Mirror
/
CyberChef
mirror of https://github.com/gchq/CyberChef.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

AES Decrypt now supports Additional Authenticated Data in GCM mode. Added tests for ADD at each AES size.

This commit is contained in:
n1474335 2021-02-02 17:18:35 +00:00
parent fdffabfdd4
commit 4a673bd92a
6 changed files with 274 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
src/core/operations/AESDecrypt.mjs
View File

@ -41,8 +41,33 @@ class AESDecrypt extends Operation {
}, },
{ {
"name": "Mode", "name": "Mode",
"type": "option", "type": "argSelector",
"value": ["CBC", "CFB", "OFB", "CTR", "GCM", "ECB"] "value": [
{
name: "CBC",
off: [5, 6]
},
{
name: "CFB",
off: [5, 6]
},
{
name: "OFB",
off: [5, 6]
},
{
name: "CTR",
off: [5, 6]
},
{
name: "GCM",
on: [5, 6]
},
{
name: "ECB",
off: [5, 6]
}
]
}, },
{ {
"name": "Input", "name": "Input",
@ -59,6 +84,11 @@ class AESDecrypt extends Operation {
"type": "toggleString", "type": "toggleString",
"value": "", "value": "",
"toggleValues": ["Hex", "UTF8", "Latin1", "Base64"] "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
},
{
"name": "Additional Authenticated Data",
"type": "binaryString",
"value": ""
} }
]; ];
} }
@ -76,7 +106,8 @@ class AESDecrypt extends Operation {
mode = args[2], mode = args[2],
inputType = args[3], inputType = args[3],
outputType = args[4], outputType = args[4],
gcmTag = Utils.convertToByteString(args[5].string, args[5].option); gcmTag = Utils.convertToByteString(args[5].string, args[5].option),
aad = args[6];
if ([16, 24, 32].indexOf(key.length) < 0) { if ([16, 24, 32].indexOf(key.length) < 0) {
throw new OperationError(`Invalid key length: ${key.length} bytes throw new OperationError(`Invalid key length: ${key.length} bytes
@ -92,7 +123,8 @@ The following algorithms will be used based on the size of the key:
const decipher = forge.cipher.createDecipher("AES-" + mode, key); const decipher = forge.cipher.createDecipher("AES-" + mode, key);
decipher.start({ decipher.start({
iv: iv.length === 0 ? "" : iv, iv: iv.length === 0 ? "" : iv,
tag: gcmTag tag: mode === "GCM" ? gcmTag : undefined,
additionalData: mode === "GCM" ? aad : undefined
}); });
decipher.update(forge.util.createBuffer(input)); decipher.update(forge.util.createBuffer(input));
const result = decipher.finish(); const result = decipher.finish();

17
src/core/operations/AESEncrypt.mjs
View File

@ -56,7 +56,7 @@ class AESEncrypt extends Operation {
off: [5] off: [5]
}, },
{ {
name:"CTR", name: "CTR",
off: [5] off: [5]
}, },
{ {
@ -81,7 +81,7 @@ class AESEncrypt extends Operation {
}, },
{ {
"name": "Additional Authenticated Data", "name": "Additional Authenticated Data",
"type": "string", "type": "binaryString",
"value": "" "value": ""
} }
]; ];
@ -99,7 +99,8 @@ class AESEncrypt extends Operation {
iv = Utils.convertToByteString(args[1].string, args[1].option), iv = Utils.convertToByteString(args[1].string, args[1].option),
mode = args[2], mode = args[2],
inputType = args[3], inputType = args[3],
outputType = args[4]; outputType = args[4],
aad = args[5];
if ([16, 24, 32].indexOf(key.length) < 0) { if ([16, 24, 32].indexOf(key.length) < 0) {
throw new OperationError(`Invalid key length: ${key.length} bytes throw new OperationError(`Invalid key length: ${key.length} bytes
@ -113,12 +114,10 @@ The following algorithms will be used based on the size of the key:
input = Utils.convertToByteString(input, inputType); input = Utils.convertToByteString(input, inputType);
const cipher = forge.cipher.createCipher("AES-" + mode, key); const cipher = forge.cipher.createCipher("AES-" + mode, key);
cipher.start({
if (args[5]) iv: iv,
cipher.start({iv: iv, additionalData: args[5]}); additionalData: mode === "GCM" ? aad : undefined
else });
cipher.start({iv: iv});
cipher.update(forge.util.createBuffer(input)); cipher.update(forge.util.createBuffer(input));
cipher.finish(); cipher.finish();

40
tests/operations/tests/Bombe.mjs
View File

@ -104,26 +104,26 @@ TestRegister.addTests([
} }
] ]
}, },
// This test is a bit slow - it takes about 12s on my test hardware // Takes a while to run, so disabling for general purpose testing. Re-enable if modifying this operation.
{ // {
name: "Bombe: 4 rotor", // name: "Bombe: 4 rotor",
input: "LUOXGJSHGEDSRDOQQX", // input: "LUOXGJSHGEDSRDOQQX",
expectedMatch: /<td>LHSC<\/td> {2}<td>SS<\/td> {2}<td>HHHSSSGQUUQPKSEKWK<\/td>/, // expectedMatch: /<td>LHSC<\/td> {2}<td>SS<\/td> {2}<td>HHHSSSGQUUQPKSEKWK<\/td>/,
recipeConfig: [ // recipeConfig: [
{ // {
"op": "Bombe", // "op": "Bombe",
"args": [ // "args": [
"4-rotor", // "4-rotor",
"LEYJVCNIXWPBQMDRTAKZGFUHOS", // Beta // "LEYJVCNIXWPBQMDRTAKZGFUHOS", // Beta
"EKMFLGDQVZNTOWYHXUSPAIBRCJ<R", // I // "EKMFLGDQVZNTOWYHXUSPAIBRCJ<R", // I
"AJDKSIRUXBLHWTMCQGZNPYFVOE<F", // II // "AJDKSIRUXBLHWTMCQGZNPYFVOE<F", // II
"BDFHJLCPRTXVZNYEIWGAKMUSQO<W", // III // "BDFHJLCPRTXVZNYEIWGAKMUSQO<W", // III
"AE BN CK DQ FU GY HW IJ LO MP RX SZ TV", // B thin // "AE BN CK DQ FU GY HW IJ LO MP RX SZ TV", // B thin
"THISISATESTMESSAGE", 0, false // "THISISATESTMESSAGE", 0, false
] // ]
} // }
] // ]
}, // },
{ {
name: "Bombe: no crib", name: "Bombe: no crib",
input: "JBYALIHDYNUAAVKBYM", input: "JBYALIHDYNUAAVKBYM",

109
tests/operations/tests/Colossus.mjs
View File

File diff suppressed because one or more lines are too long

163
tests/operations/tests/Crypt.mjs
View File

@ -25,15 +25,18 @@ TestRegister.addTests([
* *
* from Crypto.Cipher import AES * from Crypto.Cipher import AES
* import binascii * import binascii
*
* input_data = "0123456789ABCDEF" * input_data = "0123456789ABCDEF"
* key = binascii.unhexlify("00112233445566778899aabbccddeeff") * key = binascii.unhexlify("00112233445566778899aabbccddeeff")
* iv = binascii.unhexlify("ffeeddccbbaa99887766554433221100") * iv = binascii.unhexlify("ffeeddccbbaa99887766554433221100")
* aad = b'additional data'
* *
* cipher = AES.new(key, AES.MODE_GCM, nonce=iv) * cipher = AES.new(key, AES.MODE_GCM, nonce=iv)
* cipher.update(aad)
* cipher_text, tag = cipher.encrypt_and_digest(binascii.unhexlify(input_data)) * cipher_text, tag = cipher.encrypt_and_digest(binascii.unhexlify(input_data))
* *
* cipher = AES.new(key, AES.MODE_GCM, nonce=iv) * cipher = AES.new(key, AES.MODE_GCM, nonce=iv)
* cipher.update(aad)
* decrypted = cipher.decrypt_and_verify(cipher_text, tag) * decrypted = cipher.decrypt_and_verify(cipher_text, tag)
* *
* key = binascii.hexlify(key).decode("UTF-8") * key = binascii.hexlify(key).decode("UTF-8")
@ -42,7 +45,7 @@ TestRegister.addTests([
* tag = binascii.hexlify(tag).decode("UTF-8") * tag = binascii.hexlify(tag).decode("UTF-8")
* decrypted = binascii.hexlify(decrypted).decode("UTF-8") * decrypted = binascii.hexlify(decrypted).decode("UTF-8")
* *
* print("Key: {}\nIV : {}\nInput data: {}\n\nEncrypted ciphertext: {}\nGCM tag: {}\n\nDecrypted plaintext : {}".format(key, iv, input_data, cipher_text, tag, decrypted)) * print("Key: {}\nIV : {}\nInput data: {}\nAAD: {}\n\nEncrypted ciphertext: {}\nGCM tag: {}\n\nDecrypted plaintext : {}".format(key, iv, input_data, aad, cipher_text, tag, decrypted))
* *
* *
* Outputs: * Outputs:
@ -192,7 +195,24 @@ Tag: 16a3e732a605cc9ca29108f742ca0743`,
"args": [ "args": [
{"option": "Hex", "string": "00112233445566778899aabbccddeeff"}, {"option": "Hex", "string": "00112233445566778899aabbccddeeff"},
{"option": "Hex", "string": ""}, {"option": "Hex", "string": ""},
"GCM", "Raw", "Hex" "GCM", "Raw", "Hex", ""
]
}
],
},
{
name: "AES Encrypt: AES-128-GCM, ASCII, AAD",
input: "The quick brown fox jumps over the lazy dog.",
expectedOutput: `daa58faa056c52756aa488aeafbd265b6effcf4eca58220a97b0005b1a9b1e1c9e7a6725d35f5f79b9493de7
Tag: 3b5378917f67b0aade9891fc6c291646`,
recipeConfig: [
{
"op": "AES Encrypt",
"args": [
{"option": "Hex", "string": "00112233445566778899aabbccddeeff"},
{"option": "Hex", "string": "ffeeddccbbaa99887766554433221100"},
"GCM", "Raw", "Hex", "additional data"
] ]
} }
], ],
@ -269,7 +289,24 @@ Tag: 70fad2ca19412c20f40fd06918736e56`,
"args": [ "args": [
{"option": "Hex", "string": "51e201d463698ef5f717f71f5b4712af"}, {"option": "Hex", "string": "51e201d463698ef5f717f71f5b4712af"},
{"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"}, {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
"GCM", "Hex", "Hex" "GCM", "Hex", "Hex", ""
]
}
],
},
{
name: "AES Encrypt: AES-128-GCM, Binary, AAD",
input: "7a0e643132750e96d805d11e9e48e281fa39a41039286423cc1c045e5442b40bf1c3f2822bded3f9c8ef11cb25da64dda9c7ab87c246bd305385150c98f31465c2a6180fe81d31ea289b916504d5a12e1de26cb10adba84a0cb0c86f94bc14bc554f3018",
expectedOutput: `5a29debb5c5f38cdf8aee421bd94dbbf3399947faddf205f88b3ad8ecb0c51214ec0e28bf78942dfa212d7eb15259bbdcac677b4c05f473eeb9331d74f31d441d97d56eb5c73b586342d72128ca528813543dc0fc7eddb7477172cc9194c18b2e1383e4e
Tag: 61cc4b70809452b0b3e38f913fa0a109`,
recipeConfig: [
{
"op": "AES Encrypt",
"args": [
{"option": "Hex", "string": "51e201d463698ef5f717f71f5b4712af"},
{"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
"GCM", "Hex", "Hex", "additional data"
] ]
} }
], ],
@ -361,7 +398,24 @@ Tag: 86db597d5302595223cadbd990f1309b`,
"args": [ "args": [
{"option": "Hex", "string": "6801ed503c9d96ee5f9d78b07ab1b295dba3c2adf81c7816"}, {"option": "Hex", "string": "6801ed503c9d96ee5f9d78b07ab1b295dba3c2adf81c7816"},
{"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"}, {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
"GCM", "Hex", "Hex" "GCM", "Hex", "Hex", ""
]
}
],
},
{
name: "AES Encrypt: AES-192-GCM, Binary, AAD",
input: "7a0e643132750e96d805d11e9e48e281fa39a41039286423cc1c045e5442b40bf1c3f2822bded3f9c8ef11cb25da64dda9c7ab87c246bd305385150c98f31465c2a6180fe81d31ea289b916504d5a12e1de26cb10adba84a0cb0c86f94bc14bc554f3018",
expectedOutput: `318b479d919d506f0cd904f2676fab263a7921b6d7e0514f36e03ae2333b77fa66ef5600babcb2ee9718aeb71fc357412343c1f2cb351d8715bb0aedae4a6468124f9c4aaf6a721b306beddbe63a978bec8baeeba4b663be33ee5bc982746bd4aed1c38b
Tag: aeedf3e6ca4201577c0cf3e9ce58159d`,
recipeConfig: [
{
"op": "AES Encrypt",
"args": [
{"option": "Hex", "string": "6801ed503c9d96ee5f9d78b07ab1b295dba3c2adf81c7816"},
{"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
"GCM", "Hex", "Hex", "additional data"
] ]
} }
], ],
@ -453,7 +507,24 @@ Tag: 821b1e5f32dad052e502775a523d957a`,
"args": [ "args": [
{"option": "Hex", "string": "2d767f6e9333d1c77581946e160b2b7368c2cdd5e2b80f04ca09d64e02afbfe1"}, {"option": "Hex", "string": "2d767f6e9333d1c77581946e160b2b7368c2cdd5e2b80f04ca09d64e02afbfe1"},
{"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"}, {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
"GCM", "Hex", "Hex" "GCM", "Hex", "Hex", ""
]
}
],
},
{
name: "AES Encrypt: AES-256-GCM, Binary, AAD",
input: "7a0e643132750e96d805d11e9e48e281fa39a41039286423cc1c045e5442b40bf1c3f2822bded3f9c8ef11cb25da64dda9c7ab87c246bd305385150c98f31465c2a6180fe81d31ea289b916504d5a12e1de26cb10adba84a0cb0c86f94bc14bc554f3018",
expectedOutput: `1287f188ad4d7ab0d9ff69b3c29cb11f861389532d8cb9337181da2e8cfc74a84927e8c0dd7a28a32fd485afe694259a63c199b199b95edd87c7aa95329feac340f2b78b72956a85f367044d821766b1b7135815571df44900695f1518cf3ae38ecb650f
Tag: a8f04c4d93bbef82bef61a103371aef9`,
recipeConfig: [
{
"op": "AES Encrypt",
"args": [
{"option": "Hex", "string": "2d767f6e9333d1c77581946e160b2b7368c2cdd5e2b80f04ca09d64e02afbfe1"},
{"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
"GCM", "Hex", "Hex", "additional data"
] ]
} }
], ],
@ -805,7 +876,25 @@ The following algorithms will be used based on the size of the key:
{"option": "Hex", "string": "00112233445566778899aabbccddeeff"}, {"option": "Hex", "string": "00112233445566778899aabbccddeeff"},
{"option": "Hex", "string": ""}, {"option": "Hex", "string": ""},
"GCM", "Hex", "Raw", "GCM", "Hex", "Raw",
{"option": "Hex", "string": "16a3e732a605cc9ca29108f742ca0743"} {"option": "Hex", "string": "16a3e732a605cc9ca29108f742ca0743"},
""
]
}
],
},
{
name: "AES Decrypt: AES-128-GCM, ASCII, AAD",
input: "daa58faa056c52756aa488aeafbd265b6effcf4eca58220a97b0005b1a9b1e1c9e7a6725d35f5f79b9493de7",
expectedOutput: "The quick brown fox jumps over the lazy dog.",
recipeConfig: [
{
"op": "AES Decrypt",
"args": [
{"option": "Hex", "string": "00112233445566778899aabbccddeeff"},
{"option": "Hex", "string": "ffeeddccbbaa99887766554433221100"},
"GCM", "Hex", "Raw",
{"option": "Hex", "string": "3b5378917f67b0aade9891fc6c291646"},
"additional data"
] ]
} }
], ],
@ -885,7 +974,25 @@ The following algorithms will be used based on the size of the key:
{"option": "Hex", "string": "51e201d463698ef5f717f71f5b4712af"}, {"option": "Hex", "string": "51e201d463698ef5f717f71f5b4712af"},
{"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"}, {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
"GCM", "Hex", "Hex", "GCM", "Hex", "Hex",
{"option": "Hex", "string": "70fad2ca19412c20f40fd06918736e56"} {"option": "Hex", "string": "70fad2ca19412c20f40fd06918736e56"},
""
]
}
],
},
{
name: "AES Decrypt: AES-128-GCM, Binary, AAD",
input: "5a29debb5c5f38cdf8aee421bd94dbbf3399947faddf205f88b3ad8ecb0c51214ec0e28bf78942dfa212d7eb15259bbdcac677b4c05f473eeb9331d74f31d441d97d56eb5c73b586342d72128ca528813543dc0fc7eddb7477172cc9194c18b2e1383e4e",
expectedOutput: "7a0e643132750e96d805d11e9e48e281fa39a41039286423cc1c045e5442b40bf1c3f2822bded3f9c8ef11cb25da64dda9c7ab87c246bd305385150c98f31465c2a6180fe81d31ea289b916504d5a12e1de26cb10adba84a0cb0c86f94bc14bc554f3018",
recipeConfig: [
{
"op": "AES Decrypt",
"args": [
{"option": "Hex", "string": "51e201d463698ef5f717f71f5b4712af"},
{"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
"GCM", "Hex", "Hex",
{"option": "Hex", "string": "61cc4b70809452b0b3e38f913fa0a109"},
"additional data"
] ]
} }
], ],
@ -981,7 +1088,25 @@ The following algorithms will be used based on the size of the key:
{"option": "Hex", "string": "6801ed503c9d96ee5f9d78b07ab1b295dba3c2adf81c7816"}, {"option": "Hex", "string": "6801ed503c9d96ee5f9d78b07ab1b295dba3c2adf81c7816"},
{"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"}, {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
"GCM", "Hex", "Hex", "GCM", "Hex", "Hex",
{"option": "Hex", "string": "86db597d5302595223cadbd990f1309b"} {"option": "Hex", "string": "86db597d5302595223cadbd990f1309b"},
""
]
}
],
},
{
name: "AES Decrypt: AES-192-GCM, Binary, AAD",
input: "318b479d919d506f0cd904f2676fab263a7921b6d7e0514f36e03ae2333b77fa66ef5600babcb2ee9718aeb71fc357412343c1f2cb351d8715bb0aedae4a6468124f9c4aaf6a721b306beddbe63a978bec8baeeba4b663be33ee5bc982746bd4aed1c38b",
expectedOutput: "7a0e643132750e96d805d11e9e48e281fa39a41039286423cc1c045e5442b40bf1c3f2822bded3f9c8ef11cb25da64dda9c7ab87c246bd305385150c98f31465c2a6180fe81d31ea289b916504d5a12e1de26cb10adba84a0cb0c86f94bc14bc554f3018",
recipeConfig: [
{
"op": "AES Decrypt",
"args": [
{"option": "Hex", "string": "6801ed503c9d96ee5f9d78b07ab1b295dba3c2adf81c7816"},
{"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
"GCM", "Hex", "Hex",
{"option": "Hex", "string": "aeedf3e6ca4201577c0cf3e9ce58159d"},
"additional data"
] ]
} }
], ],
@ -1077,7 +1202,25 @@ The following algorithms will be used based on the size of the key:
{"option": "Hex", "string": "2d767f6e9333d1c77581946e160b2b7368c2cdd5e2b80f04ca09d64e02afbfe1"}, {"option": "Hex", "string": "2d767f6e9333d1c77581946e160b2b7368c2cdd5e2b80f04ca09d64e02afbfe1"},
{"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"}, {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
"GCM", "Hex", "Hex", "GCM", "Hex", "Hex",
{"option": "Hex", "string": "821b1e5f32dad052e502775a523d957a"} {"option": "Hex", "string": "821b1e5f32dad052e502775a523d957a"},
""
]
}
],
},
{
name: "AES Decrypt: AES-256-GCM, Binary, AAD",
input: "1287f188ad4d7ab0d9ff69b3c29cb11f861389532d8cb9337181da2e8cfc74a84927e8c0dd7a28a32fd485afe694259a63c199b199b95edd87c7aa95329feac340f2b78b72956a85f367044d821766b1b7135815571df44900695f1518cf3ae38ecb650f",
expectedOutput: "7a0e643132750e96d805d11e9e48e281fa39a41039286423cc1c045e5442b40bf1c3f2822bded3f9c8ef11cb25da64dda9c7ab87c246bd305385150c98f31465c2a6180fe81d31ea289b916504d5a12e1de26cb10adba84a0cb0c86f94bc14bc554f3018",
recipeConfig: [
{
"op": "AES Decrypt",
"args": [
{"option": "Hex", "string": "2d767f6e9333d1c77581946e160b2b7368c2cdd5e2b80f04ca09d64e02afbfe1"},
{"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
"GCM", "Hex", "Hex",
{"option": "Hex", "string": "a8f04c4d93bbef82bef61a103371aef9"},
"additional data"
] ]
} }
], ],

3
tests/operations/tests/Register.mjs
View File

@ -63,7 +63,8 @@ TestRegister.addTests([
{ {
"option": "Hex", "option": "Hex",
"string": "" "string": ""
} },
""
] ]
} }
] ]