cyberchef 9.41.0 → 9.42.0

package/CHANGELOG.md

@@ -13,6 +13,9 @@ All major and minor version changes will be documented in this file. Details of
 
 ## Details
 
+### [9.41.0] - 2022-07-08
+- Added 'Caesar Box Cipher' operation [@n1073645] | [#1066]
+
 ### [9.40.0] - 2022-07-08
 - Added 'P-list Viewer' operation [@n1073645] | [#906]
 
@@ -297,6 +300,7 @@ All major and minor version changes will be documented in this file. Details of
 
 
 
+[9.41.0]: https://github.com/gchq/CyberChef/releases/tag/v9.41.0
 [9.40.0]: https://github.com/gchq/CyberChef/releases/tag/v9.40.0
 [9.39.0]: https://github.com/gchq/CyberChef/releases/tag/v9.39.0
 [9.38.0]: https://github.com/gchq/CyberChef/releases/tag/v9.38.0
@@ -511,6 +515,7 @@ All major and minor version changes will be documented in this file. Details of
 [#1045]: https://github.com/gchq/CyberChef/pull/1045
 [#1049]: https://github.com/gchq/CyberChef/pull/1049
 [#1065]: https://github.com/gchq/CyberChef/pull/1065
+[#1066]: https://github.com/gchq/CyberChef/pull/1066
 [#1083]: https://github.com/gchq/CyberChef/pull/1083
 [#1189]: https://github.com/gchq/CyberChef/pull/1189
 [#1242]: https://github.com/gchq/CyberChef/pull/1242

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cyberchef",
-  "version": "9.41.0",
+  "version": "9.42.0",
   "description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.",
   "author": "n1474335 <n1474335@gmail.com>",
   "homepage": "https://gchq.github.io/CyberChef",

package/src/core/config/Categories.json

@@ -79,6 +79,8 @@
             "DES Decrypt",
             "Triple DES Encrypt",
             "Triple DES Decrypt",
+            "LS47 Encrypt",
+            "LS47 Decrypt",
             "RC2 Encrypt",
             "RC2 Decrypt",
             "RC4",

package/src/core/config/OperationConfig.json

@@ -7934,6 +7934,53 @@
             }
         ]
     },
+    "LS47 Decrypt": {
+        "module": "Crypto",
+        "description": "This is a slight improvement of the ElsieFour cipher as described by Alan Kaminsky. We use 7x7 characters instead of original (barely fitting) 6x6, to be able to encrypt some structured information. We also describe a simple key-expansion algorithm, because remembering passwords is popular. Similar security considerations as with ElsieFour hold.<br>The LS47 alphabet consists of following characters: <code>_abcdefghijklmnopqrstuvwxyz.0123456789,-+*/:?!'()</code><br>An LS47 key is a permutation of the alphabet that is then represented in a 7x7 grid used for the encryption or decryption.",
+        "infoURL": "https://github.com/exaexa/ls47",
+        "inputType": "string",
+        "outputType": "string",
+        "flowControl": false,
+        "manualBake": false,
+        "args": [
+            {
+                "name": "Password",
+                "type": "string",
+                "value": ""
+            },
+            {
+                "name": "Padding",
+                "type": "number",
+                "value": 10
+            }
+        ]
+    },
+    "LS47 Encrypt": {
+        "module": "Crypto",
+        "description": "This is a slight improvement of the ElsieFour cipher as described by Alan Kaminsky. We use 7x7 characters instead of original (barely fitting) 6x6, to be able to encrypt some structured information. We also describe a simple key-expansion algorithm, because remembering passwords is popular. Similar security considerations as with ElsieFour hold.<br>The LS47 alphabet consists of following characters: <code>_abcdefghijklmnopqrstuvwxyz.0123456789,-+*/:?!'()</code><br>A LS47 key is a permutation of the alphabet that is then represented in a 7x7 grid used for the encryption or decryption.",
+        "infoURL": "https://github.com/exaexa/ls47",
+        "inputType": "string",
+        "outputType": "string",
+        "flowControl": false,
+        "manualBake": false,
+        "args": [
+            {
+                "name": "Password",
+                "type": "string",
+                "value": ""
+            },
+            {
+                "name": "Padding",
+                "type": "number",
+                "value": 10
+            },
+            {
+                "name": "Signature",
+                "type": "string",
+                "value": ""
+            }
+        ]
+    },
     "Label": {
         "module": "Default",
         "description": "Provides a location for conditional and fixed jumps to redirect execution to.",

package/src/core/config/modules/Crypto.mjs

@@ -34,6 +34,8 @@ import JWTDecode from "../../operations/JWTDecode.mjs";
 import JWTSign from "../../operations/JWTSign.mjs";
 import JWTVerify from "../../operations/JWTVerify.mjs";
 import Keccak from "../../operations/Keccak.mjs";
+import LS47Decrypt from "../../operations/LS47Decrypt.mjs";
+import LS47Encrypt from "../../operations/LS47Encrypt.mjs";
 import MD2 from "../../operations/MD2.mjs";
 import MD4 from "../../operations/MD4.mjs";
 import MD5 from "../../operations/MD5.mjs";
@@ -83,6 +85,8 @@ OpModules.Crypto = {
     "JWT Sign": JWTSign,
     "JWT Verify": JWTVerify,
     "Keccak": Keccak,
+    "LS47 Decrypt": LS47Decrypt,
+    "LS47 Encrypt": LS47Encrypt,
     "MD2": MD2,
     "MD4": MD4,
     "MD5": MD5,

package/src/core/lib/LS47.mjs

@@ -0,0 +1,244 @@
+/**
+ * @author n1073645 [n1073645@gmail.com]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+import OperationError from "../errors/OperationError.mjs";
+
+const letters = "_abcdefghijklmnopqrstuvwxyz.0123456789,-+*/:?!'()";
+const tiles = [];
+
+/**
+ * Initialises the tiles with values and positions.
+ */
+export function initTiles() {
+    for (let i = 0; i < 49; i++)
+        tiles.push([letters.charAt(i), [Math.floor(i/7), i % 7]]);
+}
+
+/**
+ * Rotates the key "down".
+ *
+ * @param {string} key
+ * @param {number} col
+ * @param {number} n
+ * @returns {string}
+ */
+function rotateDown(key, col, n) {
+    const lines = [];
+    for (let i = 0; i < 7; i++)
+        lines.push(key.slice(i*7, (i + 1) * 7));
+    const lefts = [];
+    let mids = [];
+    const rights = [];
+    lines.forEach((element) => {
+        lefts.push(element.slice(0, col));
+        mids.push(element.charAt(col));
+        rights.push(element.slice(col+1));
+    });
+    n = (7 - n % 7) % 7;
+    mids = mids.slice(n).concat(mids.slice(0, n));
+    let result = "";
+    for (let i = 0; i < 7; i++)
+        result += lefts[i] + mids[i] + rights[i];
+    return result;
+}
+
+/**
+ * Rotates the key "right".
+ *
+ * @param {string} key
+ * @param {number} row
+ * @param {number} n
+ * @returns {string}
+ */
+function rotateRight(key, row, n) {
+    const mid = key.slice(row * 7, (row + 1) * 7);
+    n = (7 - n % 7) % 7;
+    return key.slice(0, 7 * row) + mid.slice(n) + mid.slice(0, n) + key.slice(7 * (row + 1));
+}
+
+/**
+ * Finds the position of a letter in the tiles.
+ *
+ * @param {string} letter
+ * @returns {string}
+ */
+function findIx(letter) {
+    for (let i = 0; i < tiles.length; i++)
+        if (tiles[i][0] === letter)
+            return tiles[i][1];
+    throw new OperationError("Letter " + letter + " is not included in LS47");
+}
+
+/**
+ * Derives key from the input password.
+ *
+ * @param {string} password
+ * @returns {string}
+ */
+export function deriveKey(password) {
+    let i = 0;
+    let k = letters;
+    for (const c of password) {
+        const [row, col] = findIx(c);
+        k = rotateDown(rotateRight(k, i, col), i, row);
+        i = (i + 1) % 7;
+    }
+    return k;
+}
+
+/**
+ * Checks the key is a valid key.
+ *
+ * @param {string} key
+ */
+function checkKey(key) {
+    if (key.length !== letters.length)
+        throw new OperationError("Wrong key size");
+    const counts = new Array();
+    for (let i = 0; i < letters.length; i++)
+        counts[letters.charAt(i)] = 0;
+    for (const elem of letters) {
+        if (letters.indexOf(elem) === -1)
+            throw new OperationError("Letter " + elem + " not in LS47");
+        counts[elem]++;
+        if (counts[elem] > 1)
+            throw new OperationError("Letter duplicated in the key");
+    }
+}
+
+/**
+ * Finds the position of a letter in they key.
+ *
+ * @param {letter} key
+ * @param {string} letter
+ * @returns {object}
+ */
+function findPos (key, letter) {
+    const index = key.indexOf(letter);
+    if (index >= 0 && index < 49)
+        return [Math.floor(index/7), index%7];
+    throw new OperationError("Letter " + letter + " is not in the key");
+}
+
+/**
+ * Returns the character at the position on the tiles.
+ *
+ * @param {string} key
+ * @param {object} coord
+ * @returns {string}
+ */
+function findAtPos(key, coord) {
+    return key.charAt(coord[1] + (coord[0] * 7));
+}
+
+/**
+ * Returns new position by adding two positions.
+ *
+ * @param {object} a
+ * @param {object} b
+ * @returns {object}
+ */
+function addPos(a, b) {
+    return [(a[0] + b[0]) % 7, (a[1] + b[1]) % 7];
+}
+
+/**
+ * Returns new position by subtracting two positions.
+ * Note: We have to manually do the remainder division, since JS does not
+ * operate correctly on negative numbers (e.g. -3 % 4 = -3 when it should be 1).
+ *
+ * @param {object} a
+ * @param {object} b
+ * @returns {object}
+ */
+function subPos(a, b) {
+    const asub = a[0] - b[0];
+    const bsub = a[1] - b[1];
+    return [asub - (Math.floor(asub/7) * 7), bsub - (Math.floor(bsub/7) * 7)];
+}
+
+/**
+ * Encrypts the plaintext string.
+ *
+ * @param {string} key
+ * @param {string} plaintext
+ * @returns {string}
+ */
+function encrypt(key, plaintext) {
+    checkKey(key);
+    let mp = [0, 0];
+    let ciphertext = "";
+    for (const p of plaintext) {
+        const pp = findPos(key, p);
+        const mix = findIx(findAtPos(key, mp));
+        let cp = addPos(pp, mix);
+        const c = findAtPos(key, cp);
+        ciphertext += c;
+        key = rotateRight(key, pp[0], 1);
+        cp = findPos(key, c);
+        key = rotateDown(key, cp[1], 1);
+        mp = addPos(mp, findIx(c));
+    }
+    return ciphertext;
+}
+
+/**
+ * Decrypts the ciphertext string.
+ *
+ * @param {string} key
+ * @param {string} ciphertext
+ * @returns {string}
+ */
+function decrypt(key, ciphertext) {
+    checkKey(key);
+    let mp = [0, 0];
+    let plaintext = "";
+    for (const c of ciphertext) {
+        let cp = findPos(key, c);
+        const mix = findIx(findAtPos(key, mp));
+        const pp = subPos(cp, mix);
+        const p = findAtPos(key, pp);
+        plaintext += p;
+        key = rotateRight(key, pp[0], 1);
+        cp = findPos(key, c);
+        key = rotateDown(key, cp[1], 1);
+        mp = addPos(mp, findIx(c));
+    }
+    return plaintext;
+}
+
+/**
+ * Adds padding to the input.
+ *
+ * @param {string} key
+ * @param {string} plaintext
+ * @param {string} signature
+ * @param {number} paddingSize
+ * @returns {string}
+ */
+export function encryptPad(key, plaintext, signature, paddingSize) {
+    initTiles();
+    checkKey(key);
+    let padding = "";
+    for (let i = 0; i < paddingSize; i++) {
+        padding += letters.charAt(Math.floor(Math.random() * letters.length));
+    }
+    return encrypt(key, padding+plaintext+"---"+signature);
+}
+
+/**
+ * Removes padding from the ouput.
+ *
+ * @param {string} key
+ * @param {string} ciphertext
+ * @param {number} paddingSize
+ * @returns {string}
+ */
+export function decryptPad(key, ciphertext, paddingSize) {
+    initTiles();
+    checkKey(key);
+    return decrypt(key, ciphertext).slice(paddingSize);
+}

package/src/core/operations/LS47Decrypt.mjs

@@ -0,0 +1,57 @@
+/**
+ * @author n1073645 [n1073645@gmail.com]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import * as LS47 from "../lib/LS47.mjs";
+
+/**
+ * LS47 Decrypt operation
+ */
+class LS47Decrypt extends Operation {
+
+    /**
+     * LS47Decrypt constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "LS47 Decrypt";
+        this.module = "Crypto";
+        this.description = "This is a slight improvement of the ElsieFour cipher as described by Alan Kaminsky. We use 7x7 characters instead of original (barely fitting) 6x6, to be able to encrypt some structured information. We also describe a simple key-expansion algorithm, because remembering passwords is popular. Similar security considerations as with ElsieFour hold.<br>The LS47 alphabet consists of following characters: <code>_abcdefghijklmnopqrstuvwxyz.0123456789,-+*/:?!'()</code><br>An LS47 key is a permutation of the alphabet that is then represented in a 7x7 grid used for the encryption or decryption.";
+        this.infoURL = "https://github.com/exaexa/ls47";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                name: "Password",
+                type: "string",
+                value: ""
+            },
+            {
+                name: "Padding",
+                type: "number",
+                value: 10
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        this.paddingSize = parseInt(args[1], 10);
+
+        LS47.initTiles();
+
+        const key = LS47.deriveKey(args[0]);
+        return LS47.decryptPad(key, input, this.paddingSize);
+    }
+
+}
+
+export default LS47Decrypt;

package/src/core/operations/LS47Encrypt.mjs

@@ -0,0 +1,62 @@
+/**
+ * @author n1073645 [n1073645@gmail.com]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import * as LS47 from "../lib/LS47.mjs";
+
+/**
+ * LS47 Encrypt operation
+ */
+class LS47Encrypt extends Operation {
+
+    /**
+     * LS47Encrypt constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "LS47 Encrypt";
+        this.module = "Crypto";
+        this.description = "This is a slight improvement of the ElsieFour cipher as described by Alan Kaminsky. We use 7x7 characters instead of original (barely fitting) 6x6, to be able to encrypt some structured information. We also describe a simple key-expansion algorithm, because remembering passwords is popular. Similar security considerations as with ElsieFour hold.<br>The LS47 alphabet consists of following characters: <code>_abcdefghijklmnopqrstuvwxyz.0123456789,-+*/:?!'()</code><br>A LS47 key is a permutation of the alphabet that is then represented in a 7x7 grid used for the encryption or decryption.";
+        this.infoURL = "https://github.com/exaexa/ls47";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                name: "Password",
+                type: "string",
+                value: ""
+            },
+            {
+                name: "Padding",
+                type: "number",
+                value: 10
+            },
+            {
+                name: "Signature",
+                type: "string",
+                value: ""
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        this.paddingSize = parseInt(args[1], 10);
+
+        LS47.initTiles();
+
+        const key = LS47.deriveKey(args[0]);
+        return LS47.encryptPad(key, input, args[2], this.paddingSize);
+    }
+
+}
+
+export default LS47Encrypt;

package/src/core/operations/index.mjs

@@ -192,6 +192,8 @@ import JavaScriptMinify from "./JavaScriptMinify.mjs";
 import JavaScriptParser from "./JavaScriptParser.mjs";
 import Jump from "./Jump.mjs";
 import Keccak from "./Keccak.mjs";
+import LS47Decrypt from "./LS47Decrypt.mjs";
+import LS47Encrypt from "./LS47Encrypt.mjs";
 import Label from "./Label.mjs";
 import Lorenz from "./Lorenz.mjs";
 import LuhnChecksum from "./LuhnChecksum.mjs";
@@ -568,6 +570,8 @@ export {
     JavaScriptParser,
     Jump,
     Keccak,
+    LS47Decrypt,
+    LS47Encrypt,
     Label,
     Lorenz,
     LuhnChecksum,

package/src/node/index.mjs

@@ -195,6 +195,8 @@ import {
     JWTSign as core_JWTSign,
     JWTVerify as core_JWTVerify,
     Keccak as core_Keccak,
+    LS47Decrypt as core_LS47Decrypt,
+    LS47Encrypt as core_LS47Encrypt,
     Lorenz as core_Lorenz,
     LuhnChecksum as core_LuhnChecksum,
     MD2 as core_MD2,
@@ -571,6 +573,8 @@ function generateChef() {
         "JWTSign": _wrap(core_JWTSign),
         "JWTVerify": _wrap(core_JWTVerify),
         "keccak": _wrap(core_Keccak),
+        "LS47Decrypt": _wrap(core_LS47Decrypt),
+        "LS47Encrypt": _wrap(core_LS47Encrypt),
         "lorenz": _wrap(core_Lorenz),
         "luhnChecksum": _wrap(core_LuhnChecksum),
         "MD2": _wrap(core_MD2),
@@ -962,6 +966,8 @@ const javaScriptMinify = chef.javaScriptMinify;
 const javaScriptParser = chef.javaScriptParser;
 const jump = chef.jump;
 const keccak = chef.keccak;
+const LS47Decrypt = chef.LS47Decrypt;
+const LS47Encrypt = chef.LS47Encrypt;
 const label = chef.label;
 const lorenz = chef.lorenz;
 const luhnChecksum = chef.luhnChecksum;
@@ -1340,6 +1346,8 @@ const operations = [
     javaScriptParser,
     jump,
     keccak,
+    LS47Decrypt,
+    LS47Encrypt,
     label,
     lorenz,
     luhnChecksum,
@@ -1722,6 +1730,8 @@ export {
     javaScriptParser,
     jump,
     keccak,
+    LS47Decrypt,
+    LS47Encrypt,
     label,
     lorenz,
     luhnChecksum,

package/tests/operations/index.mjs

@@ -117,6 +117,7 @@ import "./tests/SIGABA.mjs";
 import "./tests/ELFInfo.mjs";
 import "./tests/Subsection.mjs";
 import "./tests/CaesarBoxCipher.mjs";
+import "./tests/LS47.mjs";
 
 
 // Cannot test operations that use the File type yet

package/tests/operations/tests/LS47.mjs

@@ -0,0 +1,45 @@
+/**
+ * LS47 tests.
+ *
+ * @author n1073645 [n1073645@gmail.com]
+ *
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+import TestRegister from "../../lib/TestRegister.mjs";
+
+TestRegister.addTests([
+    {
+        name: "LS47 Encrypt",
+        input: "thequickbrownfoxjumped",
+        expectedOutput: "(,t74ci78cp/8trx*yesu:alp1wqy",
+        recipeConfig: [
+            {
+                op: "LS47 Encrypt",
+                args: ["helloworld", 0, "test"],
+            },
+        ],
+    },
+    {
+        name: "LS47 Decrypt",
+        input: "(,t74ci78cp/8trx*yesu:alp1wqy",
+        expectedOutput: "thequickbrownfoxjumped---test",
+        recipeConfig: [
+            {
+                op: "LS47 Decrypt",
+                args: ["helloworld", 0],
+            },
+        ],
+    },
+    {
+        name: "LS47 Encrypt",
+        input: "thequickbrownfoxjumped",
+        expectedOutput: "Letter H is not included in LS47",
+        recipeConfig: [
+            {
+                op: "LS47 Encrypt",
+                args: ["Helloworld", 0, "test"],
+            },
+        ],
+    }
+]);