mirror of https://github.com/gchq/CyberChef.git
Merge branch 'master' into master
This commit is contained in:
commit
f0e919203f
|
@ -36,9 +36,9 @@ jobs:
|
|||
- name: Generate sitemap
|
||||
run: npx grunt exec:sitemap
|
||||
|
||||
- name: UI Tests
|
||||
if: success()
|
||||
run: xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
|
||||
# - name: UI Tests
|
||||
# if: success()
|
||||
# run: xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
|
||||
|
||||
- name: Prepare for GitHub Pages
|
||||
if: success()
|
||||
|
|
|
@ -32,6 +32,6 @@ jobs:
|
|||
if: success()
|
||||
run: npx grunt prod
|
||||
|
||||
- name: UI Tests
|
||||
if: success()
|
||||
run: xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
|
||||
# - name: UI Tests
|
||||
# if: success()
|
||||
# run: xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
|
||||
|
|
|
@ -33,9 +33,9 @@ jobs:
|
|||
if: success()
|
||||
run: npx grunt prod
|
||||
|
||||
- name: UI Tests
|
||||
if: success()
|
||||
run: xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
|
||||
# - name: UI Tests
|
||||
# if: success()
|
||||
# run: xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
|
||||
|
||||
- name: Upload Release Assets
|
||||
if: success()
|
||||
|
|
20
CHANGELOG.md
20
CHANGELOG.md
|
@ -13,6 +13,18 @@ All major and minor version changes will be documented in this file. Details of
|
|||
|
||||
## Details
|
||||
|
||||
### [9.32.0] - 2021-08-18
|
||||
- 'Protobuf Encode' operation added and decode operation modified to allow decoding with full and partial schemas [@n1474335] | [dd18e52]
|
||||
|
||||
### [9.31.0] - 2021-08-10
|
||||
- 'HASSH Client Fingerprint' and 'HASSH Server Fingerprint' operations added [@n1474335] | [e9ca4dc]
|
||||
|
||||
### [9.30.0] - 2021-08-10
|
||||
- 'JA3S Fingerprint' operation added [@n1474335] | [289a417]
|
||||
|
||||
### [9.29.0] - 2021-07-28
|
||||
- 'JA3 Fingerprint' operation added [@n1474335] | [9a33498]
|
||||
|
||||
### [9.28.0] - 2021-03-26
|
||||
- 'CBOR Encode' and 'CBOR Decode' operations added [@Danh4] | [#999]
|
||||
|
||||
|
@ -259,6 +271,10 @@ All major and minor version changes will be documented in this file. Details of
|
|||
|
||||
|
||||
|
||||
[9.32.0]: https://github.com/gchq/CyberChef/releases/tag/v9.32.0
|
||||
[9.31.0]: https://github.com/gchq/CyberChef/releases/tag/v9.31.0
|
||||
[9.30.0]: https://github.com/gchq/CyberChef/releases/tag/v9.30.0
|
||||
[9.29.0]: https://github.com/gchq/CyberChef/releases/tag/v9.29.0
|
||||
[9.28.0]: https://github.com/gchq/CyberChef/releases/tag/v9.28.0
|
||||
[9.27.0]: https://github.com/gchq/CyberChef/releases/tag/v9.27.0
|
||||
[9.26.0]: https://github.com/gchq/CyberChef/releases/tag/v9.26.0
|
||||
|
@ -370,6 +386,10 @@ All major and minor version changes will be documented in this file. Details of
|
|||
[@Danh4]: https://github.com/Danh4
|
||||
|
||||
[8ad18b]: https://github.com/gchq/CyberChef/commit/8ad18bc7db6d9ff184ba3518686293a7685bf7b7
|
||||
[9a33498]: https://github.com/gchq/CyberChef/commit/9a33498fed26a8df9c9f35f39a78a174bf50a513
|
||||
[289a417]: https://github.com/gchq/CyberChef/commit/289a417dfb5923de5e1694354ec42a08d9395bfe
|
||||
[e9ca4dc]: https://github.com/gchq/CyberChef/commit/e9ca4dc9caf98f33fd986431cd400c88082a42b8
|
||||
[dd18e52]: https://github.com/gchq/CyberChef/commit/dd18e529939078b89867297b181a584e8b2cc7da
|
||||
|
||||
[#95]: https://github.com/gchq/CyberChef/pull/299
|
||||
[#173]: https://github.com/gchq/CyberChef/pull/173
|
||||
|
|
File diff suppressed because it is too large
Load Diff
107
package.json
107
package.json
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "cyberchef",
|
||||
"version": "9.28.0",
|
||||
"version": "9.32.3",
|
||||
"description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.",
|
||||
"author": "n1474335 <n1474335@gmail.com>",
|
||||
"homepage": "https://gchq.github.io/CyberChef",
|
||||
|
@ -36,22 +36,22 @@
|
|||
"node >= 10"
|
||||
],
|
||||
"devDependencies": {
|
||||
"@babel/core": "^7.12.16",
|
||||
"@babel/plugin-transform-runtime": "^7.12.15",
|
||||
"@babel/preset-env": "^7.12.16",
|
||||
"autoprefixer": "^10.2.4",
|
||||
"@babel/core": "^7.15.0",
|
||||
"@babel/plugin-transform-runtime": "^7.15.0",
|
||||
"@babel/preset-env": "^7.15.0",
|
||||
"autoprefixer": "^10.3.1",
|
||||
"babel-eslint": "^10.1.0",
|
||||
"babel-loader": "^8.2.2",
|
||||
"babel-plugin-dynamic-import-node": "^2.3.3",
|
||||
"chromedriver": "^88.0.0",
|
||||
"chromedriver": "^92.0.1",
|
||||
"cli-progress": "^3.9.0",
|
||||
"colors": "^1.4.0",
|
||||
"copy-webpack-plugin": "^7.0.0",
|
||||
"css-loader": "^5.0.2",
|
||||
"eslint": "^7.20.0",
|
||||
"exports-loader": "^2.0.0",
|
||||
"copy-webpack-plugin": "^9.0.1",
|
||||
"css-loader": "5.2.7",
|
||||
"eslint": "^7.32.0",
|
||||
"exports-loader": "^3.0.0",
|
||||
"file-loader": "^6.2.0",
|
||||
"grunt": "^1.3.0",
|
||||
"grunt": "^1.4.1",
|
||||
"grunt-chmod": "~1.1.1",
|
||||
"grunt-concurrent": "^3.0.0",
|
||||
"grunt-contrib-clean": "~2.0.0",
|
||||
|
@ -60,56 +60,56 @@
|
|||
"grunt-contrib-watch": "^1.1.0",
|
||||
"grunt-eslint": "^23.0.0",
|
||||
"grunt-exec": "~3.0.0",
|
||||
"grunt-webpack": "^4.0.2",
|
||||
"grunt-webpack": "^4.0.3",
|
||||
"grunt-zip": "^0.18.2",
|
||||
"html-webpack-plugin": "^5.1.0",
|
||||
"imports-loader": "^2.0.0",
|
||||
"mini-css-extract-plugin": "^1.3.7",
|
||||
"nightwatch": "^1.5.1",
|
||||
"html-webpack-plugin": "^5.3.2",
|
||||
"imports-loader": "^3.0.0",
|
||||
"mini-css-extract-plugin": "1.3.7",
|
||||
"nightwatch": "^1.7.8",
|
||||
"node-sass": "^5.0.0",
|
||||
"postcss": "^8.2.6",
|
||||
"postcss-css-variables": "^0.17.0",
|
||||
"postcss-import": "^14.0.0",
|
||||
"postcss-loader": "^5.0.0",
|
||||
"postcss": "^8.3.6",
|
||||
"postcss-css-variables": "^0.18.0",
|
||||
"postcss-import": "^14.0.2",
|
||||
"postcss-loader": "^6.1.1",
|
||||
"prompt": "^1.1.0",
|
||||
"sass-loader": "^11.0.1",
|
||||
"sitemap": "^6.3.6",
|
||||
"style-loader": "^2.0.0",
|
||||
"sass-loader": "^12.1.0",
|
||||
"sitemap": "^7.0.0",
|
||||
"style-loader": "^3.2.1",
|
||||
"svg-url-loader": "^7.1.1",
|
||||
"url-loader": "^4.1.1",
|
||||
"webpack": "^5.22.0",
|
||||
"webpack-bundle-analyzer": "^4.4.0",
|
||||
"webpack-dev-server": "^3.11.2",
|
||||
"webpack-node-externals": "^2.5.2",
|
||||
"webpack": "^5.51.0",
|
||||
"webpack-bundle-analyzer": "^4.4.2",
|
||||
"webpack-dev-server": "3.11.2",
|
||||
"webpack-node-externals": "^3.0.0",
|
||||
"worker-loader": "^3.0.8"
|
||||
},
|
||||
"dependencies": {
|
||||
"@babel/polyfill": "^7.12.1",
|
||||
"@babel/runtime": "^7.12.13",
|
||||
"@babel/runtime": "^7.15.3",
|
||||
"arrive": "^2.4.1",
|
||||
"avsc": "^5.5.3",
|
||||
"avsc": "^5.7.3",
|
||||
"babel-plugin-transform-builtin-extend": "1.1.2",
|
||||
"bcryptjs": "^2.4.3",
|
||||
"bignumber.js": "^9.0.1",
|
||||
"blakejs": "^1.1.0",
|
||||
"blakejs": "^1.1.1",
|
||||
"bootstrap": "4.6.0",
|
||||
"bootstrap-colorpicker": "^3.2.0",
|
||||
"bootstrap-colorpicker": "^3.4.0",
|
||||
"bootstrap-material-design": "^4.1.3",
|
||||
"browserify-zlib": "^0.2.0",
|
||||
"bson": "^4.2.2",
|
||||
"bson": "^4.4.1",
|
||||
"buffer": "^6.0.3",
|
||||
"cbor": "^5.0.1",
|
||||
"cbor": "5.0.1",
|
||||
"chi-squared": "^1.1.0",
|
||||
"codepage": "^1.14.0",
|
||||
"core-js": "^3.8.3",
|
||||
"codepage": "^1.15.0",
|
||||
"core-js": "^3.16.2",
|
||||
"crypto-api": "^0.8.5",
|
||||
"crypto-browserify": "^3.12.0",
|
||||
"crypto-js": "^4.0.0",
|
||||
"crypto-js": "^4.1.1",
|
||||
"ctph.js": "0.0.5",
|
||||
"d3": "^6.5.0",
|
||||
"d3": "6.5.0",
|
||||
"d3-hexbin": "^0.2.2",
|
||||
"diff": "^5.0.0",
|
||||
"es6-promisify": "^6.1.1",
|
||||
"es6-promisify": "^7.0.0",
|
||||
"escodegen": "^2.0.0",
|
||||
"esm": "^3.2.25",
|
||||
"esprima": "^4.0.1",
|
||||
|
@ -117,23 +117,23 @@
|
|||
"file-saver": "^2.0.5",
|
||||
"flat": "^5.0.2",
|
||||
"geodesy": "1.1.3",
|
||||
"highlight.js": "^10.6.0",
|
||||
"highlight.js": "^11.2.0",
|
||||
"jimp": "^0.16.1",
|
||||
"jquery": "3.5.1",
|
||||
"jquery": "3.6.0",
|
||||
"js-crc": "^0.2.0",
|
||||
"js-sha3": "^0.8.0",
|
||||
"jsesc": "^3.0.2",
|
||||
"jsonpath": "^1.1.0",
|
||||
"jsonpath": "^1.1.1",
|
||||
"jsonwebtoken": "^8.5.1",
|
||||
"jsqr": "^1.3.1",
|
||||
"jsrsasign": "^10.1.10",
|
||||
"jsqr": "^1.4.0",
|
||||
"jsrsasign": "^10.4.0",
|
||||
"kbpgp": "2.1.15",
|
||||
"libbzip2-wasm": "0.0.4",
|
||||
"libyara-wasm": "^1.1.0",
|
||||
"lodash": "^4.17.20",
|
||||
"lodash": "^4.17.21",
|
||||
"loglevel": "^1.7.1",
|
||||
"loglevel-message-prefix": "^3.0.0",
|
||||
"markdown-it": "^12.0.4",
|
||||
"markdown-it": "^12.2.0",
|
||||
"moment": "^2.29.1",
|
||||
"moment-timezone": "^0.5.33",
|
||||
"ngeohash": "^0.6.3",
|
||||
|
@ -146,22 +146,23 @@
|
|||
"path": "^0.12.7",
|
||||
"popper.js": "^1.16.1",
|
||||
"process": "^0.11.10",
|
||||
"protobufjs": "^6.11.2",
|
||||
"qr-image": "^3.2.0",
|
||||
"scryptsy": "^2.1.0",
|
||||
"snackbarjs": "^1.1.0",
|
||||
"sortablejs": "^1.13.0",
|
||||
"split.js": "^1.6.2",
|
||||
"ssdeep.js": "0.0.2",
|
||||
"sortablejs": "^1.14.0",
|
||||
"split.js": "^1.6.4",
|
||||
"ssdeep.js": "0.0.3",
|
||||
"stream-browserify": "^3.0.0",
|
||||
"terser": "^5.6.0",
|
||||
"tesseract.js": "2.1.1",
|
||||
"ua-parser-js": "^0.7.24",
|
||||
"terser": "^5.7.1",
|
||||
"tesseract.js": "2.1.5",
|
||||
"ua-parser-js": "^0.7.28",
|
||||
"unorm": "^1.6.0",
|
||||
"utf8": "^3.0.0",
|
||||
"vkbeautify": "^0.99.3",
|
||||
"xmldom": "^0.4.0",
|
||||
"xmldom": "^0.6.0",
|
||||
"xpath": "0.0.32",
|
||||
"xregexp": "^5.0.1",
|
||||
"xregexp": "^5.1.0",
|
||||
"zlibjs": "^0.3.1"
|
||||
},
|
||||
"scripts": {
|
||||
|
|
|
@ -191,8 +191,13 @@
|
|||
"URL Encode",
|
||||
"URL Decode",
|
||||
"Protobuf Decode",
|
||||
"Protobuf Encode",
|
||||
"VarInt Encode",
|
||||
"VarInt Decode",
|
||||
"JA3 Fingerprint",
|
||||
"JA3S Fingerprint",
|
||||
"HASSH Client Fingerprint",
|
||||
"HASSH Server Fingerprint",
|
||||
"Format MAC addresses",
|
||||
"Change IP format",
|
||||
"Group IP addresses",
|
||||
|
|
|
@ -34,10 +34,10 @@ export function bitOp (input, key, func, nullPreserving, scheme) {
|
|||
!(nullPreserving && (o === 0 || o === k))) {
|
||||
switch (scheme) {
|
||||
case "Input differential":
|
||||
key[i % key.length] = x;
|
||||
key[i % key.length] = o;
|
||||
break;
|
||||
case "Output differential":
|
||||
key[i % key.length] = o;
|
||||
key[i % key.length] = x;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
import Utils from "../Utils.mjs";
|
||||
import protobuf from "protobufjs";
|
||||
|
||||
/**
|
||||
* Protobuf lib. Contains functions to decode protobuf serialised
|
||||
|
@ -32,9 +33,10 @@ class Protobuf {
|
|||
this.MSB = 0x80;
|
||||
this.VALUE = 0x7f;
|
||||
|
||||
// Declare offset and length
|
||||
// Declare offset, length, and field type object
|
||||
this.offset = 0;
|
||||
this.LENGTH = data.length;
|
||||
this.fieldTypes = {};
|
||||
}
|
||||
|
||||
// Public Functions
|
||||
|
@ -76,15 +78,281 @@ class Protobuf {
|
|||
return pb._varInt();
|
||||
}
|
||||
|
||||
/**
|
||||
* Encode input JSON according to the given schema
|
||||
*
|
||||
* @param {Object} input
|
||||
* @param {Object []} args
|
||||
* @returns {Object}
|
||||
*/
|
||||
static encode(input, args) {
|
||||
this.updateProtoRoot(args[0]);
|
||||
if (!this.mainMessageName) {
|
||||
throw new Error("Schema Error: Schema not defined");
|
||||
}
|
||||
const message = this.parsedProto.root.nested[this.mainMessageName];
|
||||
|
||||
// Convert input into instance of message, and verify instance
|
||||
input = message.fromObject(input);
|
||||
const error = message.verify(input);
|
||||
if (error) {
|
||||
throw new Error("Input Error: " + error);
|
||||
}
|
||||
// Encode input
|
||||
const output = message.encode(input).finish();
|
||||
return new Uint8Array(output).buffer;
|
||||
}
|
||||
|
||||
/**
|
||||
* Parse Protobuf data
|
||||
*
|
||||
* @param {byteArray} input
|
||||
* @returns {Object}
|
||||
*/
|
||||
static decode(input) {
|
||||
static decode(input, args) {
|
||||
this.updateProtoRoot(args[0]);
|
||||
this.showUnknownFields = args[1];
|
||||
this.showTypes = args[2];
|
||||
return this.mergeDecodes(input);
|
||||
}
|
||||
|
||||
/**
|
||||
* Update the parsedProto, throw parsing errors
|
||||
*
|
||||
* @param {string} protoText
|
||||
*/
|
||||
static updateProtoRoot(protoText) {
|
||||
try {
|
||||
this.parsedProto = protobuf.parse(protoText);
|
||||
if (this.parsedProto.package) {
|
||||
this.parsedProto.root = this.parsedProto.root.nested[this.parsedProto.package];
|
||||
}
|
||||
this.updateMainMessageName();
|
||||
} catch (error) {
|
||||
throw new Error("Schema " + error);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Set mainMessageName to the first instance of a message defined in the schema that is not a submessage
|
||||
*
|
||||
*/
|
||||
static updateMainMessageName() {
|
||||
const messageNames = [];
|
||||
const fieldTypes = [];
|
||||
this.parsedProto.root.nestedArray.forEach(block => {
|
||||
if (block instanceof protobuf.Type) {
|
||||
messageNames.push(block.name);
|
||||
this.parsedProto.root.nested[block.name].fieldsArray.forEach(field => {
|
||||
fieldTypes.push(field.type);
|
||||
});
|
||||
}
|
||||
});
|
||||
|
||||
if (messageNames.length === 0) {
|
||||
this.mainMessageName = null;
|
||||
} else {
|
||||
// for (const name of messageNames) {
|
||||
// if (!fieldTypes.includes(name)) {
|
||||
// this.mainMessageName = name;
|
||||
// break;
|
||||
// }
|
||||
// }
|
||||
this.mainMessageName = messageNames[0];
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Decode input using Protobufjs package and raw methods, compare, and merge results
|
||||
*
|
||||
* @param {byteArray} input
|
||||
* @returns {Object}
|
||||
*/
|
||||
static mergeDecodes(input) {
|
||||
const pb = new Protobuf(input);
|
||||
return pb._parse();
|
||||
let rawDecode = pb._parse();
|
||||
let message;
|
||||
|
||||
if (this.showTypes) {
|
||||
rawDecode = this.showRawTypes(rawDecode, pb.fieldTypes);
|
||||
this.parsedProto.root = this.appendTypesToFieldNames(this.parsedProto.root);
|
||||
}
|
||||
|
||||
try {
|
||||
message = this.parsedProto.root.nested[this.mainMessageName];
|
||||
const packageDecode = message.toObject(message.decode(input), {
|
||||
bytes: String,
|
||||
longs: Number,
|
||||
enums: String,
|
||||
defualts: true
|
||||
});
|
||||
const output = {};
|
||||
|
||||
if (this.showUnknownFields) {
|
||||
output[message.name] = packageDecode;
|
||||
output["Unknown Fields"] = this.compareFields(rawDecode, message);
|
||||
return output;
|
||||
} else {
|
||||
return packageDecode;
|
||||
}
|
||||
|
||||
} catch (error) {
|
||||
if (message) {
|
||||
throw new Error("Input " + error);
|
||||
} else {
|
||||
return rawDecode;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Replace fieldnames with fieldname and type
|
||||
*
|
||||
* @param {Object} schemaRoot
|
||||
* @returns {Object}
|
||||
*/
|
||||
static appendTypesToFieldNames(schemaRoot) {
|
||||
for (const block of schemaRoot.nestedArray) {
|
||||
if (block instanceof protobuf.Type) {
|
||||
for (const [fieldName, fieldData] of Object.entries(block.fields)) {
|
||||
schemaRoot.nested[block.name].remove(block.fields[fieldName]);
|
||||
schemaRoot.nested[block.name].add(new protobuf.Field(`${fieldName} (${fieldData.type})`, fieldData.id, fieldData.type, fieldData.rule));
|
||||
}
|
||||
}
|
||||
}
|
||||
return schemaRoot;
|
||||
}
|
||||
|
||||
/**
|
||||
* Add field type to field name for fields in the raw decoded output
|
||||
*
|
||||
* @param {Object} rawDecode
|
||||
* @param {Object} fieldTypes
|
||||
* @returns {Object}
|
||||
*/
|
||||
static showRawTypes(rawDecode, fieldTypes) {
|
||||
for (const [fieldNum, value] of Object.entries(rawDecode)) {
|
||||
const fieldType = fieldTypes[fieldNum];
|
||||
let outputFieldValue;
|
||||
let outputFieldType;
|
||||
|
||||
// Submessages
|
||||
if (isNaN(fieldType)) {
|
||||
outputFieldType = 2;
|
||||
|
||||
// Repeated submessages
|
||||
if (Array.isArray(value)) {
|
||||
const fieldInstances = [];
|
||||
for (const instance of Object.keys(value)) {
|
||||
if (typeof(value[instance]) !== "string") {
|
||||
fieldInstances.push(this.showRawTypes(value[instance], fieldType));
|
||||
} else {
|
||||
fieldInstances.push(value[instance]);
|
||||
}
|
||||
}
|
||||
outputFieldValue = fieldInstances;
|
||||
|
||||
// Single submessage
|
||||
} else {
|
||||
outputFieldValue = this.showRawTypes(value, fieldType);
|
||||
}
|
||||
|
||||
// Non-submessage field
|
||||
} else {
|
||||
outputFieldType = fieldType;
|
||||
outputFieldValue = value;
|
||||
}
|
||||
|
||||
// Substitute fieldNum with field number and type
|
||||
rawDecode[`field #${fieldNum}: ${this.getTypeInfo(outputFieldType)}`] = outputFieldValue;
|
||||
delete rawDecode[fieldNum];
|
||||
}
|
||||
return rawDecode;
|
||||
}
|
||||
|
||||
/**
|
||||
* Compare raw decode to package decode and return discrepancies
|
||||
*
|
||||
* @param rawDecodedMessage
|
||||
* @param schemaMessage
|
||||
* @returns {Object}
|
||||
*/
|
||||
static compareFields(rawDecodedMessage, schemaMessage) {
|
||||
// Define message data using raw decode output and schema
|
||||
const schemaFieldProperties = {};
|
||||
const schemaFieldNames = Object.keys(schemaMessage.fields);
|
||||
schemaFieldNames.forEach(field => schemaFieldProperties[schemaMessage.fields[field].id] = field);
|
||||
|
||||
// Loop over each field present in the raw decode output
|
||||
for (const fieldName in rawDecodedMessage) {
|
||||
let fieldId;
|
||||
if (isNaN(fieldName)) {
|
||||
fieldId = fieldName.match(/^field #(\d+)/)[1];
|
||||
} else {
|
||||
fieldId = fieldName;
|
||||
}
|
||||
|
||||
// Check if this field is defined in the schema
|
||||
if (fieldId in schemaFieldProperties) {
|
||||
const schemaFieldName = schemaFieldProperties[fieldId];
|
||||
|
||||
// Extract the current field data from the raw decode and schema
|
||||
const rawFieldData = rawDecodedMessage[fieldName];
|
||||
const schemaField = schemaMessage.fields[schemaFieldName];
|
||||
|
||||
// Check for repeated fields
|
||||
if (Array.isArray(rawFieldData) && !schemaField.repeated) {
|
||||
rawDecodedMessage[`(${schemaMessage.name}) ${schemaFieldName} is a repeated field`] = rawFieldData;
|
||||
}
|
||||
|
||||
// Check for submessage fields
|
||||
if (schemaField.resolvedType instanceof protobuf.Type) {
|
||||
const subMessageType = schemaMessage.fields[schemaFieldName].type;
|
||||
const schemaSubMessage = this.parsedProto.root.nested[subMessageType];
|
||||
const rawSubMessages = rawDecodedMessage[fieldName];
|
||||
let rawDecodedSubMessage = {};
|
||||
|
||||
// Squash multiple submessage instances into one submessage
|
||||
if (Array.isArray(rawSubMessages)) {
|
||||
rawSubMessages.forEach(subMessageInstance => {
|
||||
const instanceFields = Object.entries(subMessageInstance);
|
||||
instanceFields.forEach(subField => {
|
||||
rawDecodedSubMessage[subField[0]] = subField[1];
|
||||
});
|
||||
});
|
||||
} else {
|
||||
rawDecodedSubMessage = rawSubMessages;
|
||||
}
|
||||
|
||||
// Treat submessage as own message and compare its fields
|
||||
rawDecodedSubMessage = Protobuf.compareFields(rawDecodedSubMessage, schemaSubMessage);
|
||||
if (Object.entries(rawDecodedSubMessage).length !== 0) {
|
||||
rawDecodedMessage[`${schemaFieldName} (${subMessageType}) has missing fields`] = rawDecodedSubMessage;
|
||||
}
|
||||
}
|
||||
delete rawDecodedMessage[fieldName];
|
||||
}
|
||||
}
|
||||
return rawDecodedMessage;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns wiretype information for input wiretype number
|
||||
*
|
||||
* @param {number} wireType
|
||||
* @returns {string}
|
||||
*/
|
||||
static getTypeInfo(wireType) {
|
||||
switch (wireType) {
|
||||
case 0:
|
||||
return "VarInt (e.g. int32, bool)";
|
||||
case 1:
|
||||
return "64-Bit (e.g. fixed64, double)";
|
||||
case 2:
|
||||
return "L-delim (e.g. string, message)";
|
||||
case 5:
|
||||
return "32-Bit (e.g. fixed32, float)";
|
||||
}
|
||||
}
|
||||
|
||||
// Private Class Functions
|
||||
|
@ -143,6 +411,11 @@ class Protobuf {
|
|||
const header = this._fieldHeader();
|
||||
const type = header.type;
|
||||
const key = header.key;
|
||||
|
||||
if (typeof(this.fieldTypes[key]) !== "object") {
|
||||
this.fieldTypes[key] = type;
|
||||
}
|
||||
|
||||
switch (type) {
|
||||
// varint
|
||||
case 0:
|
||||
|
@ -152,7 +425,7 @@ class Protobuf {
|
|||
return { "key": key, "value": this._uint64() };
|
||||
// length delimited
|
||||
case 2:
|
||||
return { "key": key, "value": this._lenDelim() };
|
||||
return { "key": key, "value": this._lenDelim(key) };
|
||||
// fixed 32
|
||||
case 5:
|
||||
return { "key": key, "value": this._uint32() };
|
||||
|
@ -237,10 +510,10 @@ class Protobuf {
|
|||
* @returns {number}
|
||||
*/
|
||||
_uint64() {
|
||||
// Read off a Uint64
|
||||
let num = this.data[this.offset++] * 0x1000000 + (this.data[this.offset++] << 16) + (this.data[this.offset++] << 8) + this.data[this.offset++];
|
||||
num = num * 0x100000000 + this.data[this.offset++] * 0x1000000 + (this.data[this.offset++] << 16) + (this.data[this.offset++] << 8) + this.data[this.offset++];
|
||||
return num;
|
||||
// Read off a Uint64 with little-endian
|
||||
const lowerHalf = this.data[this.offset++] + (this.data[this.offset++] * 0x100) + (this.data[this.offset++] * 0x10000) + this.data[this.offset++] * 0x1000000;
|
||||
const upperHalf = this.data[this.offset++] + (this.data[this.offset++] * 0x100) + (this.data[this.offset++] * 0x10000) + this.data[this.offset++] * 0x1000000;
|
||||
return upperHalf * 0x100000000 + lowerHalf;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -249,7 +522,7 @@ class Protobuf {
|
|||
* @private
|
||||
* @returns {Object|string}
|
||||
*/
|
||||
_lenDelim() {
|
||||
_lenDelim(fieldNum) {
|
||||
// Read off the field length
|
||||
const length = this._varInt();
|
||||
const fieldBytes = this.data.slice(this.offset, this.offset + length);
|
||||
|
@ -258,6 +531,10 @@ class Protobuf {
|
|||
// Attempt to parse as a new Protobuf Object
|
||||
const pbObject = new Protobuf(fieldBytes);
|
||||
field = pbObject._parse();
|
||||
|
||||
// Set field types object
|
||||
this.fieldTypes[fieldNum] = {...this.fieldTypes[fieldNum], ...pbObject.fieldTypes};
|
||||
|
||||
} catch (err) {
|
||||
// Otherwise treat as bytes
|
||||
field = Utils.byteArrayToChars(fieldBytes);
|
||||
|
@ -276,7 +553,7 @@ class Protobuf {
|
|||
_uint32() {
|
||||
// Use a dataview to read off the integer
|
||||
const dataview = new DataView(new Uint8Array(this.data.slice(this.offset, this.offset + 4)).buffer);
|
||||
const value = dataview.getUint32(0);
|
||||
const value = dataview.getUint32(0, true);
|
||||
this.offset += 4;
|
||||
return value;
|
||||
}
|
||||
|
|
|
@ -0,0 +1,166 @@
|
|||
/**
|
||||
* @author n1474335 [n1474335@gmail.com]
|
||||
* @copyright Crown Copyright 2021
|
||||
* @license Apache-2.0
|
||||
*
|
||||
* HASSH created by Salesforce
|
||||
* Ben Reardon (@benreardon)
|
||||
* Adel Karimi (@0x4d31)
|
||||
* and the JA3 crew:
|
||||
* John B. Althouse
|
||||
* Jeff Atkinson
|
||||
* Josh Atkins
|
||||
*
|
||||
* Algorithm released under the BSD-3-clause licence
|
||||
*/
|
||||
|
||||
import Operation from "../Operation.mjs";
|
||||
import OperationError from "../errors/OperationError.mjs";
|
||||
import Utils from "../Utils.mjs";
|
||||
import Stream from "../lib/Stream.mjs";
|
||||
import {runHash} from "../lib/Hash.mjs";
|
||||
|
||||
/**
|
||||
* HASSH Client Fingerprint operation
|
||||
*/
|
||||
class HASSHClientFingerprint extends Operation {
|
||||
|
||||
/**
|
||||
* HASSHClientFingerprint constructor
|
||||
*/
|
||||
constructor() {
|
||||
super();
|
||||
|
||||
this.name = "HASSH Client Fingerprint";
|
||||
this.module = "Crypto";
|
||||
this.description = "Generates a HASSH fingerprint to help identify SSH clients based on hashing together values from the Client Key Exchange Init message.<br><br>Input: A hex stream of the SSH_MSG_KEXINIT packet application layer from Client to Server.";
|
||||
this.infoURL = "https://engineering.salesforce.com/open-sourcing-hassh-abed3ae5044c";
|
||||
this.inputType = "string";
|
||||
this.outputType = "string";
|
||||
this.args = [
|
||||
{
|
||||
name: "Input format",
|
||||
type: "option",
|
||||
value: ["Hex", "Base64", "Raw"]
|
||||
},
|
||||
{
|
||||
name: "Output format",
|
||||
type: "option",
|
||||
value: ["Hash digest", "HASSH algorithms string", "Full details"]
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param {string} input
|
||||
* @param {Object[]} args
|
||||
* @returns {string}
|
||||
*/
|
||||
run(input, args) {
|
||||
const [inputFormat, outputFormat] = args;
|
||||
|
||||
input = Utils.convertToByteArray(input, inputFormat);
|
||||
const s = new Stream(new Uint8Array(input));
|
||||
|
||||
// Length
|
||||
const length = s.readInt(4);
|
||||
if (s.length !== length + 4)
|
||||
throw new OperationError("Incorrect packet length.");
|
||||
|
||||
// Padding length
|
||||
const paddingLength = s.readInt(1);
|
||||
|
||||
// Message code
|
||||
const messageCode = s.readInt(1);
|
||||
if (messageCode !== 20)
|
||||
throw new OperationError("Not a Key Exchange Init.");
|
||||
|
||||
// Cookie
|
||||
s.moveForwardsBy(16);
|
||||
|
||||
// KEX Algorithms
|
||||
const kexAlgosLength = s.readInt(4);
|
||||
const kexAlgos = s.readString(kexAlgosLength);
|
||||
|
||||
// Server Host Key Algorithms
|
||||
const serverHostKeyAlgosLength = s.readInt(4);
|
||||
s.moveForwardsBy(serverHostKeyAlgosLength);
|
||||
|
||||
// Encryption Algorithms Client to Server
|
||||
const encAlgosC2SLength = s.readInt(4);
|
||||
const encAlgosC2S = s.readString(encAlgosC2SLength);
|
||||
|
||||
// Encryption Algorithms Server to Client
|
||||
const encAlgosS2CLength = s.readInt(4);
|
||||
s.moveForwardsBy(encAlgosS2CLength);
|
||||
|
||||
// MAC Algorithms Client to Server
|
||||
const macAlgosC2SLength = s.readInt(4);
|
||||
const macAlgosC2S = s.readString(macAlgosC2SLength);
|
||||
|
||||
// MAC Algorithms Server to Client
|
||||
const macAlgosS2CLength = s.readInt(4);
|
||||
s.moveForwardsBy(macAlgosS2CLength);
|
||||
|
||||
// Compression Algorithms Client to Server
|
||||
const compAlgosC2SLength = s.readInt(4);
|
||||
const compAlgosC2S = s.readString(compAlgosC2SLength);
|
||||
|
||||
// Compression Algorithms Server to Client
|
||||
const compAlgosS2CLength = s.readInt(4);
|
||||
s.moveForwardsBy(compAlgosS2CLength);
|
||||
|
||||
// Languages Client to Server
|
||||
const langsC2SLength = s.readInt(4);
|
||||
s.moveForwardsBy(langsC2SLength);
|
||||
|
||||
// Languages Server to Client
|
||||
const langsS2CLength = s.readInt(4);
|
||||
s.moveForwardsBy(langsS2CLength);
|
||||
|
||||
// First KEX packet follows
|
||||
s.moveForwardsBy(1);
|
||||
|
||||
// Reserved
|
||||
s.moveForwardsBy(4);
|
||||
|
||||
// Padding string
|
||||
s.moveForwardsBy(paddingLength);
|
||||
|
||||
// Output
|
||||
const hassh = [
|
||||
kexAlgos,
|
||||
encAlgosC2S,
|
||||
macAlgosC2S,
|
||||
compAlgosC2S
|
||||
];
|
||||
const hasshStr = hassh.join(";");
|
||||
const hasshHash = runHash("md5", Utils.strToArrayBuffer(hasshStr));
|
||||
|
||||
switch (outputFormat) {
|
||||
case "HASSH algorithms string":
|
||||
return hasshStr;
|
||||
case "Full details":
|
||||
return `Hash digest:
|
||||
${hasshHash}
|
||||
|
||||
Full HASSH algorithms string:
|
||||
${hasshStr}
|
||||
|
||||
Key Exchange Algorithms:
|
||||
${kexAlgos}
|
||||
Encryption Algorithms Client to Server:
|
||||
${encAlgosC2S}
|
||||
MAC Algorithms Client to Server:
|
||||
${macAlgosC2S}
|
||||
Compression Algorithms Client to Server:
|
||||
${compAlgosC2S}`;
|
||||
case "Hash digest":
|
||||
default:
|
||||
return hasshHash;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
export default HASSHClientFingerprint;
|
|
@ -0,0 +1,166 @@
|
|||
/**
|
||||
* @author n1474335 [n1474335@gmail.com]
|
||||
* @copyright Crown Copyright 2021
|
||||
* @license Apache-2.0
|
||||
*
|
||||
* HASSH created by Salesforce
|
||||
* Ben Reardon (@benreardon)
|
||||
* Adel Karimi (@0x4d31)
|
||||
* and the JA3 crew:
|
||||
* John B. Althouse
|
||||
* Jeff Atkinson
|
||||
* Josh Atkins
|
||||
*
|
||||
* Algorithm released under the BSD-3-clause licence
|
||||
*/
|
||||
|
||||
import Operation from "../Operation.mjs";
|
||||
import OperationError from "../errors/OperationError.mjs";
|
||||
import Utils from "../Utils.mjs";
|
||||
import Stream from "../lib/Stream.mjs";
|
||||
import {runHash} from "../lib/Hash.mjs";
|
||||
|
||||
/**
|
||||
* HASSH Server Fingerprint operation
|
||||
*/
|
||||
class HASSHServerFingerprint extends Operation {
|
||||
|
||||
/**
|
||||
* HASSHServerFingerprint constructor
|
||||
*/
|
||||
constructor() {
|
||||
super();
|
||||
|
||||
this.name = "HASSH Server Fingerprint";
|
||||
this.module = "Crypto";
|
||||
this.description = "Generates a HASSH fingerprint to help identify SSH servers based on hashing together values from the Server Key Exchange Init message.<br><br>Input: A hex stream of the SSH_MSG_KEXINIT packet application layer from Server to Client.";
|
||||
this.infoURL = "https://engineering.salesforce.com/open-sourcing-hassh-abed3ae5044c";
|
||||
this.inputType = "string";
|
||||
this.outputType = "string";
|
||||
this.args = [
|
||||
{
|
||||
name: "Input format",
|
||||
type: "option",
|
||||
value: ["Hex", "Base64", "Raw"]
|
||||
},
|
||||
{
|
||||
name: "Output format",
|
||||
type: "option",
|
||||
value: ["Hash digest", "HASSH algorithms string", "Full details"]
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param {string} input
|
||||
* @param {Object[]} args
|
||||
* @returns {string}
|
||||
*/
|
||||
run(input, args) {
|
||||
const [inputFormat, outputFormat] = args;
|
||||
|
||||
input = Utils.convertToByteArray(input, inputFormat);
|
||||
const s = new Stream(new Uint8Array(input));
|
||||
|
||||
// Length
|
||||
const length = s.readInt(4);
|
||||
if (s.length !== length + 4)
|
||||
throw new OperationError("Incorrect packet length.");
|
||||
|
||||
// Padding length
|
||||
const paddingLength = s.readInt(1);
|
||||
|
||||
// Message code
|
||||
const messageCode = s.readInt(1);
|
||||
if (messageCode !== 20)
|
||||
throw new OperationError("Not a Key Exchange Init.");
|
||||
|
||||
// Cookie
|
||||
s.moveForwardsBy(16);
|
||||
|
||||
// KEX Algorithms
|
||||
const kexAlgosLength = s.readInt(4);
|
||||
const kexAlgos = s.readString(kexAlgosLength);
|
||||
|
||||
// Server Host Key Algorithms
|
||||
const serverHostKeyAlgosLength = s.readInt(4);
|
||||
s.moveForwardsBy(serverHostKeyAlgosLength);
|
||||
|
||||
// Encryption Algorithms Client to Server
|
||||
const encAlgosC2SLength = s.readInt(4);
|
||||
s.moveForwardsBy(encAlgosC2SLength);
|
||||
|
||||
// Encryption Algorithms Server to Client
|
||||
const encAlgosS2CLength = s.readInt(4);
|
||||
const encAlgosS2C = s.readString(encAlgosS2CLength);
|
||||
|
||||
// MAC Algorithms Client to Server
|
||||
const macAlgosC2SLength = s.readInt(4);
|
||||
s.moveForwardsBy(macAlgosC2SLength);
|
||||
|
||||
// MAC Algorithms Server to Client
|
||||
const macAlgosS2CLength = s.readInt(4);
|
||||
const macAlgosS2C = s.readString(macAlgosS2CLength);
|
||||
|
||||
// Compression Algorithms Client to Server
|
||||
const compAlgosC2SLength = s.readInt(4);
|
||||
s.moveForwardsBy(compAlgosC2SLength);
|
||||
|
||||
// Compression Algorithms Server to Client
|
||||
const compAlgosS2CLength = s.readInt(4);
|
||||
const compAlgosS2C = s.readString(compAlgosS2CLength);
|
||||
|
||||
// Languages Client to Server
|
||||
const langsC2SLength = s.readInt(4);
|
||||
s.moveForwardsBy(langsC2SLength);
|
||||
|
||||
// Languages Server to Client
|
||||
const langsS2CLength = s.readInt(4);
|
||||
s.moveForwardsBy(langsS2CLength);
|
||||
|
||||
// First KEX packet follows
|
||||
s.moveForwardsBy(1);
|
||||
|
||||
// Reserved
|
||||
s.moveForwardsBy(4);
|
||||
|
||||
// Padding string
|
||||
s.moveForwardsBy(paddingLength);
|
||||
|
||||
// Output
|
||||
const hassh = [
|
||||
kexAlgos,
|
||||
encAlgosS2C,
|
||||
macAlgosS2C,
|
||||
compAlgosS2C
|
||||
];
|
||||
const hasshStr = hassh.join(";");
|
||||
const hasshHash = runHash("md5", Utils.strToArrayBuffer(hasshStr));
|
||||
|
||||
switch (outputFormat) {
|
||||
case "HASSH algorithms string":
|
||||
return hasshStr;
|
||||
case "Full details":
|
||||
return `Hash digest:
|
||||
${hasshHash}
|
||||
|
||||
Full HASSH algorithms string:
|
||||
${hasshStr}
|
||||
|
||||
Key Exchange Algorithms:
|
||||
${kexAlgos}
|
||||
Encryption Algorithms Server to Client:
|
||||
${encAlgosS2C}
|
||||
MAC Algorithms Server to Client:
|
||||
${macAlgosS2C}
|
||||
Compression Algorithms Server to Client:
|
||||
${compAlgosS2C}`;
|
||||
case "Hash digest":
|
||||
default:
|
||||
return hasshHash;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
export default HASSHServerFingerprint;
|
|
@ -0,0 +1,205 @@
|
|||
/**
|
||||
* @author n1474335 [n1474335@gmail.com]
|
||||
* @copyright Crown Copyright 2021
|
||||
* @license Apache-2.0
|
||||
*
|
||||
* JA3 created by Salesforce
|
||||
* John B. Althouse
|
||||
* Jeff Atkinson
|
||||
* Josh Atkins
|
||||
*
|
||||
* Algorithm released under the BSD-3-clause licence
|
||||
*/
|
||||
|
||||
import Operation from "../Operation.mjs";
|
||||
import OperationError from "../errors/OperationError.mjs";
|
||||
import Utils from "../Utils.mjs";
|
||||
import Stream from "../lib/Stream.mjs";
|
||||
import {runHash} from "../lib/Hash.mjs";
|
||||
|
||||
/**
|
||||
* JA3 Fingerprint operation
|
||||
*/
|
||||
class JA3Fingerprint extends Operation {
|
||||
|
||||
/**
|
||||
* JA3Fingerprint constructor
|
||||
*/
|
||||
constructor() {
|
||||
super();
|
||||
|
||||
this.name = "JA3 Fingerprint";
|
||||
this.module = "Crypto";
|
||||
this.description = "Generates a JA3 fingerprint to help identify TLS clients based on hashing together values from the Client Hello.<br><br>Input: A hex stream of the TLS Client Hello packet application layer.";
|
||||
this.infoURL = "https://engineering.salesforce.com/tls-fingerprinting-with-ja3-and-ja3s-247362855967";
|
||||
this.inputType = "string";
|
||||
this.outputType = "string";
|
||||
this.args = [
|
||||
{
|
||||
name: "Input format",
|
||||
type: "option",
|
||||
value: ["Hex", "Base64", "Raw"]
|
||||
},
|
||||
{
|
||||
name: "Output format",
|
||||
type: "option",
|
||||
value: ["Hash digest", "JA3 string", "Full details"]
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param {string} input
|
||||
* @param {Object[]} args
|
||||
* @returns {string}
|
||||
*/
|
||||
run(input, args) {
|
||||
const [inputFormat, outputFormat] = args;
|
||||
|
||||
input = Utils.convertToByteArray(input, inputFormat);
|
||||
const s = new Stream(new Uint8Array(input));
|
||||
|
||||
const handshake = s.readInt(1);
|
||||
if (handshake !== 0x16)
|
||||
throw new OperationError("Not handshake data.");
|
||||
|
||||
// Version
|
||||
s.moveForwardsBy(2);
|
||||
|
||||
// Length
|
||||
const length = s.readInt(2);
|
||||
if (s.length !== length + 5)
|
||||
throw new OperationError("Incorrect handshake length.");
|
||||
|
||||
// Handshake type
|
||||
const handshakeType = s.readInt(1);
|
||||
if (handshakeType !== 1)
|
||||
throw new OperationError("Not a Client Hello.");
|
||||
|
||||
// Handshake length
|
||||
const handshakeLength = s.readInt(3);
|
||||
if (s.length !== handshakeLength + 9)
|
||||
throw new OperationError("Not enough data in Client Hello.");
|
||||
|
||||
// Hello version
|
||||
const helloVersion = s.readInt(2);
|
||||
|
||||
// Random
|
||||
s.moveForwardsBy(32);
|
||||
|
||||
// Session ID
|
||||
const sessionIDLength = s.readInt(1);
|
||||
s.moveForwardsBy(sessionIDLength);
|
||||
|
||||
// Cipher suites
|
||||
const cipherSuitesLength = s.readInt(2);
|
||||
const cipherSuites = s.getBytes(cipherSuitesLength);
|
||||
const cs = new Stream(cipherSuites);
|
||||
const cipherSegment = parseJA3Segment(cs, 2);
|
||||
|
||||
// Compression Methods
|
||||
const compressionMethodsLength = s.readInt(1);
|
||||
s.moveForwardsBy(compressionMethodsLength);
|
||||
|
||||
// Extensions
|
||||
const extensionsLength = s.readInt(2);
|
||||
const extensions = s.getBytes(extensionsLength);
|
||||
const es = new Stream(extensions);
|
||||
let ecsLen, ecs, ellipticCurves = "", ellipticCurvePointFormats = "";
|
||||
const exts = [];
|
||||
while (es.hasMore()) {
|
||||
const type = es.readInt(2);
|
||||
const length = es.readInt(2);
|
||||
switch (type) {
|
||||
case 0x0a: // Elliptic curves
|
||||
ecsLen = es.readInt(2);
|
||||
ecs = new Stream(es.getBytes(ecsLen));
|
||||
ellipticCurves = parseJA3Segment(ecs, 2);
|
||||
break;
|
||||
case 0x0b: // Elliptic curve point formats
|
||||
ecsLen = es.readInt(1);
|
||||
ecs = new Stream(es.getBytes(ecsLen));
|
||||
ellipticCurvePointFormats = parseJA3Segment(ecs, 1);
|
||||
break;
|
||||
default:
|
||||
es.moveForwardsBy(length);
|
||||
}
|
||||
if (!GREASE_CIPHERSUITES.includes(type))
|
||||
exts.push(type);
|
||||
}
|
||||
|
||||
// Output
|
||||
const ja3 = [
|
||||
helloVersion.toString(),
|
||||
cipherSegment,
|
||||
exts.join("-"),
|
||||
ellipticCurves,
|
||||
ellipticCurvePointFormats
|
||||
];
|
||||
const ja3Str = ja3.join(",");
|
||||
const ja3Hash = runHash("md5", Utils.strToArrayBuffer(ja3Str));
|
||||
|
||||
switch (outputFormat) {
|
||||
case "JA3 string":
|
||||
return ja3Str;
|
||||
case "Full details":
|
||||
return `Hash digest:
|
||||
${ja3Hash}
|
||||
|
||||
Full JA3 string:
|
||||
${ja3Str}
|
||||
|
||||
TLS Version:
|
||||
${helloVersion.toString()}
|
||||
Cipher Suites:
|
||||
${cipherSegment}
|
||||
Extensions:
|
||||
${exts.join("-")}
|
||||
Elliptic Curves:
|
||||
${ellipticCurves}
|
||||
Elliptic Curve Point Formats:
|
||||
${ellipticCurvePointFormats}`;
|
||||
case "Hash digest":
|
||||
default:
|
||||
return ja3Hash;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Parses a JA3 segment, returning a "-" separated list
|
||||
*
|
||||
* @param {Stream} stream
|
||||
* @returns {string}
|
||||
*/
|
||||
function parseJA3Segment(stream, size=2) {
|
||||
const segment = [];
|
||||
while (stream.hasMore()) {
|
||||
const element = stream.readInt(size);
|
||||
if (!GREASE_CIPHERSUITES.includes(element))
|
||||
segment.push(element);
|
||||
}
|
||||
return segment.join("-");
|
||||
}
|
||||
|
||||
const GREASE_CIPHERSUITES = [
|
||||
0x0a0a,
|
||||
0x1a1a,
|
||||
0x2a2a,
|
||||
0x3a3a,
|
||||
0x4a4a,
|
||||
0x5a5a,
|
||||
0x6a6a,
|
||||
0x7a7a,
|
||||
0x8a8a,
|
||||
0x9a9a,
|
||||
0xaaaa,
|
||||
0xbaba,
|
||||
0xcaca,
|
||||
0xdada,
|
||||
0xeaea,
|
||||
0xfafa
|
||||
];
|
||||
|
||||
export default JA3Fingerprint;
|
|
@ -0,0 +1,145 @@
|
|||
/**
|
||||
* @author n1474335 [n1474335@gmail.com]
|
||||
* @copyright Crown Copyright 2021
|
||||
* @license Apache-2.0
|
||||
*
|
||||
* JA3S created by Salesforce
|
||||
* John B. Althouse
|
||||
* Jeff Atkinson
|
||||
* Josh Atkins
|
||||
*
|
||||
* Algorithm released under the BSD-3-clause licence
|
||||
*/
|
||||
|
||||
import Operation from "../Operation.mjs";
|
||||
import OperationError from "../errors/OperationError.mjs";
|
||||
import Utils from "../Utils.mjs";
|
||||
import Stream from "../lib/Stream.mjs";
|
||||
import {runHash} from "../lib/Hash.mjs";
|
||||
|
||||
/**
|
||||
* JA3S Fingerprint operation
|
||||
*/
|
||||
class JA3SFingerprint extends Operation {
|
||||
|
||||
/**
|
||||
* JA3SFingerprint constructor
|
||||
*/
|
||||
constructor() {
|
||||
super();
|
||||
|
||||
this.name = "JA3S Fingerprint";
|
||||
this.module = "Crypto";
|
||||
this.description = "Generates a JA3S fingerprint to help identify TLS servers based on hashing together values from the Server Hello.<br><br>Input: A hex stream of the TLS Server Hello record application layer.";
|
||||
this.infoURL = "https://engineering.salesforce.com/tls-fingerprinting-with-ja3-and-ja3s-247362855967";
|
||||
this.inputType = "string";
|
||||
this.outputType = "string";
|
||||
this.args = [
|
||||
{
|
||||
name: "Input format",
|
||||
type: "option",
|
||||
value: ["Hex", "Base64", "Raw"]
|
||||
},
|
||||
{
|
||||
name: "Output format",
|
||||
type: "option",
|
||||
value: ["Hash digest", "JA3S string", "Full details"]
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param {string} input
|
||||
* @param {Object[]} args
|
||||
* @returns {string}
|
||||
*/
|
||||
run(input, args) {
|
||||
const [inputFormat, outputFormat] = args;
|
||||
|
||||
input = Utils.convertToByteArray(input, inputFormat);
|
||||
const s = new Stream(new Uint8Array(input));
|
||||
|
||||
const handshake = s.readInt(1);
|
||||
if (handshake !== 0x16)
|
||||
throw new OperationError("Not handshake data.");
|
||||
|
||||
// Version
|
||||
s.moveForwardsBy(2);
|
||||
|
||||
// Length
|
||||
const length = s.readInt(2);
|
||||
if (s.length !== length + 5)
|
||||
throw new OperationError("Incorrect handshake length.");
|
||||
|
||||
// Handshake type
|
||||
const handshakeType = s.readInt(1);
|
||||
if (handshakeType !== 2)
|
||||
throw new OperationError("Not a Server Hello.");
|
||||
|
||||
// Handshake length
|
||||
const handshakeLength = s.readInt(3);
|
||||
if (s.length !== handshakeLength + 9)
|
||||
throw new OperationError("Not enough data in Server Hello.");
|
||||
|
||||
// Hello version
|
||||
const helloVersion = s.readInt(2);
|
||||
|
||||
// Random
|
||||
s.moveForwardsBy(32);
|
||||
|
||||
// Session ID
|
||||
const sessionIDLength = s.readInt(1);
|
||||
s.moveForwardsBy(sessionIDLength);
|
||||
|
||||
// Cipher suite
|
||||
const cipherSuite = s.readInt(2);
|
||||
|
||||
// Compression Method
|
||||
s.moveForwardsBy(1);
|
||||
|
||||
// Extensions
|
||||
const extensionsLength = s.readInt(2);
|
||||
const extensions = s.getBytes(extensionsLength);
|
||||
const es = new Stream(extensions);
|
||||
const exts = [];
|
||||
while (es.hasMore()) {
|
||||
const type = es.readInt(2);
|
||||
const length = es.readInt(2);
|
||||
es.moveForwardsBy(length);
|
||||
exts.push(type);
|
||||
}
|
||||
|
||||
// Output
|
||||
const ja3s = [
|
||||
helloVersion.toString(),
|
||||
cipherSuite,
|
||||
exts.join("-")
|
||||
];
|
||||
const ja3sStr = ja3s.join(",");
|
||||
const ja3sHash = runHash("md5", Utils.strToArrayBuffer(ja3sStr));
|
||||
|
||||
switch (outputFormat) {
|
||||
case "JA3S string":
|
||||
return ja3sStr;
|
||||
case "Full details":
|
||||
return `Hash digest:
|
||||
${ja3sHash}
|
||||
|
||||
Full JA3S string:
|
||||
${ja3sStr}
|
||||
|
||||
TLS Version:
|
||||
${helloVersion.toString()}
|
||||
Cipher Suite:
|
||||
${cipherSuite}
|
||||
Extensions:
|
||||
${exts.join("-")}`;
|
||||
case "Hash digest":
|
||||
default:
|
||||
return ja3sHash;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
export default JA3SFingerprint;
|
|
@ -20,12 +20,30 @@ class ProtobufDecode extends Operation {
|
|||
super();
|
||||
|
||||
this.name = "Protobuf Decode";
|
||||
this.module = "Default";
|
||||
this.description = "Decodes any Protobuf encoded data to a JSON representation of the data using the field number as the field key.";
|
||||
this.module = "Protobuf";
|
||||
this.description = "Decodes any Protobuf encoded data to a JSON representation of the data using the field number as the field key.<br><br>If a .proto schema is defined, the encoded data will be decoded with reference to the schema. Only one message instance will be decoded. <br><br><u>Show Unknown Fields</u><br>When a schema is used, this option shows fields that are present in the input data but not defined in the schema.<br><br><u>Show Types</u><br>Show the type of a field next to its name. For undefined fields, the wiretype and example types are shown instead.";
|
||||
this.infoURL = "https://wikipedia.org/wiki/Protocol_Buffers";
|
||||
this.inputType = "ArrayBuffer";
|
||||
this.outputType = "JSON";
|
||||
this.args = [];
|
||||
this.args = [
|
||||
{
|
||||
name: "Schema (.proto text)",
|
||||
type: "text",
|
||||
value: "",
|
||||
rows: 8,
|
||||
hint: "Drag and drop is enabled on this ingredient"
|
||||
},
|
||||
{
|
||||
name: "Show Unknown Fields",
|
||||
type: "boolean",
|
||||
value: false
|
||||
},
|
||||
{
|
||||
name: "Show Types",
|
||||
type: "boolean",
|
||||
value: false
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -36,7 +54,7 @@ class ProtobufDecode extends Operation {
|
|||
run(input, args) {
|
||||
input = new Uint8Array(input);
|
||||
try {
|
||||
return Protobuf.decode(input);
|
||||
return Protobuf.decode(input, args);
|
||||
} catch (err) {
|
||||
throw new OperationError(err);
|
||||
}
|
||||
|
|
|
@ -0,0 +1,54 @@
|
|||
/**
|
||||
* @author GCHQ Contributor [3]
|
||||
* @copyright Crown Copyright 2021
|
||||
* @license Apache-2.0
|
||||
*/
|
||||
|
||||
import Operation from "../Operation.mjs";
|
||||
import OperationError from "../errors/OperationError.mjs";
|
||||
import Protobuf from "../lib/Protobuf.mjs";
|
||||
|
||||
/**
|
||||
* Protobuf Encode operation
|
||||
*/
|
||||
class ProtobufEncode extends Operation {
|
||||
|
||||
/**
|
||||
* ProtobufEncode constructor
|
||||
*/
|
||||
constructor() {
|
||||
super();
|
||||
|
||||
this.name = "Protobuf Encode";
|
||||
this.module = "Protobuf";
|
||||
this.description = "Encodes a valid JSON object into a protobuf byte array using the input .proto schema.";
|
||||
this.infoURL = "https://developers.google.com/protocol-buffers/docs/encoding";
|
||||
this.inputType = "JSON";
|
||||
this.outputType = "ArrayBuffer";
|
||||
this.args = [
|
||||
{
|
||||
name: "Schema (.proto text)",
|
||||
type: "text",
|
||||
value: "",
|
||||
rows: 8,
|
||||
hint: "Drag and drop is enabled on this ingredient"
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param {Object} input
|
||||
* @param {Object[]} args
|
||||
* @returns {ArrayBuffer}
|
||||
*/
|
||||
run(input, args) {
|
||||
try {
|
||||
return Protobuf.encode(input, args);
|
||||
} catch (error) {
|
||||
throw new OperationError(error);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
export default ProtobufEncode;
|
|
@ -105,6 +105,10 @@ import "./tests/RSA.mjs";
|
|||
import "./tests/CBOREncode.mjs";
|
||||
import "./tests/CBORDecode.mjs";
|
||||
import "./tests/ExtractBitcoinAddresses.mjs";
|
||||
import "./tests/JA3Fingerprint.mjs";
|
||||
import "./tests/JA3SFingerprint.mjs";
|
||||
import "./tests/HASSH.mjs";
|
||||
|
||||
|
||||
|
||||
// Cannot test operations that use the File type yet
|
||||
|
|
|
@ -0,0 +1,33 @@
|
|||
/**
|
||||
* HASSH tests.
|
||||
*
|
||||
* @author n1474335 [n1474335@gmail.com]
|
||||
* @copyright Crown Copyright 2021
|
||||
* @license Apache-2.0
|
||||
*/
|
||||
import TestRegister from "../../lib/TestRegister.mjs";
|
||||
|
||||
TestRegister.addTests([
|
||||
{
|
||||
name: "HASSH Client Fingerprint",
|
||||
input: "000003140814c639665f5425dcb80bf9f0a048380a410000007e6469666669652d68656c6c6d616e2d67726f75702d65786368616e67652d7368613235362c6469666669652d68656c6c6d616e2d67726f75702d65786368616e67652d736861312c6469666669652d68656c6c6d616e2d67726f757031342d736861312c6469666669652d68656c6c6d616e2d67726f7570312d736861310000000f7373682d7273612c7373682d6473730000009d6165733132382d6374722c6165733139322d6374722c6165733235362d6374722c617263666f75723235362c617263666f75723132382c6165733132382d6362632c336465732d6362632c626c6f77666973682d6362632c636173743132382d6362632c6165733139322d6362632c6165733235362d6362632c617263666f75722c72696a6e6461656c2d636263406c797361746f722e6c69752e73650000009d6165733132382d6374722c6165733139322d6374722c6165733235362d6374722c617263666f75723235362c617263666f75723132382c6165733132382d6362632c336465732d6362632c626c6f77666973682d6362632c636173743132382d6362632c6165733139322d6362632c6165733235362d6362632c617263666f75722c72696a6e6461656c2d636263406c797361746f722e6c69752e736500000069686d61632d6d64352c686d61632d736861312c756d61632d3634406f70656e7373682e636f6d2c686d61632d726970656d643136302c686d61632d726970656d64313630406f70656e7373682e636f6d2c686d61632d736861312d39362c686d61632d6d64352d393600000069686d61632d6d64352c686d61632d736861312c756d61632d3634406f70656e7373682e636f6d2c686d61632d726970656d643136302c686d61632d726970656d64313630406f70656e7373682e636f6d2c686d61632d736861312d39362c686d61632d6d64352d39360000001a6e6f6e652c7a6c6962406f70656e7373682e636f6d2c7a6c69620000001a6e6f6e652c7a6c6962406f70656e7373682e636f6d2c7a6c6962000000000000000000000000000000000000000000",
|
||||
expectedOutput: "21b457a327ce7a2d4fce5ef2c42400bd",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "HASSH Client Fingerprint",
|
||||
"args": ["Hex", "Hash digest"]
|
||||
}
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "HASSH Server Fingerprint",
|
||||
input: "0000027c0b142c7bb93a1da21c9e54f5862e60a5597c000000596469666669652d68656c6c6d616e2d67726f75702d65786368616e67652d736861312c6469666669652d68656c6c6d616e2d67726f757031342d736861312c6469666669652d68656c6c6d616e2d67726f7570312d736861310000000f7373682d7273612c7373682d647373000000876165733132382d6362632c336465732d6362632c626c6f77666973682d6362632c636173743132382d6362632c617263666f75722c6165733139322d6362632c6165733235362d6362632c72696a6e6461656c2d636263406c797361746f722e6c69752e73652c6165733132382d6374722c6165733139322d6374722c6165733235362d637472000000876165733132382d6362632c336465732d6362632c626c6f77666973682d6362632c636173743132382d6362632c617263666f75722c6165733139322d6362632c6165733235362d6362632c72696a6e6461656c2d636263406c797361746f722e6c69752e73652c6165733132382d6374722c6165733139322d6374722c6165733235362d63747200000055686d61632d6d64352c686d61632d736861312c686d61632d726970656d643136302c686d61632d726970656d64313630406f70656e7373682e636f6d2c686d61632d736861312d39362c686d61632d6d64352d393600000055686d61632d6d64352c686d61632d736861312c686d61632d726970656d643136302c686d61632d726970656d64313630406f70656e7373682e636f6d2c686d61632d736861312d39362c686d61632d6d64352d3936000000096e6f6e652c7a6c6962000000096e6f6e652c7a6c6962000000000000000000000000000000000000000000000000",
|
||||
expectedOutput: "f430cd6761697a6a658ee1d45ed22e49",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "HASSH Server Fingerprint",
|
||||
"args": ["Hex", "Hash digest"]
|
||||
}
|
||||
],
|
||||
}
|
||||
]);
|
|
@ -0,0 +1,55 @@
|
|||
/**
|
||||
* JA3Fingerprint tests.
|
||||
*
|
||||
* @author n1474335 [n1474335@gmail.com]
|
||||
* @copyright Crown Copyright 2021
|
||||
* @license Apache-2.0
|
||||
*/
|
||||
import TestRegister from "../../lib/TestRegister.mjs";
|
||||
|
||||
TestRegister.addTests([
|
||||
{
|
||||
name: "JA3 Fingerprint: TLS 1.0",
|
||||
input: "16030100a4010000a00301543dd2dd48f517ca9a93b1e599f019fdece704a23e86c1dcac588427abbaddf200005cc014c00a0039003800880087c00fc00500350084c012c00800160013c00dc003000ac013c00900330032009a009900450044c00ec004002f009600410007c011c007c00cc002000500040015001200090014001100080006000300ff0100001b000b000403000102000a000600040018001700230000000f000101",
|
||||
expectedOutput: "503053a0c5b2bd9b9334bf7f3d3b8852",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "JA3 Fingerprint",
|
||||
"args": ["Hex", "Hash digest"]
|
||||
}
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "JA3 Fingerprint: TLS 1.1",
|
||||
input: "16030100a4010000a00302543dd2ed907e47d0086f34bee2c52dd6ccd8de63ba9387f5e810b09d9d49b38000005cc014c00a0039003800880087c00fc00500350084c012c00800160013c00dc003000ac013c00900330032009a009900450044c00ec004002f009600410007c011c007c00cc002000500040015001200090014001100080006000300ff0100001b000b000403000102000a000600040018001700230000000f000101",
|
||||
expectedOutput: "a314eb64cee6cb832aaaa372c8295bab",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "JA3 Fingerprint",
|
||||
"args": ["Hex", "Hash digest"]
|
||||
}
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "JA3 Fingerprint: TLS 1.2",
|
||||
input: "1603010102010000fe0303543dd3283283692d85f9416b5ccc65d2aafca45c6530b3c6eafbf6d371b6a015000094c030c02cc028c024c014c00a00a3009f006b006a0039003800880087c032c02ec02ac026c00fc005009d003d00350084c012c00800160013c00dc003000ac02fc02bc027c023c013c00900a2009e0067004000330032009a009900450044c031c02dc029c025c00ec004009c003c002f009600410007c011c007c00cc002000500040015001200090014001100080006000300ff01000041000b000403000102000a000600040018001700230000000d002200200601060206030501050205030401040204030301030203030201020202030101000f000101",
|
||||
expectedOutput: "c1a36e1a870786cc75edddc0009eaf3a",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "JA3 Fingerprint",
|
||||
"args": ["Hex", "Hash digest"]
|
||||
}
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "JA3 Fingerprint: TLS 1.3",
|
||||
input: "1603010200010001fc03034355d402c132771a9386b6e9994ae37069e0621af504c26673b1343843c21d8d0000264a4a130113021303c02bc02fc02cc030cca9cca8cc14cc13c013c014009c009d002f0035000a010001addada0000ff01000100000000180016000013626c6f672e636c6f7564666c6172652e636f6d0017000000230000000d00140012040308040401050308050501080606010201000500050100000000001200000010000e000c02683208687474702f312e3175500000000b000201000028002b00295a5a000100001d0020cf78b9167af054b922a96752b43973107b2a57766357dd288b2b42ab5df30e08002d00020101002b000b0acaca7f12030303020301000a000a00085a5a001d001700180a0a000100001500e4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||
expectedOutput: "4826a90ec2daf4f7b4b64cc1c8bd343b",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "JA3 Fingerprint",
|
||||
"args": ["Hex", "Hash digest"]
|
||||
}
|
||||
],
|
||||
},
|
||||
]);
|
|
@ -0,0 +1,57 @@
|
|||
/**
|
||||
* JA3SFingerprint tests.
|
||||
*
|
||||
* @author n1474335 [n1474335@gmail.com]
|
||||
* @copyright Crown Copyright 2021
|
||||
* @license Apache-2.0
|
||||
*/
|
||||
import TestRegister from "../../lib/TestRegister.mjs";
|
||||
|
||||
TestRegister.addTests([
|
||||
{
|
||||
name: "JA3S Fingerprint: TLS 1.0",
|
||||
input: "160301003d020000390301543dd2ddedbfe33895bd6bc676a3fa6b9fe5773a6e04d5476d1af3bcbc1dcbbb00c011000011ff01000100000b00040300010200230000",
|
||||
expectedOutput: "bed95e1b525d2f41db3a6d68fac5b566",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "JA3S Fingerprint",
|
||||
"args": ["Hex", "Hash digest"]
|
||||
}
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "JA3S Fingerprint: TLS 1.1",
|
||||
input: "160302003d020000390302543dd2ed88131999a0120d36c14a4139671d75aae3d7d7779081d3cf7dd7725a00c013000011ff01000100000b00040300010200230000",
|
||||
expectedOutput: "130fac2dc19b142500acb0abc63b6379",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "JA3S Fingerprint",
|
||||
"args": ["Hex", "Hash digest"]
|
||||
}
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "JA3S Fingerprint: TLS 1.2",
|
||||
input: "160303003d020000390303543dd328b38b445686739d58fab733fa23838f575e0e5ad9a1b9baace6cc3b4100c02f000011ff01000100000b00040300010200230000",
|
||||
expectedOutput: "ccc514751b175866924439bdbb5bba34",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "JA3S Fingerprint",
|
||||
"args": ["Hex", "Hash digest"]
|
||||
}
|
||||
],
|
||||
},
|
||||
// This Server Hello was based on draft 18 of the TLS1.3 spec which does not include a Session ID field, leading it to fail.
|
||||
// The published version of TLS1.3 does require a legacy Session ID field (even if it is empty).
|
||||
// {
|
||||
// name: "JA3S Fingerprint: TLS 1.3",
|
||||
// input: "16030100520200004e7f123ef1609fd3f4fa8668aac5822d500fb0639b22671d0fb7258597355795511bf61301002800280024001d0020ae0e282a3b7a463e71064ecbaf671586e979b0edbebf7a4735c31678c70f660c",
|
||||
// expectedOutput: "986ae432c402479fe7a0c6fbe02164c1",
|
||||
// recipeConfig: [
|
||||
// {
|
||||
// "op": "JA3S Fingerprint",
|
||||
// "args": ["Hex", "Hash digest"]
|
||||
// }
|
||||
// ],
|
||||
// },
|
||||
]);
|
|
@ -10,10 +10,10 @@ import TestRegister from "../../lib/TestRegister.mjs";
|
|||
|
||||
TestRegister.addTests([
|
||||
{
|
||||
name: "Protobuf Decode",
|
||||
name: "Protobuf Decode: no schema",
|
||||
input: "0d1c0000001203596f751a024d65202b2a0a0a066162633132331200",
|
||||
expectedOutput: JSON.stringify({
|
||||
"1": 469762048,
|
||||
"1": 28,
|
||||
"2": "You",
|
||||
"3": "Me",
|
||||
"4": 43,
|
||||
|
@ -29,7 +29,277 @@ TestRegister.addTests([
|
|||
},
|
||||
{
|
||||
"op": "Protobuf Decode",
|
||||
"args": []
|
||||
"args": ["", false, false]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
name: "Protobuf Decode: partial schema, no unknown fields",
|
||||
input: "0d1c0000001203596f751a024d65202b2a0a0a066162633132331200",
|
||||
expectedOutput: JSON.stringify({
|
||||
"Apple": [
|
||||
28
|
||||
],
|
||||
"Banana": "You",
|
||||
"Carrot": [
|
||||
"Me"
|
||||
]
|
||||
}, null, 4),
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "From Hex",
|
||||
"args": ["Auto"]
|
||||
},
|
||||
{
|
||||
"op": "Protobuf Decode",
|
||||
"args": [
|
||||
`message Test {
|
||||
repeated fixed32 Apple = 1;
|
||||
optional string Banana = 2;
|
||||
repeated string Carrot = 3;
|
||||
}`,
|
||||
false,
|
||||
false
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
name: "Protobuf Decode: partial schema, show unknown fields",
|
||||
input: "0d1c0000001203596f751a024d65202b2a0a0a066162633132331200",
|
||||
expectedOutput: JSON.stringify({
|
||||
"Test": {
|
||||
"Apple": [
|
||||
28
|
||||
],
|
||||
"Banana": "You",
|
||||
"Carrot": [
|
||||
"Me"
|
||||
]
|
||||
},
|
||||
"Unknown Fields": {
|
||||
"4": 43,
|
||||
"5": {
|
||||
"1": "abc123",
|
||||
"2": {}
|
||||
}
|
||||
}
|
||||
}, null, 4),
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "From Hex",
|
||||
"args": ["Auto"]
|
||||
},
|
||||
{
|
||||
"op": "Protobuf Decode",
|
||||
"args": [
|
||||
`message Test {
|
||||
repeated fixed32 Apple = 1;
|
||||
optional string Banana = 2;
|
||||
repeated string Carrot = 3;
|
||||
}`,
|
||||
true,
|
||||
false
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
name: "Protobuf Decode: full schema, no unknown fields",
|
||||
input: "0d1c0000001203596f751a024d65202b2a0a0a06616263313233120031ff00000000000000",
|
||||
expectedOutput: JSON.stringify({
|
||||
"Apple": [
|
||||
28
|
||||
],
|
||||
"Banana": "You",
|
||||
"Carrot": [
|
||||
"Me"
|
||||
],
|
||||
"Date": 43,
|
||||
"Elderberry": {
|
||||
"Fig": "abc123",
|
||||
"Grape": {}
|
||||
},
|
||||
"Huckleberry": 255
|
||||
}, null, 4),
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "From Hex",
|
||||
"args": ["Auto"]
|
||||
},
|
||||
{
|
||||
"op": "Protobuf Decode",
|
||||
"args": [
|
||||
`message Test {
|
||||
repeated fixed32 Apple = 1;
|
||||
optional string Banana = 2;
|
||||
repeated string Carrot = 3;
|
||||
optional int32 Date = 4;
|
||||
optional subTest Elderberry = 5;
|
||||
optional fixed64 Huckleberry = 6;
|
||||
}
|
||||
message subTest {
|
||||
optional string Fig = 1;
|
||||
optional subSubTest Grape = 2;
|
||||
}
|
||||
message subSubTest {}`,
|
||||
false,
|
||||
false
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
name: "Protobuf Decode: partial schema, show unknown fields, show types",
|
||||
input: "0d1c0000001203596f751a024d65202b2a0a0a06616263313233120031ba32a96cc10200003801",
|
||||
expectedOutput: JSON.stringify({
|
||||
"Test": {
|
||||
"Banana (string)": "You",
|
||||
"Carrot (string)": [
|
||||
"Me"
|
||||
],
|
||||
"Date (int32)": 43,
|
||||
"Imbe (Options)": "Option1"
|
||||
},
|
||||
"Unknown Fields": {
|
||||
"field #1: 32-Bit (e.g. fixed32, float)": 28,
|
||||
"field #5: L-delim (e.g. string, message)": {
|
||||
"field #1: L-delim (e.g. string, message)": "abc123",
|
||||
"field #2: L-delim (e.g. string, message)": {}
|
||||
},
|
||||
"field #6: 64-Bit (e.g. fixed64, double)": 3029774971578
|
||||
}
|
||||
}, null, 4),
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "From Hex",
|
||||
"args": ["Auto"]
|
||||
},
|
||||
{
|
||||
"op": "Protobuf Decode",
|
||||
"args": [
|
||||
`message Test {
|
||||
optional string Banana = 2;
|
||||
repeated string Carrot = 3;
|
||||
optional int32 Date = 4;
|
||||
optional Options Imbe = 7;
|
||||
}
|
||||
message subTest {
|
||||
optional string Fig = 1;
|
||||
optional subSubTest Grape = 2;
|
||||
}
|
||||
message subSubTest {}
|
||||
enum Options {
|
||||
Option0 = 0;
|
||||
Option1 = 1;
|
||||
Option2 = 2;
|
||||
}`,
|
||||
true,
|
||||
true
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
name: "Protobuf Encode",
|
||||
input: JSON.stringify({
|
||||
"Apple": [
|
||||
28
|
||||
],
|
||||
"Banana": "You",
|
||||
"Carrot": [
|
||||
"Me"
|
||||
],
|
||||
"Date": 43,
|
||||
"Elderberry": {
|
||||
"Fig": "abc123",
|
||||
"Grape": {}
|
||||
},
|
||||
"Huckleberry": [3029774971578],
|
||||
"Imbe": 1
|
||||
}, null, 4),
|
||||
expectedOutput: "0d1c0000001203596f751a024d65202b2a0a0a06616263313233120031ba32a96cc10200003801",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "Protobuf Encode",
|
||||
"args": [
|
||||
`message Test {
|
||||
repeated fixed32 Apple = 1;
|
||||
optional string Banana = 2;
|
||||
repeated string Carrot = 3;
|
||||
optional int32 Date = 4;
|
||||
optional subTest Elderberry = 5;
|
||||
repeated fixed64 Huckleberry = 6;
|
||||
optional Options Imbe = 7;
|
||||
}
|
||||
message subTest {
|
||||
optional string Fig = 1;
|
||||
optional subSubTest Grape = 2;
|
||||
}
|
||||
message subSubTest {}
|
||||
enum Options {
|
||||
Option0 = 0;
|
||||
Option1 = 1;
|
||||
Option2 = 2;
|
||||
}`
|
||||
]
|
||||
},
|
||||
{
|
||||
"op": "To Hex",
|
||||
"args": [
|
||||
"None",
|
||||
0
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
name: "Protobuf Encode: incomplete schema",
|
||||
input: JSON.stringify({
|
||||
"Apple": [
|
||||
28
|
||||
],
|
||||
"Banana": "You",
|
||||
"Carrot": [
|
||||
"Me"
|
||||
],
|
||||
"Date": 43,
|
||||
"Elderberry": {
|
||||
"Fig": "abc123",
|
||||
"Grape": {}
|
||||
},
|
||||
"Huckleberry": [3029774971578],
|
||||
"Imbe": 1
|
||||
}, null, 4),
|
||||
expectedOutput: "1203596f75202b2a0a0a06616263313233120031ba32a96cc1020000",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "Protobuf Encode",
|
||||
"args": [
|
||||
`message Test {
|
||||
optional string Banana = 2;
|
||||
optional int32 Date = 4;
|
||||
optional subTest Elderberry = 5;
|
||||
repeated fixed64 Huckleberry = 6;
|
||||
}
|
||||
message subTest {
|
||||
optional string Fig = 1;
|
||||
optional subSubTest Grape = 2;
|
||||
}
|
||||
message subSubTest {}
|
||||
enum Options {
|
||||
Option0 = 0;
|
||||
Option1 = 1;
|
||||
Option2 = 2;
|
||||
}`
|
||||
]
|
||||
},
|
||||
{
|
||||
"op": "To Hex",
|
||||
"args": [
|
||||
"None",
|
||||
0
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
|
|
Loading…
Reference in New Issue