diff options
Diffstat (limited to 'node_modules/browserify-aes')
23 files changed, 713 insertions, 725 deletions
diff --git a/node_modules/browserify-aes/.eslintrc b/node_modules/browserify-aes/.eslintrc deleted file mode 100644 index bed248a0d..000000000 --- a/node_modules/browserify-aes/.eslintrc +++ /dev/null @@ -1,132 +0,0 @@ -{ - "ecmaFeatures": { - "modules": true, - "experimentalObjectRestSpread": true - }, - - "env": { - "browser": false, - "es6": true, - "node": true - }, - - "plugins": [ - "standard" - ], - - "globals": { - "document": false, - "navigator": false, - "window": false - }, - - "rules": { - "accessor-pairs": 2, - "arrow-spacing": [2, { "before": true, "after": true }], - "block-spacing": [2, "always"], - "brace-style": [2, "1tbs", { "allowSingleLine": true }], - "comma-dangle": [2, "never"], - "comma-spacing": [2, { "before": false, "after": true }], - "comma-style": [2, "last"], - "constructor-super": 2, - "curly": [2, "multi-line"], - "dot-location": [2, "property"], - "eol-last": 2, - "eqeqeq": [2, "allow-null"], - "generator-star-spacing": [2, { "before": true, "after": true }], - "handle-callback-err": [2, "^(err|error)$" ], - "indent": [2, 2, { "SwitchCase": 1 }], - "key-spacing": [2, { "beforeColon": false, "afterColon": true }], - "new-cap": [2, { "newIsCap": true, "capIsNew": false }], - "new-parens": 2, - "no-array-constructor": 2, - "no-caller": 2, - "no-class-assign": 2, - "no-cond-assign": 2, - "no-const-assign": 2, - "no-control-regex": 2, - "no-debugger": 2, - "no-delete-var": 2, - "no-dupe-args": 2, - "no-dupe-class-members": 2, - "no-dupe-keys": 2, - "no-duplicate-case": 2, - "no-empty-character-class": 2, - "no-empty-label": 2, - "no-eval": 2, - "no-ex-assign": 2, - "no-extend-native": 2, - "no-extra-bind": 2, - "no-extra-boolean-cast": 2, - "no-extra-parens": [2, "functions"], - "no-fallthrough": 2, - "no-floating-decimal": 2, - "no-func-assign": 2, - "no-implied-eval": 2, - "no-inner-declarations": [2, "functions"], - "no-invalid-regexp": 2, - "no-irregular-whitespace": 2, - "no-iterator": 2, - "no-label-var": 2, - "no-labels": 2, - "no-lone-blocks": 2, - "no-mixed-spaces-and-tabs": 2, - "no-multi-spaces": 2, - "no-multi-str": 2, - "no-multiple-empty-lines": [2, { "max": 1 }], - "no-native-reassign": 2, - "no-negated-in-lhs": 2, - "no-new": 2, - "no-new-func": 2, - "no-new-object": 2, - "no-new-require": 2, - "no-new-wrappers": 2, - "no-obj-calls": 2, - "no-octal": 2, - "no-octal-escape": 2, - "no-proto": 2, - "no-redeclare": 2, - "no-regex-spaces": 2, - "no-return-assign": 2, - "no-self-compare": 2, - "no-sequences": 2, - "no-shadow-restricted-names": 2, - "no-spaced-func": 2, - "no-sparse-arrays": 2, - "no-this-before-super": 2, - "no-throw-literal": 2, - "no-trailing-spaces": 2, - "no-undef": 2, - "no-undef-init": 2, - "no-unexpected-multiline": 2, - "no-unneeded-ternary": [2, { "defaultAssignment": false }], - "no-unreachable": 2, - "no-unused-vars": [2, { "vars": "all", "args": "none" }], - "no-useless-call": 2, - "no-with": 2, - "one-var": [2, { "initialized": "never" }], - "operator-linebreak": [2, "after", { "overrides": { "?": "before", ":": "before" } }], - "padded-blocks": [2, "never"], - "quotes": [2, "single", "avoid-escape"], - "radix": 2, - "semi": [2, "never"], - "semi-spacing": [2, { "before": false, "after": true }], - "space-after-keywords": [2, "always"], - "space-before-blocks": [2, "always"], - "space-before-function-paren": [2, "always"], - "space-before-keywords": [2, "always"], - "space-in-parens": [2, "never"], - "space-infix-ops": 2, - "space-return-throw-case": 2, - "space-unary-ops": [2, { "words": true, "nonwords": false }], - "spaced-comment": [2, "always", { "markers": ["global", "globals", "eslint", "eslint-disable", "*package", "!", ","] }], - "use-isnan": 2, - "valid-typeof": 2, - "wrap-iife": [2, "any"], - "yoda": [2, "never"], - - "standard/object-curly-even-spacing": [2, "either"], - "standard/array-bracket-even-spacing": [2, "either"], - "standard/computed-property-even-spacing": [2, "even"] - } -} diff --git a/node_modules/browserify-aes/.npmignore b/node_modules/browserify-aes/.npmignore deleted file mode 100644 index 65e3ba2ed..000000000 --- a/node_modules/browserify-aes/.npmignore +++ /dev/null @@ -1 +0,0 @@ -test/ diff --git a/node_modules/browserify-aes/.travis.yml b/node_modules/browserify-aes/.travis.yml index eb83acd99..ccbb2b751 100644 --- a/node_modules/browserify-aes/.travis.yml +++ b/node_modules/browserify-aes/.travis.yml @@ -1,6 +1,15 @@ +sudo: false language: node_js node_js: - - "0.11" - - "0.10" - - "0.12" - - "iojs" + - "4" + - "5" + - "6" + - "7" + - "8" +matrix: + include: + - node_js: "7" + env: TEST_SUITE=standard +env: + - TEST_SUITE=unit +script: npm run-script $TEST_SUITE diff --git a/node_modules/browserify-aes/LICENSE b/node_modules/browserify-aes/LICENSE index 924b38b1e..c6e36b5fa 100644 --- a/node_modules/browserify-aes/LICENSE +++ b/node_modules/browserify-aes/LICENSE @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2014-2015 browserify-aes contributors +Copyright (c) 2014-2017 browserify-aes contributors Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/node_modules/browserify-aes/README.md b/node_modules/browserify-aes/README.md new file mode 100644 index 000000000..34fb309f8 --- /dev/null +++ b/node_modules/browserify-aes/README.md @@ -0,0 +1,19 @@ +# browserify-aes +[](https://travis-ci.org/crypto-browserify/browserify-aes) + +Node style aes for use in the browser. +Implements: + + - createCipher + - createCipheriv + - createDecipher + - createDecipheriv + - getCiphers + +In node.js, the `crypto` implementation is used, in browsers it falls back to a pure JavaScript implementation. + +Much of this library has been taken from the aes implementation in [triplesec](https://github.com/keybase/triplesec), a partial derivation of [crypto-js](https://code.google.com/p/crypto-js/). + +`EVP_BytesToKey` is a straight up port of the same function from OpenSSL as there is literally no documenation on it beyond it using 'undocumented extensions' for longer keys. + +## LICENSE [MIT](LICENSE) diff --git a/node_modules/browserify-aes/aes.js b/node_modules/browserify-aes/aes.js index 4829057f1..ca32ab70b 100644 --- a/node_modules/browserify-aes/aes.js +++ b/node_modules/browserify-aes/aes.js @@ -1,65 +1,112 @@ // based on the aes implimentation in triple sec // https://github.com/keybase/triplesec - // which is in turn based on the one from crypto-js // https://code.google.com/p/crypto-js/ -var uint_max = Math.pow(2, 32) -function fixup_uint32 (x) { - var ret, x_pos - ret = x > uint_max || x < 0 ? (x_pos = Math.abs(x) % uint_max, x < 0 ? uint_max - x_pos : x_pos) : x - return ret +var Buffer = require('safe-buffer').Buffer + +function asUInt32Array (buf) { + if (!Buffer.isBuffer(buf)) buf = Buffer.from(buf) + + var len = (buf.length / 4) | 0 + var out = new Array(len) + + for (var i = 0; i < len; i++) { + out[i] = buf.readUInt32BE(i * 4) + } + + return out } -function scrub_vec (v) { + +function scrubVec (v) { for (var i = 0; i < v.length; v++) { v[i] = 0 } - return false } -function Global () { - this.SBOX = [] - this.INV_SBOX = [] - this.SUB_MIX = [[], [], [], []] - this.INV_SUB_MIX = [[], [], [], []] - this.init() - this.RCON = [0x00, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36] +function cryptBlock (M, keySchedule, SUB_MIX, SBOX, nRounds) { + var SUB_MIX0 = SUB_MIX[0] + var SUB_MIX1 = SUB_MIX[1] + var SUB_MIX2 = SUB_MIX[2] + var SUB_MIX3 = SUB_MIX[3] + + var s0 = M[0] ^ keySchedule[0] + var s1 = M[1] ^ keySchedule[1] + var s2 = M[2] ^ keySchedule[2] + var s3 = M[3] ^ keySchedule[3] + var t0, t1, t2, t3 + var ksRow = 4 + + for (var round = 1; round < nRounds; round++) { + t0 = SUB_MIX0[s0 >>> 24] ^ SUB_MIX1[(s1 >>> 16) & 0xff] ^ SUB_MIX2[(s2 >>> 8) & 0xff] ^ SUB_MIX3[s3 & 0xff] ^ keySchedule[ksRow++] + t1 = SUB_MIX0[s1 >>> 24] ^ SUB_MIX1[(s2 >>> 16) & 0xff] ^ SUB_MIX2[(s3 >>> 8) & 0xff] ^ SUB_MIX3[s0 & 0xff] ^ keySchedule[ksRow++] + t2 = SUB_MIX0[s2 >>> 24] ^ SUB_MIX1[(s3 >>> 16) & 0xff] ^ SUB_MIX2[(s0 >>> 8) & 0xff] ^ SUB_MIX3[s1 & 0xff] ^ keySchedule[ksRow++] + t3 = SUB_MIX0[s3 >>> 24] ^ SUB_MIX1[(s0 >>> 16) & 0xff] ^ SUB_MIX2[(s1 >>> 8) & 0xff] ^ SUB_MIX3[s2 & 0xff] ^ keySchedule[ksRow++] + s0 = t0 + s1 = t1 + s2 = t2 + s3 = t3 + } + + t0 = ((SBOX[s0 >>> 24] << 24) | (SBOX[(s1 >>> 16) & 0xff] << 16) | (SBOX[(s2 >>> 8) & 0xff] << 8) | SBOX[s3 & 0xff]) ^ keySchedule[ksRow++] + t1 = ((SBOX[s1 >>> 24] << 24) | (SBOX[(s2 >>> 16) & 0xff] << 16) | (SBOX[(s3 >>> 8) & 0xff] << 8) | SBOX[s0 & 0xff]) ^ keySchedule[ksRow++] + t2 = ((SBOX[s2 >>> 24] << 24) | (SBOX[(s3 >>> 16) & 0xff] << 16) | (SBOX[(s0 >>> 8) & 0xff] << 8) | SBOX[s1 & 0xff]) ^ keySchedule[ksRow++] + t3 = ((SBOX[s3 >>> 24] << 24) | (SBOX[(s0 >>> 16) & 0xff] << 16) | (SBOX[(s1 >>> 8) & 0xff] << 8) | SBOX[s2 & 0xff]) ^ keySchedule[ksRow++] + t0 = t0 >>> 0 + t1 = t1 >>> 0 + t2 = t2 >>> 0 + t3 = t3 >>> 0 + + return [t0, t1, t2, t3] } -Global.prototype.init = function () { - var d, i, sx, t, x, x2, x4, x8, xi, _i - d = (function () { - var _i, _results - _results = [] - for (i = _i = 0; _i < 256; i = ++_i) { - if (i < 128) { - _results.push(i << 1) - } else { - _results.push((i << 1) ^ 0x11b) - } +// AES constants +var RCON = [0x00, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36] +var G = (function () { + // Compute double table + var d = new Array(256) + for (var j = 0; j < 256; j++) { + if (j < 128) { + d[j] = j << 1 + } else { + d[j] = (j << 1) ^ 0x11b } - return _results - })() - x = 0 - xi = 0 - for (i = _i = 0; _i < 256; i = ++_i) { - sx = xi ^ (xi << 1) ^ (xi << 2) ^ (xi << 3) ^ (xi << 4) + } + + var SBOX = [] + var INV_SBOX = [] + var SUB_MIX = [[], [], [], []] + var INV_SUB_MIX = [[], [], [], []] + + // Walk GF(2^8) + var x = 0 + var xi = 0 + for (var i = 0; i < 256; ++i) { + // Compute sbox + var sx = xi ^ (xi << 1) ^ (xi << 2) ^ (xi << 3) ^ (xi << 4) sx = (sx >>> 8) ^ (sx & 0xff) ^ 0x63 - this.SBOX[x] = sx - this.INV_SBOX[sx] = x - x2 = d[x] - x4 = d[x2] - x8 = d[x4] - t = (d[sx] * 0x101) ^ (sx * 0x1010100) - this.SUB_MIX[0][x] = (t << 24) | (t >>> 8) - this.SUB_MIX[1][x] = (t << 16) | (t >>> 16) - this.SUB_MIX[2][x] = (t << 8) | (t >>> 24) - this.SUB_MIX[3][x] = t + SBOX[x] = sx + INV_SBOX[sx] = x + + // Compute multiplication + var x2 = d[x] + var x4 = d[x2] + var x8 = d[x4] + + // Compute sub bytes, mix columns tables + var t = (d[sx] * 0x101) ^ (sx * 0x1010100) + SUB_MIX[0][x] = (t << 24) | (t >>> 8) + SUB_MIX[1][x] = (t << 16) | (t >>> 16) + SUB_MIX[2][x] = (t << 8) | (t >>> 24) + SUB_MIX[3][x] = t + + // Compute inv sub bytes, inv mix columns tables t = (x8 * 0x1010101) ^ (x4 * 0x10001) ^ (x2 * 0x101) ^ (x * 0x1010100) - this.INV_SUB_MIX[0][sx] = (t << 24) | (t >>> 8) - this.INV_SUB_MIX[1][sx] = (t << 16) | (t >>> 16) - this.INV_SUB_MIX[2][sx] = (t << 8) | (t >>> 24) - this.INV_SUB_MIX[3][sx] = t + INV_SUB_MIX[0][sx] = (t << 24) | (t >>> 8) + INV_SUB_MIX[1][sx] = (t << 16) | (t >>> 16) + INV_SUB_MIX[2][sx] = (t << 8) | (t >>> 24) + INV_SUB_MIX[3][sx] = t + if (x === 0) { x = xi = 1 } else { @@ -67,56 +114,87 @@ Global.prototype.init = function () { xi ^= d[d[xi]] } } - return true -} -var G = new Global() + return { + SBOX: SBOX, + INV_SBOX: INV_SBOX, + SUB_MIX: SUB_MIX, + INV_SUB_MIX: INV_SUB_MIX + } +})() -AES.blockSize = 4 * 4 +function AES (key) { + this._key = asUInt32Array(key) + this._reset() +} +AES.blockSize = 4 * 4 +AES.keySize = 256 / 8 AES.prototype.blockSize = AES.blockSize +AES.prototype.keySize = AES.keySize +AES.prototype._reset = function () { + var keyWords = this._key + var keySize = keyWords.length + var nRounds = keySize + 6 + var ksRows = (nRounds + 1) * 4 + + var keySchedule = [] + for (var k = 0; k < keySize; k++) { + keySchedule[k] = keyWords[k] + } -AES.keySize = 256 / 8 + for (k = keySize; k < ksRows; k++) { + var t = keySchedule[k - 1] + + if (k % keySize === 0) { + t = (t << 8) | (t >>> 24) + t = + (G.SBOX[t >>> 24] << 24) | + (G.SBOX[(t >>> 16) & 0xff] << 16) | + (G.SBOX[(t >>> 8) & 0xff] << 8) | + (G.SBOX[t & 0xff]) + + t ^= RCON[(k / keySize) | 0] << 24 + } else if (keySize > 6 && k % keySize === 4) { + t = + (G.SBOX[t >>> 24] << 24) | + (G.SBOX[(t >>> 16) & 0xff] << 16) | + (G.SBOX[(t >>> 8) & 0xff] << 8) | + (G.SBOX[t & 0xff]) + } -AES.prototype.keySize = AES.keySize + keySchedule[k] = keySchedule[k - keySize] ^ t + } -function bufferToArray (buf) { - var len = buf.length / 4 - var out = new Array(len) - var i = -1 - while (++i < len) { - out[i] = buf.readUInt32BE(i * 4) + var invKeySchedule = [] + for (var ik = 0; ik < ksRows; ik++) { + var ksR = ksRows - ik + var tt = keySchedule[ksR - (ik % 4 ? 0 : 4)] + + if (ik < 4 || ksR <= 4) { + invKeySchedule[ik] = tt + } else { + invKeySchedule[ik] = + G.INV_SUB_MIX[0][G.SBOX[tt >>> 24]] ^ + G.INV_SUB_MIX[1][G.SBOX[(tt >>> 16) & 0xff]] ^ + G.INV_SUB_MIX[2][G.SBOX[(tt >>> 8) & 0xff]] ^ + G.INV_SUB_MIX[3][G.SBOX[tt & 0xff]] + } } - return out -} -function AES (key) { - this._key = bufferToArray(key) - this._doReset() + + this._nRounds = nRounds + this._keySchedule = keySchedule + this._invKeySchedule = invKeySchedule } -AES.prototype._doReset = function () { - var invKsRow, keySize, keyWords, ksRow, ksRows, t - keyWords = this._key - keySize = keyWords.length - this._nRounds = keySize + 6 - ksRows = (this._nRounds + 1) * 4 - this._keySchedule = [] - for (ksRow = 0; ksRow < ksRows; ksRow++) { - this._keySchedule[ksRow] = ksRow < keySize ? keyWords[ksRow] : (t = this._keySchedule[ksRow - 1], (ksRow % keySize) === 0 ? (t = (t << 8) | (t >>> 24), t = (G.SBOX[t >>> 24] << 24) | (G.SBOX[(t >>> 16) & 0xff] << 16) | (G.SBOX[(t >>> 8) & 0xff] << 8) | G.SBOX[t & 0xff], t ^= G.RCON[(ksRow / keySize) | 0] << 24) : keySize > 6 && ksRow % keySize === 4 ? t = (G.SBOX[t >>> 24] << 24) | (G.SBOX[(t >>> 16) & 0xff] << 16) | (G.SBOX[(t >>> 8) & 0xff] << 8) | G.SBOX[t & 0xff] : void 0, this._keySchedule[ksRow - keySize] ^ t) - } - this._invKeySchedule = [] - for (invKsRow = 0; invKsRow < ksRows; invKsRow++) { - ksRow = ksRows - invKsRow - t = this._keySchedule[ksRow - (invKsRow % 4 ? 0 : 4)] - this._invKeySchedule[invKsRow] = invKsRow < 4 || ksRow <= 4 ? t : G.INV_SUB_MIX[0][G.SBOX[t >>> 24]] ^ G.INV_SUB_MIX[1][G.SBOX[(t >>> 16) & 0xff]] ^ G.INV_SUB_MIX[2][G.SBOX[(t >>> 8) & 0xff]] ^ G.INV_SUB_MIX[3][G.SBOX[t & 0xff]] - } - return true +AES.prototype.encryptBlockRaw = function (M) { + M = asUInt32Array(M) + return cryptBlock(M, this._keySchedule, G.SUB_MIX, G.SBOX, this._nRounds) } AES.prototype.encryptBlock = function (M) { - M = bufferToArray(new Buffer(M)) - var out = this._doCryptBlock(M, this._keySchedule, G.SUB_MIX, G.SBOX) - var buf = new Buffer(16) + var out = this.encryptBlockRaw(M) + var buf = Buffer.allocUnsafe(16) buf.writeUInt32BE(out[0], 0) buf.writeUInt32BE(out[1], 4) buf.writeUInt32BE(out[2], 8) @@ -125,12 +203,15 @@ AES.prototype.encryptBlock = function (M) { } AES.prototype.decryptBlock = function (M) { - M = bufferToArray(new Buffer(M)) - var temp = [M[3], M[1]] - M[1] = temp[0] - M[3] = temp[1] - var out = this._doCryptBlock(M, this._invKeySchedule, G.INV_SUB_MIX, G.INV_SBOX) - var buf = new Buffer(16) + M = asUInt32Array(M) + + // swap + var m1 = M[1] + M[1] = M[3] + M[3] = m1 + + var out = cryptBlock(M, this._invKeySchedule, G.INV_SUB_MIX, G.INV_SBOX, this._nRounds) + var buf = Buffer.allocUnsafe(16) buf.writeUInt32BE(out[0], 0) buf.writeUInt32BE(out[3], 4) buf.writeUInt32BE(out[2], 8) @@ -139,39 +220,9 @@ AES.prototype.decryptBlock = function (M) { } AES.prototype.scrub = function () { - scrub_vec(this._keySchedule) - scrub_vec(this._invKeySchedule) - scrub_vec(this._key) -} - -AES.prototype._doCryptBlock = function (M, keySchedule, SUB_MIX, SBOX) { - var ksRow, s0, s1, s2, s3, t0, t1, t2, t3 - - s0 = M[0] ^ keySchedule[0] - s1 = M[1] ^ keySchedule[1] - s2 = M[2] ^ keySchedule[2] - s3 = M[3] ^ keySchedule[3] - ksRow = 4 - for (var round = 1; round < this._nRounds; round++) { - t0 = SUB_MIX[0][s0 >>> 24] ^ SUB_MIX[1][(s1 >>> 16) & 0xff] ^ SUB_MIX[2][(s2 >>> 8) & 0xff] ^ SUB_MIX[3][s3 & 0xff] ^ keySchedule[ksRow++] - t1 = SUB_MIX[0][s1 >>> 24] ^ SUB_MIX[1][(s2 >>> 16) & 0xff] ^ SUB_MIX[2][(s3 >>> 8) & 0xff] ^ SUB_MIX[3][s0 & 0xff] ^ keySchedule[ksRow++] - t2 = SUB_MIX[0][s2 >>> 24] ^ SUB_MIX[1][(s3 >>> 16) & 0xff] ^ SUB_MIX[2][(s0 >>> 8) & 0xff] ^ SUB_MIX[3][s1 & 0xff] ^ keySchedule[ksRow++] - t3 = SUB_MIX[0][s3 >>> 24] ^ SUB_MIX[1][(s0 >>> 16) & 0xff] ^ SUB_MIX[2][(s1 >>> 8) & 0xff] ^ SUB_MIX[3][s2 & 0xff] ^ keySchedule[ksRow++] - s0 = t0 - s1 = t1 - s2 = t2 - s3 = t3 - } - t0 = ((SBOX[s0 >>> 24] << 24) | (SBOX[(s1 >>> 16) & 0xff] << 16) | (SBOX[(s2 >>> 8) & 0xff] << 8) | SBOX[s3 & 0xff]) ^ keySchedule[ksRow++] - t1 = ((SBOX[s1 >>> 24] << 24) | (SBOX[(s2 >>> 16) & 0xff] << 16) | (SBOX[(s3 >>> 8) & 0xff] << 8) | SBOX[s0 & 0xff]) ^ keySchedule[ksRow++] - t2 = ((SBOX[s2 >>> 24] << 24) | (SBOX[(s3 >>> 16) & 0xff] << 16) | (SBOX[(s0 >>> 8) & 0xff] << 8) | SBOX[s1 & 0xff]) ^ keySchedule[ksRow++] - t3 = ((SBOX[s3 >>> 24] << 24) | (SBOX[(s0 >>> 16) & 0xff] << 16) | (SBOX[(s1 >>> 8) & 0xff] << 8) | SBOX[s2 & 0xff]) ^ keySchedule[ksRow++] - return [ - fixup_uint32(t0), - fixup_uint32(t1), - fixup_uint32(t2), - fixup_uint32(t3) - ] + scrubVec(this._keySchedule) + scrubVec(this._invKeySchedule) + scrubVec(this._key) } -exports.AES = AES +module.exports.AES = AES diff --git a/node_modules/browserify-aes/authCipher.js b/node_modules/browserify-aes/authCipher.js index 1107a01a5..c6e8a76cb 100644 --- a/node_modules/browserify-aes/authCipher.js +++ b/node_modules/browserify-aes/authCipher.js @@ -1,42 +1,79 @@ var aes = require('./aes') +var Buffer = require('safe-buffer').Buffer var Transform = require('cipher-base') var inherits = require('inherits') var GHASH = require('./ghash') var xor = require('buffer-xor') -inherits(StreamCipher, Transform) -module.exports = StreamCipher +var incr32 = require('./incr32') -function StreamCipher (mode, key, iv, decrypt) { - if (!(this instanceof StreamCipher)) { - return new StreamCipher(mode, key, iv) +function xorTest (a, b) { + var out = 0 + if (a.length !== b.length) out++ + + var len = Math.min(a.length, b.length) + for (var i = 0; i < len; ++i) { + out += (a[i] ^ b[i]) + } + + return out +} + +function calcIv (self, iv, ck) { + if (iv.length === 12) { + self._finID = Buffer.concat([iv, Buffer.from([0, 0, 0, 1])]) + return Buffer.concat([iv, Buffer.from([0, 0, 0, 2])]) + } + var ghash = new GHASH(ck) + var len = iv.length + var toPad = len % 16 + ghash.update(iv) + if (toPad) { + toPad = 16 - toPad + ghash.update(Buffer.alloc(toPad, 0)) } + ghash.update(Buffer.alloc(8, 0)) + var ivBits = len * 8 + var tail = Buffer.alloc(8) + tail.writeUIntBE(ivBits, 0, 8) + ghash.update(tail) + self._finID = ghash.state + var out = Buffer.from(self._finID) + incr32(out) + return out +} +function StreamCipher (mode, key, iv, decrypt) { Transform.call(this) - this._finID = Buffer.concat([iv, new Buffer([0, 0, 0, 1])]) - iv = Buffer.concat([iv, new Buffer([0, 0, 0, 2])]) + + var h = Buffer.alloc(4, 0) + this._cipher = new aes.AES(key) - this._prev = new Buffer(iv.length) - this._cache = new Buffer('') - this._secCache = new Buffer('') + var ck = this._cipher.encryptBlock(h) + this._ghash = new GHASH(ck) + iv = calcIv(this, iv, ck) + + this._prev = Buffer.from(iv) + this._cache = Buffer.allocUnsafe(0) + this._secCache = Buffer.allocUnsafe(0) this._decrypt = decrypt this._alen = 0 this._len = 0 - iv.copy(this._prev) this._mode = mode - var h = new Buffer(4) - h.fill(0) - this._ghash = new GHASH(this._cipher.encryptBlock(h)) + this._authTag = null this._called = false } + +inherits(StreamCipher, Transform) + StreamCipher.prototype._update = function (chunk) { if (!this._called && this._alen) { var rump = 16 - (this._alen % 16) if (rump < 16) { - rump = new Buffer(rump) - rump.fill(0) + rump = Buffer.alloc(rump, 0) this._ghash.update(rump) } } + this._called = true var out = this._mode.encrypt(this, chunk) if (this._decrypt) { @@ -47,51 +84,34 @@ StreamCipher.prototype._update = function (chunk) { this._len += chunk.length return out } + StreamCipher.prototype._final = function () { - if (this._decrypt && !this._authTag) { - throw new Error('Unsupported state or unable to authenticate data') - } + if (this._decrypt && !this._authTag) throw new Error('Unsupported state or unable to authenticate data') + var tag = xor(this._ghash.final(this._alen * 8, this._len * 8), this._cipher.encryptBlock(this._finID)) - if (this._decrypt) { - if (xorTest(tag, this._authTag)) { - throw new Error('Unsupported state or unable to authenticate data') - } - } else { - this._authTag = tag - } + if (this._decrypt && xorTest(tag, this._authTag)) throw new Error('Unsupported state or unable to authenticate data') + + this._authTag = tag this._cipher.scrub() } + StreamCipher.prototype.getAuthTag = function getAuthTag () { - if (!this._decrypt && Buffer.isBuffer(this._authTag)) { - return this._authTag - } else { - throw new Error('Attempting to get auth tag in unsupported state') - } + if (this._decrypt || !Buffer.isBuffer(this._authTag)) throw new Error('Attempting to get auth tag in unsupported state') + + return this._authTag } + StreamCipher.prototype.setAuthTag = function setAuthTag (tag) { - if (this._decrypt) { - this._authTag = tag - } else { - throw new Error('Attempting to set auth tag in unsupported state') - } + if (!this._decrypt) throw new Error('Attempting to set auth tag in unsupported state') + + this._authTag = tag } + StreamCipher.prototype.setAAD = function setAAD (buf) { - if (!this._called) { - this._ghash.update(buf) - this._alen += buf.length - } else { - throw new Error('Attempting to set AAD in unsupported state') - } -} -function xorTest (a, b) { - var out = 0 - if (a.length !== b.length) { - out++ - } - var len = Math.min(a.length, b.length) - var i = -1 - while (++i < len) { - out += (a[i] ^ b[i]) - } - return out + if (this._called) throw new Error('Attempting to set AAD in unsupported state') + + this._ghash.update(buf) + this._alen += buf.length } + +module.exports = StreamCipher diff --git a/node_modules/browserify-aes/browser.js b/node_modules/browserify-aes/browser.js index a058a84d1..d47a5f69c 100644 --- a/node_modules/browserify-aes/browser.js +++ b/node_modules/browserify-aes/browser.js @@ -1,11 +1,13 @@ var ciphers = require('./encrypter') -exports.createCipher = exports.Cipher = ciphers.createCipher -exports.createCipheriv = exports.Cipheriv = ciphers.createCipheriv var deciphers = require('./decrypter') -exports.createDecipher = exports.Decipher = deciphers.createDecipher -exports.createDecipheriv = exports.Decipheriv = deciphers.createDecipheriv -var modes = require('./modes') +var modes = require('./modes/list.json') + function getCiphers () { return Object.keys(modes) } + +exports.createCipher = exports.Cipher = ciphers.createCipher +exports.createCipheriv = exports.Cipheriv = ciphers.createCipheriv +exports.createDecipher = exports.Decipher = deciphers.createDecipher +exports.createDecipheriv = exports.Decipheriv = deciphers.createDecipheriv exports.listCiphers = exports.getCiphers = getCiphers diff --git a/node_modules/browserify-aes/decrypter.js b/node_modules/browserify-aes/decrypter.js index b7b8bb02b..d752033e9 100644 --- a/node_modules/browserify-aes/decrypter.js +++ b/node_modules/browserify-aes/decrypter.js @@ -1,25 +1,25 @@ -var aes = require('./aes') -var Transform = require('cipher-base') -var inherits = require('inherits') -var modes = require('./modes') -var StreamCipher = require('./streamCipher') var AuthCipher = require('./authCipher') +var Buffer = require('safe-buffer').Buffer +var MODES = require('./modes') +var StreamCipher = require('./streamCipher') +var Transform = require('cipher-base') +var aes = require('./aes') var ebtk = require('evp_bytestokey') +var inherits = require('inherits') -inherits(Decipher, Transform) function Decipher (mode, key, iv) { - if (!(this instanceof Decipher)) { - return new Decipher(mode, key, iv) - } Transform.call(this) + this._cache = new Splitter() this._last = void 0 this._cipher = new aes.AES(key) - this._prev = new Buffer(iv.length) - iv.copy(this._prev) + this._prev = Buffer.from(iv) this._mode = mode this._autopadding = true } + +inherits(Decipher, Transform) + Decipher.prototype._update = function (data) { this._cache.add(data) var chunk @@ -31,6 +31,7 @@ Decipher.prototype._update = function (data) { } return Buffer.concat(out) } + Decipher.prototype._final = function () { var chunk = this._cache.flush() if (this._autopadding) { @@ -39,16 +40,16 @@ Decipher.prototype._final = function () { throw new Error('data not multiple of block length') } } + Decipher.prototype.setAutoPadding = function (setTo) { this._autopadding = !!setTo return this } + function Splitter () { - if (!(this instanceof Splitter)) { - return new Splitter() - } - this.cache = new Buffer('') + this.cache = Buffer.allocUnsafe(0) } + Splitter.prototype.add = function (data) { this.cache = Buffer.concat([this.cache, data]) } @@ -68,13 +69,14 @@ Splitter.prototype.get = function (autoPadding) { return out } } + return null } + Splitter.prototype.flush = function () { - if (this.cache.length) { - return this.cache - } + if (this.cache.length) return this.cache } + function unpad (last) { var padded = last[15] var i = -1 @@ -83,55 +85,37 @@ function unpad (last) { throw new Error('unable to decrypt data') } } - if (padded === 16) { - return - } - return last.slice(0, 16 - padded) -} + if (padded === 16) return -var modelist = { - ECB: require('./modes/ecb'), - CBC: require('./modes/cbc'), - CFB: require('./modes/cfb'), - CFB8: require('./modes/cfb8'), - CFB1: require('./modes/cfb1'), - OFB: require('./modes/ofb'), - CTR: require('./modes/ctr'), - GCM: require('./modes/ctr') + return last.slice(0, 16 - padded) } function createDecipheriv (suite, password, iv) { - var config = modes[suite.toLowerCase()] - if (!config) { - throw new TypeError('invalid suite type') - } - if (typeof iv === 'string') { - iv = new Buffer(iv) - } - if (typeof password === 'string') { - password = new Buffer(password) - } - if (password.length !== config.key / 8) { - throw new TypeError('invalid key length ' + password.length) - } - if (iv.length !== config.iv) { - throw new TypeError('invalid iv length ' + iv.length) - } + var config = MODES[suite.toLowerCase()] + if (!config) throw new TypeError('invalid suite type') + + if (typeof iv === 'string') iv = Buffer.from(iv) + if (config.mode !== 'GCM' && iv.length !== config.iv) throw new TypeError('invalid iv length ' + iv.length) + + if (typeof password === 'string') password = Buffer.from(password) + if (password.length !== config.key / 8) throw new TypeError('invalid key length ' + password.length) + if (config.type === 'stream') { - return new StreamCipher(modelist[config.mode], password, iv, true) + return new StreamCipher(config.module, password, iv, true) } else if (config.type === 'auth') { - return new AuthCipher(modelist[config.mode], password, iv, true) + return new AuthCipher(config.module, password, iv, true) } - return new Decipher(modelist[config.mode], password, iv) + + return new Decipher(config.module, password, iv) } function createDecipher (suite, password) { - var config = modes[suite.toLowerCase()] - if (!config) { - throw new TypeError('invalid suite type') - } + var config = MODES[suite.toLowerCase()] + if (!config) throw new TypeError('invalid suite type') + var keys = ebtk(password, false, config.key, config.iv) return createDecipheriv(suite, keys.key, keys.iv) } + exports.createDecipher = createDecipher exports.createDecipheriv = createDecipheriv diff --git a/node_modules/browserify-aes/encrypter.js b/node_modules/browserify-aes/encrypter.js index 3d3f561e3..0c4c58bc0 100644 --- a/node_modules/browserify-aes/encrypter.js +++ b/node_modules/browserify-aes/encrypter.js @@ -1,56 +1,63 @@ -var aes = require('./aes') +var MODES = require('./modes') +var AuthCipher = require('./authCipher') +var Buffer = require('safe-buffer').Buffer +var StreamCipher = require('./streamCipher') var Transform = require('cipher-base') -var inherits = require('inherits') -var modes = require('./modes') +var aes = require('./aes') var ebtk = require('evp_bytestokey') -var StreamCipher = require('./streamCipher') -var AuthCipher = require('./authCipher') -inherits(Cipher, Transform) +var inherits = require('inherits') + function Cipher (mode, key, iv) { - if (!(this instanceof Cipher)) { - return new Cipher(mode, key, iv) - } Transform.call(this) + this._cache = new Splitter() this._cipher = new aes.AES(key) - this._prev = new Buffer(iv.length) - iv.copy(this._prev) + this._prev = Buffer.from(iv) this._mode = mode this._autopadding = true } + +inherits(Cipher, Transform) + Cipher.prototype._update = function (data) { this._cache.add(data) var chunk var thing var out = [] + while ((chunk = this._cache.get())) { thing = this._mode.encrypt(this, chunk) out.push(thing) } + return Buffer.concat(out) } + +var PADDING = Buffer.alloc(16, 0x10) + Cipher.prototype._final = function () { var chunk = this._cache.flush() if (this._autopadding) { chunk = this._mode.encrypt(this, chunk) this._cipher.scrub() return chunk - } else if (chunk.toString('hex') !== '10101010101010101010101010101010') { + } + + if (!chunk.equals(PADDING)) { this._cipher.scrub() throw new Error('data not multiple of block length') } } + Cipher.prototype.setAutoPadding = function (setTo) { this._autopadding = !!setTo return this } function Splitter () { - if (!(this instanceof Splitter)) { - return new Splitter() - } - this.cache = new Buffer('') + this.cache = Buffer.allocUnsafe(0) } + Splitter.prototype.add = function (data) { this.cache = Buffer.concat([this.cache, data]) } @@ -63,57 +70,42 @@ Splitter.prototype.get = function () { } return null } + Splitter.prototype.flush = function () { var len = 16 - this.cache.length - var padBuff = new Buffer(len) + var padBuff = Buffer.allocUnsafe(len) var i = -1 while (++i < len) { padBuff.writeUInt8(len, i) } - var out = Buffer.concat([this.cache, padBuff]) - return out -} -var modelist = { - ECB: require('./modes/ecb'), - CBC: require('./modes/cbc'), - CFB: require('./modes/cfb'), - CFB8: require('./modes/cfb8'), - CFB1: require('./modes/cfb1'), - OFB: require('./modes/ofb'), - CTR: require('./modes/ctr'), - GCM: require('./modes/ctr') + + return Buffer.concat([this.cache, padBuff]) } function createCipheriv (suite, password, iv) { - var config = modes[suite.toLowerCase()] - if (!config) { - throw new TypeError('invalid suite type') - } - if (typeof iv === 'string') { - iv = new Buffer(iv) - } - if (typeof password === 'string') { - password = new Buffer(password) - } - if (password.length !== config.key / 8) { - throw new TypeError('invalid key length ' + password.length) - } - if (iv.length !== config.iv) { - throw new TypeError('invalid iv length ' + iv.length) - } + var config = MODES[suite.toLowerCase()] + if (!config) throw new TypeError('invalid suite type') + + if (typeof password === 'string') password = Buffer.from(password) + if (password.length !== config.key / 8) throw new TypeError('invalid key length ' + password.length) + + if (typeof iv === 'string') iv = Buffer.from(iv) + if (config.mode !== 'GCM' && iv.length !== config.iv) throw new TypeError('invalid iv length ' + iv.length) + if (config.type === 'stream') { - return new StreamCipher(modelist[config.mode], password, iv) + return new StreamCipher(config.module, password, iv) } else if (config.type === 'auth') { - return new AuthCipher(modelist[config.mode], password, iv) + return new AuthCipher(config.module, password, iv) } - return new Cipher(modelist[config.mode], password, iv) + + return new Cipher(config.module, password, iv) } + function createCipher (suite, password) { - var config = modes[suite.toLowerCase()] - if (!config) { - throw new TypeError('invalid suite type') - } + var config = MODES[suite.toLowerCase()] + if (!config) throw new TypeError('invalid suite type') + var keys = ebtk(password, false, config.key, config.iv) return createCipheriv(suite, keys.key, keys.iv) } diff --git a/node_modules/browserify-aes/ghash.js b/node_modules/browserify-aes/ghash.js index 0ca143cd7..26bfeddd2 100644 --- a/node_modules/browserify-aes/ghash.js +++ b/node_modules/browserify-aes/ghash.js @@ -1,12 +1,30 @@ -var zeros = new Buffer(16) -zeros.fill(0) -module.exports = GHASH +var Buffer = require('safe-buffer').Buffer +var ZEROES = Buffer.alloc(16, 0) + +function toArray (buf) { + return [ + buf.readUInt32BE(0), + buf.readUInt32BE(4), + buf.readUInt32BE(8), + buf.readUInt32BE(12) + ] +} + +function fromArray (out) { + var buf = Buffer.allocUnsafe(16) + buf.writeUInt32BE(out[0] >>> 0, 0) + buf.writeUInt32BE(out[1] >>> 0, 4) + buf.writeUInt32BE(out[2] >>> 0, 8) + buf.writeUInt32BE(out[3] >>> 0, 12) + return buf +} + function GHASH (key) { this.h = key - this.state = new Buffer(16) - this.state.fill(0) - this.cache = new Buffer('') + this.state = Buffer.alloc(16, 0) + this.cache = Buffer.allocUnsafe(0) } + // from http://bitwiseshiftleft.github.io/sjcl/doc/symbols/src/core_gcm.js.html // by Juho Vähä-Herttua GHASH.prototype.ghash = function (block) { @@ -20,17 +38,20 @@ GHASH.prototype.ghash = function (block) { GHASH.prototype._multiply = function () { var Vi = toArray(this.h) var Zi = [0, 0, 0, 0] - var j, xi, lsb_Vi + var j, xi, lsbVi var i = -1 while (++i < 128) { - xi = (this.state[~~(i / 8)] & (1 << (7 - i % 8))) !== 0 + xi = (this.state[~~(i / 8)] & (1 << (7 - (i % 8)))) !== 0 if (xi) { // Z_i+1 = Z_i ^ V_i - Zi = xor(Zi, Vi) + Zi[0] ^= Vi[0] + Zi[1] ^= Vi[1] + Zi[2] ^= Vi[2] + Zi[3] ^= Vi[3] } // Store the value of LSB(V_i) - lsb_Vi = (Vi[3] & 1) !== 0 + lsbVi = (Vi[3] & 1) !== 0 // V_i+1 = V_i >> 1 for (j = 3; j > 0; j--) { @@ -39,12 +60,13 @@ GHASH.prototype._multiply = function () { Vi[0] = Vi[0] >>> 1 // If LSB(V_i) is 1, V_i+1 = (V_i >> 1) ^ R - if (lsb_Vi) { + if (lsbVi) { Vi[0] = Vi[0] ^ (0xe1 << 24) } } this.state = fromArray(Zi) } + GHASH.prototype.update = function (buf) { this.cache = Buffer.concat([this.cache, buf]) var chunk @@ -54,45 +76,14 @@ GHASH.prototype.update = function (buf) { this.ghash(chunk) } } + GHASH.prototype.final = function (abl, bl) { if (this.cache.length) { - this.ghash(Buffer.concat([this.cache, zeros], 16)) + this.ghash(Buffer.concat([this.cache, ZEROES], 16)) } - this.ghash(fromArray([ - 0, abl, - 0, bl - ])) + + this.ghash(fromArray([0, abl, 0, bl])) return this.state } -function toArray (buf) { - return [ - buf.readUInt32BE(0), - buf.readUInt32BE(4), - buf.readUInt32BE(8), - buf.readUInt32BE(12) - ] -} -function fromArray (out) { - out = out.map(fixup_uint32) - var buf = new Buffer(16) - buf.writeUInt32BE(out[0], 0) - buf.writeUInt32BE(out[1], 4) - buf.writeUInt32BE(out[2], 8) - buf.writeUInt32BE(out[3], 12) - return buf -} -var uint_max = Math.pow(2, 32) -function fixup_uint32 (x) { - var ret, x_pos - ret = x > uint_max || x < 0 ? (x_pos = Math.abs(x) % uint_max, x < 0 ? uint_max - x_pos : x_pos) : x - return ret -} -function xor (a, b) { - return [ - a[0] ^ b[0], - a[1] ^ b[1], - a[2] ^ b[2], - a[3] ^ b[3] - ] -} +module.exports = GHASH diff --git a/node_modules/browserify-aes/incr32.js b/node_modules/browserify-aes/incr32.js new file mode 100644 index 000000000..c1a90893b --- /dev/null +++ b/node_modules/browserify-aes/incr32.js @@ -0,0 +1,15 @@ +function incr32 (iv) { + var len = iv.length + var item + while (len--) { + item = iv.readUInt8(len) + if (item === 255) { + iv.writeUInt8(0, len) + } else { + item++ + iv.writeUInt8(item, len) + break + } + } +} +module.exports = incr32 diff --git a/node_modules/browserify-aes/modes.js b/node_modules/browserify-aes/modes.js deleted file mode 100644 index c070086dc..000000000 --- a/node_modules/browserify-aes/modes.js +++ /dev/null @@ -1,171 +0,0 @@ -exports['aes-128-ecb'] = { - cipher: 'AES', - key: 128, - iv: 0, - mode: 'ECB', - type: 'block' -} -exports['aes-192-ecb'] = { - cipher: 'AES', - key: 192, - iv: 0, - mode: 'ECB', - type: 'block' -} -exports['aes-256-ecb'] = { - cipher: 'AES', - key: 256, - iv: 0, - mode: 'ECB', - type: 'block' -} -exports['aes-128-cbc'] = { - cipher: 'AES', - key: 128, - iv: 16, - mode: 'CBC', - type: 'block' -} -exports['aes-192-cbc'] = { - cipher: 'AES', - key: 192, - iv: 16, - mode: 'CBC', - type: 'block' -} -exports['aes-256-cbc'] = { - cipher: 'AES', - key: 256, - iv: 16, - mode: 'CBC', - type: 'block' -} -exports['aes128'] = exports['aes-128-cbc'] -exports['aes192'] = exports['aes-192-cbc'] -exports['aes256'] = exports['aes-256-cbc'] -exports['aes-128-cfb'] = { - cipher: 'AES', - key: 128, - iv: 16, - mode: 'CFB', - type: 'stream' -} -exports['aes-192-cfb'] = { - cipher: 'AES', - key: 192, - iv: 16, - mode: 'CFB', - type: 'stream' -} -exports['aes-256-cfb'] = { - cipher: 'AES', - key: 256, - iv: 16, - mode: 'CFB', - type: 'stream' -} -exports['aes-128-cfb8'] = { - cipher: 'AES', - key: 128, - iv: 16, - mode: 'CFB8', - type: 'stream' -} -exports['aes-192-cfb8'] = { - cipher: 'AES', - key: 192, - iv: 16, - mode: 'CFB8', - type: 'stream' -} -exports['aes-256-cfb8'] = { - cipher: 'AES', - key: 256, - iv: 16, - mode: 'CFB8', - type: 'stream' -} -exports['aes-128-cfb1'] = { - cipher: 'AES', - key: 128, - iv: 16, - mode: 'CFB1', - type: 'stream' -} -exports['aes-192-cfb1'] = { - cipher: 'AES', - key: 192, - iv: 16, - mode: 'CFB1', - type: 'stream' -} -exports['aes-256-cfb1'] = { - cipher: 'AES', - key: 256, - iv: 16, - mode: 'CFB1', - type: 'stream' -} -exports['aes-128-ofb'] = { - cipher: 'AES', - key: 128, - iv: 16, - mode: 'OFB', - type: 'stream' -} -exports['aes-192-ofb'] = { - cipher: 'AES', - key: 192, - iv: 16, - mode: 'OFB', - type: 'stream' -} -exports['aes-256-ofb'] = { - cipher: 'AES', - key: 256, - iv: 16, - mode: 'OFB', - type: 'stream' -} -exports['aes-128-ctr'] = { - cipher: 'AES', - key: 128, - iv: 16, - mode: 'CTR', - type: 'stream' -} -exports['aes-192-ctr'] = { - cipher: 'AES', - key: 192, - iv: 16, - mode: 'CTR', - type: 'stream' -} -exports['aes-256-ctr'] = { - cipher: 'AES', - key: 256, - iv: 16, - mode: 'CTR', - type: 'stream' -} -exports['aes-128-gcm'] = { - cipher: 'AES', - key: 128, - iv: 12, - mode: 'GCM', - type: 'auth' -} -exports['aes-192-gcm'] = { - cipher: 'AES', - key: 192, - iv: 12, - mode: 'GCM', - type: 'auth' -} -exports['aes-256-gcm'] = { - cipher: 'AES', - key: 256, - iv: 12, - mode: 'GCM', - type: 'auth' -} diff --git a/node_modules/browserify-aes/modes/cfb.js b/node_modules/browserify-aes/modes/cfb.js index 0bfe4fab8..03b2ee9c5 100644 --- a/node_modules/browserify-aes/modes/cfb.js +++ b/node_modules/browserify-aes/modes/cfb.js @@ -1,13 +1,22 @@ +var Buffer = require('safe-buffer').Buffer var xor = require('buffer-xor') +function encryptStart (self, data, decrypt) { + var len = data.length + var out = xor(data, self._cache) + self._cache = self._cache.slice(len) + self._prev = Buffer.concat([self._prev, decrypt ? data : out]) + return out +} + exports.encrypt = function (self, data, decrypt) { - var out = new Buffer('') + var out = Buffer.allocUnsafe(0) var len while (data.length) { if (self._cache.length === 0) { self._cache = self._cipher.encryptBlock(self._prev) - self._prev = new Buffer('') + self._prev = Buffer.allocUnsafe(0) } if (self._cache.length <= data.length) { @@ -22,10 +31,3 @@ exports.encrypt = function (self, data, decrypt) { return out } -function encryptStart (self, data, decrypt) { - var len = data.length - var out = xor(data, self._cache) - self._cache = self._cache.slice(len) - self._prev = Buffer.concat([self._prev, decrypt ? data : out]) - return out -} diff --git a/node_modules/browserify-aes/modes/cfb1.js b/node_modules/browserify-aes/modes/cfb1.js index 335542e20..0ed136637 100644 --- a/node_modules/browserify-aes/modes/cfb1.js +++ b/node_modules/browserify-aes/modes/cfb1.js @@ -1,3 +1,5 @@ +var Buffer = require('safe-buffer').Buffer + function encryptByte (self, byteParam, decrypt) { var pad var i = -1 @@ -13,22 +15,28 @@ function encryptByte (self, byteParam, decrypt) { } return out } -exports.encrypt = function (self, chunk, decrypt) { - var len = chunk.length - var out = new Buffer(len) + +function shiftIn (buffer, value) { + var len = buffer.length var i = -1 + var out = Buffer.allocUnsafe(buffer.length) + buffer = Buffer.concat([buffer, Buffer.from([value])]) + while (++i < len) { - out[i] = encryptByte(self, chunk[i], decrypt) + out[i] = buffer[i] << 1 | buffer[i + 1] >> (7) } + return out } -function shiftIn (buffer, value) { - var len = buffer.length + +exports.encrypt = function (self, chunk, decrypt) { + var len = chunk.length + var out = Buffer.allocUnsafe(len) var i = -1 - var out = new Buffer(buffer.length) - buffer = Buffer.concat([buffer, new Buffer([value])]) + while (++i < len) { - out[i] = buffer[i] << 1 | buffer[i + 1] >> (7) + out[i] = encryptByte(self, chunk[i], decrypt) } + return out } diff --git a/node_modules/browserify-aes/modes/cfb8.js b/node_modules/browserify-aes/modes/cfb8.js index c967a959f..c0708f958 100644 --- a/node_modules/browserify-aes/modes/cfb8.js +++ b/node_modules/browserify-aes/modes/cfb8.js @@ -1,15 +1,25 @@ +var Buffer = require('safe-buffer').Buffer + function encryptByte (self, byteParam, decrypt) { var pad = self._cipher.encryptBlock(self._prev) var out = pad[0] ^ byteParam - self._prev = Buffer.concat([self._prev.slice(1), new Buffer([decrypt ? byteParam : out])]) + + self._prev = Buffer.concat([ + self._prev.slice(1), + Buffer.from([decrypt ? byteParam : out]) + ]) + return out } + exports.encrypt = function (self, chunk, decrypt) { var len = chunk.length - var out = new Buffer(len) + var out = Buffer.allocUnsafe(len) var i = -1 + while (++i < len) { out[i] = encryptByte(self, chunk[i], decrypt) } + return out } diff --git a/node_modules/browserify-aes/modes/ctr.js b/node_modules/browserify-aes/modes/ctr.js index 0ef2278bf..e68f13c2f 100644 --- a/node_modules/browserify-aes/modes/ctr.js +++ b/node_modules/browserify-aes/modes/ctr.js @@ -1,29 +1,28 @@ var xor = require('buffer-xor') - -function incr32 (iv) { - var len = iv.length - var item - while (len--) { - item = iv.readUInt8(len) - if (item === 255) { - iv.writeUInt8(0, len) - } else { - item++ - iv.writeUInt8(item, len) - break - } - } -} +var Buffer = require('safe-buffer').Buffer +var incr32 = require('../incr32') function getBlock (self) { - var out = self._cipher.encryptBlock(self._prev) + var out = self._cipher.encryptBlockRaw(self._prev) incr32(self._prev) return out } +var blockSize = 16 exports.encrypt = function (self, chunk) { - while (self._cache.length < chunk.length) { - self._cache = Buffer.concat([self._cache, getBlock(self)]) + var chunkNum = Math.ceil(chunk.length / blockSize) + var start = self._cache.length + self._cache = Buffer.concat([ + self._cache, + Buffer.allocUnsafe(chunkNum * blockSize) + ]) + for (var i = 0; i < chunkNum; i++) { + var out = getBlock(self) + var offset = start + i * blockSize + self._cache.writeUInt32BE(out[0], offset + 0) + self._cache.writeUInt32BE(out[1], offset + 4) + self._cache.writeUInt32BE(out[2], offset + 8) + self._cache.writeUInt32BE(out[3], offset + 12) } var pad = self._cache.slice(0, chunk.length) self._cache = self._cache.slice(chunk.length) diff --git a/node_modules/browserify-aes/modes/ecb.js b/node_modules/browserify-aes/modes/ecb.js index 4dd97e7df..49dfb1e22 100644 --- a/node_modules/browserify-aes/modes/ecb.js +++ b/node_modules/browserify-aes/modes/ecb.js @@ -1,6 +1,7 @@ exports.encrypt = function (self, block) { return self._cipher.encryptBlock(block) } + exports.decrypt = function (self, block) { return self._cipher.decryptBlock(block) } diff --git a/node_modules/browserify-aes/modes/index.js b/node_modules/browserify-aes/modes/index.js new file mode 100644 index 000000000..767d6cb99 --- /dev/null +++ b/node_modules/browserify-aes/modes/index.js @@ -0,0 +1,18 @@ +var modeModules = { + ECB: require('./ecb'), + CBC: require('./cbc'), + CFB: require('./cfb'), + CFB8: require('./cfb8'), + CFB1: require('./cfb1'), + OFB: require('./ofb'), + CTR: require('./ctr'), + GCM: require('./ctr') +} + +var modes = require('./list.json') + +for (var key in modes) { + modes[key].module = modeModules[modes[key].mode] +} + +module.exports = modes diff --git a/node_modules/browserify-aes/modes/list.json b/node_modules/browserify-aes/modes/list.json new file mode 100644 index 000000000..33de25bda --- /dev/null +++ b/node_modules/browserify-aes/modes/list.json @@ -0,0 +1,191 @@ +{ + "aes-128-ecb": { + "cipher": "AES", + "key": 128, + "iv": 0, + "mode": "ECB", + "type": "block" + }, + "aes-192-ecb": { + "cipher": "AES", + "key": 192, + "iv": 0, + "mode": "ECB", + "type": "block" + }, + "aes-256-ecb": { + "cipher": "AES", + "key": 256, + "iv": 0, + "mode": "ECB", + "type": "block" + }, + "aes-128-cbc": { + "cipher": "AES", + "key": 128, + "iv": 16, + "mode": "CBC", + "type": "block" + }, + "aes-192-cbc": { + "cipher": "AES", + "key": 192, + "iv": 16, + "mode": "CBC", + "type": "block" + }, + "aes-256-cbc": { + "cipher": "AES", + "key": 256, + "iv": 16, + "mode": "CBC", + "type": "block" + }, + "aes128": { + "cipher": "AES", + "key": 128, + "iv": 16, + "mode": "CBC", + "type": "block" + }, + "aes192": { + "cipher": "AES", + "key": 192, + "iv": 16, + "mode": "CBC", + "type": "block" + }, + "aes256": { + "cipher": "AES", + "key": 256, + "iv": 16, + "mode": "CBC", + "type": "block" + }, + "aes-128-cfb": { + "cipher": "AES", + "key": 128, + "iv": 16, + "mode": "CFB", + "type": "stream" + }, + "aes-192-cfb": { + "cipher": "AES", + "key": 192, + "iv": 16, + "mode": "CFB", + "type": "stream" + }, + "aes-256-cfb": { + "cipher": "AES", + "key": 256, + "iv": 16, + "mode": "CFB", + "type": "stream" + }, + "aes-128-cfb8": { + "cipher": "AES", + "key": 128, + "iv": 16, + "mode": "CFB8", + "type": "stream" + }, + "aes-192-cfb8": { + "cipher": "AES", + "key": 192, + "iv": 16, + "mode": "CFB8", + "type": "stream" + }, + "aes-256-cfb8": { + "cipher": "AES", + "key": 256, + "iv": 16, + "mode": "CFB8", + "type": "stream" + }, + "aes-128-cfb1": { + "cipher": "AES", + "key": 128, + "iv": 16, + "mode": "CFB1", + "type": "stream" + }, + "aes-192-cfb1": { + "cipher": "AES", + "key": 192, + "iv": 16, + "mode": "CFB1", + "type": "stream" + }, + "aes-256-cfb1": { + "cipher": "AES", + "key": 256, + "iv": 16, + "mode": "CFB1", + "type": "stream" + }, + "aes-128-ofb": { + "cipher": "AES", + "key": 128, + "iv": 16, + "mode": "OFB", + "type": "stream" + }, + "aes-192-ofb": { + "cipher": "AES", + "key": 192, + "iv": 16, + "mode": "OFB", + "type": "stream" + }, + "aes-256-ofb": { + "cipher": "AES", + "key": 256, + "iv": 16, + "mode": "OFB", + "type": "stream" + }, + "aes-128-ctr": { + "cipher": "AES", + "key": 128, + "iv": 16, + "mode": "CTR", + "type": "stream" + }, + "aes-192-ctr": { + "cipher": "AES", + "key": 192, + "iv": 16, + "mode": "CTR", + "type": "stream" + }, + "aes-256-ctr": { + "cipher": "AES", + "key": 256, + "iv": 16, + "mode": "CTR", + "type": "stream" + }, + "aes-128-gcm": { + "cipher": "AES", + "key": 128, + "iv": 12, + "mode": "GCM", + "type": "auth" + }, + "aes-192-gcm": { + "cipher": "AES", + "key": 192, + "iv": 12, + "mode": "GCM", + "type": "auth" + }, + "aes-256-gcm": { + "cipher": "AES", + "key": 256, + "iv": 12, + "mode": "GCM", + "type": "auth" + } +} diff --git a/node_modules/browserify-aes/package.json b/node_modules/browserify-aes/package.json index 0c48faf77..daae47574 100644 --- a/node_modules/browserify-aes/package.json +++ b/node_modules/browserify-aes/package.json @@ -1,6 +1,6 @@ { "name": "browserify-aes", - "version": "1.0.6", + "version": "1.1.1", "description": "aes, for browserify", "browser": "browser.js", "main": "index.js", @@ -8,7 +8,9 @@ "test": "test" }, "scripts": { - "test": "standard && node test/index.js|tspec" + "standard": "standard", + "unit": "node test/index.js | tspec", + "test": "npm run standard && npm run unit" }, "repository": { "type": "git", @@ -26,15 +28,16 @@ }, "homepage": "https://github.com/crypto-browserify/browserify-aes", "dependencies": { - "buffer-xor": "^1.0.2", + "buffer-xor": "^1.0.3", "cipher-base": "^1.0.0", "create-hash": "^1.1.0", - "evp_bytestokey": "^1.0.0", - "inherits": "^2.0.1" + "evp_bytestokey": "^1.0.3", + "inherits": "^2.0.1", + "safe-buffer": "^5.0.1" }, "devDependencies": { - "standard": "^3.7.3", - "tap-spec": "^1.0.0", - "tape": "^3.0.0" + "standard": "^9.0.0", + "tap-spec": "^4.1.1", + "tape": "^4.6.3" } } diff --git a/node_modules/browserify-aes/populateFixtures.js b/node_modules/browserify-aes/populateFixtures.js deleted file mode 100644 index ac31eb33c..000000000 --- a/node_modules/browserify-aes/populateFixtures.js +++ /dev/null @@ -1,25 +0,0 @@ -var modes = require('./modes') -var fixtures = require('./test/fixtures.json') -var crypto = require('crypto') -var types = ['aes-128-cfb1', 'aes-192-cfb1', 'aes-256-cfb1'] -var ebtk = require('./EVP_BytesToKey') -var fs = require('fs') - -fixtures.forEach(function (fixture) { - types.forEach(function (cipher) { - var suite = crypto.createCipher(cipher, new Buffer(fixture.password)) - var buf = new Buffer('') - buf = Buffer.concat([buf, suite.update(new Buffer(fixture.text))]) - buf = Buffer.concat([buf, suite.final()]) - fixture.results.ciphers[cipher] = buf.toString('hex') - if (modes[cipher].mode === 'ECB') { - return - } - var suite2 = crypto.createCipheriv(cipher, ebtk(crypto, fixture.password, modes[cipher].key).key, new Buffer(fixture.iv, 'hex')) - var buf2 = new Buffer('') - buf2 = Buffer.concat([buf2, suite2.update(new Buffer(fixture.text))]) - buf2 = Buffer.concat([buf2, suite2.final()]) - fixture.results.cipherivs[cipher] = buf2.toString('hex') - }) -}) -fs.writeFileSync('./test/fixturesNew.json', JSON.stringify(fixtures, false, 4)) diff --git a/node_modules/browserify-aes/streamCipher.js b/node_modules/browserify-aes/streamCipher.js index a55c762d5..1877fa090 100644 --- a/node_modules/browserify-aes/streamCipher.js +++ b/node_modules/browserify-aes/streamCipher.js @@ -1,25 +1,27 @@ var aes = require('./aes') +var Buffer = require('safe-buffer').Buffer var Transform = require('cipher-base') var inherits = require('inherits') -inherits(StreamCipher, Transform) -module.exports = StreamCipher function StreamCipher (mode, key, iv, decrypt) { - if (!(this instanceof StreamCipher)) { - return new StreamCipher(mode, key, iv) - } Transform.call(this) + this._cipher = new aes.AES(key) - this._prev = new Buffer(iv.length) - this._cache = new Buffer('') - this._secCache = new Buffer('') + this._prev = Buffer.from(iv) + this._cache = Buffer.allocUnsafe(0) + this._secCache = Buffer.allocUnsafe(0) this._decrypt = decrypt - iv.copy(this._prev) this._mode = mode } + +inherits(StreamCipher, Transform) + StreamCipher.prototype._update = function (chunk) { return this._mode.encrypt(this, chunk, this._decrypt) } + StreamCipher.prototype._final = function () { this._cipher.scrub() } + +module.exports = StreamCipher |