first commit
This commit is contained in:
monjack
230
app_vue/node_modules/node-forge/lib/cipher.js
generated
vendored
Normal file
230
app_vue/node_modules/node-forge/lib/cipher.js
generated
vendored
Normal file
@ -0,0 +1,230 @@
|
||||
/**
|
||||
* Cipher base API.
|
||||
*
|
||||
* @author Dave Longley
|
||||
*
|
||||
* Copyright (c) 2010-2014 Digital Bazaar, Inc.
|
||||
*/
|
||||
var forge = require('./forge');
|
||||
require('./util');
|
||||
|
||||
module.exports = forge.cipher = forge.cipher || {};
|
||||
|
||||
// registered algorithms
|
||||
forge.cipher.algorithms = forge.cipher.algorithms || {};
|
||||
|
||||
/**
|
||||
* Creates a cipher object that can be used to encrypt data using the given
|
||||
* algorithm and key. The algorithm may be provided as a string value for a
|
||||
* previously registered algorithm or it may be given as a cipher algorithm
|
||||
* API object.
|
||||
*
|
||||
* @param algorithm the algorithm to use, either a string or an algorithm API
|
||||
* object.
|
||||
* @param key the key to use, as a binary-encoded string of bytes or a
|
||||
* byte buffer.
|
||||
*
|
||||
* @return the cipher.
|
||||
*/
|
||||
forge.cipher.createCipher = function(algorithm, key) {
|
||||
var api = algorithm;
|
||||
if(typeof api === 'string') {
|
||||
api = forge.cipher.getAlgorithm(api);
|
||||
if(api) {
|
||||
api = api();
|
||||
}
|
||||
}
|
||||
if(!api) {
|
||||
throw new Error('Unsupported algorithm: ' + algorithm);
|
||||
}
|
||||
|
||||
// assume block cipher
|
||||
return new forge.cipher.BlockCipher({
|
||||
algorithm: api,
|
||||
key: key,
|
||||
decrypt: false
|
||||
});
|
||||
};
|
||||
|
||||
/**
|
||||
* Creates a decipher object that can be used to decrypt data using the given
|
||||
* algorithm and key. The algorithm may be provided as a string value for a
|
||||
* previously registered algorithm or it may be given as a cipher algorithm
|
||||
* API object.
|
||||
*
|
||||
* @param algorithm the algorithm to use, either a string or an algorithm API
|
||||
* object.
|
||||
* @param key the key to use, as a binary-encoded string of bytes or a
|
||||
* byte buffer.
|
||||
*
|
||||
* @return the cipher.
|
||||
*/
|
||||
forge.cipher.createDecipher = function(algorithm, key) {
|
||||
var api = algorithm;
|
||||
if(typeof api === 'string') {
|
||||
api = forge.cipher.getAlgorithm(api);
|
||||
if(api) {
|
||||
api = api();
|
||||
}
|
||||
}
|
||||
if(!api) {
|
||||
throw new Error('Unsupported algorithm: ' + algorithm);
|
||||
}
|
||||
|
||||
// assume block cipher
|
||||
return new forge.cipher.BlockCipher({
|
||||
algorithm: api,
|
||||
key: key,
|
||||
decrypt: true
|
||||
});
|
||||
};
|
||||
|
||||
/**
|
||||
* Registers an algorithm by name. If the name was already registered, the
|
||||
* algorithm API object will be overwritten.
|
||||
*
|
||||
* @param name the name of the algorithm.
|
||||
* @param algorithm the algorithm API object.
|
||||
*/
|
||||
forge.cipher.registerAlgorithm = function(name, algorithm) {
|
||||
name = name.toUpperCase();
|
||||
forge.cipher.algorithms[name] = algorithm;
|
||||
};
|
||||
|
||||
/**
|
||||
* Gets a registered algorithm by name.
|
||||
*
|
||||
* @param name the name of the algorithm.
|
||||
*
|
||||
* @return the algorithm, if found, null if not.
|
||||
*/
|
||||
forge.cipher.getAlgorithm = function(name) {
|
||||
name = name.toUpperCase();
|
||||
if(name in forge.cipher.algorithms) {
|
||||
return forge.cipher.algorithms[name];
|
||||
}
|
||||
return null;
|
||||
};
|
||||
|
||||
var BlockCipher = forge.cipher.BlockCipher = function(options) {
|
||||
this.algorithm = options.algorithm;
|
||||
this.mode = this.algorithm.mode;
|
||||
this.blockSize = this.mode.blockSize;
|
||||
this._finish = false;
|
||||
this._input = null;
|
||||
this.output = null;
|
||||
this._op = options.decrypt ? this.mode.decrypt : this.mode.encrypt;
|
||||
this._decrypt = options.decrypt;
|
||||
this.algorithm.initialize(options);
|
||||
};
|
||||
|
||||
/**
|
||||
* Starts or restarts the encryption or decryption process, whichever
|
||||
* was previously configured.
|
||||
*
|
||||
* For non-GCM mode, the IV may be a binary-encoded string of bytes, an array
|
||||
* of bytes, a byte buffer, or an array of 32-bit integers. If the IV is in
|
||||
* bytes, then it must be Nb (16) bytes in length. If the IV is given in as
|
||||
* 32-bit integers, then it must be 4 integers long.
|
||||
*
|
||||
* Note: an IV is not required or used in ECB mode.
|
||||
*
|
||||
* For GCM-mode, the IV must be given as a binary-encoded string of bytes or
|
||||
* a byte buffer. The number of bytes should be 12 (96 bits) as recommended
|
||||
* by NIST SP-800-38D but another length may be given.
|
||||
*
|
||||
* @param options the options to use:
|
||||
* iv the initialization vector to use as a binary-encoded string of
|
||||
* bytes, null to reuse the last ciphered block from a previous
|
||||
* update() (this "residue" method is for legacy support only).
|
||||
* additionalData additional authentication data as a binary-encoded
|
||||
* string of bytes, for 'GCM' mode, (default: none).
|
||||
* tagLength desired length of authentication tag, in bits, for
|
||||
* 'GCM' mode (0-128, default: 128).
|
||||
* tag the authentication tag to check if decrypting, as a
|
||||
* binary-encoded string of bytes.
|
||||
* output the output the buffer to write to, null to create one.
|
||||
*/
|
||||
BlockCipher.prototype.start = function(options) {
|
||||
options = options || {};
|
||||
var opts = {};
|
||||
for(var key in options) {
|
||||
opts[key] = options[key];
|
||||
}
|
||||
opts.decrypt = this._decrypt;
|
||||
this._finish = false;
|
||||
this._input = forge.util.createBuffer();
|
||||
this.output = options.output || forge.util.createBuffer();
|
||||
this.mode.start(opts);
|
||||
};
|
||||
|
||||
/**
|
||||
* Updates the next block according to the cipher mode.
|
||||
*
|
||||
* @param input the buffer to read from.
|
||||
*/
|
||||
BlockCipher.prototype.update = function(input) {
|
||||
if(input) {
|
||||
// input given, so empty it into the input buffer
|
||||
this._input.putBuffer(input);
|
||||
}
|
||||
|
||||
// do cipher operation until it needs more input and not finished
|
||||
while(!this._op.call(this.mode, this._input, this.output, this._finish) &&
|
||||
!this._finish) {}
|
||||
|
||||
// free consumed memory from input buffer
|
||||
this._input.compact();
|
||||
};
|
||||
|
||||
/**
|
||||
* Finishes encrypting or decrypting.
|
||||
*
|
||||
* @param pad a padding function to use in CBC mode, null for default,
|
||||
* signature(blockSize, buffer, decrypt).
|
||||
*
|
||||
* @return true if successful, false on error.
|
||||
*/
|
||||
BlockCipher.prototype.finish = function(pad) {
|
||||
// backwards-compatibility w/deprecated padding API
|
||||
// Note: will overwrite padding functions even after another start() call
|
||||
if(pad && (this.mode.name === 'ECB' || this.mode.name === 'CBC')) {
|
||||
this.mode.pad = function(input) {
|
||||
return pad(this.blockSize, input, false);
|
||||
};
|
||||
this.mode.unpad = function(output) {
|
||||
return pad(this.blockSize, output, true);
|
||||
};
|
||||
}
|
||||
|
||||
// build options for padding and afterFinish functions
|
||||
var options = {};
|
||||
options.decrypt = this._decrypt;
|
||||
|
||||
// get # of bytes that won't fill a block
|
||||
options.overflow = this._input.length() % this.blockSize;
|
||||
|
||||
if(!this._decrypt && this.mode.pad) {
|
||||
if(!this.mode.pad(this._input, options)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// do final update
|
||||
this._finish = true;
|
||||
this.update();
|
||||
|
||||
if(this._decrypt && this.mode.unpad) {
|
||||
if(!this.mode.unpad(this.output, options)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
if(this.mode.afterFinish) {
|
||||
if(!this.mode.afterFinish(this.output, options)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
};
|
||||
Reference in New Issue
Block a user