From 3e93580aa4bfa7496d8f061813b757e18b15994a Mon Sep 17 00:00:00 2001 From: Storms-Engineering Date: Sat, 12 Oct 2019 09:42:13 -0800 Subject: [PATCH 1/2] DES Encrypt/Decrypt - checks length of IV string Checks the length of IV string when encrypting. DES encrypt/decrypt test swas updated to use utf8 instead of HEX. --- src/core/operations/DESDecrypt.mjs | 5 +++++ src/core/operations/DESEncrypt.mjs | 5 +++++ tests/node/tests/operations.mjs | 4 ++-- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/src/core/operations/DESDecrypt.mjs b/src/core/operations/DESDecrypt.mjs index 6725160a..9ab694b8 100644 --- a/src/core/operations/DESDecrypt.mjs +++ b/src/core/operations/DESDecrypt.mjs @@ -73,6 +73,11 @@ class DESDecrypt extends Operation { DES uses a key length of 8 bytes (64 bits). Triple DES uses a key length of 24 bytes (192 bits).`); } + if (iv.length !== 8) { + throw new OperationError(`Invalid IV length: ${iv.length} bytes + +DES uses an IV length of 8 bytes (64 bits).`); + } input = Utils.convertToByteString(input, inputType); diff --git a/src/core/operations/DESEncrypt.mjs b/src/core/operations/DESEncrypt.mjs index 5ea5f5fc..9897a413 100644 --- a/src/core/operations/DESEncrypt.mjs +++ b/src/core/operations/DESEncrypt.mjs @@ -73,6 +73,11 @@ class DESEncrypt extends Operation { DES uses a key length of 8 bytes (64 bits). Triple DES uses a key length of 24 bytes (192 bits).`); } + if (iv.length !== 8) { + throw new OperationError(`Invalid IV length: ${iv.length} bytes + +DES uses an IV length of 8 bytes (64 bits).`); + } input = Utils.convertToByteString(input, inputType); diff --git a/tests/node/tests/operations.mjs b/tests/node/tests/operations.mjs index 42ba74c9..56699065 100644 --- a/tests/node/tests/operations.mjs +++ b/tests/node/tests/operations.mjs @@ -400,7 +400,7 @@ color: white; }, iv: { string: "threetwo", - option: "Hex", + option: "utf8", }, mode: "ECB", }); @@ -415,7 +415,7 @@ color: white; }, iv: { string: "threetwo", - option: "Hex", + option: "utf8", }, mode: "ECB", }); From be365f66ef92394506e6acc292a5e4793635bd70 Mon Sep 17 00:00:00 2001 From: n1474335 Date: Wed, 16 Oct 2019 15:50:37 +0100 Subject: [PATCH 2/2] Added length check to Triple DES IVs --- src/core/operations/DESDecrypt.mjs | 3 ++- src/core/operations/DESEncrypt.mjs | 3 ++- src/core/operations/TripleDESDecrypt.mjs | 6 ++++++ src/core/operations/TripleDESEncrypt.mjs | 6 ++++++ tests/node/tests/operations.mjs | 4 ++-- 5 files changed, 18 insertions(+), 4 deletions(-) diff --git a/src/core/operations/DESDecrypt.mjs b/src/core/operations/DESDecrypt.mjs index 9ab694b8..92b9609f 100644 --- a/src/core/operations/DESDecrypt.mjs +++ b/src/core/operations/DESDecrypt.mjs @@ -76,7 +76,8 @@ Triple DES uses a key length of 24 bytes (192 bits).`); if (iv.length !== 8) { throw new OperationError(`Invalid IV length: ${iv.length} bytes -DES uses an IV length of 8 bytes (64 bits).`); +DES uses an IV length of 8 bytes (64 bits). +Make sure you have specified the type correctly (e.g. Hex vs UTF8).`); } input = Utils.convertToByteString(input, inputType); diff --git a/src/core/operations/DESEncrypt.mjs b/src/core/operations/DESEncrypt.mjs index 9897a413..ee845151 100644 --- a/src/core/operations/DESEncrypt.mjs +++ b/src/core/operations/DESEncrypt.mjs @@ -76,7 +76,8 @@ Triple DES uses a key length of 24 bytes (192 bits).`); if (iv.length !== 8) { throw new OperationError(`Invalid IV length: ${iv.length} bytes -DES uses an IV length of 8 bytes (64 bits).`); +DES uses an IV length of 8 bytes (64 bits). +Make sure you have specified the type correctly (e.g. Hex vs UTF8).`); } input = Utils.convertToByteString(input, inputType); diff --git a/src/core/operations/TripleDESDecrypt.mjs b/src/core/operations/TripleDESDecrypt.mjs index 90a83220..f1aa02c8 100644 --- a/src/core/operations/TripleDESDecrypt.mjs +++ b/src/core/operations/TripleDESDecrypt.mjs @@ -75,6 +75,12 @@ class TripleDESDecrypt extends Operation { Triple DES uses a key length of 24 bytes (192 bits). DES uses a key length of 8 bytes (64 bits).`); } + if (iv.length !== 8) { + throw new OperationError(`Invalid IV length: ${iv.length} bytes + +Triple DES uses an IV length of 8 bytes (64 bits). +Make sure you have specified the type correctly (e.g. Hex vs UTF8).`); + } input = Utils.convertToByteString(input, inputType); diff --git a/src/core/operations/TripleDESEncrypt.mjs b/src/core/operations/TripleDESEncrypt.mjs index d4475f83..9f767ab9 100644 --- a/src/core/operations/TripleDESEncrypt.mjs +++ b/src/core/operations/TripleDESEncrypt.mjs @@ -75,6 +75,12 @@ class TripleDESEncrypt extends Operation { Triple DES uses a key length of 24 bytes (192 bits). DES uses a key length of 8 bytes (64 bits).`); } + if (iv.length !== 8) { + throw new OperationError(`Invalid IV length: ${iv.length} bytes + +Triple DES uses an IV length of 8 bytes (64 bits). +Make sure you have specified the type correctly (e.g. Hex vs UTF8).`); + } input = Utils.convertToByteString(input, inputType); diff --git a/tests/node/tests/operations.mjs b/tests/node/tests/operations.mjs index 255d8dc1..cfe67211 100644 --- a/tests/node/tests/operations.mjs +++ b/tests/node/tests/operations.mjs @@ -943,10 +943,10 @@ smothering ampersand abreast chef.tripleDESDecrypt( chef.tripleDESEncrypt("Destroy Money", { key: {string: "30 31 2f 30 34 2f 31 39 39 39 20 32 32 3a 33 33 3a 30 3130 31 2f 30 34", option: "Hex"}, - iv: {string: "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00", option: "Hex"}}), + iv: {string: "00 00 00 00 00 00 00 00", option: "Hex"}}), { key: {string: "30 31 2f 30 34 2f 31 39 39 39 20 32 32 3a 33 33 3a 30 3130 31 2f 30 34", option: "Hex"}, - iv: {string: "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00", option: "Hex"} + iv: {string: "00 00 00 00 00 00 00 00", option: "Hex"} }).toString(), "Destroy Money"); }),