diff --git a/CHANGELOG.md b/CHANGELOG.md
index ad2e3fc39..c60b7c3dc 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,8 +13,11 @@ All major and minor version changes will be documented in this file. Details of
## Details
+### [9.24.0] - 2020-02-02
+- 'SM3' hashing function added along with more configuration options for other hashing operations [@n1073645] [@n1474335] | [#1022]
+
### [9.23.0] - 2020-02-01
-- Various RSA operations added to encrypt, decrypt, sign, verify and generate keys [@mattnotmitt] | [#652]
+- Various RSA operations added to encrypt, decrypt, sign, verify and generate keys [@mattnotmitt] [@GCHQ77703] | [#652]
### [9.22.0] - 2021-02-01
- 'Unicode Text Format' operation added [@mattnotmitt] | [#1083]
@@ -420,5 +423,6 @@ All major and minor version changes will be documented in this file. Details of
[#965]: https://github.com/gchq/CyberChef/pull/965
[#966]: https://github.com/gchq/CyberChef/pull/966
[#987]: https://github.com/gchq/CyberChef/pull/987
+[#1022]: https://github.com/gchq/CyberChef/pull/1022
[#1049]: https://github.com/gchq/CyberChef/pull/1049
[#1083]: https://github.com/gchq/CyberChef/pull/1083
\ No newline at end of file
diff --git a/src/core/config/Categories.json b/src/core/config/Categories.json
index 1afa6dcb5..9558a87df 100755
--- a/src/core/config/Categories.json
+++ b/src/core/config/Categories.json
@@ -319,6 +319,7 @@
"SHA1",
"SHA2",
"SHA3",
+ "SM3",
"Keccak",
"Shake",
"RIPEMD",
diff --git a/src/core/operations/HAS160.mjs b/src/core/operations/HAS160.mjs
index aa1439ae9..707b99b33 100644
--- a/src/core/operations/HAS160.mjs
+++ b/src/core/operations/HAS160.mjs
@@ -20,11 +20,19 @@ class HAS160 extends Operation {
this.name = "HAS-160";
this.module = "Crypto";
- this.description = "HAS-160 is a cryptographic hash function designed for use with the Korean KCDSA digital signature algorithm. It is derived from SHA-1, with assorted changes intended to increase its security. It produces a 160-bit output.
HAS-160 is used in the same way as SHA-1. First it divides input in blocks of 512 bits each and pads the final block. A digest function updates the intermediate hash value by processing the input blocks in turn.
The message digest algorithm consists of 80 rounds.";
+ this.description = "HAS-160 is a cryptographic hash function designed for use with the Korean KCDSA digital signature algorithm. It is derived from SHA-1, with assorted changes intended to increase its security. It produces a 160-bit output.
HAS-160 is used in the same way as SHA-1. First it divides input in blocks of 512 bits each and pads the final block. A digest function updates the intermediate hash value by processing the input blocks in turn.
The message digest algorithm consists, by default, of 80 rounds.";
this.infoURL = "https://wikipedia.org/wiki/HAS-160";
this.inputType = "ArrayBuffer";
this.outputType = "string";
- this.args = [];
+ this.args = [
+ {
+ name: "Rounds",
+ type: "number",
+ value: 80,
+ min: 1,
+ max: 80
+ }
+ ];
}
/**
@@ -33,7 +41,7 @@ class HAS160 extends Operation {
* @returns {string}
*/
run(input, args) {
- return runHash("has160", input);
+ return runHash("has160", input, {rounds: args[0]});
}
}
diff --git a/src/core/operations/MD2.mjs b/src/core/operations/MD2.mjs
index ecfa699ca..38f6d3257 100644
--- a/src/core/operations/MD2.mjs
+++ b/src/core/operations/MD2.mjs
@@ -20,11 +20,18 @@ class MD2 extends Operation {
this.name = "MD2";
this.module = "Crypto";
- this.description = "The MD2 (Message-Digest 2) algorithm is a cryptographic hash function developed by Ronald Rivest in 1989. The algorithm is optimized for 8-bit computers.
Although MD2 is no longer considered secure, even as of 2014, it remains in use in public key infrastructures as part of certificates generated with MD2 and RSA.";
+ this.description = "The MD2 (Message-Digest 2) algorithm is a cryptographic hash function developed by Ronald Rivest in 1989. The algorithm is optimized for 8-bit computers.
Although MD2 is no longer considered secure, even as of 2014, it remains in use in public key infrastructures as part of certificates generated with MD2 and RSA. The message digest algorithm consists, by default, of 18 rounds.";
this.infoURL = "https://wikipedia.org/wiki/MD2_(cryptography)";
this.inputType = "ArrayBuffer";
this.outputType = "string";
- this.args = [];
+ this.args = [
+ {
+ name: "Rounds",
+ type: "number",
+ value: 18,
+ min: 0
+ }
+ ];
}
/**
@@ -33,7 +40,7 @@ class MD2 extends Operation {
* @returns {string}
*/
run(input, args) {
- return runHash("md2", input);
+ return runHash("md2", input, {rounds: args[0]});
}
}
diff --git a/src/core/operations/SHA0.mjs b/src/core/operations/SHA0.mjs
index 93345eb28..7f712ad92 100644
--- a/src/core/operations/SHA0.mjs
+++ b/src/core/operations/SHA0.mjs
@@ -20,11 +20,18 @@ class SHA0 extends Operation {
this.name = "SHA0";
this.module = "Crypto";
- this.description = "SHA-0 is a retronym applied to the original version of the 160-bit hash function published in 1993 under the name 'SHA'. It was withdrawn shortly after publication due to an undisclosed 'significant flaw' and replaced by the slightly revised version SHA-1.";
+ this.description = "SHA-0 is a retronym applied to the original version of the 160-bit hash function published in 1993 under the name 'SHA'. It was withdrawn shortly after publication due to an undisclosed 'significant flaw' and replaced by the slightly revised version SHA-1. The message digest algorithm consists, by default, of 80 rounds.";
this.infoURL = "https://wikipedia.org/wiki/SHA-1#SHA-0";
this.inputType = "ArrayBuffer";
this.outputType = "string";
- this.args = [];
+ this.args = [
+ {
+ name: "Rounds",
+ type: "number",
+ value: 80,
+ min: 16
+ }
+ ];
}
/**
@@ -33,7 +40,7 @@ class SHA0 extends Operation {
* @returns {string}
*/
run(input, args) {
- return runHash("sha0", input);
+ return runHash("sha0", input, {rounds: args[0]});
}
}
diff --git a/src/core/operations/SHA1.mjs b/src/core/operations/SHA1.mjs
index 41a0105a0..8c081f2fd 100644
--- a/src/core/operations/SHA1.mjs
+++ b/src/core/operations/SHA1.mjs
@@ -20,11 +20,18 @@ class SHA1 extends Operation {
this.name = "SHA1";
this.module = "Crypto";
- this.description = "The SHA (Secure Hash Algorithm) hash functions were designed by the NSA. SHA-1 is the most established of the existing SHA hash functions and it is used in a variety of security applications and protocols.
However, SHA-1's collision resistance has been weakening as new attacks are discovered or improved.";
+ this.description = "The SHA (Secure Hash Algorithm) hash functions were designed by the NSA. SHA-1 is the most established of the existing SHA hash functions and it is used in a variety of security applications and protocols.
However, SHA-1's collision resistance has been weakening as new attacks are discovered or improved. The message digest algorithm consists, by default, of 80 rounds.";
this.infoURL = "https://wikipedia.org/wiki/SHA-1";
this.inputType = "ArrayBuffer";
this.outputType = "string";
- this.args = [];
+ this.args = [
+ {
+ name: "Rounds",
+ type: "number",
+ value: 80,
+ min: 16
+ }
+ ];
}
/**
@@ -33,7 +40,7 @@ class SHA1 extends Operation {
* @returns {string}
*/
run(input, args) {
- return runHash("sha1", input);
+ return runHash("sha1", input, {rounds: args[0]});
}
}
diff --git a/src/core/operations/SHA2.mjs b/src/core/operations/SHA2.mjs
index c9599d245..ecdc4cc50 100644
--- a/src/core/operations/SHA2.mjs
+++ b/src/core/operations/SHA2.mjs
@@ -20,15 +20,58 @@ class SHA2 extends Operation {
this.name = "SHA2";
this.module = "Crypto";
- this.description = "The SHA-2 (Secure Hash Algorithm 2) hash functions were designed by the NSA. SHA-2 includes significant changes from its predecessor, SHA-1. The SHA-2 family consists of hash functions with digests (hash values) that are 224, 256, 384 or 512 bits: SHA224, SHA256, SHA384, SHA512.
- SHA-512 operates on 64-bit words.
- SHA-256 operates on 32-bit words.
- SHA-384 is largely identical to SHA-512 but is truncated to 384 bytes.
- SHA-224 is largely identical to SHA-256 but is truncated to 224 bytes.
- SHA-512/224 and SHA-512/256 are truncated versions of SHA-512, but the initial values are generated using the method described in Federal Information Processing Standards (FIPS) PUB 180-4.
";
+ this.description = "The SHA-2 (Secure Hash Algorithm 2) hash functions were designed by the NSA. SHA-2 includes significant changes from its predecessor, SHA-1. The SHA-2 family consists of hash functions with digests (hash values) that are 224, 256, 384 or 512 bits: SHA224, SHA256, SHA384, SHA512.
- SHA-512 operates on 64-bit words.
- SHA-256 operates on 32-bit words.
- SHA-384 is largely identical to SHA-512 but is truncated to 384 bytes.
- SHA-224 is largely identical to SHA-256 but is truncated to 224 bytes.
- SHA-512/224 and SHA-512/256 are truncated versions of SHA-512, but the initial values are generated using the method described in Federal Information Processing Standards (FIPS) PUB 180-4.
The message digest algorithm for SHA256 variants consists, by default, of 64 rounds, and for SHA512 variants, it is, by default, 160.";
this.infoURL = "https://wikipedia.org/wiki/SHA-2";
this.inputType = "ArrayBuffer";
this.outputType = "string";
this.args = [
{
- "name": "Size",
- "type": "option",
- "value": ["512", "256", "384", "224", "512/256", "512/224"]
+ name: "Size",
+ type: "argSelector",
+ value: [
+ {
+ name: "512",
+ on: [2],
+ off: [1]
+ },
+ {
+ name: "384",
+ on: [2],
+ off: [1]
+ },
+ {
+ name: "256",
+ on: [1],
+ off: [2]
+ },
+ {
+ name: "224",
+ on: [1],
+ off: [2]
+ },
+ {
+ name: "512/256",
+ on: [2],
+ off: [1]
+ },
+ {
+ name: "512/224",
+ on: [2],
+ off: [1]
+ }
+ ]
+ },
+ {
+ name: "Rounds", // For SHA256 variants
+ type: "number",
+ value: 64,
+ min: 16
+ },
+ {
+ name: "Rounds", // For SHA512 variants
+ type: "number",
+ value: 160,
+ min: 32
}
];
}
@@ -40,7 +83,8 @@ class SHA2 extends Operation {
*/
run(input, args) {
const size = args[0];
- return runHash("sha" + size, input);
+ const rounds = (size === "256" || size === "224") ? args[1] : args[2];
+ return runHash("sha" + size, input, {rounds: rounds});
}
}
diff --git a/src/core/operations/SM3.mjs b/src/core/operations/SM3.mjs
new file mode 100644
index 000000000..1441476ab
--- /dev/null
+++ b/src/core/operations/SM3.mjs
@@ -0,0 +1,57 @@
+/**
+ * @author n1073645 [n1073645@gmail.com]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Utils from "../Utils.mjs";
+import Sm3 from "crypto-api/src/hasher/sm3.mjs";
+import {toHex} from "crypto-api/src/encoder/hex.mjs";
+
+/**
+ * SM3 operation
+ */
+class SM3 extends Operation {
+
+ /**
+ * SM3 constructor
+ */
+ constructor() {
+ super();
+
+ this.name = "SM3";
+ this.module = "Crypto";
+ this.description = "SM3 is a cryptographic hash function used in the Chinese National Standard. SM3 is mainly used in digital signatures, message authentication codes, and pseudorandom number generators. The message digest algorithm consists, by default, of 64 rounds and length of 256.";
+ this.infoURL = "https://wikipedia.org/wiki/SM3_(hash_function)";
+ this.inputType = "ArrayBuffer";
+ this.outputType = "string";
+ this.args = [
+ {
+ name: "Length",
+ type: "number",
+ value: 256
+ },
+ {
+ name: "Rounds",
+ type: "number",
+ value: 64,
+ min: 16
+ }
+ ];
+ }
+
+ /**
+ * @param {ArrayBuffer} input
+ * @param {Object[]} args
+ * @returns {string}
+ */
+ run(input, args) {
+ const msg = Utils.arrayBufferToStr(input, false);
+ const hasher = new Sm3({length: args[0], rounds: args[1]});
+ hasher.update(msg);
+ return toHex(hasher.finalize());
+ }
+}
+
+export default SM3;
diff --git a/src/core/operations/Snefru.mjs b/src/core/operations/Snefru.mjs
index 520b3550d..ae5859b37 100644
--- a/src/core/operations/Snefru.mjs
+++ b/src/core/operations/Snefru.mjs
@@ -26,14 +26,17 @@ class Snefru extends Operation {
this.outputType = "string";
this.args = [
{
- "name": "Rounds",
- "type": "option",
- "value": ["8", "4", "2"]
+ name: "Size",
+ type: "number",
+ value: 128,
+ min: 32,
+ max: 480,
+ step: 32
},
{
- "name": "Size",
- "type": "option",
- "value": ["256", "128"]
+ name: "Rounds",
+ type: "option",
+ value: ["8", "4", "2"]
}
];
}
@@ -45,8 +48,8 @@ class Snefru extends Operation {
*/
run(input, args) {
return runHash("snefru", input, {
- rounds: args[0],
- length: args[1]
+ length: args[0],
+ rounds: args[1]
});
}
diff --git a/src/core/operations/Whirlpool.mjs b/src/core/operations/Whirlpool.mjs
index ae4c03597..c23649125 100644
--- a/src/core/operations/Whirlpool.mjs
+++ b/src/core/operations/Whirlpool.mjs
@@ -26,9 +26,16 @@ class Whirlpool extends Operation {
this.outputType = "string";
this.args = [
{
- "name": "Variant",
- "type": "option",
- "value": ["Whirlpool", "Whirlpool-T", "Whirlpool-0"]
+ name: "Variant",
+ type: "option",
+ value: ["Whirlpool", "Whirlpool-T", "Whirlpool-0"]
+ },
+ {
+ name: "Rounds",
+ type: "number",
+ value: 10,
+ min: 1,
+ max: 10
}
];
}
@@ -40,7 +47,7 @@ class Whirlpool extends Operation {
*/
run(input, args) {
const variant = args[0].toLowerCase();
- return runHash(variant, input);
+ return runHash(variant, input, {rounds: args[1]});
}
}
diff --git a/tests/node/tests/operations.mjs b/tests/node/tests/operations.mjs
index f208384cd..527481673 100644
--- a/tests/node/tests/operations.mjs
+++ b/tests/node/tests/operations.mjs
@@ -854,7 +854,7 @@ pCGTErs=
it("Snefru", () => {
assert.strictEqual(
- chef.snefru("demeaning milestone").toString(),
+ chef.snefru("demeaning milestone", {size: 256, rounds: 8}).toString(),
"a671b48770fe073ce49e9259cc2f47d345a53712639f8ae23c5ad3fec19540a5");
}),
diff --git a/tests/operations/tests/Hash.mjs b/tests/operations/tests/Hash.mjs
index bccdc6b74..95a18ffde 100644
--- a/tests/operations/tests/Hash.mjs
+++ b/tests/operations/tests/Hash.mjs
@@ -345,7 +345,7 @@ TestRegister.addTests([
recipeConfig: [
{
"op": "Snefru",
- "args": ["2", "128"]
+ "args": ["128", "2"]
}
]
},
@@ -356,7 +356,7 @@ TestRegister.addTests([
recipeConfig: [
{
"op": "Snefru",
- "args": ["4", "128"]
+ "args": ["128", "4"]
}
]
},
@@ -367,7 +367,7 @@ TestRegister.addTests([
recipeConfig: [
{
"op": "Snefru",
- "args": ["8", "128"]
+ "args": ["128", "8"]
}
]
},
@@ -378,7 +378,7 @@ TestRegister.addTests([
recipeConfig: [
{
"op": "Snefru",
- "args": ["2", "256"]
+ "args": ["256", "2"]
}
]
},
@@ -389,7 +389,7 @@ TestRegister.addTests([
recipeConfig: [
{
"op": "Snefru",
- "args": ["4", "256"]
+ "args": ["256", "4"]
}
]
},
@@ -400,7 +400,18 @@ TestRegister.addTests([
recipeConfig: [
{
"op": "Snefru",
- "args": ["8", "256"]
+ "args": ["256", "8"]
+ }
+ ]
+ },
+ {
+ name: "SM3 256 64",
+ input: "Hello, World!",
+ expectedOutput: "7ed26cbf0bee4ca7d55c1e64714c4aa7d1f163089ef5ceb603cd102c81fbcbc5",
+ recipeConfig: [
+ {
+ "op": "SM3",
+ "args": ["256", "64"]
}
]
},