chrisveness / crypto Goto Github PK

Reference implementations of AES & SHA cryptographic functions in JavaScript

License: MIT License

JavaScript 100.00%

crypto's Introduction

crypto

Reference implementations of AES & SHA cryptographic functions in JavaScript.

These annotated implementations follow the standards very closely, in order to assist in studying the standards and underlying algorithms. Note for production use I would recommend the Web Cryptography API for the browser (see examples of SHA hashing, PBKDF2 key derivation, and AES-GCM encryption), or the crypto library in Node.js.

aes.js

This is a reference implementation of the AES (Rijndael cipher) algorithm described in the FIPS-197 standard.

This comprises:

cipher: takes a 128-bit input block and applies the cipher algorithm to produce a 128-bit output block
keyExpansion: applies a key expansion to a 128-/192-/256-bit cipher key to produce a 2D byte-array key schedule for the cipher routine

More details are available at www.movable-type.co.uk/scripts/aes.html; tests at www.movable-type.co.uk/scripts/test/aes-test.html.

aes-ctr.js

This is a counter-mode (CTR) wrapper for the AES function, following the method described in NIST SP 800-38A.

This comprises:

encrypt: encrypt a plaintext using a supplied password
decrypt: decrypt an encrypted ciphertext using a supplied password

These functions take and return (Unicode) strings. Internally they convert them (via UTF-8) to byte arrays for encryption as set out in NIST SP 800-38A.

Note that there are no standards for data storage formats of AES encryption mode wrapper functions, so this is unlikely to inter-operate with standard library functions.

More details are available at www.movable-type.co.uk/scripts/aes.html; tests at www.movable-type.co.uk/scripts/test/aes-test.html.

sha1.js

This is a reference implementation of the SHA-1 algorithm described in the FIPS-180-4 standard.

This comprises:

hash: takes a (Unicode) string and generates a hash (of the UTF-8 encoded string)

More details are available at www.movable-type.co.uk/scripts/sha1.html; tests at www.movable-type.co.uk/scripts/test/sha-test.html.

sha256.js

This is a reference implementation of the SHA-256 algorithm described in the FIPS-180-4 standard.

This comprises:

hash: takes a (Unicode) string and generates a hash (of the UTF-8 encoded string)

Note that while SHA-256 and SHA-512 are both members of the SHA-2 family, there is little common code, so they are in separate files here.

More details are available at www.movable-type.co.uk/scripts/sha256.html; tests at www.movable-type.co.uk/scripts/test/sha-test.html.

sha512.js

This is a reference implementation of the SHA-512 algorithm described in the FIPS-180-4 standard.

This comprises:

hash: takes a (Unicode) string and generates a hash (of the UTF-8 encoded string)

Note that while SHA-256 and SHA-512 are both members of the SHA-2 family, there is little common code, so they are in separate files here.

More details are available at www.movable-type.co.uk/scripts/sha512.html; tests at www.movable-type.co.uk/scripts/test/sha-test.html.

sha3.js

This is a reference implementation of the SHA-3 (Keccak) algorithm described in the FIPS-202 standard.

This comprises:

hash224: takes a (Unicode) string and generates a SHA3/224 hash (of the UTF-8 encoded string)
hash256: takes a (Unicode) string and generates a SHA3/256 hash (of the UTF-8 encoded string)
hash384: takes a (Unicode) string and generates a SHA3/384 hash (of the UTF-8 encoded string)
hash512: takes a (Unicode) string and generates a SHA3/512 hash (of the UTF-8 encoded string)

More details are available at www.movable-type.co.uk/scripts/sha3.html; tests at www.movable-type.co.uk/scripts/test/sha-test.html.

tea-block.js

Wheeler & Needham’s Tiny Encryption Algorithm is a simple but powerful encryption algorithm which provides strong encryption in just a few lines of concise, clear code. This implements the (corrected) ‘Block TEA’ variant (xxtea).

The library includes:

encrypt a text with a password
decrypt an encrypted text
encode an array of longs using a 128-bit key
decode an encoded array of longs

More details are available at www.movable-type.co.uk/scripts/tea-block.html; tests at www.movable-type.co.uk/scripts/test/tea-test.html.

Documentation

Documentation for all these methods is available at www.movable-type.co.uk/scripts/js/crypto/docs.

JavaScript

Cryptographically-speaking, browsers are inherently insecure (Node.js does not suffer the same problems), but these implementations are intended for study rather than production use. With its untyped C-style syntax, JavaScript reads remarkably close to pseudo-code: exposing the algorithms with a minimum of syntactic distractions.

These implementations are written in ES2015 version of JavaScript; ES2015 classes are both clearer and more familiar to users of other languages than the ES5 equivalents, and let and const are good practice and communicate intent better than var. Other idiomatic JavaScript which might be less familiar to users of other languages has generally been avoided.

crypto's People

Contributors

Stargazers

Watchers

Forkers

bpoussin danielthm mayankgpt1 baylisslabs msquitieri carpii zerolethanh jalba 1xor1 rachitam d8ta laonda sagaracharya no-problemo rappogi1 aesophan myungkyu-park koumdros ian471 madalinignisca mariangibala juiceme michaelstay ksolorzano austinhunting ruipinge josephavestruz jorgeescallon rnentjes pombredanne looknd aichunyu holosphere shoutem 80psh0601 davidoster gorodezky simkyouyong rubythonode maniacs-js mxcs dimobelov jt3k semtle dennishvo suryasuresh06 karthikga zzzztc djgithub0727 vgartner tumerorkun hxy19930329 y0un3ss3 mliu7 gnadelwartz ethereumex getmenova ecopervious vaneves e080991 tagore-cai kc87654321 timvuon tomz12321 samuel-alves coso2 ujjwal9456 phoebe-g algotrader-dotcom asdert92 minhski spankders jjfattz sayangdia minergy abstractor97 dimitrioskhristoforidi rauleddie coolashelvetica thejohnhoffer oxyo bodrogisnt raghujirao tridentl garyng2000 khanesmail cooljl31 jaidevslibrary lantian1024 kosv hhy5277 tebellox chayyccee rptomey 4ndr34z kelisaka duaniston aleksander-haugas adriaan1313 j15marti

crypto's Issues

IE 11 syntax error Expected ';'

Hi, im building app.js with webpack and in IE 11 I got error Expected ';' for this line state[x][y] = 0n; of sha3.js. I tried to include @babel/plugin-syntax-bigint but it still does not work. Could you please advise how to fix it?

Version and release tags

Hello Chris,

Thanks for your work on this really nice library!

Would it be possible to implement version numbers, or maybe start using release tags feature in Github? Having version numbers and a clear difference between released and development versions would be good for the quality of the project.

Thanks, Barry
https://github.com/Zimbra-Community/pgp-zimlet

Decrypted file is very close to the original one but not quite

Hello there,

First of all, great work making this library and thank you for making it available !

I saw that the demo with file upload/download on your website was not working so I tried to make one that would work and couldn't get it to. The closest I got with a few modification was generating a file which hexdump is very close to the original file's but not exactly the same. Here is my code :

Worker.js

this.importScripts('lib/aes.js');
this.importScripts('lib/aes-ctr.js');

this.onmessage = function(msg) {
    switch (msg.data.op) {
        case 'encrypt':
            var reader = new FileReaderSync();
            var plaintext = reader.readAsText(msg.data.file, 'utf-8');
            var ciphertext = AesCtr.encrypt(plaintext, msg.data.password, msg.data.bits);
            // return encrypted file as Blob; UI thread can then use saveAs()
            var blob = new Blob([ciphertext], { type: 'text/plain' });
            self.postMessage({ progress: 'complete', ciphertext: blob });
            break;
        case 'decrypt':
            var reader = new FileReaderSync();
            var ciphertext = reader.readAsText(msg.data.file, 'iso-8859-1');
            var plaintext = AesCtr.decrypt(ciphertext, msg.data.password, msg.data.bits);
            // return decrypted file as Blob; UI thread can then use saveAs()
            var blob = new Blob([plaintext], { type: 'application/octet-stream' });
            self.postMessage({ progress: 'complete', plaintext: blob });
            break;
    }
};

and index.html

<script src="lib/aes.js"></script>
<script src="lib/aes-ctr.js"></script>
<script src="lib/FileSaver.js"></script>
<script>
window.addEventListener('load', function() {
    document.getElementById("form_encrypt").addEventListener('submit', function(e) {
        e.preventDefault();
        console.dir(e);
        var worker = new Worker('test.js');
        var file = document.getElementById("clearfile").files[0];
        var key = document.getElementById("encryption_key").value;
        worker.postMessage({ op:'encrypt', file:file, password:key, bits:256 });
        worker.onmessage = function(msg) {
            if (msg.data.progress == 'complete') {
                saveAs(msg.data.ciphertext, file.name+'.encrypted'); // save encrypted file
            }
        }
    });
    document.getElementById("form_decrypt").addEventListener('submit', function(e) {
        e.preventDefault();
        console.dir(e);
        var worker = new Worker('test.js');
        var file = document.getElementById("cipherfile").files[0];
        var key = document.getElementById("decryption_key").value;
        worker.postMessage({ op:'decrypt', file:file, password:key, bits:256 });
        worker.onmessage = function(msg) {
            if (msg.data.progress == 'complete') {
                saveAs(msg.data.plaintext, file.name+'.decrypted'); // save encrypted file
            }
        }
    });
});
</script>

<form id="form_encrypt">
    <input type="file" name="clearfile" id="clearfile" />
    <input type="text" name="encryption_key" id="encryption_key" />
    <input type="submit" />
</form>
<form id="form_decrypt">
    <input type="file" name="cipherfile" id="cipherfile" />
    <input type="text" name="decryption_key" id="decryption_key" />
    <input type="submit" />
</form>

At first glance, the decrypted file seemed corrupted. After dumping in hex both files I noticed the differences were small :

MBP-de-Mourad% hexdump -C ~/.code/so/kokoroe_profile.jpg | head
00000000  ff d8 ff e0 00 10 4a 46  49 46 00 01 01 01 00 60  |......JFIF.....`|
00000010  00 60 00 00 ff fe 00 3b  43 52 45 41 54 4f 52 3a  |.`.....;CREATOR:|
00000020  20 67 64 2d 6a 70 65 67  20 76 31 2e 30 20 28 75  | gd-jpeg v1.0 (u|
00000030  73 69 6e 67 20 49 4a 47  20 4a 50 45 47 20 76 38  |sing IJG JPEG v8|
00000040  30 29 2c 20 71 75 61 6c  69 74 79 20 3d 20 39 30  |0), quality = 90|
00000050  0a ff db 00 43 00 03 02  02 03 02 02 03 03 03 03  |....C...........|
00000060  04 03 03 04 05 08 05 05  04 04 05 0a 07 07 06 08  |................|
00000070  0c 0a 0c 0c 0b 0a 0b 0b  0d 0e 12 10 0d 0e 11 0e  |................|
00000080  0b 0b 10 16 10 11 13 14  15 15 15 0c 0f 17 18 16  |................|
00000090  14 18 12 14 15 14 ff db  00 43 01 03 04 04 05 04  |.........C......|

MBP-de-Mourad% hexdump -C ~/.code/so/kokoroe_profile.jpg.encrypted.decrypted.jpg | head
00000000  ef bf bd ef bf bd ef bf  bd ef bf bd 00 10 4a 46  |..............JF|
00000010  49 46 00 01 01 01 00 60  00 60 00 00 ef bf bd ef  |IF.....`.`......|
00000020  bf bd 00 3b 43 52 45 41  54 4f 52 3a 20 67 64 2d  |...;CREATOR: gd-|
00000030  6a 70 65 67 20 76 31 2e  30 20 28 75 73 69 6e 67  |jpeg v1.0 (using|
00000040  20 49 4a 47 20 4a 50 45  47 20 76 38 30 29 2c 20  | IJG JPEG v80), |
00000050  71 75 61 6c 69 74 79 20  3d 20 39 30 0a ef bf bd  |quality = 90....|
00000060  ef bf bd 00 43 00 03 02  02 03 02 02 03 03 03 03  |....C...........|
00000070  04 03 03 04 05 08 05 05  04 04 05 0a 07 07 06 08  |................|
00000080  0c 0a 0c 0c 0b 0a 0b 0b  0d 0e 12 10 0d 0e 11 0e  |................|
00000090  0b 0b 10 16 10 11 13 14  15 15 15 0c 0f 17 18 16  |................|

As you would notice there are just a few extra non-printable characters in the encrypted then decrypted version. I wonder where they come from.

chrisveness / crypto Goto Github PK

crypto's Introduction

crypto

aes.js

aes-ctr.js

sha1.js

sha256.js

sha512.js

sha3.js

tea-block.js

Documentation

JavaScript

crypto's People

Contributors

Stargazers

Watchers

Forkers

crypto's Issues

Recommend Projects

Recommend Topics

Recommend Org