You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
114 lines
2.8 KiB
114 lines
2.8 KiB
var MODES = require('./modes') |
|
var AuthCipher = require('./authCipher') |
|
var Buffer = require('safe-buffer').Buffer |
|
var StreamCipher = require('./streamCipher') |
|
var Transform = require('cipher-base') |
|
var aes = require('./aes') |
|
var ebtk = require('evp_bytestokey') |
|
var inherits = require('inherits') |
|
|
|
function Cipher (mode, key, iv) { |
|
Transform.call(this) |
|
|
|
this._cache = new Splitter() |
|
this._cipher = new aes.AES(key) |
|
this._prev = Buffer.from(iv) |
|
this._mode = mode |
|
this._autopadding = true |
|
} |
|
|
|
inherits(Cipher, Transform) |
|
|
|
Cipher.prototype._update = function (data) { |
|
this._cache.add(data) |
|
var chunk |
|
var thing |
|
var out = [] |
|
|
|
while ((chunk = this._cache.get())) { |
|
thing = this._mode.encrypt(this, chunk) |
|
out.push(thing) |
|
} |
|
|
|
return Buffer.concat(out) |
|
} |
|
|
|
var PADDING = Buffer.alloc(16, 0x10) |
|
|
|
Cipher.prototype._final = function () { |
|
var chunk = this._cache.flush() |
|
if (this._autopadding) { |
|
chunk = this._mode.encrypt(this, chunk) |
|
this._cipher.scrub() |
|
return chunk |
|
} |
|
|
|
if (!chunk.equals(PADDING)) { |
|
this._cipher.scrub() |
|
throw new Error('data not multiple of block length') |
|
} |
|
} |
|
|
|
Cipher.prototype.setAutoPadding = function (setTo) { |
|
this._autopadding = !!setTo |
|
return this |
|
} |
|
|
|
function Splitter () { |
|
this.cache = Buffer.allocUnsafe(0) |
|
} |
|
|
|
Splitter.prototype.add = function (data) { |
|
this.cache = Buffer.concat([this.cache, data]) |
|
} |
|
|
|
Splitter.prototype.get = function () { |
|
if (this.cache.length > 15) { |
|
var out = this.cache.slice(0, 16) |
|
this.cache = this.cache.slice(16) |
|
return out |
|
} |
|
return null |
|
} |
|
|
|
Splitter.prototype.flush = function () { |
|
var len = 16 - this.cache.length |
|
var padBuff = Buffer.allocUnsafe(len) |
|
|
|
var i = -1 |
|
while (++i < len) { |
|
padBuff.writeUInt8(len, i) |
|
} |
|
|
|
return Buffer.concat([this.cache, padBuff]) |
|
} |
|
|
|
function createCipheriv (suite, password, iv) { |
|
var config = MODES[suite.toLowerCase()] |
|
if (!config) throw new TypeError('invalid suite type') |
|
|
|
if (typeof password === 'string') password = Buffer.from(password) |
|
if (password.length !== config.key / 8) throw new TypeError('invalid key length ' + password.length) |
|
|
|
if (typeof iv === 'string') iv = Buffer.from(iv) |
|
if (config.mode !== 'GCM' && iv.length !== config.iv) throw new TypeError('invalid iv length ' + iv.length) |
|
|
|
if (config.type === 'stream') { |
|
return new StreamCipher(config.module, password, iv) |
|
} else if (config.type === 'auth') { |
|
return new AuthCipher(config.module, password, iv) |
|
} |
|
|
|
return new Cipher(config.module, password, iv) |
|
} |
|
|
|
function createCipher (suite, password) { |
|
var config = MODES[suite.toLowerCase()] |
|
if (!config) throw new TypeError('invalid suite type') |
|
|
|
var keys = ebtk(password, false, config.key, config.iv) |
|
return createCipheriv(suite, keys.key, keys.iv) |
|
} |
|
|
|
exports.createCipheriv = createCipheriv |
|
exports.createCipher = createCipher
|
|
|