mirrors/CyberChef
1
0
Fork 0
mirror of https://github.com/gchq/CyberChef.git synced 2025-04-20 14:56:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #1909 from flakjacket95/master

Browse source 
Add SM2 Encrypt and Decrypt Operations
This commit is contained in:
a3957273 2025-04-03 08:14:23 +01:00 committed by GitHub
commit f5b5227e53
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 545 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/core/config/Categories.json
View file

@ -193,7 +193,9 @@
"Parse SSH Host Key", "Parse SSH Host Key",
"Parse CSR", "Parse CSR",
"Public Key from Certificate", "Public Key from Certificate",
"Public Key from Private Key" "Public Key from Private Key",
"SM2 Encrypt",
"SM2 Decrypt"
] ]
}, },
{ {

258
src/core/lib/SM2.mjs Normal file
View file

@ -0,0 +1,258 @@
/**
* Utilities and operations utilized for SM2 encryption and decryption
* @author flakjacket95 [dflack95@gmail.com]
* @copyright Crown Copyright 2024
* @license Apache-2.0
*/
import OperationError from "../errors/OperationError.mjs";
import { fromHex } from "../lib/Hex.mjs";
import Utils from "../Utils.mjs";
import Sm3 from "crypto-api/src/hasher/sm3.mjs";
import {toHex} from "crypto-api/src/encoder/hex.mjs";
import r from "jsrsasign";
/**
* SM2 Class for encryption and decryption operations
*/
export class SM2 {
/**
* Constructor for SM2 class; sets up with the curve and the output format as specified in user args
*
* @param {*} curve
* @param {*} format
*/
constructor(curve, format) {
this.ecParams = null;
this.rng = new r.SecureRandom();
/*
For any additional curve definitions utilized by SM2, add another block like the below for that curve, then add the curve name to the Curve selection dropdown
*/
r.crypto.ECParameterDB.regist(
"sm2p256v1", // name / p = 2**256 - 2**224 - 2**96 + 2**64 - 1
256,
"FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF", // p
"FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC", // a
"28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93", // b
"FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123", // n
"1", // h
"32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7", // gx
"BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0", // gy
[]
); // alias
this.ecParams = r.crypto.ECParameterDB.getByName(curve);
this.format = format;
}
/**
* Set the public key coordinates for the SM2 class
*
* @param {string} publicKeyX
* @param {string} publicKeyY
*/
setPublicKey(publicKeyX, publicKeyY) {
/*
* TODO: This needs some additional length validation; and checking for errors in the decoding process
* TODO: Can probably support other public key encoding methods here as well in the future
*/
this.publicKey = this.ecParams.curve.decodePointHex("04" + publicKeyX + publicKeyY);
if (this.publicKey.isInfinity()) {
throw new OperationError("Invalid Public Key");
}
}
/**
* Set the private key value for the SM2 class
*
* @param {string} privateKey
*/
setPrivateKey(privateKeyHex) {
this.privateKey = new r.BigInteger(privateKeyHex, 16);
}
/**
* Main encryption function; takes user input, processes encryption and returns the result in hex (with the components arranged as configured by the user args)
*
* @param {*} input
* @returns {string}
*/
encrypt(input) {
const G = this.ecParams.G;
/*
* Compute a new, random public key along the same elliptic curve to form the starting point for our encryption process (record the resulting X and Y as hex to provide as part of the operation output)
* k: Randomly generated BigInteger
* c1: Result of dotting our curve generator point `G` with the value of `k`
*/
const k = this.generatePublicKey();
const c1 = G.multiply(k);
const [hexC1X, hexC1Y] = this.getPointAsHex(c1);
/*
* Compute p2 (secret) using the public key, and the chosen k value above
*/
const p2 = this.publicKey.multiply(k);
/*
* Compute the C3 SM3 hash before we transform the array
*/
const c3 = this.c3(p2, input);
/*
* Genreate a proper length encryption key, XOR iteratively, and convert newly encrypted data to hex
*/
const key = this.kdf(p2, input.byteLength);
for (let i = 0; i < input.byteLength; i++) {
input[i] ^= Utils.ord(key[i]);
}
const c2 = Buffer.from(input).toString("hex");
/*
* Check user input specs; order the output components as selected
*/
if (this.format === "C1C3C2") {
return hexC1X + hexC1Y + c3 + c2;
} else {
return hexC1X + hexC1Y + c2 + c3;
}
}
/**
* Function to decrypt an SM2 encrypted message
*
* @param {*} input
*/
decrypt(input) {
const c1X = input.slice(0, 64);
const c1Y = input.slice(64, 128);
let c3 = "";
let c2 = "";
if (this.format === "C1C3C2") {
c3 = input.slice(128, 192);
c2 = input.slice(192);
} else {
c2 = input.slice(128, -64);
c3 = input.slice(-64);
}
c2 = Uint8Array.from(fromHex(c2));
const c1 = this.ecParams.curve.decodePointHex("04" + c1X + c1Y);
/*
* Compute the p2 (secret) value by taking the C1 point provided in the encrypted package, and multiplying by the private k value
*/
const p2 = c1.multiply(this.privateKey);
/*
* Similar to encryption; compute sufficient length key material and XOR the input data to recover the original message
*/
const key = this.kdf(p2, c2.byteLength);
for (let i = 0; i < c2.byteLength; i++) {
c2[i] ^= Utils.ord(key[i]);
}
const check = this.c3(p2, c2);
if (check === c3) {
return c2.buffer;
} else {
throw new OperationError("Decryption Error -- Computed Hashes Do Not Match");
}
}
/**
* Generates a large random number
*
* @param {*} limit
* @returns
*/
getBigRandom(limit) {
return new r.BigInteger(limit.bitLength(), this.rng)
.mod(limit.subtract(r.BigInteger.ONE))
.add(r.BigInteger.ONE);
}
/**
* Helper function for generating a large random K number; utilized for generating our initial C1 point
* TODO: Do we need to do any sort of validation on the resulting k values?
*
* @returns {BigInteger}
*/
generatePublicKey() {
const n = this.ecParams.n;
const k = this.getBigRandom(n);
return k;
}
/**
* SM2 Key Derivation Function (KDF); Takes P2 point, and generates a key material stream large enough to encrypt all of the input data
*
* @param {*} p2
* @param {*} len
* @returns {string}
*/
kdf(p2, len) {
const [hX, hY] = this.getPointAsHex(p2);
const total = Math.ceil(len / 32) + 1;
let cnt = 1;
let keyMaterial = "";
while (cnt < total) {
const num = Utils.intToByteArray(cnt, 4, "big");
const overall = fromHex(hX).concat(fromHex(hY)).concat(num);
keyMaterial += this.sm3(overall);
cnt++;
}
return keyMaterial;
}
/**
* Calculates the C3 component of our final encrypted payload; which is the SM3 hash of the P2 point and the original, unencrypted input data
*
* @param {*} p2
* @param {*} input
* @returns {string}
*/
c3(p2, input) {
const [hX, hY] = this.getPointAsHex(p2);
const overall = fromHex(hX).concat(Array.from(input)).concat(fromHex(hY));
return toHex(this.sm3(overall));
}
/**
* SM3 setup helper function; takes input data as an array, processes the hash and returns the result
*
* @param {*} data
* @returns {string}
*/
sm3(data) {
const hashData = Utils.arrayBufferToStr(Uint8Array.from(data).buffer, false);
const hasher = new Sm3();
hasher.update(hashData);
return hasher.finalize();
}
/**
* Utility function, returns an elliptic curve points X and Y values as hex;
*
* @param {EcPointFp} point
* @returns {[]}
*/
getPointAsHex(point) {
const biX = point.getX().toBigInteger();
const biY = point.getY().toBigInteger();
const charlen = this.ecParams.keycharlen;
const hX = ("0000000000" + biX.toString(16)).slice(- charlen);
const hY = ("0000000000" + biY.toString(16)).slice(- charlen);
return [hX, hY];
}
}

71
src/core/operations/SM2Decrypt.mjs Normal file
View file

@ -0,0 +1,71 @@
/**
* @author flakjacket95 [dflack95@gmail.com]
* @copyright Crown Copyright 2024
* @license Apache-2.0
*/
import OperationError from "../errors/OperationError.mjs";
import Operation from "../Operation.mjs";
import { SM2 } from "../lib/SM2.mjs";
/**
* SM2Decrypt operation
*/
class SM2Decrypt extends Operation {
/**
* SM2Decrypt constructor
*/
constructor() {
super();
this.name = "SM2 Decrypt";
this.module = "Crypto";
this.description = "Decrypts a message utilizing the SM2 standard";
this.infoURL = ""; // Usually a Wikipedia link. Remember to remove localisation (i.e. https://wikipedia.org/etc rather than https://en.wikipedia.org/etc)
this.inputType = "string";
this.outputType = "ArrayBuffer";
this.args = [
{
name: "Private Key",
type: "string",
value: "DEADBEEF"
},
{
"name": "Input Format",
"type": "option",
"value": ["C1C3C2", "C1C2C3"],
"defaultIndex": 0
},
{
name: "Curve",
type: "option",
"value": ["sm2p256v1"],
"defaultIndex": 0
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {ArrayBuffer}
*/
run(input, args) {
const [privateKey, inputFormat, curveName] = args;
if (privateKey.length !== 64) {
throw new OperationError("Input private key must be in hex; and should be 32 bytes");
}
const sm2 = new SM2(curveName, inputFormat);
sm2.setPrivateKey(privateKey);
const result = sm2.decrypt(input);
return result;
}
}
export default SM2Decrypt;

77
src/core/operations/SM2Encrypt.mjs Normal file
View file

@ -0,0 +1,77 @@
/**
* @author flakjacket95 [dflack95@gmail.com]
* @copyright Crown Copyright 2024
* @license Apache-2.0
*/
import OperationError from "../errors/OperationError.mjs";
import Operation from "../Operation.mjs";
import { SM2 } from "../lib/SM2.mjs";
/**
* SM2 Encrypt operation
*/
class SM2Encrypt extends Operation {
/**
* SM2Encrypt constructor
*/
constructor() {
super();
this.name = "SM2 Encrypt";
this.module = "Crypto";
this.description = "Encrypts a message utilizing the SM2 standard";
this.infoURL = ""; // Usually a Wikipedia link. Remember to remove localisation (i.e. https://wikipedia.org/etc rather than https://en.wikipedia.org/etc)
this.inputType = "ArrayBuffer";
this.outputType = "string";
this.args = [
{
name: "Public Key X",
type: "string",
value: "DEADBEEF"
},
{
name: "Public Key Y",
type: "string",
value: "DEADBEEF"
},
{
"name": "Output Format",
"type": "option",
"value": ["C1C3C2", "C1C2C3"],
"defaultIndex": 0
},
{
name: "Curve",
type: "option",
"value": ["sm2p256v1"],
"defaultIndex": 0
}
];
}
/**
* @param {ArrayBuffer} input
* @param {Object[]} args
* @returns {byteArray}
*/
run(input, args) {
const [publicKeyX, publicKeyY, outputFormat, curveName] = args;
this.outputFormat = outputFormat;
if (publicKeyX.length !== 64 || publicKeyY.length !== 64) {
throw new OperationError("Invalid Public Key - Ensure each component is 32 bytes in size and in hex");
}
const sm2 = new SM2(curveName, outputFormat);
sm2.setPublicKey(publicKeyX, publicKeyY);
const result = sm2.encrypt(new Uint8Array(input));
return result;
}
}
export default SM2Encrypt;

1
tests/operations/index.mjs
View file

@ -144,6 +144,7 @@ import "./tests/SetIntersection.mjs";
import "./tests/SetUnion.mjs"; import "./tests/SetUnion.mjs";
import "./tests/Shuffle.mjs"; import "./tests/Shuffle.mjs";
import "./tests/SIGABA.mjs"; import "./tests/SIGABA.mjs";
import "./tests/SM2.mjs";
import "./tests/SM4.mjs"; import "./tests/SM4.mjs";
// import "./tests/SplitColourChannels.mjs"; // Cannot test operations that use the File type yet // import "./tests/SplitColourChannels.mjs"; // Cannot test operations that use the File type yet
import "./tests/StrUtils.mjs"; import "./tests/StrUtils.mjs";

135
tests/operations/tests/SM2.mjs Normal file
View file

@ -0,0 +1,135 @@
/**
* SM2 Tests
*
* @author flakjacket95 [dflack95@gmail.com]
* @copyright Crown Copyright 2024
* @license Apache-2.0
*/
import TestRegister from "../../lib/TestRegister.mjs";
/* Plaintexts */
const SMALL_PLAIN = "I am a small plaintext";
const LARGE_PLAIN = "I am a larger plaintext, that will require the encryption KDF to generate a much larger key to properly encrypt me";
/* Test Key Parameters */
const PUBLIC_X = "f7d903cab7925066c31150a92b31e548e63f954f92d01eaa0271fb2a336baef8";
const PUBLIC_Y = "fb0c45e410ef7a6cdae724e6a78dbff52562e97ede009e762b667d9b14adea6c";
const PRIVATE_K = "e74a72505084c3269aa9b696d603e3e08c74c6740212c11a31e26cdfe08bdf6a";
const CURVE = "sm2p256v1";
/* Decryption Test Ciphertext*/
const CIPHERTEXT_1 = "9a31bc0adb4677cdc4141479e3949572a55c3e6fb52094721f741c2bd2e179aaa87be6263bc1be602e473be3d5de5dce97f8248948b3a7e15f9f67f64aef21575e0c05e6171870a10ff9ab778dbef24267ad90e1a9d47d68f757d57c4816612e9829f804025dea05a511cda39371c22a2828f976f72e";
const CIPHERTEXT_2 = "d3647d68568a2e7a4f8e843286be7bf2b4d80256697d19a73df306ae1a7e6d0364d942e23d2340606e7a2502a838b132f9242587b2ea7e4c207e87242eea8cae68f5ff4da2a95a7f6d350608ae5b6777e1d925bf9c560087af84aba7befba713130106ddb4082d803811bca3864594722f3198d58257fe4ba37f4aa540adf4cb0568bddd2d8140ad3030deea0a87e3198655cc4d22bfc3d73b1c4afec2ff15d68c8d1298d97132cace922ee8a4e41ca288a7e748b77ca94aa81dc283439923ae7939e00898e16fe5111fbe1d928d152b216a";
const CIPHERTEXT_3 = "5f340eeb4398fa8950ee3408d0e3fe34bf7728c9fdb060c94b916891b5c693610274160b52a7132a2bf16ad5cdb57d1e00da2f3ddbd55350729aa9c268b53e40c05ccce9912daa14406e8c132e389484e69757350be25351755dcc6c25c94b3c1a448b2cf8c2017582125eb6cf782055b199a875e966";
const CIPHERTEXT_4 = "0649bac46c3f9fd7fb3b2be4bff27414d634651efd02ca67d8c802bbc5468e77d035c39b581d6b56227f5d87c0b4efbea5032c0761139295ae194b9f1fce698f2f4b51d89fa5554171a1aad2e61fe9de89831aec472ecc5ab178ebf4d2230c1fb94fca03e536b87b9eba6db71ba9939260a08ffd230ca86cb45cf754854222364231bdb8b873791d63ad57a4b3fa5b6375388dc879373f5f1be9051bc5072a8afbec5b7b034e4907aa5bb4b6b1f50e725d09cb6a02e07ce20263005f6c9157ce05d3ea739d231d4f09396fb72aa680884d78";
TestRegister.addTests([
{
name: "SM2 Decrypt: Small Input; Format One",
input: CIPHERTEXT_1,
expectedOutput: SMALL_PLAIN,
recipeConfig: [
{
"op": "SM2 Decrypt",
"args": [PRIVATE_K, "C1C3C2", CURVE]
}
]
},
{
name: "SM2 Decrypt: Large Input; Format One",
input: CIPHERTEXT_2,
expectedOutput: LARGE_PLAIN,
recipeConfig: [
{
"op": "SM2 Decrypt",
"args": [PRIVATE_K, "C1C3C2", CURVE]
}
]
},
{
name: "SM2 Decrypt: Small Input; Format Two",
input: CIPHERTEXT_3,
expectedOutput: SMALL_PLAIN,
recipeConfig: [
{
"op": "SM2 Decrypt",
"args": [PRIVATE_K, "C1C2C3", CURVE]
}
]
},
{
name: "SM2 Decrypt: Large Input; Format Two",
input: CIPHERTEXT_4,
expectedOutput: LARGE_PLAIN,
recipeConfig: [
{
"op": "SM2 Decrypt",
"args": [PRIVATE_K, "C1C2C3", CURVE]
}
]
},
{
name: "SM2 Encrypt And Decrypt: Small Input; Format One",
input: SMALL_PLAIN,
expectedOutput: SMALL_PLAIN,
recipeConfig: [
{
"op": "SM2 Encrypt",
"args": [PUBLIC_X, PUBLIC_Y, "C1C3C2", CURVE],
},
{
"op": "SM2 Decrypt",
"args": [PRIVATE_K, "C1C3C2", CURVE]
}
]
},
{
name: "SM2 Encrypt And Decrypt: Large Input; Format One",
input: LARGE_PLAIN,
expectedOutput: LARGE_PLAIN,
recipeConfig: [
{
"op": "SM2 Encrypt",
"args": [PUBLIC_X, PUBLIC_Y, "C1C3C2", CURVE],
},
{
"op": "SM2 Decrypt",
"args": [PRIVATE_K, "C1C3C2", CURVE]
}
]
},
{
name: "SM2 Encrypt And Decrypt: Small Input; Format Two",
input: SMALL_PLAIN,
expectedOutput: SMALL_PLAIN,
recipeConfig: [
{
"op": "SM2 Encrypt",
"args": [PUBLIC_X, PUBLIC_Y, "C1C2C3", CURVE],
},
{
"op": "SM2 Decrypt",
"args": [PRIVATE_K, "C1C2C2", CURVE]
}
]
},
{
name: "SM2 Encrypt And Decrypt: Large Input; Format Two",
input: LARGE_PLAIN,
expectedOutput: LARGE_PLAIN,
recipeConfig: [
{
"op": "SM2 Encrypt",
"args": [PUBLIC_X, PUBLIC_Y, "C1C2C3", CURVE],
},
{
"op": "SM2 Decrypt",
"args": [PRIVATE_K, "C1C2C3", CURVE]
}
]
},
]);