/** * @author n1474335 [n1474335@gmail.com] * @copyright Crown Copyright 2016 * @license Apache-2.0 */ import Operation from "../Operation"; import Utils from "../Utils"; import forge from "node-forge/dist/forge.min.js"; import OperationError from "../errors/OperationError"; /** * AES Decrypt operation */ class AESDecrypt extends Operation { /** * AESDecrypt constructor */ constructor() { super(); this.name = "AES Decrypt"; this.module = "Ciphers"; this.description = "Advanced Encryption Standard (AES) is a U.S. Federal Information Processing Standard (FIPS). It was selected after a 5-year process where 15 competing designs were evaluated.

Key: The following algorithms will be used based on the size of the key:

16 bytes = AES-128
24 bytes = AES-192
32 bytes = AES-256

IV: The Initialization Vector should be 16 bytes long. If not entered, it will default to 16 null bytes.

Padding: In CBC and ECB mode, PKCS#7 padding will be used.

GCM Tag: This field is ignored unless 'GCM' mode is used."; this.infoURL = "https://wikipedia.org/wiki/Advanced_Encryption_Standard"; this.inputType = "string"; this.outputType = "string"; this.args = [ { "name": "Key", "type": "toggleString", "value": "", "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"] }, { "name": "IV", "type": "toggleString", "value": "", "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"] }, { "name": "Mode", "type": "option", "value": ["CBC", "CFB", "OFB", "CTR", "GCM", "ECB"] }, { "name": "Padding", "type": "option", "value": ["PKCS#7", "Null byte", "No padding"] }, { "name": "Input", "type": "option", "value": ["Hex", "Raw"] }, { "name": "Output", "type": "option", "value": ["Raw", "Hex"] }, { "name": "GCM Tag", "type": "toggleString", "value": "", "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"] } ]; } /** * @param {string} input * @param {Object[]} args * @returns {string} * * @throws {OperationError} if cannot decrypt input or invalid key length */ run(input, args) { const key = Utils.convertToByteArray(args[0].string, args[0].option), iv = Utils.convertToByteArray(args[1].string, args[1].option), gcmTag = Utils.convertToByteString(args[6].string, args[6].option), [,, mode, padding, inputType, outputType,] = args; if ([16, 24, 32].indexOf(key.length) < 0) { throw new OperationError(`Invalid key length: ${key.length} bytes The following algorithms will be used based on the size of the key: 16 bytes = AES-128 24 bytes = AES-192 32 bytes = AES-256`); } input = Utils.convertToByteString(input, inputType); const decipher = forge.cipher.createDecipher("AES-" + mode, key); decipher.start({ iv: iv, tag: gcmTag }); decipher.update(forge.util.createBuffer(input)); var result = null; if (padding === "PKCS#7") { result = decipher.finish(); } else if (padding === "Null byte") { result = decipher.finish(function(blockSize, buffer, decrypt) { if (decrypt) { var len = buffer.length(), count = 0; for(var i = len - 1; i >= 8; --i) { if (buffer.at(i) == "00") { count += 1; } else { break; } } return buffer.truncate(count); } }); } else { result = decipher.finish(function(blockSize, buffer, decrypt) { return true; }); }; if (result) { return outputType === "Hex" ? decipher.output.toHex() : decipher.output.getBytes(); } else { throw new OperationError("Unable to decrypt input with these parameters."); } } } export default AESDecrypt;