + { + op: "PEM to JWK", + args: [], + } + ], + }, + { + name: "PEM to JWK: EC Private Key PKCS8", + input: EC_P256.private.pem8, + expectedOutput: JSON.stringify(EC_P256.private.jwk), + recipeConfig: [ + { + op: "PEM to JWK", + args: [], + } + ], + }, + { + name: "PEM to JWK: EC Public Key", + input: EC_P256.public.pem8, + expectedOutput: JSON.stringify(EC_P256.public.jwk), + recipeConfig: [ + { + op: "PEM to JWK", + args: [], + } + ], + }, + { + name: "PEM to JWK: Certificate with EC Public Key", + input: EC_P256.public.cert, + expectedOutput: JSON.stringify(EC_P256.public.jwk), + recipeConfig: [ + { + op: "PEM to JWK", + args: [], + } + ], + }, + + + { + name: "JWK to PEM: not a JWK", + input: "\"foobar\"", + expectedOutput: "Input is not a JSON Web Key", + recipeConfig: [ + { + op: "JWK to PEM", + args: [], + } + ], + }, + { + name: "JWK to PEM: unsupported key type", + input: JSON.stringify(JWK_PUB_ED25591), + expectedOutput: "Unsupported JWK key type 'OKP'", + recipeConfig: [ + { + op: "JWK to PEM", + args: [], + } + ], + }, + + // test RSA key conversion + { + name: "JWK to PEM: RSA Private Key", + input: JSON.stringify(RSA_512.private.jwk), + expectedOutput: RSA_512.private.pem8.replace(/\r/g, "").replace(/\n/g, "\r\n")+"\r\n", + recipeConfig: [ + { + op: "JWK to PEM", + args: [], + } + ], + }, + { + name: "JWK to PEM: RSA Public Key", + input: JSON.stringify(RSA_512.public.jwk), + expectedOutput: RSA_512.public.pem8.replace(/\r/g, "").replace(/\n/g, "\r\n")+"\r\n", + recipeConfig: [ + { + op: "JWK to PEM", + args: [], + } + ], + }, + + // test EC key conversion + { + name: "JWK to PEM: EC Private Key", + input: JSON.stringify(EC_P256.private.jwk), + expectedOutput: EC_P256.private.pem8.replace(/\r/g, "").replace(/\n/g, "\r\n")+"\r\n", + recipeConfig: [ + { + op: "JWK to PEM", + args: [], + } + ], + }, + { + name: "JWK to PEM: EC Public Key", + input: JSON.stringify(EC_P256.public.jwk), + expectedOutput: EC_P256.public.pem8.replace(/\r/g, "").replace(/\n/g, "\r\n")+"\r\n", + recipeConfig: [ + { + op: "JWK to PEM", + args: [], + } + ], + }, + + { + name: "JWK to PEM: Array of keys", + input: JSON.stringify([RSA_512.public.jwk, EC_P256.public.jwk]), + expectedOutput: (RSA_512.public.pem8 + "\n" + EC_P256.public.pem8 + "\n").replace(/\r/g, "").replace(/\n/g, "\r\n"), + recipeConfig: [ + { + op: "JWK to PEM", + args: [], + } + ], + }, + { + name: "JWK to PEM: JSON Web Key Set", + input: JSON.stringify({"keys": [RSA_512.public.jwk, EC_P256.public.jwk]}), + expectedOutput: (RSA_512.public.pem8 + "\n" + EC_P256.public.pem8 + "\n").replace(/\r/g, "").replace(/\n/g, "\r\n"), + recipeConfig: [ + { + op: "JWK to PEM", + args: [], + } + ], + } +]); diff --git a/tests/operations/tests/ParseCSR.mjs b/tests/operations/tests/ParseCSR.mjs new file mode 100644 index 00000000..1ba7e73f --- /dev/null +++ b/tests/operations/tests/ParseCSR.mjs @@ -0,0 +1,215 @@ +/** + * Parse CSR tests. + * + * @author jkataja + * @copyright Crown Copyright 2023 + * @license Apache-2.0 + */ + +import TestRegister from "../../lib/TestRegister.mjs"; + +// openssl req -newkey rsa:1024 -keyout test-rsa-1024.key -out test-rsa-1024.csr \ +// -subj "/C=CH/ST=Zurich/L=Zurich/O=Example RE/OU=IT Department/CN=example.com" \ +// -addext "subjectAltName = DNS:example.com,DNS:www.example.com" \ +// -addext "basicConstraints = critical,CA:FALSE" \ +// -addext "keyUsage = critical,digitalSignature,keyEncipherment" \ +// -addext "extendedKeyUsage = serverAuth" +const IN_EXAMPLE_COM_RSA_1024 = `-----BEGIN CERTIFICATE REQUEST----- +MIICHzCCAYgCAQAwcjELMAkGA1UEBhMCQ0gxDzANBgNVBAgMBlp1cmljaDEPMA0G +A1UEBwwGWnVyaWNoMRMwEQYDVQQKDApFeGFtcGxlIFJFMRYwFAYDVQQLDA1JVCBE +ZXBhcnRtZW50MRQwEgYDVQQDDAtleGFtcGxlLmNvbTCBnzANBgkqhkiG9w0BAQEF +AAOBjQAwgYkCgYEArrTrLI6FkzjX8FZfclt2ox1Dz7KRwt5f6ffZic7twLAKJ4ao +/H3APjwoFVUXGjiNj/XF2RlId4UxB1b6CgWjujBb9W51rTdvfWLyAHsrLcptpVz+ +V9Y8X9kEFCRGGDyG5+X+Nu6COzTpUPDj4bIIX/uPk3fDYDEqLClVy8/VS48CAwEA +AaBtMGsGCSqGSIb3DQEJDjFeMFwwJwYDVR0RBCAwHoILZXhhbXBsZS5jb22CD3d3 +dy5leGFtcGxlLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFoDATBgNV +HSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsFAAOBgQB0mUlPgt6pt/kjD0pz +OUNk5e9nBFQYQGuGIHGYbPX3mi4Wd9vUCdPixtPSTunHWs2cxX2nM8+MdcNTY+7Q +NFgFNIvSXhbqMYoHAAApMHJOxiWpBFdYKp3tESnlgh2lUh7lQtmOjD4a1dzfU8PU +oViyp+UJGasN2WRd+4VtaPw64w== +-----END CERTIFICATE REQUEST-----`; + +const OUT_EXAMPLE_COM_RSA_1024 = `Version: 1 (0x00) +Subject + C = CH + ST = Zurich + L = Zurich + O = Example RE + OU = IT Department + CN = example.com +Subject Alternative Names + DNS: example.com + DNS: www.example.com +Public Key + Algorithm: RSA + Length: 1024 bits + Modulus: ae:b4:eb:2c:8e:85:93:38:d7:f0:56:5f:72:5b:76:a3: + 1d:43:cf:b2:91:c2:de:5f:e9:f7:d9:89:ce:ed:c0:b0: + 0a:27:86:a8:fc:7d:c0:3e:3c:28:15:55:17:1a:38:8d: + 8f:f5:c5:d9:19:48:77:85:31:07:56:fa:0a:05:a3:ba: + 30:5b:f5:6e:75:ad:37:6f:7d:62:f2:00:7b:2b:2d:ca: + 6d:a5:5c:fe:57:d6:3c:5f:d9:04:14:24:46:18:3c:86: + e7:e5:fe:36:ee:82:3b:34:e9:50:f0:e3:e1:b2:08:5f: + fb:8f:93:77:c3:60:31:2a:2c:29:55:cb:cf:d5:4b:8f + Exponent: 65537 (0x10001) +Signature + Algorithm: sha256WithRSAEncryption + Signature: 74:99:49:4f:82:de:a9:b7:f9:23:0f:4a:73:39:43:64: + e5:ef:67:04:54:18:40:6b:86:20:71:98:6c:f5:f7:9a: + 2e:16:77:db:d4:09:d3:e2:c6:d3:d2:4e:e9:c7:5a:cd: + 9c:c5:7d:a7:33:cf:8c:75:c3:53:63:ee:d0:34:58:05: + 34:8b:d2:5e:16:ea:31:8a:07:00:00:29:30:72:4e:c6: + 25:a9:04:57:58:2a:9d:ed:11:29:e5:82:1d:a5:52:1e: + e5:42:d9:8e:8c:3e:1a:d5:dc:df:53:c3:d4:a1:58:b2: + a7:e5:09:19:ab:0d:d9:64:5d:fb:85:6d:68:fc:3a:e3 +Extensions + basicConstraints CRITICAL: + CA = false + keyUsage CRITICAL: + Digital signature + Key encipherment + extKeyUsage: + TLS Web Server Authentication`; + +// openssl req -newkey rsa:2048 -keyout test-rsa-2048.key -out test-rsa-2048.csr \ +// -subj "/C=CH/ST=Zurich/L=Zurich/O=Example RE/OU=IT Department/CN=example.com" \ +// -addext "subjectAltName = DNS:example.com,DNS:www.example.com" \ +// -addext "basicConstraints = critical,CA:FALSE" \ +// -addext "keyUsage = critical,digitalSignature,keyEncipherment" \ +// -addext "extendedKeyUsage = serverAuth" +const IN_EXAMPLE_COM_RSA_2048 = `-----BEGIN CERTIFICATE REQUEST----- +MIIDJDCCAgwCAQAwcjELMAkGA1UEBhMCQ0gxDzANBgNVBAgMBlp1cmljaDEPMA0G +A1UEBwwGWnVyaWNoMRMwEQYDVQQKDApFeGFtcGxlIFJFMRYwFAYDVQQLDA1JVCBE +ZXBhcnRtZW50MRQwEgYDVQQDDAtleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAKPogLmWPuK/IGdct2v/3MFKVaVeKp2Hl5at/zDFLCAe +51bwh7BqNVJEci4ApwlXA1WVmQPBFBJlYwQZVjz5UAN2CmNHxud5nV03YmZ2/Iml +RzpKcZMPqU+liJCC04L+XIbOdx+Vz52dF++Cc+FuSFq803yW+qefK8JsJNO9KuPx +RLYKSAADa9MIJisru1PzcBAOcimOmNnFWuo+LKsd4lU30OExDdKHwtyt62Mj1c3o +lO1JjvkjtWWjwHI+0EgTjvkeXlcUYZvvLlysdKERMRozvMTGqqoHWCgWl+Rq9Z6P +TgNsRO4CKug1Zwmh8y6acZ7sYb/dar8HOeqJnc0pCv8CAwEAAaBtMGsGCSqGSIb3 +DQEJDjFeMFwwJwYDVR0RBCAwHoILZXhhbXBsZS5jb22CD3d3dy5leGFtcGxlLmNv +bTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEF +BQcDATANBgkqhkiG9w0BAQsFAAOCAQEAG0cjfRBY1pBzu+jf7yMQrK5mQrh72air +VuXHmochmyUxyt0G7ovnNhKEr+X9snShJLi5qlyvnb2roiwlCmuwGIZxErN1svQL +Z3kQNZgH+Vyu5IRL2DlPs5AAxVmzPpbnbXNhMHyAK/ziLcU031O1PoCpxwfvPsjW +HWOCjbZUVaJnxdp8AHqImoGAiVhJwc37feFvb2UQlLedUypQkPg/poNWduaRDoj8 +m9cpVxuxGLtONBnohzohnFECytSXWEXPIj8L9SpYK97G02nJYYCAcb5BF11Alfux +sNxtsr6zgPaLRrvOBT11WxJVKerbhfezAJ3naem1eM3VLxCGWwMwxg== +-----END CERTIFICATE REQUEST-----`; + +const OUT_EXAMPLE_COM_RSA_2048 = `Version: 1 (0x00) +Subject + C = CH + ST = Zurich + L = Zurich + O = Example RE + OU = IT Department + CN = example.com +Subject Alternative Names + DNS: example.com + DNS: www.example.com +Public Key + Algorithm: RSA + Length: 2048 bits + Modulus: a3:e8:80:b9:96:3e:e2:bf:20:67:5c:b7:6b:ff:dc:c1: + 4a:55:a5:5e:2a:9d:87:97:96:ad:ff:30:c5:2c:20:1e: + e7:56:f0:87:b0:6a:35:52:44:72:2e:00:a7:09:57:03: + 55:95:99:03:c1:14:12:65:63:04:19:56:3c:f9:50:03: + 76:0a:63:47:c6:e7:79:9d:5d:37:62:66:76:fc:89:a5: + 47:3a:4a:71:93:0f:a9:4f:a5:88:90:82:d3:82:fe:5c: + 86:ce:77:1f:95:cf:9d:9d:17:ef:82:73:e1:6e:48:5a: + bc:d3:7c:96:fa:a7:9f:2b:c2:6c:24:d3:bd:2a:e3:f1: + 44:b6:0a:48:00:03:6b:d3:08:26:2b:2b:bb:53:f3:70: + 10:0e:72:29:8e:98:d9:c5:5a:ea:3e:2c:ab:1d:e2:55: + 37:d0:e1:31:0d:d2:87:c2:dc:ad:eb:63:23:d5:cd:e8: + 94:ed:49:8e:f9:23:b5:65:a3:c0:72:3e:d0:48:13:8e: + f9:1e:5e:57:14:61:9b:ef:2e:5c:ac:74:a1:11:31:1a: + 33:bc:c4:c6:aa:aa:07:58:28:16:97:e4:6a:f5:9e:8f: + 4e:03:6c:44:ee:02:2a:e8:35:67:09:a1:f3:2e:9a:71: + 9e:ec:61:bf:dd:6a:bf:07:39:ea:89:9d:cd:29:0a:ff + Exponent: 65537 (0x10001) +Signature + Algorithm: sha256WithRSAEncryption + Signature: 1b:47:23:7d:10:58:d6:90:73:bb:e8:df:ef:23:10:ac: + ae:66:42:b8:7b:d9:a8:ab:56:e5:c7:9a:87:21:9b:25: + 31:ca:dd:06:ee:8b:e7:36:12:84:af:e5:fd:b2:74:a1: + 24:b8:b9:aa:5c:af:9d:bd:ab:a2:2c:25:0a:6b:b0:18: + 86:71:12:b3:75:b2:f4:0b:67:79:10:35:98:07:f9:5c: + ae:e4:84:4b:d8:39:4f:b3:90:00:c5:59:b3:3e:96:e7: + 6d:73:61:30:7c:80:2b:fc:e2:2d:c5:34:df:53:b5:3e: + 80:a9:c7:07:ef:3e:c8:d6:1d:63:82:8d:b6:54:55:a2: + 67:c5:da:7c:00:7a:88:9a:81:80:89:58:49:c1:cd:fb: + 7d:e1:6f:6f:65:10:94:b7:9d:53:2a:50:90:f8:3f:a6: + 83:56:76:e6:91:0e:88:fc:9b:d7:29:57:1b:b1:18:bb: + 4e:34:19:e8:87:3a:21:9c:51:02:ca:d4:97:58:45:cf: + 22:3f:0b:f5:2a:58:2b:de:c6:d3:69:c9:61:80:80:71: + be:41:17:5d:40:95:fb:b1:b0:dc:6d:b2:be:b3:80:f6: + 8b:46:bb:ce:05:3d:75:5b:12:55:29:ea:db:85:f7:b3: + 00:9d:e7:69:e9:b5:78:cd:d5:2f:10:86:5b:03:30:c6 +Extensions + basicConstraints CRITICAL: + CA = false + keyUsage CRITICAL: + Digital signature + Key encipherment + extKeyUsage: + TLS Web Server Authentication`; + +// openssl genpkey -genparam -algorithm ec -pkeyopt ec_paramgen_curve:P-256 -out test-ec-param.pem +// openssl req -newkey ec:test-ec-param.pem -keyout test-ec.key -out test-ec.csr \ +// -subj "/C=CH/ST=Zurich/L=Zurich/O=Example RE/OU=IT Department/CN=example.com" \ +// -addext "subjectAltName = DNS:example.com,DNS:www.example.com" \ +// -addext "basicConstraints = critical,CA:FALSE" \ +// -addext "keyUsage = critical,digitalSignature,keyEncipherment" \ +// -addext "extendedKeyUsage = serverAuth" +const IN_EXAMPLE_COM_EC = `-----BEGIN CERTIFICATE REQUEST----- +MIIBmzCCAUECAQAwcjELMAkGA1UEBhMCQ0gxDzANBgNVBAgMBlp1cmljaDEPMA0G +A1UEBwwGWnVyaWNoMRMwEQYDVQQKDApFeGFtcGxlIFJFMRYwFAYDVQQLDA1JVCBE +ZXBhcnRtZW50MRQwEgYDVQQDDAtleGFtcGxlLmNvbTBZMBMGByqGSM49AgEGCCqG +SM49AwEHA0IABAmpYXNh+L9E0Q3sLhrO+MF1XgKCfqJntrOyIkrGwoiQftHbJWTA +6duxQhU/3d9B+SN/ibeKY+xeiNBrs2eTYZ6gbTBrBgkqhkiG9w0BCQ4xXjBcMCcG +A1UdEQQgMB6CC2V4YW1wbGUuY29tgg93d3cuZXhhbXBsZS5jb20wDAYDVR0TAQH/ +BAIwADAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZI +zj0EAwIDSAAwRQIgQkum/qaLzE3QZ3WD00uLpalUn113FObd7rM5Mr3HQwQCIQCr +7OjzYI9v7qIJp/E9N16XfJN87G2ZVIZ4FuPXVjokCQ== +-----END CERTIFICATE REQUEST-----`; + +const OUT_EXAMPLE_COM_EC = `Parse CSR - Cannot read public key. OID is not RSA.`; + +TestRegister.addTests([ + { + name: "Parse CSR: Example Certificate Signing Request (CSR) with RSA 1024", + input: IN_EXAMPLE_COM_RSA_1024, + expectedOutput: OUT_EXAMPLE_COM_RSA_1024, + recipeConfig: [ + { + "op": "Parse CSR", + "args": ["PEM", true] + } + ] + }, + { + name: "Parse CSR: Example Certificate Signing Request (CSR) with RSA 2048", + input: IN_EXAMPLE_COM_RSA_2048, + expectedOutput: OUT_EXAMPLE_COM_RSA_2048, + recipeConfig: [ + { + "op": "Parse CSR", + "args": ["PEM", true] + } + ] + }, + // RSA algorithm is the only one supported for CSR in node-forge as of 1.3.1 + { + name: "Parse CSR: Example Certificate Signing Request (CSR) with EC 256", + input: IN_EXAMPLE_COM_EC, + expectedError: true, + expectedOutput: OUT_EXAMPLE_COM_EC, + recipeConfig: [ + { + "op": "Parse CSR", + "args": ["PEM", true] + } + ] + } +]); diff --git a/tests/operations/tests/PubKeyFromCert.mjs b/tests/operations/tests/PubKeyFromCert.mjs new file mode 100644 index 00000000..ae5609aa --- /dev/null +++ b/tests/operations/tests/PubKeyFromCert.mjs @@ -0,0 +1,215 @@ +/** + * Public Key from Certificate + * + * @author cplussharp + * @copyright Crown Copyright 2023 + * @license Apache-2.0 + */ +import TestRegister from "../../lib/TestRegister.mjs"; + +const RSA_CERT = `-----BEGIN CERTIFICATE----- +MIIBfTCCASegAwIBAgIUeisK5Nwss2DGg5PCs4uSxxXyyNkwDQYJKoZIhvcNAQEL +BQAwEzERMA8GA1UEAwwIUlNBIHRlc3QwHhcNMjExMTE5MTcyMDI2WhcNMzExMTE3 +MTcyMDI2WjATMREwDwYDVQQDDAhSU0EgdGVzdDBcMA0GCSqGSIb3DQEBAQUAA0sA +MEgCQQDyq9A6emHSLczn5Omu5muy+AReC53pTGCrW6Bi65OoobahT2RUSzXCYuvB +757fLLTKz+dLeo6sFkNhIzHZI+n7AgMBAAGjUzBRMB0GA1UdDgQWBBRO+jvkqq5p +pnQgwMMnRoun6e7eiTAfBgNVHSMEGDAWgBRO+jvkqq5ppnQgwMMnRoun6e7eiTAP +BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA0EAR/5HAZM5qBhU/ezDUIFx +gmUGoFbIb5kJD41YCnaSdrgWglh4He4melSs42G/oxBBjuCJ0bUpqWnLl+lJkv1z +IA== +-----END CERTIFICATE-----`; + +const RSA_PUBKEY = `-----BEGIN PUBLIC KEY----- +MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAPKr0Dp6YdItzOfk6a7ma7L4BF4LnelM +YKtboGLrk6ihtqFPZFRLNcJi68Hvnt8stMrP50t6jqwWQ2EjMdkj6fsCAwEAAQ== +-----END PUBLIC KEY-----`; + +const EC_P256_CERT = `-----BEGIN CERTIFICATE----- +MIIBfzCCASWgAwIBAgIUK4H8J3Hr7NpRLPrACj8Pje4JJJ0wCgYIKoZIzj0EAwIw +FTETMBEGA1UEAwwKUC0yNTYgdGVzdDAeFw0yMTExMTkxNzE5NDVaFw0zMTExMTcx +NzE5NDVaMBUxEzARBgNVBAMMClAtMjU2IHRlc3QwWTATBgcqhkjOPQIBBggqhkjO +PQMBBwNCAAQNRzwDQQM0qgJgg9YwfPXJTOoTmYmC6yBwATwfrzXR+QnxmZM2IIJr +qwuBHa8PVU2HZ2KKtaAo8fg9Uwpq/l7po1MwUTAdBgNVHQ4EFgQU/SxodXrpkybM +gcIgkxnRKd7HMzowHwYDVR0jBBgwFoAU/SxodXrpkybMgcIgkxnRKd7HMzowDwYD +VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNIADBFAiBU9PrOa/kXCpTTBInRf/sN +ac2iDHmbdpWzcXI+xLKNYAIhAIRR1LRSHVwOTLQ/iBXd+8LCkm5aTB27RW46LN80 +ylxt +-----END CERTIFICATE-----`; + +const EC_P256_PUBKEY = `-----BEGIN PUBLIC KEY----- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDUc8A0EDNKoCYIPWMHz1yUzqE5mJ +gusgcAE8H6810fkJ8ZmTNiCCa6sLgR2vD1VNh2diirWgKPH4PVMKav5e6Q== +-----END PUBLIC KEY-----`; + +const DSA_CERT = `-----BEGIN CERTIFICATE----- +MIIEXzCCBA2gAwIBAgIUYYcPJB8UQLzUnqkGJvs3J4RI0OgwCwYJYIZIAWUDBAMC +MBMxETAPBgNVBAMMCERTQSBUZXN0MB4XDTIzMTAxNTAwMjEzNVoXDTMzMTAxMjAw +MjEzNVowEzERMA8GA1UEAwwIRFNBIFRlc3QwggNCMIICNQYHKoZIzjgEATCCAigC +ggEBALoLV+uz7vMYZCIuwXNkgZawvDgZAG1T7IiG030WgqesRNncuoUQOmAJCiuN +zkjVNSY08rabex/RIkWILvxP91SlzhA9t9+dp87p238ecxGa1sD2re+y35RP7IxN +T33633NtwGItZ3BqqAhoMmuwwwxau0E8zwYodTTlwTRp4QVPpMH1eJCUBeEzcWP5 +ZZ1lRNhR5M2TqzSU3ya5/4c3a9rI86h9VIVgw8yVvw3y6yclzjALm2ntD5riskdM +Z6mMkfYQwEbIGRTELX6A7LZ0lX1CislenF9ASb2E4g2nGcMQ0uSGzA4W9mf6wwmP +S6iwX5+Qu/i6jCm5i37fQ1H5HHUCHQDA+UnPHM6PZEgfFen8djZpl/cl05MpWk+d +nikFAoIBADXOTpBw0WA+UihxDG+6qqM05kxVMYmz6IRZ/06ffZSGVFN6Bx1i0s3v +kzM5V8GsKpkKkSk7V8fTQnAIIlMmt1Y7ff+ng7+TfYotMrvvEYlolYK06J2WWoUA +8iKp8+n58vdoky+xZmuGmcvCAojVDbEeU2wEqYE1PzrHCSOoOiKB2P4fOhyuF+qx +E8nkzURIg2RmSSkqWOkXiWyKyfpUaB+4cEisp4ThENEPmdntE1vLh2r7EOIxpE5D +0NAy2wFKqe3ljfgE6XsPZKgVAguRDVpzdmL6WDY7DM/BcS726vx+kX55QDkszvec +raNirnir2QrB/a0JQjF6Y62yGmG7GF8DggEFAAKCAQBpN+w0N0b5IIAspXnlJ9yu +B6ORk3j/5rZ+DUtTzW1YAJI6xjTcFQvN7FpVLkmLtXKUXF04R+sdGJ7VFwOb0rba +L5vQzrqNkBrbgSzuzeloiG+7OLA6VeQtNbQh6OurrZFi9gY+qA5ciT9kQXyrHudV +Xu956NDrooRxmv6JIVFvToaNiwe2vcgdkALw8HUbLFYof4SAE9jgU8EpxTp02e8H +zvVSVa6yj1nnGhpzLPlEqF8TZvs9pTg2kIk3/zvWojMJoPyTALfbTjbAeiFMMeKN +K/CKOOJj23AVAZxpMSR6cUbrIcRdKDnhCTVkkxXUecAIUs6Mk10kSfkuiGl9LjKj +o1MwUTAdBgNVHQ4EFgQUE+xZdvgiDIFWKQskMYnNaZ3iPHAwHwYDVR0jBBgwFoAU +E+xZdvgiDIFWKQskMYnNaZ3iPHAwDwYDVR0TAQH/BAUwAwEB/zALBglghkgBZQME +AwIDPwAwPAIcZbtf4+bjXEGQqNs6IglLrOgIjYF46q7qCNfXmQIcMKUtH3S6sDJE +3ds9eL+oC+HPFlfUNfUiU30aDA== +-----END CERTIFICATE-----`; + +const DSA_PUBKEY = `-----BEGIN PUBLIC KEY----- +MIIDQjCCAjUGByqGSM44BAEwggIoAoIBAQC6C1frs+7zGGQiLsFzZIGWsLw4GQBt +U+yIhtN9FoKnrETZ3LqFEDpgCQorjc5I1TUmNPK2m3sf0SJFiC78T/dUpc4QPbff +nafO6dt/HnMRmtbA9q3vst+UT+yMTU99+t9zbcBiLWdwaqgIaDJrsMMMWrtBPM8G +KHU05cE0aeEFT6TB9XiQlAXhM3Fj+WWdZUTYUeTNk6s0lN8muf+HN2vayPOofVSF +YMPMlb8N8usnJc4wC5tp7Q+a4rJHTGepjJH2EMBGyBkUxC1+gOy2dJV9QorJXpxf +QEm9hOINpxnDENLkhswOFvZn+sMJj0uosF+fkLv4uowpuYt+30NR+Rx1Ah0AwPlJ +zxzOj2RIHxXp/HY2aZf3JdOTKVpPnZ4pBQKCAQA1zk6QcNFgPlIocQxvuqqjNOZM +VTGJs+iEWf9On32UhlRTegcdYtLN75MzOVfBrCqZCpEpO1fH00JwCCJTJrdWO33/ +p4O/k32KLTK77xGJaJWCtOidllqFAPIiqfPp+fL3aJMvsWZrhpnLwgKI1Q2xHlNs +BKmBNT86xwkjqDoigdj+HzocrhfqsRPJ5M1ESINkZkkpKljpF4lsisn6VGgfuHBI +rKeE4RDRD5nZ7RNby4dq+xDiMaROQ9DQMtsBSqnt5Y34BOl7D2SoFQILkQ1ac3Zi ++lg2OwzPwXEu9ur8fpF+eUA5LM73nK2jYq54q9kKwf2tCUIxemOtshphuxhfA4IB +BQACggEAaTfsNDdG+SCALKV55SfcrgejkZN4/+a2fg1LU81tWACSOsY03BULzexa +VS5Ji7VylFxdOEfrHRie1RcDm9K22i+b0M66jZAa24Es7s3paIhvuziwOlXkLTW0 +Iejrq62RYvYGPqgOXIk/ZEF8qx7nVV7veejQ66KEcZr+iSFRb06GjYsHtr3IHZAC +8PB1GyxWKH+EgBPY4FPBKcU6dNnvB871UlWuso9Z5xoacyz5RKhfE2b7PaU4NpCJ +N/871qIzCaD8kwC32042wHohTDHijSvwijjiY9twFQGcaTEkenFG6yHEXSg54Qk1 +ZJMV1HnACFLOjJNdJEn5LohpfS4yow== +-----END PUBLIC KEY-----`; + +const ED25519_CERT = `-----BEGIN CERTIFICATE----- +MIIBQjCB9aADAgECAhRjPJhrdNco5LzpsIs0vSLLaZaZ0DAFBgMrZXAwFzEVMBMG +A1UEAwwMRWQyNTUxOSBUZXN0MB4XDTIzMTAxNTAwMjMwOFoXDTMzMTAxMjAwMjMw +OFowFzEVMBMGA1UEAwwMRWQyNTUxOSBUZXN0MCowBQYDK2VwAyEAELP6AflXwsuZ +5q4NDIO0LP2iCdKRvds4nwsUmRhOw3ijUzBRMB0GA1UdDgQWBBRfxS9q0IemWxkH +4mwAwzr9dQx2xzAfBgNVHSMEGDAWgBRfxS9q0IemWxkH4mwAwzr9dQx2xzAPBgNV +HRMBAf8EBTADAQH/MAUGAytlcANBAI/+03iVq4yJ+DaLVs61w41cVX2UxKvquSzv +lllkpkclM9LH5dLrw4ArdTjS9zAjzY/02WkphHhICHXt3KqZTwI= +-----END CERTIFICATE-----`; + +/* +const ED25519_PUBKEY = `-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEAELP6AflXwsuZ5q4NDIO0LP2iCdKRvds4nwsUmRhOw3g= +-----END PUBLIC KEY-----`; +*/ + +const ED448_CERT = `-----BEGIN CERTIFICATE----- +MIIBijCCAQqgAwIBAgIUZaCS7zEjOnQ7O4KUFym6fJF5vl8wBQYDK2VxMBUxEzAR +BgNVBAMMCkVkNDQ4IFRlc3QwHhcNMjMxMDE1MDAyMzI1WhcNMzMxMDEyMDAyMzI1 +WjAVMRMwEQYDVQQDDApFZDQ0OCBUZXN0MEMwBQYDK2VxAzoAVN8kG0TMVyGOu/Ov +BTe8H0Wi4HJrQAlSv4XLwJbkuoi4EeRlEHQwXsNYLZTtY2Jra6AWhbVYYaEAo1Mw +UTAdBgNVHQ4EFgQUJFrepAf9YXrmDMSAzrMeYQmosd0wHwYDVR0jBBgwFoAUJFre +pAf9YXrmDMSAzrMeYQmosd0wDwYDVR0TAQH/BAUwAwEB/zAFBgMrZXEDcwA+YiZj +puFr2aogfV1qg/ixk7qLi25BbKVNR6+7PEUjo7+4yBn9qnLbAHUGnHn7E96pSey9 +VkLqpoDNMRcM3Eb6h3AJpQM0oxGj8q9arjDXqJkXgaO2e0tVn8KKVfy7S8qO72Kd +rWzZowcOjnWKhXm7JgA= +-----END CERTIFICATE-----`; + +/* +const ED448_PUBKEY = `-----BEGIN PUBLIC KEY----- +MEMwBQYDK2VxAzoAVN8kG0TMVyGOu/OvBTe8H0Wi4HJrQAlSv4XLwJbkuoi4EeRl +EHQwXsNYLZTtY2Jra6AWhbVYYaEA +-----END PUBLIC KEY-----` +*/ + +TestRegister.addTests([ + { + name: "Public Key from Certificate: Missing footer", + input: RSA_CERT.substring(0, RSA_CERT.length / 2), + expectedOutput: "PEM footer '-----END CERTIFICATE-----' not found", + recipeConfig: [ + { + op: "Public Key from Certificate", + args: [], + } + ], + }, + + // test RSA certificate + { + name: "Public Key from Certificate: RSA", + input: RSA_CERT, + expectedOutput: (RSA_PUBKEY + "\n").replace(/\r/g, "").replace(/\n/g, "\r\n"), + recipeConfig: [ + { + op: "Public Key from Certificate", + args: [], + } + ], + }, + + // test EC certificate + { + name: "Public Key from Certificate: EC", + input: EC_P256_CERT, + expectedOutput: (EC_P256_PUBKEY + "\n").replace(/\r/g, "").replace(/\n/g, "\r\n"), + recipeConfig: [ + { + op: "Public Key from Certificate", + args: [], + } + ], + }, + + // test DSA certificate + { + name: "Public Key from Certificate: DSA", + input: DSA_CERT, + expectedOutput: (DSA_PUBKEY + "\n").replace(/\r/g, "").replace(/\n/g, "\r\n"), + recipeConfig: [ + { + op: "Public Key from Certificate", + args: [], + } + ], + }, + + // test EdDSA certificates + { + name: "Public Key from Certificate: Ed25519", + input: ED25519_CERT, + expectedOutput: "Unsupported public key type", + recipeConfig: [ + { + op: "Public Key from Certificate", + args: [], + } + ], + }, + { + name: "Public Key from Certificate: Ed448", + input: ED448_CERT, + expectedOutput: "Unsupported public key type", + recipeConfig: [ + { + op: "Public Key from Certificate", + args: [], + } + ], + }, + + // test multi-input + { + name: "Public Key from Certificate: Multiple certificates", + input: RSA_CERT + "\n" + EC_P256_CERT, + expectedOutput: (RSA_PUBKEY + "\n" + EC_P256_PUBKEY + "\n").replace(/\r/g, "").replace(/\n/g, "\r\n"), + recipeConfig: [ + { + op: "Public Key from Certificate", + args: [], + } + ], + } +]); diff --git a/tests/operations/tests/PubKeyFromPrivKey.mjs b/tests/operations/tests/PubKeyFromPrivKey.mjs new file mode 100644 index 00000000..25f14a69 --- /dev/null +++ b/tests/operations/tests/PubKeyFromPrivKey.mjs @@ -0,0 +1,254 @@ +/** + * Public Key from Private Key + * + * @author cplussharp + * @copyright Crown Copyright 2023 + * @license Apache-2.0 + */ +import TestRegister from "../../lib/TestRegister.mjs"; + +const RSA_PRIVKEY_PKCS1 = `-----BEGIN RSA PRIVATE KEY----- +MIIBOQIBAAJBAPKr0Dp6YdItzOfk6a7ma7L4BF4LnelMYKtboGLrk6ihtqFPZFRL +NcJi68Hvnt8stMrP50t6jqwWQ2EjMdkj6fsCAwEAAQJAOJUpM0lv36MAQR3WAwsF +F7DOy+LnigteCvaNWiNVxZ6jByB5Qb7sall/Qlu9sFI0ZwrlVcKS0kldee7JTYlL +WQIhAP3UKEfOtpTgT1tYmdhaqjxqMfxBom0Ri+rt9ajlzs6vAiEA9L85B8/Gnb7p +6Af7/wpmafL277OV4X4xBfzMR+TUzHUCIBq+VLQkInaTH6lXL3ZtLwyIf9W9MJjf +RWeuRLjT5bM/AiBF7Kw6kx5Hy1fAtydEApCoDIaIjWJw/kC7WTJ0B+jUUQIgV6dw +NSyj0feakeD890gmId+lvl/w/3oUXiczqvl/N9o= +-----END RSA PRIVATE KEY-----`; + +const RSA_PRIVKEY_PKCS8 = `-----BEGIN PRIVATE KEY----- +MIIBUwIBADANBgkqhkiG9w0BAQEFAASCAT0wggE5AgEAAkEA8qvQOnph0i3M5+Tp +ruZrsvgEXgud6Uxgq1ugYuuTqKG2oU9kVEs1wmLrwe+e3yy0ys/nS3qOrBZDYSMx +2SPp+wIDAQABAkA4lSkzSW/fowBBHdYDCwUXsM7L4ueKC14K9o1aI1XFnqMHIHlB +vuxqWX9CW72wUjRnCuVVwpLSSV157slNiUtZAiEA/dQoR862lOBPW1iZ2FqqPGox +/EGibRGL6u31qOXOzq8CIQD0vzkHz8advunoB/v/CmZp8vbvs5XhfjEF/MxH5NTM +dQIgGr5UtCQidpMfqVcvdm0vDIh/1b0wmN9FZ65EuNPlsz8CIEXsrDqTHkfLV8C3 +J0QCkKgMhoiNYnD+QLtZMnQH6NRRAiBXp3A1LKPR95qR4Pz3SCYh36W+X/D/ehRe +JzOq+X832g== +-----END PRIVATE KEY-----`; + +const RSA_PUBKEY = `-----BEGIN PUBLIC KEY----- +MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAPKr0Dp6YdItzOfk6a7ma7L4BF4LnelM +YKtboGLrk6ihtqFPZFRLNcJi68Hvnt8stMrP50t6jqwWQ2EjMdkj6fsCAwEAAQ== +-----END PUBLIC KEY-----`; + +const EC_P256_PRIVKEY_SEC1 = `-----BEGIN EC PRIVATE KEY----- +MHcCAQEEINtTjwUkgfAiSwqgcGAXWyE0ueIW6n2k395dmQZ3vGr4oAoGCCqGSM49 +AwEHoUQDQgAEDUc8A0EDNKoCYIPWMHz1yUzqE5mJgusgcAE8H6810fkJ8ZmTNiCC +a6sLgR2vD1VNh2diirWgKPH4PVMKav5e6Q== +-----END EC PRIVATE KEY-----`; + +const EC_P256_PRIVKEY_PKCS8 = `-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg21OPBSSB8CJLCqBw +YBdbITS54hbqfaTf3l2ZBne8avihRANCAAQNRzwDQQM0qgJgg9YwfPXJTOoTmYmC +6yBwATwfrzXR+QnxmZM2IIJrqwuBHa8PVU2HZ2KKtaAo8fg9Uwpq/l7p +-----END PRIVATE KEY-----`; + +const EC_P256_PUBKEY = `-----BEGIN PUBLIC KEY----- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDUc8A0EDNKoCYIPWMHz1yUzqE5mJ +gusgcAE8H6810fkJ8ZmTNiCCa6sLgR2vD1VNh2diirWgKPH4PVMKav5e6Q== +-----END PUBLIC KEY-----`; + +const DSA_PRIVKEY_TRAD = `-----BEGIN DSA PRIVATE KEY----- +MIIDTQIBAAKCAQEAugtX67Pu8xhkIi7Bc2SBlrC8OBkAbVPsiIbTfRaCp6xE2dy6 +hRA6YAkKK43OSNU1JjTytpt7H9EiRYgu/E/3VKXOED23352nzunbfx5zEZrWwPat +77LflE/sjE1Pffrfc23AYi1ncGqoCGgya7DDDFq7QTzPBih1NOXBNGnhBU+kwfV4 +kJQF4TNxY/llnWVE2FHkzZOrNJTfJrn/hzdr2sjzqH1UhWDDzJW/DfLrJyXOMAub +ae0PmuKyR0xnqYyR9hDARsgZFMQtfoDstnSVfUKKyV6cX0BJvYTiDacZwxDS5IbM +Dhb2Z/rDCY9LqLBfn5C7+LqMKbmLft9DUfkcdQIdAMD5Sc8czo9kSB8V6fx2NmmX +9yXTkylaT52eKQUCggEANc5OkHDRYD5SKHEMb7qqozTmTFUxibPohFn/Tp99lIZU +U3oHHWLSze+TMzlXwawqmQqRKTtXx9NCcAgiUya3Vjt9/6eDv5N9ii0yu+8RiWiV +grTonZZahQDyIqnz6fny92iTL7Fma4aZy8ICiNUNsR5TbASpgTU/OscJI6g6IoHY +/h86HK4X6rETyeTNREiDZGZJKSpY6ReJbIrJ+lRoH7hwSKynhOEQ0Q+Z2e0TW8uH +avsQ4jGkTkPQ0DLbAUqp7eWN+ATpew9kqBUCC5ENWnN2YvpYNjsMz8FxLvbq/H6R +fnlAOSzO95yto2KueKvZCsH9rQlCMXpjrbIaYbsYXwKCAQBpN+w0N0b5IIAspXnl +J9yuB6ORk3j/5rZ+DUtTzW1YAJI6xjTcFQvN7FpVLkmLtXKUXF04R+sdGJ7VFwOb +0rbaL5vQzrqNkBrbgSzuzeloiG+7OLA6VeQtNbQh6OurrZFi9gY+qA5ciT9kQXyr +HudVXu956NDrooRxmv6JIVFvToaNiwe2vcgdkALw8HUbLFYof4SAE9jgU8EpxTp0 +2e8HzvVSVa6yj1nnGhpzLPlEqF8TZvs9pTg2kIk3/zvWojMJoPyTALfbTjbAeiFM +MeKNK/CKOOJj23AVAZxpMSR6cUbrIcRdKDnhCTVkkxXUecAIUs6Mk10kSfkuiGl9 +LjKjAhwpK4MOpkKEu+y308fZ+yZXypZW2m9Y/wOT0L4g +-----END DSA PRIVATE KEY-----`; + +const DSA_PRIVKEY_PKCS8 = `-----BEGIN PRIVATE KEY----- +MIICXAIBADCCAjUGByqGSM44BAEwggIoAoIBAQC6C1frs+7zGGQiLsFzZIGWsLw4 +GQBtU+yIhtN9FoKnrETZ3LqFEDpgCQorjc5I1TUmNPK2m3sf0SJFiC78T/dUpc4Q +PbffnafO6dt/HnMRmtbA9q3vst+UT+yMTU99+t9zbcBiLWdwaqgIaDJrsMMMWrtB +PM8GKHU05cE0aeEFT6TB9XiQlAXhM3Fj+WWdZUTYUeTNk6s0lN8muf+HN2vayPOo +fVSFYMPMlb8N8usnJc4wC5tp7Q+a4rJHTGepjJH2EMBGyBkUxC1+gOy2dJV9QorJ +XpxfQEm9hOINpxnDENLkhswOFvZn+sMJj0uosF+fkLv4uowpuYt+30NR+Rx1Ah0A +wPlJzxzOj2RIHxXp/HY2aZf3JdOTKVpPnZ4pBQKCAQA1zk6QcNFgPlIocQxvuqqj +NOZMVTGJs+iEWf9On32UhlRTegcdYtLN75MzOVfBrCqZCpEpO1fH00JwCCJTJrdW +O33/p4O/k32KLTK77xGJaJWCtOidllqFAPIiqfPp+fL3aJMvsWZrhpnLwgKI1Q2x +HlNsBKmBNT86xwkjqDoigdj+HzocrhfqsRPJ5M1ESINkZkkpKljpF4lsisn6VGgf +uHBIrKeE4RDRD5nZ7RNby4dq+xDiMaROQ9DQMtsBSqnt5Y34BOl7D2SoFQILkQ1a +c3Zi+lg2OwzPwXEu9ur8fpF+eUA5LM73nK2jYq54q9kKwf2tCUIxemOtshphuxhf +BB4CHCkrgw6mQoS77LfTx9n7JlfKllbab1j/A5PQviA= +-----END PRIVATE KEY-----`; + +const DSA_PUBKEY = `-----BEGIN PUBLIC KEY----- +MIIDQjCCAjUGByqGSM44BAEwggIoAoIBAQC6C1frs+7zGGQiLsFzZIGWsLw4GQBt +U+yIhtN9FoKnrETZ3LqFEDpgCQorjc5I1TUmNPK2m3sf0SJFiC78T/dUpc4QPbff +nafO6dt/HnMRmtbA9q3vst+UT+yMTU99+t9zbcBiLWdwaqgIaDJrsMMMWrtBPM8G +KHU05cE0aeEFT6TB9XiQlAXhM3Fj+WWdZUTYUeTNk6s0lN8muf+HN2vayPOofVSF +YMPMlb8N8usnJc4wC5tp7Q+a4rJHTGepjJH2EMBGyBkUxC1+gOy2dJV9QorJXpxf +QEm9hOINpxnDENLkhswOFvZn+sMJj0uosF+fkLv4uowpuYt+30NR+Rx1Ah0AwPlJ +zxzOj2RIHxXp/HY2aZf3JdOTKVpPnZ4pBQKCAQA1zk6QcNFgPlIocQxvuqqjNOZM +VTGJs+iEWf9On32UhlRTegcdYtLN75MzOVfBrCqZCpEpO1fH00JwCCJTJrdWO33/ +p4O/k32KLTK77xGJaJWCtOidllqFAPIiqfPp+fL3aJMvsWZrhpnLwgKI1Q2xHlNs +BKmBNT86xwkjqDoigdj+HzocrhfqsRPJ5M1ESINkZkkpKljpF4lsisn6VGgfuHBI +rKeE4RDRD5nZ7RNby4dq+xDiMaROQ9DQMtsBSqnt5Y34BOl7D2SoFQILkQ1ac3Zi ++lg2OwzPwXEu9ur8fpF+eUA5LM73nK2jYq54q9kKwf2tCUIxemOtshphuxhfA4IB +BQACggEAaTfsNDdG+SCALKV55SfcrgejkZN4/+a2fg1LU81tWACSOsY03BULzexa +VS5Ji7VylFxdOEfrHRie1RcDm9K22i+b0M66jZAa24Es7s3paIhvuziwOlXkLTW0 +Iejrq62RYvYGPqgOXIk/ZEF8qx7nVV7veejQ66KEcZr+iSFRb06GjYsHtr3IHZAC +8PB1GyxWKH+EgBPY4FPBKcU6dNnvB871UlWuso9Z5xoacyz5RKhfE2b7PaU4NpCJ +N/871qIzCaD8kwC32042wHohTDHijSvwijjiY9twFQGcaTEkenFG6yHEXSg54Qk1 +ZJMV1HnACFLOjJNdJEn5LohpfS4yow== +-----END PUBLIC KEY-----`; + +const ED25519_PRIVKEY = `-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEIC18vtoHINC8Mo9dTIqOrBs3J28ZvHrwzRq57g2kpV98 +-----END PRIVATE KEY-----`; + +/* +const ED25519_PUBKEY = `-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEAELP6AflXwsuZ5q4NDIO0LP2iCdKRvds4nwsUmRhOw3g= +-----END PUBLIC KEY-----`; +*/ + +const ED448_PRIVKEY = `-----BEGIN PRIVATE KEY----- +MEcCAQAwBQYDK2VxBDsEOWdGJ06bDcWznJhBoQqPeTfsCe+AvBv1n7KfIGYzR4tv +1kcwHnbxlemnCMgqvbrRXaLuFUBysUZThA== +-----END PRIVATE KEY-----`; + +/* +const ED448_PUBKEY = `-----BEGIN PUBLIC KEY----- +MEMwBQYDK2VxAzoAVN8kG0TMVyGOu/OvBTe8H0Wi4HJrQAlSv4XLwJbkuoi4EeRl +EHQwXsNYLZTtY2Jra6AWhbVYYaEA +-----END PUBLIC KEY-----`; +*/ + +TestRegister.addTests([ + { + name: "Public Key from Private Key: Missing footer", + input: RSA_PRIVKEY_PKCS1.substring(0, RSA_PRIVKEY_PKCS1.length / 2), + expectedOutput: "PEM footer '-----END RSA PRIVATE KEY-----' not found", + recipeConfig: [ + { + op: "Public Key from Private Key", + args: [], + } + ], + }, + + // test RSA + { + name: "Public Key from Private Key: RSA PKCS#1", + input: RSA_PRIVKEY_PKCS1, + expectedOutput: (RSA_PUBKEY + "\n").replace(/\r/g, "").replace(/\n/g, "\r\n"), + recipeConfig: [ + { + op: "Public Key from Private Key", + args: [], + } + ], + }, + { + name: "Public Key from Private Key: RSA PKCS#8", + input: RSA_PRIVKEY_PKCS8, + expectedOutput: (RSA_PUBKEY + "\n").replace(/\r/g, "").replace(/\n/g, "\r\n"), + recipeConfig: [ + { + op: "Public Key from Private Key", + args: [], + } + ], + }, + + // test EC certificate + { + name: "Public Key from Private Key: EC SEC1", + input: EC_P256_PRIVKEY_SEC1, + expectedOutput: (EC_P256_PUBKEY + "\n").replace(/\r/g, "").replace(/\n/g, "\r\n"), + recipeConfig: [ + { + op: "Public Key from Private Key", + args: [], + } + ], + }, + { + name: "Public Key from Private Key: EC PKCS#8", + input: EC_P256_PRIVKEY_PKCS8, + expectedOutput: (EC_P256_PUBKEY + "\n").replace(/\r/g, "").replace(/\n/g, "\r\n"), + recipeConfig: [ + { + op: "Public Key from Private Key", + args: [], + } + ], + }, + + // test DSA + { + name: "Public Key from Private Key: DSA Traditional", + input: DSA_PRIVKEY_TRAD, + expectedOutput: (DSA_PUBKEY + "\n").replace(/\r/g, "").replace(/\n/g, "\r\n"), + recipeConfig: [ + { + op: "Public Key from Private Key", + args: [], + } + ], + }, + { + name: "Public Key from Private Key: DSA PKCS#8", + input: DSA_PRIVKEY_PKCS8, + expectedOutput: "DSA Private Key in PKCS#8 is not supported", + recipeConfig: [ + { + op: "Public Key from Private Key", + args: [], + } + ], + }, + + // test EdDSA + { + name: "Public Key from Private Key: Ed25519", + input: ED25519_PRIVKEY, + expectedOutput: "Unsupported key type: Error: malformed PKCS8 private key(code:004)", + recipeConfig: [ + { + op: "Public Key from Private Key", + args: [], + } + ], + }, + { + name: "Public Key from Private Key: Ed448", + input: ED448_PRIVKEY, + expectedOutput: "Unsupported key type: Error: malformed PKCS8 private key(code:004)", + recipeConfig: [ + { + op: "Public Key from Private Key", + args: [], + } + ], + }, + + // test multi-input + { + name: "Public Key from Private Key: Multiple keys", + input: RSA_PRIVKEY_PKCS8 + "\n" + EC_P256_PRIVKEY_PKCS8, + expectedOutput: (RSA_PUBKEY + "\n" + EC_P256_PUBKEY + "\n").replace(/\r/g, "").replace(/\n/g, "\r\n"), + recipeConfig: [ + { + op: "Public Key from Private Key", + args: [], + } + ], + } +]); diff --git a/tests/operations/tests/RAKE.mjs b/tests/operations/tests/RAKE.mjs index 8164ca01..fe718076 100644 --- a/tests/operations/tests/RAKE.mjs +++ b/tests/operations/tests/RAKE.mjs @@ -1,6 +1,6 @@ /** * RAKE, Rapid Automatic Keyword Extraction tests. - * + * * @author sw5678 * @copyright Crown Copyright 2024 * @license Apache-2.0 diff --git a/tests/operations/tests/Salsa20.mjs b/tests/operations/tests/Salsa20.mjs new file mode 100644 index 00000000..2b9cbe29 --- /dev/null +++ b/tests/operations/tests/Salsa20.mjs @@ -0,0 +1,76 @@ +/** + * Salsa20 tests. + * + * @author joostrijneveld [joost@joostrijneveld.nl] + * @copyright Crown Copyright 2024 + * @license Apache-2.0 + */ + +import TestRegister from "../../lib/TestRegister.mjs"; + +TestRegister.addTests([ + { + name: "Salsa20: no key", + input: "", + expectedOutput: `Invalid key length: 0 bytes. + +Salsa20 uses a key of 16 or 32 bytes (128 or 256 bits).`, + recipeConfig: [ + { + "op": "Salsa20", + "args": [ + {"option": "Hex", "string": ""}, + {"option": "Hex", "string": ""}, + 0, "20", "Hex", "Hex", + ] + } + ], + }, + { + name: "Salsa20: no nonce", + input: "", + expectedOutput: `Invalid nonce length: 0 bytes. + +Salsa20 uses a nonce of 8 bytes (64 bits).`, + recipeConfig: [ + { + "op": "Salsa20", + "args": [ + {"option": "Hex", "string": "00000000000000000000000000000000"}, + {"option": "Hex", "string": ""}, + 0, "20", "Hex", "Hex", + ] + } + ], + }, + { + name: "Salsa20: ECRYPT Set 1 vector# 0", + input: "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00", + expectedOutput: "e3 be 8f dd 8b ec a2 e3 ea 8e f9 47 5b 29 a6 e7 00 39 51 e1 09 7a 5c 38 d2 3b 7a 5f ad 9f 68 44 b2 2c 97 55 9e 27 23 c7 cb bd 3f e4 fc 8d 9a 07 44 65 2a 83 e7 2a 9c 46 18 76 af 4d 7e f1 a1 17 8d a2 b7 4e ef 1b 62 83 e7 e2 01 66 ab ca e5 38 e9 71 6e 46 69 e2 81 6b 6b 20 c5 c3 56 80 20 01 cc 14 03 a9 a1 17 d1 2a 26 69 f4 56 36 6d 6e bb 0f 12 46 f1 26 51 50 f7 93 cd b4 b2 53 e3 48 ae 20 3d 89 bc 02 5e 80 2a 7e 0e 00 62 1d 70 aa 36 b7 e0 7c b1 e7 d5 b3 8d 5e 22 2b 8b 0e 4b 84 07 01 42 b1 e2 95 04 76 7d 76 82 48 50 32 0b 53 68 12 9f dd 74 e8 61 b4 98 e3 be 8d 16 f2 d7 d1 69 57 be 81 f4 7b 17 d9 ae 7c 4f f1 54 29 a7 3e 10 ac f2 50 ed 3a 90 a9 3c 71 13 08 a7 4c 62 16 a9 ed 84 cd 12 6d a7 f2 8e 8a bf 8b b6 35 17 e1 ca 98 e7 12 f4 fb 2e 1a 6a ed 9f dc 73 29 1f aa 17 95 82 11 c4 ba 2e bd 58 38 c6 35 ed b8 1f 51 3a 91 a2 94 e1 94 f1 c0 39 ae ec 65 7d ce 40 aa 7e 7c 0a f5 7c ac ef a4 0c 9f 14 b7 1a 4b 34 56 a6 3e 16 2e c7 d8 d1 0b 8f fb 18 10 d7 10 01 b6 18 2f 9f 73 da 53 b8 54 05 c1 1f 7b 2d 89 0f a8 ae 0c 7f 2e 92 6d 8a 98 c7 ec 4e 91 b6 51 20 e9 88 34 96 31 a7 00 c6 fa ce c3 47 1c b0 41 36 56 e7 5e 30 94 56 58 40 84 d7 e1 2c 5b 43 a4 1c 43 ed 9a 04 8a bd 9b 88 0d a6 5f 6a 66 5a 20 fe 7b 77 cd 29 2f e6 2c ae 64 4b 7f 7d f6 9f 32 bd b3 31 90 3e 65 05 ce 44 fd c2 93 92 0c 6a 9e c7 05 7e 23 df 7d ad 29 8f 82 dd f4 ef b7 fd c7 bf c6 22 69 6a fc fd 0c dd cc 83 c7 e7 7f 11 a6 49 d7 9a cd c3 35 4e 96 35 ff 13 7e 92 99 33 a0 bd 6f 53 77 ef a1 05 a3 a4 26 6b 7c 0d 08 9d 08 f1 e8 55 cc 32 b1 5b 93 78 4a 36 e5 6a 76 cc 64 bc 84 77", + recipeConfig: [ + { + "op": "Salsa20", + "args": [ + {"option": "Hex", "string": "80:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00"}, + {"option": "Hex", "string": "00:00:00:00:00:00:00:00"}, + 0, "20", "Hex", "Hex", + ] + } + ], + }, + { + name: "Salsa20: ECRYPT Set 6 vector# 3", + input: "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00", + expectedOutput: "71 da ee 51 42 d0 72 8b 41 b6 59 79 33 eb f4 67 e4 32 79 e3 09 78 67 70 78 94 16 02 62 9c bf 68 b7 3d 6b d2 c9 5f 11 8d 2b 3e 6e c9 55 da bb 6d c6 1c 41 43 bc 9a 9b 32 b9 9d be 68 66 16 6d c0 86 31 b7 d6 55 30 50 30 3d 72 52 c2 64 d3 a9 0d 26 c8 53 63 48 13 e0 9a d7 54 5a 6c e7 e8 4a 5d fc 75 ec 43 43 12 07 d5 31 99 70 b0 fa ad b0 e1 51 06 25 bb 54 37 2c 85 15 e2 8e 2a cc f0 a9 93 0a d1 5f 43 18 74 92 3d 2a 59 e2 0d 9f 2a 53 67 db a6 05 15 64 f1 50 28 7d eb b1 db 53 6f f9 b0 9a d9 81 f2 5e 50 10 d8 5d 76 ee 0c 30 5f 75 5b 25 e6 f0 93 41 e0 81 2f 95 c9 4f 42 ee ad 34 6e 81 f3 9c 58 c5 fa a2 c8 89 53 dc 0c ac 90 46 9d b2 06 3c b5 cd b2 2c 9e ae 22 af bf 05 06 fc a4 1d c7 10 b8 46 fb df e3 c4 68 83 dd 11 8f 3a 5e 8b 11 b6 af d9 e7 16 80 d8 66 65 57 30 1a 2d aa fb 94 96 c5 59 78 4d 35 a0 35 36 08 85 f9 b1 7b d7 19 19 77 de ea 93 2b 98 1e bd b2 90 57 ae 3c 92 cf ef f5 e6 c5 d0 cb 62 f2 09 ce 34 2d 4e 35 c6 96 46 cc d1 4e 53 35 0e 48 8b b3 10 a3 2f 8b 02 48 e7 0a cc 5b 47 3d f5 37 ce d3 f8 1a 01 4d 40 83 93 2b ed d6 2e d0 e4 47 b6 76 6c d2 60 4b 70 6e 9b 34 6c 44 68 be b4 6a 34 ec f1 61 0e bd 38 33 1d 52 bf 33 34 6a fe c1 5e ef b2 a7 69 9e 87 59 db 5a 1f 63 6a 48 a0 39 68 8e 39 de 34 d9 95 df 9f 27 ed 9e dc 8d d7 95 e3 9e 53 d9 d9 25 b2 78 01 05 65 ff 66 52 69 04 2f 05 09 6d 94 da 34 33 d9 57 ec 13 d2 fd 82 a0 06 62 83 d0 d1 ee b8 1b f0 ef 13 3b 7f d9 02 48 b8 ff b4 99 b2 41 4c d4 fa 00 30 93 ff 08 64 57 5a 43 74 9b f5 96 02 f2 6c 71 7f a9 6b 1d 05 76 97 db 08 eb c3 fa 66 4a 01 6a 67 dc ef 88 07 57 7c c3 a0 93 85 d3", + recipeConfig: [ + { + "op": "Salsa20", + "args": [ + {"option": "Hex", "string": "0F:62:B5:08:5B:AE:01:54:A7:FA:4D:A0:F3:46:99:EC"}, + {"option": "Hex", "string": "28:8F:F6:5D:C4:2B:92:F9"}, + 0, "20", "Hex", "Hex", + ] + } + ], + }, +]); diff --git a/tests/operations/tests/XSalsa20.mjs b/tests/operations/tests/XSalsa20.mjs new file mode 100644 index 00000000..0d26af97 --- /dev/null +++ b/tests/operations/tests/XSalsa20.mjs @@ -0,0 +1,61 @@ +/** + * XSalsa20 tests. + * + * @author joostrijneveld [joost@joostrijneveld.nl] + * @copyright Crown Copyright 2024 + * @license Apache-2.0 + */ + +import TestRegister from "../../lib/TestRegister.mjs"; + +TestRegister.addTests([ + { + name: "XSalsa20: no key", + input: "", + expectedOutput: `Invalid key length: 0 bytes. + +XSalsa20 uses a key of 16 or 32 bytes (128 or 256 bits).`, + recipeConfig: [ + { + "op": "XSalsa20", + "args": [ + {"option": "Hex", "string": ""}, + {"option": "Hex", "string": ""}, + 0, "20", "Hex", "Hex", + ] + } + ], + }, + { + name: "XSalsa20: no nonce", + input: "", + expectedOutput: `Invalid nonce length: 0 bytes. + +XSalsa20 uses a nonce of 24 bytes (192 bits).`, + recipeConfig: [ + { + "op": "XSalsa20", + "args": [ + {"option": "Hex", "string": "00000000000000000000000000000000"}, + {"option": "Hex", "string": ""}, + 0, "20", "Hex", "Hex", + ] + } + ], + }, + { + name: "XSalsa20 custom vector", + input: "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00", + expectedOutput: "7c b6 60 af dd 9e c6 46 8f 57 dd 6d 24 33 f9 34 28 fd 82 cd 73 86 c5 47 1a 24 d8 ad 2a 52 5b 6e 5e ff 38 4f c7 ca a2 10 bb 3c 8f 3e 68 8f 4a 97 52 a5 46 df 8c 25 3f ef 17 a2 67 94 55 c7 a1 e1 83 db f5 d5 45 b0 f5 02 b9 8d e0 99 7a 66 ab 43 23 41 68 9f f3 97 dc 4f bc 1f 27 bd 1a 61 97 f5 dc 80 ff 19 05 16 c9 ed 14 f2 81 d1 ca 73 88 82 f6 d3 d2 fb 92 1e 2e f8 99 38 9e 0a 22 3b e7 ae 81 5a 04 86 5f 82 52 68 2f 6a d1 4f 98 ff 5f 08 23 cc 22 9d d2 22 9e 69 9d c2 1a 81 7d c9 54 bb 9b c9 0d ec 3b 9b d3 bf 20 9b 82 da f7 89 34 8a 5e 14 ec 54 2b 6d ee 8b 60 1e 7e 6d e3 c2 8a 2d 57 b6 25 e7 ea b3 43 d8 eb 20 85 b6 f6 82 09 58 99 35 20 44 22 60 60 61 d2 8d e9 8b ea 58 af bf ba ad 70 03 98 19 a0 c3 9a a8 63 94 47 5c d0 61 94 b0 17 ab c4 bb 28 b7 56 6d 3c 66 1c 76 f4 8a d3 a3 a2 9e d3 36 df 1f c6 8b 4f 44 2f 06 a3 58 0b ae c8 06 e2 e6 5d 39 ab 18 28 fe 80 18 12 69 2c 60 34 b5 0b f5 f3 3c 51 fc 0c fb 43 82 1e 3e 92 d6 b8 06 cf 00 16 e3 49 a0 34 83 20 f9 b0 53 7e ad ac 4a c1 36 5f cc fb be e2 ba 5a ad 1d 29 74 07 19 34 61 0e 9d ce 84 60 24 6a e6 8d ed 50 e0 20 44 26 d8 76 6d f2 da 4b 12 72 5a 85 c2 b1 07 04 f5 10 2e 3c 67 1c 5a fc 5b 46 0e 4d fb 39 b6 10 73 22 47 84 10 93 df 5f c8 92 7e 87 c3 0d 24 3a 48 b2 ad c2 56 3d a2 22 e9 02 9c 58 64 c6 d5 a5 f8 c6 54 99 1c 0f 6b f3 db ed 81 16 85 28 17 b0 eb 11 c7 05 9f f9 d8 fc 4a 1c 36 db 16 fd 38 d8 32 34 5b 8c 80 c6 51 21 1d 91 01 c5 8a 60 ad a4 39 33 d5 32 9a c1 f5 b2 ab 20 46 75 db 63 e0 bd d2 97 c0 e9 fc 1c d9 17 4a d1 3a db ea c2 8c 46 22 21 c3 5a bf 6c 1e cf 28 9c 8c 2f b2 0f", + recipeConfig: [ + { + "op": "XSalsa20", + "args": [ + {"option": "Hex", "string": "00:01:02:03:04:05:06:07:08:09:0A:0B:0C:0D:0E:0F:10:11:12:13:14:15:16:17:18:19:1A:1B:1C:1D:1E:1F"}, + {"option": "Hex", "string": "00:01:02:03:04:05:06:07:08:09:0A:0B:0C:0D:0E:0F:10:11:12:13:14:15:16:17"}, + 0, "20", "Hex", "Hex", + ] + } + ], + } +]); diff --git a/tests/operations/tests/XXTEA.mjs b/tests/operations/tests/XXTEA.mjs new file mode 100644 index 00000000..61e2c188 --- /dev/null +++ b/tests/operations/tests/XXTEA.mjs @@ -0,0 +1,42 @@ +/** + * XXTEA tests. + * + * @author devcydo [devcydo@gmail.com] + * @author n1474335 [n1474335@gmail.com] + * @copyright Crown Copyright 2024 + * @license Apache-2.0 + */ +import TestRegister from "../../lib/TestRegister.mjs"; + +TestRegister.addTests([ + { + name: "XXTEA Encrypt and Decrypt", + input: "Hello World! 你好,中国!", + expectedOutput: "Hello World! 你好,中国!", + recipeConfig: [ + { + "op": "XXTEA Encrypt", + "args": [{ "option": "UTF8", "string": "1234567890" }] + }, + { + "op": "XXTEA Decrypt", + "args": [{ "option": "UTF8", "string": "1234567890" }] + } + ], + }, + { + name: "XXTEA Encrypt", + input: "ნუ პანიკას", + expectedOutput: "3db5a39db1663fc029bb630a38635b8de5bfef62192e52cc4bf83cda8ccbc701", + recipeConfig: [ + { + "op": "XXTEA Encrypt", + "args": [{ "option": "UTF8", "string": "1234567890" }] + }, + { + "op": "To Hex", + "args": ["None", 0] + } + ], + } +]);