mirrors/CyberChef
1
0
Fork 0
mirror of https://github.com/gchq/CyberChef.git synced 2025-04-24 00:36:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'master' into master

Browse source
This commit is contained in:
0xh3xa 2025-04-03 09:22:38 +02:00 committed by GitHub
commit 9ca0152aac
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
14 changed files with 780 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/core/config/Categories.json
View file

@ -72,6 +72,8 @@
"Avro to JSON",
"CBOR Encode",
"CBOR Decode",
"YAML to JSON",
"JSON to YAML",
"Caret/M-decode",
"Rison Encode",
"Rison Decode",
@ -193,7 +195,9 @@
"Parse SSH Host Key",
"Parse CSR",
"Public Key from Certificate",
"Public Key from Private Key"
"Public Key from Private Key",
"SM2 Encrypt",
"SM2 Decrypt"
]
},
{
@ -465,6 +469,7 @@
"CSS Minify",
"XPath expression",
"JPath expression",
"Jq",
"CSS selector",
"PHP Deserialize",
"Microsoft Script Decoder",

258
src/core/lib/SM2.mjs Normal file
View file

@ -0,0 +1,258 @@
/**
* Utilities and operations utilized for SM2 encryption and decryption
* @author flakjacket95 [dflack95@gmail.com]
* @copyright Crown Copyright 2024
* @license Apache-2.0
*/
import OperationError from "../errors/OperationError.mjs";
import { fromHex } from "../lib/Hex.mjs";
import Utils from "../Utils.mjs";
import Sm3 from "crypto-api/src/hasher/sm3.mjs";
import {toHex} from "crypto-api/src/encoder/hex.mjs";
import r from "jsrsasign";
/**
* SM2 Class for encryption and decryption operations
*/
export class SM2 {
/**
* Constructor for SM2 class; sets up with the curve and the output format as specified in user args
*
* @param {*} curve
* @param {*} format
*/
constructor(curve, format) {
this.ecParams = null;
this.rng = new r.SecureRandom();
/*
For any additional curve definitions utilized by SM2, add another block like the below for that curve, then add the curve name to the Curve selection dropdown
*/
r.crypto.ECParameterDB.regist(
"sm2p256v1", // name / p = 2**256 - 2**224 - 2**96 + 2**64 - 1
256,
"FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF", // p
"FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC", // a
"28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93", // b
"FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123", // n
"1", // h
"32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7", // gx
"BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0", // gy
[]
); // alias
this.ecParams = r.crypto.ECParameterDB.getByName(curve);
this.format = format;
}
/**
* Set the public key coordinates for the SM2 class
*
* @param {string} publicKeyX
* @param {string} publicKeyY
*/
setPublicKey(publicKeyX, publicKeyY) {
/*
* TODO: This needs some additional length validation; and checking for errors in the decoding process
* TODO: Can probably support other public key encoding methods here as well in the future
*/
this.publicKey = this.ecParams.curve.decodePointHex("04" + publicKeyX + publicKeyY);
if (this.publicKey.isInfinity()) {
throw new OperationError("Invalid Public Key");
}
}
/**
* Set the private key value for the SM2 class
*
* @param {string} privateKey
*/
setPrivateKey(privateKeyHex) {
this.privateKey = new r.BigInteger(privateKeyHex, 16);
}
/**
* Main encryption function; takes user input, processes encryption and returns the result in hex (with the components arranged as configured by the user args)
*
* @param {*} input
* @returns {string}
*/
encrypt(input) {
const G = this.ecParams.G;
/*
* Compute a new, random public key along the same elliptic curve to form the starting point for our encryption process (record the resulting X and Y as hex to provide as part of the operation output)
* k: Randomly generated BigInteger
* c1: Result of dotting our curve generator point `G` with the value of `k`
*/
const k = this.generatePublicKey();
const c1 = G.multiply(k);
const [hexC1X, hexC1Y] = this.getPointAsHex(c1);
/*
* Compute p2 (secret) using the public key, and the chosen k value above
*/
const p2 = this.publicKey.multiply(k);
/*
* Compute the C3 SM3 hash before we transform the array
*/
const c3 = this.c3(p2, input);
/*
* Genreate a proper length encryption key, XOR iteratively, and convert newly encrypted data to hex
*/
const key = this.kdf(p2, input.byteLength);
for (let i = 0; i < input.byteLength; i++) {
input[i] ^= Utils.ord(key[i]);
}
const c2 = Buffer.from(input).toString("hex");
/*
* Check user input specs; order the output components as selected
*/
if (this.format === "C1C3C2") {
return hexC1X + hexC1Y + c3 + c2;
} else {
return hexC1X + hexC1Y + c2 + c3;
}
}
/**
* Function to decrypt an SM2 encrypted message
*
* @param {*} input
*/
decrypt(input) {
const c1X = input.slice(0, 64);
const c1Y = input.slice(64, 128);
let c3 = "";
let c2 = "";
if (this.format === "C1C3C2") {
c3 = input.slice(128, 192);
c2 = input.slice(192);
} else {
c2 = input.slice(128, -64);
c3 = input.slice(-64);
}
c2 = Uint8Array.from(fromHex(c2));
const c1 = this.ecParams.curve.decodePointHex("04" + c1X + c1Y);
/*
* Compute the p2 (secret) value by taking the C1 point provided in the encrypted package, and multiplying by the private k value
*/
const p2 = c1.multiply(this.privateKey);
/*
* Similar to encryption; compute sufficient length key material and XOR the input data to recover the original message
*/
const key = this.kdf(p2, c2.byteLength);
for (let i = 0; i < c2.byteLength; i++) {
c2[i] ^= Utils.ord(key[i]);
}
const check = this.c3(p2, c2);
if (check === c3) {
return c2.buffer;
} else {
throw new OperationError("Decryption Error -- Computed Hashes Do Not Match");
}
}
/**
* Generates a large random number
*
* @param {*} limit
* @returns
*/
getBigRandom(limit) {
return new r.BigInteger(limit.bitLength(), this.rng)
.mod(limit.subtract(r.BigInteger.ONE))
.add(r.BigInteger.ONE);
}
/**
* Helper function for generating a large random K number; utilized for generating our initial C1 point
* TODO: Do we need to do any sort of validation on the resulting k values?
*
* @returns {BigInteger}
*/
generatePublicKey() {
const n = this.ecParams.n;
const k = this.getBigRandom(n);
return k;
}
/**
* SM2 Key Derivation Function (KDF); Takes P2 point, and generates a key material stream large enough to encrypt all of the input data
*
* @param {*} p2
* @param {*} len
* @returns {string}
*/
kdf(p2, len) {
const [hX, hY] = this.getPointAsHex(p2);
const total = Math.ceil(len / 32) + 1;
let cnt = 1;
let keyMaterial = "";
while (cnt < total) {
const num = Utils.intToByteArray(cnt, 4, "big");
const overall = fromHex(hX).concat(fromHex(hY)).concat(num);
keyMaterial += this.sm3(overall);
cnt++;
}
return keyMaterial;
}
/**
* Calculates the C3 component of our final encrypted payload; which is the SM3 hash of the P2 point and the original, unencrypted input data
*
* @param {*} p2
* @param {*} input
* @returns {string}
*/
c3(p2, input) {
const [hX, hY] = this.getPointAsHex(p2);
const overall = fromHex(hX).concat(Array.from(input)).concat(fromHex(hY));
return toHex(this.sm3(overall));
}
/**
* SM3 setup helper function; takes input data as an array, processes the hash and returns the result
*
* @param {*} data
* @returns {string}
*/
sm3(data) {
const hashData = Utils.arrayBufferToStr(Uint8Array.from(data).buffer, false);
const hasher = new Sm3();
hasher.update(hashData);
return hasher.finalize();
}
/**
* Utility function, returns an elliptic curve points X and Y values as hex;
*
* @param {EcPointFp} point
* @returns {[]}
*/
getPointAsHex(point) {
const biX = point.getX().toBigInteger();
const biY = point.getY().toBigInteger();
const charlen = this.ecParams.keycharlen;
const hX = ("0000000000" + biX.toString(16)).slice(- charlen);
const hY = ("0000000000" + biY.toString(16)).slice(- charlen);
return [hX, hY];
}
}

46
src/core/operations/JSONtoYAML.mjs Normal file
View file

@ -0,0 +1,46 @@
/**
* @author ccarpo [ccarpo@gmx.net]
* @copyright Crown Copyright 2021
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import OperationError from "../errors/OperationError.mjs";
import YAML from "yaml";
/**
* JSON to YAML operation
*/
class JSONtoYAML extends Operation {
/**
* JSONtoYAML constructor
*/
constructor() {
super();
this.name = "JSON to YAML";
this.module = "Default";
this.description = "Format a JSON object into YAML";
this.infoURL = "https://en.wikipedia.org/wiki/YAML";
this.inputType = "JSON";
this.outputType = "string";
this.args = [];
}
/**
* @param {JSON} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
try {
return YAML.stringify(input);
} catch (err) {
throw new OperationError("Test");
}
}
}
export default JSONtoYAML;

57
src/core/operations/Jq.mjs Normal file
View file

@ -0,0 +1,57 @@
/**
* @author zhzy0077 [zhzy0077@hotmail.com]
* @copyright Crown Copyright 2023
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import OperationError from "../errors/OperationError.mjs";
import jq from "jq-web";
/**
* jq operation
*/
class Jq extends Operation {
/**
* Jq constructor
*/
constructor() {
super();
this.name = "Jq";
this.module = "Jq";
this.description = "jq is a lightweight and flexible command-line JSON processor.";
this.infoURL = "https://github.com/jqlang/jq";
this.inputType = "JSON";
this.outputType = "string";
this.args = [
{
name: "Query",
type: "string",
value: ""
}
];
}
/**
* @param {JSON} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const [query] = args;
let result;
try {
result = jq.json(input, query);
} catch (err) {
throw new OperationError(`Invalid jq expression: ${err.message}`);
}
return JSON.stringify(result);
}
}
export default Jq;

10
src/core/operations/ParseX509Certificate.mjs
View file

@ -6,7 +6,8 @@
import r from "jsrsasign";
import { fromBase64 } from "../lib/Base64.mjs";
import { toHex } from "../lib/Hex.mjs";
import { runHash } from "../lib/Hash.mjs";
import { fromHex, toHex } from "../lib/Hex.mjs";
import { formatByteStr, formatDnObj } from "../lib/PublicKey.mjs";
import Operation from "../Operation.mjs";
import Utils from "../Utils.mjs";
@ -81,7 +82,8 @@ class ParseX509Certificate extends Operation {
}
if (undefinedInputFormat) throw "Undefined input format";
const sn = cert.getSerialNumberHex(),
const hex = Utils.strToArrayBuffer(Utils.byteArrayToChars(fromHex(cert.hex))),
sn = cert.getSerialNumberHex(),
issuer = cert.getIssuer(),
subject = cert.getSubject(),
pk = cert.getPublicKey(),
@ -191,6 +193,10 @@ Issuer
${issuerStr}
Subject
${subjectStr}
Fingerprints
MD5: ${runHash("md5", hex)}
SHA1: ${runHash("sha1", hex)}
SHA256: ${runHash("sha256", hex)}
Public Key
${pkStr.slice(0, -1)}
Certificate Signature

71
src/core/operations/SM2Decrypt.mjs Normal file
View file

@ -0,0 +1,71 @@
/**
* @author flakjacket95 [dflack95@gmail.com]
* @copyright Crown Copyright 2024
* @license Apache-2.0
*/
import OperationError from "../errors/OperationError.mjs";
import Operation from "../Operation.mjs";
import { SM2 } from "../lib/SM2.mjs";
/**
* SM2Decrypt operation
*/
class SM2Decrypt extends Operation {
/**
* SM2Decrypt constructor
*/
constructor() {
super();
this.name = "SM2 Decrypt";
this.module = "Crypto";
this.description = "Decrypts a message utilizing the SM2 standard";
this.infoURL = ""; // Usually a Wikipedia link. Remember to remove localisation (i.e. https://wikipedia.org/etc rather than https://en.wikipedia.org/etc)
this.inputType = "string";
this.outputType = "ArrayBuffer";
this.args = [
{
name: "Private Key",
type: "string",
value: "DEADBEEF"
},
{
"name": "Input Format",
"type": "option",
"value": ["C1C3C2", "C1C2C3"],
"defaultIndex": 0
},
{
name: "Curve",
type: "option",
"value": ["sm2p256v1"],
"defaultIndex": 0
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {ArrayBuffer}
*/
run(input, args) {
const [privateKey, inputFormat, curveName] = args;
if (privateKey.length !== 64) {
throw new OperationError("Input private key must be in hex; and should be 32 bytes");
}
const sm2 = new SM2(curveName, inputFormat);
sm2.setPrivateKey(privateKey);
const result = sm2.decrypt(input);
return result;
}
}
export default SM2Decrypt;

77
src/core/operations/SM2Encrypt.mjs Normal file
View file

@ -0,0 +1,77 @@
/**
* @author flakjacket95 [dflack95@gmail.com]
* @copyright Crown Copyright 2024
* @license Apache-2.0
*/
import OperationError from "../errors/OperationError.mjs";
import Operation from "../Operation.mjs";
import { SM2 } from "../lib/SM2.mjs";
/**
* SM2 Encrypt operation
*/
class SM2Encrypt extends Operation {
/**
* SM2Encrypt constructor
*/
constructor() {
super();
this.name = "SM2 Encrypt";
this.module = "Crypto";
this.description = "Encrypts a message utilizing the SM2 standard";
this.infoURL = ""; // Usually a Wikipedia link. Remember to remove localisation (i.e. https://wikipedia.org/etc rather than https://en.wikipedia.org/etc)
this.inputType = "ArrayBuffer";
this.outputType = "string";
this.args = [
{
name: "Public Key X",
type: "string",
value: "DEADBEEF"
},
{
name: "Public Key Y",
type: "string",
value: "DEADBEEF"
},
{
"name": "Output Format",
"type": "option",
"value": ["C1C3C2", "C1C2C3"],
"defaultIndex": 0
},
{
name: "Curve",
type: "option",
"value": ["sm2p256v1"],
"defaultIndex": 0
}
];
}
/**
* @param {ArrayBuffer} input
* @param {Object[]} args
* @returns {byteArray}
*/
run(input, args) {
const [publicKeyX, publicKeyY, outputFormat, curveName] = args;
this.outputFormat = outputFormat;
if (publicKeyX.length !== 64 || publicKeyY.length !== 64) {
throw new OperationError("Invalid Public Key - Ensure each component is 32 bytes in size and in hex");
}
const sm2 = new SM2(curveName, outputFormat);
sm2.setPublicKey(publicKeyX, publicKeyY);
const result = sm2.encrypt(new Uint8Array(input));
return result;
}
}
export default SM2Encrypt;

45
src/core/operations/YAMLToJSON.mjs Normal file
View file

@ -0,0 +1,45 @@
/**
* @author ccarpo [ccarpo@gmx.net]
* @copyright Crown Copyright 2021
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import OperationError from "../errors/OperationError.mjs";
import jsYaml from "js-yaml";
/**
* YAML to JSON operation
*/
class YAMLToJSON extends Operation {
/**
* YAMLToJSON constructor
*/
constructor() {
super();
this.name = "YAML to JSON";
this.module = "Default";
this.description = "Convert YAML to JSON";
this.infoURL = "https://en.wikipedia.org/wiki/YAML";
this.inputType = "string";
this.outputType = "JSON";
this.args = [];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {JSON}
*/
run(input, args) {
try {
return jsYaml.load(input);
} catch (err) {
throw new OperationError("Unable to parse YAML: " + err);
}
}
}
export default YAMLToJSON;

18
src/web/waiters/OptionsWaiter.mjs
View file

@ -160,7 +160,15 @@ class OptionsWaiter {
// Update theme selection
const themeSelect = document.getElementById("theme");
themeSelect.selectedIndex = themeSelect.querySelector(`option[value="${theme}"`).index;
let themeOption = themeSelect.querySelector(`option[value="${theme}"]`);
if (!themeOption) {
const preferredColorScheme = this.getPreferredColorScheme();
document.querySelector(":root").className = preferredColorScheme;
themeOption = themeSelect.querySelector(`option[value="${preferredColorScheme}"]`);
}
themeSelect.selectedIndex = themeOption.index;
}
/**
@ -176,6 +184,14 @@ class OptionsWaiter {
this.changeTheme(theme);
}
/**
* Get the user's preferred color scheme using the `prefers-color-scheme` media query.
*/
getPreferredColorScheme() {
const prefersDarkScheme = window.matchMedia("(prefers-color-scheme: dark)").matches;
return prefersDarkScheme ? "dark" : "classic";
}
/**
* Changes the console logging level.
*