Merge pull request #1548 from brun0ne/add-php-serialization

Add new operation: PHP Serialize
Merge pull request #2013 from plvie/master
2025-04-30 03:29:13 -04:00 · 2025-04-05 19:06:23 +01:00 · 2025-04-05 19:04:08 +01:00 · 2025-04-05 14:28:14 +02:00 · 2025-04-05 05:57:56 +01:00 · 2025-04-05 05:42:01 +01:00
391 changed files with 41835 additions and 23016 deletions
--- a/.cspell.json
+++ b/.cspell.json
@ -0,0 +1,17 @@
+{
+    "version": "0.2",
+    "language": "en,en-gb",
+    "words": [],
+    "dictionaries": [
+      "npm",
+      "softwareTerms",
+      "node",
+      "html",
+      "css",
+      "bash",
+      "en-gb",
+      "misc"
+    ],
+    "ignorePaths": ["package.json", "package-lock.json", "node_modules"]
+  }
+  
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@ -0,0 +1,41 @@
+// For format details, see https://aka.ms/devcontainer.json. For config options, see the
+// README at: https://github.com/devcontainers/templates/tree/main/src/javascript-node
+{
+	"name": "CyberChef",
+	// Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile
+	"image": "mcr.microsoft.com/devcontainers/javascript-node:1-18-bookworm",
+
+	// Features to add to the dev container. More info: https://containers.dev/features.
+	"features": {
+		"ghcr.io/devcontainers/features/github-cli": "latest"
+	},
+
+	// Use 'forwardPorts' to make a list of ports inside the container available locally.
+	"forwardPorts": [8080],
+
+	// Use 'postCreateCommand' to run commands after the container is created.
+	"postCreateCommand": {
+		"npm": "bash -c \"sudo chown node node_modules && npm install\""
+	},
+
+	"containerEnv": {
+		"DISPLAY": ":99"
+	},
+
+	"mounts": [
+		"source=${localWorkspaceFolderBasename}-node_modules,target=${containerWorkspaceFolder}/node_modules,type=volume"
+	],
+
+	// Configure tool-specific properties.
+	"customizations": {
+		"vscode": {
+			"extensions": [
+				"dbaeumer.vscode-eslint",
+				"GitHub.vscode-github-actions"
+			]
+		}
+	}
+
+	// Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root.
+	// "remoteUser": "root"
+}
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1,2 @@
+node_modules
+build
--- a/.eslintignore
+++ b/.eslintignore
@ -1 +0,0 @@
-src/core/vendor/**
--- a/.eslintrc.json
+++ b/.eslintrc.json
@ -1,116 +0,0 @@
-{
-    "parser": "@babel/eslint-parser",
-    "parserOptions": {
-        "ecmaVersion": 9,
-        "ecmaFeatures": {
-            "impliedStrict": true
-        },
-        "sourceType": "module",
-        "allowImportExportEverywhere": true
-    },
-    "env": {
-        "browser": true,
-        "es6": true,
-        "node": true
-    },
-    "extends": "eslint:recommended",
-    "rules": {
-        // enable additional rules
-        "no-eval": "error",
-        "no-implied-eval": "error",
-        "dot-notation": "error",
-        "eqeqeq": ["error", "smart"],
-        "no-caller": "error",
-        "no-extra-bind": "error",
-        "no-unused-expressions": "error",
-        "no-useless-call": "error",
-        "no-useless-return": "error",
-        "radix": "warn",
-
-        // modify rules from base configurations
-        "no-unused-vars": ["error", {
-            "args": "none",
-            "vars": "all"
-        }],
-        "no-empty": ["error", {
-            "allowEmptyCatch": true
-        }],
-
-        // disable rules from base configurations
-        "no-control-regex": "off",
-        "require-atomic-updates": "off",
-        "no-async-promise-executor": "off",
-
-        // stylistic conventions
-        "brace-style": ["error", "1tbs"],
-        "space-before-blocks": ["error", "always"],
-        "block-spacing": "error",
-        "array-bracket-spacing": "error",
-        "comma-spacing": "error",
-        "spaced-comment": ["error", "always", { "exceptions": ["/"] } ],
-        "comma-style": "error",
-        "computed-property-spacing": "error",
-        "no-trailing-spaces": "warn",
-        "eol-last": "error",
-        "func-call-spacing": "error",
-        "key-spacing": ["warn", {
-            "mode": "minimum"
-        }],
-        "indent": ["error", 4, {
-            "ignoreComments": true,
-            "ArrayExpression": "first",
-            "SwitchCase": 1
-        }],
-        "linebreak-style": ["error", "unix"],
-        "quotes": ["error", "double", {
-            "avoidEscape": true,
-            "allowTemplateLiterals": true
-        }],
-        "camelcase": ["error", {
-            "properties": "always"
-        }],
-        "semi": ["error", "always"],
-        "unicode-bom": "error",
-        "require-jsdoc": ["error", {
-            "require": {
-                "FunctionDeclaration": true,
-                "MethodDefinition": true,
-                "ClassDeclaration": true,
-                "ArrowFunctionExpression": true
-            }
-        }],
-        "keyword-spacing": ["error", {
-            "before": true,
-            "after": true
-        }],
-        "no-multiple-empty-lines": ["warn", {
-            "max": 2,
-            "maxEOF": 1,
-            "maxBOF": 0
-        }],
-        "no-whitespace-before-property": "error",
-        "operator-linebreak": ["error", "after"],
-        "space-in-parens": "error",
-        "no-var": "error",
-        "prefer-const": "error"
-    },
-    "overrides": [
-        {
-            "files": "tests/**/*",
-            "rules": {
-                "no-unused-expressions": "off",
-                "no-console": "off"
-            }
-        }
-    ],
-    "globals": {
-        "$": false,
-        "jQuery": false,
-        "log": false,
-        "app": false,
-
-        "COMPILE_TIME": false,
-        "COMPILE_MSG": false,
-        "PKG_VERSION": false
-    }
-}
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1 @@
+* text=auto eol=lf
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -7,6 +7,7 @@ on:
  pull_request:
    # The branches below must be a subset of the branches above
    branches: [ master ]
+    types: [synchronize, opened, reopened]
  schedule:
    - cron: '22 17 * * 5'

@ -14,6 +15,10 @@ jobs:
  analyze:
    name: Analyze
    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write

    strategy:
      fail-fast: false
@ -22,12 +27,14 @@ jobs:

    steps:
    - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3

    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v2
      with:
        languages: ${{ matrix.language }}

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v2
+      with:
+        category: "/language:${{matrix.language}}"
--- a/.github/workflows/master.yml
+++ b/.github/workflows/master.yml
@ -10,15 +10,16 @@ jobs:
  main:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3

    - name: Set node version
-      uses: actions/setup-node@v1
+      uses: actions/setup-node@v3
      with:
-        node-version: '17.x'
+        node-version: '18.x'

    - name: Install
      run: |
+        export DETECT_CHROMEDRIVER_VERSION=true
        npm install
        npm run setheapsize

@ -32,14 +33,16 @@ jobs:

    - name: Production Build
      if: success()
-      run: npx grunt prod
+      run: npx grunt prod --msg="Version 10 is here! Read about the new features <a href='https://github.com/gchq/CyberChef/wiki/Character-encoding,-EOL-separators,-and-editor-features'>here</a>"

    - name: Generate sitemap
      run: npx grunt exec:sitemap

-    # - name: UI Tests
-    #   if: success()
-    #   run: xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
+    - name: UI Tests
+      if: success()
+      run: |
+        sudo apt-get install xvfb
+        xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui

    - name: Prepare for GitHub Pages
      if: success()
@ -47,7 +50,7 @@ jobs:

    - name: Deploy to GitHub Pages
      if: success() && github.ref == 'refs/heads/master'
-      uses: crazy-max/ghaction-github-pages@v2
+      uses: crazy-max/ghaction-github-pages@v3
      with:
        target_branch: gh-pages
        build_dir: ./build/prod
--- a/.github/workflows/pull_requests.yml
+++ b/.github/workflows/pull_requests.yml
@ -9,15 +9,16 @@ jobs:
  main:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3

    - name: Set node version
-      uses: actions/setup-node@v1
+      uses: actions/setup-node@v3
      with:
-        node-version: '17.x'
+        node-version: '18.x'

    - name: Install
      run: |
+        export DETECT_CHROMEDRIVER_VERSION=true
        npm install
        npm run setheapsize

@ -33,6 +34,22 @@ jobs:
      if: success()
      run: npx grunt prod

-    # - name: UI Tests
-    #   if: success()
-    #   run: xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
+    - name: Production Image Build
+      if: success()
+      id: build-image
+      uses: redhat-actions/buildah-build@v2
+      with:
+        # Not being uploaded to any registry, use a simple name to allow Buildah to build correctly.
+        image: cyberchef
+        containerfiles: ./Dockerfile
+        platforms: linux/amd64
+        oci: true
+        # Webpack seems to use a lot of open files, increase the max open file limit to accomodate.
+        extra-args: |
+          --ulimit nofile=10000
+
+    - name: UI Tests
+      if: success()
+      run: |
+        sudo apt-get install xvfb
+        xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
--- a/.github/workflows/releases.yml
+++ b/.github/workflows/releases.yml
@ -6,20 +6,27 @@ on:
    tags:
    - 'v*'

+env:
+  REGISTRY: ghcr.io
+  REGISTRY_USER: ${{ github.actor }}
+  REGISTRY_PASSWORD: ${{ github.token }}
+  IMAGE_NAME: ${{ github.repository }}
+
 jobs:
  main:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3

    - name: Set node version
-      uses: actions/setup-node@v1
+      uses: actions/setup-node@v3
      with:
-        node-version: '17.x'
+        node-version: '18.x'

    - name: Install
      run: |
-        npm install
+        export DETECT_CHROMEDRIVER_VERSION=true
+        npm ci
        npm run setheapsize

    - name: Lint
@ -31,15 +38,48 @@ jobs:
        npm run testnodeconsumer

    - name: Production Build
-      if: success()
      run: npx grunt prod

-    # - name: UI Tests
-    #   if: success()
-    #   run: xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
+    - name: UI Tests
+      run: |
+        sudo apt-get install xvfb
+        xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
+
+    - name: Image Metadata
+      id: image-metadata
+      uses: docker/metadata-action@v4
+      with:
+        images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+        tags: |
+          type=semver,pattern={{major}}
+          type=semver,pattern={{major}}.{{minor}}
+          type=semver,pattern={{version}}
+
+    - name: Production Image Build
+      id: build-image
+      uses: redhat-actions/buildah-build@v2
+      with:
+        tags: ${{ steps.image-metadata.outputs.tags }}
+        labels: ${{ steps.image-metadata.outputs.labels }}
+        containerfiles: ./Dockerfile
+        platforms: linux/amd64,linux/arm64
+        oci: true
+        # enable build layer caching between platforms
+        layers: true
+        # Webpack seems to use a lot of open files, increase the max open file limit to accomodate.
+        extra-args: |
+          --ulimit nofile=10000
+
+    - name: Publish to GHCR
+      uses: redhat-actions/push-to-registry@v2
+      with:
+        image: ${{ steps.build-image.outputs.image }}
+        tags: ${{ steps.build-image.outputs.tags }}
+        registry: ${{ env.REGISTRY }}
+        username: ${{ env.REGISTRY_USER }}
+        password: ${{ env.REGISTRY_PASSWORD }}

    - name: Upload Release Assets
-      if: success()
      id: upload-release-assets
      uses: svenstaro/upload-release-action@v2
      with:
@ -51,7 +91,7 @@ jobs:
        body: "See the [CHANGELOG](https://github.com/gchq/CyberChef/blob/master/CHANGELOG.md) and [commit messages](https://github.com/gchq/CyberChef/commits/master) for details."

    - name: Publish to NPM
-      if: success()
      uses: JS-DevTools/npm-publish@v1
+      if: false
      with:
-        token: ${{ secrets.NPM_TOKEN }}
+        token: ${{ secrets.NPM_TOKEN }}
--- a/.gitignore
+++ b/.gitignore
@ -3,6 +3,7 @@ npm-debug.log
 travis.log
 build
 .vscode
+.idea
 .*.swp
 src/core/config/modules/*
 src/core/config/OperationConfig.json
--- a/.nvmrc
+++ b/.nvmrc
@ -1 +1 @@
-17
+18
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -13,6 +13,143 @@ All major and minor version changes will be documented in this file. Details of

 ## Details

+### [10.19.0] - 2024-06-21
+- Add support for ECDSA and DSA in 'Parse CSR' [@robinsandhu] | [#1828]
+- Fix typos in SIGABA.mjs [@eltociear] | [#1834]
+
+### [10.18.0] - 2024-04-24
+- Added 'XXTEA Encrypt' and 'XXTEA Decrypt' operations [@n1474335] | [0a353ee]
+
+### [10.17.0] - 2024-04-13
+- Fix unit test 'expectOutput' implementation [@zb3] | [#1783]
+- Add accessibility labels for icons [@e218736] | [#1743]
+- Add focus styling for keyboard navigation [@e218736] | [#1739]
+- Add support for operation option hiding [@TheZ3ro] | [#541]
+- Improve efficiency of RAKE implementation [@sw5678] | [#1751]
+- Require (a, 26) to be coprime in 'Affine Encode' [@EvieHarv] | [#1788]
+- Added 'JWK to PEM' operation [@cplussharp] | [#1277]
+- Added 'PEM to JWK' operation [@cplussharp] | [#1277]
+- Added 'Public Key from Certificate' operation [@cplussharp] | [#1642]
+- Added 'Public Key from Private Key' operation [@cplussharp] | [#1642]
+
+### [10.16.0] - 2024-04-12
+- Added 'JA4Server Fingerprint' operation [@n1474335] | [#1789]
+
+### [10.15.0] - 2024-04-02
+- Fix Ciphersaber2 key concatenation [@zb3] | [#1765]
+- Fix DeriveEVPKey's array parsing [@zb3] | [#1767]
+- Fix JWT operations [@a3957273] | [#1769]
+- Added 'Parse Certificate Signing Request' operation [@jkataja] | [#1504]
+- Added 'Extract Hash Values' operation [@MShwed] | [#512]
+- Added 'DateTime Delta' operation [@tomgond] | [#1732]
+
+### [10.14.0] - 2024-03-31
+- Added 'To Float' and 'From Float' operations [@tcode2k16] | [#1762]
+- Fix ChaCha raw export option [@joostrijneveld] | [#1606]
+- Update x86 disassembler vendor library [@evanreichard] | [#1197]
+- Allow variable Blowfish key sizes [@cbeuw] | [#933]
+- Added 'XXTEA' operation [@devcydo] | [#1361]
+
+### [10.13.0] - 2024-03-30
+- Added 'FangURL' operation [@breakersall] [@arnydo] | [#1591] [#654]
+
+### [10.12.0] - 2024-03-29
+- Added 'Salsa20' and 'XSalsa20' operation [@joostrijneveld] | [#1750]
+
+### [10.11.0] - 2024-03-29
+- Add HEIC/HEIF file signatures [@simonw] | [#1757]
+- Update xmldom to fix medium security vulnerability [@chriswhite199] | [#1752]
+- Update JSONWebToken to fix medium security vulnerability [@chriswhite199] | [#1753]
+
+### [10.10.0] - 2024-03-27
+- Added 'JA4 Fingerprint' operation [@n1474335] | [#1759]
+
+### [10.9.0] - 2024-03-26
+- Line ending sequences and UTF-8 character encoding are now detected automatically [@n1474335] | [65ffd8d]
+
+### [10.8.0] - 2024-02-13
+- Add official Docker images [@AshCorr] | [#1699]
+
+### [10.7.0] - 2024-02-09
+- Added 'File Tree' operation [@sw5678] | [#1667]
+- Added 'RISON' operation [@sg5506844] | [#1555]
+- Added 'MurmurHash3' operation [@AliceGrey] | [#1694]
+
+### [10.6.0] -  2024-02-03
+- Updated 'Forensics Wiki' URLs to new domain [@a3957273] | [#1703]
+- Added 'LZNT1 Decompress' operation [@0xThiebaut] | [#1675]
+- Updated 'Regex Expression' UUID matcher [@cnotin] | [#1678]
+- Removed duplicate 'hover' message within baking info [@KevinSJ] | [#1541]
+
+### [10.5.0] - 2023-07-14
+- Added GOST Encrypt, Decrypt, Sign, Verify, Key Wrap, and Key Unwrap operations [@n1474335] | [#592]
+
+### [10.4.0] - 2023-03-24
+- Added 'Generate De Bruijn Sequence' operation [@gchq77703] | [#493]
+
+### [10.3.0] - 2023-03-24
+- Added 'Argon2' and 'Argon2 compare' operations [@Xenonym] | [#661]
+
+### [10.2.0] - 2023-03-23
+- Added 'Derive HKDF key' operation [@mikecat] | [#1528]
+
+### [10.1.0] - 2023-03-23
+- Added 'Levenshtein Distance' operation [@mikecat] | [#1498]
+- Added 'Swap case' operation [@mikecat] | [#1499]
+
+## [10.0.0] - 2023-03-22
+- [Full details explained here](https://github.com/gchq/CyberChef/wiki/Character-encoding,-EOL-separators,-and-editor-features)
+- Status bars added to the Input and Output [@n1474335] | [#1405]
+- Character encoding selection added to the Input and Output [@n1474335] | [#1405]
+- End of line separator selection added to the Input and Output [@n1474335] | [#1405]
+- Non-printable characters are rendered as control character pictures [@n1474335] | [#1405]
+- Loaded files can now be edited in the Input [@n1474335] | [#1405]
+- Various editor features added such as multiple selections and bracket matching [@n1474335] | [#1405]
+- Contextual help added, activated by pressing F1 while hovering over features [@n1474335] | [#1405]
+- Many, many UI tests added for I/O features and operations [@n1474335] | [#1405]
+
+<details>
+    <summary>Click to expand v9 minor versions</summary>
+
+### [9.55.0] - 2022-12-09
+- Added 'AMF Encode' and 'AMF Decode' operations [@n1474335] | [760eff4]
+
+### [9.54.0] - 2022-11-25
+- Added 'Rabbit' operation [@mikecat] | [#1450]
+
+### [9.53.0] - 2022-11-25
+- Added 'AES Key Wrap' and 'AES Key Unwrap' operations [@mikecat] | [#1456]
+
+### [9.52.0] - 2022-11-25
+- Added 'ChaCha' operation [@joostrijneveld] | [#1466]
+
+### [9.51.0] - 2022-11-25
+- Added 'CMAC' operation [@mikecat] | [#1457]
+
+### [9.50.0] - 2022-11-25
+- Added 'Shuffle' operation [@mikecat] | [#1472]
+
+### [9.49.0] - 2022-11-11
+- Added 'LZ4 Compress' and 'LZ4 Decompress' operations [@n1474335] | [31a7f83]
+
+### [9.48.0] - 2022-10-14
+- Added 'LM Hash' and 'NT Hash' operations [@n1474335] [@brun0ne] | [#1427]
+
+### [9.47.0] - 2022-10-14
+- Added 'LZMA Decompress' and 'LZMA Compress' operations [@mattnotmitt] | [#1421]
+
+### [9.46.0] - 2022-07-08
+- Added 'Cetacean Cipher Encode' and 'Cetacean Cipher Decode' operations [@valdelaseras] | [#1308]
+
+### [9.45.0] - 2022-07-08
+- Added 'ROT8000' operation [@thomasleplus] | [#1250]
+
+### [9.44.0] - 2022-07-08
+- Added 'LZString Compress' and 'LZString Decompress' operations [@crespyl] | [#1266]
+
+### [9.43.0] - 2022-07-08
+- Added 'ROT13 Brute Force' and 'ROT47 Brute Force' operations [@mikecat] | [#1264]
+
 ### [9.42.0] - 2022-07-08
 - Added 'LS47 Encrypt' and 'LS47 Decrypt' operations [@n1073645] | [#951]

@ -142,6 +279,8 @@ All major and minor version changes will be documented in this file. Details of
 - 'Parse SSH Host Key' operation added [@j433866] | [#595]
 - 'Defang IP Addresses' operation added [@h345983745] | [#556]

+</details>
+
 ## [9.0.0] - 2019-07-09
 - [Multiple inputs](https://github.com/gchq/CyberChef/wiki/Multiple-Inputs) are now supported in the main web UI, allowing you to upload and process multiple files at once [@j433866] | [#566]
 - A [Node.js API](https://github.com/gchq/CyberChef/wiki/Node-API) has been implemented, meaning that CyberChef can now be used as a library, either to provide specific operations, or an entire baking environment [@d98762625] | [#291]
@ -301,8 +440,39 @@ All major and minor version changes will be documented in this file. Details of
 ## [4.0.0] - 2016-11-28
 -  Initial open source commit [@n1474335] | [b1d73a72](https://github.com/gchq/CyberChef/commit/b1d73a725dc7ab9fb7eb789296efd2b7e4b08306)

-
-
+[10.19.0]: https://github.com/gchq/CyberChef/releases/tag/v10.19.0
+[10.18.0]: https://github.com/gchq/CyberChef/releases/tag/v10.18.0
+[10.17.0]: https://github.com/gchq/CyberChef/releases/tag/v10.17.0
+[10.16.0]: https://github.com/gchq/CyberChef/releases/tag/v10.16.0
+[10.15.0]: https://github.com/gchq/CyberChef/releases/tag/v10.15.0
+[10.14.0]: https://github.com/gchq/CyberChef/releases/tag/v10.14.0
+[10.13.0]: https://github.com/gchq/CyberChef/releases/tag/v10.13.0
+[10.12.0]: https://github.com/gchq/CyberChef/releases/tag/v10.12.0
+[10.11.0]: https://github.com/gchq/CyberChef/releases/tag/v10.11.0
+[10.10.0]: https://github.com/gchq/CyberChef/releases/tag/v10.10.0
+[10.9.0]: https://github.com/gchq/CyberChef/releases/tag/v10.9.0
+[10.8.0]: https://github.com/gchq/CyberChef/releases/tag/v10.7.0
+[10.7.0]: https://github.com/gchq/CyberChef/releases/tag/v10.7.0
+[10.6.0]: https://github.com/gchq/CyberChef/releases/tag/v10.6.0
+[10.5.0]: https://github.com/gchq/CyberChef/releases/tag/v10.5.0
+[10.4.0]: https://github.com/gchq/CyberChef/releases/tag/v10.4.0
+[10.3.0]: https://github.com/gchq/CyberChef/releases/tag/v10.3.0
+[10.2.0]: https://github.com/gchq/CyberChef/releases/tag/v10.2.0
+[10.1.0]: https://github.com/gchq/CyberChef/releases/tag/v10.1.0
+[10.0.0]: https://github.com/gchq/CyberChef/releases/tag/v10.0.0
+[9.55.0]: https://github.com/gchq/CyberChef/releases/tag/v9.55.0
+[9.54.0]: https://github.com/gchq/CyberChef/releases/tag/v9.54.0
+[9.53.0]: https://github.com/gchq/CyberChef/releases/tag/v9.53.0
+[9.52.0]: https://github.com/gchq/CyberChef/releases/tag/v9.52.0
+[9.51.0]: https://github.com/gchq/CyberChef/releases/tag/v9.51.0
+[9.50.0]: https://github.com/gchq/CyberChef/releases/tag/v9.50.0
+[9.49.0]: https://github.com/gchq/CyberChef/releases/tag/v9.49.0
+[9.48.0]: https://github.com/gchq/CyberChef/releases/tag/v9.48.0
+[9.47.0]: https://github.com/gchq/CyberChef/releases/tag/v9.47.0
+[9.46.0]: https://github.com/gchq/CyberChef/releases/tag/v9.46.0
+[9.45.0]: https://github.com/gchq/CyberChef/releases/tag/v9.45.0
+[9.44.0]: https://github.com/gchq/CyberChef/releases/tag/v9.44.0
+[9.43.0]: https://github.com/gchq/CyberChef/releases/tag/v9.43.0
 [9.42.0]: https://github.com/gchq/CyberChef/releases/tag/v9.42.0
 [9.41.0]: https://github.com/gchq/CyberChef/releases/tag/v9.41.0
 [9.40.0]: https://github.com/gchq/CyberChef/releases/tag/v9.40.0
@ -430,6 +600,37 @@ All major and minor version changes will be documented in this file. Details of
 [@t-8ch]: https://github.com/t-8ch
 [@hettysymes]: https://github.com/hettysymes
 [@swesven]: https://github.com/swesven
+[@mikecat]: https://github.com/mikecat
+[@crespyl]: https://github.com/crespyl
+[@thomasleplus]: https://github.com/thomasleplus
+[@valdelaseras]: https://github.com/valdelaseras
+[@brun0ne]: https://github.com/brun0ne
+[@joostrijneveld]: https://github.com/joostrijneveld
+[@Xenonym]: https://github.com/Xenonym
+[@gchq77703]: https://github.com/gchq77703
+[@a3957273]: https://github.com/a3957273
+[@0xThiebaut]: https://github.com/0xThiebaut
+[@cnotin]: https://github.com/cnotin
+[@KevinSJ]: https://github.com/KevinSJ
+[@sw5678]: https://github.com/sw5678
+[@sg5506844]: https://github.com/sg5506844
+[@AliceGrey]: https://github.com/AliceGrey
+[@AshCorr]: https://github.com/AshCorr
+[@simonw]: https://github.com/simonw
+[@chriswhite199]: https://github.com/chriswhite199
+[@breakersall]: https://github.com/breakersall
+[@evanreichard]: https://github.com/evanreichard
+[@devcydo]: https://github.com/devcydo
+[@zb3]: https://github.com/zb3
+[@jkataja]: https://github.com/jkataja
+[@tomgond]: https://github.com/tomgond
+[@e218736]: https://github.com/e218736
+[@TheZ3ro]: https://github.com/TheZ3ro
+[@EvieHarv]: https://github.com/EvieHarv
+[@cplussharp]: https://github.com/cplussharp
+[@robinsandhu]: https://github.com/robinsandhu
+[@eltociear]: https://github.com/eltociear
+

 [8ad18b]: https://github.com/gchq/CyberChef/commit/8ad18bc7db6d9ff184ba3518686293a7685bf7b7
 [9a33498]: https://github.com/gchq/CyberChef/commit/9a33498fed26a8df9c9f35f39a78a174bf50a513
@ -437,6 +638,10 @@ All major and minor version changes will be documented in this file. Details of
 [e9ca4dc]: https://github.com/gchq/CyberChef/commit/e9ca4dc9caf98f33fd986431cd400c88082a42b8
 [dd18e52]: https://github.com/gchq/CyberChef/commit/dd18e529939078b89867297b181a584e8b2cc7da
 [a895d1d]: https://github.com/gchq/CyberChef/commit/a895d1d82a2f92d440a0c5eca2bc7c898107b737
+[31a7f83]: https://github.com/gchq/CyberChef/commit/31a7f83b82e78927f89689f323fcb9185144d6ff
+[760eff4]: https://github.com/gchq/CyberChef/commit/760eff49b5307aaa3104c5e5b437ffe62299acd1
+[65ffd8d]: https://github.com/gchq/CyberChef/commit/65ffd8d65d88eb369f6f61a5d1d0f807179bffb7
+[0a353ee]: https://github.com/gchq/CyberChef/commit/0a353eeb378b9ca5d49e23c7dfc175ae07107b08

 [#95]: https://github.com/gchq/CyberChef/pull/299
 [#173]: https://github.com/gchq/CyberChef/pull/173
@ -528,3 +733,49 @@ All major and minor version changes will be documented in this file. Details of
 [#1313]: https://github.com/gchq/CyberChef/pull/1313
 [#1326]: https://github.com/gchq/CyberChef/pull/1326
 [#1364]: https://github.com/gchq/CyberChef/pull/1364
+[#1264]: https://github.com/gchq/CyberChef/pull/1264
+[#1266]: https://github.com/gchq/CyberChef/pull/1266
+[#1250]: https://github.com/gchq/CyberChef/pull/1250
+[#1308]: https://github.com/gchq/CyberChef/pull/1308
+[#1405]: https://github.com/gchq/CyberChef/pull/1405
+[#1421]: https://github.com/gchq/CyberChef/pull/1421
+[#1427]: https://github.com/gchq/CyberChef/pull/1427
+[#1472]: https://github.com/gchq/CyberChef/pull/1472
+[#1457]: https://github.com/gchq/CyberChef/pull/1457
+[#1466]: https://github.com/gchq/CyberChef/pull/1466
+[#1456]: https://github.com/gchq/CyberChef/pull/1456
+[#1450]: https://github.com/gchq/CyberChef/pull/1450
+[#1498]: https://github.com/gchq/CyberChef/pull/1498
+[#1499]: https://github.com/gchq/CyberChef/pull/1499
+[#1528]: https://github.com/gchq/CyberChef/pull/1528
+[#661]: https://github.com/gchq/CyberChef/pull/661
+[#493]: https://github.com/gchq/CyberChef/pull/493
+[#592]: https://github.com/gchq/CyberChef/issues/592
+[#1703]: https://github.com/gchq/CyberChef/issues/1703
+[#1675]: https://github.com/gchq/CyberChef/issues/1675
+[#1678]: https://github.com/gchq/CyberChef/issues/1678
+[#1541]: https://github.com/gchq/CyberChef/issues/1541
+[#1667]: https://github.com/gchq/CyberChef/issues/1667
+[#1555]: https://github.com/gchq/CyberChef/issues/1555
+[#1694]: https://github.com/gchq/CyberChef/issues/1694
+[#1699]: https://github.com/gchq/CyberChef/issues/1699
+[#1757]: https://github.com/gchq/CyberChef/issues/1757
+[#1752]: https://github.com/gchq/CyberChef/issues/1752
+[#1753]: https://github.com/gchq/CyberChef/issues/1753
+[#1750]: https://github.com/gchq/CyberChef/issues/1750
+[#1591]: https://github.com/gchq/CyberChef/issues/1591
+[#654]: https://github.com/gchq/CyberChef/issues/654
+[#1762]: https://github.com/gchq/CyberChef/issues/1762
+[#1606]: https://github.com/gchq/CyberChef/issues/1606
+[#1197]: https://github.com/gchq/CyberChef/issues/1197
+[#933]: https://github.com/gchq/CyberChef/issues/933
+[#1361]: https://github.com/gchq/CyberChef/issues/1361
+[#1765]: https://github.com/gchq/CyberChef/issues/1765
+[#1767]: https://github.com/gchq/CyberChef/issues/1767
+[#1769]: https://github.com/gchq/CyberChef/issues/1769
+[#1759]: https://github.com/gchq/CyberChef/issues/1759
+[#1504]: https://github.com/gchq/CyberChef/issues/1504
+[#512]: https://github.com/gchq/CyberChef/issues/512
+[#1732]: https://github.com/gchq/CyberChef/issues/1732
+[#1789]: https://github.com/gchq/CyberChef/issues/1789
+
--- a/36
+++ b/36
@ -0,0 +1,36 @@
+#####################################
+# Build the app to a static website #
+#####################################
+# Modifier --platform=$BUILDPLATFORM limits the platform to "BUILDPLATFORM" during buildx multi-platform builds
+# This is because npm "chromedriver" package is not compatiable with all platforms
+# For more info see: https://docs.docker.com/build/building/multi-platform/#cross-compilation
+FROM --platform=$BUILDPLATFORM node:18-alpine AS builder
+
+WORKDIR /app
+
+COPY package.json .
+COPY package-lock.json .
+
+# Install dependencies
+# --ignore-scripts prevents postinstall script (which runs grunt) as it depends on files other than package.json
+RUN npm ci --ignore-scripts
+
+# Copy files needed for postinstall and build
+COPY . .
+
+# npm postinstall runs grunt, which depends on files other than package.json
+RUN npm run postinstall
+
+# Build the app
+RUN npm run build
+
+#########################################
+# Package static build files into nginx #
+#########################################
+# We are using Github Actions: redhat-actions/buildah-build@v2 which needs manual selection of arch in base image
+# Remove TARGETARCH if docker buildx is supported in the CI release as --platform=$TARGETPLATFORM will be automatically set
+ARG TARGETARCH
+ARG TARGETPLATFORM
+FROM ${TARGETARCH}/nginx:stable-alpine AS cyberchef
+
+COPY --from=builder /app/build/prod /usr/share/nginx/html/
--- a/Gruntfile.js
+++ b/Gruntfile.js
@ -29,7 +29,7 @@ module.exports = function (grunt) {
        "Creates a production-ready build. Use the --msg flag to add a compile message.",
        [
            "eslint", "clean:prod", "clean:config", "exec:generateConfig", "findModules", "webpack:web",
-            "copy:standalone", "zip:standalone", "clean:standalone", "chmod"
+            "copy:standalone", "zip:standalone", "clean:standalone", "exec:calcDownloadHash", "chmod"
        ]);

    grunt.registerTask("node",
@ -86,10 +86,12 @@ module.exports = function (grunt) {


    // Project configuration
-    const compileTime = grunt.template.today("UTC:dd/mm/yyyy HH:MM:ss") + " UTC",
+    const compileYear = grunt.template.today("UTC:yyyy"),
+        compileTime = grunt.template.today("UTC:dd/mm/yyyy HH:MM:ss") + " UTC",
        pkg = grunt.file.readJSON("package.json"),
        webpackConfig = require("./webpack.config.js"),
        BUILD_CONSTANTS = {
+            COMPILE_YEAR: JSON.stringify(compileYear),
            COMPILE_TIME: JSON.stringify(compileTime),
            COMPILE_MSG: JSON.stringify(grunt.option("compile-msg") || grunt.option("msg") || ""),
            PKG_VERSION: JSON.stringify(pkg.version),
@ -125,6 +127,7 @@ module.exports = function (grunt) {
                        filename: "index.html",
                        template: "./src/web/html/index.html",
                        chunks: ["main"],
+                        compileYear: compileYear,
                        compileTime: compileTime,
                        version: pkg.version,
                        minify: {
@ -197,6 +200,7 @@ module.exports = function (grunt) {
        },
        webpack: {
            options: webpackConfig,
+            myConfig: webpackConfig,
            web: webpackProdConf(),
        },
        "webpack-dev-server": {
@ -226,6 +230,7 @@ module.exports = function (grunt) {
                        filename: "index.html",
                        template: "./src/web/html/index.html",
                        chunks: ["main"],
+                        compileYear: compileYear,
                        compileTime: compileTime,
                        version: pkg.version,
                    })
@ -323,6 +328,22 @@ module.exports = function (grunt) {
            }
        },
        exec: {
+            calcDownloadHash: {
+                command: function () {
+                    switch (process.platform) {
+                        case "darwin":
+                            return chainCommands([
+                                `shasum -a 256 build/prod/CyberChef_v${pkg.version}.zip | awk '{print $1;}' > build/prod/sha256digest.txt`,
+                                `sed -i '' -e "s/DOWNLOAD_HASH_PLACEHOLDER/$(cat build/prod/sha256digest.txt)/" build/prod/index.html`
+                            ]);
+                        default:
+                            return chainCommands([
+                                `sha256sum build/prod/CyberChef_v${pkg.version}.zip | awk '{print $1;}' > build/prod/sha256digest.txt`,
+                                `sed -i -e "s/DOWNLOAD_HASH_PLACEHOLDER/$(cat build/prod/sha256digest.txt)/" build/prod/index.html`
+                            ]);
+                    }
+                },
+            },
            repoSize: {
                command: chainCommands([
                    "git ls-files | wc -l | xargs printf '\n%b\ttracked files\n'",
@ -390,13 +411,37 @@ module.exports = function (grunt) {
                stdout: false,
            },
            fixCryptoApiImports: {
-                command: [
-                    `[[ "$OSTYPE" == "darwin"* ]]`,
-                    "&&",
-                    `find ./node_modules/crypto-api/src/ \\( -type d -name .git -prune \\) -o -type f -print0 | xargs -0 sed -i '' -e '/\\.mjs/!s/\\(from "\\.[^"]*\\)";/\\1.mjs";/g'`,
-                    "||",
-                    `find ./node_modules/crypto-api/src/ \\( -type d -name .git -prune \\) -o -type f -print0 | xargs -0 sed -i -e '/\\.mjs/!s/\\(from "\\.[^"]*\\)";/\\1.mjs";/g'`
-                ].join(" "),
+                command: function () {
+                    switch (process.platform) {
+                        case "darwin":
+                            return `find ./node_modules/crypto-api/src/ \\( -type d -name .git -prune \\) -o -type f -print0 | xargs -0 sed -i '' -e '/\\.mjs/!s/\\(from "\\.[^"]*\\)";/\\1.mjs";/g'`;
+                        default:
+                            return `find ./node_modules/crypto-api/src/ \\( -type d -name .git -prune \\) -o -type f -print0 | xargs -0 sed -i -e '/\\.mjs/!s/\\(from "\\.[^"]*\\)";/\\1.mjs";/g'`;
+                    }
+                },
+                stdout: false
+            },
+            fixSnackbarMarkup: {
+                command: function () {
+                    switch (process.platform) {
+                        case "darwin":
+                            return `sed -i '' 's/<div id=snackbar-container\\/>/<div id=snackbar-container>/g' ./node_modules/snackbarjs/src/snackbar.js`;
+                        default:
+                            return `sed -i 's/<div id=snackbar-container\\/>/<div id=snackbar-container>/g' ./node_modules/snackbarjs/src/snackbar.js`;
+                    }
+                },
+                stdout: false
+            },
+            fixJimpModule: {
+                command: function () {
+                    switch (process.platform) {
+                        case "darwin":
+                            // Space added before comma to prevent multiple modifications
+                            return `sed -i '' 's/"es\\/index.js",/"es\\/index.js" ,\\n  "type": "module",/' ./node_modules/jimp/package.json`;
+                        default:
+                            return `sed -i 's/"es\\/index.js",/"es\\/index.js" ,\\n  "type": "module",/' ./node_modules/jimp/package.json`;
+                    }
+                },
                stdout: false
            }
        },
--- a/README.md
+++ b/README.md
@ -1,7 +1,6 @@
 # CyberChef

 [![](https://github.com/gchq/CyberChef/workflows/Master%20Build,%20Test%20&%20Deploy/badge.svg)](https://github.com/gchq/CyberChef/actions?query=workflow%3A%22Master+Build%2C+Test+%26+Deploy%22)
-[![Language grade: JavaScript](https://img.shields.io/lgtm/grade/javascript/g/gchq/CyberChef.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/gchq/CyberChef/context:javascript)
 [![npm](https://img.shields.io/npm/v/cyberchef.svg)](https://www.npmjs.com/package/cyberchef)
 [![](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](https://github.com/gchq/CyberChef/blob/master/LICENSE)
 [![Gitter](https://badges.gitter.im/gchq/CyberChef.svg)](https://gitter.im/gchq/CyberChef?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge)
@ -21,6 +20,22 @@ Cryptographic operations in CyberChef should not be relied upon to provide secur

 [A live demo can be found here][1] - have fun!

+## Containers
+
+If you would like to try out CyberChef locally you can either build it yourself:
+
+```bash
+docker build --tag cyberchef --ulimit nofile=10000 .
+docker run -it -p 8080:80 cyberchef
+```
+
+Or you can use our image directly:
+
+```bash
+docker run -it -p 8080:80 ghcr.io/gchq/cyberchef:latest
+```
+
+This image is built and published through our [GitHub Workflows](.github/workflows/releases.yml)

 ## How it works

@ -54,7 +69,7 @@ You can use as many operations as you like in simple or complex ways. Some examp
     - Whenever you modify the input or the recipe, CyberChef will automatically "bake" for you and produce the output immediately.
     - This can be turned off and operated manually if it is affecting performance (if the input is very large, for instance).
 - Automated encoding detection
-     - CyberChef uses [a number of techniques](https://github.com/gchq/CyberChef/wiki/Automatic-detection-of-encoded-data-using-CyberChef-Magic) to attempt to automatically detect which encodings your data is under. If it finds a suitable operation which can make sense of your data, it displays the 'magic' icon in the Output field which you can click to decode your data.
+     - CyberChef uses [a number of techniques](https://github.com/gchq/CyberChef/wiki/Automatic-detection-of-encoded-data-using-CyberChef-Magic) to attempt to automatically detect which encodings your data is under. If it finds a suitable operation that make sense of your data, it displays the 'magic' icon in the Output field which you can click to decode your data.
 - Breakpoints
     - You can set breakpoints on any operation in your recipe to pause execution before running it.
     - You can also step through the recipe one operation at a time to see what the data looks like at each stage.
@ -66,7 +81,7 @@ You can use as many operations as you like in simple or complex ways. Some examp
 - Highlighting
     - When you highlight text in the input or output, the offset and length values will be displayed and, if possible, the corresponding data will be highlighted in the output or input respectively (example: [highlight the word 'question' in the input to see where it appears in the output][11]).
 - Save to file and load from file
-     - You can save the output to a file at any time or load a file by dragging and dropping it into the input field. Files up to around 2GB are supported (depending on your browser), however some operations may take a very long time to run over this much data.
+     - You can save the output to a file at any time or load a file by dragging and dropping it into the input field. Files up to around 2GB are supported (depending on your browser), however, some operations may take a very long time to run over this much data.
 - CyberChef is entirely client-side
     - It should be noted that none of your recipe configuration or input (either text or files) is ever sent to the CyberChef web server - all processing is carried out within your browser, on your own computer.
     - Due to this feature, CyberChef can be downloaded and run locally. You can use the link in the top left corner of the app to download a full copy of CyberChef and drop it into a virtual machine, share it with other people, or host it in a closed network.
@ -74,10 +89,10 @@ You can use as many operations as you like in simple or complex ways. Some examp

 ## Deep linking

-By manipulation of CyberChef's URL hash, you can change the initial settings with which the page opens.
+By manipulating CyberChef's URL hash, you can change the initial settings with which the page opens.
 The format is `https://gchq.github.io/CyberChef/#recipe=Operation()&input=...`

-Supported arguments are `recipe`, `input` (encoded in Base64), and `theme`. 
+Supported arguments are `recipe`, `input` (encoded in Base64), and `theme`.


 ## Browser support
@ -90,14 +105,14 @@ CyberChef is built to support

 ## Node.js support

-CyberChef is built to fully support Node.js `v10` and partially supports `v12`. Named imports using a deep import specifier does not work in `v12`. For more information, see the Node API page in the project [wiki pages](https://github.com/gchq/CyberChef/wiki)
+CyberChef is built to fully support Node.js `v16`. For more information, see the ["Node API" wiki page](https://github.com/gchq/CyberChef/wiki/Node-API)


 ## Contributing

-Contributing a new operation to CyberChef is super easy! There is a quickstart script which will walk you through the process. If you can write basic JavaScript, you can write a CyberChef operation.
+Contributing a new operation to CyberChef is super easy! The quickstart script will walk you through the process. If you can write basic JavaScript, you can write a CyberChef operation.

-An installation walkthrough, how-to guides for adding new operations and themes, descriptions of the repository structure, available data types and coding conventions can all be found in the project [wiki pages](https://github.com/gchq/CyberChef/wiki).
+An installation walkthrough, how-to guides for adding new operations and themes, descriptions of the repository structure, available data types and coding conventions can all be found in the ["Contributing" wiki page](https://github.com/gchq/CyberChef/wiki/Contributing).

 - Push your changes to your fork.
 - Submit a pull request. If you are doing this for the first time, you will be prompted to sign the [GCHQ Contributor Licence Agreement](https://cla-assistant.io/gchq/CyberChef) via the CLA assistant on the pull request. This will also ask whether you are happy for GCHQ to contact you about a token of thanks for your contribution, or about job opportunities at GCHQ.
--- a/eslint.config.mjs
+++ b/eslint.config.mjs
@ -0,0 +1,129 @@
+import babelParser from "@babel/eslint-parser";
+import jsdoc from "eslint-plugin-jsdoc";
+import js from "@eslint/js";
+import globals from "globals";
+
+export default [
+    js.configs.recommended,
+    {
+        languageOptions: {
+            ecmaVersion: 2022,
+            parser: babelParser,
+            parserOptions: {
+                ecmaVersion: 2022,
+                ecmaFeatures: {
+                    impliedStrict: true
+                },
+                sourceType: "module",
+                allowImportExportEverywhere: true
+            },
+            globals: {
+                ...globals.browser,
+                ...globals.node,
+                ...globals.es6,
+                "$": false,
+                "jQuery": false,
+                "log": false,
+                "app": false,
+
+                "COMPILE_TIME": false,
+                "COMPILE_MSG": false,
+                "PKG_VERSION": false
+            },
+        },
+        ignores: ["src/core/vendor/**"],
+        plugins: {
+            jsdoc
+        },
+        rules: {
+            // enable additional rules
+            "no-eval": "error",
+            "no-implied-eval": "error",
+            "dot-notation": "error",
+            "eqeqeq": ["error", "smart"],
+            "no-caller": "error",
+            "no-extra-bind": "error",
+            "no-unused-expressions": "error",
+            "no-useless-call": "error",
+            "no-useless-return": "error",
+            "radix": "warn",
+
+            // modify rules from base configurations
+            "no-unused-vars": ["error", {
+                "args": "none",
+                "vars": "all",
+                "caughtErrors": "none"
+            }],
+            "no-empty": ["error", {
+                "allowEmptyCatch": true
+            }],
+
+            // disable rules from base configurations
+            "no-control-regex": "off",
+            "require-atomic-updates": "off",
+            "no-async-promise-executor": "off",
+
+            // stylistic conventions
+            "brace-style": ["error", "1tbs"],
+            "space-before-blocks": ["error", "always"],
+            "block-spacing": "error",
+            "array-bracket-spacing": "error",
+            "comma-spacing": "error",
+            "spaced-comment": ["error", "always", { "exceptions": ["/"] }],
+            "comma-style": "error",
+            "computed-property-spacing": "error",
+            "no-trailing-spaces": "warn",
+            "eol-last": "error",
+            "func-call-spacing": "error",
+            "key-spacing": ["warn", {
+                "mode": "minimum"
+            }],
+            "indent": ["error", 4, {
+                "ignoreComments": true,
+                "ArrayExpression": "first",
+                "SwitchCase": 1
+            }],
+            "linebreak-style": ["error", "unix"],
+            "quotes": ["error", "double", {
+                "avoidEscape": true,
+                "allowTemplateLiterals": true
+            }],
+            "camelcase": ["error", {
+                "properties": "always"
+            }],
+            "semi": ["error", "always"],
+            "unicode-bom": "error",
+            "jsdoc/require-jsdoc": ["error", {
+                "require": {
+                    "FunctionDeclaration": true,
+                    "MethodDefinition": true,
+                    "ClassDeclaration": true,
+                    "ArrowFunctionExpression": false
+                }
+            }],
+            "keyword-spacing": ["error", {
+                "before": true,
+                "after": true
+            }],
+            "no-multiple-empty-lines": ["warn", {
+                "max": 2,
+                "maxEOF": 1,
+                "maxBOF": 0
+            }],
+            "no-whitespace-before-property": "error",
+            "operator-linebreak": ["error", "after"],
+            "space-in-parens": "error",
+            "no-var": "error",
+            "prefer-const": "error",
+            "no-console": "error"
+        },
+    },
+    // File-pattern specific overrides
+    {
+        files: ["tests/**/*"],
+        rules: {
+            "no-unused-expressions": "off",
+            "no-console": "off"
+        }
+    },
+];
--- a/nightwatch.json
+++ b/nightwatch.json
@ -1,5 +1,6 @@
 {
  "src_folders": ["tests/browser"],
+  "exclude": ["tests/browser/browserUtils.js"],
  "output_folder": "tests/browser/output",

  "test_settings": {
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "cyberchef",
-  "version": "9.43.0",
+  "version": "10.19.4",
  "description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.",
  "author": "n1474335 <n1474335@gmail.com>",
  "homepage": "https://gchq.github.io/CyberChef",
@ -39,142 +39,164 @@
    "node >= 16"
  ],
  "devDependencies": {
-    "@babel/core": "^7.18.2",
-    "@babel/eslint-parser": "^7.18.2",
-    "@babel/plugin-syntax-import-assertions": "^7.17.12",
-    "@babel/plugin-transform-runtime": "^7.18.2",
-    "@babel/preset-env": "^7.18.2",
-    "@babel/runtime": "^7.18.3",
-    "autoprefixer": "^10.4.7",
-    "babel-loader": "^8.2.5",
+    "@babel/core": "^7.24.7",
+    "@babel/eslint-parser": "^7.24.7",
+    "@babel/plugin-syntax-import-assertions": "^7.24.7",
+    "@babel/plugin-transform-runtime": "^7.24.7",
+    "@babel/preset-env": "^7.24.7",
+    "@babel/runtime": "^7.24.7",
+    "@codemirror/commands": "^6.6.0",
+    "@codemirror/language": "^6.10.2",
+    "@codemirror/search": "^6.5.6",
+    "@codemirror/state": "^6.4.1",
+    "@codemirror/view": "^6.28.0",
+    "autoprefixer": "^10.4.19",
+    "babel-loader": "^9.1.3",
    "babel-plugin-dynamic-import-node": "^2.3.3",
    "babel-plugin-transform-builtin-extend": "1.1.2",
-    "chromedriver": "^101.0.0",
-    "cli-progress": "^3.11.1",
+    "base64-loader": "^1.0.0",
+    "chromedriver": "^130.0.0",
+    "cli-progress": "^3.12.0",
    "colors": "^1.4.0",
-    "copy-webpack-plugin": "^11.0.0",
-    "core-js": "^3.22.8",
-    "css-loader": "6.7.1",
-    "eslint": "^8.16.0",
-    "grunt": "^1.5.3",
+    "compression-webpack-plugin": "^11.1.0",
+    "copy-webpack-plugin": "^12.0.2",
+    "core-js": "^3.37.1",
+    "cspell": "^8.17.3",
+    "css-loader": "7.1.2",
+    "eslint": "^9.4.0",
+    "eslint-plugin-jsdoc": "^48.2.9",
+    "globals": "^15.4.0",
+    "grunt": "^1.6.1",
    "grunt-chmod": "~1.1.1",
    "grunt-concurrent": "^3.0.0",
    "grunt-contrib-clean": "~2.0.1",
-    "grunt-contrib-connect": "^3.0.0",
+    "grunt-contrib-connect": "^4.0.0",
    "grunt-contrib-copy": "~1.0.0",
    "grunt-contrib-watch": "^1.1.0",
-    "grunt-eslint": "^24.0.0",
+    "grunt-eslint": "^25.0.0",
    "grunt-exec": "~3.0.0",
-    "grunt-webpack": "^5.0.0",
-    "grunt-zip": "^0.18.2",
-    "html-webpack-plugin": "^5.5.0",
-    "imports-loader": "^4.0.0",
-    "mini-css-extract-plugin": "2.6.0",
-    "modify-source-webpack-plugin": "^3.0.0",
-    "nightwatch": "^2.1.7",
-    "postcss": "^8.4.14",
-    "postcss-css-variables": "^0.18.0",
-    "postcss-import": "^14.1.0",
-    "postcss-loader": "^7.0.0",
+    "grunt-webpack": "^6.0.0",
+    "grunt-zip": "^1.0.0",
+    "html-webpack-plugin": "^5.6.0",
+    "imports-loader": "^5.0.0",
+    "mini-css-extract-plugin": "2.9.0",
+    "modify-source-webpack-plugin": "^4.1.0",
+    "nightwatch": "^3.6.3",
+    "postcss": "^8.4.38",
+    "postcss-css-variables": "^0.19.0",
+    "postcss-import": "^16.1.0",
+    "postcss-loader": "^8.1.1",
    "prompt": "^1.3.0",
-    "sass-loader": "^13.0.0",
-    "sitemap": "^7.1.1",
-    "terser": "^5.14.0",
-    "webpack": "^5.73.0",
-    "webpack-bundle-analyzer": "^4.5.0",
-    "webpack-dev-server": "4.9.1",
+    "sitemap": "^8.0.0",
+    "terser": "^5.31.1",
+    "webpack": "^5.91.0",
+    "webpack-bundle-analyzer": "^4.10.2",
+    "webpack-dev-server": "5.0.4",
    "webpack-node-externals": "^3.0.0",
    "worker-loader": "^3.0.8"
  },
  "dependencies": {
+    "@astronautlabs/amf": "^0.0.6",
    "@babel/polyfill": "^7.12.1",
+    "@blu3r4y/lzma": "^2.3.3",
+    "@wavesenterprise/crypto-gost-js": "^2.1.0-RC1",
+    "@xmldom/xmldom": "^0.8.10",
+    "argon2-browser": "^1.18.0",
    "arrive": "^2.4.1",
-    "avsc": "^5.7.4",
+    "avsc": "^5.7.7",
    "bcryptjs": "^2.4.3",
-    "bignumber.js": "^9.0.2",
+    "bignumber.js": "^9.1.2",
    "blakejs": "^1.2.1",
-    "bootstrap": "4.6.1",
+    "bootstrap": "4.6.2",
    "bootstrap-colorpicker": "^3.4.0",
    "bootstrap-material-design": "^4.1.3",
    "browserify-zlib": "^0.2.0",
-    "bson": "^4.6.4",
+    "bson": "^4.7.2",
    "buffer": "^6.0.3",
-    "cbor": "8.1.0",
+    "cbor": "9.0.2",
    "chi-squared": "^1.1.0",
    "codepage": "^1.15.0",
    "crypto-api": "^0.8.5",
    "crypto-browserify": "^3.12.0",
-    "crypto-js": "^4.1.1",
+    "crypto-js": "^4.2.0",
    "ctph.js": "0.0.5",
-    "d3": "7.4.4",
+    "d3": "7.9.0",
    "d3-hexbin": "^0.2.2",
-    "diff": "^5.1.0",
+    "diff": "^5.2.0",
+    "dompurify": "^3.2.5",
    "es6-promisify": "^7.0.0",
-    "escodegen": "^2.0.0",
+    "escodegen": "^2.1.0",
    "esprima": "^4.0.1",
    "exif-parser": "^0.1.12",
+    "fernet": "^0.4.0",
    "file-saver": "^2.0.5",
-    "flat": "^5.0.2",
+    "flat": "^6.0.1",
    "geodesy": "1.1.3",
-    "highlight.js": "^11.5.1",
-    "jimp": "^0.16.1",
-    "jquery": "3.6.0",
-    "js-crc": "^0.2.0",
-    "js-sha3": "^0.8.0",
+    "highlight.js": "^11.9.0",
+    "ieee754": "^1.2.1",
+    "jimp": "^0.22.12",
+    "jq-web": "^0.5.1",
+    "jquery": "3.7.1",
+    "js-sha3": "^0.9.3",
    "jsesc": "^3.0.2",
-    "json5": "^2.2.1",
-    "jsonpath": "^1.1.1",
-    "jsonwebtoken": "^8.5.1",
+    "json5": "^2.2.3",
+    "jsonpath-plus": "^9.0.0",
+    "jsonwebtoken": "8.5.1",
    "jsqr": "^1.4.0",
-    "jsrsasign": "^10.5.23",
+    "jsrsasign": "^11.1.0",
    "kbpgp": "2.1.15",
    "libbzip2-wasm": "0.0.4",
-    "libyara-wasm": "^1.1.0",
+    "libyara-wasm": "^1.2.1",
    "lodash": "^4.17.21",
-    "loglevel": "^1.8.0",
+    "loglevel": "^1.9.1",
    "loglevel-message-prefix": "^3.0.0",
-    "markdown-it": "^13.0.1",
-    "moment": "^2.29.3",
-    "moment-timezone": "^0.5.34",
+    "lz-string": "^1.5.0",
+    "lz4js": "^0.2.0",
+    "markdown-it": "^14.1.0",
+    "moment": "^2.30.1",
+    "moment-timezone": "^0.5.45",
    "ngeohash": "^0.6.3",
    "node-forge": "^1.3.1",
    "node-md6": "^0.1.0",
-    "node-sass": "^7.0.1",
    "nodom": "^2.4.0",
    "notepack.io": "^3.0.1",
+    "ntlm": "^0.1.3",
    "nwmatcher": "^1.4.4",
-    "otp": "0.1.3",
+    "otpauth": "9.3.6",
    "path": "^0.12.7",
    "popper.js": "^1.16.1",
    "process": "^0.11.10",
-    "protobufjs": "^6.11.3",
+    "protobufjs": "^7.3.1",
    "qr-image": "^3.2.0",
+    "reflect-metadata": "^0.2.2",
+    "rison": "^0.1.1",
    "scryptsy": "^2.1.0",
    "snackbarjs": "^1.1.0",
-    "sortablejs": "^1.15.0",
+    "sortablejs": "^1.15.2",
    "split.js": "^1.6.5",
    "ssdeep.js": "0.0.3",
    "stream-browserify": "^3.0.0",
-    "tesseract.js": "2.1.5",
-    "ua-parser-js": "^1.0.2",
+    "tesseract.js": "5.1.0",
+    "ua-parser-js": "^1.0.38",
    "unorm": "^1.6.0",
    "utf8": "^3.0.0",
    "vkbeautify": "^0.99.3",
-    "xmldom": "^0.6.0",
-    "xpath": "0.0.32",
-    "xregexp": "^5.1.0",
+    "xpath": "0.0.34",
+    "xregexp": "^5.1.1",
    "zlibjs": "^0.3.1"
  },
  "scripts": {
    "start": "npx grunt dev",
    "build": "npx grunt prod",
-    "repl": "node --experimental-modules --experimental-json-modules --experimental-specifier-resolution=node --no-warnings src/node/repl.mjs",
-    "test": "npx grunt configTests && node --experimental-modules --experimental-json-modules --no-warnings --no-deprecation tests/node/index.mjs && node --experimental-modules --experimental-json-modules --no-warnings --no-deprecation tests/operations/index.mjs",
+    "node": "npx grunt node",
+    "repl": "node --experimental-modules --experimental-json-modules --experimental-specifier-resolution=node --no-experimental-fetch --no-warnings src/node/repl.mjs",
+    "test": "npx grunt configTests && node --experimental-modules --experimental-json-modules --no-warnings --no-deprecation --openssl-legacy-provider --no-experimental-fetch tests/node/index.mjs && node --experimental-modules --experimental-json-modules --no-warnings --no-deprecation --openssl-legacy-provider --no-experimental-fetch --trace-uncaught tests/operations/index.mjs",
    "testnodeconsumer": "npx grunt testnodeconsumer",
    "testui": "npx grunt testui",
    "testuidev": "npx nightwatch --env=dev",
    "lint": "npx grunt lint",
-    "postinstall": "npx grunt exec:fixCryptoApiImports",
+    "lint:grammar": "cspell ./src",
+    "postinstall": "npx grunt exec:fixCryptoApiImports && npx grunt exec:fixSnackbarMarkup && npx grunt exec:fixJimpModule",
    "newop": "node --experimental-modules --experimental-json-modules src/core/config/scripts/newOperation.mjs",
    "minor": "node --experimental-modules --experimental-json-modules src/core/config/scripts/newMinorVersion.mjs",
    "getheapsize": "node -e 'console.log(`node heap limit = ${require(\"v8\").getHeapStatistics().heap_size_limit / (1024 * 1024)} Mb`)'",
--- a/src/core/Chef.mjs
+++ b/src/core/Chef.mjs
@ -27,8 +27,8 @@ class Chef {
     *
     * @param {string|ArrayBuffer} input - The input data as a string or ArrayBuffer
     * @param {Object[]} recipeConfig - The recipe configuration object
-     * @param {Object} options - The options object storing various user choices
-     * @param {boolean} options.attempHighlight - Whether or not to attempt highlighting
+     * @param {Object} [options={}] - The options object storing various user choices
+     * @param {string} [options.returnType] - What type to return the result as
     *
     * @returns {Object} response
     * @returns {string} response.result - The output of the recipe
@ -37,12 +37,11 @@ class Chef {
     * @returns {number} response.duration - The number of ms it took to execute the recipe
     * @returns {number} response.error - The error object thrown by a failed operation (false if no error)
    */
-    async bake(input, recipeConfig, options) {
+    async bake(input, recipeConfig, options={}) {
        log.debug("Chef baking");
        const startTime = Date.now(),
            recipe      = new Recipe(recipeConfig),
-            containsFc  = recipe.containsFlowControl(),
-            notUTF8     = options && "treatAsUtf8" in options && !options.treatAsUtf8;
+            containsFc  = recipe.containsFlowControl();
        let error = false,
            progress = 0;

@ -68,20 +67,13 @@ class Chef {
        // Present the raw result
        await recipe.present(this.dish);

-        // Depending on the size of the output, we may send it back as a string or an ArrayBuffer.
-        // This can prevent unnecessary casting as an ArrayBuffer can be easily downloaded as a file.
-        // The threshold is specified in KiB.
-        const threshold = (options.ioDisplayThreshold || 1024) * 1024;
        const returnType =
-            this.dish.type === Dish.HTML ?
-                Dish.HTML :
-                this.dish.size > threshold ?
-                    Dish.ARRAY_BUFFER :
-                    Dish.STRING;
+            this.dish.type === Dish.HTML ? Dish.HTML :
+                options?.returnType ? options.returnType : Dish.ARRAY_BUFFER;

        return {
            dish: rawDish,
-            result: await this.dish.get(returnType, notUTF8),
+            result: await this.dish.get(returnType),
            type: Dish.enumLookup(this.dish.type),
            progress: progress,
            duration: Date.now() - startTime,
--- a/src/core/ChefWorker.js
+++ b/src/core/ChefWorker.js
@ -9,16 +9,8 @@
 import Chef from "./Chef.mjs";
 import OperationConfig from "./config/OperationConfig.json" assert {type: "json"};
 import OpModules from "./config/modules/OpModules.mjs";
-
-// Add ">" to the start of all log messages in the Chef Worker
 import loglevelMessagePrefix from "loglevel-message-prefix";

-loglevelMessagePrefix(log, {
-    prefixes: [],
-    staticPrefixes: [">"],
-    prefixFormat: "%p"
-});
-

 // Set up Chef instance
 self.chef = new Chef();
@ -56,7 +48,7 @@ self.postMessage({
 self.addEventListener("message", function(e) {
    // Handle message
    const r = e.data;
-    log.debug("ChefWorker receiving command '" + r.action + "'");
+    log.debug(`Receiving command '${r.action}'`);

    switch (r.action) {
        case "bake":
@ -86,6 +78,12 @@ self.addEventListener("message", function(e) {
        case "setLogLevel":
            log.setLevel(r.data, false);
            break;
+        case "setLogPrefix":
+            loglevelMessagePrefix(log, {
+                prefixes: [],
+                staticPrefixes: [r.data]
+            });
+            break;
        default:
            break;
    }
@ -101,14 +99,17 @@ async function bake(data) {
    // Ensure the relevant modules are loaded
    self.loadRequiredModules(data.recipeConfig);
    try {
-        self.inputNum = (data.inputNum !== undefined) ? data.inputNum : -1;
+        self.inputNum = data.inputNum === undefined ? -1 : data.inputNum;
        const response = await self.chef.bake(
            data.input,          // The user's input
            data.recipeConfig,   // The configuration of the recipe
            data.options         // Options set by the user
        );

-        const transferable = (data.input instanceof ArrayBuffer) ? [data.input] : undefined;
+        const transferable = (response.dish.value instanceof ArrayBuffer) ?
+            [response.dish.value] :
+            undefined;
+
        self.postMessage({
            action: "bakeComplete",
            data: Object.assign(response, {
@ -186,7 +187,7 @@ async function getDishTitle(data) {
 *
 * @param {Object[]} recipeConfig
 * @param {string} direction
- * @param {Object} pos - The position object for the highlight.
+ * @param {Object[]} pos - The position object for the highlight.
 * @param {number} pos.start - The start offset.
 * @param {number} pos.end - The end offset.
 */
--- a/src/core/Dish.mjs
+++ b/src/core/Dish.mjs
@ -128,10 +128,9 @@ class Dish {
     * If running in a browser, get is asynchronous.
     *
     * @param {number} type - The data type of value, see Dish enums.
-     * @param {boolean} [notUTF8=false] - Do not treat strings as UTF8.
     * @returns {* | Promise} - (Browser) A promise | (Node) value of dish in given type
     */
-    get(type, notUTF8=false) {
+    get(type) {
        if (typeof type === "string") {
            type = Dish.typeEnum(type);
        }
@ -140,13 +139,13 @@ class Dish {

            // Node environment => _translate is sync
            if (isNodeEnvironment()) {
-                this._translate(type, notUTF8);
+                this._translate(type);
                return this.value;

            // Browser environment => _translate is async
            } else {
                return new Promise((resolve, reject) => {
-                    this._translate(type, notUTF8)
+                    this._translate(type)
                        .then(() => {
                            resolve(this.value);
                        })
@ -190,12 +189,11 @@ class Dish {
     * @Node
     *
     * @param {number} type - The data type of value, see Dish enums.
-     * @param {boolean} [notUTF8=false] - Do not treat strings as UTF8.
     * @returns {Dish | Promise} - (Browser) A promise | (Node) value of dish in given type
     */
-    presentAs(type, notUTF8=false) {
+    presentAs(type) {
        const clone = this.clone();
-        return clone.get(type, notUTF8);
+        return clone.get(type);
    }


@ -414,17 +412,16 @@ class Dish {
     * If running in the browser, _translate is asynchronous.
     *
     * @param {number} toType - The data type of value, see Dish enums.
-     * @param {boolean} [notUTF8=false] - Do not treat strings as UTF8.
     * @returns {Promise || undefined}
     */
-    _translate(toType, notUTF8=false) {
+    _translate(toType) {
        log.debug(`Translating Dish from ${Dish.enumLookup(this.type)} to ${Dish.enumLookup(toType)}`);

        // Node environment => translate is sync
        if (isNodeEnvironment()) {
            this._toArrayBuffer();
            this.type = Dish.ARRAY_BUFFER;
-            this._fromArrayBuffer(toType, notUTF8);
+            this._fromArrayBuffer(toType);

        // Browser environment => translate is async
        } else {
@ -486,18 +483,17 @@ class Dish {
     * Convert this.value to the given type from ArrayBuffer
     *
     * @param {number} toType - the Dish enum to convert to
-     * @param {boolean} [notUTF8=false] - Do not treat strings as UTF8.
    */
-    _fromArrayBuffer(toType, notUTF8) {
+    _fromArrayBuffer(toType) {

        // Using 'bind' here to allow this.value to be mutated within translation functions
        const toTypeFunctions = {
-            [Dish.STRING]:          () => DishString.fromArrayBuffer.bind(this)(notUTF8),
-            [Dish.NUMBER]:          () => DishNumber.fromArrayBuffer.bind(this)(notUTF8),
-            [Dish.HTML]:            () => DishHTML.fromArrayBuffer.bind(this)(notUTF8),
+            [Dish.STRING]:          () => DishString.fromArrayBuffer.bind(this)(),
+            [Dish.NUMBER]:          () => DishNumber.fromArrayBuffer.bind(this)(),
+            [Dish.HTML]:            () => DishHTML.fromArrayBuffer.bind(this)(),
            [Dish.ARRAY_BUFFER]:    () => {},
-            [Dish.BIG_NUMBER]:      () => DishBigNumber.fromArrayBuffer.bind(this)(notUTF8),
-            [Dish.JSON]:            () => DishJSON.fromArrayBuffer.bind(this)(notUTF8),
+            [Dish.BIG_NUMBER]:      () => DishBigNumber.fromArrayBuffer.bind(this)(),
+            [Dish.JSON]:            () => DishJSON.fromArrayBuffer.bind(this)(),
            [Dish.FILE]:            () => DishFile.fromArrayBuffer.bind(this)(),
            [Dish.LIST_FILE]:       () => DishListFile.fromArrayBuffer.bind(this)(),
            [Dish.BYTE_ARRAY]:      () => DishByteArray.fromArrayBuffer.bind(this)(),
--- a/src/core/Ingredient.mjs
+++ b/src/core/Ingredient.mjs
@ -27,6 +27,7 @@ class Ingredient {
        this.toggleValues = [];
        this.target = null;
        this.defaultIndex = 0;
+        this.maxLength = null;
        this.min = null;
        this.max = null;
        this.step = 1;
@ -53,6 +54,7 @@ class Ingredient {
        this.toggleValues = ingredientConfig.toggleValues;
        this.target = typeof ingredientConfig.target !== "undefined" ? ingredientConfig.target : null;
        this.defaultIndex = typeof ingredientConfig.defaultIndex !== "undefined" ? ingredientConfig.defaultIndex : 0;
+        this.maxLength = ingredientConfig.maxLength || null;
        this.min = ingredientConfig.min;
        this.max = ingredientConfig.max;
        this.step = ingredientConfig.step;
--- a/src/core/Operation.mjs
+++ b/src/core/Operation.mjs
@ -184,6 +184,7 @@ class Operation {
            if (ing.disabled) conf.disabled = ing.disabled;
            if (ing.target) conf.target = ing.target;
            if (ing.defaultIndex) conf.defaultIndex = ing.defaultIndex;
+            if (ing.maxLength) conf.maxLength = ing.maxLength;
            if (typeof ing.min === "number") conf.min = ing.min;
            if (typeof ing.max === "number") conf.max = ing.max;
            if (ing.step) conf.step = ing.step;
--- a/src/core/Recipe.mjs
+++ b/src/core/Recipe.mjs
@ -230,14 +230,12 @@ class Recipe  {
                this.lastRunOp = op;
            } catch (err) {
                // Return expected errors as output
-                if (err instanceof OperationError ||
-                    (err.type && err.type === "OperationError")) {
+                if (err instanceof OperationError || err?.type === "OperationError") {
                    // Cannot rely on `err instanceof OperationError` here as extending
                    // native types is not fully supported yet.
                    dish.set(err.message, "string");
                    return i;
-                } else if (err instanceof DishError ||
-                    (err.type && err.type === "DishError")) {
+                } else if (err instanceof DishError || err?.type === "DishError") {
                    dish.set(err.message, "string");
                    return i;
                } else {
--- a/src/core/Utils.mjs
+++ b/src/core/Utils.mjs
@ -4,6 +4,8 @@
 * @license Apache-2.0
 */

+// loglevel import required for Node API
+import log from "loglevel";
 import utf8 from "utf8";
 import {fromBase64, toBase64} from "./lib/Base64.mjs";
 import {fromHex} from "./lib/Hex.mjs";
@ -174,17 +176,13 @@ class Utils {
     * @returns {string}
     */
    static printable(str, preserveWs=false, onlyAscii=false) {
-        if (isWebEnvironment() && window.app && !window.app.options.treatAsUtf8) {
-            str = Utils.byteArrayToChars(Utils.strToByteArray(str));
-        }
-
        if (onlyAscii) {
            return str.replace(/[^\x20-\x7f]/g, ".");
        }

        // eslint-disable-next-line no-misleading-character-class
        const re = /[\0-\x08\x0B-\x0C\x0E-\x1F\x7F-\x9F\xAD\u0378\u0379\u037F-\u0383\u038B\u038D\u03A2\u0528-\u0530\u0557\u0558\u0560\u0588\u058B-\u058E\u0590\u05C8-\u05CF\u05EB-\u05EF\u05F5-\u0605\u061C\u061D\u06DD\u070E\u070F\u074B\u074C\u07B2-\u07BF\u07FB-\u07FF\u082E\u082F\u083F\u085C\u085D\u085F-\u089F\u08A1\u08AD-\u08E3\u08FF\u0978\u0980\u0984\u098D\u098E\u0991\u0992\u09A9\u09B1\u09B3-\u09B5\u09BA\u09BB\u09C5\u09C6\u09C9\u09CA\u09CF-\u09D6\u09D8-\u09DB\u09DE\u09E4\u09E5\u09FC-\u0A00\u0A04\u0A0B-\u0A0E\u0A11\u0A12\u0A29\u0A31\u0A34\u0A37\u0A3A\u0A3B\u0A3D\u0A43-\u0A46\u0A49\u0A4A\u0A4E-\u0A50\u0A52-\u0A58\u0A5D\u0A5F-\u0A65\u0A76-\u0A80\u0A84\u0A8E\u0A92\u0AA9\u0AB1\u0AB4\u0ABA\u0ABB\u0AC6\u0ACA\u0ACE\u0ACF\u0AD1-\u0ADF\u0AE4\u0AE5\u0AF2-\u0B00\u0B04\u0B0D\u0B0E\u0B11\u0B12\u0B29\u0B31\u0B34\u0B3A\u0B3B\u0B45\u0B46\u0B49\u0B4A\u0B4E-\u0B55\u0B58-\u0B5B\u0B5E\u0B64\u0B65\u0B78-\u0B81\u0B84\u0B8B-\u0B8D\u0B91\u0B96-\u0B98\u0B9B\u0B9D\u0BA0-\u0BA2\u0BA5-\u0BA7\u0BAB-\u0BAD\u0BBA-\u0BBD\u0BC3-\u0BC5\u0BC9\u0BCE\u0BCF\u0BD1-\u0BD6\u0BD8-\u0BE5\u0BFB-\u0C00\u0C04\u0C0D\u0C11\u0C29\u0C34\u0C3A-\u0C3C\u0C45\u0C49\u0C4E-\u0C54\u0C57\u0C5A-\u0C5F\u0C64\u0C65\u0C70-\u0C77\u0C80\u0C81\u0C84\u0C8D\u0C91\u0CA9\u0CB4\u0CBA\u0CBB\u0CC5\u0CC9\u0CCE-\u0CD4\u0CD7-\u0CDD\u0CDF\u0CE4\u0CE5\u0CF0\u0CF3-\u0D01\u0D04\u0D0D\u0D11\u0D3B\u0D3C\u0D45\u0D49\u0D4F-\u0D56\u0D58-\u0D5F\u0D64\u0D65\u0D76-\u0D78\u0D80\u0D81\u0D84\u0D97-\u0D99\u0DB2\u0DBC\u0DBE\u0DBF\u0DC7-\u0DC9\u0DCB-\u0DCE\u0DD5\u0DD7\u0DE0-\u0DF1\u0DF5-\u0E00\u0E3B-\u0E3E\u0E5C-\u0E80\u0E83\u0E85\u0E86\u0E89\u0E8B\u0E8C\u0E8E-\u0E93\u0E98\u0EA0\u0EA4\u0EA6\u0EA8\u0EA9\u0EAC\u0EBA\u0EBE\u0EBF\u0EC5\u0EC7\u0ECE\u0ECF\u0EDA\u0EDB\u0EE0-\u0EFF\u0F48\u0F6D-\u0F70\u0F98\u0FBD\u0FCD\u0FDB-\u0FFF\u10C6\u10C8-\u10CC\u10CE\u10CF\u1249\u124E\u124F\u1257\u1259\u125E\u125F\u1289\u128E\u128F\u12B1\u12B6\u12B7\u12BF\u12C1\u12C6\u12C7\u12D7\u1311\u1316\u1317\u135B\u135C\u137D-\u137F\u139A-\u139F\u13F5-\u13FF\u169D-\u169F\u16F1-\u16FF\u170D\u1715-\u171F\u1737-\u173F\u1754-\u175F\u176D\u1771\u1774-\u177F\u17DE\u17DF\u17EA-\u17EF\u17FA-\u17FF\u180F\u181A-\u181F\u1878-\u187F\u18AB-\u18AF\u18F6-\u18FF\u191D-\u191F\u192C-\u192F\u193C-\u193F\u1941-\u1943\u196E\u196F\u1975-\u197F\u19AC-\u19AF\u19CA-\u19CF\u19DB-\u19DD\u1A1C\u1A1D\u1A5F\u1A7D\u1A7E\u1A8A-\u1A8F\u1A9A-\u1A9F\u1AAE-\u1AFF\u1B4C-\u1B4F\u1B7D-\u1B7F\u1BF4-\u1BFB\u1C38-\u1C3A\u1C4A-\u1C4C\u1C80-\u1CBF\u1CC8-\u1CCF\u1CF7-\u1CFF\u1DE7-\u1DFB\u1F16\u1F17\u1F1E\u1F1F\u1F46\u1F47\u1F4E\u1F4F\u1F58\u1F5A\u1F5C\u1F5E\u1F7E\u1F7F\u1FB5\u1FC5\u1FD4\u1FD5\u1FDC\u1FF0\u1FF1\u1FF5\u1FFF\u200B-\u200F\u202A-\u202E\u2060-\u206F\u2072\u2073\u208F\u209D-\u209F\u20BB-\u20CF\u20F1-\u20FF\u218A-\u218F\u23F4-\u23FF\u2427-\u243F\u244B-\u245F\u2700\u2B4D-\u2B4F\u2B5A-\u2BFF\u2C2F\u2C5F\u2CF4-\u2CF8\u2D26\u2D28-\u2D2C\u2D2E\u2D2F\u2D68-\u2D6E\u2D71-\u2D7E\u2D97-\u2D9F\u2DA7\u2DAF\u2DB7\u2DBF\u2DC7\u2DCF\u2DD7\u2DDF\u2E3C-\u2E7F\u2E9A\u2EF4-\u2EFF\u2FD6-\u2FEF\u2FFC-\u2FFF\u3040\u3097\u3098\u3100-\u3104\u312E-\u3130\u318F\u31BB-\u31BF\u31E4-\u31EF\u321F\u32FF\u4DB6-\u4DBF\u9FCD-\u9FFF\uA48D-\uA48F\uA4C7-\uA4CF\uA62C-\uA63F\uA698-\uA69E\uA6F8-\uA6FF\uA78F\uA794-\uA79F\uA7AB-\uA7F7\uA82C-\uA82F\uA83A-\uA83F\uA878-\uA87F\uA8C5-\uA8CD\uA8DA-\uA8DF\uA8FC-\uA8FF\uA954-\uA95E\uA97D-\uA97F\uA9CE\uA9DA-\uA9DD\uA9E0-\uA9FF\uAA37-\uAA3F\uAA4E\uAA4F\uAA5A\uAA5B\uAA7C-\uAA7F\uAAC3-\uAADA\uAAF7-\uAB00\uAB07\uAB08\uAB0F\uAB10\uAB17-\uAB1F\uAB27\uAB2F-\uABBF\uABEE\uABEF\uABFA-\uABFF\uD7A4-\uD7AF\uD7C7-\uD7CA\uD7FC-\uD7FF\uE000-\uF8FF\uFA6E\uFA6F\uFADA-\uFAFF\uFB07-\uFB12\uFB18-\uFB1C\uFB37\uFB3D\uFB3F\uFB42\uFB45\uFBC2-\uFBD2\uFD40-\uFD4F\uFD90\uFD91\uFDC8-\uFDEF\uFDFE\uFDFF\uFE1A-\uFE1F\uFE27-\uFE2F\uFE53\uFE67\uFE6C-\uFE6F\uFE75\uFEFD-\uFF00\uFFBF-\uFFC1\uFFC8\uFFC9\uFFD0\uFFD1\uFFD8\uFFD9\uFFDD-\uFFDF\uFFE7\uFFEF-\uFFFB\uFFFE\uFFFF]/g;
-        const wsRe = /[\x09-\x10\x0D\u2028\u2029]/g;
+        const wsRe = /[\x09-\x10\u2028\u2029]/g;

        str = str.replace(re, ".");
        if (!preserveWs) str = str.replace(wsRe, ".");
@ -192,6 +190,21 @@ class Utils {
    }


+    /**
+     * Returns a string with whitespace represented as special characters from the
+     * Unicode Private Use Area, which CyberChef will display as control characters.
+     * Private Use Area characters are in the range U+E000..U+F8FF.
+     * https://en.wikipedia.org/wiki/Private_Use_Areas
+     * @param {string} str
+     * @returns {string}
+     */
+    static escapeWhitespace(str) {
+        return str.replace(/[\x09-\x10]/g, function(c) {
+            return String.fromCharCode(0xe000 + c.charCodeAt(0));
+        });
+    }
+
+
    /**
     * Parse a string entered by a user and replace escaped chars with the bytes they represent.
     *
@ -206,7 +219,7 @@ class Utils {
     * Utils.parseEscapedChars("\\n");
     */
    static parseEscapedChars(str) {
-        return str.replace(/\\([bfnrtv'"]|[0-3][0-7]{2}|[0-7]{1,2}|x[\da-fA-F]{2}|u[\da-fA-F]{4}|u\{[\da-fA-F]{1,6}\}|\\)/g, function(m, a) {
+        return str.replace(/\\([abfnrtv'"]|[0-3][0-7]{2}|[0-7]{1,2}|x[\da-fA-F]{2}|u[\da-fA-F]{4}|u\{[\da-fA-F]{1,6}\}|\\)/g, function(m, a) {
            switch (a[0]) {
                case "\\":
                    return "\\";
@ -219,6 +232,8 @@ class Utils {
                case "6":
                case "7":
                    return String.fromCharCode(parseInt(a, 8));
+                case "a":
+                    return String.fromCharCode(7);
                case "b":
                    return "\b";
                case "t":
@ -380,6 +395,70 @@ class Utils {
    }


+    /**
+     * Converts a byte array to an integer.
+     *
+     * @param {byteArray} byteArray
+     * @param {string} byteorder - "little" or "big"
+     * @returns {integer}
+     *
+     * @example
+     * // returns 67305985
+     * Utils.byteArrayToInt([1, 2, 3, 4], "little");
+     *
+     * // returns 16909060
+     * Utils.byteArrayToInt([1, 2, 3, 4], "big");
+     */
+    static byteArrayToInt(byteArray, byteorder) {
+        let value = 0;
+        if (byteorder === "big") {
+            for (let i = 0; i < byteArray.length; i++) {
+                value = (value * 256) + byteArray[i];
+            }
+        } else {
+            for (let i = byteArray.length - 1; i >= 0; i--) {
+                value = (value * 256) + byteArray[i];
+            }
+        }
+        return value;
+    }
+
+
+    /**
+     * Converts an integer to a byte array of {length} bytes.
+     *
+     * @param {integer} value
+     * @param {integer} length
+     * @param {string} byteorder - "little" or "big"
+     * @returns {byteArray}
+     *
+     * @example
+     * // returns [5, 255, 109, 1]
+     * Utils.intToByteArray(23985925, 4, "little");
+     *
+     * // returns [1, 109, 255, 5]
+     * Utils.intToByteArray(23985925, 4, "big");
+     *
+     * // returns [0, 0, 0, 0, 1, 109, 255, 5]
+     * Utils.intToByteArray(23985925, 8, "big");
+     */
+    static intToByteArray(value, length, byteorder) {
+        const arr = new Array(length);
+        if (byteorder === "little") {
+            for (let i = 0; i < length; i++) {
+                arr[i] = value & 0xFF;
+                value = value >>> 8;
+            }
+        } else {
+            for (let i = length - 1; i >= 0; i--) {
+                arr[i] = value & 0xFF;
+                value = value >>> 8;
+            }
+        }
+        return arr;
+    }
+
+
    /**
     * Converts a string to an ArrayBuffer.
     * Treats the string as UTF-8 if any values are over 255.
@ -395,6 +474,9 @@ class Utils {
     * Utils.strToArrayBuffer("你好");
     */
    static strToArrayBuffer(str) {
+        log.debug(`Converting string[${str?.length}] to array buffer`);
+        if (!str) return new ArrayBuffer;
+
        const arr = new Uint8Array(str.length);
        let i = str.length, b;
        while (i--) {
@ -421,17 +503,20 @@ class Utils {
     * Utils.strToUtf8ArrayBuffer("你好");
     */
    static strToUtf8ArrayBuffer(str) {
-        const utf8Str = utf8.encode(str);
+        log.debug(`Converting string[${str?.length}] to UTF8 array buffer`);
+        if (!str) return new ArrayBuffer;

-        if (str.length !== utf8Str.length) {
-            if (isWorkerEnvironment()) {
+        const buffer = new TextEncoder("utf-8").encode(str);
+
+        if (str.length !== buffer.length) {
+            if (isWorkerEnvironment() && self && typeof self.setOption === "function") {
                self.setOption("attemptHighlight", false);
            } else if (isWebEnvironment()) {
                window.app.options.attemptHighlight = false;
            }
        }

-        return Utils.strToArrayBuffer(utf8Str);
+        return buffer.buffer;
    }


@ -450,6 +535,8 @@ class Utils {
     * Utils.strToByteArray("你好");
     */
    static strToByteArray(str) {
+        log.debug(`Converting string[${str?.length}] to byte array`);
+        if (!str) return [];
        const byteArray = new Array(str.length);
        let i = str.length, b;
        while (i--) {
@ -476,6 +563,8 @@ class Utils {
     * Utils.strToUtf8ByteArray("你好");
     */
    static strToUtf8ByteArray(str) {
+        log.debug(`Converting string[${str?.length}] to UTF8 byte array`);
+        if (!str) return [];
        const utf8Str = utf8.encode(str);

        if (str.length !== utf8Str.length) {
@ -504,6 +593,8 @@ class Utils {
     * Utils.strToCharcode("你好");
     */
    static strToCharcode(str) {
+        log.debug(`Converting string[${str?.length}] to charcode`);
+        if (!str) return [];
        const charcode = [];

        for (let i = 0; i < str.length; i++) {
@ -538,20 +629,26 @@ class Utils {
     * Utils.byteArrayToUtf8([228,189,160,229,165,189]);
     */
    static byteArrayToUtf8(byteArray) {
-        const str = Utils.byteArrayToChars(byteArray);
+        log.debug(`Converting byte array[${byteArray?.length}] to UTF8`);
+        if (!byteArray || !byteArray.length) return "";
+        if (!(byteArray instanceof Uint8Array))
+            byteArray = new Uint8Array(byteArray);
+
        try {
-            const utf8Str = utf8.decode(str);
-            if (str.length !== utf8Str.length) {
+            const str = new TextDecoder("utf-8", {fatal: true}).decode(byteArray);
+
+            if (str.length !== byteArray.length) {
                if (isWorkerEnvironment()) {
                    self.setOption("attemptHighlight", false);
                } else if (isWebEnvironment()) {
                    window.app.options.attemptHighlight = false;
                }
            }
-            return utf8Str;
+
+            return str;
        } catch (err) {
            // If it fails, treat it as ANSI
-            return str;
+            return Utils.byteArrayToChars(byteArray);
        }
    }

@ -570,11 +667,13 @@ class Utils {
     * Utils.byteArrayToChars([20320,22909]);
     */
    static byteArrayToChars(byteArray) {
-        if (!byteArray) return "";
+        log.debug(`Converting byte array[${byteArray?.length}] to chars`);
+        if (!byteArray || !byteArray.length) return "";
        let str = "";
-        // String concatenation appears to be faster than an array join
-        for (let i = 0; i < byteArray.length;) {
-            str += String.fromCharCode(byteArray[i++]);
+        // Maxiumum arg length for fromCharCode is 65535, but the stack may already be fairly deep,
+        // so don't get too near it.
+        for (let i = 0; i < byteArray.length; i += 20000) {
+            str += String.fromCharCode(...(byteArray.slice(i, i+20000)));
        }
        return str;
    }
@ -592,6 +691,8 @@ class Utils {
     * Utils.arrayBufferToStr(Uint8Array.from([104,101,108,108,111]).buffer);
     */
    static arrayBufferToStr(arrayBuffer, utf8=true) {
+        log.debug(`Converting array buffer[${arrayBuffer?.byteLength}] to str`);
+        if (!arrayBuffer || !arrayBuffer.byteLength) return "";
        const arr = new Uint8Array(arrayBuffer);
        return utf8 ? Utils.byteArrayToUtf8(arr) : Utils.byteArrayToChars(arr);
    }
@ -723,10 +824,10 @@ class Utils {
        }

        if (removeScriptAndStyle) {
-            htmlStr = recursiveRemove(/<script[^>]*>.*?<\/script[^>]*>/gi, htmlStr);
-            htmlStr = recursiveRemove(/<style[^>]*>.*?<\/style[^>]*>/gi, htmlStr);
+            htmlStr = recursiveRemove(/<script[^>]*>(\s|\S)*?<\/script[^>]*>/gi, htmlStr);
+            htmlStr = recursiveRemove(/<style[^>]*>(\s|\S)*?<\/style[^>]*>/gi, htmlStr);
        }
-        return htmlStr.replace(/<[^>]+>/g, "");
+        return recursiveRemove(/<[^>]+>/g, htmlStr);
    }


@ -734,6 +835,11 @@ class Utils {
     * Escapes HTML tags in a string to stop them being rendered.
     * https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
     *
+     * Null bytes are a special case and are converted to a character from the Unicode
+     * Private Use Area, which CyberChef will display as a control character picture.
+     * This is done due to null bytes not being rendered or stored correctly in HTML
+     * DOM building.
+     *
     * @param {string} str
     * @returns string
     *
@ -748,12 +854,13 @@ class Utils {
            ">": "&gt;",
            '"': "&quot;",
            "'": "&#x27;", // &apos; not recommended because it's not in the HTML spec
-            "`": "&#x60;"
+            "`": "&#x60;",
+            "\u0000": "\ue000"
        };

-        return str.replace(/[&<>"'`]/g, function (match) {
+        return str ? str.replace(/[&<>"'`\u0000]/g, function (match) {
            return HTML_CHARS[match];
-        });
+        }) : str;
    }


@ -775,15 +882,33 @@ class Utils {
            "&quot;": '"',
            "&#x27;": "'",
            "&#x2F;": "/",
-            "&#x60;": "`"
+            "&#x60;": "`",
+            "\ue000": "\u0000"
        };

-        return str.replace(/&#?x?[a-z0-9]{2,4};/ig, function (match) {
+        return str.replace(/(&#?x?[a-z0-9]{2,4};|\ue000)/ig, function (match) {
            return HTML_CHARS[match] || match;
        });
    }


+    /**
+     * Converts a string to its title case equivalent.
+     *
+     * @param {string} str
+     * @returns string
+     *
+     * @example
+     * // return "A Tiny String"
+     * Utils.toTitleCase("a tIny String");
+     */
+    static toTitleCase(str) {
+        return str.replace(/\w\S*/g, function(txt) {
+            return txt.charAt(0).toUpperCase() + txt.substr(1).toLowerCase();
+        });
+    }
+
+
    /**
     * Encodes a URI fragment (#) or query (?) using a minimal amount of percent-encoding.
     *
--- a/src/core/config/Categories.json
+++ b/src/core/config/Categories.json
@ -14,6 +14,8 @@
            "From Charcode",
            "To Decimal",
            "From Decimal",
+            "To Float",
+            "From Float",
            "To Binary",
            "From Binary",
            "To Octal",
@ -29,6 +31,8 @@
            "To Base64",
            "From Base64",
            "Show Base64 offsets",
+            "To Base92",
+            "From Base92",
            "To Base85",
            "From Base85",
            "To Base",
@ -46,6 +50,8 @@
            "From Quoted Printable",
            "To Punycode",
            "From Punycode",
+            "AMF Encode",
+            "AMF Decode",
            "To Hex Content",
            "From Hex Content",
            "PEM to Hex",
@ -65,7 +71,15 @@
            "JSON to CSV",
            "Avro to JSON",
            "CBOR Encode",
-            "CBOR Decode"
+            "CBOR Decode",
+            "YAML to JSON",
+            "JSON to YAML",
+            "Caret/M-decode",
+            "Rison Encode",
+            "Rison Decode",
+            "To Modhex",
+            "From Modhex",
+            "MIME Decoding"
        ]
    },
    {
@ -79,22 +93,37 @@
            "DES Decrypt",
            "Triple DES Encrypt",
            "Triple DES Decrypt",
+            "Fernet Encrypt",
+            "Fernet Decrypt",
            "LS47 Encrypt",
            "LS47 Decrypt",
            "RC2 Encrypt",
            "RC2 Decrypt",
            "RC4",
            "RC4 Drop",
+            "ChaCha",
+            "Salsa20",
+            "XSalsa20",
+            "Rabbit",
            "SM4 Encrypt",
            "SM4 Decrypt",
+            "GOST Encrypt",
+            "GOST Decrypt",
+            "GOST Sign",
+            "GOST Verify",
+            "GOST Key Wrap",
+            "GOST Key Unwrap",
            "ROT13",
            "ROT13 Brute Force",
            "ROT47",
            "ROT47 Brute Force",
+            "ROT8000",
            "XOR",
            "XOR Brute Force",
            "Vigenère Encode",
            "Vigenère Decode",
+            "XXTEA Encrypt",
+            "XXTEA Decrypt",
            "To Morse Code",
            "From Morse Code",
            "Bacon Cipher Encode",
@ -111,9 +140,12 @@
            "Atbash Cipher",
            "CipherSaber2 Encrypt",
            "CipherSaber2 Decrypt",
+            "Cetacean Cipher Encode",
+            "Cetacean Cipher Decode",
            "Substitute",
            "Derive PBKDF2 key",
            "Derive EVP key",
+            "Derive HKDF key",
            "Bcrypt",
            "Scrypt",
            "JWT Sign",
@ -121,6 +153,8 @@
            "JWT Decode",
            "Citrix CTX1 Encode",
            "Citrix CTX1 Decode",
+            "AES Key Wrap",
+            "AES Key Unwrap",
            "Pseudo-Random Number Generator",
            "Enigma",
            "Bombe",
@ -135,11 +169,14 @@
        "name": "Public Key",
        "ops": [
            "Parse X.509 certificate",
+            "Parse X.509 CRL",
            "Parse ASN.1 hex string",
            "PEM to Hex",
            "Hex to PEM",
            "Hex to Object Identifier",
            "Object Identifier to Hex",
+            "PEM to JWK",
+            "JWK to PEM",
            "Generate PGP Key Pair",
            "PGP Encrypt",
            "PGP Decrypt",
@ -151,7 +188,16 @@
            "RSA Verify",
            "RSA Encrypt",
            "RSA Decrypt",
-            "Parse SSH Host Key"
+            "Generate ECDSA Key Pair",
+            "ECDSA Signature Conversion",
+            "ECDSA Sign",
+            "ECDSA Verify",
+            "Parse SSH Host Key",
+            "Parse CSR",
+            "Public Key from Certificate",
+            "Public Key from Private Key",
+            "SM2 Encrypt",
+            "SM2 Decrypt"
        ]
    },
    {
@ -181,7 +227,8 @@
            "Bit shift right",
            "Rotate left",
            "Rotate right",
-            "ROT13"
+            "ROT13",
+            "ROT8000"
        ]
    },
    {
@ -194,9 +241,14 @@
            "Parse User Agent",
            "Parse IP range",
            "Parse IPv6 address",
+            "IPv6 Transition Addresses",
            "Parse IPv4 header",
+            "Strip IPv4 header",
            "Parse TCP",
+            "Strip TCP header",
+            "Parse TLS record",
            "Parse UDP",
+            "Strip UDP header",
            "Parse SSH Host Key",
            "Parse URI",
            "URL Encode",
@ -207,6 +259,8 @@
            "VarInt Decode",
            "JA3 Fingerprint",
            "JA3S Fingerprint",
+            "JA4 Fingerprint",
+            "JA4Server Fingerprint",
            "HASSH Client Fingerprint",
            "HASSH Server Fingerprint",
            "Format MAC addresses",
@ -215,6 +269,7 @@
            "Encode NetBIOS Name",
            "Decode NetBIOS Name",
            "Defang URL",
+            "Fang URL",
            "Defang IP Addresses"
        ]
    },
@ -226,7 +281,8 @@
            "Unicode Text Format",
            "Remove Diacritics",
            "Unescape Unicode Characters",
-            "Convert to NATO alphabet"
+            "Convert to NATO alphabet",
+            "Convert Leet Speak"
        ]
    },
    {
@ -237,6 +293,7 @@
            "Remove null bytes",
            "To Upper case",
            "To Lower case",
+            "Swap case",
            "To Case Insensitive Regex",
            "From Case Insensitive Regex",
            "Add line numbers",
@ -245,6 +302,7 @@
            "To Table",
            "Reverse",
            "Sort",
+            "Shuffle",
            "Unique",
            "Split",
            "Filter",
@ -260,6 +318,7 @@
            "Fuzzy Match",
            "Offset checker",
            "Hamming Distance",
+            "Levenshtein Distance",
            "Convert distance",
            "Convert area",
            "Convert mass",
@ -274,7 +333,10 @@
            "Escape string",
            "Unescape string",
            "Pseudo-Random Number Generator",
-            "Sleep"
+            "Sleep",
+            "File Tree",
+            "Take nth bytes",
+            "Drop nth bytes"
        ]
    },
    {
@ -286,6 +348,7 @@
            "To UNIX Timestamp",
            "Windows Filetime to UNIX Timestamp",
            "UNIX Timestamp to Windows Filetime",
+            "DateTime Delta",
            "Extract dates",
            "Get Time",
            "Sleep"
@ -302,13 +365,15 @@
            "Extract domains",
            "Extract file paths",
            "Extract dates",
+            "Extract hashes",
            "Regular expression",
            "XPath expression",
            "JPath expression",
            "CSS selector",
            "Extract EXIF",
            "Extract ID3",
-            "Extract Files"
+            "Extract Files",
+            "RAKE"
        ]
    },
    {
@ -325,7 +390,14 @@
            "Bzip2 Decompress",
            "Bzip2 Compress",
            "Tar",
-            "Untar"
+            "Untar",
+            "LZString Decompress",
+            "LZString Compress",
+            "LZMA Decompress",
+            "LZMA Compress",
+            "LZ4 Decompress",
+            "LZ4 Compress",
+            "LZNT1 Decompress"
        ]
    },
    {
@ -350,26 +422,30 @@
            "Snefru",
            "BLAKE2b",
            "BLAKE2s",
-            "GOST hash",
+            "GOST Hash",
            "Streebog",
            "SSDEEP",
            "CTPH",
            "Compare SSDEEP hashes",
            "Compare CTPH hashes",
            "HMAC",
+            "CMAC",
            "Bcrypt",
            "Bcrypt compare",
            "Bcrypt parse",
+            "Argon2",
+            "Argon2 compare",
            "Scrypt",
+            "NT Hash",
+            "LM Hash",
+            "MurmurHash3",
            "Fletcher-8 Checksum",
            "Fletcher-16 Checksum",
            "Fletcher-32 Checksum",
            "Fletcher-64 Checksum",
            "Adler-32 Checksum",
            "Luhn Checksum",
-            "CRC-8 Checksum",
-            "CRC-16 Checksum",
-            "CRC-32 Checksum",
+            "CRC Checksum",
            "TCP/IP Checksum"
        ]
    },
@ -391,8 +467,10 @@
            "CSS Minify",
            "XPath expression",
            "JPath expression",
+            "Jq",
            "CSS selector",
            "PHP Deserialize",
+            "PHP Serialize",
            "Microsoft Script Decoder",
            "Strip HTML tags",
            "Diff",
@ -465,6 +543,7 @@
            "P-list Viewer",
            "Disassemble x86",
            "Pseudo-Random Number Generator",
+            "Generate De Bruijn Sequence",
            "Generate UUID",
            "Generate TOTP",
            "Generate HOTP",
--- a/src/core/config/scripts/generateOpsIndex.mjs
+++ b/src/core/config/scripts/generateOpsIndex.mjs
@ -30,12 +30,12 @@ fs.readdirSync(path.join(dir, "../operations")).forEach(file => {

 // Construct index file
 let code = `/**
-* THIS FILE IS AUTOMATICALLY GENERATED BY src/core/config/scripts/generateOpsIndex.mjs
-*
-* @author n1474335 [n1474335@gmail.com]
-* @copyright Crown Copyright ${new Date().getUTCFullYear()}
-* @license Apache-2.0
-*/
+ * THIS FILE IS AUTOMATICALLY GENERATED BY src/core/config/scripts/generateOpsIndex.mjs
+ *
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright ${new Date().getUTCFullYear()}
+ * @license Apache-2.0
+ */
 `;

 opObjs.forEach(obj => {
--- a/src/core/config/scripts/newMinorVersion.mjs
+++ b/src/core/config/scripts/newMinorVersion.mjs
@ -136,7 +136,7 @@ const getFeature = function() {

            fs.writeFileSync(path.join(process.cwd(), "CHANGELOG.md"), changelogData);

-            console.log("Written CHANGELOG.md");
+            console.log("Written CHANGELOG.md\nCommit changes and then run `npm version minor`.");
        }
    });
 };
--- a/src/core/config/scripts/newOperation.mjs
+++ b/src/core/config/scripts/newOperation.mjs
@ -147,7 +147,7 @@ class ${moduleName} extends Operation {
        this.name = "${result.opName}";
        this.module = "${result.module}";
        this.description = "${(new EscapeString).run(result.description, ["Special chars", "Double"])}";
-        this.infoURL = "${result.infoURL}";
+        this.infoURL = "${result.infoURL}"; // Usually a Wikipedia link. Remember to remove localisation (i.e. https://wikipedia.org/etc rather than https://en.wikipedia.org/etc)
        this.inputType = "${result.inputType}";
        this.outputType = "${result.outputType}";
        this.args = [
--- a/src/core/dishTypes/DishBigNumber.mjs
+++ b/src/core/dishTypes/DishBigNumber.mjs
@ -24,12 +24,11 @@ class DishBigNumber extends DishType {

    /**
     * convert the given value from a ArrayBuffer
-     * @param {boolean} notUTF8
     */
-    static fromArrayBuffer(notUTF8) {
+    static fromArrayBuffer() {
        DishBigNumber.checkForValue(this.value);
        try {
-            this.value = new BigNumber(Utils.arrayBufferToStr(this.value, !notUTF8));
+            this.value = new BigNumber(Utils.arrayBufferToStr(this.value));
        } catch (err) {
            this.value = new BigNumber(NaN);
        }
--- a/src/core/dishTypes/DishJSON.mjs
+++ b/src/core/dishTypes/DishJSON.mjs
@ -22,11 +22,10 @@ class DishJSON extends DishType {

    /**
     * convert the given value from a ArrayBuffer
-     * @param {boolean} notUTF8
     */
-    static fromArrayBuffer(notUTF8) {
+    static fromArrayBuffer() {
        DishJSON.checkForValue(this.value);
-        this.value = JSON.parse(Utils.arrayBufferToStr(this.value, !notUTF8));
+        this.value = JSON.parse(Utils.arrayBufferToStr(this.value));
    }
 }

--- a/src/core/dishTypes/DishNumber.mjs
+++ b/src/core/dishTypes/DishNumber.mjs
@ -23,11 +23,10 @@ class DishNumber extends DishType {

    /**
     * convert the given value from a ArrayBuffer
-     * @param {boolean} notUTF8
     */
-    static fromArrayBuffer(notUTF8) {
+    static fromArrayBuffer() {
        DishNumber.checkForValue(this.value);
-        this.value = this.value ? parseFloat(Utils.arrayBufferToStr(this.value, !notUTF8)) : 0;
+        this.value = this.value ? parseFloat(Utils.arrayBufferToStr(this.value)) : 0;
    }
 }

--- a/src/core/dishTypes/DishString.mjs
+++ b/src/core/dishTypes/DishString.mjs
@ -23,11 +23,10 @@ class DishString extends DishType {

    /**
     * convert the given value from a ArrayBuffer
-     * @param {boolean} notUTF8
     */
-    static fromArrayBuffer(notUTF8) {
+    static fromArrayBuffer() {
        DishString.checkForValue(this.value);
-        this.value = this.value ? Utils.arrayBufferToStr(this.value, !notUTF8) : "";
+        this.value = this.value ? Utils.arrayBufferToStr(this.value) : "";
    }
 }

--- a/src/core/dishTypes/DishType.mjs
+++ b/src/core/dishTypes/DishType.mjs
@ -29,9 +29,8 @@ class DishType {

    /**
     * convert the given value from a ArrayBuffer
-     * @param {boolean} notUTF8
     */
-    static fromArrayBuffer(notUTF8=undefined) {
+    static fromArrayBuffer() {
        throw new Error("fromArrayBuffer has not been implemented");
    }
 }
--- a/src/core/lib/Base32.mjs
+++ b/src/core/lib/Base32.mjs
@ -0,0 +1,23 @@
+// import Utils from "../Utils.mjs";
+
+/**
+ * Base32 resources.
+ *
+ * @author Peter C-S [petercs@purelymail.com]
+ * @license Apache-2.0
+ */
+
+/**
+ * Base32 alphabets.
+ */
+export const ALPHABET_OPTIONS = [
+    {
+        name: "Standard", // https://www.rfc-editor.org/rfc/rfc4648#section-6
+        value: "A-Z2-7=",
+    },
+    {
+        name: "Hex Extended", // https://www.rfc-editor.org/rfc/rfc4648#section-7
+        value: "0-9A-V=",
+    },
+];
+
--- a/src/core/lib/Base64.mjs
+++ b/src/core/lib/Base64.mjs
@ -25,12 +25,12 @@ import OperationError from "../errors/OperationError.mjs";
 */
 export function toBase64(data, alphabet="A-Za-z0-9+/=") {
    if (!data) return "";
+    if (typeof data == "string") {
+        data = Utils.strToArrayBuffer(data);
+    }
    if (data instanceof ArrayBuffer) {
        data = new Uint8Array(data);
    }
-    if (typeof data == "string") {
-        data = Utils.strToByteArray(data);
-    }

    alphabet = Utils.expandAlphRange(alphabet).join("");
    if (alphabet.length !== 64 && alphabet.length !== 65) { // Allow for padding
--- a/src/core/lib/Base92.mjs
+++ b/src/core/lib/Base92.mjs
@ -0,0 +1,44 @@
+/**
+ * Base92 resources.
+ *
+ * @author sg5506844 [sg5506844@gmail.com]
+ * @copyright Crown Copyright 2021
+ * @license Apache-2.0
+ */
+
+import OperationError from "../errors/OperationError.mjs";
+
+/**
+ * Base92 alphabet char
+ *
+ * @param {number} val
+ * @returns {number}
+ */
+export function base92Chr(val) {
+    if (val < 0 || val >= 91) {
+        throw new OperationError("Invalid value");
+    }
+    if (val === 0)
+        return "!".charCodeAt(0);
+    else if (val <= 61)
+        return "#".charCodeAt(0) + val - 1;
+    else
+        return "a".charCodeAt(0) + val - 62;
+}
+
+/**
+ * Base92 alphabet ord
+ *
+ * @param {string} val
+ * @returns {number}
+ */
+export function base92Ord(val) {
+    if (val === "!")
+        return 0;
+    else if ("#" <= val && val <= "_")
+        return val.charCodeAt(0) - "#".charCodeAt(0) + 1;
+    else if ("a" <= val && val <= "}")
+        return val.charCodeAt(0) - "a".charCodeAt(0) + 62;
+    throw new OperationError(`${val} is not a base92 character`);
+}
+
--- a/src/core/lib/ChrEnc.mjs
+++ b/src/core/lib/ChrEnc.mjs
@ -6,10 +6,12 @@
 * @license Apache-2.0
 */

+import cptable from "codepage";
+
 /**
 * Character encoding format mappings.
 */
-export const IO_FORMAT = {
+export const CHR_ENC_CODE_PAGES = {
    "UTF-8 (65001)": 65001,
    "UTF-7 (65000)": 65000,
    "UTF-16LE (1200)": 1200,
@ -164,6 +166,57 @@ export const IO_FORMAT = {
    "Simplified Chinese GB18030 (54936)": 54936,
 };

+
+export const CHR_ENC_SIMPLE_LOOKUP = {};
+export const CHR_ENC_SIMPLE_REVERSE_LOOKUP = {};
+
+for (const name in CHR_ENC_CODE_PAGES) {
+    const simpleName = name.match(/(^.+)\([\d/]+\)$/)[1];
+
+    CHR_ENC_SIMPLE_LOOKUP[simpleName] = CHR_ENC_CODE_PAGES[name];
+    CHR_ENC_SIMPLE_REVERSE_LOOKUP[CHR_ENC_CODE_PAGES[name]] = simpleName;
+}
+
+
+/**
+ * Returns the width of the character set for the given codepage.
+ * For example, UTF-8 is a Single Byte Character Set, whereas
+ * UTF-16 is a Double Byte Character Set.
+ *
+ * @param {number} page - The codepage number
+ * @returns {number}
+ */
+export function chrEncWidth(page) {
+    if (typeof page !== "number") return 0;
+
+    // Raw Bytes have a width of 1
+    if (page === 0) return 1;
+
+    const pageStr = page.toString();
+    // Confirm this page is legitimate
+    if (!Object.prototype.hasOwnProperty.call(CHR_ENC_SIMPLE_REVERSE_LOOKUP, pageStr))
+        return 0;
+
+    // Statically defined code pages
+    if (Object.prototype.hasOwnProperty.call(cptable, pageStr))
+        return cptable[pageStr].dec.length > 256 ? 2 : 1;
+
+    // Cached code pages
+    if (cptable.utils.cache.sbcs.includes(pageStr))
+        return 1;
+    if (cptable.utils.cache.dbcs.includes(pageStr))
+        return 2;
+
+    // Dynamically generated code pages
+    if (Object.prototype.hasOwnProperty.call(cptable.utils.magic, pageStr)) {
+        // Generate a single character and measure it
+        const a = cptable.utils.encode(page, "a");
+        return a.length;
+    }
+
+    return 0;
+}
+
 /**
 * Unicode Normalisation Forms
 *
@ -171,8 +224,85 @@ export const IO_FORMAT = {
 * @copyright Crown Copyright 2019
 * @license Apache-2.0
 */
+export const UNICODE_NORMALISATION_FORMS = ["NFD", "NFC", "NFKD", "NFKC"];
+

 /**
- * Character encoding format mappings.
+ * Detects whether the input buffer is valid UTF8.
+ *
+ * @param {ArrayBuffer} data
+ * @returns {number} - 0 = not UTF8, 1 = ASCII, 2 = UTF8
 */
-export const UNICODE_NORMALISATION_FORMS = ["NFD", "NFC", "NFKD", "NFKC"];
+export function isUTF8(data) {
+    const bytes = new Uint8Array(data);
+    let i = 0;
+    let onlyASCII = true;
+    while (i < bytes.length) {
+        if (( // ASCII
+            bytes[i] === 0x09 ||
+            bytes[i] === 0x0A ||
+            bytes[i] === 0x0D ||
+            (0x20 <= bytes[i] && bytes[i] <= 0x7E)
+        )) {
+            i += 1;
+            continue;
+        }
+
+        onlyASCII = false;
+
+        if (( // non-overlong 2-byte
+            (0xC2 <= bytes[i] && bytes[i] <= 0xDF) &&
+            (0x80 <= bytes[i+1] && bytes[i+1] <= 0xBF)
+        )) {
+            i += 2;
+            continue;
+        }
+
+        if (( // excluding overlongs
+            bytes[i] === 0xE0 &&
+            (0xA0 <= bytes[i + 1] && bytes[i + 1] <= 0xBF) &&
+            (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF)
+        ) ||
+        ( // straight 3-byte
+            ((0xE1 <= bytes[i] && bytes[i] <= 0xEC) ||
+            bytes[i] === 0xEE ||
+            bytes[i] === 0xEF) &&
+            (0x80 <= bytes[i + 1] && bytes[i+1] <= 0xBF) &&
+            (0x80 <= bytes[i+2] && bytes[i+2] <= 0xBF)
+        ) ||
+        ( // excluding surrogates
+            bytes[i] === 0xED &&
+            (0x80 <= bytes[i+1] && bytes[i+1] <= 0x9F) &&
+            (0x80 <= bytes[i+2] && bytes[i+2] <= 0xBF)
+        )) {
+            i += 3;
+            continue;
+        }
+
+        if (( // planes 1-3
+            bytes[i] === 0xF0 &&
+            (0x90 <= bytes[i + 1] && bytes[i + 1] <= 0xBF) &&
+            (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF) &&
+            (0x80 <= bytes[i + 3] && bytes[i + 3] <= 0xBF)
+        ) ||
+        ( // planes 4-15
+            (0xF1 <= bytes[i] && bytes[i] <= 0xF3) &&
+            (0x80 <= bytes[i + 1] && bytes[i + 1] <= 0xBF) &&
+            (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF) &&
+            (0x80 <= bytes[i + 3] && bytes[i + 3] <= 0xBF)
+        ) ||
+        ( // plane 16
+            bytes[i] === 0xF4 &&
+            (0x80 <= bytes[i + 1] && bytes[i + 1] <= 0x8F) &&
+            (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF) &&
+            (0x80 <= bytes[i + 3] && bytes[i + 3] <= 0xBF)
+        )) {
+            i += 4;
+            continue;
+        }
+
+        return 0;
+    }
+
+    return onlyASCII ? 1 : 2;
+}
--- a/src/core/lib/CipherSaber2.mjs
+++ b/src/core/lib/CipherSaber2.mjs
@ -4,7 +4,7 @@
 * @license Apache-2.0
 */
 export function encode(tempIVP, key, rounds, input) {
-    const ivp = new Uint8Array(key.concat(tempIVP));
+    const ivp = new Uint8Array([...key, ...tempIVP]);
    const state = new Array(256).fill(0);
    let j = 0, i = 0;
    const result = [];
--- a/src/core/lib/Ciphers.mjs
+++ b/src/core/lib/Ciphers.mjs
@ -3,6 +3,7 @@
 *
 * @author Matt C [matt@artemisbot.uk]
 * @author n1474335 [n1474335@gmail.com]
+ * @author Evie H [evie@evie.sh]
 *
 * @copyright Crown Copyright 2018
 * @license Apache-2.0
@ -10,6 +11,7 @@
 */

 import OperationError from "../errors/OperationError.mjs";
+import Utils from "../Utils.mjs";
 import CryptoJS from "crypto-js";

 /**
@ -30,6 +32,10 @@ export function affineEncode(input, args) {
        throw new OperationError("The values of a and b can only be integers.");
    }

+    if (Utils.gcd(a, 26) !== 1) {
+        throw new OperationError("The value of `a` must be coprime to 26.");
+    }
+
    for (let i = 0; i < input.length; i++) {
        if (alphabet.indexOf(input[i]) >= 0) {
            // Uses the affine function ax+b % m = y (where m is length of the alphabet)
--- a/src/core/lib/Extract.mjs
+++ b/src/core/lib/Extract.mjs
@ -62,3 +62,9 @@ export const URL_REGEX = new RegExp(protocol + hostname + "(?:" + port + ")?(?:"
 * Domain name regular expression
 */
 export const DOMAIN_REGEX = /\b((?=[a-z0-9-]{1,63}\.)(xn--)?[a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,63}\b/ig;
+
+
+/**
+ * DMARC Domain name regular expression
+ */
+export const DMARC_DOMAIN_REGEX = /\b((?=[a-z0-9_-]{1,63}\.)(xn--)?[a-z0-9_]+(-[a-z0-9_]+)*\.)+[a-z]{2,63}\b/ig;
--- a/src/core/lib/FileSignatures.mjs
+++ b/src/core/lib/FileSignatures.mjs
@ -72,6 +72,27 @@ export const FILE_SIGNATURES = {
            },
            extractor: extractWEBP
        },
+        {
+            name: "High Efficiency Image File Format",
+            extension: "heic,heif",
+            mime: "image/heif",
+            description: "",
+            signature: {
+                0: 0x00,
+                1: 0x00,
+                2: 0x00,
+                3: [0x24, 0x18],
+                4: 0x66, // ftypheic
+                5: 0x74,
+                6: 0x79,
+                7: 0x70,
+                8: 0x68,
+                9: 0x65,
+                10: 0x69,
+                11: 0x63
+            },
+            extractor: null
+        },
        {
            name: "Camera Image File Format",
            extension: "crw",
@ -2727,7 +2748,7 @@ export function extractGIF(bytes, offset) {
        stream.moveForwardsBy(11);

        // Loop until next Graphic Control Extension.
-        while (stream.getBytes(2) !== [0x21, 0xf9]) {
+        while (!Array.from(stream.getBytes(2)).equals([0x21, 0xf9])) {
            stream.moveBackwardsBy(2);
            stream.moveForwardsBy(stream.readInt(1));
            if (!stream.readInt(1))
--- a/src/core/lib/Hex.mjs
+++ b/src/core/lib/Hex.mjs
@ -105,13 +105,17 @@ export function fromHex(data, delim="Auto", byteLen=2) {
        throw new OperationError("Byte length must be a positive integer");

    if (delim !== "None") {
-        const delimRegex = delim === "Auto" ? /[^a-f\d]|(0x)/gi : Utils.regexRep(delim);
-        data = data.replace(delimRegex, "");
+        const delimRegex = delim === "Auto" ? /[^a-f\d]|0x/gi : Utils.regexRep(delim);
+        data = data.split(delimRegex);
+    } else {
+        data = [data];
    }

    const output = [];
-    for (let i = 0; i < data.length; i += byteLen) {
-        output.push(parseInt(data.substr(i, byteLen), 16));
+    for (let i = 0; i < data.length; i++) {
+        for (let j = 0; j < data[i].length; j += byteLen) {
+            output.push(parseInt(data[i].substr(j, byteLen), 16));
+        }
    }
    return output;
 }
--- a/src/core/lib/JA4.mjs
+++ b/src/core/lib/JA4.mjs
@ -0,0 +1,264 @@
+/**
+ * JA4 resources.
+ *
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2024
+ * @license Apache-2.0
+ *
+ * JA4 Copyright 2023 FoxIO, LLC.
+ * @license BSD-3-Clause
+ */
+
+import OperationError from "../errors/OperationError.mjs";
+import { parseTLSRecord, parseHighestSupportedVersion, parseFirstALPNValue } from "./TLS.mjs";
+import { toHexFast } from "./Hex.mjs";
+import { runHash } from "./Hash.mjs";
+import Utils from "../Utils.mjs";
+
+
+/**
+ * Calculate the JA4 from a given TLS Client Hello Stream
+ * @param {Uint8Array} bytes
+ * @returns {string}
+ */
+export function toJA4(bytes) {
+    let tlsr = {};
+    try {
+        tlsr = parseTLSRecord(bytes);
+        if (tlsr.handshake.value.handshakeType.value !== 0x01) {
+            throw new Error();
+        }
+    } catch (err) {
+        throw new OperationError("Data is not a valid TLS Client Hello. QUIC is not yet supported.\n" + err);
+    }
+
+    /* QUIC
+        “q” or “t”, which denotes whether the hello packet is for QUIC or TCP.
+        TODO: Implement QUIC
+    */
+    const ptype = "t";
+
+    /* TLS Version
+        TLS version is shown in 3 different places. If extension 0x002b exists (supported_versions), then the version
+        is the highest value in the extension. Remember to ignore GREASE values. If the extension doesn’t exist, then
+        the TLS version is the value of the Protocol Version. Handshake version (located at the top of the packet)
+        should be ignored.
+    */
+    let version = tlsr.handshake.value.helloVersion.value;
+    for (const ext of tlsr.handshake.value.extensions.value) {
+        if (ext.type.value === "supported_versions") {
+            version = parseHighestSupportedVersion(ext.value.data);
+            break;
+        }
+    }
+    version = tlsVersionMapper(version);
+
+    /* SNI
+        If the SNI extension (0x0000) exists, then the destination of the connection is a domain, or “d” in the fingerprint.
+        If the SNI does not exist, then the destination is an IP address, or “i”.
+    */
+    let sni = "i";
+    for (const ext of tlsr.handshake.value.extensions.value) {
+        if (ext.type.value === "server_name") {
+            sni = "d";
+            break;
+        }
+    }
+
+    /* Number of Ciphers
+        2 character number of cipher suites, so if there’s 6 cipher suites in the hello packet, then the value should be “06”.
+        If there’s > 99, which there should never be, then output “99”. Remember, ignore GREASE values. They don’t count.
+    */
+    let cipherLen = 0;
+    for (const cs of tlsr.handshake.value.cipherSuites.value) {
+        if (cs.value !== "GREASE") cipherLen++;
+    }
+    cipherLen = cipherLen > 99 ? "99" : cipherLen.toString().padStart(2, "0");
+
+    /* Number of Extensions
+        Same as counting ciphers. Ignore GREASE. Include SNI and ALPN.
+    */
+    let extLen = 0;
+    for (const ext of tlsr.handshake.value.extensions.value) {
+        if (ext.type.value !== "GREASE") extLen++;
+    }
+    extLen = extLen > 99 ? "99" : extLen.toString().padStart(2, "0");
+
+    /* ALPN Extension Value
+        The first and last characters of the ALPN (Application-Layer Protocol Negotiation) first value.
+        If there are no ALPN values or no ALPN extension then we print “00” as the value in the fingerprint.
+    */
+    let alpn = "00";
+    for (const ext of tlsr.handshake.value.extensions.value) {
+        if (ext.type.value === "application_layer_protocol_negotiation") {
+            alpn = parseFirstALPNValue(ext.value.data);
+            alpn = alpn.charAt(0) + alpn.charAt(alpn.length - 1);
+            if (alpn.charCodeAt(0) > 127) alpn = "99";
+            break;
+        }
+    }
+
+    /* Cipher hash
+        A 12 character truncated sha256 hash of the list of ciphers sorted in hex order, first 12 characters.
+        The list is created using the 4 character hex values of the ciphers, lower case, comma delimited, ignoring GREASE.
+    */
+    const originalCiphersList = [];
+    for (const cs of tlsr.handshake.value.cipherSuites.value) {
+        if (cs.value !== "GREASE") {
+            originalCiphersList.push(toHexFast(cs.data));
+        }
+    }
+    const sortedCiphersList = [...originalCiphersList].sort();
+    const sortedCiphersRaw = sortedCiphersList.join(",");
+    const originalCiphersRaw = originalCiphersList.join(",");
+    const sortedCiphers = runHash(
+        "sha256",
+        Utils.strToArrayBuffer(sortedCiphersRaw)
+    ).substring(0, 12);
+    const originalCiphers = runHash(
+        "sha256",
+        Utils.strToArrayBuffer(originalCiphersRaw)
+    ).substring(0, 12);
+
+    /* Extension hash
+        A 12 character truncated sha256 hash of the list of extensions, sorted by hex value, followed by the list of signature
+        algorithms, in the order that they appear (not sorted).
+        The extension list is created using the 4 character hex values of the extensions, lower case, comma delimited, sorted
+        (not in the order they appear). Ignore the SNI extension (0000) and the ALPN extension (0010) as we’ve already captured
+        them in the a section of the fingerprint. These values are omitted so that the same application would have the same b
+        section of the fingerprint regardless of if it were going to a domain, IP, or changing ALPNs.
+    */
+    const originalExtensionsList = [];
+    let signatureAlgorithms = "";
+    for (const ext of tlsr.handshake.value.extensions.value) {
+        if (ext.type.value !== "GREASE") {
+            originalExtensionsList.push(toHexFast(ext.type.data));
+        }
+        if (ext.type.value === "signature_algorithms") {
+            signatureAlgorithms = toHexFast(ext.value.data.slice(2));
+            signatureAlgorithms = signatureAlgorithms.replace(/(.{4})/g, "$1,");
+            signatureAlgorithms = signatureAlgorithms.substring(0, signatureAlgorithms.length - 1);
+        }
+    }
+    const sortedExtensionsList = [...originalExtensionsList].filter(e => e !== "0000" && e !== "0010").sort();
+    const sortedExtensionsRaw = sortedExtensionsList.join(",") + "_" + signatureAlgorithms;
+    const originalExtensionsRaw = originalExtensionsList.join(",") + "_" + signatureAlgorithms;
+    const sortedExtensions = runHash(
+        "sha256",
+        Utils.strToArrayBuffer(sortedExtensionsRaw)
+    ).substring(0, 12);
+    const originalExtensions = runHash(
+        "sha256",
+        Utils.strToArrayBuffer(originalExtensionsRaw)
+    ).substring(0, 12);
+
+    return {
+        "JA4":    `${ptype}${version}${sni}${cipherLen}${extLen}${alpn}_${sortedCiphers}_${sortedExtensions}`,
+        "JA4_o":  `${ptype}${version}${sni}${cipherLen}${extLen}${alpn}_${originalCiphers}_${originalExtensions}`,
+        "JA4_r":  `${ptype}${version}${sni}${cipherLen}${extLen}${alpn}_${sortedCiphersRaw}_${sortedExtensionsRaw}`,
+        "JA4_ro": `${ptype}${version}${sni}${cipherLen}${extLen}${alpn}_${originalCiphersRaw}_${originalExtensionsRaw}`,
+    };
+}
+
+
+/**
+ * Calculate the JA4Server from a given TLS Server Hello Stream
+ * @param {Uint8Array} bytes
+ * @returns {string}
+ */
+export function toJA4S(bytes) {
+    let tlsr = {};
+    try {
+        tlsr = parseTLSRecord(bytes);
+        if (tlsr.handshake.value.handshakeType.value !== 0x02) {
+            throw new Error();
+        }
+    } catch (err) {
+        throw new OperationError("Data is not a valid TLS Server Hello. QUIC is not yet supported.\n" + err);
+    }
+
+    /* QUIC
+        “q” or “t”, which denotes whether the hello packet is for QUIC or TCP.
+        TODO: Implement QUIC
+    */
+    const ptype = "t";
+
+    /* TLS Version
+        TLS version is shown in 3 different places. If extension 0x002b exists (supported_versions), then the version
+        is the highest value in the extension. Remember to ignore GREASE values. If the extension doesn’t exist, then
+        the TLS version is the value of the Protocol Version. Handshake version (located at the top of the packet)
+        should be ignored.
+    */
+    let version = tlsr.handshake.value.helloVersion.value;
+    for (const ext of tlsr.handshake.value.extensions.value) {
+        if (ext.type.value === "supported_versions") {
+            version = parseHighestSupportedVersion(ext.value.data);
+            break;
+        }
+    }
+    version = tlsVersionMapper(version);
+
+    /* Number of Extensions
+        2 character number of cipher suites, so if there’s 6 cipher suites in the hello packet, then the value should be “06”.
+        If there’s > 99, which there should never be, then output “99”.
+    */
+    let extLen = tlsr.handshake.value.extensions.value.length;
+    extLen = extLen > 99 ? "99" : extLen.toString().padStart(2, "0");
+
+    /* ALPN Extension Chosen Value
+        The first and last characters of the ALPN (Application-Layer Protocol Negotiation) first value.
+        If there are no ALPN values or no ALPN extension then we print “00” as the value in the fingerprint.
+    */
+    let alpn = "00";
+    for (const ext of tlsr.handshake.value.extensions.value) {
+        if (ext.type.value === "application_layer_protocol_negotiation") {
+            alpn = parseFirstALPNValue(ext.value.data);
+            alpn = alpn.charAt(0) + alpn.charAt(alpn.length - 1);
+            if (alpn.charCodeAt(0) > 127) alpn = "99";
+            break;
+        }
+    }
+
+    /* Chosen Cipher
+        The hex value of the chosen cipher suite
+    */
+    const cipher = toHexFast(tlsr.handshake.value.cipherSuite.data);
+
+    /* Extension hash
+        A 12 character truncated sha256 hash of the list of extensions.
+        The extension list is created using the 4 character hex values of the extensions, lower case, comma delimited.
+    */
+    const extensionsList = [];
+    for (const ext of tlsr.handshake.value.extensions.value) {
+        extensionsList.push(toHexFast(ext.type.data));
+    }
+    const extensionsRaw = extensionsList.join(",");
+    const extensionsHash = runHash(
+        "sha256",
+        Utils.strToArrayBuffer(extensionsRaw)
+    ).substring(0, 12);
+
+    return {
+        "JA4S":    `${ptype}${version}${extLen}${alpn}_${cipher}_${extensionsHash}`,
+        "JA4S_r":  `${ptype}${version}${extLen}${alpn}_${cipher}_${extensionsRaw}`,
+    };
+}
+
+
+/**
+ * Takes a TLS version value and returns a JA4 TLS version string
+ * @param {Uint8Array} version - Two byte array of version number
+ * @returns {string}
+ */
+function tlsVersionMapper(version) {
+    switch (version) {
+        case 0x0304: return "13"; // TLS 1.3
+        case 0x0303: return "12"; // TLS 1.2
+        case 0x0302: return "11"; // TLS 1.1
+        case 0x0301: return "10"; // TLS 1.0
+        case 0x0300: return "s3"; // SSL 3.0
+        case 0x0200: return "s2"; // SSL 2.0
+        case 0x0100: return "s1"; // SSL 1.0
+        default: return "00"; // Unknown
+    }
+}
--- a/src/core/lib/LZNT1.mjs
+++ b/src/core/lib/LZNT1.mjs
@ -0,0 +1,88 @@
+/**
+ *
+ * LZNT1 Decompress.
+ *
+ * @author 0xThiebaut [thiebaut.dev]
+ * @copyright Crown Copyright 2023
+ * @license Apache-2.0
+ *
+ * https://github.com/Velocidex/go-ntfs/blob/master/parser%2Flznt1.go
+ */
+
+import Utils from "../Utils.mjs";
+import OperationError from "../errors/OperationError.mjs";
+
+const COMPRESSED_MASK = 1 << 15,
+    SIZE_MASK = (1 << 12) - 1;
+
+/**
+ * @param {number} offset
+ * @returns {number}
+ */
+function getDisplacement(offset) {
+    let result = 0;
+    while (offset >= 0x10) {
+        offset >>= 1;
+        result += 1;
+    }
+    return result;
+}
+
+/**
+ * @param {byteArray} compressed
+ * @returns {byteArray}
+ */
+export function decompress(compressed) {
+    const decompressed = Array();
+    let coffset = 0;
+
+    while (coffset + 2 <= compressed.length) {
+        const doffset = decompressed.length;
+
+        const blockHeader = Utils.byteArrayToInt(compressed.slice(coffset, coffset + 2), "little");
+        coffset += 2;
+
+        const size = blockHeader & SIZE_MASK;
+        const blockEnd = coffset + size + 1;
+
+        if (size === 0) {
+            break;
+        } else if (compressed.length < coffset + size) {
+            throw new OperationError("Malformed LZNT1 stream: Block too small! Has the stream been truncated?");
+        }
+
+        if ((blockHeader & COMPRESSED_MASK) !== 0) {
+            while (coffset < blockEnd) {
+                let header = compressed[coffset++];
+
+                for (let i = 0; i < 8 && coffset < blockEnd; i++) {
+                    if ((header & 1) === 0) {
+                        decompressed.push(compressed[coffset++]);
+                    } else {
+                        const pointer = Utils.byteArrayToInt(compressed.slice(coffset, coffset + 2), "little");
+                        coffset += 2;
+
+                        const displacement = getDisplacement(decompressed.length - doffset - 1);
+                        const symbolOffset = (pointer >> (12 - displacement)) + 1;
+                        const symbolLength = (pointer & (0xFFF >> displacement)) + 2;
+                        const shiftOffset = decompressed.length - symbolOffset;
+
+                        for (let shiftDelta = 0; shiftDelta < symbolLength + 1; shiftDelta++) {
+                            const shift = shiftOffset + shiftDelta;
+                            if (shift < 0 || decompressed.length <= shift) {
+                                throw new OperationError("Malformed LZNT1 stream: Invalid shift!");
+                            }
+                            decompressed.push(decompressed[shift]);
+                        }
+                    }
+                    header >>= 1;
+                }
+            }
+        } else {
+            decompressed.push(...compressed.slice(coffset, coffset + size + 1));
+            coffset += size + 1;
+        }
+    }
+
+    return decompressed;
+}
--- a/src/core/lib/LZString.mjs
+++ b/src/core/lib/LZString.mjs
@ -0,0 +1,21 @@
+/**
+ * lz-string exports.
+ *
+ * @author crespyl [peter@crespyl.net]
+ * @copyright Peter Jacobs 2021
+ * @license Apache-2.0
+ */
+
+import LZString from "lz-string";
+
+export const COMPRESSION_OUTPUT_FORMATS = ["default", "UTF16", "Base64"];
+export const COMPRESSION_FUNCTIONS = {
+    "default": LZString.compress,
+    "UTF16":   LZString.compressToUTF16,
+    "Base64":  LZString.compressToBase64,
+};
+export const DECOMPRESSION_FUNCTIONS = {
+    "default": LZString.decompress,
+    "UTF16":   LZString.decompressFromUTF16,
+    "Base64":  LZString.decompressFromBase64,
+};
--- a/src/core/lib/Magic.mjs
+++ b/src/core/lib/Magic.mjs
@ -3,6 +3,7 @@ import Utils, { isWorkerEnvironment } from "../Utils.mjs";
 import Recipe from "../Recipe.mjs";
 import Dish from "../Dish.mjs";
 import {detectFileType, isType} from "./FileType.mjs";
+import {isUTF8} from "./ChrEnc.mjs";
 import chiSquared from "chi-squared";

 /**
@ -111,82 +112,6 @@ class Magic {
        };
    }

-    /**
-     * Detects whether the input buffer is valid UTF8.
-     *
-     * @returns {boolean}
-     */
-    isUTF8() {
-        const bytes = new Uint8Array(this.inputBuffer);
-        let i = 0;
-        while (i < bytes.length) {
-            if (( // ASCII
-                bytes[i] === 0x09 ||
-                bytes[i] === 0x0A ||
-                bytes[i] === 0x0D ||
-                (0x20 <= bytes[i] && bytes[i] <= 0x7E)
-            )) {
-                i += 1;
-                continue;
-            }
-
-            if (( // non-overlong 2-byte
-                (0xC2 <= bytes[i] && bytes[i] <= 0xDF) &&
-                (0x80 <= bytes[i+1] && bytes[i+1] <= 0xBF)
-            )) {
-                i += 2;
-                continue;
-            }
-
-            if (( // excluding overlongs
-                bytes[i] === 0xE0 &&
-                (0xA0 <= bytes[i + 1] && bytes[i + 1] <= 0xBF) &&
-                (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF)
-            ) ||
-            ( // straight 3-byte
-                ((0xE1 <= bytes[i] && bytes[i] <= 0xEC) ||
-                bytes[i] === 0xEE ||
-                bytes[i] === 0xEF) &&
-                (0x80 <= bytes[i + 1] && bytes[i+1] <= 0xBF) &&
-                (0x80 <= bytes[i+2] && bytes[i+2] <= 0xBF)
-            ) ||
-            ( // excluding surrogates
-                bytes[i] === 0xED &&
-                (0x80 <= bytes[i+1] && bytes[i+1] <= 0x9F) &&
-                (0x80 <= bytes[i+2] && bytes[i+2] <= 0xBF)
-            )) {
-                i += 3;
-                continue;
-            }
-
-            if (( // planes 1-3
-                bytes[i] === 0xF0 &&
-                (0x90 <= bytes[i + 1] && bytes[i + 1] <= 0xBF) &&
-                (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF) &&
-                (0x80 <= bytes[i + 3] && bytes[i + 3] <= 0xBF)
-            ) ||
-            ( // planes 4-15
-                (0xF1 <= bytes[i] && bytes[i] <= 0xF3) &&
-                (0x80 <= bytes[i + 1] && bytes[i + 1] <= 0xBF) &&
-                (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF) &&
-                (0x80 <= bytes[i + 3] && bytes[i + 3] <= 0xBF)
-            ) ||
-            ( // plane 16
-                bytes[i] === 0xF4 &&
-                (0x80 <= bytes[i + 1] && bytes[i + 1] <= 0x8F) &&
-                (0x80 <= bytes[i + 2] && bytes[i + 2] <= 0xBF) &&
-                (0x80 <= bytes[i + 3] && bytes[i + 3] <= 0xBF)
-            )) {
-                i += 4;
-                continue;
-            }
-
-            return false;
-        }
-
-        return true;
-    }
-
    /**
     * Calculates the Shannon entropy of the input data.
     *
@ -336,7 +261,7 @@ class Magic {
            data: this.inputStr.slice(0, 100),
            languageScores: this.detectLanguage(extLang),
            fileType: this.detectFileType(),
-            isUTF8: this.isUTF8(),
+            isUTF8: !!isUTF8(this.inputBuffer),
            entropy: this.calcEntropy(),
            matchingOps: matchingOps,
            useful: useful,
--- a/src/core/lib/Modhex.mjs
+++ b/src/core/lib/Modhex.mjs
@ -0,0 +1,165 @@
+/**
+ * @author linuxgemini [ilteris@asenkron.com.tr]
+ * @copyright Crown Copyright 2024
+ * @license Apache-2.0
+ */
+
+import Utils from "../Utils.mjs";
+import OperationError from "../errors/OperationError.mjs";
+import { fromHex, toHex } from "./Hex.mjs";
+
+/**
+ * Modhex alphabet.
+ */
+const MODHEX_ALPHABET = "cbdefghijklnrtuv";
+
+
+/**
+ * Modhex alphabet map.
+ */
+const MODHEX_ALPHABET_MAP = MODHEX_ALPHABET.split("");
+
+
+/**
+ * Hex alphabet to substitute Modhex.
+ */
+const HEX_ALPHABET = "0123456789abcdef";
+
+
+/**
+ * Hex alphabet map to substitute Modhex.
+ */
+const HEX_ALPHABET_MAP = HEX_ALPHABET.split("");
+
+
+/**
+ * Convert a byte array into a modhex string.
+ *
+ * @param {byteArray|Uint8Array|ArrayBuffer} data
+ * @param {string} [delim=" "]
+ * @param {number} [padding=2]
+ * @returns {string}
+ *
+ * @example
+ * // returns "cl bf bu"
+ * toModhex([10,20,30]);
+ *
+ * // returns "cl:bf:bu"
+ * toModhex([10,20,30], ":");
+ */
+export function toModhex(data, delim=" ", padding=2, extraDelim="", lineSize=0) {
+    if (!data) return "";
+    if (data instanceof ArrayBuffer) data = new Uint8Array(data);
+
+    const regularHexString = toHex(data, "", padding, "", 0);
+
+    let modhexString = "";
+    for (const letter of regularHexString.split("")) {
+        modhexString += MODHEX_ALPHABET_MAP[HEX_ALPHABET_MAP.indexOf(letter)];
+    }
+
+    let output = "";
+    const groupingRegexp = new RegExp(`.{1,${padding}}`, "g");
+    const groupedModhex = modhexString.match(groupingRegexp);
+
+    for (let i = 0; i < groupedModhex.length; i++) {
+        const group = groupedModhex[i];
+        output += group + delim;
+
+        if (extraDelim) {
+            output += extraDelim;
+        }
+        // Add LF after each lineSize amount of bytes but not at the end
+        if ((i !== groupedModhex.length - 1) && ((i + 1) % lineSize === 0)) {
+            output += "\n";
+        }
+    }
+
+    // Remove the extraDelim at the end (if there is one)
+    // and remove the delim at the end, but if it's prepended there's nothing to remove
+    const rTruncLen = extraDelim.length + delim.length;
+    if (rTruncLen) {
+        // If rTruncLen === 0 then output.slice(0,0) will be returned, which is nothing
+        return output.slice(0, -rTruncLen);
+    } else {
+        return output;
+    }
+}
+
+
+/**
+ * Convert a byte array into a modhex string as efficiently as possible with no options.
+ *
+ * @param {byteArray|Uint8Array|ArrayBuffer} data
+ * @returns {string}
+ *
+ * @example
+ * // returns "clbfbu"
+ * toModhexFast([10,20,30]);
+ */
+export function toModhexFast(data) {
+    if (!data) return "";
+    if (data instanceof ArrayBuffer) data = new Uint8Array(data);
+
+    const output = [];
+
+    for (let i = 0; i < data.length; i++) {
+        output.push(MODHEX_ALPHABET_MAP[(data[i] >> 4) & 0xf]);
+        output.push(MODHEX_ALPHABET_MAP[data[i] & 0xf]);
+    }
+    return output.join("");
+}
+
+
+/**
+ * Convert a modhex string into a byte array.
+ *
+ * @param {string} data
+ * @param {string} [delim]
+ * @param {number} [byteLen=2]
+ * @returns {byteArray}
+ *
+ * @example
+ * // returns [10,20,30]
+ * fromModhex("cl bf bu");
+ *
+ * // returns [10,20,30]
+ * fromModhex("cl:bf:bu", "Colon");
+ */
+export function fromModhex(data, delim="Auto", byteLen=2) {
+    if (byteLen < 1 || Math.round(byteLen) !== byteLen)
+        throw new OperationError("Byte length must be a positive integer");
+
+    // The `.replace(/\s/g, "")` an interesting workaround: Hex "multiline" tests aren't actually
+    // multiline. Tests for Modhex fixes that, thus exposing the issue.
+    data = data.toLowerCase().replace(/\s/g, "");
+
+    if (delim !== "None") {
+        const delimRegex = delim === "Auto" ? /[^cbdefghijklnrtuv]/gi : Utils.regexRep(delim);
+        data = data.split(delimRegex);
+    } else {
+        data = [data];
+    }
+
+    let regularHexString = "";
+    for (let i = 0; i < data.length; i++) {
+        for (const letter of data[i].split("")) {
+            regularHexString += HEX_ALPHABET_MAP[MODHEX_ALPHABET_MAP.indexOf(letter)];
+        }
+    }
+
+    const output = fromHex(regularHexString, "None", byteLen);
+    return output;
+}
+
+
+/**
+ * To Modhex delimiters.
+ */
+export const TO_MODHEX_DELIM_OPTIONS = ["Space", "Percent", "Comma", "Semi-colon", "Colon", "Line feed", "CRLF", "None"];
+
+
+/**
+ * From Modhex delimiters.
+ */
+export const FROM_MODHEX_DELIM_OPTIONS = ["Auto"].concat(TO_MODHEX_DELIM_OPTIONS);
--- a/src/core/lib/Protobuf.mjs
+++ b/src/core/lib/Protobuf.mjs
@ -184,7 +184,7 @@ class Protobuf {
                bytes: String,
                longs: Number,
                enums: String,
-                defualts: true
+                defaults: true
            });
            const output = {};

--- a/src/core/lib/Protocol.mjs
+++ b/src/core/lib/Protocol.mjs
@ -26,6 +26,9 @@ export function objToTable(obj, nested=false) {
        </tr>`;

    for (const key in obj) {
+        if (typeof obj[key] === "function")
+            continue;
+
        html += `<tr><td style='word-wrap: break-word'>${key}</td>`;
        if (typeof obj[key] === "object")
            html += `<td style='padding: 0'>${objToTable(obj[key], true)}</td>`;
--- a/src/core/lib/QRCode.mjs
+++ b/src/core/lib/QRCode.mjs
@ -10,8 +10,7 @@ import OperationError from "../errors/OperationError.mjs";
 import jsQR from "jsqr";
 import qr from "qr-image";
 import Utils from "../Utils.mjs";
-import jimplib from "jimp/es/index.js";
-const jimp = jimplib.default ? jimplib.default : jimplib;
+import Jimp from "jimp/es/index.js";

 /**
 * Parses a QR code image from an image
@ -23,7 +22,7 @@ const jimp = jimplib.default ? jimplib.default : jimplib;
 export async function parseQrCode(input, normalise) {
    let image;
    try {
-        image = await jimp.read(input);
+        image = await Jimp.read(input);
    } catch (err) {
        throw new OperationError(`Error opening image. (${err})`);
    }
@ -34,8 +33,8 @@ export async function parseQrCode(input, normalise) {
            image.background(0xFFFFFFFF);
            image.normalize();
            image.greyscale();
-            image = await image.getBufferAsync(jimp.MIME_JPEG);
-            image = await jimp.read(image);
+            image = await image.getBufferAsync(Jimp.MIME_JPEG);
+            image = await Jimp.read(image);
        }
    } catch (err) {
        throw new OperationError(`Error normalising image. (${err})`);
--- a/src/core/lib/SM2.mjs
+++ b/src/core/lib/SM2.mjs
@ -0,0 +1,258 @@
+/**
+ * Utilities and operations utilized for SM2 encryption and decryption
+ * @author flakjacket95 [dflack95@gmail.com]
+ * @copyright Crown Copyright 2024
+ * @license Apache-2.0
+ */
+
+import OperationError from "../errors/OperationError.mjs";
+import { fromHex } from "../lib/Hex.mjs";
+import Utils from "../Utils.mjs";
+import Sm3 from "crypto-api/src/hasher/sm3.mjs";
+import {toHex} from "crypto-api/src/encoder/hex.mjs";
+import r from "jsrsasign";
+
+/**
+ * SM2 Class for encryption and decryption operations
+ */
+export class SM2 {
+    /**
+     * Constructor for SM2 class; sets up with the curve and the output format as specified in user args
+     *
+     * @param {*} curve
+     * @param {*} format
+     */
+    constructor(curve, format) {
+        this.ecParams = null;
+        this.rng = new r.SecureRandom();
+        /*
+        For any additional curve definitions utilized by SM2, add another block like the below for that curve, then add the curve name to the Curve selection dropdown
+        */
+        r.crypto.ECParameterDB.regist(
+            "sm2p256v1", // name / p = 2**256 - 2**224 - 2**96 + 2**64 - 1
+            256,
+            "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF", // p
+            "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC", // a
+            "28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93", // b
+            "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123", // n
+            "1", // h
+            "32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7", // gx
+            "BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0", // gy
+            []
+        ); // alias
+        this.ecParams = r.crypto.ECParameterDB.getByName(curve);
+
+        this.format = format;
+    }
+
+    /**
+     * Set the public key coordinates for the SM2 class
+     *
+     * @param {string} publicKeyX
+     * @param {string} publicKeyY
+     */
+    setPublicKey(publicKeyX, publicKeyY) {
+        /*
+        * TODO: This needs some additional length validation; and checking for errors in the decoding process
+        * TODO: Can probably support other public key encoding methods here as well in the future
+        */
+        this.publicKey = this.ecParams.curve.decodePointHex("04" + publicKeyX + publicKeyY);
+
+        if (this.publicKey.isInfinity()) {
+            throw new OperationError("Invalid Public Key");
+        }
+    }
+
+    /**
+     * Set the private key value for the SM2 class
+     *
+     * @param {string} privateKey
+     */
+    setPrivateKey(privateKeyHex) {
+        this.privateKey = new r.BigInteger(privateKeyHex, 16);
+    }
+
+    /**
+     * Main encryption function; takes user input, processes encryption and returns the result in hex (with the components arranged as configured by the user args)
+     *
+     * @param {*} input
+     * @returns {string}
+     */
+    encrypt(input) {
+        const G = this.ecParams.G;
+
+        /*
+        * Compute a new, random public key along the same elliptic curve to form the starting point for our encryption process (record the resulting X and Y as hex to provide as part of the operation output)
+        * k: Randomly generated BigInteger
+        * c1: Result of dotting our curve generator point `G` with the value of `k`
+        */
+        const k = this.generatePublicKey();
+        const c1 = G.multiply(k);
+        const [hexC1X, hexC1Y] = this.getPointAsHex(c1);
+
+        /*
+        * Compute p2 (secret) using the public key, and the chosen k value above
+        */
+        const p2 = this.publicKey.multiply(k);
+
+        /*
+        * Compute the C3 SM3 hash before we transform the array
+        */
+        const c3 = this.c3(p2, input);
+
+        /*
+        * Genreate a proper length encryption key, XOR iteratively, and convert newly encrypted data to hex
+        */
+        const key = this.kdf(p2, input.byteLength);
+        for (let i = 0; i < input.byteLength; i++) {
+            input[i] ^= Utils.ord(key[i]);
+        }
+        const c2 = Buffer.from(input).toString("hex");
+
+        /*
+         * Check user input specs; order the output components as selected
+         */
+        if (this.format === "C1C3C2") {
+            return hexC1X + hexC1Y + c3 + c2;
+        } else {
+            return hexC1X + hexC1Y + c2 + c3;
+        }
+    }
+    /**
+     * Function to decrypt an SM2 encrypted message
+     *
+     * @param {*} input
+     */
+    decrypt(input) {
+        const c1X = input.slice(0, 64);
+        const c1Y = input.slice(64, 128);
+
+        let c3 = "";
+        let c2 = "";
+
+        if (this.format === "C1C3C2") {
+            c3 = input.slice(128, 192);
+            c2 = input.slice(192);
+        } else {
+            c2 = input.slice(128, -64);
+            c3 = input.slice(-64);
+        }
+        c2 = Uint8Array.from(fromHex(c2));
+        const c1 = this.ecParams.curve.decodePointHex("04" + c1X + c1Y);
+
+        /*
+        * Compute the p2 (secret) value by taking the C1 point provided in the encrypted package, and multiplying by the private k value
+        */
+        const p2 = c1.multiply(this.privateKey);
+
+        /*
+         * Similar to encryption; compute sufficient length key material and XOR the input data to recover the original message
+         */
+        const key = this.kdf(p2, c2.byteLength);
+
+        for (let i = 0; i < c2.byteLength; i++) {
+            c2[i] ^= Utils.ord(key[i]);
+        }
+
+        const check = this.c3(p2, c2);
+        if (check === c3) {
+            return c2.buffer;
+        } else {
+            throw new OperationError("Decryption Error -- Computed Hashes Do Not Match");
+        }
+    }
+
+
+    /**
+     * Generates a large random number
+     *
+     * @param {*} limit
+     * @returns
+     */
+    getBigRandom(limit) {
+        return new r.BigInteger(limit.bitLength(), this.rng)
+	    .mod(limit.subtract(r.BigInteger.ONE))
+	    .add(r.BigInteger.ONE);
+    }
+
+    /**
+     * Helper function for generating a large random K number; utilized for generating our initial C1 point
+     * TODO: Do we need to do any sort of validation on the resulting k values?
+     *
+     * @returns {BigInteger}
+     */
+    generatePublicKey() {
+        const n = this.ecParams.n;
+        const k = this.getBigRandom(n);
+        return k;
+    }
+
+    /**
+     * SM2 Key Derivation Function (KDF); Takes P2 point, and generates a key material stream large enough to encrypt all of the input data
+     *
+     * @param {*} p2
+     * @param {*} len
+     * @returns {string}
+     */
+    kdf(p2, len) {
+        const [hX, hY] = this.getPointAsHex(p2);
+
+        const total = Math.ceil(len / 32) + 1;
+        let cnt = 1;
+
+        let keyMaterial = "";
+
+        while (cnt < total) {
+            const num = Utils.intToByteArray(cnt, 4, "big");
+            const overall = fromHex(hX).concat(fromHex(hY)).concat(num);
+            keyMaterial += this.sm3(overall);
+            cnt++;
+        }
+        return keyMaterial;
+    }
+
+    /**
+     * Calculates the C3 component of our final encrypted payload; which is the SM3 hash of the P2 point and the original, unencrypted input data
+     *
+     * @param {*} p2
+     * @param {*} input
+     * @returns {string}
+     */
+    c3(p2, input) {
+        const [hX, hY] = this.getPointAsHex(p2);
+
+        const overall = fromHex(hX).concat(Array.from(input)).concat(fromHex(hY));
+
+        return toHex(this.sm3(overall));
+
+    }
+
+    /**
+     * SM3 setup helper function; takes input data as an array, processes the hash and returns the result
+     *
+     * @param {*} data
+     * @returns {string}
+     */
+    sm3(data) {
+        const hashData = Utils.arrayBufferToStr(Uint8Array.from(data).buffer, false);
+        const hasher = new Sm3();
+        hasher.update(hashData);
+        return hasher.finalize();
+    }
+
+    /**
+    * Utility function, returns an elliptic curve points X and Y values as hex;
+    *
+    * @param {EcPointFp} point
+    * @returns {[]}
+    */
+    getPointAsHex(point) {
+        const biX = point.getX().toBigInteger();
+        const biY = point.getY().toBigInteger();
+
+        const charlen = this.ecParams.keycharlen;
+        const hX   = ("0000000000" + biX.toString(16)).slice(- charlen);
+        const hY   = ("0000000000" + biY.toString(16)).slice(- charlen);
+        return [hX, hY];
+    }
+}
--- a/src/core/lib/Salsa20.mjs
+++ b/src/core/lib/Salsa20.mjs
@ -0,0 +1,144 @@
+/**
+ * @author joostrijneveld [joost@joostrijneveld.nl]
+ * @copyright Crown Copyright 2024
+ * @license Apache-2.0
+ */
+
+import Utils from "../Utils.mjs";
+
+/**
+ * Computes the Salsa20 permute function
+ *
+ * @param {byteArray} x
+ * @param {integer} rounds
+ */
+function salsa20Permute(x, rounds) {
+    /**
+     * Macro to compute a 32-bit rotate-left operation
+     *
+     * @param {integer} x
+     * @param {integer} n
+     * @returns {integer}
+     */
+    function ROL32(x, n) {
+        return ((x << n) & 0xFFFFFFFF) | (x >>> (32 - n));
+    }
+
+    /**
+     * Macro to compute a single Salsa20 quarterround operation
+     *
+     * @param {integer} x
+     * @param {integer} a
+     * @param {integer} b
+     * @param {integer} c
+     * @param {integer} d
+     * @returns {integer}
+     */
+    function quarterround(x, a, b, c, d) {
+        x[b] ^= ROL32((x[a] + x[d]) & 0xFFFFFFFF, 7);
+        x[c] ^= ROL32((x[b] + x[a]) & 0xFFFFFFFF, 9);
+        x[d] ^= ROL32((x[c] + x[b]) & 0xFFFFFFFF, 13);
+        x[a] ^= ROL32((x[d] + x[c]) & 0xFFFFFFFF, 18);
+    }
+
+    for (let i = 0; i < rounds / 2; i++)  {
+        quarterround(x, 0, 4, 8, 12);
+        quarterround(x, 5, 9, 13, 1);
+        quarterround(x, 10, 14, 2, 6);
+        quarterround(x, 15, 3, 7, 11);
+        quarterround(x, 0, 1, 2, 3);
+        quarterround(x, 5, 6, 7, 4);
+        quarterround(x, 10, 11, 8, 9);
+        quarterround(x, 15, 12, 13, 14);
+    }
+}
+
+/**
+ * Computes the Salsa20 block function
+ *
+ * @param {byteArray} key
+ * @param {byteArray} nonce
+ * @param {byteArray} counter
+ * @param {integer} rounds
+ * @returns {byteArray}
+ */
+export function salsa20Block(key, nonce, counter, rounds) {
+    const tau = "expand 16-byte k";
+    const sigma = "expand 32-byte k";
+    let state, c;
+    if (key.length === 16) {
+        c = Utils.strToByteArray(tau);
+        key = key.concat(key);
+    } else {
+        c = Utils.strToByteArray(sigma);
+    }
+
+    state = c.slice(0, 4);
+    state = state.concat(key.slice(0, 16));
+    state = state.concat(c.slice(4, 8));
+    state = state.concat(nonce);
+    state = state.concat(counter);
+    state = state.concat(c.slice(8, 12));
+    state = state.concat(key.slice(16, 32));
+    state = state.concat(c.slice(12, 16));
+
+    const x = Array();
+    for (let i = 0; i < 64; i += 4) {
+        x.push(Utils.byteArrayToInt(state.slice(i, i + 4), "little"));
+    }
+    const a = [...x];
+
+    salsa20Permute(x, rounds);
+
+    for (let i = 0; i < 16; i++) {
+        x[i] = (x[i] + a[i]) & 0xFFFFFFFF;
+    }
+
+    let output = Array();
+    for (let i = 0; i < 16; i++) {
+        output = output.concat(Utils.intToByteArray(x[i], 4, "little"));
+    }
+    return output;
+}
+
+/**
+ * Computes the hSalsa20 function
+ *
+ * @param {byteArray} key
+ * @param {byteArray} nonce
+ * @param {integer} rounds
+ * @returns {byteArray}
+ */
+export function hsalsa20(key, nonce, rounds) {
+    const tau = "expand 16-byte k";
+    const sigma = "expand 32-byte k";
+    let state, c;
+    if (key.length === 16) {
+        c = Utils.strToByteArray(tau);
+        key = key.concat(key);
+    } else {
+        c = Utils.strToByteArray(sigma);
+    }
+
+    state = c.slice(0, 4);
+    state = state.concat(key.slice(0, 16));
+    state = state.concat(c.slice(4, 8));
+    state = state.concat(nonce);
+    state = state.concat(c.slice(8, 12));
+    state = state.concat(key.slice(16, 32));
+    state = state.concat(c.slice(12, 16));
+
+    const x = Array();
+    for (let i = 0; i < 64; i += 4) {
+        x.push(Utils.byteArrayToInt(state.slice(i, i + 4), "little"));
+    }
+
+    salsa20Permute(x, rounds);
+
+    let output = Array();
+    const idx = [0, 5, 10, 15, 6, 7, 8, 9];
+    for (let i = 0; i < 8; i++) {
+        output = output.concat(Utils.intToByteArray(x[idx[i]], 4, "little"));
+    }
+    return output;
+}
--- a/src/core/lib/Sort.mjs
+++ b/src/core/lib/Sort.mjs
@ -103,3 +103,15 @@ export function hexadecimalSort(a, b) {

    return a.localeCompare(b);
 }
+
+/**
+ * Comparison operation for sorting by length
+ *
+ * @param {string} a
+ * @param {string} b
+ * @returns {number}
+ */
+export function lengthSort(a, b) {
+    return a.length - b.length;
+}
+
--- a/src/core/lib/Stream.mjs
+++ b/src/core/lib/Stream.mjs
@ -18,12 +18,23 @@ export default class Stream {
     * Stream constructor.
     *
     * @param {Uint8Array} input
+     * @param {number} pos
+     * @param {number} bitPos
     */
-    constructor(input) {
+    constructor(input, pos=0, bitPos=0) {
        this.bytes = input;
        this.length = this.bytes.length;
-        this.position = 0;
-        this.bitPos = 0;
+        this.position = pos;
+        this.bitPos = bitPos;
+    }
+
+    /**
+     * Clone this Stream returning a new identical Stream.
+     *
+     * @returns {Stream}
+     */
+    clone() {
+        return new Stream(this.bytes, this.position, this.bitPos);
    }

    /**
--- a/src/core/lib/TLS.mjs
+++ b/src/core/lib/TLS.mjs
@ -0,0 +1,877 @@
+/**
+ * TLS resources.
+ *
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2024
+ * @license Apache-2.0
+ */
+
+import OperationError from "../errors/OperationError.mjs";
+import Stream from "../lib/Stream.mjs";
+
+/**
+ * Parse a TLS Record
+ * @param {Uint8Array} bytes
+ * @returns {JSON}
+ */
+export function parseTLSRecord(bytes) {
+    const s = new Stream(bytes);
+    const b = s.clone();
+    const r = {};
+
+    // Content type
+    r.contentType = {
+        description: "Content Type",
+        length: 1,
+        data: b.getBytes(1),
+        value: s.readInt(1)
+    };
+    if (r.contentType.value !== 0x16)
+        throw new OperationError("Not handshake data.");
+
+    // Version
+    r.version = {
+        description: "Protocol Version",
+        length: 2,
+        data: b.getBytes(2),
+        value: s.readInt(2)
+    };
+
+    // Length
+    r.length = {
+        description: "Record Length",
+        length: 2,
+        data: b.getBytes(2),
+        value: s.readInt(2)
+    };
+    if (s.length !== r.length.value + 5)
+        throw new OperationError("Incorrect handshake length.");
+
+    // Handshake
+    r.handshake = {
+        description: "Handshake",
+        length: r.length.value,
+        data: b.getBytes(r.length.value),
+        value: parseHandshake(s.getBytes(r.length.value))
+    };
+
+    return r;
+}
+
+/**
+ * Parse a TLS Handshake
+ * @param {Uint8Array} bytes
+ * @returns {JSON}
+ */
+function parseHandshake(bytes) {
+    const s = new Stream(bytes);
+    const b = s.clone();
+    const h = {};
+
+    // Handshake type
+    h.handshakeType = {
+        description: "Handshake Type",
+        length: 1,
+        data: b.getBytes(1),
+        value: s.readInt(1)
+    };
+
+    // Handshake length
+    h.handshakeLength = {
+        description: "Handshake Length",
+        length: 3,
+        data: b.getBytes(3),
+        value: s.readInt(3)
+    };
+    if (s.length !== h.handshakeLength.value + 4)
+        throw new OperationError("Not enough data in Handshake message.");
+
+
+    switch (h.handshakeType.value) {
+        case 0x01:
+            h.handshakeType.description = "Client Hello";
+            parseClientHello(s, b, h);
+            break;
+        case 0x02:
+            h.handshakeType.description = "Server Hello";
+            parseServerHello(s, b, h);
+            break;
+        default:
+            throw new OperationError("Not a known handshake message.");
+    }
+
+    return h;
+}
+
+/**
+ * Parse a TLS Client Hello
+ * @param {Stream} s
+ * @param {Stream} b
+ * @param {Object} h
+ * @returns {JSON}
+ */
+function parseClientHello(s, b, h) {
+    // Hello version
+    h.helloVersion = {
+        description: "Client Hello Version",
+        length: 2,
+        data: b.getBytes(2),
+        value: s.readInt(2)
+    };
+
+    // Random
+    h.random = {
+        description: "Client Random",
+        length: 32,
+        data: b.getBytes(32),
+        value: s.getBytes(32)
+    };
+
+    // Session ID Length
+    h.sessionIDLength = {
+        description: "Session ID Length",
+        length: 1,
+        data: b.getBytes(1),
+        value: s.readInt(1)
+    };
+
+    // Session ID
+    h.sessionID = {
+        description: "Session ID",
+        length: h.sessionIDLength.value,
+        data: b.getBytes(h.sessionIDLength.value),
+        value: s.getBytes(h.sessionIDLength.value)
+    };
+
+    // Cipher Suites Length
+    h.cipherSuitesLength = {
+        description: "Cipher Suites Length",
+        length: 2,
+        data: b.getBytes(2),
+        value: s.readInt(2)
+    };
+
+    // Cipher Suites
+    h.cipherSuites = {
+        description: "Cipher Suites",
+        length: h.cipherSuitesLength.value,
+        data: b.getBytes(h.cipherSuitesLength.value),
+        value: parseCipherSuites(s.getBytes(h.cipherSuitesLength.value))
+    };
+
+    // Compression Methods Length
+    h.compressionMethodsLength = {
+        description: "Compression Methods Length",
+        length: 1,
+        data: b.getBytes(1),
+        value: s.readInt(1)
+    };
+
+    // Compression Methods
+    h.compressionMethods = {
+        description: "Compression Methods",
+        length: h.compressionMethodsLength.value,
+        data: b.getBytes(h.compressionMethodsLength.value),
+        value: parseCompressionMethods(s.getBytes(h.compressionMethodsLength.value))
+    };
+
+    // Extensions Length
+    h.extensionsLength = {
+        description: "Extensions Length",
+        length: 2,
+        data: b.getBytes(2),
+        value: s.readInt(2)
+    };
+
+    // Extensions
+    h.extensions = {
+        description: "Extensions",
+        length: h.extensionsLength.value,
+        data: b.getBytes(h.extensionsLength.value),
+        value: parseExtensions(s.getBytes(h.extensionsLength.value))
+    };
+
+    return h;
+}
+
+/**
+ * Parse a TLS Server Hello
+ * @param {Stream} s
+ * @param {Stream} b
+ * @param {Object} h
+ * @returns {JSON}
+ */
+function parseServerHello(s, b, h) {
+    // Hello version
+    h.helloVersion = {
+        description: "Server Hello Version",
+        length: 2,
+        data: b.getBytes(2),
+        value: s.readInt(2)
+    };
+
+    // Random
+    h.random = {
+        description: "Server Random",
+        length: 32,
+        data: b.getBytes(32),
+        value: s.getBytes(32)
+    };
+
+    // Session ID Length
+    h.sessionIDLength = {
+        description: "Session ID Length",
+        length: 1,
+        data: b.getBytes(1),
+        value: s.readInt(1)
+    };
+
+    // Session ID
+    h.sessionID = {
+        description: "Session ID",
+        length: h.sessionIDLength.value,
+        data: b.getBytes(h.sessionIDLength.value),
+        value: s.getBytes(h.sessionIDLength.value)
+    };
+
+    // Cipher Suite
+    h.cipherSuite = {
+        description: "Selected Cipher Suite",
+        length: 2,
+        data: b.getBytes(2),
+        value: CIPHER_SUITES_LOOKUP[s.readInt(2)] || "Unknown"
+    };
+
+    // Compression Method
+    h.compressionMethod = {
+        description: "Selected Compression Method",
+        length: 1,
+        data: b.getBytes(1),
+        value: s.readInt(1) // TODO: Compression method name here
+    };
+
+    // Extensions Length
+    h.extensionsLength = {
+        description: "Extensions Length",
+        length: 2,
+        data: b.getBytes(2),
+        value: s.readInt(2)
+    };
+
+    // Extensions
+    h.extensions = {
+        description: "Extensions",
+        length: h.extensionsLength.value,
+        data: b.getBytes(h.extensionsLength.value),
+        value: parseExtensions(s.getBytes(h.extensionsLength.value))
+    };
+}
+
+/**
+ * Parse Cipher Suites
+ * @param {Uint8Array} bytes
+ * @returns {JSON}
+ */
+function parseCipherSuites(bytes) {
+    const s = new Stream(bytes);
+    const b = s.clone();
+    const cs = [];
+
+    while (s.hasMore()) {
+        cs.push({
+            description: "Cipher Suite",
+            length: 2,
+            data: b.getBytes(2),
+            value: CIPHER_SUITES_LOOKUP[s.readInt(2)] || "Unknown"
+        });
+    }
+    return cs;
+}
+
+/**
+ * Parse Compression Methods
+ * @param {Uint8Array} bytes
+ * @returns {JSON}
+ */
+function parseCompressionMethods(bytes) {
+    const s = new Stream(bytes);
+    const b = s.clone();
+    const cm = [];
+
+    while (s.hasMore()) {
+        cm.push({
+            description: "Compression Method",
+            length: 1,
+            data: b.getBytes(1),
+            value: s.readInt(1) // TODO: Compression method name here
+        });
+    }
+    return cm;
+}
+
+/**
+ * Parse Extensions
+ * @param {Uint8Array} bytes
+ * @returns {JSON}
+ */
+function parseExtensions(bytes) {
+    const s = new Stream(bytes);
+    const b = s.clone();
+
+    const exts = [];
+    while (s.hasMore()) {
+        const ext = {};
+
+        // Type
+        ext.type = {
+            description: "Extension Type",
+            length: 2,
+            data: b.getBytes(2),
+            value: EXTENSION_LOOKUP[s.readInt(2)] || "unknown"
+        };
+
+        // Length
+        ext.length = {
+            description: "Extension Length",
+            length: 2,
+            data: b.getBytes(2),
+            value: s.readInt(2)
+        };
+
+        // Value
+        ext.value = {
+            description: "Extension Value",
+            length: ext.length.value,
+            data: b.getBytes(ext.length.value),
+            value: s.getBytes(ext.length.value)
+        };
+
+        exts.push(ext);
+    }
+
+    return exts;
+}
+
+/**
+ * Extension type lookup table
+ */
+const EXTENSION_LOOKUP = {
+    0: "server_name",
+    1: "max_fragment_length",
+    2: "client_certificate_url",
+    3: "trusted_ca_keys",
+    4: "truncated_hmac",
+    5: "status_request",
+    6: "user_mapping",
+    7: "client_authz",
+    8: "server_authz",
+    9: "cert_type",
+    10: "supported_groups",
+    11: "ec_point_formats",
+    12: "srp",
+    13: "signature_algorithms",
+    14: "use_srtp",
+    15: "heartbeat",
+    16: "application_layer_protocol_negotiation",
+    17: "status_request_v2",
+    18: "signed_certificate_timestamp",
+    19: "client_certificate_type",
+    20: "server_certificate_type",
+    21: "padding",
+    22: "encrypt_then_mac",
+    23: "extended_master_secret",
+    24: "token_binding",
+    25: "cached_info",
+    26: "tls_lts",
+    27: "compress_certificate",
+    28: "record_size_limit",
+    29: "pwd_protect",
+    30: "pwd_clear",
+    31: "password_salt",
+    32: "ticket_pinning",
+    33: "tls_cert_with_extern_psk",
+    34: "delegated_credential",
+    35: "session_ticket",
+    36: "TLMSP",
+    37: "TLMSP_proxying",
+    38: "TLMSP_delegate",
+    39: "supported_ekt_ciphers",
+    40: "Reserved",
+    41: "pre_shared_key",
+    42: "early_data",
+    43: "supported_versions",
+    44: "cookie",
+    45: "psk_key_exchange_modes",
+    46: "Reserved",
+    47: "certificate_authorities",
+    48: "oid_filters",
+    49: "post_handshake_auth",
+    50: "signature_algorithms_cert",
+    51: "key_share",
+    52: "transparency_info",
+    53: "connection_id (deprecated)",
+    54: "connection_id",
+    55: "external_id_hash",
+    56: "external_session_id",
+    57: "quic_transport_parameters",
+    58: "ticket_request",
+    59: "dnssec_chain",
+    60: "sequence_number_encryption_algorithms",
+    61: "rrc",
+    2570: "GREASE",
+    6682: "GREASE",
+    10794: "GREASE",
+    14906: "GREASE",
+    17513: "application_settings",
+    19018: "GREASE",
+    23130: "GREASE",
+    27242: "GREASE",
+    31354: "GREASE",
+    35466: "GREASE",
+    39578: "GREASE",
+    43690: "GREASE",
+    47802: "GREASE",
+    51914: "GREASE",
+    56026: "GREASE",
+    60138: "GREASE",
+    64250: "GREASE",
+    64768: "ech_outer_extensions",
+    65037: "encrypted_client_hello",
+    65281: "renegotiation_info"
+};
+
+/**
+ * Cipher suites lookup table
+ */
+const CIPHER_SUITES_LOOKUP = {
+    0x0000: "TLS_NULL_WITH_NULL_NULL",
+    0x0001: "TLS_RSA_WITH_NULL_MD5",
+    0x0002: "TLS_RSA_WITH_NULL_SHA",
+    0x0003: "TLS_RSA_EXPORT_WITH_RC4_40_MD5",
+    0x0004: "TLS_RSA_WITH_RC4_128_MD5",
+    0x0005: "TLS_RSA_WITH_RC4_128_SHA",
+    0x0006: "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
+    0x0007: "TLS_RSA_WITH_IDEA_CBC_SHA",
+    0x0008: "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA",
+    0x0009: "TLS_RSA_WITH_DES_CBC_SHA",
+    0x000A: "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
+    0x000B: "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA",
+    0x000C: "TLS_DH_DSS_WITH_DES_CBC_SHA",
+    0x000D: "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA",
+    0x000E: "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA",
+    0x000F: "TLS_DH_RSA_WITH_DES_CBC_SHA",
+    0x0010: "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA",
+    0x0011: "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
+    0x0012: "TLS_DHE_DSS_WITH_DES_CBC_SHA",
+    0x0013: "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
+    0x0014: "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
+    0x0015: "TLS_DHE_RSA_WITH_DES_CBC_SHA",
+    0x0016: "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
+    0x0017: "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5",
+    0x0018: "TLS_DH_anon_WITH_RC4_128_MD5",
+    0x0019: "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
+    0x001A: "TLS_DH_anon_WITH_DES_CBC_SHA",
+    0x001B: "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
+    0x001E: "TLS_KRB5_WITH_DES_CBC_SHA",
+    0x001F: "TLS_KRB5_WITH_3DES_EDE_CBC_SHA",
+    0x0020: "TLS_KRB5_WITH_RC4_128_SHA",
+    0x0021: "TLS_KRB5_WITH_IDEA_CBC_SHA",
+    0x0022: "TLS_KRB5_WITH_DES_CBC_MD5",
+    0x0023: "TLS_KRB5_WITH_3DES_EDE_CBC_MD5",
+    0x0024: "TLS_KRB5_WITH_RC4_128_MD5",
+    0x0025: "TLS_KRB5_WITH_IDEA_CBC_MD5",
+    0x0026: "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA",
+    0x0027: "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA",
+    0x0028: "TLS_KRB5_EXPORT_WITH_RC4_40_SHA",
+    0x0029: "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5",
+    0x002A: "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5",
+    0x002B: "TLS_KRB5_EXPORT_WITH_RC4_40_MD5",
+    0x002C: "TLS_PSK_WITH_NULL_SHA",
+    0x002D: "TLS_DHE_PSK_WITH_NULL_SHA",
+    0x002E: "TLS_RSA_PSK_WITH_NULL_SHA",
+    0x002F: "TLS_RSA_WITH_AES_128_CBC_SHA",
+    0x0030: "TLS_DH_DSS_WITH_AES_128_CBC_SHA",
+    0x0031: "TLS_DH_RSA_WITH_AES_128_CBC_SHA",
+    0x0032: "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+    0x0033: "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+    0x0034: "TLS_DH_anon_WITH_AES_128_CBC_SHA",
+    0x0035: "TLS_RSA_WITH_AES_256_CBC_SHA",
+    0x0036: "TLS_DH_DSS_WITH_AES_256_CBC_SHA",
+    0x0037: "TLS_DH_RSA_WITH_AES_256_CBC_SHA",
+    0x0038: "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
+    0x0039: "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
+    0x003A: "TLS_DH_anon_WITH_AES_256_CBC_SHA",
+    0x003B: "TLS_RSA_WITH_NULL_SHA256",
+    0x003C: "TLS_RSA_WITH_AES_128_CBC_SHA256",
+    0x003D: "TLS_RSA_WITH_AES_256_CBC_SHA256",
+    0x003E: "TLS_DH_DSS_WITH_AES_128_CBC_SHA256",
+    0x003F: "TLS_DH_RSA_WITH_AES_128_CBC_SHA256",
+    0x0040: "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
+    0x0041: "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA",
+    0x0042: "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA",
+    0x0043: "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA",
+    0x0044: "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA",
+    0x0045: "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA",
+    0x0046: "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA",
+    0x0067: "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
+    0x0068: "TLS_DH_DSS_WITH_AES_256_CBC_SHA256",
+    0x0069: "TLS_DH_RSA_WITH_AES_256_CBC_SHA256",
+    0x006A: "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
+    0x006B: "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
+    0x006C: "TLS_DH_anon_WITH_AES_128_CBC_SHA256",
+    0x006D: "TLS_DH_anon_WITH_AES_256_CBC_SHA256",
+    0x0084: "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA",
+    0x0085: "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA",
+    0x0086: "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA",
+    0x0087: "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA",
+    0x0088: "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA",
+    0x0089: "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA",
+    0x008A: "TLS_PSK_WITH_RC4_128_SHA",
+    0x008B: "TLS_PSK_WITH_3DES_EDE_CBC_SHA",
+    0x008C: "TLS_PSK_WITH_AES_128_CBC_SHA",
+    0x008D: "TLS_PSK_WITH_AES_256_CBC_SHA",
+    0x008E: "TLS_DHE_PSK_WITH_RC4_128_SHA",
+    0x008F: "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA",
+    0x0090: "TLS_DHE_PSK_WITH_AES_128_CBC_SHA",
+    0x0091: "TLS_DHE_PSK_WITH_AES_256_CBC_SHA",
+    0x0092: "TLS_RSA_PSK_WITH_RC4_128_SHA",
+    0x0093: "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA",
+    0x0094: "TLS_RSA_PSK_WITH_AES_128_CBC_SHA",
+    0x0095: "TLS_RSA_PSK_WITH_AES_256_CBC_SHA",
+    0x0096: "TLS_RSA_WITH_SEED_CBC_SHA",
+    0x0097: "TLS_DH_DSS_WITH_SEED_CBC_SHA",
+    0x0098: "TLS_DH_RSA_WITH_SEED_CBC_SHA",
+    0x0099: "TLS_DHE_DSS_WITH_SEED_CBC_SHA",
+    0x009A: "TLS_DHE_RSA_WITH_SEED_CBC_SHA",
+    0x009B: "TLS_DH_anon_WITH_SEED_CBC_SHA",
+    0x009C: "TLS_RSA_WITH_AES_128_GCM_SHA256",
+    0x009D: "TLS_RSA_WITH_AES_256_GCM_SHA384",
+    0x009E: "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
+    0x009F: "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
+    0x00A0: "TLS_DH_RSA_WITH_AES_128_GCM_SHA256",
+    0x00A1: "TLS_DH_RSA_WITH_AES_256_GCM_SHA384",
+    0x00A2: "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
+    0x00A3: "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
+    0x00A4: "TLS_DH_DSS_WITH_AES_128_GCM_SHA256",
+    0x00A5: "TLS_DH_DSS_WITH_AES_256_GCM_SHA384",
+    0x00A6: "TLS_DH_anon_WITH_AES_128_GCM_SHA256",
+    0x00A7: "TLS_DH_anon_WITH_AES_256_GCM_SHA384",
+    0x00A8: "TLS_PSK_WITH_AES_128_GCM_SHA256",
+    0x00A9: "TLS_PSK_WITH_AES_256_GCM_SHA384",
+    0x00AA: "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256",
+    0x00AB: "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384",
+    0x00AC: "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256",
+    0x00AD: "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384",
+    0x00AE: "TLS_PSK_WITH_AES_128_CBC_SHA256",
+    0x00AF: "TLS_PSK_WITH_AES_256_CBC_SHA384",
+    0x00B0: "TLS_PSK_WITH_NULL_SHA256",
+    0x00B1: "TLS_PSK_WITH_NULL_SHA384",
+    0x00B2: "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256",
+    0x00B3: "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384",
+    0x00B4: "TLS_DHE_PSK_WITH_NULL_SHA256",
+    0x00B5: "TLS_DHE_PSK_WITH_NULL_SHA384",
+    0x00B6: "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256",
+    0x00B7: "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384",
+    0x00B8: "TLS_RSA_PSK_WITH_NULL_SHA256",
+    0x00B9: "TLS_RSA_PSK_WITH_NULL_SHA384",
+    0x00BA: "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256",
+    0x00BB: "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256",
+    0x00BC: "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256",
+    0x00BD: "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256",
+    0x00BE: "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256",
+    0x00BF: "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256",
+    0x00C0: "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256",
+    0x00C1: "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256",
+    0x00C2: "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256",
+    0x00C3: "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256",
+    0x00C4: "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256",
+    0x00C5: "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256",
+    0x00C6: "TLS_SM4_GCM_SM3",
+    0x00C7: "TLS_SM4_CCM_SM3",
+    0x00FF: "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
+    0x0A0A: "GREASE",
+    0x1301: "TLS_AES_128_GCM_SHA256",
+    0x1302: "TLS_AES_256_GCM_SHA384",
+    0x1303: "TLS_CHACHA20_POLY1305_SHA256",
+    0x1304: "TLS_AES_128_CCM_SHA256",
+    0x1305: "TLS_AES_128_CCM_8_SHA256",
+    0x1306: "TLS_AEGIS_256_SHA512",
+    0x1307: "TLS_AEGIS_128L_SHA256",
+    0x1A1A: "GREASE",
+    0x2A2A: "GREASE",
+    0x3A3A: "GREASE",
+    0x4A4A: "GREASE",
+    0x5600: "TLS_FALLBACK_SCSV",
+    0x5A5A: "GREASE",
+    0x6A6A: "GREASE",
+    0x7A7A: "GREASE",
+    0x8A8A: "GREASE",
+    0x9A9A: "GREASE",
+    0xAAAA: "GREASE",
+    0xBABA: "GREASE",
+    0xC001: "TLS_ECDH_ECDSA_WITH_NULL_SHA",
+    0xC002: "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
+    0xC003: "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
+    0xC004: "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
+    0xC005: "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
+    0xC006: "TLS_ECDHE_ECDSA_WITH_NULL_SHA",
+    0xC007: "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
+    0xC008: "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
+    0xC009: "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
+    0xC00A: "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
+    0xC00B: "TLS_ECDH_RSA_WITH_NULL_SHA",
+    0xC00C: "TLS_ECDH_RSA_WITH_RC4_128_SHA",
+    0xC00D: "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
+    0xC00E: "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
+    0xC00F: "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+    0xC010: "TLS_ECDHE_RSA_WITH_NULL_SHA",
+    0xC011: "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
+    0xC012: "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
+    0xC013: "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+    0xC014: "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+    0xC015: "TLS_ECDH_anon_WITH_NULL_SHA",
+    0xC016: "TLS_ECDH_anon_WITH_RC4_128_SHA",
+    0xC017: "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
+    0xC018: "TLS_ECDH_anon_WITH_AES_128_CBC_SHA",
+    0xC019: "TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
+    0xC01A: "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA",
+    0xC01B: "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA",
+    0xC01C: "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA",
+    0xC01D: "TLS_SRP_SHA_WITH_AES_128_CBC_SHA",
+    0xC01E: "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA",
+    0xC01F: "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA",
+    0xC020: "TLS_SRP_SHA_WITH_AES_256_CBC_SHA",
+    0xC021: "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA",
+    0xC022: "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA",
+    0xC023: "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
+    0xC024: "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
+    0xC025: "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
+    0xC026: "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
+    0xC027: "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+    0xC028: "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+    0xC029: "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
+    0xC02A: "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
+    0xC02B: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+    0xC02C: "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+    0xC02D: "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
+    0xC02E: "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
+    0xC02F: "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+    0xC030: "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+    0xC031: "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
+    0xC032: "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
+    0xC033: "TLS_ECDHE_PSK_WITH_RC4_128_SHA",
+    0xC034: "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA",
+    0xC035: "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA",
+    0xC036: "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA",
+    0xC037: "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256",
+    0xC038: "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384",
+    0xC039: "TLS_ECDHE_PSK_WITH_NULL_SHA",
+    0xC03A: "TLS_ECDHE_PSK_WITH_NULL_SHA256",
+    0xC03B: "TLS_ECDHE_PSK_WITH_NULL_SHA384",
+    0xC03C: "TLS_RSA_WITH_ARIA_128_CBC_SHA256",
+    0xC03D: "TLS_RSA_WITH_ARIA_256_CBC_SHA384",
+    0xC03E: "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256",
+    0xC03F: "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384",
+    0xC040: "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256",
+    0xC041: "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384",
+    0xC042: "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256",
+    0xC043: "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384",
+    0xC044: "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256",
+    0xC045: "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384",
+    0xC046: "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256",
+    0xC047: "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384",
+    0xC048: "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256",
+    0xC049: "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384",
+    0xC04A: "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256",
+    0xC04B: "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384",
+    0xC04C: "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256",
+    0xC04D: "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384",
+    0xC04E: "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256",
+    0xC04F: "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384",
+    0xC050: "TLS_RSA_WITH_ARIA_128_GCM_SHA256",
+    0xC051: "TLS_RSA_WITH_ARIA_256_GCM_SHA384",
+    0xC052: "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256",
+    0xC053: "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384",
+    0xC054: "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256",
+    0xC055: "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384",
+    0xC056: "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256",
+    0xC057: "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384",
+    0xC058: "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256",
+    0xC059: "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384",
+    0xC05A: "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256",
+    0xC05B: "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384",
+    0xC05C: "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256",
+    0xC05D: "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384",
+    0xC05E: "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256",
+    0xC05F: "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384",
+    0xC060: "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256",
+    0xC061: "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384",
+    0xC062: "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256",
+    0xC063: "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384",
+    0xC064: "TLS_PSK_WITH_ARIA_128_CBC_SHA256",
+    0xC065: "TLS_PSK_WITH_ARIA_256_CBC_SHA384",
+    0xC066: "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256",
+    0xC067: "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384",
+    0xC068: "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256",
+    0xC069: "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384",
+    0xC06A: "TLS_PSK_WITH_ARIA_128_GCM_SHA256",
+    0xC06B: "TLS_PSK_WITH_ARIA_256_GCM_SHA384",
+    0xC06C: "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256",
+    0xC06D: "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384",
+    0xC06E: "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256",
+    0xC06F: "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384",
+    0xC070: "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256",
+    0xC071: "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384",
+    0xC072: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256",
+    0xC073: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384",
+    0xC074: "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256",
+    0xC075: "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384",
+    0xC076: "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256",
+    0xC077: "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384",
+    0xC078: "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256",
+    0xC079: "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384",
+    0xC07A: "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256",
+    0xC07B: "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384",
+    0xC07C: "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256",
+    0xC07D: "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384",
+    0xC07E: "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256",
+    0xC07F: "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384",
+    0xC080: "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256",
+    0xC081: "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384",
+    0xC082: "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256",
+    0xC083: "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384",
+    0xC084: "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256",
+    0xC085: "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384",
+    0xC086: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256",
+    0xC087: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384",
+    0xC088: "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256",
+    0xC089: "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384",
+    0xC08A: "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256",
+    0xC08B: "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384",
+    0xC08C: "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256",
+    0xC08D: "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384",
+    0xC08E: "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256",
+    0xC08F: "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384",
+    0xC090: "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256",
+    0xC091: "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384",
+    0xC092: "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256",
+    0xC093: "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384",
+    0xC094: "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256",
+    0xC095: "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384",
+    0xC096: "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256",
+    0xC097: "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384",
+    0xC098: "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256",
+    0xC099: "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384",
+    0xC09A: "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256",
+    0xC09B: "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384",
+    0xC09C: "TLS_RSA_WITH_AES_128_CCM",
+    0xC09D: "TLS_RSA_WITH_AES_256_CCM",
+    0xC09E: "TLS_DHE_RSA_WITH_AES_128_CCM",
+    0xC09F: "TLS_DHE_RSA_WITH_AES_256_CCM",
+    0xC0A0: "TLS_RSA_WITH_AES_128_CCM_8",
+    0xC0A1: "TLS_RSA_WITH_AES_256_CCM_8",
+    0xC0A2: "TLS_DHE_RSA_WITH_AES_128_CCM_8",
+    0xC0A3: "TLS_DHE_RSA_WITH_AES_256_CCM_8",
+    0xC0A4: "TLS_PSK_WITH_AES_128_CCM",
+    0xC0A5: "TLS_PSK_WITH_AES_256_CCM",
+    0xC0A6: "TLS_DHE_PSK_WITH_AES_128_CCM",
+    0xC0A7: "TLS_DHE_PSK_WITH_AES_256_CCM",
+    0xC0A8: "TLS_PSK_WITH_AES_128_CCM_8",
+    0xC0A9: "TLS_PSK_WITH_AES_256_CCM_8",
+    0xC0AA: "TLS_PSK_DHE_WITH_AES_128_CCM_8",
+    0xC0AB: "TLS_PSK_DHE_WITH_AES_256_CCM_8",
+    0xC0AC: "TLS_ECDHE_ECDSA_WITH_AES_128_CCM",
+    0xC0AD: "TLS_ECDHE_ECDSA_WITH_AES_256_CCM",
+    0xC0AE: "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8",
+    0xC0AF: "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8",
+    0xC0B0: "TLS_ECCPWD_WITH_AES_128_GCM_SHA256",
+    0xC0B1: "TLS_ECCPWD_WITH_AES_256_GCM_SHA384",
+    0xC0B2: "TLS_ECCPWD_WITH_AES_128_CCM_SHA256",
+    0xC0B3: "TLS_ECCPWD_WITH_AES_256_CCM_SHA384",
+    0xC0B4: "TLS_SHA256_SHA256",
+    0xC0B5: "TLS_SHA384_SHA384",
+    0xC100: "TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC",
+    0xC101: "TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC",
+    0xC102: "TLS_GOSTR341112_256_WITH_28147_CNT_IMIT",
+    0xC103: "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L",
+    0xC104: "TLS_GOSTR341112_256_WITH_MAGMA_MGM_L",
+    0xC105: "TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S",
+    0xC106: "TLS_GOSTR341112_256_WITH_MAGMA_MGM_S",
+    0xCACA: "GREASE",
+    0xCCA8: "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
+    0xCCA9: "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
+    0xCCAA: "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
+    0xCCAB: "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256",
+    0xCCAC: "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
+    0xCCAD: "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
+    0xCCAE: "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256",
+    0xD001: "TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256",
+    0xD002: "TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384",
+    0xD003: "TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256",
+    0xD005: "TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256",
+    0xDADA: "GREASE",
+    0xEAEA: "GREASE",
+    0xFAFA: "GREASE",
+};
+
+/**
+ * GREASE values
+ */
+export const GREASE_VALUES = [
+    0x0a0a,
+    0x1a1a,
+    0x2a2a,
+    0x3a3a,
+    0x4a4a,
+    0x5a5a,
+    0x6a6a,
+    0x7a7a,
+    0x8a8a,
+    0x9a9a,
+    0xaaaa,
+    0xbaba,
+    0xcaca,
+    0xdada,
+    0xeaea,
+    0xfafa
+];
+
+/**
+ * Parses the supported_versions extension and returns the highest supported version.
+ * @param {Uint8Array} bytes
+ * @returns {number}
+ */
+export function parseHighestSupportedVersion(bytes) {
+    const s = new Stream(bytes);
+
+    // The Server Hello supported_versions extension simply contains the chosen version
+    if (s.length === 2) {
+        return s.readInt(2);
+    }
+
+    // Length
+    let i = s.readInt(1);
+
+    let highestVersion = 0;
+    while (s.hasMore() && i-- > 0) {
+        const v = s.readInt(2);
+        if (GREASE_VALUES.includes(v)) continue;
+        if (v > highestVersion) highestVersion = v;
+    }
+
+    return highestVersion;
+}
+
+/**
+ * Parses the application_layer_protocol_negotiation extension and returns the first value.
+ * @param {Uint8Array} bytes
+ * @returns {number}
+ */
+export function parseFirstALPNValue(bytes) {
+    const s = new Stream(bytes);
+    const alpnExtLen = s.readInt(2);
+    if (alpnExtLen < 3) return "00";
+    const strLen = s.readInt(1);
+    if (strLen < 2) return "00";
+    return s.readString(strLen);
+}
--- a/src/core/lib/XXTEA.mjs
+++ b/src/core/lib/XXTEA.mjs
@ -0,0 +1,174 @@
+/**
+ * XXTEA library
+ *
+ * Encryption Algorithm Authors:
+ *     David J. Wheeler
+ *     Roger M. Needham
+ *
+ * @author Ma Bingyao [mabingyao@gmail.com]
+ * @author n1474335 [n1474335@gmail.com]
+ * @license MIT
+ */
+
+const DELTA = 0x9E3779B9;
+
+/**
+ * Convert a buffer to a Uint8Array
+ * @param {Uint32Array} v
+ * @param {boolean} includeLength
+ * @returns {Uint8Array}
+ */
+function toUint8Array(v, includeLength) {
+    const length = v.length;
+    let n = length << 2;
+    if (includeLength) {
+        const m = v[length - 1];
+        n -= 4;
+        if ((m < n - 3) || (m > n)) {
+            return null;
+        }
+        n = m;
+    }
+    const bytes = new Uint8Array(n);
+    for (let i = 0; i < n; i++) {
+        bytes[i] = v[i >> 2] >> ((i & 3) << 3);
+    }
+    return bytes;
+}
+
+/**
+ * Convert a buffer to a Uint32Array
+ * @param {TypedArray} bs
+ * @param {boolean} includeLength
+ * @returns {Uint32Array}
+ */
+function toUint32Array(bs, includeLength) {
+    const length = bs.length;
+    let n = length >> 2;
+    if ((length & 3) !== 0) {
+        ++n;
+    }
+    let v;
+    if (includeLength) {
+        v = new Uint32Array(n + 1);
+        v[n] = length;
+    } else {
+        v = new Uint32Array(n);
+    }
+    for (let i = 0; i < length; ++i) {
+        v[i >> 2] |= bs[i] << ((i & 3) << 3);
+    }
+    return v;
+}
+
+/**
+ * Mask an int to 32 bits
+ * @param {number} i
+ * @returns {number}
+ */
+function int32(i) {
+    return i & 0xFFFFFFFF;
+}
+
+/**
+ * MX function for data randomisation
+ * @param {number} sum
+ * @param {number} y
+ * @param {number} z
+ * @param {number} p
+ * @param {number} e
+ * @param {number} k
+ * @returns {number}
+ */
+function mx(sum, y, z, p, e, k) {
+    return ((z >>> 5 ^ y << 2) + (y >>> 3 ^ z << 4)) ^ ((sum ^ y) + (k[p & 3 ^ e] ^ z));
+}
+
+/**
+ * Ensure an array is a multiple of 16 bits
+ * @param {TypedArray} k
+ * @returns {TypedArray}
+ */
+function fixk(k) {
+    if (k.length < 16) {
+        const key = new Uint8Array(16);
+        key.set(k);
+        return key;
+    }
+    return k;
+}
+
+/**
+ * Performs XXTEA encryption on a Uint32Array
+ * @param {Uint32Array} v
+ * @param {Uint32Array} k
+ * @returns {Uint32Array}
+ */
+function encryptUint32Array(v, k) {
+    const length = v.length;
+    const n = length - 1;
+    let y, z, sum, e, p, q;
+    z = v[n];
+    sum = 0;
+    for (q = Math.floor(6 + 52 / length) | 0; q > 0; --q) {
+        sum = int32(sum + DELTA);
+        e = sum >>> 2 & 3;
+        for (p = 0; p < n; ++p) {
+            y = v[p + 1];
+            z = v[p] = int32(v[p] + mx(sum, y, z, p, e, k));
+        }
+        y = v[0];
+        z = v[n] = int32(v[n] + mx(sum, y, z, n, e, k));
+    }
+    return v;
+}
+
+/**
+ * Performs XXTEA decryption on a Uint32Array
+ * @param {Uint32Array} v
+ * @param {Uint32Array} k
+ * @returns {Uint32Array}
+ */
+function decryptUint32Array(v, k) {
+    const length = v.length;
+    const n = length - 1;
+    let y, z, sum, e, p;
+    y = v[0];
+    const q = Math.floor(6 + 52 / length);
+    for (sum = int32(q * DELTA); sum !== 0; sum = int32(sum - DELTA)) {
+        e = sum >>> 2 & 3;
+        for (p = n; p > 0; --p) {
+            z = v[p - 1];
+            y = v[p] = int32(v[p] - mx(sum, y, z, p, e, k));
+        }
+        z = v[n];
+        y = v[0] = int32(v[0] - mx(sum, y, z, 0, e, k));
+    }
+    return v;
+}
+
+/**
+ * Encrypt function
+ * @param {TypedArray} data
+ * @param {TypedArray} key
+ * @returns {Uint8Array}
+ */
+export function encrypt(data, key) {
+    if (data === undefined || data === null || data.length === 0) {
+        return data;
+    }
+    return toUint8Array(encryptUint32Array(toUint32Array(data, true), toUint32Array(fixk(key), false)), false);
+}
+
+/**
+ * Decrypt function
+ * @param {TypedArray} data
+ * @param {TypedArray} key
+ * @returns {Uint8Array}
+ */
+export function decrypt(data, key) {
+    if (data === undefined || data === null || data.length === 0) {
+        return data;
+    }
+    return toUint8Array(decryptUint32Array(toUint32Array(data, false), toUint32Array(fixk(key), false)), true);
+}
--- a/src/core/operations/AESDecrypt.mjs
+++ b/src/core/operations/AESDecrypt.mjs
@ -112,7 +112,7 @@ class AESDecrypt extends Operation {
    run(input, args) {
        const key = Utils.convertToByteString(args[0].string, args[0].option),
            iv = Utils.convertToByteString(args[1].string, args[1].option),
-            mode = args[2].substring(0, 3),
+            mode = args[2].split("/")[0],
            noPadding = args[2].endsWith("NoPadding"),
            inputType = args[3],
            outputType = args[4],
--- a/src/core/operations/AESEncrypt.mjs
+++ b/src/core/operations/AESEncrypt.mjs
@ -66,6 +66,14 @@ class AESEncrypt extends Operation {
                    {
                        name: "ECB",
                        off: [5]
+                    },
+                    {
+                        name: "CBC/NoPadding",
+                        off: [5]
+                    },
+                    {
+                        name: "ECB/NoPadding",
+                        off: [5]
                    }
                ]
            },
@ -98,7 +106,8 @@ class AESEncrypt extends Operation {
    run(input, args) {
        const key = Utils.convertToByteString(args[0].string, args[0].option),
            iv = Utils.convertToByteString(args[1].string, args[1].option),
-            mode = args[2],
+            mode = args[2].split("/")[0],
+            noPadding =  args[2].endsWith("NoPadding"),
            inputType = args[3],
            outputType = args[4],
            aad = Utils.convertToByteString(args[5].string, args[5].option);
@ -114,11 +123,20 @@ The following algorithms will be used based on the size of the key:

        input = Utils.convertToByteString(input, inputType);

+        // Handle NoPadding modes
+        if (noPadding && input.length % 16 !== 0) {
+            throw new OperationError("Input length must be a multiple of 16 bytes for NoPadding modes.");
+        }
        const cipher = forge.cipher.createCipher("AES-" + mode, key);
        cipher.start({
            iv: iv,
            additionalData: mode === "GCM" ? aad : undefined
        });
+        if (noPadding) {
+            cipher.mode.pad = function(output, options) {
+                return true;
+            };
+        }
        cipher.update(forge.util.createBuffer(input));
        cipher.finish();

--- a/src/core/operations/AESKeyUnwrap.mjs
+++ b/src/core/operations/AESKeyUnwrap.mjs
@ -0,0 +1,128 @@
+/**
+ * @author mikecat
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Utils from "../Utils.mjs";
+import { toHexFast } from "../lib/Hex.mjs";
+import forge from "node-forge";
+import OperationError from "../errors/OperationError.mjs";
+
+/**
+ * AES Key Unwrap operation
+ */
+class AESKeyUnwrap extends Operation {
+
+    /**
+     * AESKeyUnwrap constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "AES Key Unwrap";
+        this.module = "Ciphers";
+        this.description = "Decryptor for a key wrapping algorithm defined in RFC3394, which is used to protect keys in untrusted storage or communications, using AES.<br><br>This algorithm uses an AES key (KEK: key-encryption key) and a 64-bit IV to decrypt 64-bit blocks.";
+        this.infoURL = "https://wikipedia.org/wiki/Key_wrap";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                "name": "Key (KEK)",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
+            },
+            {
+                "name": "IV",
+                "type": "toggleString",
+                "value": "a6a6a6a6a6a6a6a6",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
+            },
+            {
+                "name": "Input",
+                "type": "option",
+                "value": ["Hex", "Raw"]
+            },
+            {
+                "name": "Output",
+                "type": "option",
+                "value": ["Hex", "Raw"]
+            },
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const kek = Utils.convertToByteString(args[0].string, args[0].option),
+            iv = Utils.convertToByteString(args[1].string, args[1].option),
+            inputType = args[2],
+            outputType = args[3];
+
+        if (kek.length !== 16 && kek.length !== 24 && kek.length !== 32) {
+            throw new OperationError("KEK must be either 16, 24, or 32 bytes (currently " + kek.length + " bytes)");
+        }
+        if (iv.length !== 8) {
+            throw new OperationError("IV must be 8 bytes (currently " + iv.length + " bytes)");
+        }
+        const inputData = Utils.convertToByteString(input, inputType);
+        if (inputData.length % 8 !== 0 || inputData.length < 24) {
+            throw new OperationError("input must be 8n (n>=3) bytes (currently " + inputData.length + " bytes)");
+        }
+
+        const cipher = forge.cipher.createCipher("AES-ECB", kek);
+        cipher.start();
+        cipher.update(forge.util.createBuffer(""));
+        cipher.finish();
+        const paddingBlock = cipher.output.getBytes();
+
+        const decipher = forge.cipher.createDecipher("AES-ECB", kek);
+
+        let A = inputData.substring(0, 8);
+        const R = [];
+        for (let i = 8; i < inputData.length; i += 8) {
+            R.push(inputData.substring(i, i + 8));
+        }
+        let cntLower = R.length >>> 0;
+        let cntUpper = (R.length / ((1 << 30) * 4)) >>> 0;
+        cntUpper = cntUpper * 6 + ((cntLower * 6 / ((1 << 30) * 4)) >>> 0);
+        cntLower = cntLower * 6 >>> 0;
+        for (let j = 5; j >= 0; j--) {
+            for (let i = R.length - 1; i >= 0; i--) {
+                const aBuffer = Utils.strToArrayBuffer(A);
+                const aView = new DataView(aBuffer);
+                aView.setUint32(0, aView.getUint32(0) ^ cntUpper);
+                aView.setUint32(4, aView.getUint32(4) ^ cntLower);
+                A = Utils.arrayBufferToStr(aBuffer, false);
+                decipher.start();
+                decipher.update(forge.util.createBuffer(A + R[i] + paddingBlock));
+                decipher.finish();
+                const B = decipher.output.getBytes();
+                A = B.substring(0, 8);
+                R[i] = B.substring(8, 16);
+                cntLower--;
+                if (cntLower < 0) {
+                    cntUpper--;
+                    cntLower = 0xffffffff;
+                }
+            }
+        }
+        if (A !== iv) {
+            throw new OperationError("IV mismatch");
+        }
+        const P = R.join("");
+
+        if (outputType === "Hex") {
+            return toHexFast(Utils.strToArrayBuffer(P));
+        }
+        return P;
+    }
+
+}
+
+export default AESKeyUnwrap;
--- a/src/core/operations/AESKeyWrap.mjs
+++ b/src/core/operations/AESKeyWrap.mjs
@ -0,0 +1,115 @@
+/**
+ * @author mikecat
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Utils from "../Utils.mjs";
+import { toHexFast } from "../lib/Hex.mjs";
+import forge from "node-forge";
+import OperationError from "../errors/OperationError.mjs";
+
+/**
+ * AES Key Wrap operation
+ */
+class AESKeyWrap extends Operation {
+
+    /**
+     * AESKeyWrap constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "AES Key Wrap";
+        this.module = "Ciphers";
+        this.description = "A key wrapping algorithm defined in RFC3394, which is used to protect keys in untrusted storage or communications, using AES.<br><br>This algorithm uses an AES key (KEK: key-encryption key) and a 64-bit IV to encrypt 64-bit blocks.";
+        this.infoURL = "https://wikipedia.org/wiki/Key_wrap";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                "name": "Key (KEK)",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
+            },
+            {
+                "name": "IV",
+                "type": "toggleString",
+                "value": "a6a6a6a6a6a6a6a6",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
+            },
+            {
+                "name": "Input",
+                "type": "option",
+                "value": ["Hex", "Raw"]
+            },
+            {
+                "name": "Output",
+                "type": "option",
+                "value": ["Hex", "Raw"]
+            },
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const kek = Utils.convertToByteString(args[0].string, args[0].option),
+            iv = Utils.convertToByteString(args[1].string, args[1].option),
+            inputType = args[2],
+            outputType = args[3];
+
+        if (kek.length !== 16 && kek.length !== 24 && kek.length !== 32) {
+            throw new OperationError("KEK must be either 16, 24, or 32 bytes (currently " + kek.length + " bytes)");
+        }
+        if (iv.length !== 8) {
+            throw new OperationError("IV must be 8 bytes (currently " + iv.length + " bytes)");
+        }
+        const inputData = Utils.convertToByteString(input, inputType);
+        if (inputData.length % 8 !== 0 || inputData.length < 16) {
+            throw new OperationError("input must be 8n (n>=2) bytes (currently " + inputData.length + " bytes)");
+        }
+
+        const cipher = forge.cipher.createCipher("AES-ECB", kek);
+
+        let A = iv;
+        const R = [];
+        for (let i = 0; i < inputData.length; i += 8) {
+            R.push(inputData.substring(i, i + 8));
+        }
+        let cntLower = 1, cntUpper = 0;
+        for (let j = 0; j < 6; j++) {
+            for (let i = 0; i < R.length; i++) {
+                cipher.start();
+                cipher.update(forge.util.createBuffer(A + R[i]));
+                cipher.finish();
+                const B = cipher.output.getBytes();
+                const msbBuffer = Utils.strToArrayBuffer(B.substring(0, 8));
+                const msbView = new DataView(msbBuffer);
+                msbView.setUint32(0, msbView.getUint32(0) ^ cntUpper);
+                msbView.setUint32(4, msbView.getUint32(4) ^ cntLower);
+                A = Utils.arrayBufferToStr(msbBuffer, false);
+                R[i] = B.substring(8, 16);
+                cntLower++;
+                if (cntLower > 0xffffffff) {
+                    cntUpper++;
+                    cntLower = 0;
+                }
+            }
+        }
+        const C = A + R.join("");
+
+        if (outputType === "Hex") {
+            return toHexFast(Utils.strToArrayBuffer(C));
+        }
+        return C;
+    }
+
+}
+
+export default AESKeyWrap;
--- a/src/core/operations/AMFDecode.mjs
+++ b/src/core/operations/AMFDecode.mjs
@ -0,0 +1,52 @@
+/**
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import "reflect-metadata"; // Required as a shim for the amf library
+import { AMF0, AMF3 } from "@astronautlabs/amf";
+
+/**
+ * AMF Decode operation
+ */
+class AMFDecode extends Operation {
+
+    /**
+     * AMFDecode constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "AMF Decode";
+        this.module = "Encodings";
+        this.description = "Action Message Format (AMF) is a binary format used to serialize object graphs such as ActionScript objects and XML, or send messages between an Adobe Flash client and a remote service, usually a Flash Media Server or third party alternatives.";
+        this.infoURL = "https://wikipedia.org/wiki/Action_Message_Format";
+        this.inputType = "ArrayBuffer";
+        this.outputType = "JSON";
+        this.args = [
+            {
+                name: "Format",
+                type: "option",
+                value: ["AMF0", "AMF3"],
+                defaultIndex: 1
+            }
+        ];
+    }
+
+    /**
+     * @param {ArrayBuffer} input
+     * @param {Object[]} args
+     * @returns {JSON}
+     */
+    run(input, args) {
+        const [format] = args;
+        const handler = format === "AMF0" ? AMF0 : AMF3;
+        const encoded = new Uint8Array(input);
+        return handler.Value.deserialize(encoded);
+    }
+
+}
+
+export default AMFDecode;
--- a/src/core/operations/AMFEncode.mjs
+++ b/src/core/operations/AMFEncode.mjs
@ -0,0 +1,52 @@
+/**
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import "reflect-metadata"; // Required as a shim for the amf library
+import { AMF0, AMF3 } from "@astronautlabs/amf";
+
+/**
+ * AMF Encode operation
+ */
+class AMFEncode extends Operation {
+
+    /**
+     * AMFEncode constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "AMF Encode";
+        this.module = "Encodings";
+        this.description = "Action Message Format (AMF) is a binary format used to serialize object graphs such as ActionScript objects and XML, or send messages between an Adobe Flash client and a remote service, usually a Flash Media Server or third party alternatives.";
+        this.infoURL = "https://wikipedia.org/wiki/Action_Message_Format";
+        this.inputType = "JSON";
+        this.outputType = "ArrayBuffer";
+        this.args = [
+            {
+                name: "Format",
+                type: "option",
+                value: ["AMF0", "AMF3"],
+                defaultIndex: 1
+            }
+        ];
+    }
+
+    /**
+     * @param {JSON} input
+     * @param {Object[]} args
+     * @returns {ArrayBuffer}
+     */
+    run(input, args) {
+        const [format] = args;
+        const handler = format === "AMF0" ? AMF0 : AMF3;
+        const output = handler.Value.any(input).serialize();
+        return output.buffer;
+    }
+
+}
+
+export default AMFEncode;
--- a/src/core/operations/AddLineNumbers.mjs
+++ b/src/core/operations/AddLineNumbers.mjs
@ -22,7 +22,13 @@ class AddLineNumbers extends Operation {
        this.description = "Adds line numbers to the output.";
        this.inputType = "string";
        this.outputType = "string";
-        this.args = [];
+        this.args = [
+            {
+                "name": "Offset",
+                "type": "number",
+                "value": 0
+            }
+        ];
    }

    /**
@ -33,10 +39,11 @@ class AddLineNumbers extends Operation {
    run(input, args) {
        const lines = input.split("\n"),
            width = lines.length.toString().length;
+        const offset = args[0] ? parseInt(args[0], 10) : 0;
        let output = "";

        for (let n = 0; n < lines.length; n++) {
-            output += (n+1).toString().padStart(width, " ") + " " + lines[n] + "\n";
+            output += (n+1+offset).toString().padStart(width, " ") + " " + lines[n] + "\n";
        }
        return output.slice(0, output.length-1);
    }
--- a/src/core/operations/AddTextToImage.mjs
+++ b/src/core/operations/AddTextToImage.mjs
@ -9,8 +9,7 @@ import OperationError from "../errors/OperationError.mjs";
 import { isImage } from "../lib/FileType.mjs";
 import { toBase64 } from "../lib/Base64.mjs";
 import { isWorkerEnvironment } from "../Utils.mjs";
-import jimplib from "jimp/es/index.js";
-const jimp = jimplib.default ? jimplib.default : jimplib;
+import Jimp from "jimp/es/index.js";

 /**
 * Add Text To Image operation
@ -128,7 +127,7 @@ class AddTextToImage extends Operation {

        let image;
        try {
-            image = await jimp.read(input);
+            image = await Jimp.read(input);
        } catch (err) {
            throw new OperationError(`Error loading image. (${err})`);
        }
@ -164,7 +163,7 @@ class AddTextToImage extends Operation {
            const font = fontsMap[fontFace];

            // LoadFont needs an absolute url, so append the font name to self.docURL
-            const jimpFont = await jimp.loadFont(self.docURL + "/" + font.default);
+            const jimpFont = await Jimp.loadFont(self.docURL + "/" + font.default);

            jimpFont.pages.forEach(function(page) {
                if (page.bitmap) {
@ -191,7 +190,7 @@ class AddTextToImage extends Operation {
            });

            // Create a temporary image to hold the rendered text
-            const textImage = new jimp(jimp.measureText(jimpFont, text), jimp.measureTextHeight(jimpFont, text));
+            const textImage = new Jimp(Jimp.measureText(jimpFont, text), Jimp.measureTextHeight(jimpFont, text));
            textImage.print(jimpFont, 0, 0, text);

            // Scale the rendered text image to the correct size
@ -199,9 +198,9 @@ class AddTextToImage extends Operation {
            if (size !== 1) {
                // Use bicubic for decreasing size
                if (size > 1) {
-                    textImage.scale(scaleFactor, jimp.RESIZE_BICUBIC);
+                    textImage.scale(scaleFactor, Jimp.RESIZE_BICUBIC);
                } else {
-                    textImage.scale(scaleFactor, jimp.RESIZE_BILINEAR);
+                    textImage.scale(scaleFactor, Jimp.RESIZE_BILINEAR);
                }
            }

@ -235,9 +234,9 @@ class AddTextToImage extends Operation {

            let imageBuffer;
            if (image.getMIME() === "image/gif") {
-                imageBuffer = await image.getBufferAsync(jimp.MIME_PNG);
+                imageBuffer = await image.getBufferAsync(Jimp.MIME_PNG);
            } else {
-                imageBuffer = await image.getBufferAsync(jimp.AUTO);
+                imageBuffer = await image.getBufferAsync(Jimp.AUTO);
            }
            return imageBuffer.buffer;
        } catch (err) {
--- a/src/core/operations/Argon2.mjs
+++ b/src/core/operations/Argon2.mjs
@ -0,0 +1,117 @@
+/**
+ * @author Tan Zhen Yong [tzy@beyondthesprawl.com]
+ * @copyright Crown Copyright 2019
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import OperationError from "../errors/OperationError.mjs";
+import Utils from "../Utils.mjs";
+import argon2 from "argon2-browser";
+
+/**
+ * Argon2 operation
+ */
+class Argon2 extends Operation {
+
+    /**
+     * Argon2 constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Argon2";
+        this.module = "Crypto";
+        this.description = "Argon2 is a key derivation function that was selected as the winner of the Password Hashing Competition in July 2015. It was designed by Alex Biryukov, Daniel Dinu, and Dmitry Khovratovich from the University of Luxembourg.<br><br>Enter the password in the input to generate its hash.";
+        this.infoURL = "https://wikipedia.org/wiki/Argon2";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                "name": "Salt",
+                "type": "toggleString",
+                "value": "somesalt",
+                "toggleValues": ["UTF8", "Hex", "Base64", "Latin1"]
+            },
+            {
+                "name": "Iterations",
+                "type": "number",
+                "value": 3
+            },
+            {
+                "name": "Memory (KiB)",
+                "type": "number",
+                "value": 4096
+            },
+            {
+                "name": "Parallelism",
+                "type": "number",
+                "value": 1
+            },
+            {
+                "name": "Hash length (bytes)",
+                "type": "number",
+                "value": 32
+            },
+            {
+                "name": "Type",
+                "type": "option",
+                "value": ["Argon2i", "Argon2d", "Argon2id"],
+                "defaultIndex": 0
+            },
+            {
+                "name": "Output format",
+                "type": "option",
+                "value": ["Encoded hash", "Hex hash", "Raw hash"]
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    async run(input, args) {
+        const argon2Types = {
+            "Argon2i": argon2.ArgonType.Argon2i,
+            "Argon2d": argon2.ArgonType.Argon2d,
+            "Argon2id": argon2.ArgonType.Argon2id
+        };
+
+        const salt = Utils.convertToByteString(args[0].string || "", args[0].option),
+            time = args[1],
+            mem = args[2],
+            parallelism = args[3],
+            hashLen = args[4],
+            type = argon2Types[args[5]],
+            outFormat = args[6];
+
+        try {
+            const result = await argon2.hash({
+                pass: input,
+                salt,
+                time,
+                mem,
+                parallelism,
+                hashLen,
+                type,
+            });
+
+            switch (outFormat) {
+                case "Hex hash":
+                    return result.hashHex;
+                case "Raw hash":
+                    return Utils.arrayBufferToStr(result.hash);
+                case "Encoded hash":
+                default:
+                    return result.encoded;
+            }
+        } catch (err) {
+            throw new OperationError(`Error: ${err.message}`);
+        }
+    }
+
+}
+
+export default Argon2;
--- a/src/core/operations/Argon2Compare.mjs
+++ b/src/core/operations/Argon2Compare.mjs
@ -0,0 +1,58 @@
+/**
+ * @author Tan Zhen Yong [tzy@beyondthesprawl.com]
+ * @copyright Crown Copyright 2019
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import argon2 from "argon2-browser";
+
+/**
+ * Argon2 compare operation
+ */
+class Argon2Compare extends Operation {
+
+    /**
+     * Argon2Compare constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Argon2 compare";
+        this.module = "Crypto";
+        this.description = "Tests whether the input matches the given Argon2 hash. To test multiple possible passwords, use the 'Fork' operation.";
+        this.infoURL = "https://wikipedia.org/wiki/Argon2";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                "name": "Encoded hash",
+                "type": "string",
+                "value": ""
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    async run(input, args) {
+        const encoded = args[0];
+
+        try {
+            await argon2.verify({
+                pass: input,
+                encoded
+            });
+
+            return `Match: ${input}`;
+        } catch (err) {
+            return "No match";
+        }
+    }
+
+}
+
+export default Argon2Compare;
--- a/src/core/operations/BlowfishDecrypt.mjs
+++ b/src/core/operations/BlowfishDecrypt.mjs
@ -70,10 +70,14 @@ class BlowfishDecrypt extends Operation {
            inputType = args[3],
            outputType = args[4];

-        if (key.length !== 8) {
+        if (key.length < 4 || key.length > 56) {
            throw new OperationError(`Invalid key length: ${key.length} bytes

-Blowfish uses a key length of 8 bytes (64 bits).`);
+Blowfish's key length needs to be between 4 and 56 bytes (32-448 bits).`);
+        }
+
+        if (mode !== "ECB" && iv.length !== 8) {
+            throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes.`);
        }

        input = Utils.convertToByteString(input, inputType);
--- a/src/core/operations/BlowfishEncrypt.mjs
+++ b/src/core/operations/BlowfishEncrypt.mjs
@ -70,10 +70,14 @@ class BlowfishEncrypt extends Operation {
            inputType = args[3],
            outputType = args[4];

-        if (key.length !== 8) {
+        if (key.length < 4 || key.length > 56) {
            throw new OperationError(`Invalid key length: ${key.length} bytes

-Blowfish uses a key length of 8 bytes (64 bits).`);
+Blowfish's key length needs to be between 4 and 56 bytes (32-448 bits).`);
+        }
+
+        if (mode !== "ECB" && iv.length !== 8) {
+            throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes.`);
        }

        input = Utils.convertToByteString(input, inputType);
--- a/src/core/operations/BlurImage.mjs
+++ b/src/core/operations/BlurImage.mjs
@ -10,8 +10,7 @@ import { isWorkerEnvironment } from "../Utils.mjs";
 import { isImage } from "../lib/FileType.mjs";
 import { toBase64 } from "../lib/Base64.mjs";
 import { gaussianBlur } from "../lib/ImageManipulation.mjs";
-import jimplib from "jimp/es/index.js";
-const jimp = jimplib.default ? jimplib.default : jimplib;
+import Jimp from "jimp/es/index.js";

 /**
 * Blur Image operation
@ -60,7 +59,7 @@ class BlurImage extends Operation {

        let image;
        try {
-            image = await jimp.read(input);
+            image = await Jimp.read(input);
        } catch (err) {
            throw new OperationError(`Error loading image. (${err})`);
        }
@ -80,9 +79,9 @@ class BlurImage extends Operation {

            let imageBuffer;
            if (image.getMIME() === "image/gif") {
-                imageBuffer = await image.getBufferAsync(jimp.MIME_PNG);
+                imageBuffer = await image.getBufferAsync(Jimp.MIME_PNG);
            } else {
-                imageBuffer = await image.getBufferAsync(jimp.AUTO);
+                imageBuffer = await image.getBufferAsync(Jimp.AUTO);
            }
            return imageBuffer.buffer;
        } catch (err) {
--- a/src/core/operations/CMAC.mjs
+++ b/src/core/operations/CMAC.mjs
@ -0,0 +1,149 @@
+/**
+ * @author mikecat
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Utils from "../Utils.mjs";
+import forge from "node-forge";
+import { toHexFast } from "../lib/Hex.mjs";
+import OperationError from "../errors/OperationError.mjs";
+
+/**
+ * CMAC operation
+ */
+class CMAC extends Operation {
+
+    /**
+     * CMAC constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "CMAC";
+        this.module = "Crypto";
+        this.description = "CMAC is a block-cipher based message authentication code algorithm.<br><br>RFC4493 defines AES-CMAC that uses AES encryption with a 128-bit key.<br>NIST SP 800-38B suggests usages of AES with other key lengths and Triple DES.";
+        this.infoURL = "https://wikipedia.org/wiki/CMAC";
+        this.inputType = "ArrayBuffer";
+        this.outputType = "string";
+        this.args = [
+            {
+                "name": "Key",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
+            },
+            {
+                "name": "Encryption algorithm",
+                "type": "option",
+                "value": ["AES", "Triple DES"]
+            }
+        ];
+    }
+
+    /**
+     * @param {ArrayBuffer} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const key = Utils.convertToByteString(args[0].string, args[0].option);
+        const algo = args[1];
+
+        const info = (function() {
+            switch (algo) {
+                case "AES":
+                    if (key.length !== 16 && key.length !== 24 && key.length !== 32) {
+                        throw new OperationError("The key for AES must be either 16, 24, or 32 bytes (currently " + key.length + " bytes)");
+                    }
+                    return {
+                        "algorithm": "AES-ECB",
+                        "key": key,
+                        "blockSize": 16,
+                        "Rb": new Uint8Array([0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x87]),
+                    };
+                case "Triple DES":
+                    if (key.length !== 16 && key.length !== 24) {
+                        throw new OperationError("The key for Triple DES must be 16 or 24 bytes (currently " + key.length + " bytes)");
+                    }
+                    return {
+                        "algorithm": "3DES-ECB",
+                        "key": key.length === 16 ? key + key.substring(0, 8) : key,
+                        "blockSize": 8,
+                        "Rb": new Uint8Array([0, 0, 0, 0, 0, 0, 0, 0x1b]),
+                    };
+                default:
+                    throw new OperationError("Undefined encryption algorithm");
+            }
+        })();
+
+        const xor = function(a, b, out) {
+            if (!out) out = new Uint8Array(a.length);
+            for (let i = 0; i < a.length; i++) {
+                out[i] = a[i] ^ b[i];
+            }
+            return out;
+        };
+
+        const leftShift1 = function(a) {
+            const out = new Uint8Array(a.length);
+            let carry = 0;
+            for (let i = a.length - 1; i >= 0; i--) {
+                out[i] = (a[i] << 1) | carry;
+                carry = a[i] >> 7;
+            }
+            return out;
+        };
+
+        const cipher = forge.cipher.createCipher(info.algorithm, info.key);
+        const encrypt = function(a, out) {
+            if (!out) out = new Uint8Array(a.length);
+            cipher.start();
+            cipher.update(forge.util.createBuffer(a));
+            cipher.finish();
+            const cipherText = cipher.output.getBytes();
+            for (let i = 0; i < a.length; i++) {
+                out[i] = cipherText.charCodeAt(i);
+            }
+            return out;
+        };
+
+        const L = encrypt(new Uint8Array(info.blockSize));
+        const K1 = leftShift1(L);
+        if (L[0] & 0x80) xor(K1, info.Rb, K1);
+        const K2 = leftShift1(K1);
+        if (K1[0] & 0x80) xor(K2, info.Rb, K2);
+
+        const n = Math.ceil(input.byteLength / info.blockSize);
+        const lastBlock = (function() {
+            if (n === 0) {
+                const data = new Uint8Array(K2);
+                data[0] ^= 0x80;
+                return data;
+            }
+            const inputLast = new Uint8Array(input, info.blockSize * (n - 1));
+            if (inputLast.length === info.blockSize) {
+                return xor(inputLast, K1, inputLast);
+            } else {
+                const data = new Uint8Array(info.blockSize);
+                data.set(inputLast, 0);
+                data[inputLast.length] = 0x80;
+                return xor(data, K2, data);
+            }
+        })();
+
+        const X = new Uint8Array(info.blockSize);
+        const Y = new Uint8Array(info.blockSize);
+        for (let i = 0; i < n - 1; i++) {
+            xor(X, new Uint8Array(input, info.blockSize * i, info.blockSize), Y);
+            encrypt(Y, X);
+        }
+        xor(lastBlock, X, Y);
+        const T = encrypt(Y);
+        return toHexFast(T);
+    }
+
+}
+
+export default CMAC;
--- a/src/core/operations/CRC16Checksum.mjs
+++ b/src/core/operations/CRC16Checksum.mjs
@ -1,41 +0,0 @@
-/**
- * @author n1474335 [n1474335@gmail.com]
- * @copyright Crown Copyright 2016
- * @license Apache-2.0
- */
-
-import Operation from "../Operation.mjs";
-import JSCRC from "js-crc";
-
-/**
- * CRC-16 Checksum operation
- */
-class CRC16Checksum extends Operation {
-
-    /**
-     * CRC16Checksum constructor
-     */
-    constructor() {
-        super();
-
-        this.name = "CRC-16 Checksum";
-        this.module = "Crypto";
-        this.description = "A cyclic redundancy check (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data.<br><br>The CRC was invented by W. Wesley Peterson in 1961.";
-        this.infoURL = "https://wikipedia.org/wiki/Cyclic_redundancy_check";
-        this.inputType = "ArrayBuffer";
-        this.outputType = "string";
-        this.args = [];
-    }
-
-    /**
-     * @param {ArrayBuffer} input
-     * @param {Object[]} args
-     * @returns {string}
-     */
-    run(input, args) {
-        return JSCRC.crc16(input);
-    }
-
-}
-
-export default CRC16Checksum;
--- a/src/core/operations/CRC32Checksum.mjs
+++ b/src/core/operations/CRC32Checksum.mjs
@ -1,41 +0,0 @@
-/**
- * @author n1474335 [n1474335@gmail.com]
- * @copyright Crown Copyright 2016
- * @license Apache-2.0
- */
-
-import Operation from "../Operation.mjs";
-import JSCRC from "js-crc";
-
-/**
- * CRC-32 Checksum operation
- */
-class CRC32Checksum extends Operation {
-
-    /**
-     * CRC32Checksum constructor
-     */
-    constructor() {
-        super();
-
-        this.name = "CRC-32 Checksum";
-        this.module = "Crypto";
-        this.description = "A cyclic redundancy check (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data.<br><br>The CRC was invented by W. Wesley Peterson in 1961; the 32-bit CRC function of Ethernet and many other standards is the work of several researchers and was published in 1975.";
-        this.infoURL = "https://wikipedia.org/wiki/Cyclic_redundancy_check";
-        this.inputType = "ArrayBuffer";
-        this.outputType = "string";
-        this.args = [];
-    }
-
-    /**
-     * @param {ArrayBuffer} input
-     * @param {Object[]} args
-     * @returns {string}
-     */
-    run(input, args) {
-        return JSCRC.crc32(input);
-    }
-
-}
-
-export default CRC32Checksum;
--- a/src/core/operations/CRC8Checksum.mjs
+++ b/src/core/operations/CRC8Checksum.mjs
@ -1,157 +0,0 @@
-/**
- * @author mshwed [m@ttshwed.com]
- * @copyright Crown Copyright 2019
- * @license Apache-2.0
- */
-
-import Operation from "../Operation.mjs";
-import OperationError from "../errors/OperationError.mjs";
-
-import { toHexFast } from "../lib/Hex.mjs";
-
-/**
- * CRC-8 Checksum operation
- */
-class CRC8Checksum extends Operation {
-
-    /**
-     * CRC8Checksum constructor
-     */
-    constructor() {
-        super();
-
-        this.name = "CRC-8 Checksum";
-        this.module = "Crypto";
-        this.description = "A cyclic redundancy check (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data.<br><br>The CRC was invented by W. Wesley Peterson in 1961.";
-        this.infoURL = "https://wikipedia.org/wiki/Cyclic_redundancy_check";
-        this.inputType = "ArrayBuffer";
-        this.outputType = "string";
-        this.args = [
-            {
-                "name": "Algorithm",
-                "type": "option",
-                "value": [
-                    "CRC-8",
-                    "CRC-8/CDMA2000",
-                    "CRC-8/DARC",
-                    "CRC-8/DVB-S2",
-                    "CRC-8/EBU",
-                    "CRC-8/I-CODE",
-                    "CRC-8/ITU",
-                    "CRC-8/MAXIM",
-                    "CRC-8/ROHC",
-                    "CRC-8/WCDMA"
-                ]
-            }
-        ];
-    }
-
-    /**
-     * Generates the pre-computed lookup table for byte division
-     *
-     * @param polynomial
-     */
-    calculateCRC8LookupTable(polynomial) {
-        const crc8Table = new Uint8Array(256);
-
-        let currentByte;
-        for (let i = 0; i < 256; i++) {
-            currentByte = i;
-            for (let bit = 0; bit < 8; bit++) {
-                if ((currentByte & 0x80) !== 0) {
-                    currentByte <<= 1;
-                    currentByte ^= polynomial;
-                } else {
-                    currentByte <<= 1;
-                }
-            }
-
-            crc8Table[i] = currentByte;
-        }
-
-        return crc8Table;
-    }
-
-    /**
-     * Calculates the CRC-8 Checksum from an input
-     *
-     * @param {ArrayBuffer} input
-     * @param {number} polynomial
-     * @param {number} initializationValue
-     * @param {boolean} inputReflection
-     * @param {boolean} outputReflection
-     * @param {number} xorOut
-     */
-    calculateCRC8(input, polynomial, initializationValue, inputReflection, outputReflection, xorOut) {
-        const crcSize = 8;
-        const crcTable = this.calculateCRC8LookupTable(polynomial);
-
-        let crc = initializationValue !== 0 ? initializationValue : 0;
-        let currentByte, position;
-
-        input = new Uint8Array(input);
-        for (const inputByte of input) {
-            currentByte = inputReflection ? this.reverseBits(inputByte, crcSize) : inputByte;
-
-            position = (currentByte ^ crc) & 255;
-            crc = crcTable[position];
-        }
-
-        crc = outputReflection ? this.reverseBits(crc, crcSize) : crc;
-
-        if (xorOut !== 0) crc = crc ^ xorOut;
-
-        return toHexFast(new Uint8Array([crc]));
-    }
-
-    /**
-     * Reverse the bits for a given input byte.
-     *
-     * @param {number} input
-     */
-    reverseBits(input, hashSize) {
-        let reversedByte = 0;
-        for (let i = hashSize - 1; i >= 0; i--) {
-            reversedByte |= ((input & 1) << i);
-            input >>= 1;
-        }
-
-        return reversedByte;
-    }
-
-    /**
-     * @param {ArrayBuffer} input
-     * @param {Object[]} args
-     * @returns {string}
-     */
-    run(input, args) {
-        const algorithm = args[0];
-
-        switch (algorithm) {
-            case "CRC-8":
-                return this.calculateCRC8(input, 0x7, 0x0, false, false, 0x0);
-            case "CRC-8/CDMA2000":
-                return this.calculateCRC8(input, 0x9B, 0xFF, false, false, 0x0);
-            case "CRC-8/DARC":
-                return this.calculateCRC8(input, 0x39, 0x0, true, true, 0x0);
-            case "CRC-8/DVB-S2":
-                return this.calculateCRC8(input, 0xD5, 0x0, false, false, 0x0);
-            case "CRC-8/EBU":
-                return this.calculateCRC8(input, 0x1D, 0xFF, true, true, 0x0);
-            case "CRC-8/I-CODE":
-                return this.calculateCRC8(input, 0x1D, 0xFD, false, false, 0x0);
-            case "CRC-8/ITU":
-                return this.calculateCRC8(input, 0x7, 0x0, false, false, 0x55);
-            case "CRC-8/MAXIM":
-                return this.calculateCRC8(input, 0x31, 0x0, true, true, 0x0);
-            case "CRC-8/ROHC":
-                return this.calculateCRC8(input, 0x7, 0xFF, true, true, 0x0);
-            case "CRC-8/WCDMA":
-                return this.calculateCRC8(input, 0x9B, 0x0, true, true, 0x0);
-            default:
-                throw new OperationError("Unknown checksum algorithm");
-        }
-    }
-}
-
-export default CRC8Checksum;
--- a/src/core/operations/CRCChecksum.mjs
+++ b/src/core/operations/CRCChecksum.mjs
--- a/src/core/operations/CSSSelector.mjs
+++ b/src/core/operations/CSSSelector.mjs
@ -6,7 +6,7 @@

 import Operation from "../Operation.mjs";
 import OperationError from "../errors/OperationError.mjs";
-import xmldom from "xmldom";
+import xmldom from "@xmldom/xmldom";
 import nwmatcher from "nwmatcher";

 /**
--- a/src/core/operations/CTPH.mjs
+++ b/src/core/operations/CTPH.mjs
@ -21,7 +21,7 @@ class CTPH extends Operation {
        this.name = "CTPH";
        this.module = "Crypto";
        this.description = "Context Triggered Piecewise Hashing, also called Fuzzy Hashing, can match inputs that have homologies. Such inputs have sequences of identical bytes in the same order, although bytes in between these sequences may be different in both content and length.<br><br>CTPH was originally based on the work of Dr. Andrew Tridgell and a spam email detector called SpamSum. This method was adapted by Jesse Kornblum and published at the DFRWS conference in 2006 in a paper 'Identifying Almost Identical Files Using Context Triggered Piecewise Hashing'.";
-        this.infoURL = "https://forensicswiki.xyz/wiki/index.php?title=Context_Triggered_Piecewise_Hashing";
+        this.infoURL = "https://forensics.wiki/context_triggered_piecewise_hashing/";
        this.inputType = "string";
        this.outputType = "string";
        this.args = [];
--- a/src/core/operations/CaretMdecode.mjs
+++ b/src/core/operations/CaretMdecode.mjs
@ -0,0 +1,98 @@
+/**
+ * @author tedk [tedk@ted.do]
+ * @copyright Crown Copyright 2024
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+
+/**
+ * Caret/M-decode operation
+ *
+ * https://gist.githubusercontent.com/JaHIY/3c91bbf7bea5661e6abfbd1349ee81a2/raw/c7b480e9ff24bcb8f5287a8a8a2dcb9bf5628506/decode_m_notation.cpp
+ */
+class CaretMdecode extends Operation {
+
+    /**
+     * CaretMdecode constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Caret/M-decode";
+        this.module = "Default";
+        this.description = "Decodes caret or M-encoded strings, i.e. ^M turns into a newline, M-^] turns into 0x9d. Sources such as `cat -v`.\n\nPlease be aware that when using `cat -v` ^_ (caret-underscore) will not be encoded, but represents a valid encoding (namely that of 0x1f).";
+        this.infoURL = "https://en.wikipedia.org/wiki/Caret_notation";
+        this.inputType = "string";
+        this.outputType = "byteArray";
+        this.args = [];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {byteArray}
+     */
+    run(input, args) {
+
+        const bytes = [];
+
+        let prev = "";
+
+        for (let i = 0; i < input.length; i++) {
+
+            const charCode = input.charCodeAt(i);
+            const curChar = input.charAt(i);
+
+            if (prev === "M-^") {
+                if (charCode > 63 && charCode <= 95) {
+                    bytes.push(charCode + 64);
+                } else if (charCode === 63) {
+                    bytes.push(255);
+                } else {
+                    bytes.push(77, 45, 94, charCode);
+                }
+                prev = "";
+            } else if (prev === "M-") {
+                if (curChar === "^") {
+                    prev = prev + "^";
+                } else if (charCode >= 32 && charCode <= 126) {
+                    bytes.push(charCode + 128);
+                    prev = "";
+                } else {
+                    bytes.push(77, 45, charCode);
+                    prev = "";
+                }
+            } else if (prev === "M") {
+                if (curChar === "-") {
+                    prev = prev + "-";
+                } else {
+                    bytes.push(77, charCode);
+                    prev = "";
+                }
+            } else if (prev === "^") {
+                if (charCode > 63 && charCode <= 126) {
+                    bytes.push(charCode - 64);
+                } else if (charCode === 63) {
+                    bytes.push(127);
+                } else {
+                    bytes.push(94, charCode);
+                }
+                prev = "";
+            } else {
+                if (curChar === "M") {
+                    prev = "M";
+                } else if (curChar === "^") {
+                    prev = "^";
+                } else {
+                    bytes.push(charCode);
+                }
+            }
+
+        }
+        return bytes;
+    }
+
+}
+
+export default CaretMdecode;
--- a/src/core/operations/CetaceanCipherDecode.mjs
+++ b/src/core/operations/CetaceanCipherDecode.mjs
@ -0,0 +1,63 @@
+/**
+ * @author dolphinOnKeys [robin@weird.io]
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+
+/**
+ * Cetacean Cipher Decode operation
+ */
+class CetaceanCipherDecode extends Operation {
+
+    /**
+     * CetaceanCipherDecode constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Cetacean Cipher Decode";
+        this.module = "Ciphers";
+        this.description = "Decode Cetacean Cipher input. <br/><br/>e.g. <code>EEEEEEEEEeeEeEEEEEEEEEEEEeeEeEEe</code> becomes <code>hi</code>";
+        this.infoURL = "https://hitchhikers.fandom.com/wiki/Dolphins";
+        this.inputType = "string";
+        this.outputType = "string";
+
+        this.checks = [
+            {
+                pattern: "^(?:[eE]{16,})(?: [eE]{16,})*$",
+                flags: "",
+                args: []
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const binaryArray = [];
+        for (const char of input) {
+            if (char === " ") {
+                binaryArray.push(...[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0]);
+            } else {
+                binaryArray.push(char === "e" ? 1 : 0);
+            }
+        }
+
+        const byteArray = [];
+
+        for (let i = 0;  i < binaryArray.length; i += 16) {
+            byteArray.push(binaryArray.slice(i, i + 16).join(""));
+        }
+
+        return byteArray.map(byte =>
+            String.fromCharCode(parseInt(byte, 2))
+        ).join("");
+    }
+}
+
+export default CetaceanCipherDecode;
--- a/src/core/operations/CetaceanCipherEncode.mjs
+++ b/src/core/operations/CetaceanCipherEncode.mjs
@ -0,0 +1,51 @@
+/**
+ * @author dolphinOnKeys [robin@weird.io]
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import {toBinary} from "../lib/Binary.mjs";
+
+/**
+ * Cetacean Cipher Encode operation
+ */
+class CetaceanCipherEncode extends Operation {
+
+    /**
+     * CetaceanCipherEncode constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Cetacean Cipher Encode";
+        this.module = "Ciphers";
+        this.description = "Converts any input into Cetacean Cipher. <br/><br/>e.g. <code>hi</code> becomes <code>EEEEEEEEEeeEeEEEEEEEEEEEEeeEeEEe</code>";
+        this.infoURL = "https://hitchhikers.fandom.com/wiki/Dolphins";
+        this.inputType = "string";
+        this.outputType = "string";
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const result = [];
+        const charArray = input.split("");
+
+        charArray.map(character => {
+            if (character === " ") {
+                result.push(character);
+            } else {
+                const binaryArray = toBinary(character.charCodeAt(0), "None", 16).split("");
+                result.push(binaryArray.map(str => str === "1" ? "e" : "E").join(""));
+            }
+        });
+
+        return result.join("");
+    }
+}
+
+export default CetaceanCipherEncode;
--- a/src/core/operations/ChaCha.mjs
+++ b/src/core/operations/ChaCha.mjs
@ -0,0 +1,234 @@
+/**
+ * @author joostrijneveld [joost@joostrijneveld.nl]
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import OperationError from "../errors/OperationError.mjs";
+import Utils from "../Utils.mjs";
+import { toHex } from "../lib/Hex.mjs";
+
+/**
+ * Computes the ChaCha block function
+ *
+ * @param {byteArray} key
+ * @param {byteArray} nonce
+ * @param {byteArray} counter
+ * @param {integer} rounds
+ * @returns {byteArray}
+ */
+function chacha(key, nonce, counter, rounds) {
+    const tau = "expand 16-byte k";
+    const sigma = "expand 32-byte k";
+
+    let state, c;
+    if (key.length === 16) {
+        c = Utils.strToByteArray(tau);
+        state = c.concat(key).concat(key);
+    } else {
+        c = Utils.strToByteArray(sigma);
+        state = c.concat(key);
+    }
+    state = state.concat(counter).concat(nonce);
+
+    const x = Array();
+    for (let i = 0; i < 64; i += 4) {
+        x.push(Utils.byteArrayToInt(state.slice(i, i + 4), "little"));
+    }
+    const a = [...x];
+
+    /**
+     * Macro to compute a 32-bit rotate-left operation
+     *
+     * @param {integer} x
+     * @param {integer} n
+     * @returns {integer}
+     */
+    function ROL32(x, n) {
+        return ((x << n) & 0xFFFFFFFF) | (x >>> (32 - n));
+    }
+
+    /**
+     * Macro to compute a single ChaCha quarterround operation
+     *
+     * @param {integer} x
+     * @param {integer} a
+     * @param {integer} b
+     * @param {integer} c
+     * @param {integer} d
+     * @returns {integer}
+     */
+    function quarterround(x, a, b, c, d) {
+        x[a] = ((x[a] + x[b]) & 0xFFFFFFFF); x[d] = ROL32(x[d] ^ x[a], 16);
+        x[c] = ((x[c] + x[d]) & 0xFFFFFFFF); x[b] = ROL32(x[b] ^ x[c], 12);
+        x[a] = ((x[a] + x[b]) & 0xFFFFFFFF); x[d] = ROL32(x[d] ^ x[a], 8);
+        x[c] = ((x[c] + x[d]) & 0xFFFFFFFF); x[b] = ROL32(x[b] ^ x[c], 7);
+    }
+
+    for (let i = 0; i < rounds / 2; i++)  {
+        quarterround(x, 0, 4,  8, 12);
+        quarterround(x, 1, 5,  9, 13);
+        quarterround(x, 2, 6, 10, 14);
+        quarterround(x, 3, 7, 11, 15);
+        quarterround(x, 0, 5, 10, 15);
+        quarterround(x, 1, 6, 11, 12);
+        quarterround(x, 2, 7,  8, 13);
+        quarterround(x, 3, 4,  9, 14);
+    }
+
+    for (let i = 0; i < 16; i++) {
+        x[i] = (x[i] + a[i]) & 0xFFFFFFFF;
+    }
+
+    let output = Array();
+    for (let i = 0; i < 16; i++) {
+        output = output.concat(Utils.intToByteArray(x[i], 4, "little"));
+    }
+    return output;
+}
+
+/**
+ * ChaCha operation
+ */
+class ChaCha extends Operation {
+
+    /**
+     * ChaCha constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "ChaCha";
+        this.module = "Ciphers";
+        this.description = "ChaCha is a stream cipher designed by Daniel J. Bernstein. It is a variant of the Salsa stream cipher. Several parameterizations exist; 'ChaCha' may refer to the original construction, or to the variant as described in RFC-8439. ChaCha is often used with Poly1305, in the ChaCha20-Poly1305 AEAD construction.<br><br><b>Key:</b> ChaCha uses a key of 16 or 32 bytes (128 or 256 bits).<br><br><b>Nonce:</b> ChaCha uses a nonce of 8 or 12 bytes (64 or 96 bits).<br><br><b>Counter:</b> ChaCha uses a counter of 4 or 8 bytes (32 or 64 bits); together, the nonce and counter must add up to 16 bytes. The counter starts at zero at the start of the keystream, and is incremented at every 64 bytes.";
+        this.infoURL = "https://wikipedia.org/wiki/Salsa20#ChaCha_variant";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                "name": "Key",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
+            },
+            {
+                "name": "Nonce",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64", "Integer"]
+            },
+            {
+                "name": "Counter",
+                "type": "number",
+                "value": 0,
+                "min": 0
+            },
+            {
+                "name": "Rounds",
+                "type": "option",
+                "value": ["20", "12", "8"]
+            },
+            {
+                "name": "Input",
+                "type": "option",
+                "value": ["Hex", "Raw"]
+            },
+            {
+                "name": "Output",
+                "type": "option",
+                "value": ["Raw", "Hex"]
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const key = Utils.convertToByteArray(args[0].string, args[0].option),
+            nonceType = args[1].option,
+            rounds = parseInt(args[3], 10),
+            inputType = args[4],
+            outputType = args[5];
+
+        if (key.length !== 16 && key.length !== 32) {
+            throw new OperationError(`Invalid key length: ${key.length} bytes.
+
+ChaCha uses a key of 16 or 32 bytes (128 or 256 bits).`);
+        }
+
+        let counter, nonce, counterLength;
+        if (nonceType === "Integer") {
+            nonce = Utils.intToByteArray(parseInt(args[1].string, 10), 12, "little");
+            counterLength = 4;
+        } else {
+            nonce = Utils.convertToByteArray(args[1].string, args[1].option);
+            if (!(nonce.length === 12 || nonce.length === 8)) {
+                throw new OperationError(`Invalid nonce length: ${nonce.length} bytes.
+
+ChaCha uses a nonce of 8 or 12 bytes (64 or 96 bits).`);
+            }
+            counterLength = 16 - nonce.length;
+        }
+        counter = Utils.intToByteArray(args[2], counterLength, "little");
+
+        const output = [];
+        input = Utils.convertToByteArray(input, inputType);
+
+        let counterAsInt = Utils.byteArrayToInt(counter, "little");
+        for (let i = 0; i < input.length; i += 64) {
+            counter = Utils.intToByteArray(counterAsInt, counterLength, "little");
+            const stream = chacha(key, nonce, counter, rounds);
+            for (let j = 0; j < 64 && i + j < input.length; j++) {
+                output.push(input[i + j] ^ stream[j]);
+            }
+            counterAsInt++;
+        }
+
+        if (outputType === "Hex") {
+            return toHex(output);
+        } else {
+            return Utils.arrayBufferToStr(Uint8Array.from(output).buffer);
+        }
+    }
+
+    /**
+     * Highlight ChaCha
+     *
+     * @param {Object[]} pos
+     * @param {number} pos[].start
+     * @param {number} pos[].end
+     * @param {Object[]} args
+     * @returns {Object[]} pos
+     */
+    highlight(pos, args) {
+        const inputType = args[4],
+            outputType = args[5];
+        if (inputType === "Raw" && outputType === "Raw") {
+            return pos;
+        }
+    }
+
+    /**
+     * Highlight ChaCha in reverse
+     *
+     * @param {Object[]} pos
+     * @param {number} pos[].start
+     * @param {number} pos[].end
+     * @param {Object[]} args
+     * @returns {Object[]} pos
+     */
+    highlightReverse(pos, args) {
+        const inputType = args[4],
+            outputType = args[5];
+        if (inputType === "Raw" && outputType === "Raw") {
+            return pos;
+        }
+    }
+
+}
+
+export default ChaCha;
--- a/src/core/operations/CompareCTPHHashes.mjs
+++ b/src/core/operations/CompareCTPHHashes.mjs
@ -24,7 +24,7 @@ class CompareCTPHHashes extends Operation {
        this.name = "Compare CTPH hashes";
        this.module = "Crypto";
        this.description = "Compares two Context Triggered Piecewise Hashing (CTPH) fuzzy hashes to determine the similarity between them on a scale of 0 to 100.";
-        this.infoURL = "https://forensicswiki.xyz/wiki/index.php?title=Context_Triggered_Piecewise_Hashing";
+        this.infoURL = "https://forensics.wiki/context_triggered_piecewise_hashing/";
        this.inputType = "string";
        this.outputType = "Number";
        this.args = [
--- a/src/core/operations/CompareSSDEEPHashes.mjs
+++ b/src/core/operations/CompareSSDEEPHashes.mjs
@ -24,7 +24,7 @@ class CompareSSDEEPHashes extends Operation {
        this.name = "Compare SSDEEP hashes";
        this.module = "Crypto";
        this.description = "Compares two SSDEEP fuzzy hashes to determine the similarity between them on a scale of 0 to 100.";
-        this.infoURL = "https://forensicswiki.xyz/wiki/index.php?title=Ssdeep";
+        this.infoURL = "https://forensics.wiki/ssdeep/";
        this.inputType = "string";
        this.outputType = "Number";
        this.args = [
--- a/src/core/operations/ContainImage.mjs
+++ b/src/core/operations/ContainImage.mjs
@ -9,8 +9,7 @@ import OperationError from "../errors/OperationError.mjs";
 import { isImage } from "../lib/FileType.mjs";
 import { toBase64 } from "../lib/Base64.mjs";
 import { isWorkerEnvironment } from "../Utils.mjs";
-import jimplib from "jimp/es/index.js";
-const jimp = jimplib.default ? jimplib.default : jimplib;
+import Jimp from "jimp/es/index.js";

 /**
 * Contain Image operation
@ -92,20 +91,20 @@ class ContainImage extends Operation {
        const [width, height, hAlign, vAlign, alg, opaqueBg] = args;

        const resizeMap = {
-            "Nearest Neighbour": jimp.RESIZE_NEAREST_NEIGHBOR,
-            "Bilinear": jimp.RESIZE_BILINEAR,
-            "Bicubic": jimp.RESIZE_BICUBIC,
-            "Hermite": jimp.RESIZE_HERMITE,
-            "Bezier": jimp.RESIZE_BEZIER
+            "Nearest Neighbour": Jimp.RESIZE_NEAREST_NEIGHBOR,
+            "Bilinear": Jimp.RESIZE_BILINEAR,
+            "Bicubic": Jimp.RESIZE_BICUBIC,
+            "Hermite": Jimp.RESIZE_HERMITE,
+            "Bezier": Jimp.RESIZE_BEZIER
        };

        const alignMap = {
-            "Left": jimp.HORIZONTAL_ALIGN_LEFT,
-            "Center": jimp.HORIZONTAL_ALIGN_CENTER,
-            "Right": jimp.HORIZONTAL_ALIGN_RIGHT,
-            "Top": jimp.VERTICAL_ALIGN_TOP,
-            "Middle": jimp.VERTICAL_ALIGN_MIDDLE,
-            "Bottom": jimp.VERTICAL_ALIGN_BOTTOM
+            "Left": Jimp.HORIZONTAL_ALIGN_LEFT,
+            "Center": Jimp.HORIZONTAL_ALIGN_CENTER,
+            "Right": Jimp.HORIZONTAL_ALIGN_RIGHT,
+            "Top": Jimp.VERTICAL_ALIGN_TOP,
+            "Middle": Jimp.VERTICAL_ALIGN_MIDDLE,
+            "Bottom": Jimp.VERTICAL_ALIGN_BOTTOM
        };

        if (!isImage(input)) {
@ -114,7 +113,7 @@ class ContainImage extends Operation {

        let image;
        try {
-            image = await jimp.read(input);
+            image = await Jimp.read(input);
        } catch (err) {
            throw new OperationError(`Error loading image. (${err})`);
        }
@ -124,16 +123,16 @@ class ContainImage extends Operation {
            image.contain(width, height, alignMap[hAlign] | alignMap[vAlign], resizeMap[alg]);

            if (opaqueBg) {
-                const newImage = await jimp.read(width, height, 0x000000FF);
+                const newImage = await Jimp.read(width, height, 0x000000FF);
                newImage.blit(image, 0, 0);
                image = newImage;
            }

            let imageBuffer;
            if (image.getMIME() === "image/gif") {
-                imageBuffer = await image.getBufferAsync(jimp.MIME_PNG);
+                imageBuffer = await image.getBufferAsync(Jimp.MIME_PNG);
            } else {
-                imageBuffer = await image.getBufferAsync(jimp.AUTO);
+                imageBuffer = await image.getBufferAsync(Jimp.AUTO);
            }
            return imageBuffer.buffer;
        } catch (err) {
--- a/src/core/operations/ConvertImageFormat.mjs
+++ b/src/core/operations/ConvertImageFormat.mjs
@ -8,8 +8,7 @@ import Operation from "../Operation.mjs";
 import OperationError from "../errors/OperationError.mjs";
 import { isImage } from "../lib/FileType.mjs";
 import { toBase64 } from "../lib/Base64.mjs";
-import jimplib from "jimp/es/index.js";
-const jimp = jimplib.default ? jimplib.default : jimplib;
+import Jimp from "jimp/es/index.js";

 /**
 * Convert Image Format operation
@ -77,19 +76,19 @@ class ConvertImageFormat extends Operation {
    async run(input, args) {
        const [format, jpegQuality, pngFilterType, pngDeflateLevel] = args;
        const formatMap = {
-            "JPEG": jimp.MIME_JPEG,
-            "PNG": jimp.MIME_PNG,
-            "BMP": jimp.MIME_BMP,
-            "TIFF": jimp.MIME_TIFF
+            "JPEG": Jimp.MIME_JPEG,
+            "PNG": Jimp.MIME_PNG,
+            "BMP": Jimp.MIME_BMP,
+            "TIFF": Jimp.MIME_TIFF
        };

        const pngFilterMap = {
-            "Auto": jimp.PNG_FILTER_AUTO,
-            "None": jimp.PNG_FILTER_NONE,
-            "Sub": jimp.PNG_FILTER_SUB,
-            "Up": jimp.PNG_FILTER_UP,
-            "Average": jimp.PNG_FILTER_AVERAGE,
-            "Paeth": jimp.PNG_FILTER_PATH
+            "Auto": Jimp.PNG_FILTER_AUTO,
+            "None": Jimp.PNG_FILTER_NONE,
+            "Sub": Jimp.PNG_FILTER_SUB,
+            "Up": Jimp.PNG_FILTER_UP,
+            "Average": Jimp.PNG_FILTER_AVERAGE,
+            "Paeth": Jimp.PNG_FILTER_PATH
        };

        const mime = formatMap[format];
@ -99,7 +98,7 @@ class ConvertImageFormat extends Operation {
        }
        let image;
        try {
-            image = await jimp.read(input);
+            image = await Jimp.read(input);
        } catch (err) {
            throw new OperationError(`Error opening image file. (${err})`);
        }
--- a/src/core/operations/ConvertLeetSpeak.mjs
+++ b/src/core/operations/ConvertLeetSpeak.mjs
@ -0,0 +1,116 @@
+/**
+ * @author bartblaze []
+ * @copyright Crown Copyright 2025
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+
+/**
+ * Convert Leet Speak operation
+ */
+class ConvertLeetSpeak extends Operation {
+    /**
+     * ConvertLeetSpeak constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Convert Leet Speak";
+        this.module = "Default";
+        this.description = "Converts to and from Leet Speak.";
+        this.infoURL = "https://wikipedia.org/wiki/Leet";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                name: "Direction",
+                type: "option",
+                value: ["To Leet Speak", "From Leet Speak"],
+                defaultIndex: 0
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const direction = args[0];
+
+        if (direction === "To Leet Speak") {
+            return input.replace(/[a-z]/gi, char => {
+                const leetChar = toLeetMap[char.toLowerCase()] || char;
+                return char === char.toUpperCase() ? leetChar.toUpperCase() : leetChar;
+            });
+        } else if (direction === "From Leet Speak") {
+            return input.replace(/[48cd3f6h1jklmn0pqr57uvwxyz]/gi, char => {
+                const normalChar = fromLeetMap[char] || char;
+                return normalChar;
+            });
+        }
+    }
+}
+
+const toLeetMap = {
+    "a": "4",
+    "b": "b",
+    "c": "c",
+    "d": "d",
+    "e": "3",
+    "f": "f",
+    "g": "g",
+    "h": "h",
+    "i": "1",
+    "j": "j",
+    "k": "k",
+    "l": "l",
+    "m": "m",
+    "n": "n",
+    "o": "0",
+    "p": "p",
+    "q": "q",
+    "r": "r",
+    "s": "5",
+    "t": "7",
+    "u": "u",
+    "v": "v",
+    "w": "w",
+    "x": "x",
+    "y": "y",
+    "z": "z"
+};
+
+const fromLeetMap = {
+    "4": "a",
+    "b": "b",
+    "c": "c",
+    "d": "d",
+    "3": "e",
+    "f": "f",
+    "g": "g",
+    "h": "h",
+    "1": "i",
+    "j": "j",
+    "k": "k",
+    "l": "l",
+    "m": "m",
+    "n": "n",
+    "0": "o",
+    "p": "p",
+    "q": "q",
+    "r": "r",
+    "5": "s",
+    "7": "t",
+    "u": "u",
+    "v": "v",
+    "w": "w",
+    "x": "x",
+    "y": "y",
+    "z": "z"
+};
+
+export default ConvertLeetSpeak;
+
--- a/src/core/operations/CoverImage.mjs
+++ b/src/core/operations/CoverImage.mjs
@ -9,8 +9,7 @@ import OperationError from "../errors/OperationError.mjs";
 import { isImage } from "../lib/FileType.mjs";
 import { toBase64 } from "../lib/Base64.mjs";
 import { isWorkerEnvironment } from "../Utils.mjs";
-import jimplib from "jimp/es/index.js";
-const jimp = jimplib.default ? jimplib.default : jimplib;
+import jimp from "jimp/es/index.js";

 /**
 * Cover Image operation
--- a/src/core/operations/CropImage.mjs
+++ b/src/core/operations/CropImage.mjs
@ -9,8 +9,7 @@ import OperationError from "../errors/OperationError.mjs";
 import { isImage } from "../lib/FileType.mjs";
 import { toBase64 } from "../lib/Base64.mjs";
 import { isWorkerEnvironment } from "../Utils.mjs";
-import jimplib from "jimp/es/index.js";
-const jimp = jimplib.default ? jimplib.default : jimplib;
+import Jimp from "jimp/es/index.js";

 /**
 * Crop Image operation
@ -100,7 +99,7 @@ class CropImage extends Operation {

        let image;
        try {
-            image = await jimp.read(input);
+            image = await Jimp.read(input);
        } catch (err) {
            throw new OperationError(`Error loading image. (${err})`);
        }
@ -120,9 +119,9 @@ class CropImage extends Operation {

            let imageBuffer;
            if (image.getMIME() === "image/gif") {
-                imageBuffer = await image.getBufferAsync(jimp.MIME_PNG);
+                imageBuffer = await image.getBufferAsync(Jimp.MIME_PNG);
            } else {
-                imageBuffer = await image.getBufferAsync(jimp.AUTO);
+                imageBuffer = await image.getBufferAsync(Jimp.AUTO);
            }
            return imageBuffer.buffer;
        } catch (err) {
--- a/src/core/operations/DESDecrypt.mjs
+++ b/src/core/operations/DESDecrypt.mjs
@ -22,7 +22,7 @@ class DESDecrypt extends Operation {

        this.name = "DES Decrypt";
        this.module = "Ciphers";
-        this.description = "DES is a previously dominant algorithm for encryption, and was published as an official U.S. Federal Information Processing Standard (FIPS). It is now considered to be insecure due to its small key size.<br><br><b>Key:</b> DES uses a key length of 8 bytes (64 bits).<br>Triple DES uses a key length of 24 bytes (192 bits).<br><br><b>IV:</b> The Initialization Vector should be 8 bytes long. If not entered, it will default to 8 null bytes.<br><br><b>Padding:</b> In CBC and ECB mode, PKCS#7 padding will be used as a default.";
+        this.description = "DES is a previously dominant algorithm for encryption, and was published as an official U.S. Federal Information Processing Standard (FIPS). It is now considered to be insecure due to its small key size.<br><br><b>Key:</b> DES uses a key length of 8 bytes (64 bits).<br><br><b>IV:</b> The Initialization Vector should be 8 bytes long. If not entered, it will default to 8 null bytes.<br><br><b>Padding:</b> In CBC and ECB mode, PKCS#7 padding will be used as a default.";
        this.infoURL = "https://wikipedia.org/wiki/Data_Encryption_Standard";
        this.inputType = "string";
        this.outputType = "string";
@ -72,8 +72,7 @@ class DESDecrypt extends Operation {
        if (key.length !== 8) {
            throw new OperationError(`Invalid key length: ${key.length} bytes

-DES uses a key length of 8 bytes (64 bits).
-Triple DES uses a key length of 24 bytes (192 bits).`);
+DES uses a key length of 8 bytes (64 bits).`);
        }
        if (iv.length !== 8 && mode !== "ECB") {
            throw new OperationError(`Invalid IV length: ${iv.length} bytes
--- a/src/core/operations/DESEncrypt.mjs
+++ b/src/core/operations/DESEncrypt.mjs
@ -22,7 +22,7 @@ class DESEncrypt extends Operation {

        this.name = "DES Encrypt";
        this.module = "Ciphers";
-        this.description = "DES is a previously dominant algorithm for encryption, and was published as an official U.S. Federal Information Processing Standard (FIPS). It is now considered to be insecure due to its small key size.<br><br><b>Key:</b> DES uses a key length of 8 bytes (64 bits).<br>Triple DES uses a key length of 24 bytes (192 bits).<br><br>You can generate a password-based key using one of the KDF operations.<br><br><b>IV:</b> The Initialization Vector should be 8 bytes long. If not entered, it will default to 8 null bytes.<br><br><b>Padding:</b> In CBC and ECB mode, PKCS#7 padding will be used.";
+        this.description = "DES is a previously dominant algorithm for encryption, and was published as an official U.S. Federal Information Processing Standard (FIPS). It is now considered to be insecure due to its small key size.<br><br><b>Key:</b> DES uses a key length of 8 bytes (64 bits).<br><br>You can generate a password-based key using one of the KDF operations.<br><br><b>IV:</b> The Initialization Vector should be 8 bytes long. If not entered, it will default to 8 null bytes.<br><br><b>Padding:</b> In CBC and ECB mode, PKCS#7 padding will be used.";
        this.infoURL = "https://wikipedia.org/wiki/Data_Encryption_Standard";
        this.inputType = "string";
        this.outputType = "string";
@ -70,8 +70,7 @@ class DESEncrypt extends Operation {
        if (key.length !== 8) {
            throw new OperationError(`Invalid key length: ${key.length} bytes

-DES uses a key length of 8 bytes (64 bits).
-Triple DES uses a key length of 24 bytes (192 bits).`);
+DES uses a key length of 8 bytes (64 bits).`);
        }
        if (iv.length !== 8 && mode !== "ECB") {
            throw new OperationError(`Invalid IV length: ${iv.length} bytes
--- a/src/core/operations/DNSOverHTTPS.mjs
+++ b/src/core/operations/DNSOverHTTPS.mjs
@ -51,10 +51,27 @@ class DNSOverHTTPS extends Operation {
                value: [
                    "A",
                    "AAAA",
-                    "TXT",
-                    "MX",
+                    "ANAME",
+                    "CERT",
+                    "CNAME",
                    "DNSKEY",
-                    "NS"
+                    "HTTPS",
+                    "IPSECKEY",
+                    "LOC",
+                    "MX",
+                    "NS",
+                    "OPENPGPKEY",
+                    "PTR",
+                    "RRSIG",
+                    "SIG",
+                    "SOA",
+                    "SPF",
+                    "SRV",
+                    "SSHFP",
+                    "TA",
+                    "TXT",
+                    "URI",
+                    "ANY"
                ]
            },
            {
--- a/src/core/operations/DateTimeDelta.mjs
+++ b/src/core/operations/DateTimeDelta.mjs
@ -0,0 +1,107 @@
+/**
+ * @author tomgond [tom.gonda@gmail.com]
+ * @copyright Crown Copyright 2024
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import moment from "moment-timezone";
+import {DATETIME_FORMATS, FORMAT_EXAMPLES} from "../lib/DateTime.mjs";
+
+/**
+ * DateTime Delta operation
+ */
+class DateTimeDelta extends Operation {
+
+    /**
+     * DateTimeDelta constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "DateTime Delta";
+        this.module = "Default";
+        this.description = "Calculates a new DateTime value given an input DateTime value and a time difference (delta) from the input DateTime value.";
+        this.inputType = "string";
+        this.outputType = "html";
+        this.args = [
+            {
+                "name": "Built in formats",
+                "type": "populateOption",
+                "value": DATETIME_FORMATS,
+                "target": 1
+            },
+            {
+                "name": "Input format string",
+                "type": "binaryString",
+                "value": "DD/MM/YYYY HH:mm:ss"
+            },
+            {
+                "name": "Time Operation",
+                "type": "option",
+                "value": ["Add", "Subtract"]
+            },
+            {
+                "name": "Days",
+                "type": "number",
+                "value": 0
+            },
+            {
+                "name": "Hours",
+                "type": "number",
+                "value": 0
+            },
+            {
+                "name": "Minutes",
+                "type": "number",
+                "value": 0
+            },
+            {
+                "name": "Seconds",
+                "type": "number",
+                "value": 0
+            }
+
+        ];
+    }
+
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const inputTimezone = "UTC";
+        const inputFormat = args[1];
+        const operationType = args[2];
+        const daysDelta = args[3];
+        const hoursDelta = args[4];
+        const minutesDelta = args[5];
+        const secondsDelta = args[6];
+        let date = "";
+
+        try {
+            date = moment.tz(input, inputFormat, inputTimezone);
+            if (!date || date.format() === "Invalid date") throw Error;
+        } catch (err) {
+            return `Invalid format.\n\n${FORMAT_EXAMPLES}`;
+        }
+        let newDate;
+        if (operationType === "Add") {
+            newDate = date.add(daysDelta, "days")
+                .add(hoursDelta, "hours")
+                .add(minutesDelta, "minutes")
+                .add(secondsDelta, "seconds");
+
+        } else {
+            newDate = date.add(-daysDelta, "days")
+                .add(-hoursDelta, "hours")
+                .add(-minutesDelta, "minutes")
+                .add(-secondsDelta, "seconds");
+        }
+        return newDate.tz(inputTimezone).format(inputFormat.replace(/[<>]/g, ""));
+    }
+}
+
+export default DateTimeDelta;
--- a/src/core/operations/DecodeText.mjs
+++ b/src/core/operations/DecodeText.mjs
@ -6,7 +6,7 @@

 import Operation from "../Operation.mjs";
 import cptable from "codepage";
-import {IO_FORMAT} from "../lib/ChrEnc.mjs";
+import {CHR_ENC_CODE_PAGES} from "../lib/ChrEnc.mjs";

 /**
 * Decode text operation
@ -26,7 +26,7 @@ class DecodeText extends Operation {
            "<br><br>",
            "Supported charsets are:",
            "<ul>",
-            Object.keys(IO_FORMAT).map(e => `<li>${e}</li>`).join("\n"),
+            Object.keys(CHR_ENC_CODE_PAGES).map(e => `<li>${e}</li>`).join("\n"),
            "</ul>",
        ].join("\n");
        this.infoURL = "https://wikipedia.org/wiki/Character_encoding";
@ -36,7 +36,7 @@ class DecodeText extends Operation {
            {
                "name": "Encoding",
                "type": "option",
-                "value": Object.keys(IO_FORMAT)
+                "value": Object.keys(CHR_ENC_CODE_PAGES)
            }
        ];
    }
@ -47,7 +47,7 @@ class DecodeText extends Operation {
     * @returns {string}
     */
    run(input, args) {
-        const format = IO_FORMAT[args[0]];
+        const format = CHR_ENC_CODE_PAGES[args[0]];
        return cptable.utils.decode(format, new Uint8Array(input));
    }

--- a/src/core/operations/DeriveEVPKey.mjs
+++ b/src/core/operations/DeriveEVPKey.mjs
@ -62,11 +62,13 @@ class DeriveEVPKey extends Operation {
     * @returns {string}
     */
    run(input, args) {
-        const passphrase = Utils.convertToByteString(args[0].string, args[0].option),
+        const passphrase = CryptoJS.enc.Latin1.parse(
+                Utils.convertToByteString(args[0].string, args[0].option)),
            keySize = args[1] / 32,
            iterations = args[2],
            hasher = args[3],
-            salt = Utils.convertToByteString(args[4].string, args[4].option),
+            salt = CryptoJS.enc.Latin1.parse(
+                Utils.convertToByteString(args[4].string, args[4].option)),
            key = CryptoJS.EvpKDF(passphrase, salt, { // lgtm [js/insufficient-password-hash]
                keySize: keySize,
                hasher: CryptoJS.algo[hasher],
--- a/src/core/operations/DeriveHKDFKey.mjs
+++ b/src/core/operations/DeriveHKDFKey.mjs
@ -0,0 +1,138 @@
+/**
+ * @author mikecat
+ * @copyright Crown Copyright 2023
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Utils from "../Utils.mjs";
+import OperationError from "../errors/OperationError.mjs";
+import CryptoApi from "crypto-api/src/crypto-api.mjs";
+
+/**
+ * Derive HKDF Key operation
+ */
+class DeriveHKDFKey extends Operation {
+
+    /**
+     * DeriveHKDFKey constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Derive HKDF key";
+        this.module = "Crypto";
+        this.description = "A simple Hashed Message Authenticaton Code (HMAC)-based key derivation function (HKDF), defined in RFC5869.";
+        this.infoURL = "https://wikipedia.org/wiki/HKDF";
+        this.inputType = "ArrayBuffer";
+        this.outputType = "string";
+        this.args = [
+            {
+                "name": "Salt",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "Decimal", "Base64", "UTF8", "Latin1"]
+            },
+            {
+                "name": "Info",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "Decimal", "Base64", "UTF8", "Latin1"]
+            },
+            {
+                "name": "Hashing function",
+                "type": "option",
+                "value": [
+                    "MD2",
+                    "MD4",
+                    "MD5",
+                    "SHA0",
+                    "SHA1",
+                    "SHA224",
+                    "SHA256",
+                    "SHA384",
+                    "SHA512",
+                    "SHA512/224",
+                    "SHA512/256",
+                    "RIPEMD128",
+                    "RIPEMD160",
+                    "RIPEMD256",
+                    "RIPEMD320",
+                    "HAS160",
+                    "Whirlpool",
+                    "Whirlpool-0",
+                    "Whirlpool-T",
+                    "Snefru"
+                ],
+                "defaultIndex": 6
+            },
+            {
+                "name": "Extract mode",
+                "type": "argSelector",
+                "value": [
+                    {
+                        "name": "with salt",
+                        "on": [0]
+                    },
+                    {
+                        "name": "no salt",
+                        "off": [0]
+                    },
+                    {
+                        "name": "skip",
+                        "off": [0]
+                    }
+                ]
+            },
+            {
+                "name": "L (number of output octets)",
+                "type": "number",
+                "value": 16,
+                "min": 0
+            },
+        ];
+    }
+
+    /**
+     * @param {ArrayBuffer} input
+     * @param {Object[]} args
+     * @returns {ArrayBuffer}
+     */
+    run(input, args) {
+        const argSalt = Utils.convertToByteString(args[0].string || "", args[0].option),
+            info = Utils.convertToByteString(args[1].string || "", args[1].option),
+            hashFunc = args[2].toLowerCase(),
+            extractMode = args[3],
+            L = args[4],
+            IKM = Utils.arrayBufferToStr(input, false),
+            hasher = CryptoApi.getHasher(hashFunc),
+            HashLen = hasher.finalize().length;
+
+        if (L < 0) {
+            throw new OperationError("L must be non-negative");
+        }
+        if (L > 255 * HashLen) {
+            throw new OperationError("L too large (maximum length for " + args[2] + " is " + (255 * HashLen) + ")");
+        }
+
+        const hmacHash = function(key, data) {
+            hasher.reset();
+            const mac = CryptoApi.getHmac(key, hasher);
+            mac.update(data);
+            return mac.finalize();
+        };
+        const salt = extractMode === "with salt" ? argSalt : "\0".repeat(HashLen);
+        const PRK = extractMode === "skip" ? IKM : hmacHash(salt, IKM);
+        let T = "";
+        let result = "";
+        for (let i = 1; i <= 255 && result.length < L; i++) {
+            const TNext = hmacHash(PRK, T + info + String.fromCharCode(i));
+            result += TNext;
+            T = TNext;
+        }
+        return CryptoApi.encoder.toHex(result.substring(0, L));
+    }
+
+}
+
+export default DeriveHKDFKey;
--- a/src/core/operations/DetectFileType.mjs
+++ b/src/core/operations/DetectFileType.mjs
@ -65,7 +65,7 @@ class DetectFileType extends Operation {
 Extension:   ${type.extension}
 MIME type:   ${type.mime}\n`;

-                if (type.description && type.description.length) {
+                if (type?.description?.length) {
                    output += `Description: ${type.description}\n`;
                }

--- a/src/core/operations/Diff.mjs
+++ b/src/core/operations/Diff.mjs
@ -119,9 +119,9 @@ class Diff extends Operation {

        for (let i = 0; i < diff.length; i++) {
            if (diff[i].added) {
-                if (showAdded) output += "<span class='hl5'>" + Utils.escapeHtml(diff[i].value) + "</span>";
+                if (showAdded) output += "<ins>" + Utils.escapeHtml(diff[i].value) + "</ins>";
            } else if (diff[i].removed) {
-                if (showRemoved) output += "<span class='hl3'>" + Utils.escapeHtml(diff[i].value) + "</span>";
+                if (showRemoved) output += "<del>" + Utils.escapeHtml(diff[i].value) + "</del>";
            } else if (!showSubtraction) {
                output += Utils.escapeHtml(diff[i].value);
            }
--- a/src/core/operations/DitherImage.mjs
+++ b/src/core/operations/DitherImage.mjs
@ -9,8 +9,7 @@ import OperationError from "../errors/OperationError.mjs";
 import { isImage } from "../lib/FileType.mjs";
 import { toBase64 } from "../lib/Base64.mjs";
 import { isWorkerEnvironment } from "../Utils.mjs";
-import jimplib from "jimp/es/index.js";
-const jimp = jimplib.default ? jimplib.default : jimplib;
+import Jimp from "jimp/es/index.js";

 /**
 * Image Dither operation
@ -45,7 +44,7 @@ class DitherImage extends Operation {

        let image;
        try {
-            image = await jimp.read(input);
+            image = await Jimp.read(input);
        } catch (err) {
            throw new OperationError(`Error loading image. (${err})`);
        }
@ -56,9 +55,9 @@ class DitherImage extends Operation {

            let imageBuffer;
            if (image.getMIME() === "image/gif") {
-                imageBuffer = await image.getBufferAsync(jimp.MIME_PNG);
+                imageBuffer = await image.getBufferAsync(Jimp.MIME_PNG);
            } else {
-                imageBuffer = await image.getBufferAsync(jimp.AUTO);
+                imageBuffer = await image.getBufferAsync(Jimp.AUTO);
            }
            return imageBuffer.buffer;
        } catch (err) {
--- a/Show more
+++ b/Show more