|
1
|
var MODES = require('./modes')
|
|
2
|
var AuthCipher = require('./authCipher')
|
|
3
|
var Buffer = require('safe-buffer').Buffer
|
|
4
|
var StreamCipher = require('./streamCipher')
|
|
5
|
var Transform = require('cipher-base')
|
|
6
|
var aes = require('./aes')
|
|
7
|
var ebtk = require('evp_bytestokey')
|
|
8
|
var inherits = require('inherits')
|
|
9
|
|
|
10
|
function Cipher (mode, key, iv) {
|
|
11
|
Transform.call(this)
|
|
12
|
|
|
13
|
this._cache = new Splitter()
|
|
14
|
this._cipher = new aes.AES(key)
|
|
15
|
this._prev = Buffer.from(iv)
|
|
16
|
this._mode = mode
|
|
17
|
this._autopadding = true
|
|
18
|
}
|
|
19
|
|
|
20
|
inherits(Cipher, Transform)
|
|
21
|
|
|
22
|
Cipher.prototype._update = function (data) {
|
|
23
|
this._cache.add(data)
|
|
24
|
var chunk
|
|
25
|
var thing
|
|
26
|
var out = []
|
|
27
|
|
|
28
|
while ((chunk = this._cache.get())) {
|
|
29
|
thing = this._mode.encrypt(this, chunk)
|
|
30
|
out.push(thing)
|
|
31
|
}
|
|
32
|
|
|
33
|
return Buffer.concat(out)
|
|
34
|
}
|
|
35
|
|
|
36
|
var PADDING = Buffer.alloc(16, 0x10)
|
|
37
|
|
|
38
|
Cipher.prototype._final = function () {
|
|
39
|
var chunk = this._cache.flush()
|
|
40
|
if (this._autopadding) {
|
|
41
|
chunk = this._mode.encrypt(this, chunk)
|
|
42
|
this._cipher.scrub()
|
|
43
|
return chunk
|
|
44
|
}
|
|
45
|
|
|
46
|
if (!chunk.equals(PADDING)) {
|
|
47
|
this._cipher.scrub()
|
|
48
|
throw new Error('data not multiple of block length')
|
|
49
|
}
|
|
50
|
}
|
|
51
|
|
|
52
|
Cipher.prototype.setAutoPadding = function (setTo) {
|
|
53
|
this._autopadding = !!setTo
|
|
54
|
return this
|
|
55
|
}
|
|
56
|
|
|
57
|
function Splitter () {
|
|
58
|
this.cache = Buffer.allocUnsafe(0)
|
|
59
|
}
|
|
60
|
|
|
61
|
Splitter.prototype.add = function (data) {
|
|
62
|
this.cache = Buffer.concat([this.cache, data])
|
|
63
|
}
|
|
64
|
|
|
65
|
Splitter.prototype.get = function () {
|
|
66
|
if (this.cache.length > 15) {
|
|
67
|
var out = this.cache.slice(0, 16)
|
|
68
|
this.cache = this.cache.slice(16)
|
|
69
|
return out
|
|
70
|
}
|
|
71
|
return null
|
|
72
|
}
|
|
73
|
|
|
74
|
Splitter.prototype.flush = function () {
|
|
75
|
var len = 16 - this.cache.length
|
|
76
|
var padBuff = Buffer.allocUnsafe(len)
|
|
77
|
|
|
78
|
var i = -1
|
|
79
|
while (++i < len) {
|
|
80
|
padBuff.writeUInt8(len, i)
|
|
81
|
}
|
|
82
|
|
|
83
|
return Buffer.concat([this.cache, padBuff])
|
|
84
|
}
|
|
85
|
|
|
86
|
function createCipheriv (suite, password, iv) {
|
|
87
|
var config = MODES[suite.toLowerCase()]
|
|
88
|
if (!config) throw new TypeError('invalid suite type')
|
|
89
|
|
|
90
|
if (typeof password === 'string') password = Buffer.from(password)
|
|
91
|
if (password.length !== config.key / 8) throw new TypeError('invalid key length ' + password.length)
|
|
92
|
|
|
93
|
if (typeof iv === 'string') iv = Buffer.from(iv)
|
|
94
|
if (config.mode !== 'GCM' && iv.length !== config.iv) throw new TypeError('invalid iv length ' + iv.length)
|
|
95
|
|
|
96
|
if (config.type === 'stream') {
|
|
97
|
return new StreamCipher(config.module, password, iv)
|
|
98
|
} else if (config.type === 'auth') {
|
|
99
|
return new AuthCipher(config.module, password, iv)
|
|
100
|
}
|
|
101
|
|
|
102
|
return new Cipher(config.module, password, iv)
|
|
103
|
}
|
|
104
|
|
|
105
|
function createCipher (suite, password) {
|
|
106
|
var config = MODES[suite.toLowerCase()]
|
|
107
|
if (!config) throw new TypeError('invalid suite type')
|
|
108
|
|
|
109
|
var keys = ebtk(password, false, config.key, config.iv)
|
|
110
|
return createCipheriv(suite, keys.key, keys.iv)
|
|
111
|
}
|
|
112
|
|
|
113
|
exports.createCipheriv = createCipheriv
|
|
114
|
exports.createCipher = createCipher
|