mirrors/CyberChef
1
0
Fork 0
mirror of https://github.com/gchq/CyberChef.git synced 2025-04-21 23:36:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

add new operation: CMAC

Browse source
This commit is contained in:
MikeCAT 2022-11-02 02:07:16 +09:00
parent ed8bd34915
commit c0bd6645ce
4 changed files with 457 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

141
src/core/operations/CMAC.mjs Normal file
View file

@ -0,0 +1,141 @@
/**
* @author mikecat
* @copyright Crown Copyright 2022
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import Utils from "../Utils.mjs";
import forge from "node-forge";
import { toHexFast } from "../lib/Hex.mjs";
import OperationError from "../errors/OperationError.mjs";
/**
* CMAC operation
*/
class CMAC extends Operation {
/**
* CMAC constructor
*/
constructor() {
super();
this.name = "CMAC";
this.module = "Crypto";
this.description = "CMAC is a block-cipher based message authentication code algorithm.<br><br>RFC4493 defines AES-CMAC that uses AES encryption with a 128-bit key.<br>NIST SP 800-38B suggests usages of AES with other key lengths and Triple DES.";
this.infoURL = "https://wikipedia.org/wiki/CMAC";
this.inputType = "ArrayBuffer";
this.outputType = "string";
this.args = [
{
"name": "Key",
"type": "toggleString",
"value": "",
"toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
},
{
"name": "Encryption algorithm",
"type": "option",
"value": ["AES", "Triple DES"]
}
];
}
/**
* @param {ArrayBuffer} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const key = Utils.convertToByteString(args[0].string, args[0].option);
const info = (function() {
switch (args[1]) {
case "AES":
if (key.length !== 16 && key.length !== 24 && key.length !== 32) {
throw new OperationError("the key for AES must be either 16, 24, or 32 bytes (currently " + key.length + " bytes)");
}
return {
"algorithm": "AES-ECB",
"blockSize": 16,
"Rb": new Uint8Array([0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x87]),
};
case "Triple DES":
if (key.length !== 24) {
throw new OperationError("the key for Triple DES must be 24 bytes (currently " + key.length + " bytes)");
}
return {
"algorithm": "3DES-ECB",
"blockSize": 8,
"Rb": new Uint8Array([0, 0, 0, 0, 0, 0, 0, 0x1b]),
};
default:
throw new OperationError("undefined encryption algorithm");
}
})();
const xor = function(a, b, out) {
if (!out) out = new Uint8Array(a.length);
for (let i = 0; i < a.length; i++) {
out[i] = a[i] ^ b[i];
}
return out;
};
const leftShift1 = function(a) {
const out = new Uint8Array(a.length);
let carry = 0;
for (let i = a.length - 1; i >= 0; i--) {
out[i] = (a[i] << 1) | carry;
carry = a[i] >> 7;
}
return out;
};
const cipher = forge.cipher.createCipher(info.algorithm, key);
const encrypt = function(a, out) {
if (!out) out = new Uint8Array(a.length);
cipher.start();
cipher.update(forge.util.createBuffer(a));
cipher.finish();
const cipherText = cipher.output.getBytes();
for (let i = 0; i < a.length; i++) {
out[i] = cipherText.charCodeAt(i);
}
return out;
};
const L = encrypt(new Uint8Array(info.blockSize));
const K1 = leftShift1(L);
if (L[0] & 0x80) xor(K1, info.Rb, K1);
const K2 = leftShift1(K1);
if (K1[0] & 0x80) xor(K2, info.Rb, K2);
const n = Math.ceil(input.byteLength / info.blockSize);
const lastBlock = (function() {
if (n === 0) {
const data = new Uint8Array(K2);
data[0] ^= 0x80;
return data;
}
const inputLast = new Uint8Array(input, info.blockSize * (n - 1));
if (inputLast.length === info.blockSize) {
return xor(inputLast, K1, inputLast);
} else {
const data = new Uint8Array(info.blockSize);
data.set(inputLast, 0);
data[inputLast.length] = 0x80;
return xor(data, K2, data);
}
})();
const X = new Uint8Array(info.blockSize);
const Y = new Uint8Array(info.blockSize);
for (let i = 0; i < n - 1; i++) {
xor(X, new Uint8Array(input, info.blockSize * i, info.blockSize), Y);
encrypt(Y, X);
}
xor(lastBlock, X, Y);
const T = encrypt(Y);
return toHexFast(T);
}
}
export default CMAC;