10.6.0

Add UUID regex to 'Regular expression' operation

.eslintrc.json

@@ -1,7 +1,7 @@
 {
-    "parser": "babel-eslint",
+    "parser": "@babel/eslint-parser",
     "parserOptions": {
-        "ecmaVersion": 9,
+        "ecmaVersion": 2022,
         "ecmaFeatures": {
             "impliedStrict": true
         },
@@ -63,7 +63,8 @@
         }],
         "linebreak-style": ["error", "unix"],
         "quotes": ["error", "double", {
-            "avoidEscape": true
+            "avoidEscape": true,
+            "allowTemplateLiterals": true
         }],
         "camelcase": ["error", {
             "properties": "always"

.github/workflows/codeql.yml

@@ -0,0 +1,40 @@
+name: "CodeQL Analysis"
+
+on:
+  workflow_dispatch:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+    types: [synchronize, opened, reopened]
+  schedule:
+    - cron: '22 17 * * 5'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2
+      with:
+        category: "/language:${{matrix.language}}"

.github/workflows/master.yml

@@ -0,0 +1,57 @@
+name: "Master Build, Test & Deploy"
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+    - master
+
+jobs:
+  main:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Set node version
+      uses: actions/setup-node@v3
+      with:
+        node-version: '18.x'
+
+    - name: Install
+      run: |
+        npm install
+        npm run setheapsize
+
+    - name: Lint
+      run: npx grunt lint
+
+    - name: Unit Tests
+      run: |
+        npm test
+        npm run testnodeconsumer
+
+    - name: Production Build
+      if: success()
+      run: npx grunt prod --msg="Version 10 is here! Read about the new features <a href='https://github.com/gchq/CyberChef/wiki/Character-encoding,-EOL-separators,-and-editor-features'>here</a>"
+
+    - name: Generate sitemap
+      run: npx grunt exec:sitemap
+
+    - name: UI Tests
+      if: success()
+      run: |
+        sudo apt-get install xvfb
+        xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
+
+    - name: Prepare for GitHub Pages
+      if: success()
+      run: npx grunt copy:ghPages
+
+    - name: Deploy to GitHub Pages
+      if: success() && github.ref == 'refs/heads/master'
+      uses: crazy-max/ghaction-github-pages@v3
+      with:
+        target_branch: gh-pages
+        build_dir: ./build/prod
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/pull_requests.yml

@@ -0,0 +1,40 @@
+name: "Pull Requests"
+
+on:
+  workflow_dispatch:
+  pull_request:
+    types: [synchronize, opened, reopened]
+
+jobs:
+  main:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Set node version
+      uses: actions/setup-node@v3
+      with:
+        node-version: '18.x'
+
+    - name: Install
+      run: |
+        npm install
+        npm run setheapsize
+
+    - name: Lint
+      run: npx grunt lint
+
+    - name: Unit Tests
+      run: |
+        npm test
+        npm run testnodeconsumer
+
+    - name: Production Build
+      if: success()
+      run: npx grunt prod
+
+    - name: UI Tests
+      if: success()
+      run: |
+        sudo apt-get install xvfb
+        xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui

.github/workflows/releases.yml

@@ -0,0 +1,59 @@
+name: "Releases"
+
+on:
+  workflow_dispatch:
+  push:
+    tags:
+    - 'v*'
+
+jobs:
+  main:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Set node version
+      uses: actions/setup-node@v3
+      with:
+        node-version: '18.x'
+
+    - name: Install
+      run: |
+        npm install
+        npm run setheapsize
+
+    - name: Lint
+      run: npx grunt lint
+
+    - name: Unit Tests
+      run: |
+        npm test
+        npm run testnodeconsumer
+
+    - name: Production Build
+      if: success()
+      run: npx grunt prod
+
+    - name: UI Tests
+      if: success()
+      run: |
+        sudo apt-get install xvfb
+        xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
+
+    - name: Upload Release Assets
+      if: success()
+      id: upload-release-assets
+      uses: svenstaro/upload-release-action@v2
+      with:
+        repo_token: ${{ secrets.GITHUB_TOKEN }}
+        file: build/prod/*.zip
+        tag: ${{ github.ref }}
+        overwrite: true
+        file_glob: true
+        body: "See the [CHANGELOG](https://github.com/gchq/CyberChef/blob/master/CHANGELOG.md) and [commit messages](https://github.com/gchq/CyberChef/commits/master) for details."
+
+    - name: Publish to NPM
+      if: success()
+      uses: JS-DevTools/npm-publish@v1
+      with:
+        token: ${{ secrets.NPM_TOKEN }}

.gitignore

@@ -3,6 +3,7 @@ npm-debug.log
 travis.log
 build
 .vscode
+.idea
 .*.swp
 src/core/config/modules/*
 src/core/config/OperationConfig.json
@@ -11,4 +12,4 @@ src/node/config/OperationConfig.json
 src/node/index.mjs
 **/*.DS_Store
 tests/browser/output/*
-
+.node-version

.nvmrc

@@ -0,0 +1 @@
+18

.travis.yml

@@ -1,55 +0,0 @@
-language: node_js
-node_js:
-  - lts/dubnium
-cache: npm
-os: linux
-addons:
-  chrome: stable
-install: npm install
-before_script:
-  - npm install -g grunt
-  - export NODE_OPTIONS=--max_old_space_size=2048
-script:
-  - grunt lint
-  - grunt test
-  - grunt testnodeconsumer
-  - grunt prod --msg="$COMPILE_MSG"
-  - xvfb-run --server-args="-screen 0 1200x800x24" grunt testui
-before_deploy:
-  - grunt exec:sitemap
-  - grunt copy:ghPages
-deploy:
-  - provider: pages
-    edge: true
-    token: $GITHUB_TOKEN
-    local_dir: build/prod/
-    target_branch: gh-pages
-    on:
-      repo: gchq/CyberChef
-      branch: master
-  - provider: releases
-    edge: true
-    token:
-      secure: "HV1WSKv4l/0Y2bKKs1iBJocBcmLj08PCRUeEM/jTwA4jqJ8EiLHWiXtER/D5sEg2iibRVKd2OQjfrmS6bo4AiwdeVgAKmv0FtS2Jw+391N8Nd5AkEANHa5Om/IpHLTL2YRAjpJTsDpY72bMUTJIwjQA3TFJkgrpOw6KYfohOcgbxLpZ4XuNJRU3VL4Hsxdv5V9aOVmfFOmMOVPQlakXy7NgtW5POp1f2WJwgcZxylkR1CjwaqMyXmSoVl46pyH3tr5+dptsQoKSGdi6sIHGA60oDotFPcm+0ifa47wZw+vapuuDi4tdNxhrHGaDMG8xiE0WFDHwQUDlk2/+W7j9SEX0H3Em7us371JXRp56EDwEcDa34VpVkC6i8HGcHK55hnxVbMZXGf3qhOFD8wY7qMbjMRvIpucrMHBi86OfkDfv0vDj2LyvIl5APj/AX50BrE0tfH1MZbH26Jkx4NdlkcxQ14GumarmUqfmVvbX/fsoA6oUuAAE9ZgRRi3KHO4wci6KUcRfdm+XOeUkaBFsL86G3EEYIvrtBTuaypdz+Cx7nd1iPZyWMx5Y1gXnVzha4nBdV4+7l9JIsFggD8QVpw2uHXQiS1KXFjOeqA3DBD8tjMB7q26Fl2fD3jkOo4BTbQ2NrRIZUu/iL+fOmMPsyMt2qulB0yaSBCfkbEq8xrUA="
-    file_glob: true
-    file:
-      - build/prod/*.zip
-      - src/node/cjs.js
-    on:
-      repo: gchq/CyberChef
-      tags: true
-  - provider: npm
-    edge: true
-    email: "n1474335@gmail.com"
-    api_token:
-      secure: "UnDQL3Kh+GK2toL0TK3FObO0ujVssU3Eg4BBuYdjwLB81GhiGE5/DTh7THdZPOpbLo6wQeOwfZDuMeKC1OU+0Uf4NsdYFu1aq6xMO20qBQ4qUfgsyiK4Qgywj9gk0p1+OFZdGAZ/j1CNRAaF71XQIY6iV84c+SO4WoizXYrNT0Jh4sr2DA4/97G2xmJtPi0qOzYrJ09R56ZUozmqeik5G0pMRIuJRbpjS/7bZXV+N7WV0ombZc9RkUaetbabEVOLQ+Xx5YAIVq+VuEeMe9VBSnxY/FfCLmy1wJsjGzpLCyBI9nbrG4nw8Wgc2m8NfK9rcpIvBTGner9r2j60NVDkZ8kLZPrqXhq6AZMwa+oz6K5UQCqRo2RRQzSGwXxg67HY5Tcq+oNmjd+DqpPg4LZ3eGlluyP5XfG+hpSr9Ya4d8q8SrUWLxkoLHI6ZKMtoKFbTCSSQPiluW5hsZxjz3yDkkjsJw64M/EM8UyJrgaXqDklQu+7rBGKLfsK6os7RDiqjBWpQ7gwpo8HvY0O8yqEAabPz+QGkanpjcCOZCXFbSkzWxYy37RMAPu88iINVZVlZE4l+WJenCpZY95ueyy0mG9cyMSzVRPyX6A+/n4H6VMFPFjpGDLTD588ACEjY1lmHfS/eXwXJcgqPPD2gW0XdRdUheU/ssqlfCfGWQMTDXs="
-    on:
-      tags: true
-      branch: master
-notifications:
-    webhooks:
-        urls:
-            - https://webhooks.gitter.im/e/83c143a6822e218d5b34
-        on_success: change
-        on_failure: always
-        on_start: never

CHANGELOG.md

@@ -1,7 +1,173 @@
 # Changelog
+
+## Versioning
+
+CyberChef uses the [semver](https://semver.org/) system to manage versioning: `<MAJOR>.<MINOR>.<PATCH>`.
+
+- MAJOR version changes represent a significant change to the fundamental architecture of CyberChef and may (but don't always) make breaking changes that are not backwards compatible.
+- MINOR version changes usually mean the addition of new operations or reasonably significant new features.
+- PATCH versions are used for bug fixes and any other small tweaks that modify or improve existing capabilities.
+
 All major and minor version changes will be documented in this file. Details of patch-level version changes can be found in [commit messages](https://github.com/gchq/CyberChef/commits/master).
 
 
+## Details
+
+### [10.6.0] -  2024-02-03
+- Updated 'Forensics Wiki' URLs to new domain [@a3957273] | [#1703]
+- Added 'LZNT1 Decompress' operation [@0xThiebaut] | [#1675]
+- Updated 'Regex Expression' UUID matcher [@cnotin] | [#1678]
+- Removed duplicate 'hover' message within baking info [#KevinSJ] | [#1541]
+
+### [10.5.0] - 2023-07-14
+- Added GOST Encrypt, Decrypt, Sign, Verify, Key Wrap, and Key Unwrap operations [@n1474335] | [#592]
+
+### [10.4.0] - 2023-03-24
+- Added 'Generate De Bruijn Sequence' operation [@gchq77703] | [#493]
+
+### [10.3.0] - 2023-03-24
+- Added 'Argon2' and 'Argon2 compare' operations [@Xenonym] | [#661]
+
+### [10.2.0] - 2023-03-23
+- Added 'Derive HKDF key' operation [@mikecat] | [#1528]
+
+### [10.1.0] - 2023-03-23
+- Added 'Levenshtein Distance' operation [@mikecat] | [#1498]
+- Added 'Swap case' operation [@mikecat] | [#1499]
+
+## [10.0.0] - 2023-03-22
+- [Full details explained here](https://github.com/gchq/CyberChef/wiki/Character-encoding,-EOL-separators,-and-editor-features)
+- Status bars added to the Input and Output [@n1474335] | [#1405]
+- Character encoding selection added to the Input and Output [@n1474335] | [#1405]
+- End of line separator selection added to the Input and Output [@n1474335] | [#1405]
+- Non-printable characters are rendered as control character pictures [@n1474335] | [#1405]
+- Loaded files can now be edited in the Input [@n1474335] | [#1405]
+- Various editor features added such as multiple selections and bracket matching [@n1474335] | [#1405]
+- Contextual help added, activated by pressing F1 while hovering over features [@n1474335] | [#1405]
+- Many, many UI tests added for I/O features and operations [@n1474335] | [#1405]
+
+<details>
+    <summary>Click to expand v9 minor versions</summary>
+
+### [9.55.0] - 2022-12-09
+- Added 'AMF Encode' and 'AMF Decode' operations [@n1474335] | [760eff4]
+
+### [9.54.0] - 2022-11-25
+- Added 'Rabbit' operation [@mikecat] | [#1450]
+
+### [9.53.0] - 2022-11-25
+- Added 'AES Key Wrap' and 'AES Key Unwrap' operations [@mikecat] | [#1456]
+
+### [9.52.0] - 2022-11-25
+- Added 'ChaCha' operation [@joostrijneveld] | [#1466]
+
+### [9.51.0] - 2022-11-25
+- Added 'CMAC' operation [@mikecat] | [#1457]
+
+### [9.50.0] - 2022-11-25
+- Added 'Shuffle' operation [@mikecat] | [#1472]
+
+### [9.49.0] - 2022-11-11
+- Added 'LZ4 Compress' and 'LZ4 Decompress' operations [@n1474335] | [31a7f83]
+
+### [9.48.0] - 2022-10-14
+- Added 'LM Hash' and 'NT Hash' operations [@n1474335] [@brun0ne] | [#1427]
+
+### [9.47.0] - 2022-10-14
+- Added 'LZMA Decompress' and 'LZMA Compress' operations [@mattnotmitt] | [#1421]
+
+### [9.46.0] - 2022-07-08
+- Added 'Cetacean Cipher Encode' and 'Cetacean Cipher Decode' operations [@valdelaseras] | [#1308]
+
+### [9.45.0] - 2022-07-08
+- Added 'ROT8000' operation [@thomasleplus] | [#1250]
+
+### [9.44.0] - 2022-07-08
+- Added 'LZString Compress' and 'LZString Decompress' operations [@crespyl] | [#1266]
+
+### [9.43.0] - 2022-07-08
+- Added 'ROT13 Brute Force' and 'ROT47 Brute Force' operations [@mikecat] | [#1264]
+
+### [9.42.0] - 2022-07-08
+- Added 'LS47 Encrypt' and 'LS47 Decrypt' operations [@n1073645] | [#951]
+
+### [9.41.0] - 2022-07-08
+- Added 'Caesar Box Cipher' operation [@n1073645] | [#1066]
+
+### [9.40.0] - 2022-07-08
+- Added 'P-list Viewer' operation [@n1073645] | [#906]
+
+### [9.39.0] - 2022-06-09
+- Added 'ELF Info' operation [@n1073645] | [#1364]
+
+### [9.38.0] - 2022-05-30
+- Added 'Parse TCP' operation [@n1474335] | [a895d1d]
+
+### [9.37.0] - 2022-03-29
+- 'SM4 Encrypt' and 'SM4 Decrypt' operations added [@swesven] | [#1189]
+- NoPadding options added for CBC and ECB modes in AES, DES and Triple DES Decrypt operations [@swesven] | [#1189]
+
+### [9.36.0] - 2022-03-29
+- 'SIGABA' operation added [@hettysymes] | [#934]
+
+### [9.35.0] - 2022-03-28
+- 'To Base45' and 'From Base45' operations added [@t-8ch] | [#1242]
+
+### [9.34.0] - 2022-03-28
+- 'Get All Casings' operation added [@n1073645] | [#1065]
+
+### [9.33.0] - 2022-03-25
+- Updated to support Node 17 [@n1474335] [@john19696] [@t-8ch] | [[#1326] [#1313] [#1244]
+- Improved CJS and ESM module support [@d98762625] | [#1037]
+
+### [9.32.0] - 2021-08-18
+- 'Protobuf Encode' operation added and decode operation modified to allow decoding with full and partial schemas [@n1474335] | [dd18e52]
+
+### [9.31.0] - 2021-08-10
+- 'HASSH Client Fingerprint' and 'HASSH Server Fingerprint' operations added [@n1474335] | [e9ca4dc]
+
+### [9.30.0] - 2021-08-10
+- 'JA3S Fingerprint' operation added [@n1474335] | [289a417]
+
+### [9.29.0] - 2021-07-28
+- 'JA3 Fingerprint' operation added [@n1474335] | [9a33498]
+
+### [9.28.0] - 2021-03-26
+- 'CBOR Encode' and 'CBOR Decode' operations added [@Danh4] | [#999]
+
+### [9.27.0] - 2021-02-12
+- 'Fuzzy Match' operation added [@n1474335] | [8ad18b]
+
+### [9.26.0] - 2021-02-11
+- 'Get Time' operation added [@n1073645] [@n1474335] | [#1045]
+
+### [9.25.0] - 2021-02-11
+- 'Extract ID3' operation added [@n1073645] [@n1474335] | [#1006]
+
+### [9.24.0] - 2021-02-02
+- 'SM3' hashing function added along with more configuration options for other hashing operations [@n1073645] [@n1474335] | [#1022]
+
+### [9.23.0] - 2021-02-01
+- Various RSA operations added to encrypt, decrypt, sign, verify and generate keys [@mattnotmitt] [@GCHQ77703] | [#652]
+
+### [9.22.0] - 2021-02-01
+- 'Unicode Text Format' operation added [@mattnotmitt] | [#1083]
+
+### [9.21.0] - 2020-06-12
+- Node API now exports `magic` operation [@d98762625] | [#1049]
+
+### [9.20.0] - 2020-03-27
+- 'Parse ObjectID Timestamp' operation added [@dmfj] | [#987]
+
+### [9.19.0] - 2020-03-24
+- Improvements to the 'Magic' operation, allowing it to recognise more data formats and provide more accurate results [@n1073645] [@n1474335] | [#966] [b765534b](https://github.com/gchq/CyberChef/commit/b765534b8b2a0454a5132a0a52d1d8844bcbdaaa)
+
+### [9.18.0] - 2020-03-13
+- 'Convert to NATO alphabet' operation added [@MarvinJWendt] | [#674]
+
+### [9.17.0] - 2020-03-13
+- 'Generate Image' operation added [@pointhi] | [#683]
+
 ### [9.16.0] - 2020-03-06
 - 'Colossus' operation added [@VirtualColossus] | [#917]
 
@@ -51,6 +217,8 @@ All major and minor version changes will be documented in this file. Details of
 - 'Parse SSH Host Key' operation added [@j433866] | [#595]
 - 'Defang IP Addresses' operation added [@h345983745] | [#556]
 
+</details>
+
 ## [9.0.0] - 2019-07-09
 - [Multiple inputs](https://github.com/gchq/CyberChef/wiki/Multiple-Inputs) are now supported in the main web UI, allowing you to upload and process multiple files at once [@j433866] | [#566]
 - A [Node.js API](https://github.com/gchq/CyberChef/wiki/Node-API) has been implemented, meaning that CyberChef can now be used as a library, either to provide specific operations, or an entire baking environment [@d98762625] | [#291]
@@ -59,7 +227,7 @@ All major and minor version changes will be documented in this file. Details of
 
 <details>
     <summary>Click to expand v8 minor versions</summary>
-    
+
 ### [8.38.0] - 2019-07-03
 - 'Streebog' and 'GOST hash' operations added [@MShwed] [@n1474335] | [#530]
 
@@ -212,6 +380,51 @@ All major and minor version changes will be documented in this file. Details of
 
 
 
+[10.5.0]: https://github.com/gchq/CyberChef/releases/tag/v10.5.0
+[10.4.0]: https://github.com/gchq/CyberChef/releases/tag/v10.4.0
+[10.3.0]: https://github.com/gchq/CyberChef/releases/tag/v10.3.0
+[10.2.0]: https://github.com/gchq/CyberChef/releases/tag/v10.2.0
+[10.1.0]: https://github.com/gchq/CyberChef/releases/tag/v10.1.0
+[10.0.0]: https://github.com/gchq/CyberChef/releases/tag/v10.0.0
+[9.55.0]: https://github.com/gchq/CyberChef/releases/tag/v9.55.0
+[9.54.0]: https://github.com/gchq/CyberChef/releases/tag/v9.54.0
+[9.53.0]: https://github.com/gchq/CyberChef/releases/tag/v9.53.0
+[9.52.0]: https://github.com/gchq/CyberChef/releases/tag/v9.52.0
+[9.51.0]: https://github.com/gchq/CyberChef/releases/tag/v9.51.0
+[9.50.0]: https://github.com/gchq/CyberChef/releases/tag/v9.50.0
+[9.49.0]: https://github.com/gchq/CyberChef/releases/tag/v9.49.0
+[9.48.0]: https://github.com/gchq/CyberChef/releases/tag/v9.48.0
+[9.47.0]: https://github.com/gchq/CyberChef/releases/tag/v9.47.0
+[9.46.0]: https://github.com/gchq/CyberChef/releases/tag/v9.46.0
+[9.45.0]: https://github.com/gchq/CyberChef/releases/tag/v9.45.0
+[9.44.0]: https://github.com/gchq/CyberChef/releases/tag/v9.44.0
+[9.43.0]: https://github.com/gchq/CyberChef/releases/tag/v9.43.0
+[9.42.0]: https://github.com/gchq/CyberChef/releases/tag/v9.42.0
+[9.41.0]: https://github.com/gchq/CyberChef/releases/tag/v9.41.0
+[9.40.0]: https://github.com/gchq/CyberChef/releases/tag/v9.40.0
+[9.39.0]: https://github.com/gchq/CyberChef/releases/tag/v9.39.0
+[9.38.0]: https://github.com/gchq/CyberChef/releases/tag/v9.38.0
+[9.37.0]: https://github.com/gchq/CyberChef/releases/tag/v9.37.0
+[9.36.0]: https://github.com/gchq/CyberChef/releases/tag/v9.36.0
+[9.35.0]: https://github.com/gchq/CyberChef/releases/tag/v9.35.0
+[9.34.0]: https://github.com/gchq/CyberChef/releases/tag/v9.34.0
+[9.33.0]: https://github.com/gchq/CyberChef/releases/tag/v9.33.0
+[9.32.0]: https://github.com/gchq/CyberChef/releases/tag/v9.32.0
+[9.31.0]: https://github.com/gchq/CyberChef/releases/tag/v9.31.0
+[9.30.0]: https://github.com/gchq/CyberChef/releases/tag/v9.30.0
+[9.29.0]: https://github.com/gchq/CyberChef/releases/tag/v9.29.0
+[9.28.0]: https://github.com/gchq/CyberChef/releases/tag/v9.28.0
+[9.27.0]: https://github.com/gchq/CyberChef/releases/tag/v9.27.0
+[9.26.0]: https://github.com/gchq/CyberChef/releases/tag/v9.26.0
+[9.25.0]: https://github.com/gchq/CyberChef/releases/tag/v9.25.0
+[9.24.0]: https://github.com/gchq/CyberChef/releases/tag/v9.24.0
+[9.23.0]: https://github.com/gchq/CyberChef/releases/tag/v9.23.0
+[9.22.0]: https://github.com/gchq/CyberChef/releases/tag/v9.22.0
+[9.21.0]: https://github.com/gchq/CyberChef/releases/tag/v9.21.0
+[9.20.0]: https://github.com/gchq/CyberChef/releases/tag/v9.20.0
+[9.19.0]: https://github.com/gchq/CyberChef/releases/tag/v9.19.0
+[9.18.0]: https://github.com/gchq/CyberChef/releases/tag/v9.18.0
+[9.17.0]: https://github.com/gchq/CyberChef/releases/tag/v9.17.0
 [9.16.0]: https://github.com/gchq/CyberChef/releases/tag/v9.16.0
 [9.15.0]: https://github.com/gchq/CyberChef/releases/tag/v9.15.0
 [9.14.0]: https://github.com/gchq/CyberChef/releases/tag/v9.14.0
@@ -304,6 +517,32 @@ All major and minor version changes will be documented in this file. Details of
 [@cbeuw]: https://github.com/cbeuw
 [@matthieuxyz]: https://github.com/matthieuxyz
 [@Flavsditz]: https://github.com/Flavsditz
+[@pointhi]: https://github.com/pointhi
+[@MarvinJWendt]: https://github.com/MarvinJWendt
+[@dmfj]: https://github.com/dmfj
+[@mattnotmitt]: https://github.com/mattnotmitt
+[@Danh4]: https://github.com/Danh4
+[@john19696]: https://github.com/john19696
+[@t-8ch]: https://github.com/t-8ch
+[@hettysymes]: https://github.com/hettysymes
+[@swesven]: https://github.com/swesven
+[@mikecat]: https://github.com/mikecat
+[@crespyl]: https://github.com/crespyl
+[@thomasleplus]: https://github.com/thomasleplus
+[@valdelaseras]: https://github.com/valdelaseras
+[@brun0ne]: https://github.com/brun0ne
+[@joostrijneveld]: https://github.com/joostrijneveld
+[@Xenonym]: https://github.com/Xenonym
+[@gchq77703]: https://github.com/gchq77703
+
+[8ad18b]: https://github.com/gchq/CyberChef/commit/8ad18bc7db6d9ff184ba3518686293a7685bf7b7
+[9a33498]: https://github.com/gchq/CyberChef/commit/9a33498fed26a8df9c9f35f39a78a174bf50a513
+[289a417]: https://github.com/gchq/CyberChef/commit/289a417dfb5923de5e1694354ec42a08d9395bfe
+[e9ca4dc]: https://github.com/gchq/CyberChef/commit/e9ca4dc9caf98f33fd986431cd400c88082a42b8
+[dd18e52]: https://github.com/gchq/CyberChef/commit/dd18e529939078b89867297b181a584e8b2cc7da
+[a895d1d]: https://github.com/gchq/CyberChef/commit/a895d1d82a2f92d440a0c5eca2bc7c898107b737
+[31a7f83]: https://github.com/gchq/CyberChef/commit/31a7f83b82e78927f89689f323fcb9185144d6ff
+[760eff4]: https://github.com/gchq/CyberChef/commit/760eff49b5307aaa3104c5e5b437ffe62299acd1
 
 [#95]: https://github.com/gchq/CyberChef/pull/299
 [#173]: https://github.com/gchq/CyberChef/pull/173
@@ -365,10 +604,52 @@ All major and minor version changes will be documented in this file. Details of
 [#625]: https://github.com/gchq/CyberChef/pull/625
 [#627]: https://github.com/gchq/CyberChef/pull/627
 [#632]: https://github.com/gchq/CyberChef/pull/632
+[#652]: https://github.com/gchq/CyberChef/pull/652
 [#653]: https://github.com/gchq/CyberChef/pull/653
+[#674]: https://github.com/gchq/CyberChef/pull/674
+[#683]: https://github.com/gchq/CyberChef/pull/683
 [#865]: https://github.com/gchq/CyberChef/pull/865
+[#906]: https://github.com/gchq/CyberChef/pull/906
 [#912]: https://github.com/gchq/CyberChef/pull/912
 [#917]: https://github.com/gchq/CyberChef/pull/917
+[#934]: https://github.com/gchq/CyberChef/pull/934
 [#948]: https://github.com/gchq/CyberChef/pull/948
+[#951]: https://github.com/gchq/CyberChef/pull/951
 [#952]: https://github.com/gchq/CyberChef/pull/952
 [#965]: https://github.com/gchq/CyberChef/pull/965
+[#966]: https://github.com/gchq/CyberChef/pull/966
+[#987]: https://github.com/gchq/CyberChef/pull/987
+[#999]: https://github.com/gchq/CyberChef/pull/999
+[#1006]: https://github.com/gchq/CyberChef/pull/1006
+[#1022]: https://github.com/gchq/CyberChef/pull/1022
+[#1037]: https://github.com/gchq/CyberChef/pull/1037
+[#1045]: https://github.com/gchq/CyberChef/pull/1045
+[#1049]: https://github.com/gchq/CyberChef/pull/1049
+[#1065]: https://github.com/gchq/CyberChef/pull/1065
+[#1066]: https://github.com/gchq/CyberChef/pull/1066
+[#1083]: https://github.com/gchq/CyberChef/pull/1083
+[#1189]: https://github.com/gchq/CyberChef/pull/1189
+[#1242]: https://github.com/gchq/CyberChef/pull/1242
+[#1244]: https://github.com/gchq/CyberChef/pull/1244
+[#1313]: https://github.com/gchq/CyberChef/pull/1313
+[#1326]: https://github.com/gchq/CyberChef/pull/1326
+[#1364]: https://github.com/gchq/CyberChef/pull/1364
+[#1264]: https://github.com/gchq/CyberChef/pull/1264
+[#1266]: https://github.com/gchq/CyberChef/pull/1266
+[#1250]: https://github.com/gchq/CyberChef/pull/1250
+[#1308]: https://github.com/gchq/CyberChef/pull/1308
+[#1405]: https://github.com/gchq/CyberChef/pull/1405
+[#1421]: https://github.com/gchq/CyberChef/pull/1421
+[#1427]: https://github.com/gchq/CyberChef/pull/1427
+[#1472]: https://github.com/gchq/CyberChef/pull/1472
+[#1457]: https://github.com/gchq/CyberChef/pull/1457
+[#1466]: https://github.com/gchq/CyberChef/pull/1466
+[#1456]: https://github.com/gchq/CyberChef/pull/1456
+[#1450]: https://github.com/gchq/CyberChef/pull/1450
+[#1498]: https://github.com/gchq/CyberChef/pull/1498
+[#1499]: https://github.com/gchq/CyberChef/pull/1499
+[#1528]: https://github.com/gchq/CyberChef/pull/1528
+[#661]: https://github.com/gchq/CyberChef/pull/661
+[#493]: https://github.com/gchq/CyberChef/pull/493
+[#592]: https://github.com/gchq/CyberChef/issues/592
+

Gruntfile.js

@@ -6,6 +6,8 @@ const BundleAnalyzerPlugin = require("webpack-bundle-analyzer").BundleAnalyzerPl
 const glob = require("glob");
 const path = require("path");
 
+const nodeFlags = "--experimental-modules --experimental-json-modules --experimental-specifier-resolution=node --no-warnings --no-deprecation";
+
 /**
  * Grunt configuration for building the app in various formats.
  *
@@ -27,7 +29,7 @@ module.exports = function (grunt) {
         "Creates a production-ready build. Use the --msg flag to add a compile message.",
         [
             "eslint", "clean:prod", "clean:config", "exec:generateConfig", "findModules", "webpack:web",
-            "copy:standalone", "zip:standalone", "clean:standalone", "chmod"
+            "copy:standalone", "zip:standalone", "clean:standalone", "exec:calcDownloadHash", "chmod"
         ]);
 
     grunt.registerTask("node",
@@ -36,11 +38,10 @@ module.exports = function (grunt) {
             "clean:node", "clean:config", "clean:nodeConfig", "exec:generateConfig", "exec:generateNodeIndex"
         ]);
 
-    grunt.registerTask("test",
-        "A task which runs all the operation tests in the tests directory.",
+    grunt.registerTask("configTests",
+        "A task which configures config files in preparation for tests to be run. Use `npm test` to run tests.",
         [
-            "clean:config", "clean:nodeConfig", "exec:generateConfig", "exec:generateNodeIndex",
-            "exec:nodeTests", "exec:opTests"
+            "clean:config", "clean:nodeConfig", "exec:generateConfig", "exec:generateNodeIndex"
         ]);
 
     grunt.registerTask("testui",
@@ -49,13 +50,12 @@ module.exports = function (grunt) {
 
     grunt.registerTask("testnodeconsumer",
         "A task which checks whether consuming CJS and ESM apps work with the CyberChef build",
-        ["exec:setupNodeConsumers", "exec:testCJSNodeConsumer", "exec:testESMNodeConsumer", "exec:testESMDeepImportNodeConsumer", "exec:teardownNodeConsumers"]);
+        ["exec:setupNodeConsumers", "exec:testCJSNodeConsumer", "exec:testESMNodeConsumer", "exec:teardownNodeConsumers"]);
 
     grunt.registerTask("default",
         "Lints the code base",
         ["eslint", "exec:repoSize"]);
 
-    grunt.registerTask("tests", "test");
     grunt.registerTask("lint", "eslint");
 
     grunt.registerTask("findModules",
@@ -80,7 +80,6 @@ module.exports = function (grunt) {
     grunt.loadNpmTasks("grunt-contrib-watch");
     grunt.loadNpmTasks("grunt-chmod");
     grunt.loadNpmTasks("grunt-exec");
-    grunt.loadNpmTasks("grunt-accessibility");
     grunt.loadNpmTasks("grunt-concurrent");
     grunt.loadNpmTasks("grunt-contrib-connect");
     grunt.loadNpmTasks("grunt-zip");
@@ -177,7 +176,7 @@ module.exports = function (grunt) {
             // previous one fails. & would coninue on a fail
             .join("&&")
             // Windows does not support \n properly
-            .replace("\n", "\\n");
+            .replace(/\n/g, "\\n");
     }
 
     grunt.initConfig({
@@ -190,76 +189,48 @@ module.exports = function (grunt) {
             standalone: ["build/prod/CyberChef*.html"]
         },
         eslint: {
-            options: {
-                configFile: "./.eslintrc.json"
-            },
             configs: ["*.{js,mjs}"],
             core: ["src/core/**/*.{js,mjs}", "!src/core/vendor/**/*", "!src/core/operations/legacy/**/*"],
             web: ["src/web/**/*.{js,mjs}", "!src/web/static/**/*"],
             node: ["src/node/**/*.{js,mjs}"],
             tests: ["tests/**/*.{js,mjs}"],
         },
-        accessibility: {
-            options: {
-                accessibilityLevel: "WCAG2A",
-                verbose: false,
-                ignore: [
-                    "WCAG2A.Principle1.Guideline1_3.1_3_1.H42.2"
-                ]
-            },
-            test: {
-                src: ["build/**/*.html"]
-            }
-        },
         webpack: {
             options: webpackConfig,
+            myConfig: webpackConfig,
             web: webpackProdConf(),
         },
         "webpack-dev-server": {
-            options: {
-                webpack: webpackConfig,
-                host: "0.0.0.0",
-                port: grunt.option("port") || 8080,
-                disableHostCheck: true,
-                overlay: true,
-                inline: false,
-                clientLogLevel: "error",
-                stats: {
-                    children: false,
-                    chunks: false,
-                    modules: false,
-                    entrypoints: false,
-                    warningsFilter: [
-                        /source-map/,
-                        /dependency is an expression/,
-                        /export 'default'/,
-                        /Can't resolve 'sodium'/
-                    ],
-                }
-            },
+            options: webpackConfig,
             start: {
-                webpack: {
-                    mode: "development",
-                    target: "web",
-                    entry: Object.assign({
-                        main: "./src/web/index.js"
-                    }, moduleEntryPoints),
-                    resolve: {
-                        alias: {
-                            "./config/modules/OpModules.mjs": "./config/modules/Default.mjs"
-                        }
+                mode: "development",
+                target: "web",
+                entry: Object.assign({
+                    main: "./src/web/index.js"
+                }, moduleEntryPoints),
+                resolve: {
+                    alias: {
+                        "./config/modules/OpModules.mjs": "./config/modules/Default.mjs"
+                    }
+                },
+                devServer: {
+                    port: grunt.option("port") || 8080,
+                    client: {
+                        logging: "error",
+                        overlay: true
                     },
-                    plugins: [
-                        new webpack.DefinePlugin(BUILD_CONSTANTS),
-                        new HtmlWebpackPlugin({
-                            filename: "index.html",
-                            template: "./src/web/html/index.html",
-                            chunks: ["main"],
-                            compileTime: compileTime,
-                            version: pkg.version,
-                        })
-                    ]
-                }
+                    hot: "only"
+                },
+                plugins: [
+                    new webpack.DefinePlugin(BUILD_CONSTANTS),
+                    new HtmlWebpackPlugin({
+                        filename: "index.html",
+                        template: "./src/web/html/index.html",
+                        chunks: ["main"],
+                        compileTime: compileTime,
+                        version: pkg.version,
+                    })
+                ]
             }
         },
         zip: {
@@ -304,7 +275,7 @@ module.exports = function (grunt) {
                 },
                 files: [
                     {
-                        src: "build/prod/index.html",
+                        src: ["build/prod/index.html"],
                         dest: "build/prod/index.html"
                     }
                 ]
@@ -326,7 +297,7 @@ module.exports = function (grunt) {
                 },
                 files: [
                     {
-                        src: "build/prod/index.html",
+                        src: ["build/prod/index.html"],
                         dest: `build/prod/CyberChef_v${pkg.version}.html`
                     }
                 ]
@@ -353,6 +324,22 @@ module.exports = function (grunt) {
             }
         },
         exec: {
+            calcDownloadHash: {
+                command: function () {
+                    switch (process.platform) {
+                        case "darwin":
+                            return chainCommands([
+                                `shasum -a 256 build/prod/CyberChef_v${pkg.version}.zip | awk '{print $1;}' > build/prod/sha256digest.txt`,
+                                `sed -i '' -e "s/DOWNLOAD_HASH_PLACEHOLDER/$(cat build/prod/sha256digest.txt)/" build/prod/index.html`
+                            ]);
+                        default:
+                            return chainCommands([
+                                `sha256sum build/prod/CyberChef_v${pkg.version}.zip | awk '{print $1;}' > build/prod/sha256digest.txt`,
+                                `sed -i -e "s/DOWNLOAD_HASH_PLACEHOLDER/$(cat build/prod/sha256digest.txt)/" build/prod/index.html`
+                            ]);
+                    }
+                },
+            },
             repoSize: {
                 command: chainCommands([
                     "git ls-files | wc -l | xargs printf '\n%b\ttracked files\n'",
@@ -364,15 +351,15 @@ module.exports = function (grunt) {
                 command: "git gc --prune=now --aggressive"
             },
             sitemap: {
-                command: "node --experimental-modules --no-warnings --no-deprecation src/web/static/sitemap.mjs > build/prod/sitemap.xml",
+                command: `node ${nodeFlags} src/web/static/sitemap.mjs > build/prod/sitemap.xml`,
                 sync: true
             },
             generateConfig: {
                 command: chainCommands([
                     "echo '\n--- Regenerating config files. ---'",
                     "echo [] > src/core/config/OperationConfig.json",
-                    "node --experimental-modules --no-warnings --no-deprecation src/core/config/scripts/generateOpsIndex.mjs",
-                    "node --experimental-modules --no-warnings --no-deprecation src/core/config/scripts/generateConfig.mjs",
+                    `node ${nodeFlags} src/core/config/scripts/generateOpsIndex.mjs`,
+                    `node ${nodeFlags} src/core/config/scripts/generateConfig.mjs`,
                     "echo '--- Config scripts finished. ---\n'"
                 ]),
                 sync: true
@@ -380,20 +367,14 @@ module.exports = function (grunt) {
             generateNodeIndex: {
                 command: chainCommands([
                     "echo '\n--- Regenerating node index ---'",
-                    "node --experimental-modules --no-warnings --no-deprecation src/node/config/scripts/generateNodeIndex.mjs",
+                    `node ${nodeFlags} src/node/config/scripts/generateNodeIndex.mjs`,
                     "echo '--- Node index generated. ---\n'"
                 ]),
                 sync: true
             },
-            opTests: {
-                command: "node --experimental-modules --no-warnings --no-deprecation tests/operations/index.mjs"
-            },
             browserTests: {
                 command: "./node_modules/.bin/nightwatch --env prod"
             },
-            nodeTests: {
-                command: "node --experimental-modules --no-warnings --no-deprecation tests/node/index.mjs"
-            },
             setupNodeConsumers: {
                 command: chainCommands([
                     "echo '\n--- Testing node consumers ---'",
@@ -414,24 +395,39 @@ module.exports = function (grunt) {
             testCJSNodeConsumer: {
                 command: chainCommands([
                     `cd ${nodeConsumerTestPath}`,
-                    "node --no-warnings cjs-consumer.js",
+                    `node ${nodeFlags} cjs-consumer.js`,
                 ]),
                 stdout: false,
             },
             testESMNodeConsumer: {
                 command: chainCommands([
                     `cd ${nodeConsumerTestPath}`,
-                    "node --no-warnings --experimental-modules esm-consumer.mjs",
+                    `node ${nodeFlags} esm-consumer.mjs`,
                 ]),
                 stdout: false,
             },
-            testESMDeepImportNodeConsumer: {
-                command: chainCommands([
-                    `cd ${nodeConsumerTestPath}`,
-                    "node --no-warnings --experimental-modules esm-deep-import-consumer.mjs",
-                ]),
-                stdout: false,
+            fixCryptoApiImports: {
+                command: function () {
+                    switch (process.platform) {
+                        case "darwin":
+                            return `find ./node_modules/crypto-api/src/ \\( -type d -name .git -prune \\) -o -type f -print0 | xargs -0 sed -i '' -e '/\\.mjs/!s/\\(from "\\.[^"]*\\)";/\\1.mjs";/g'`;
+                        default:
+                            return `find ./node_modules/crypto-api/src/ \\( -type d -name .git -prune \\) -o -type f -print0 | xargs -0 sed -i -e '/\\.mjs/!s/\\(from "\\.[^"]*\\)";/\\1.mjs";/g'`;
+                    }
+                },
+                stdout: false
             },
+            fixSnackbarMarkup: {
+                command: function () {
+                    switch (process.platform) {
+                        case "darwin":
+                            return `sed -i '' 's/<div id=snackbar-container\\/>/<div id=snackbar-container>/g' ./node_modules/snackbarjs/src/snackbar.js`;
+                        default:
+                            return `sed -i 's/<div id=snackbar-container\\/>/<div id=snackbar-container>/g' ./node_modules/snackbarjs/src/snackbar.js`;
+                    }
+                },
+                stdout: false
+            }
         },
     });
 };

README.md

@@ -1,7 +1,6 @@
 # CyberChef
 
-[![Build Status](https://travis-ci.org/gchq/CyberChef.svg?branch=master)](https://travis-ci.org/gchq/CyberChef)
-[![dependencies Status](https://david-dm.org/gchq/CyberChef/status.svg)](https://david-dm.org/gchq/CyberChef)
+[![](https://github.com/gchq/CyberChef/workflows/Master%20Build,%20Test%20&%20Deploy/badge.svg)](https://github.com/gchq/CyberChef/actions?query=workflow%3A%22Master+Build%2C+Test+%26+Deploy%22)
 [![npm](https://img.shields.io/npm/v/cyberchef.svg)](https://www.npmjs.com/package/cyberchef)
 [![](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](https://github.com/gchq/CyberChef/blob/master/LICENSE)
 [![Gitter](https://badges.gitter.im/gchq/CyberChef.svg)](https://gitter.im/gchq/CyberChef?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge)
@@ -9,7 +8,7 @@
 
 #### *The Cyber Swiss Army Knife*
 
-CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more.
+CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more.
 
 The tool is designed to enable both technical and non-technical analysts to manipulate data in complex ways without having to deal with complex tools or algorithms. It was conceived, designed, built and incrementally improved by an analyst in their 10% innovation time over several years.
 
@@ -54,7 +53,7 @@ You can use as many operations as you like in simple or complex ways. Some examp
      - Whenever you modify the input or the recipe, CyberChef will automatically "bake" for you and produce the output immediately.
      - This can be turned off and operated manually if it is affecting performance (if the input is very large, for instance).
  - Automated encoding detection
-     - CyberChef uses [a number of techniques](https://github.com/gchq/CyberChef/wiki/Automatic-detection-of-encoded-data-using-CyberChef-Magic) to attempt to automatically detect which encodings your data is under. If it finds a suitable operation which can make sense of your data, it displays the 'magic' icon in the Output field which you can click to decode your data.
+     - CyberChef uses [a number of techniques](https://github.com/gchq/CyberChef/wiki/Automatic-detection-of-encoded-data-using-CyberChef-Magic) to attempt to automatically detect which encodings your data is under. If it finds a suitable operation that make sense of your data, it displays the 'magic' icon in the Output field which you can click to decode your data.
  - Breakpoints
      - You can set breakpoints on any operation in your recipe to pause execution before running it.
      - You can also step through the recipe one operation at a time to see what the data looks like at each stage.
@@ -66,7 +65,7 @@ You can use as many operations as you like in simple or complex ways. Some examp
  - Highlighting
      - When you highlight text in the input or output, the offset and length values will be displayed and, if possible, the corresponding data will be highlighted in the output or input respectively (example: [highlight the word 'question' in the input to see where it appears in the output][11]).
  - Save to file and load from file
-     - You can save the output to a file at any time or load a file by dragging and dropping it into the input field. Files up to around 2GB are supported (depending on your browser), however some operations may take a very long time to run over this much data.
+     - You can save the output to a file at any time or load a file by dragging and dropping it into the input field. Files up to around 2GB are supported (depending on your browser), however, some operations may take a very long time to run over this much data.
  - CyberChef is entirely client-side
      - It should be noted that none of your recipe configuration or input (either text or files) is ever sent to the CyberChef web server - all processing is carried out within your browser, on your own computer.
      - Due to this feature, CyberChef can be downloaded and run locally. You can use the link in the top left corner of the app to download a full copy of CyberChef and drop it into a virtual machine, share it with other people, or host it in a closed network.
@@ -74,10 +73,10 @@ You can use as many operations as you like in simple or complex ways. Some examp
 
 ## Deep linking
 
-By manipulation of CyberChef's URL hash, you can change the initial settings with which the page opens.
+By manipulating CyberChef's URL hash, you can change the initial settings with which the page opens.
 The format is `https://gchq.github.io/CyberChef/#recipe=Operation()&input=...`
 
-Supported arguments are `recipe`, `input` (encoded in Base64), and `theme`. 
+Supported arguments are `recipe`, `input` (encoded in Base64), and `theme`.
 
 
 ## Browser support
@@ -90,14 +89,14 @@ CyberChef is built to support
 
 ## Node.js support
 
-CyberChef is built to fully support Node.js `v10` and partially supports `v12`. Named imports using a deep import specifier does not work in `v12`. For more information, see the Node API page in the project [wiki pages](https://github.com/gchq/CyberChef/wiki)
+CyberChef is built to fully support Node.js `v16`. For more information, see the ["Node API" wiki page](https://github.com/gchq/CyberChef/wiki/Node-API)
 
 
 ## Contributing
 
-Contributing a new operation to CyberChef is super easy! There is a quickstart script which will walk you through the process. If you can write basic JavaScript, you can write a CyberChef operation.
+Contributing a new operation to CyberChef is super easy! The quickstart script will walk you through the process. If you can write basic JavaScript, you can write a CyberChef operation.
 
-An installation walkthrough, how-to guides for adding new operations and themes, descriptions of the repository structure, available data types and coding conventions can all be found in the project [wiki pages](https://github.com/gchq/CyberChef/wiki).
+An installation walkthrough, how-to guides for adding new operations and themes, descriptions of the repository structure, available data types and coding conventions can all be found in the ["Contributing" wiki page](https://github.com/gchq/CyberChef/wiki/Contributing).
 
  - Push your changes to your fork.
  - Submit a pull request. If you are doing this for the first time, you will be prompted to sign the [GCHQ Contributor Licence Agreement](https://cla-assistant.io/gchq/CyberChef) via the CLA assistant on the pull request. This will also ask whether you are happy for GCHQ to contact you about a token of thanks for your contribution, or about job opportunities at GCHQ.
@@ -105,7 +104,7 @@ An installation walkthrough, how-to guides for adding new operations and themes,
 
 ## Licencing
 
-CyberChef is released under the [Apache 2.0 Licence](https://www.apache.org/licenses/LICENSE-2.0) and is covered by [Crown Copyright](https://www.nationalarchives.gov.uk/information-management/re-using-public-sector-information/copyright-and-re-use/crown-copyright/).
+CyberChef is released under the [Apache 2.0 Licence](https://www.apache.org/licenses/LICENSE-2.0) and is covered by [Crown Copyright](https://www.nationalarchives.gov.uk/information-management/re-using-public-sector-information/uk-government-licensing-framework/crown-copyright/).
 
 
   [1]: https://gchq.github.io/CyberChef

babel.config.js

@@ -11,6 +11,7 @@ module.exports = function(api) {
         ],
         "plugins": [
             "dynamic-import-node",
+            "@babel/plugin-syntax-import-assertions",
             [
                 "babel-plugin-transform-builtin-extend", {
                     "globals": ["Error"]

nightwatch.json

@@ -1,5 +1,6 @@
 {
   "src_folders": ["tests/browser"],
+  "exclude": ["tests/browser/browserUtils.js"],
   "output_folder": "tests/browser/output",
 
   "test_settings": {
@@ -10,11 +11,12 @@
         "start_process": true,
         "server_path": "./node_modules/.bin/chromedriver",
         "port": 9515,
-        "log_path": false
+        "log_path": "tests/browser/output"
       },
       "desiredCapabilities": {
         "browserName": "chrome"
-      }
+      },
+      "enable_fail_fast": true
     },
 
     "dev": {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cyberchef",
-  "version": "9.16.1",
+  "version": "10.6.0",
   "description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.",
   "author": "n1474335 <n1474335@gmail.com>",
   "homepage": "https://gchq.github.io/CyberChef",
@@ -27,143 +27,170 @@
     "type": "git",
     "url": "https://github.com/gchq/CyberChef/"
   },
-  "main": "src/node/cjs.js",
-  "module": "src/node/index.mjs",
+  "main": "src/node/wrapper.js",
+  "exports": {
+    "import": "./src/node/index.mjs",
+    "require": "./src/node/wrapper.js"
+  },
   "bugs": "https://github.com/gchq/CyberChef/issues",
   "browserslist": [
     "Chrome >= 50",
     "Firefox >= 38",
-    "node >= 10"
+    "node >= 16"
   ],
   "devDependencies": {
-    "@babel/core": "^7.7.5",
-    "@babel/plugin-transform-runtime": "^7.7.6",
-    "@babel/preset-env": "^7.7.6",
-    "autoprefixer": "^9.7.3",
-    "babel-eslint": "^10.0.3",
-    "babel-loader": "^8.0.6",
-    "babel-plugin-dynamic-import-node": "^2.3.0",
-    "chromedriver": "^80.0.1",
+    "@babel/core": "^7.21.0",
+    "@babel/eslint-parser": "^7.19.1",
+    "@babel/plugin-syntax-import-assertions": "^7.20.0",
+    "@babel/plugin-transform-runtime": "^7.21.0",
+    "@babel/preset-env": "^7.20.2",
+    "@babel/runtime": "^7.21.0",
+    "@codemirror/commands": "^6.2.1",
+    "@codemirror/language": "^6.6.0",
+    "@codemirror/search": "^6.2.3",
+    "@codemirror/state": "^6.2.0",
+    "@codemirror/view": "^6.9.2",
+    "autoprefixer": "^10.4.13",
+    "babel-loader": "^9.1.2",
+    "babel-plugin-dynamic-import-node": "^2.3.3",
+    "babel-plugin-transform-builtin-extend": "1.1.2",
+    "base64-loader": "^1.0.0",
+    "chromedriver": "^121.0.0",
+    "cli-progress": "^3.12.0",
     "colors": "^1.4.0",
-    "copy-webpack-plugin": "^5.0.5",
-    "css-loader": "^3.2.1",
-    "eslint": "^6.7.2",
-    "exports-loader": "^0.7.0",
-    "file-loader": "^5.0.2",
-    "grunt": "^1.0.4",
-    "grunt-accessibility": "~6.0.0",
+    "copy-webpack-plugin": "^11.0.0",
+    "core-js": "^3.29.0",
+    "css-loader": "6.7.3",
+    "eslint": "^8.35.0",
+    "grunt": "^1.6.1",
     "grunt-chmod": "~1.1.1",
     "grunt-concurrent": "^3.0.0",
-    "grunt-contrib-clean": "~2.0.0",
-    "grunt-contrib-connect": "^2.1.0",
+    "grunt-contrib-clean": "~2.0.1",
+    "grunt-contrib-connect": "^3.0.0",
     "grunt-contrib-copy": "~1.0.0",
     "grunt-contrib-watch": "^1.1.0",
-    "grunt-eslint": "^22.0.0",
+    "grunt-eslint": "^24.0.1",
     "grunt-exec": "~3.0.0",
-    "grunt-webpack": "^3.1.3",
-    "grunt-zip": "^0.18.2",
-    "html-webpack-plugin": "^3.2.0",
-    "imports-loader": "^0.8.0",
-    "mini-css-extract-plugin": "^0.8.0",
-    "nightwatch": "^1.3.4",
-    "node-sass": "^4.13.0",
-    "postcss-css-variables": "^0.14.0",
-    "postcss-import": "^12.0.1",
-    "postcss-loader": "^3.0.0",
-    "prompt": "^1.0.0",
-    "sass-loader": "^8.0.0",
-    "sitemap": "^5.1.0",
-    "style-loader": "^1.0.1",
-    "svg-url-loader": "^3.0.3",
-    "url-loader": "^3.0.0",
-    "webpack": "^4.41.2",
-    "webpack-bundle-analyzer": "^3.6.0",
-    "webpack-dev-server": "^3.9.0",
-    "webpack-node-externals": "^1.7.2",
-    "worker-loader": "^2.0.0"
+    "grunt-webpack": "^5.0.0",
+    "grunt-zip": "^0.20.0",
+    "html-webpack-plugin": "^5.5.0",
+    "imports-loader": "^4.0.1",
+    "mini-css-extract-plugin": "2.7.3",
+    "modify-source-webpack-plugin": "^3.0.0",
+    "nightwatch": "^2.6.16",
+    "postcss": "^8.4.21",
+    "postcss-css-variables": "^0.18.0",
+    "postcss-import": "^15.1.0",
+    "postcss-loader": "^7.0.2",
+    "prompt": "^1.3.0",
+    "sitemap": "^7.1.1",
+    "terser": "^5.16.6",
+    "webpack": "^5.76.0",
+    "webpack-bundle-analyzer": "^4.8.0",
+    "webpack-dev-server": "4.11.1",
+    "webpack-node-externals": "^3.0.0",
+    "worker-loader": "^3.0.8"
   },
   "dependencies": {
-    "@babel/polyfill": "^7.7.0",
-    "@babel/runtime": "^7.7.6",
+    "@astronautlabs/amf": "^0.0.6",
+    "@babel/polyfill": "^7.12.1",
+    "@blu3r4y/lzma": "^2.3.3",
+    "@wavesenterprise/crypto-gost-js": "^2.1.0-RC1",
+    "argon2-browser": "^1.18.0",
     "arrive": "^2.4.1",
-    "avsc": "^5.4.16",
-    "babel-plugin-transform-builtin-extend": "1.1.2",
+    "avsc": "^5.7.7",
     "bcryptjs": "^2.4.3",
-    "bignumber.js": "^9.0.0",
-    "blakejs": "^1.1.0",
-    "bootstrap": "4.4.1",
-    "bootstrap-colorpicker": "^3.2.0",
-    "bootstrap-material-design": "^4.1.2",
-    "bson": "^4.0.2",
+    "bignumber.js": "^9.1.1",
+    "blakejs": "^1.2.1",
+    "bootstrap": "4.6.2",
+    "bootstrap-colorpicker": "^3.4.0",
+    "bootstrap-material-design": "^4.1.3",
+    "browserify-zlib": "^0.2.0",
+    "bson": "^4.7.2",
+    "buffer": "^6.0.3",
+    "cbor": "8.1.0",
     "chi-squared": "^1.1.0",
-    "codepage": "^1.14.0",
-    "core-js": "^3.4.8",
+    "codepage": "^1.15.0",
     "crypto-api": "^0.8.5",
-    "crypto-js": "^3.1.9-1",
+    "crypto-browserify": "^3.12.0",
+    "crypto-js": "^4.1.1",
     "ctph.js": "0.0.5",
-    "d3": "^5.14.2",
+    "d3": "7.8.2",
     "d3-hexbin": "^0.2.2",
-    "diff": "^4.0.1",
-    "es6-promisify": "^6.0.2",
-    "escodegen": "^1.12.0",
-    "esm": "^3.2.25",
-    "esmangle": "^1.0.1",
+    "diff": "^5.1.0",
+    "es6-promisify": "^7.0.0",
+    "escodegen": "^2.0.0",
     "esprima": "^4.0.1",
     "exif-parser": "^0.1.12",
-    "file-saver": "^2.0.2",
-    "geodesy": "^1.1.3",
-    "highlight.js": "^9.16.2",
-    "jimp": "^0.9.3",
-    "jquery": "3.4.1",
+    "file-saver": "^2.0.5",
+    "flat": "^5.0.2",
+    "geodesy": "1.1.3",
+    "highlight.js": "^11.7.0",
+    "jimp": "^0.16.13",
+    "jquery": "3.6.4",
     "js-crc": "^0.2.0",
     "js-sha3": "^0.8.0",
-    "jsesc": "^2.5.2",
-    "jsonpath": "^1.0.2",
-    "jsonwebtoken": "^8.5.1",
-    "jsqr": "^1.2.0",
-    "jsrsasign": "8.0.12",
-    "kbpgp": "2.1.6",
+    "jsesc": "^3.0.2",
+    "json5": "^2.2.3",
+    "jsonpath-plus": "^7.2.0",
+    "jsonwebtoken": "8.5.1",
+    "jsqr": "^1.4.0",
+    "jsrsasign": "^10.6.1",
+    "kbpgp": "2.1.15",
     "libbzip2-wasm": "0.0.4",
-    "libyara-wasm": "^1.0.1",
-    "lodash": "^4.17.15",
-    "loglevel": "^1.6.6",
+    "libyara-wasm": "^1.2.1",
+    "lodash": "^4.17.21",
+    "loglevel": "^1.8.1",
     "loglevel-message-prefix": "^3.0.0",
-    "markdown-it": "^10.0.0",
-    "moment": "^2.24.0",
-    "moment-timezone": "^0.5.27",
+    "lz-string": "^1.5.0",
+    "lz4js": "^0.2.0",
+    "markdown-it": "^13.0.1",
+    "moment": "^2.29.4",
+    "moment-timezone": "^0.5.41",
     "ngeohash": "^0.6.3",
-    "node-forge": "^0.9.1",
+    "node-forge": "^1.3.1",
     "node-md6": "^0.1.0",
     "nodom": "^2.4.0",
-    "notepack.io": "^2.2.0",
+    "notepack.io": "^3.0.1",
+    "ntlm": "^0.1.3",
     "nwmatcher": "^1.4.4",
-    "otp": "^0.1.3",
-    "popper.js": "^1.16.0",
+    "otp": "0.1.3",
+    "path": "^0.12.7",
+    "popper.js": "^1.16.1",
+    "process": "^0.11.10",
+    "protobufjs": "^7.2.2",
     "qr-image": "^3.2.0",
+    "reflect-metadata": "^0.1.13",
     "scryptsy": "^2.1.0",
     "snackbarjs": "^1.1.0",
-    "sortablejs": "^1.10.1",
-    "split.js": "^1.5.11",
-    "ssdeep.js": "0.0.2",
-    "tesseract.js": "^2.0.0-alpha.15",
-    "ua-parser-js": "^0.7.20",
+    "sortablejs": "^1.15.0",
+    "split.js": "^1.6.5",
+    "ssdeep.js": "0.0.3",
+    "stream-browserify": "^3.0.0",
+    "tesseract.js": "3.0.3",
+    "ua-parser-js": "^1.0.34",
     "unorm": "^1.6.0",
     "utf8": "^3.0.0",
     "vkbeautify": "^0.99.3",
-    "xmldom": "^0.1.27",
-    "xpath": "0.0.27",
-    "xregexp": "^4.2.4",
+    "xmldom": "^0.6.0",
+    "xpath": "0.0.32",
+    "xregexp": "^5.1.1",
     "zlibjs": "^0.3.1"
   },
   "scripts": {
-    "start": "grunt dev",
-    "build": "grunt prod",
-    "repl": "node src/node/repl.js",
-    "test": "grunt test",
-    "test-node-consumer": "grunt testnodeconsumer",
-    "testui": "grunt testui",
+    "start": "npx grunt dev",
+    "build": "npx grunt prod",
+    "node": "npx grunt node",
+    "repl": "node --experimental-modules --experimental-json-modules --experimental-specifier-resolution=node --no-experimental-fetch --no-warnings src/node/repl.mjs",
+    "test": "npx grunt configTests && node --experimental-modules --experimental-json-modules --no-warnings --no-deprecation --openssl-legacy-provider --no-experimental-fetch tests/node/index.mjs && node --experimental-modules --experimental-json-modules --no-warnings --no-deprecation --openssl-legacy-provider --no-experimental-fetch --trace-uncaught tests/operations/index.mjs",
+    "testnodeconsumer": "npx grunt testnodeconsumer",
+    "testui": "npx grunt testui",
     "testuidev": "npx nightwatch --env=dev",
-    "lint": "grunt lint",
-    "newop": "node --experimental-modules src/core/config/scripts/newOperation.mjs"
+    "lint": "npx grunt lint",
+    "postinstall": "npx grunt exec:fixCryptoApiImports && npx grunt exec:fixSnackbarMarkup",
+    "newop": "node --experimental-modules --experimental-json-modules src/core/config/scripts/newOperation.mjs",
+    "minor": "node --experimental-modules --experimental-json-modules src/core/config/scripts/newMinorVersion.mjs",
+    "getheapsize": "node -e 'console.log(`node heap limit = ${require(\"v8\").getHeapStatistics().heap_size_limit / (1024 * 1024)} Mb`)'",
+    "setheapsize": "export NODE_OPTIONS=--max_old_space_size=2048"
   }
 }

src/core/Chef.mjs

@@ -27,8 +27,8 @@ class Chef {
      *
      * @param {string|ArrayBuffer} input - The input data as a string or ArrayBuffer
      * @param {Object[]} recipeConfig - The recipe configuration object
-     * @param {Object} options - The options object storing various user choices
-     * @param {boolean} options.attempHighlight - Whether or not to attempt highlighting
+     * @param {Object} [options={}] - The options object storing various user choices
+     * @param {string} [options.returnType] - What type to return the result as
      *
      * @returns {Object} response
      * @returns {string} response.result - The output of the recipe
@@ -37,12 +37,11 @@ class Chef {
      * @returns {number} response.duration - The number of ms it took to execute the recipe
      * @returns {number} response.error - The error object thrown by a failed operation (false if no error)
     */
-    async bake(input, recipeConfig, options) {
+    async bake(input, recipeConfig, options={}) {
         log.debug("Chef baking");
-        const startTime = new Date().getTime(),
+        const startTime = Date.now(),
             recipe      = new Recipe(recipeConfig),
-            containsFc  = recipe.containsFlowControl(),
-            notUTF8     = options && "treatAsUtf8" in options && !options.treatAsUtf8;
+            containsFc  = recipe.containsFlowControl();
         let error = false,
             progress = 0;
 
@@ -68,23 +67,16 @@ class Chef {
         // Present the raw result
         await recipe.present(this.dish);
 
-        // Depending on the size of the output, we may send it back as a string or an ArrayBuffer.
-        // This can prevent unnecessary casting as an ArrayBuffer can be easily downloaded as a file.
-        // The threshold is specified in KiB.
-        const threshold = (options.ioDisplayThreshold || 1024) * 1024;
         const returnType =
-            this.dish.type === Dish.HTML ?
-                Dish.HTML :
-                this.dish.size > threshold ?
-                    Dish.ARRAY_BUFFER :
-                    Dish.STRING;
+            this.dish.type === Dish.HTML ? Dish.HTML :
+                options?.returnType ? options.returnType : Dish.ARRAY_BUFFER;
 
         return {
             dish: rawDish,
-            result: await this.dish.get(returnType, notUTF8),
+            result: await this.dish.get(returnType),
             type: Dish.enumLookup(this.dish.type),
             progress: progress,
-            duration: new Date().getTime() - startTime,
+            duration: Date.now() - startTime,
             error: error
         };
     }
@@ -110,7 +102,7 @@ class Chef {
     silentBake(recipeConfig) {
         log.debug("Running silent bake");
 
-        const startTime = new Date().getTime(),
+        const startTime = Date.now(),
             recipe = new Recipe(recipeConfig),
             dish = new Dish();
 
@@ -119,7 +111,7 @@ class Chef {
         } catch (err) {
             // Suppress all errors
         }
-        return new Date().getTime() - startTime;
+        return Date.now() - startTime;
     }
 
 
@@ -146,7 +138,12 @@ class Chef {
             const func = direction === "forward" ? highlights[i].f : highlights[i].b;
 
             if (typeof func == "function") {
-                pos = func(pos, highlights[i].args);
+                try {
+                    pos = func(pos, highlights[i].args);
+                } catch (err) {
+                    // Throw away highlighting errors
+                    pos = [];
+                }
             }
         }
 

src/core/ChefWorker.js

@@ -7,18 +7,10 @@
  */
 
 import Chef from "./Chef.mjs";
-import OperationConfig from "./config/OperationConfig.json";
+import OperationConfig from "./config/OperationConfig.json" assert {type: "json"};
 import OpModules from "./config/modules/OpModules.mjs";
-
-// Add ">" to the start of all log messages in the Chef Worker
 import loglevelMessagePrefix from "loglevel-message-prefix";
 
-loglevelMessagePrefix(log, {
-    prefixes: [],
-    staticPrefixes: [">"],
-    prefixFormat: "%p"
-});
-
 
 // Set up Chef instance
 self.chef = new Chef();
@@ -56,7 +48,7 @@ self.postMessage({
 self.addEventListener("message", function(e) {
     // Handle message
     const r = e.data;
-    log.debug("ChefWorker receiving command '" + r.action + "'");
+    log.debug(`Receiving command '${r.action}'`);
 
     switch (r.action) {
         case "bake":
@@ -86,6 +78,12 @@ self.addEventListener("message", function(e) {
         case "setLogLevel":
             log.setLevel(r.data, false);
             break;
+        case "setLogPrefix":
+            loglevelMessagePrefix(log, {
+                prefixes: [],
+                staticPrefixes: [r.data]
+            });
+            break;
         default:
             break;
     }
@@ -101,14 +99,17 @@ async function bake(data) {
     // Ensure the relevant modules are loaded
     self.loadRequiredModules(data.recipeConfig);
     try {
-        self.inputNum = (data.inputNum !== undefined) ? data.inputNum : -1;
+        self.inputNum = data.inputNum === undefined ? -1 : data.inputNum;
         const response = await self.chef.bake(
             data.input,          // The user's input
             data.recipeConfig,   // The configuration of the recipe
             data.options         // Options set by the user
         );
 
-        const transferable = (data.input instanceof ArrayBuffer) ? [data.input] : undefined;
+        const transferable = (response.dish.value instanceof ArrayBuffer) ?
+            [response.dish.value] :
+            undefined;
+
         self.postMessage({
             action: "bakeComplete",
             data: Object.assign(response, {
@@ -186,7 +187,7 @@ async function getDishTitle(data) {
  *
  * @param {Object[]} recipeConfig
  * @param {string} direction
- * @param {Object} pos - The position object for the highlight.
+ * @param {Object[]} pos - The position object for the highlight.
  * @param {number} pos.start - The start offset.
  * @param {number} pos.end - The end offset.
  */
@@ -212,7 +213,7 @@ self.loadRequiredModules = function(recipeConfig) {
         if (!(module in OpModules)) {
             log.info(`Loading ${module} module`);
             self.sendStatusMessage(`Loading ${module} module`);
-            self.importScripts(`${self.docURL}/modules/${module}.js`);
+            self.importScripts(`${self.docURL}/modules/${module}.js`); // lgtm [js/client-side-unvalidated-url-redirection]
             self.sendStatusMessage("");
         }
     });

src/core/Dish.mjs

@@ -128,10 +128,9 @@ class Dish {
      * If running in a browser, get is asynchronous.
      *
      * @param {number} type - The data type of value, see Dish enums.
-     * @param {boolean} [notUTF8=false] - Do not treat strings as UTF8.
      * @returns {* | Promise} - (Browser) A promise | (Node) value of dish in given type
      */
-    get(type, notUTF8=false) {
+    get(type) {
         if (typeof type === "string") {
             type = Dish.typeEnum(type);
         }
@@ -140,13 +139,13 @@ class Dish {
 
             // Node environment => _translate is sync
             if (isNodeEnvironment()) {
-                this._translate(type, notUTF8);
+                this._translate(type);
                 return this.value;
 
             // Browser environment => _translate is async
             } else {
                 return new Promise((resolve, reject) => {
-                    this._translate(type, notUTF8)
+                    this._translate(type)
                         .then(() => {
                             resolve(this.value);
                         })
@@ -190,12 +189,11 @@ class Dish {
      * @Node
      *
      * @param {number} type - The data type of value, see Dish enums.
-     * @param {boolean} [notUTF8=false] - Do not treat strings as UTF8.
      * @returns {Dish | Promise} - (Browser) A promise | (Node) value of dish in given type
      */
-    presentAs(type, notUTF8=false) {
+    presentAs(type) {
         const clone = this.clone();
-        return clone.get(type, notUTF8);
+        return clone.get(type);
     }
 
 
@@ -207,7 +205,7 @@ class Dish {
         const data = new Uint8Array(this.value.slice(0, 2048)),
             types = detectFileType(data);
 
-        if (!types.length || !types[0].mime || !types[0].mime === "text/plain") {
+        if (!types.length || !types[0].mime || !(types[0].mime === "text/plain")) {
             return null;
         } else {
             return types[0].mime;
@@ -414,17 +412,16 @@ class Dish {
      * If running in the browser, _translate is asynchronous.
      *
      * @param {number} toType - The data type of value, see Dish enums.
-     * @param {boolean} [notUTF8=false] - Do not treat strings as UTF8.
      * @returns {Promise || undefined}
      */
-    _translate(toType, notUTF8=false) {
+    _translate(toType) {
         log.debug(`Translating Dish from ${Dish.enumLookup(this.type)} to ${Dish.enumLookup(toType)}`);
 
         // Node environment => translate is sync
         if (isNodeEnvironment()) {
             this._toArrayBuffer();
             this.type = Dish.ARRAY_BUFFER;
-            this._fromArrayBuffer(toType, notUTF8);
+            this._fromArrayBuffer(toType);
 
         // Browser environment => translate is async
         } else {
@@ -486,18 +483,17 @@ class Dish {
      * Convert this.value to the given type from ArrayBuffer
      *
      * @param {number} toType - the Dish enum to convert to
-     * @param {boolean} [notUTF8=false] - Do not treat strings as UTF8.
     */
-    _fromArrayBuffer(toType, notUTF8) {
+    _fromArrayBuffer(toType) {
 
         // Using 'bind' here to allow this.value to be mutated within translation functions
         const toTypeFunctions = {
-            [Dish.STRING]:          () => DishString.fromArrayBuffer.bind(this)(notUTF8),
-            [Dish.NUMBER]:          () => DishNumber.fromArrayBuffer.bind(this)(notUTF8),
-            [Dish.HTML]:            () => DishHTML.fromArrayBuffer.bind(this)(notUTF8),
+            [Dish.STRING]:          () => DishString.fromArrayBuffer.bind(this)(),
+            [Dish.NUMBER]:          () => DishNumber.fromArrayBuffer.bind(this)(),
+            [Dish.HTML]:            () => DishHTML.fromArrayBuffer.bind(this)(),
             [Dish.ARRAY_BUFFER]:    () => {},
-            [Dish.BIG_NUMBER]:      () => DishBigNumber.fromArrayBuffer.bind(this)(notUTF8),
-            [Dish.JSON]:            () => DishJSON.fromArrayBuffer.bind(this)(notUTF8),
+            [Dish.BIG_NUMBER]:      () => DishBigNumber.fromArrayBuffer.bind(this)(),
+            [Dish.JSON]:            () => DishJSON.fromArrayBuffer.bind(this)(),
             [Dish.FILE]:            () => DishFile.fromArrayBuffer.bind(this)(),
             [Dish.LIST_FILE]:       () => DishListFile.fromArrayBuffer.bind(this)(),
             [Dish.BYTE_ARRAY]:      () => DishByteArray.fromArrayBuffer.bind(this)(),

src/core/Ingredient.mjs

@@ -27,6 +27,7 @@ class Ingredient {
         this.toggleValues = [];
         this.target = null;
         this.defaultIndex = 0;
+        this.maxLength = null;
         this.min = null;
         this.max = null;
         this.step = 1;
@@ -53,6 +54,7 @@ class Ingredient {
         this.toggleValues = ingredientConfig.toggleValues;
         this.target = typeof ingredientConfig.target !== "undefined" ? ingredientConfig.target : null;
         this.defaultIndex = typeof ingredientConfig.defaultIndex !== "undefined" ? ingredientConfig.defaultIndex : 0;
+        this.maxLength = ingredientConfig.maxLength || null;
         this.min = ingredientConfig.min;
         this.max = ingredientConfig.max;
         this.step = ingredientConfig.step;

src/core/Operation.mjs

@@ -184,6 +184,7 @@ class Operation {
             if (ing.disabled) conf.disabled = ing.disabled;
             if (ing.target) conf.target = ing.target;
             if (ing.defaultIndex) conf.defaultIndex = ing.defaultIndex;
+            if (ing.maxLength) conf.maxLength = ing.maxLength;
             if (typeof ing.min === "number") conf.min = ing.min;
             if (typeof ing.max === "number") conf.max = ing.max;
             if (ing.step) conf.step = ing.step;

src/core/Recipe.mjs

@@ -4,7 +4,7 @@
  * @license Apache-2.0
  */
 
-import OperationConfig from "./config/OperationConfig.json";
+import OperationConfig from "./config/OperationConfig.json" assert {type: "json"};
 import OperationError from "./errors/OperationError.mjs";
 import Operation from "./Operation.mjs";
 import DishError from "./errors/DishError.mjs";
@@ -46,7 +46,7 @@ class Recipe  {
                 module: OperationConfig[c.op].module,
                 ingValues: c.args,
                 breakpoint: c.breakpoint,
-                disabled: c.disabled,
+                disabled: c.disabled || c.op === "Comment",
             });
         });
     }
@@ -230,14 +230,12 @@ class Recipe  {
                 this.lastRunOp = op;
             } catch (err) {
                 // Return expected errors as output
-                if (err instanceof OperationError ||
-                    (err.type && err.type === "OperationError")) {
+                if (err instanceof OperationError || err?.type === "OperationError") {
                     // Cannot rely on `err instanceof OperationError` here as extending
                     // native types is not fully supported yet.
                     dish.set(err.message, "string");
                     return i;
-                } else if (err instanceof DishError ||
-                    (err.type && err.type === "DishError")) {
+                } else if (err instanceof DishError || err?.type === "DishError") {
                     dish.set(err.message, "string");
                     return i;
                 } else {

src/core/Utils.mjs

@@ -4,6 +4,8 @@
  * @license Apache-2.0
  */
 
+// loglevel import required for Node API
+import log from "loglevel";
 import utf8 from "utf8";
 import {fromBase64, toBase64} from "./lib/Base64.mjs";
 import {fromHex} from "./lib/Hex.mjs";
@@ -170,16 +172,17 @@ class Utils {
      *
      * @param {string} str - The input string to display.
      * @param {boolean} [preserveWs=false] - Whether or not to print whitespace.
+     * @param {boolean} [onlyAscii=false] - Whether or not to replace non ASCII characters.
      * @returns {string}
      */
-    static printable(str, preserveWs=false) {
-        if (isWebEnvironment() && window.app && !window.app.options.treatAsUtf8) {
-            str = Utils.byteArrayToChars(Utils.strToByteArray(str));
+    static printable(str, preserveWs=false, onlyAscii=false) {
+        if (onlyAscii) {
+            return str.replace(/[^\x20-\x7f]/g, ".");
         }
 
         // eslint-disable-next-line no-misleading-character-class
         const re = /[\0-\x08\x0B-\x0C\x0E-\x1F\x7F-\x9F\xAD\u0378\u0379\u037F-\u0383\u038B\u038D\u03A2\u0528-\u0530\u0557\u0558\u0560\u0588\u058B-\u058E\u0590\u05C8-\u05CF\u05EB-\u05EF\u05F5-\u0605\u061C\u061D\u06DD\u070E\u070F\u074B\u074C\u07B2-\u07BF\u07FB-\u07FF\u082E\u082F\u083F\u085C\u085D\u085F-\u089F\u08A1\u08AD-\u08E3\u08FF\u0978\u0980\u0984\u098D\u098E\u0991\u0992\u09A9\u09B1\u09B3-\u09B5\u09BA\u09BB\u09C5\u09C6\u09C9\u09CA\u09CF-\u09D6\u09D8-\u09DB\u09DE\u09E4\u09E5\u09FC-\u0A00\u0A04\u0A0B-\u0A0E\u0A11\u0A12\u0A29\u0A31\u0A34\u0A37\u0A3A\u0A3B\u0A3D\u0A43-\u0A46\u0A49\u0A4A\u0A4E-\u0A50\u0A52-\u0A58\u0A5D\u0A5F-\u0A65\u0A76-\u0A80\u0A84\u0A8E\u0A92\u0AA9\u0AB1\u0AB4\u0ABA\u0ABB\u0AC6\u0ACA\u0ACE\u0ACF\u0AD1-\u0ADF\u0AE4\u0AE5\u0AF2-\u0B00\u0B04\u0B0D\u0B0E\u0B11\u0B12\u0B29\u0B31\u0B34\u0B3A\u0B3B\u0B45\u0B46\u0B49\u0B4A\u0B4E-\u0B55\u0B58-\u0B5B\u0B5E\u0B64\u0B65\u0B78-\u0B81\u0B84\u0B8B-\u0B8D\u0B91\u0B96-\u0B98\u0B9B\u0B9D\u0BA0-\u0BA2\u0BA5-\u0BA7\u0BAB-\u0BAD\u0BBA-\u0BBD\u0BC3-\u0BC5\u0BC9\u0BCE\u0BCF\u0BD1-\u0BD6\u0BD8-\u0BE5\u0BFB-\u0C00\u0C04\u0C0D\u0C11\u0C29\u0C34\u0C3A-\u0C3C\u0C45\u0C49\u0C4E-\u0C54\u0C57\u0C5A-\u0C5F\u0C64\u0C65\u0C70-\u0C77\u0C80\u0C81\u0C84\u0C8D\u0C91\u0CA9\u0CB4\u0CBA\u0CBB\u0CC5\u0CC9\u0CCE-\u0CD4\u0CD7-\u0CDD\u0CDF\u0CE4\u0CE5\u0CF0\u0CF3-\u0D01\u0D04\u0D0D\u0D11\u0D3B\u0D3C\u0D45\u0D49\u0D4F-\u0D56\u0D58-\u0D5F\u0D64\u0D65\u0D76-\u0D78\u0D80\u0D81\u0D84\u0D97-\u0D99\u0DB2\u0DBC\u0DBE\u0DBF\u0DC7-\u0DC9\u0DCB-\u0DCE\u0DD5\u0DD7\u0DE0-\u0DF1\u0DF5-\u0E00\u0E3B-\u0E3E\u0E5C-\u0E80\u0E83\u0E85\u0E86\u0E89\u0E8B\u0E8C\u0E8E-\u0E93\u0E98\u0EA0\u0EA4\u0EA6\u0EA8\u0EA9\u0EAC\u0EBA\u0EBE\u0EBF\u0EC5\u0EC7\u0ECE\u0ECF\u0EDA\u0EDB\u0EE0-\u0EFF\u0F48\u0F6D-\u0F70\u0F98\u0FBD\u0FCD\u0FDB-\u0FFF\u10C6\u10C8-\u10CC\u10CE\u10CF\u1249\u124E\u124F\u1257\u1259\u125E\u125F\u1289\u128E\u128F\u12B1\u12B6\u12B7\u12BF\u12C1\u12C6\u12C7\u12D7\u1311\u1316\u1317\u135B\u135C\u137D-\u137F\u139A-\u139F\u13F5-\u13FF\u169D-\u169F\u16F1-\u16FF\u170D\u1715-\u171F\u1737-\u173F\u1754-\u175F\u176D\u1771\u1774-\u177F\u17DE\u17DF\u17EA-\u17EF\u17FA-\u17FF\u180F\u181A-\u181F\u1878-\u187F\u18AB-\u18AF\u18F6-\u18FF\u191D-\u191F\u192C-\u192F\u193C-\u193F\u1941-\u1943\u196E\u196F\u1975-\u197F\u19AC-\u19AF\u19CA-\u19CF\u19DB-\u19DD\u1A1C\u1A1D\u1A5F\u1A7D\u1A7E\u1A8A-\u1A8F\u1A9A-\u1A9F\u1AAE-\u1AFF\u1B4C-\u1B4F\u1B7D-\u1B7F\u1BF4-\u1BFB\u1C38-\u1C3A\u1C4A-\u1C4C\u1C80-\u1CBF\u1CC8-\u1CCF\u1CF7-\u1CFF\u1DE7-\u1DFB\u1F16\u1F17\u1F1E\u1F1F\u1F46\u1F47\u1F4E\u1F4F\u1F58\u1F5A\u1F5C\u1F5E\u1F7E\u1F7F\u1FB5\u1FC5\u1FD4\u1FD5\u1FDC\u1FF0\u1FF1\u1FF5\u1FFF\u200B-\u200F\u202A-\u202E\u2060-\u206F\u2072\u2073\u208F\u209D-\u209F\u20BB-\u20CF\u20F1-\u20FF\u218A-\u218F\u23F4-\u23FF\u2427-\u243F\u244B-\u245F\u2700\u2B4D-\u2B4F\u2B5A-\u2BFF\u2C2F\u2C5F\u2CF4-\u2CF8\u2D26\u2D28-\u2D2C\u2D2E\u2D2F\u2D68-\u2D6E\u2D71-\u2D7E\u2D97-\u2D9F\u2DA7\u2DAF\u2DB7\u2DBF\u2DC7\u2DCF\u2DD7\u2DDF\u2E3C-\u2E7F\u2E9A\u2EF4-\u2EFF\u2FD6-\u2FEF\u2FFC-\u2FFF\u3040\u3097\u3098\u3100-\u3104\u312E-\u3130\u318F\u31BB-\u31BF\u31E4-\u31EF\u321F\u32FF\u4DB6-\u4DBF\u9FCD-\u9FFF\uA48D-\uA48F\uA4C7-\uA4CF\uA62C-\uA63F\uA698-\uA69E\uA6F8-\uA6FF\uA78F\uA794-\uA79F\uA7AB-\uA7F7\uA82C-\uA82F\uA83A-\uA83F\uA878-\uA87F\uA8C5-\uA8CD\uA8DA-\uA8DF\uA8FC-\uA8FF\uA954-\uA95E\uA97D-\uA97F\uA9CE\uA9DA-\uA9DD\uA9E0-\uA9FF\uAA37-\uAA3F\uAA4E\uAA4F\uAA5A\uAA5B\uAA7C-\uAA7F\uAAC3-\uAADA\uAAF7-\uAB00\uAB07\uAB08\uAB0F\uAB10\uAB17-\uAB1F\uAB27\uAB2F-\uABBF\uABEE\uABEF\uABFA-\uABFF\uD7A4-\uD7AF\uD7C7-\uD7CA\uD7FC-\uD7FF\uE000-\uF8FF\uFA6E\uFA6F\uFADA-\uFAFF\uFB07-\uFB12\uFB18-\uFB1C\uFB37\uFB3D\uFB3F\uFB42\uFB45\uFBC2-\uFBD2\uFD40-\uFD4F\uFD90\uFD91\uFDC8-\uFDEF\uFDFE\uFDFF\uFE1A-\uFE1F\uFE27-\uFE2F\uFE53\uFE67\uFE6C-\uFE6F\uFE75\uFEFD-\uFF00\uFFBF-\uFFC1\uFFC8\uFFC9\uFFD0\uFFD1\uFFD8\uFFD9\uFFDD-\uFFDF\uFFE7\uFFEF-\uFFFB\uFFFE\uFFFF]/g;
-        const wsRe = /[\x09-\x10\x0D\u2028\u2029]/g;
+        const wsRe = /[\x09-\x10\u2028\u2029]/g;
 
         str = str.replace(re, ".");
         if (!preserveWs) str = str.replace(wsRe, ".");
@@ -187,6 +190,21 @@ class Utils {
     }
 
 
+    /**
+     * Returns a string with whitespace represented as special characters from the
+     * Unicode Private Use Area, which CyberChef will display as control characters.
+     * Private Use Area characters are in the range U+E000..U+F8FF.
+     * https://en.wikipedia.org/wiki/Private_Use_Areas
+     * @param {string} str
+     * @returns {string}
+     */
+    static escapeWhitespace(str) {
+        return str.replace(/[\x09-\x10]/g, function(c) {
+            return String.fromCharCode(0xe000 + c.charCodeAt(0));
+        });
+    }
+
+
     /**
      * Parse a string entered by a user and replace escaped chars with the bytes they represent.
      *
@@ -201,7 +219,7 @@ class Utils {
      * Utils.parseEscapedChars("\\n");
      */
     static parseEscapedChars(str) {
-        return str.replace(/\\([bfnrtv'"]|[0-3][0-7]{2}|[0-7]{1,2}|x[\da-fA-F]{2}|u[\da-fA-F]{4}|u\{[\da-fA-F]{1,6}\}|\\)/g, function(m, a) {
+        return str.replace(/\\([abfnrtv'"]|[0-3][0-7]{2}|[0-7]{1,2}|x[\da-fA-F]{2}|u[\da-fA-F]{4}|u\{[\da-fA-F]{1,6}\}|\\)/g, function(m, a) {
             switch (a[0]) {
                 case "\\":
                     return "\\";
@@ -214,6 +232,8 @@ class Utils {
                 case "6":
                 case "7":
                     return String.fromCharCode(parseInt(a, 8));
+                case "a":
+                    return String.fromCharCode(7);
                 case "b":
                     return "\b";
                 case "t":
@@ -375,6 +395,70 @@ class Utils {
     }
 
 
+    /**
+     * Converts a byte array to an integer.
+     *
+     * @param {byteArray} byteArray
+     * @param {string} byteorder - "little" or "big"
+     * @returns {integer}
+     *
+     * @example
+     * // returns 67305985
+     * Utils.byteArrayToInt([1, 2, 3, 4], "little");
+     *
+     * // returns 16909060
+     * Utils.byteArrayToInt([1, 2, 3, 4], "big");
+     */
+    static byteArrayToInt(byteArray, byteorder) {
+        let value = 0;
+        if (byteorder === "big") {
+            for (let i = 0; i < byteArray.length; i++) {
+                value = (value * 256) + byteArray[i];
+            }
+        } else {
+            for (let i = byteArray.length - 1; i >= 0; i--) {
+                value = (value * 256) + byteArray[i];
+            }
+        }
+        return value;
+    }
+
+
+    /**
+     * Converts an integer to a byte array of {length} bytes.
+     *
+     * @param {integer} value
+     * @param {integer} length
+     * @param {string} byteorder - "little" or "big"
+     * @returns {byteArray}
+     *
+     * @example
+     * // returns [5, 255, 109, 1]
+     * Utils.intToByteArray(23985925, 4, "little");
+     *
+     * // returns [1, 109, 255, 5]
+     * Utils.intToByteArray(23985925, 4, "big");
+     *
+     * // returns [0, 0, 0, 0, 1, 109, 255, 5]
+     * Utils.intToByteArray(23985925, 8, "big");
+     */
+    static intToByteArray(value, length, byteorder) {
+        const arr = new Array(length);
+        if (byteorder === "little") {
+            for (let i = 0; i < length; i++) {
+                arr[i] = value & 0xFF;
+                value = value >>> 8;
+            }
+        } else {
+            for (let i = length - 1; i >= 0; i--) {
+                arr[i] = value & 0xFF;
+                value = value >>> 8;
+            }
+        }
+        return arr;
+    }
+
+
     /**
      * Converts a string to an ArrayBuffer.
      * Treats the string as UTF-8 if any values are over 255.
@@ -390,6 +474,9 @@ class Utils {
      * Utils.strToArrayBuffer("你好");
      */
     static strToArrayBuffer(str) {
+        log.debug(`Converting string[${str?.length}] to array buffer`);
+        if (!str) return new ArrayBuffer;
+
         const arr = new Uint8Array(str.length);
         let i = str.length, b;
         while (i--) {
@@ -416,17 +503,20 @@ class Utils {
      * Utils.strToUtf8ArrayBuffer("你好");
      */
     static strToUtf8ArrayBuffer(str) {
-        const utf8Str = utf8.encode(str);
+        log.debug(`Converting string[${str?.length}] to UTF8 array buffer`);
+        if (!str) return new ArrayBuffer;
 
-        if (str.length !== utf8Str.length) {
-            if (isWorkerEnvironment()) {
+        const buffer = new TextEncoder("utf-8").encode(str);
+
+        if (str.length !== buffer.length) {
+            if (isWorkerEnvironment() && self && typeof self.setOption === "function") {
                 self.setOption("attemptHighlight", false);
             } else if (isWebEnvironment()) {
                 window.app.options.attemptHighlight = false;
             }
         }
 
-        return Utils.strToArrayBuffer(utf8Str);
+        return buffer.buffer;
     }
 
 
@@ -445,6 +535,8 @@ class Utils {
      * Utils.strToByteArray("你好");
      */
     static strToByteArray(str) {
+        log.debug(`Converting string[${str?.length}] to byte array`);
+        if (!str) return [];
         const byteArray = new Array(str.length);
         let i = str.length, b;
         while (i--) {
@@ -471,6 +563,8 @@ class Utils {
      * Utils.strToUtf8ByteArray("你好");
      */
     static strToUtf8ByteArray(str) {
+        log.debug(`Converting string[${str?.length}] to UTF8 byte array`);
+        if (!str) return [];
         const utf8Str = utf8.encode(str);
 
         if (str.length !== utf8Str.length) {
@@ -499,6 +593,8 @@ class Utils {
      * Utils.strToCharcode("你好");
      */
     static strToCharcode(str) {
+        log.debug(`Converting string[${str?.length}] to charcode`);
+        if (!str) return [];
         const charcode = [];
 
         for (let i = 0; i < str.length; i++) {
@@ -533,20 +629,26 @@ class Utils {
      * Utils.byteArrayToUtf8([228,189,160,229,165,189]);
      */
     static byteArrayToUtf8(byteArray) {
-        const str = Utils.byteArrayToChars(byteArray);
+        log.debug(`Converting byte array[${byteArray?.length}] to UTF8`);
+        if (!byteArray || !byteArray.length) return "";
+        if (!(byteArray instanceof Uint8Array))
+            byteArray = new Uint8Array(byteArray);
+
         try {
-            const utf8Str = utf8.decode(str);
-            if (str.length !== utf8Str.length) {
+            const str = new TextDecoder("utf-8", {fatal: true}).decode(byteArray);
+
+            if (str.length !== byteArray.length) {
                 if (isWorkerEnvironment()) {
                     self.setOption("attemptHighlight", false);
                 } else if (isWebEnvironment()) {
                     window.app.options.attemptHighlight = false;
                 }
             }
-            return utf8Str;
+
+            return str;
         } catch (err) {
             // If it fails, treat it as ANSI
-            return str;
+            return Utils.byteArrayToChars(byteArray);
         }
     }
 
@@ -565,11 +667,13 @@ class Utils {
      * Utils.byteArrayToChars([20320,22909]);
      */
     static byteArrayToChars(byteArray) {
-        if (!byteArray) return "";
+        log.debug(`Converting byte array[${byteArray?.length}] to chars`);
+        if (!byteArray || !byteArray.length) return "";
         let str = "";
-        // String concatenation appears to be faster than an array join
-        for (let i = 0; i < byteArray.length;) {
-            str += String.fromCharCode(byteArray[i++]);
+        // Maxiumum arg length for fromCharCode is 65535, but the stack may already be fairly deep,
+        // so don't get too near it.
+        for (let i = 0; i < byteArray.length; i += 20000) {
+            str += String.fromCharCode(...(byteArray.slice(i, i+20000)));
         }
         return str;
     }
@@ -587,6 +691,8 @@ class Utils {
      * Utils.arrayBufferToStr(Uint8Array.from([104,101,108,108,111]).buffer);
      */
     static arrayBufferToStr(arrayBuffer, utf8=true) {
+        log.debug(`Converting array buffer[${arrayBuffer?.byteLength}] to str`);
+        if (!arrayBuffer || !arrayBuffer.byteLength) return "";
         const arr = new Uint8Array(arrayBuffer);
         return utf8 ? Utils.byteArrayToUtf8(arr) : Utils.byteArrayToChars(arr);
     }
@@ -704,10 +810,24 @@ class Utils {
      * Utils.stripHtmlTags("<div>Test</div>");
      */
     static stripHtmlTags(htmlStr, removeScriptAndStyle=false) {
-        if (removeScriptAndStyle) {
-            htmlStr = htmlStr.replace(/<(script|style)[^>]*>.*<\/(script|style)>/gmi, "");
+        /**
+         * Recursively remove a pattern from a string until there are no more matches.
+         * Avoids incomplete sanitization e.g. "aabcbc".replace(/abc/g, "") === "abc"
+         *
+         * @param {RegExp} pattern
+         * @param {string} str
+         * @returns {string}
+         */
+        function recursiveRemove(pattern, str) {
+            const newStr = str.replace(pattern, "");
+            return newStr.length === str.length ? newStr : recursiveRemove(pattern, newStr);
         }
-        return htmlStr.replace(/<[^>]+>/g, "");
+
+        if (removeScriptAndStyle) {
+            htmlStr = recursiveRemove(/<script[^>]*>(\s|\S)*?<\/script[^>]*>/gi, htmlStr);
+            htmlStr = recursiveRemove(/<style[^>]*>(\s|\S)*?<\/style[^>]*>/gi, htmlStr);
+        }
+        return recursiveRemove(/<[^>]+>/g, htmlStr);
     }
 
 
@@ -715,6 +835,11 @@ class Utils {
      * Escapes HTML tags in a string to stop them being rendered.
      * https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
      *
+     * Null bytes are a special case and are converted to a character from the Unicode
+     * Private Use Area, which CyberChef will display as a control character picture.
+     * This is done due to null bytes not being rendered or stored correctly in HTML
+     * DOM building.
+     *
      * @param {string} str
      * @returns string
      *
@@ -729,13 +854,13 @@ class Utils {
             ">": "&gt;",
             '"': "&quot;",
             "'": "&#x27;", // &apos; not recommended because it's not in the HTML spec
-            "/": "&#x2F;", // forward slash is included as it helps end an HTML entity
-            "`": "&#x60;"
+            "`": "&#x60;",
+            "\u0000": "\ue000"
         };
 
-        return str.replace(/[&<>"'/`]/g, function (match) {
+        return str ? str.replace(/[&<>"'`\u0000]/g, function (match) {
             return HTML_CHARS[match];
-        });
+        }) : str;
     }
 
 
@@ -757,15 +882,33 @@ class Utils {
             "&quot;": '"',
             "&#x27;": "'",
             "&#x2F;": "/",
-            "&#x60;": "`"
+            "&#x60;": "`",
+            "\ue000": "\u0000"
         };
 
-        return str.replace(/&#?x?[a-z0-9]{2,4};/ig, function (match) {
+        return str.replace(/(&#?x?[a-z0-9]{2,4};|\ue000)/ig, function (match) {
             return HTML_CHARS[match] || match;
         });
     }
 
 
+    /**
+     * Converts a string to it's title case equivalent.
+     *
+     * @param {string} str
+     * @returns string
+     *
+     * @example
+     * // return "A Tiny String"
+     * Utils.toTitleCase("a tIny String");
+     */
+    static toTitleCase(str) {
+        return str.replace(/\w\S*/g, function(txt) {
+            return txt.charAt(0).toUpperCase() + txt.substr(1).toLowerCase();
+        });
+    }
+
+
     /**
      * Encodes a URI fragment (#) or query (?) using a minimal amount of percent-encoding.
      *
@@ -878,7 +1021,7 @@ class Utils {
 
         while ((m = recipeRegex.exec(recipe))) {
             // Translate strings in args back to double-quotes
-            args = m[2]
+            args = m[2] // lgtm [js/incomplete-sanitization]
                 .replace(/"/g, '\\"') // Escape double quotes
                 .replace(/(^|,|{|:)'/g, '$1"') // Replace opening ' with "
                 .replace(/([^\\]|(?:\\\\)+)'(,|:|}|$)/g, '$1"$2') // Replace closing ' with "
@@ -1182,12 +1325,37 @@ class Utils {
             "CRLF":          /\r\n/g,
             "Forward slash": /\//g,
             "Backslash":     /\\/g,
+            "0x with comma": /,?0x/g,
             "0x":            /0x/g,
             "\\x":           /\\x/g,
             "None":          /\s+/g // Included here to remove whitespace when there shouldn't be any
         }[token];
     }
 
+    /**
+     * Iterate object in chunks of given size.
+     *
+     * @param {Iterable} iterable
+     * @param {number} chunksize
+     */
+    static* chunked(iterable, chunksize) {
+        const iterator = iterable[Symbol.iterator]();
+        while (true) {
+            const res = [];
+            for (let i = 0; i < chunksize; i++) {
+                const next = iterator.next();
+                if (next.done) {
+                    break;
+                }
+                res.push(next.value);
+            }
+            if (res.length) {
+                yield res;
+            } else {
+                return;
+            }
+        }
+    }
 }
 
 /**
@@ -1335,7 +1503,7 @@ export function sendStatusMessage(msg) {
         self.sendStatusMessage(msg);
     else if (isWebEnvironment())
         app.alert(msg, 10000);
-    else if (isNodeEnvironment())
+    else if (isNodeEnvironment() && !global.TESTING)
         // eslint-disable-next-line no-console
         console.debug(msg);
 }

src/core/config/Categories.json

@@ -18,15 +18,17 @@
             "From Binary",
             "To Octal",
             "From Octal",
-            "To Base64",
-            "From Base64",
-            "Show Base64 offsets",
             "To Base32",
             "From Base32",
+            "To Base45",
+            "From Base45",
             "To Base58",
             "From Base58",
             "To Base62",
             "From Base62",
+            "To Base64",
+            "From Base64",
+            "Show Base64 offsets",
             "To Base85",
             "From Base85",
             "To Base",
@@ -44,6 +46,8 @@
             "From Quoted Printable",
             "To Punycode",
             "From Punycode",
+            "AMF Encode",
+            "AMF Decode",
             "To Hex Content",
             "From Hex Content",
             "PEM to Hex",
@@ -61,7 +65,9 @@
             "Parse TLV",
             "CSV to JSON",
             "JSON to CSV",
-            "Avro to JSON"
+            "Avro to JSON",
+            "CBOR Encode",
+            "CBOR Decode"
         ]
     },
     {
@@ -75,12 +81,27 @@
             "DES Decrypt",
             "Triple DES Encrypt",
             "Triple DES Decrypt",
+            "LS47 Encrypt",
+            "LS47 Decrypt",
             "RC2 Encrypt",
             "RC2 Decrypt",
             "RC4",
             "RC4 Drop",
+            "ChaCha",
+            "Rabbit",
+            "SM4 Encrypt",
+            "SM4 Decrypt",
+            "GOST Encrypt",
+            "GOST Decrypt",
+            "GOST Sign",
+            "GOST Verify",
+            "GOST Key Wrap",
+            "GOST Key Unwrap",
             "ROT13",
+            "ROT13 Brute Force",
             "ROT47",
+            "ROT47 Brute Force",
+            "ROT8000",
             "XOR",
             "XOR Brute Force",
             "Vigenère Encode",
@@ -91,6 +112,7 @@
             "Bacon Cipher Decode",
             "Bifid Cipher Encode",
             "Bifid Cipher Decode",
+            "Caesar Box Cipher",
             "Affine Cipher Encode",
             "Affine Cipher Decode",
             "A1Z26 Cipher Encode",
@@ -100,9 +122,12 @@
             "Atbash Cipher",
             "CipherSaber2 Encrypt",
             "CipherSaber2 Decrypt",
+            "Cetacean Cipher Encode",
+            "Cetacean Cipher Decode",
             "Substitute",
             "Derive PBKDF2 key",
             "Derive EVP key",
+            "Derive HKDF key",
             "Bcrypt",
             "Scrypt",
             "JWT Sign",
@@ -110,13 +135,16 @@
             "JWT Decode",
             "Citrix CTX1 Encode",
             "Citrix CTX1 Decode",
+            "AES Key Wrap",
+            "AES Key Unwrap",
             "Pseudo-Random Number Generator",
             "Enigma",
             "Bombe",
             "Multiple Bombe",
             "Typex",
             "Lorenz",
-            "Colossus"
+            "Colossus",
+            "SIGABA"
         ]
     },
     {
@@ -134,6 +162,11 @@
             "PGP Verify",
             "PGP Encrypt and Sign",
             "PGP Decrypt and Verify",
+            "Generate RSA Key Pair",
+            "RSA Sign",
+            "RSA Verify",
+            "RSA Encrypt",
+            "RSA Decrypt",
             "Parse SSH Host Key"
         ]
     },
@@ -164,7 +197,8 @@
             "Bit shift right",
             "Rotate left",
             "Rotate right",
-            "ROT13"
+            "ROT13",
+            "ROT8000"
         ]
     },
     {
@@ -178,14 +212,20 @@
             "Parse IP range",
             "Parse IPv6 address",
             "Parse IPv4 header",
+            "Parse TCP",
             "Parse UDP",
             "Parse SSH Host Key",
             "Parse URI",
             "URL Encode",
             "URL Decode",
             "Protobuf Decode",
+            "Protobuf Encode",
             "VarInt Encode",
             "VarInt Decode",
+            "JA3 Fingerprint",
+            "JA3S Fingerprint",
+            "HASSH Client Fingerprint",
+            "HASSH Server Fingerprint",
             "Format MAC addresses",
             "Change IP format",
             "Group IP addresses",
@@ -200,8 +240,10 @@
         "ops": [
             "Encode text",
             "Decode text",
+            "Unicode Text Format",
             "Remove Diacritics",
-            "Unescape Unicode Characters"
+            "Unescape Unicode Characters",
+            "Convert to NATO alphabet"
         ]
     },
     {
@@ -212,13 +254,16 @@
             "Remove null bytes",
             "To Upper case",
             "To Lower case",
+            "Swap case",
             "To Case Insensitive Regex",
             "From Case Insensitive Regex",
             "Add line numbers",
             "Remove line numbers",
+            "Get All Casings",
             "To Table",
             "Reverse",
             "Sort",
+            "Shuffle",
             "Unique",
             "Split",
             "Filter",
@@ -231,8 +276,10 @@
             "Pad lines",
             "Find / Replace",
             "Regular expression",
+            "Fuzzy Match",
             "Offset checker",
             "Hamming Distance",
+            "Levenshtein Distance",
             "Convert distance",
             "Convert area",
             "Convert mass",
@@ -241,6 +288,7 @@
             "Convert co-ordinate format",
             "Show on map",
             "Parse UNIX file permissions",
+            "Parse ObjectID timestamp",
             "Swap endianness",
             "Parse colour code",
             "Escape string",
@@ -259,6 +307,7 @@
             "Windows Filetime to UNIX Timestamp",
             "UNIX Timestamp to Windows Filetime",
             "Extract dates",
+            "Get Time",
             "Sleep"
         ]
     },
@@ -278,6 +327,7 @@
             "JPath expression",
             "CSS selector",
             "Extract EXIF",
+            "Extract ID3",
             "Extract Files"
         ]
     },
@@ -295,7 +345,14 @@
             "Bzip2 Decompress",
             "Bzip2 Compress",
             "Tar",
-            "Untar"
+            "Untar",
+            "LZString Decompress",
+            "LZString Compress",
+            "LZMA Decompress",
+            "LZMA Compress",
+            "LZ4 Decompress",
+            "LZ4 Compress",
+            "LZNT1 Decompress"
         ]
     },
     {
@@ -311,6 +368,7 @@
             "SHA1",
             "SHA2",
             "SHA3",
+            "SM3",
             "Keccak",
             "Shake",
             "RIPEMD",
@@ -319,17 +377,22 @@
             "Snefru",
             "BLAKE2b",
             "BLAKE2s",
-            "GOST hash",
+            "GOST Hash",
             "Streebog",
             "SSDEEP",
             "CTPH",
             "Compare SSDEEP hashes",
             "Compare CTPH hashes",
             "HMAC",
+            "CMAC",
             "Bcrypt",
             "Bcrypt compare",
             "Bcrypt parse",
+            "Argon2",
+            "Argon2 compare",
             "Scrypt",
+            "NT Hash",
+            "LM Hash",
             "Fletcher-8 Checksum",
             "Fletcher-16 Checksum",
             "Fletcher-32 Checksum",
@@ -387,7 +450,8 @@
             "Extract RGBA",
             "View Bit Plane",
             "Randomize Colour Palette",
-            "Extract LSB"
+            "Extract LSB",
+            "ELF Info"
         ]
     },
     {
@@ -395,6 +459,7 @@
         "ops": [
             "Render Image",
             "Play Media",
+            "Generate Image",
             "Optical Character Recognition",
             "Remove EXIF",
             "Extract EXIF",
@@ -429,8 +494,10 @@
             "Frequency distribution",
             "Index of Coincidence",
             "Chi Square",
+            "P-list Viewer",
             "Disassemble x86",
             "Pseudo-Random Number Generator",
+            "Generate De Bruijn Sequence",
             "Generate UUID",
             "Generate TOTP",
             "Generate HOTP",

src/core/config/scripts/generateConfig.mjs

@@ -42,13 +42,10 @@ for (const opObj in Ops) {
         outputType:  op.presentType,
         flowControl: op.flowControl,
         manualBake:  op.manualBake,
-        args:        op.args
+        args:        op.args,
+        checks:      op.checks
     };
 
-    if ("patterns" in op) {
-        operationConfig[op.name].patterns = op.patterns;
-    }
-
     if (!(op.module in modules))
         modules[op.module] = {};
     modules[op.module][op.name] = opObj;

src/core/config/scripts/newMinorVersion.mjs

@@ -0,0 +1,144 @@
+/**
+ * This script updates the CHANGELOG when a new minor version is created.
+ *
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+/* eslint no-console: ["off"] */
+
+import prompt from "prompt";
+import colors from "colors";
+import path from "path";
+import fs  from "fs";
+import process from "process";
+
+const dir = path.join(process.cwd() + "/src/core/config/");
+if (!fs.existsSync(dir)) {
+    console.log("\nCWD: " + process.cwd());
+    console.log("Error: newMinorVersion.mjs should be run from the project root");
+    console.log("Example> node --experimental-modules src/core/config/scripts/newMinorVersion.mjs");
+    process.exit(1);
+}
+
+let changelogData = fs.readFileSync(path.join(process.cwd(), "CHANGELOG.md"), "utf8");
+const lastVersion = changelogData.match(/## Details\s+### \[(\d+)\.(\d+)\.(\d+)\]/);
+const newVersion = [
+    parseInt(lastVersion[1], 10),
+    parseInt(lastVersion[2], 10) + 1,
+    0
+];
+
+let knownContributors = changelogData.match(/^\[@([^\]]+)\]/gm);
+knownContributors = knownContributors.map(c => c.slice(2, -1));
+
+const date = (new Date()).toISOString().split("T")[0];
+
+const schema = {
+    properties: {
+        message: {
+            description: "A short but descriptive summary of a feature in this version",
+            example: "Added 'Op name' operation",
+            prompt: "Feature description",
+            type: "string",
+            required: true,
+        },
+        author: {
+            description: "The author of the feature (only one supported, edit manually to add more)",
+            example: "n1474335",
+            prompt: "Author",
+            type: "string",
+            default: "n1474335"
+        },
+        id: {
+            description: "The PR number or full commit hash for this feature.",
+            example: "1200",
+            prompt: "Pull request or commit ID",
+            type: "string"
+        },
+        another: {
+            description: "y/n",
+            example: "y",
+            prompt: "Add another feature?",
+            type: "string",
+            pattern: /^[yn]$/,
+        }
+    }
+};
+
+// Build schema
+for (const prop in schema.properties) {
+    const p = schema.properties[prop];
+    p.description = "\n" + colors.white(p.description) + colors.cyan("\nExample: " + p.example) + "\n" + colors.green(p.prompt);
+}
+
+prompt.message = "";
+prompt.delimiter = ":".green;
+
+const features = [];
+const authors = [];
+const prIDs = [];
+const commitIDs = [];
+
+prompt.start();
+
+const getFeature = function() {
+    prompt.get(schema, (err, result) => {
+        if (err) {
+            console.log("\nExiting script.");
+            process.exit(0);
+        }
+
+        features.push(result);
+
+        if (result.another === "y") {
+            getFeature();
+        } else {
+            let message = `### [${newVersion[0]}.${newVersion[1]}.${newVersion[2]}] - ${date}\n`;
+
+            features.forEach(feature => {
+                const id = feature.id.length > 10 ? feature.id.slice(0, 7) : "#" + feature.id;
+                message += `- ${feature.message} [@${feature.author}] | [${id}]\n`;
+
+                if (!knownContributors.includes(feature.author)) {
+                    authors.push(`[@${feature.author}]: https://github.com/${feature.author}`);
+                }
+
+                if (feature.id.length > 10) {
+                    commitIDs.push(`[${id}]: https://github.com/gchq/CyberChef/commit/${feature.id}`);
+                } else {
+                    prIDs.push(`[#${feature.id}]: https://github.com/gchq/CyberChef/pull/${feature.id}`);
+                }
+            });
+
+            // Message
+            changelogData = changelogData.replace(/## Details\n\n/, "## Details\n\n" + message + "\n");
+
+            // Tag
+            const newTag = `[${newVersion[0]}.${newVersion[1]}.${newVersion[2]}]: https://github.com/gchq/CyberChef/releases/tag/v${newVersion[0]}.${newVersion[1]}.${newVersion[2]}\n`;
+            changelogData = changelogData.replace(/\n\n(\[\d+\.\d+\.\d+\]: https)/, "\n\n" + newTag + "$1");
+
+            // Author
+            authors.forEach(author => {
+                changelogData = changelogData.replace(/(\n\[@[^\]]+\]: https:\/\/github\.com\/[^\n]+\n)\n/, "$1" + author + "\n\n");
+            });
+
+            // Commit IDs
+            commitIDs.forEach(commitID => {
+                changelogData = changelogData.replace(/(\n\[[^\].]+\]: https:\/\/github.com\/gchq\/CyberChef\/commit\/[^\n]+\n)\n/, "$1" + commitID + "\n\n");
+            });
+
+            // PR IDs
+            prIDs.forEach(prID => {
+                changelogData = changelogData.replace(/(\n\[#[^\]]+\]: https:\/\/github.com\/gchq\/CyberChef\/pull\/[^\n]+\n)\n*$/, "$1" + prID + "\n\n");
+            });
+
+            fs.writeFileSync(path.join(process.cwd(), "CHANGELOG.md"), changelogData);
+
+            console.log("Written CHANGELOG.md\nCommit changes and then run `npm version minor`.");
+        }
+    });
+};
+
+getFeature();

src/core/config/scripts/newOperation.mjs

@@ -121,7 +121,7 @@ prompt.get(schema, (err, result) => {
 
     const moduleName = result.opName.replace(/\w\S*/g, txt => {
         return txt.charAt(0).toUpperCase() + txt.substr(1);
-    }).replace(/[\s-()/./]/g, "");
+    }).replace(/[\s-()./]/g, "");
 
 
     const template = `/**

src/core/dishTypes/DishBigNumber.mjs

@@ -24,12 +24,11 @@ class DishBigNumber extends DishType {
 
     /**
      * convert the given value from a ArrayBuffer
-     * @param {boolean} notUTF8
      */
-    static fromArrayBuffer(notUTF8) {
+    static fromArrayBuffer() {
         DishBigNumber.checkForValue(this.value);
         try {
-            this.value = new BigNumber(Utils.arrayBufferToStr(this.value, !notUTF8));
+            this.value = new BigNumber(Utils.arrayBufferToStr(this.value));
         } catch (err) {
             this.value = new BigNumber(NaN);
         }

src/core/dishTypes/DishJSON.mjs

@@ -17,16 +17,15 @@ class DishJSON extends DishType {
      */
     static toArrayBuffer() {
         DishJSON.checkForValue(this.value);
-        this.value = this.value ? Utils.strToArrayBuffer(JSON.stringify(this.value, null, 4)) : new ArrayBuffer;
+        this.value = this.value !== undefined ? Utils.strToArrayBuffer(JSON.stringify(this.value, null, 4)) : new ArrayBuffer;
     }
 
     /**
      * convert the given value from a ArrayBuffer
-     * @param {boolean} notUTF8
      */
-    static fromArrayBuffer(notUTF8) {
+    static fromArrayBuffer() {
         DishJSON.checkForValue(this.value);
-        this.value = JSON.parse(Utils.arrayBufferToStr(this.value, !notUTF8));
+        this.value = JSON.parse(Utils.arrayBufferToStr(this.value));
     }
 }
 

src/core/dishTypes/DishNumber.mjs

@@ -23,11 +23,10 @@ class DishNumber extends DishType {
 
     /**
      * convert the given value from a ArrayBuffer
-     * @param {boolean} notUTF8
      */
-    static fromArrayBuffer(notUTF8) {
+    static fromArrayBuffer() {
         DishNumber.checkForValue(this.value);
-        this.value = this.value ? parseFloat(Utils.arrayBufferToStr(this.value, !notUTF8)) : 0;
+        this.value = this.value ? parseFloat(Utils.arrayBufferToStr(this.value)) : 0;
     }
 }
 

src/core/dishTypes/DishString.mjs

@@ -23,11 +23,10 @@ class DishString extends DishType {
 
     /**
      * convert the given value from a ArrayBuffer
-     * @param {boolean} notUTF8
      */
-    static fromArrayBuffer(notUTF8) {
+    static fromArrayBuffer() {
         DishString.checkForValue(this.value);
-        this.value = this.value ? Utils.arrayBufferToStr(this.value, !notUTF8) : "";
+        this.value = this.value ? Utils.arrayBufferToStr(this.value) : "";
     }
 }
 

src/core/dishTypes/DishType.mjs

@@ -29,9 +29,8 @@ class DishType {
 
     /**
      * convert the given value from a ArrayBuffer
-     * @param {boolean} notUTF8
      */
-    static fromArrayBuffer(notUTF8=undefined) {
+    static fromArrayBuffer() {
         throw new Error("fromArrayBuffer has not been implemented");
     }
 }

src/core/errors/index.mjs

@@ -1,6 +1,6 @@
 import OperationError from "./OperationError.mjs";
 import DishError from "./DishError.mjs";
-import ExcludedOperationError from "./ExcludedOperationError";
+import ExcludedOperationError from "./ExcludedOperationError.mjs";
 
 export {
     OperationError,

src/core/lib/Base45.mjs

@@ -0,0 +1,27 @@
+/**
+ * Base45 resources.
+ *
+ * @author Thomas Weißschuh [thomas@t-8ch.de]
+ * @copyright Crown Copyright 2021
+ * @license Apache-2.0
+ */
+
+/**
+ * Highlight to Base45
+ */
+export function highlightToBase45(pos, args) {
+    pos[0].start = Math.floor(pos[0].start / 2) * 3;
+    pos[0].end = Math.ceil(pos[0].end / 2) * 3;
+    return pos;
+}
+
+/**
+ * Highlight from Base45
+ */
+export function highlightFromBase45(pos, args) {
+    pos[0].start = Math.floor(pos[0].start / 3) * 2;
+    pos[0].end = Math.ceil(pos[0].end / 3) * 2;
+    return pos;
+}
+
+export const ALPHABET = "0-9A-Z $%*+\\-./:";

src/core/lib/Base64.mjs

@@ -25,12 +25,12 @@ import OperationError from "../errors/OperationError.mjs";
  */
 export function toBase64(data, alphabet="A-Za-z0-9+/=") {
     if (!data) return "";
+    if (typeof data == "string") {
+        data = Utils.strToArrayBuffer(data);
+    }
     if (data instanceof ArrayBuffer) {
         data = new Uint8Array(data);
     }
-    if (typeof data == "string") {
-        data = Utils.strToByteArray(data);
-    }
 
     alphabet = Utils.expandAlphRange(alphabet).join("");
     if (alphabet.length !== 64 && alphabet.length !== 65) { // Allow for padding
@@ -82,15 +82,46 @@ export function toBase64(data, alphabet="A-Za-z0-9+/=") {
  * // returns [72, 101, 108, 108, 111]
  * fromBase64("SGVsbG8=", null, "byteArray");
  */
-export function fromBase64(data, alphabet="A-Za-z0-9+/=", returnType="string", removeNonAlphChars=true) {
+export function fromBase64(data, alphabet="A-Za-z0-9+/=", returnType="string", removeNonAlphChars=true, strictMode=false) {
     if (!data) {
         return returnType === "string" ? "" : [];
     }
 
     alphabet = alphabet || "A-Za-z0-9+/=";
     alphabet = Utils.expandAlphRange(alphabet).join("");
+
+    // Confirm alphabet is a valid length
     if (alphabet.length !== 64 && alphabet.length !== 65) { // Allow for padding
-        throw new OperationError(`Invalid Base64 alphabet length (${alphabet.length}): ${alphabet}`);
+        throw new OperationError(`Error: Base64 alphabet should be 64 characters long, or 65 with a padding character. Found ${alphabet.length}: ${alphabet}`);
+    }
+
+    // Remove non-alphabet characters
+    if (removeNonAlphChars) {
+        const re = new RegExp("[^" + alphabet.replace(/[[\]\\\-^$]/g, "\\$&") + "]", "g");
+        data = data.replace(re, "");
+    }
+
+    if (strictMode) {
+        // Check for incorrect lengths (even without padding)
+        if (data.length % 4 === 1) {
+            throw new OperationError(`Error: Invalid Base64 input length (${data.length}). Cannot be 4n+1, even without padding chars.`);
+        }
+
+        if (alphabet.length === 65) { // Padding character included
+            const pad = alphabet.charAt(64);
+            const padPos = data.indexOf(pad);
+            if (padPos >= 0) {
+                // Check that the padding character is only used at the end and maximum of twice
+                if (padPos < data.length - 2 || data.charAt(data.length - 1) !== pad) {
+                    throw new OperationError(`Error: Base64 padding character (${pad}) not used in the correct place.`);
+                }
+
+                // Check that input is padded to the correct length
+                if (data.length % 4 !== 0) {
+                    throw new OperationError("Error: Base64 not padded to a multiple of 4.");
+                }
+            }
+        }
     }
 
     const output = [];
@@ -98,31 +129,28 @@ export function fromBase64(data, alphabet="A-Za-z0-9+/=", returnType="string", r
         enc1, enc2, enc3, enc4,
         i = 0;
 
-    if (removeNonAlphChars) {
-        const re = new RegExp("[^" + alphabet.replace(/[[\]\\\-^$]/g, "\\$&") + "]", "g");
-        data = data.replace(re, "");
-    }
-
     while (i < data.length) {
-        enc1 = alphabet.indexOf(data.charAt(i++));
-        enc2 = alphabet.indexOf(data.charAt(i++) || "=");
-        enc3 = alphabet.indexOf(data.charAt(i++) || "=");
-        enc4 = alphabet.indexOf(data.charAt(i++) || "=");
+        // Including `|| null` forces empty strings to null so that indexOf returns -1 instead of 0
+        enc1 = alphabet.indexOf(data.charAt(i++) || null);
+        enc2 = alphabet.indexOf(data.charAt(i++) || null);
+        enc3 = alphabet.indexOf(data.charAt(i++) || null);
+        enc4 = alphabet.indexOf(data.charAt(i++) || null);
 
-        enc2 = enc2 === -1 ? 64 : enc2;
-        enc3 = enc3 === -1 ? 64 : enc3;
-        enc4 = enc4 === -1 ? 64 : enc4;
+        if (strictMode && (enc1 < 0 || enc2 < 0 || enc3 < 0 || enc4 < 0)) {
+            throw new OperationError("Error: Base64 input contains non-alphabet char(s)");
+        }
 
         chr1 = (enc1 << 2) | (enc2 >> 4);
         chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
         chr3 = ((enc3 & 3) << 6) | enc4;
 
-        output.push(chr1);
-
-        if (enc3 !== 64) {
+        if (chr1 >= 0 && chr1 < 256) {
+            output.push(chr1);
+        }
+        if (chr2 >= 0 && chr2 < 256 && enc3 !== 64) {
             output.push(chr2);
         }
-        if (enc4 !== 64) {
+        if (chr3 >= 0 && chr3 < 256 && enc4 !== 64) {
             output.push(chr3);
         }
     }
@@ -148,4 +176,8 @@ export const ALPHABET_OPTIONS = [
     {name: "BinHex: !-,-0-689@A-NP-VX-Z[`a-fh-mp-r", value: "!-,-0-689@A-NP-VX-Z[`a-fh-mp-r"},
     {name: "ROT13: N-ZA-Mn-za-m0-9+/=", value: "N-ZA-Mn-za-m0-9+/="},
     {name: "UNIX crypt: ./0-9A-Za-z", value: "./0-9A-Za-z"},
+    {name: "Atom128: /128GhIoPQROSTeUbADfgHijKLM+n0pFWXY456xyzB7=39VaqrstJklmNuZvwcdEC", value: "/128GhIoPQROSTeUbADfgHijKLM+n0pFWXY456xyzB7=39VaqrstJklmNuZvwcdEC"},
+    {name: "Megan35: 3GHIJKLMNOPQRSTUb=cdefghijklmnopWXYZ/12+406789VaqrstuvwxyzABCDEF5", value: "3GHIJKLMNOPQRSTUb=cdefghijklmnopWXYZ/12+406789VaqrstuvwxyzABCDEF5"},
+    {name: "Zong22: ZKj9n+yf0wDVX1s/5YbdxSo=ILaUpPBCHg8uvNO4klm6iJGhQ7eFrWczAMEq3RTt2", value: "ZKj9n+yf0wDVX1s/5YbdxSo=ILaUpPBCHg8uvNO4klm6iJGhQ7eFrWczAMEq3RTt2"},
+    {name: "Hazz15: HNO4klm6ij9n+J2hyf0gzA8uvwDEq3X1Q7ZKeFrWcVTts/MRGYbdxSo=ILaUpPBC5", value: "HNO4klm6ij9n+J2hyf0gzA8uvwDEq3X1Q7ZKeFrWcVTts/MRGYbdxSo=ILaUpPBC5"}
 ];

src/core/lib/Base85.mjs

@@ -1,3 +1,5 @@
+import Utils from "../Utils.mjs";
+
 /**
  * Base85 resources.
  *
@@ -32,13 +34,12 @@ export const ALPHABET_OPTIONS = [
  * @returns {string}
  */
 export function alphabetName(alphabet) {
-    alphabet = alphabet.replace("'", "'");
-    alphabet = alphabet.replace("\"", """);
-    alphabet = alphabet.replace("\\", "\");
+    alphabet = escape(alphabet);
     let name;
 
     ALPHABET_OPTIONS.forEach(function(a) {
-        if (escape(alphabet) === escape(a.value)) name = a.name;
+        const expanded = Utils.expandAlphRange(a.value).join("");
+        if (alphabet === escape(expanded)) name = a.name;
     });
 
     return name;

src/core/lib/Binary.mjs

@@ -7,38 +7,45 @@
  */
 
 import Utils from "../Utils.mjs";
+import OperationError from "../errors/OperationError.mjs";
 
 
 /**
  * Convert a byte array into a binary string.
  *
- * @param {Uint8Array|byteArray} data
+ * @param {Uint8Array|byteArray|number} data
  * @param {string} [delim="Space"]
  * @param {number} [padding=8]
  * @returns {string}
  *
  * @example
- * // returns "00010000 00100000 00110000"
+ * // returns "00001010 00010100 00011110"
  * toBinary([10,20,30]);
  *
- * // returns "00010000 00100000 00110000"
- * toBinary([10,20,30], ":");
+ * // returns "00001010:00010100:00011110"
+ * toBinary([10,20,30], "Colon");
+ *
+ * // returns "1010:10100:11110"
+ * toBinary([10,20,30], "Colon", 0);
  */
 export function toBinary(data, delim="Space", padding=8) {
-    if (!data) return "";
+    if (data === undefined || data === null)
+        throw new OperationError("Unable to convert to binary: Empty input data enocuntered");
 
     delim = Utils.charRep(delim);
     let output = "";
 
-    for (let i = 0; i < data.length; i++) {
-        output += data[i].toString(2).padStart(padding, "0") + delim;
-    }
-
-    if (delim.length) {
-        return output.slice(0, -delim.length);
+    if (data.length) { // array
+        for (let i = 0; i < data.length; i++) {
+            output += data[i].toString(2).padStart(padding, "0");
+            if (i !== data.length - 1) output += delim;
+        }
+    } else if (typeof data === "number") { // Single value
+        return data.toString(2).padStart(padding, "0");
     } else {
-        return output;
+        return "";
     }
+    return output;
 }
 
 
@@ -52,12 +59,15 @@ export function toBinary(data, delim="Space", padding=8) {
  *
  * @example
  * // returns [10,20,30]
- * fromBinary("00010000 00100000 00110000");
+ * fromBinary("00001010 00010100 00011110");
  *
  * // returns [10,20,30]
- * fromBinary("00010000:00100000:00110000", "Colon");
+ * fromBinary("00001010:00010100:00011110", "Colon");
  */
 export function fromBinary(data, delim="Space", byteLen=8) {
+    if (byteLen < 1 || Math.round(byteLen) !== byteLen)
+        throw new OperationError("Byte length must be a positive integer");
+
     const delimRegex = Utils.regexRep(delim);
     data = data.replace(delimRegex, "");
 

src/core/lib/BitwiseOp.mjs

@@ -34,10 +34,10 @@ export function bitOp (input, key, func, nullPreserving, scheme) {
             !(nullPreserving && (o === 0 || o === k))) {
             switch (scheme) {
                 case "Input differential":
-                    key[i % key.length] = x;
+                    key[i % key.length] = o;
                     break;
                 case "Output differential":
-                    key[i % key.length] = o;
+                    key[i % key.length] = x;
                     break;
             }
         }

src/core/lib/Blowfish.mjs

@@ -38,7 +38,7 @@
 
 const crypto = {};
 
-import forge from "node-forge/dist/forge.min.js";
+import forge from "node-forge";
 
 
 /* dojo-release-1.8.1/dojo/_base/lang.js.uncompressed.js */

src/core/lib/Charts.mjs

@@ -6,6 +6,7 @@
  */
 
 import OperationError from "../errors/OperationError.mjs";
+import Utils from "../Utils.mjs";
 
 /**
  * @constant
@@ -86,8 +87,8 @@ export function getScatterValues(input, recordDelimiter, fieldDelimiter, columnH
     }
 
     values = values.map(row => {
-        const x = parseFloat(row[0], 10),
-            y = parseFloat(row[1], 10);
+        const x = parseFloat(row[0]),
+            y = parseFloat(row[1]);
 
         if (Number.isNaN(x)) throw new OperationError("Values must be numbers in base 10.");
         if (Number.isNaN(y)) throw new OperationError("Values must be numbers in base 10.");
@@ -121,14 +122,14 @@ export function getScatterValuesWithColour(input, recordDelimiter, fieldDelimite
     }
 
     values = values.map(row => {
-        const x = parseFloat(row[0], 10),
-            y = parseFloat(row[1], 10),
+        const x = parseFloat(row[0]),
+            y = parseFloat(row[1]),
             colour = row[2];
 
         if (Number.isNaN(x)) throw new OperationError("Values must be numbers in base 10.");
         if (Number.isNaN(y)) throw new OperationError("Values must be numbers in base 10.");
 
-        return [x, y, colour];
+        return [x, y, Utils.escapeHtml(colour)];
     });
 
     return { headings, values };
@@ -157,7 +158,7 @@ export function getSeriesValues(input, recordDelimiter, fieldDelimiter, columnHe
     values.forEach(row => {
         const serie = row[0],
             xVal = row[1],
-            val = parseFloat(row[2], 10);
+            val = parseFloat(row[2]);
 
         if (Number.isNaN(val)) throw new OperationError("Values must be numbers in base 10.");
 

src/core/lib/ChrEnc.mjs

@@ -6,10 +6,12 @@
  * @license Apache-2.0
  */
 
+import cptable from "codepage";
+
 /**
  * Character encoding format mappings.
  */
-export const IO_FORMAT = {
+export const CHR_ENC_CODE_PAGES = {
     "UTF-8 (65001)": 65001,
     "UTF-7 (65000)": 65000,
     "UTF-16LE (1200)": 1200,
@@ -164,6 +166,57 @@ export const IO_FORMAT = {
     "Simplified Chinese GB18030 (54936)": 54936,
 };
 
+
+export const CHR_ENC_SIMPLE_LOOKUP = {};
+export const CHR_ENC_SIMPLE_REVERSE_LOOKUP = {};
+
+for (const name in CHR_ENC_CODE_PAGES) {
+    const simpleName = name.match(/(^.+)\([\d/]+\)$/)[1];
+
+    CHR_ENC_SIMPLE_LOOKUP[simpleName] = CHR_ENC_CODE_PAGES[name];
+    CHR_ENC_SIMPLE_REVERSE_LOOKUP[CHR_ENC_CODE_PAGES[name]] = simpleName;
+}
+
+
+/**
+ * Returns the width of the character set for the given codepage.
+ * For example, UTF-8 is a Single Byte Character Set, whereas
+ * UTF-16 is a Double Byte Character Set.
+ *
+ * @param {number} page - The codepage number
+ * @returns {number}
+ */
+export function chrEncWidth(page) {
+    if (typeof page !== "number") return 0;
+
+    // Raw Bytes have a width of 1
+    if (page === 0) return 1;
+
+    const pageStr = page.toString();
+    // Confirm this page is legitimate
+    if (!Object.prototype.hasOwnProperty.call(CHR_ENC_SIMPLE_REVERSE_LOOKUP, pageStr))
+        return 0;
+
+    // Statically defined code pages
+    if (Object.prototype.hasOwnProperty.call(cptable, pageStr))
+        return cptable[pageStr].dec.length > 256 ? 2 : 1;
+
+    // Cached code pages
+    if (cptable.utils.cache.sbcs.includes(pageStr))
+        return 1;
+    if (cptable.utils.cache.dbcs.includes(pageStr))
+        return 2;
+
+    // Dynamically generated code pages
+    if (Object.prototype.hasOwnProperty.call(cptable.utils.magic, pageStr)) {
+        // Generate a single character and measure it
+        const a = cptable.utils.encode(page, "a");
+        return a.length;
+    }
+
+    return 0;
+}
+
 /**
  * Unicode Normalisation Forms
  *

src/core/lib/Crypt.mjs

@@ -0,0 +1,9 @@
+/**
+ * Crypt resources.
+ *
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2021
+ * @license Apache-2.0
+ */
+
+export const cryptNotice = "WARNING: Cryptographic operations in CyberChef should not be relied upon to provide security in any situation. No guarantee is offered for their correctness. We advise you not to use keys generated from CyberChef in operational contexts.";

src/core/lib/Extract.mjs

@@ -12,15 +12,15 @@
  *
  * @param {string} input
  * @param {RegExp} searchRegex
- * @param {RegExp} removeRegex - A regular expression defining results to remove from the
+ * @param {RegExp} [removeRegex=null] - A regular expression defining results to remove from the
  *      final list
- * @param {boolean} includeTotal - Whether or not to include the total number of results
+ * @param {Function} [sortBy=null] - The sorting comparison function to apply
+ * @param {boolean} [unique=false] - Whether to unique the results
  * @returns {string}
  */
-export function search (input, searchRegex, removeRegex, includeTotal) {
-    let output = "",
-        total = 0,
-        match;
+export function search(input, searchRegex, removeRegex=null, sortBy=null, unique=false) {
+    let results = [];
+    let match;
 
     while ((match = searchRegex.exec(input))) {
         // Moves pointer when an empty string is matched (prevents infinite loop)
@@ -30,14 +30,19 @@ export function search (input, searchRegex, removeRegex, includeTotal) {
 
         if (removeRegex && removeRegex.test(match[0]))
             continue;
-        total++;
-        output += match[0] + "\n";
+
+        results.push(match[0]);
     }
 
-    if (includeTotal)
-        output = "Total found: " + total + "\n\n" + output;
+    if (sortBy) {
+        results = results.sort(sortBy);
+    }
 
-    return output;
+    if (unique) {
+        results = results.unique();
+    }
+
+    return results;
 }
 
 

src/core/lib/FileSignatures.mjs

@@ -70,7 +70,7 @@ export const FILE_SIGNATURES = {
                 10: 0x42,
                 11: 0x50
             },
-            extractor: null
+            extractor: extractWEBP
         },
         {
             name: "Camera Image File Format",
@@ -468,6 +468,34 @@ export const FILE_SIGNATURES = {
             ],
             extractor: null
         },
+        {
+            name: "Targa Image",
+            extension: "tga",
+            mime: "image/x-targa",
+            description: "",
+            signature: [
+                { // This signature is not at the beginning of the file. The extractor works backwards.
+                    0: 0x54,
+                    1: 0x52,
+                    2: 0x55,
+                    3: 0x45,
+                    4: 0x56,
+                    5: 0x49,
+                    6: 0x53,
+                    7: 0x49,
+                    8: 0x4f,
+                    9: 0x4e,
+                    10: 0x2d,
+                    11: 0x58,
+                    12: 0x46,
+                    13: 0x49,
+                    14: 0x4c,
+                    15: 0x45,
+                    16: 0x2e
+                }
+            ],
+            extractor: extractTARGA
+        }
     ],
     "Video": [
         { // Place before webm
@@ -780,7 +808,7 @@ export const FILE_SIGNATURES = {
                     1: 0xfb
                 }
             ],
-            extractor: null
+            extractor: extractMP3
         },
         {
             name: "MPEG-4 Part 14 audio",
@@ -1724,6 +1752,25 @@ export const FILE_SIGNATURES = {
             },
             extractor: null
         },
+        {
+            name: "Jar Archive",
+            extension: "jar",
+            mime: "application/java-archive",
+            description: "",
+            signature: {
+                0: 0x50,
+                1: 0x4B,
+                2: 0x03,
+                3: 0x04,
+                4: 0x14,
+                5: 0x00,
+                6: 0x08,
+                7: 0x00,
+                8: 0x08,
+                9: 0x00
+            },
+            extractor: extractZIP
+        },
         {
             name: "lzop compressed",
             extension: "lzop,lzo",
@@ -1742,7 +1789,7 @@ export const FILE_SIGNATURES = {
             extractor: extractLZOP
         },
         {
-            name: "Linux deb",
+            name: "Linux deb package",
             extension: "deb",
             mime: "application/vnd.debian.binary-package",
             description: "",
@@ -1755,7 +1802,7 @@ export const FILE_SIGNATURES = {
                 5: 0x68,
                 6: 0x3e
             },
-            extractor: null
+            extractor: extractDEB
         },
         {
             name: "Apple Disk Image",
@@ -2150,14 +2197,14 @@ export const FILE_SIGNATURES = {
             mime: "application/octet-stream",
             description: "",
             signature: {
-                0: 0x6b, // keych
+                0: 0x6b, // kych
                 1: 0x79,
                 2: 0x63,
                 3: 0x68,
                 4: 0x00,
                 5: 0x01
             },
-            extractor: null
+            extractor: extractMacOSXKeychain
         },
         {
             name: "TCP Packet",
@@ -2308,6 +2355,12 @@ export const FILE_SIGNATURES = {
                     1: 0x03,
                     2: 0xc6,
                     3: 0x04
+                },
+                {
+                    0: 0x95,
+                    1: 0x05,
+                    2: 0x86,
+                    3: 0x04
                 }
             ],
             extractor: null
@@ -2979,6 +3032,30 @@ export function extractPNG(bytes, offset) {
 }
 
 
+/**
+ * WEBP extractor.
+ *
+ * @param {Uint8Array} bytes
+ * @param {number} offset
+ * @returns {Uint8Array}
+ */
+export function extractWEBP(bytes, offset) {
+    const stream = new Stream(bytes.slice(offset));
+
+    // Move to file size offset.
+    stream.moveForwardsBy(4);
+
+    // Read file size field.
+    const fileSize = stream.readInt(4, "le");
+
+    // Move to end of file.
+    // There is no need to minus 8 from the size as the size factors in the offset.
+    stream.moveForwardsBy(fileSize);
+
+    return stream.carve();
+}
+
+
 /**
  * BMP extractor.
  *
@@ -3028,6 +3105,90 @@ export function extractICO(bytes, offset) {
 }
 
 
+/**
+ * TARGA extractor.
+ *
+ * @param {Uint8Array} bytes
+ * @param {number} offset
+ */
+export function extractTARGA(bytes, offset) {
+    // Need all the bytes since we do not know how far up the image goes.
+    const stream = new Stream(bytes);
+    stream.moveTo(offset - 8);
+
+    // Read in the offsets of the possible areas.
+    const extensionOffset = stream.readInt(4, "le");
+    const developerOffset = stream.readInt(4, "le");
+
+    stream.moveBackwardsBy(8);
+
+    /**
+     * Moves backwards in the stream until it meet bytes that are the same as the amount of bytes moved.
+     *
+     * @param {number} sizeOfSize
+     * @param {number} maxSize
+     */
+    function moveBackwardsUntilSize(maxSize, sizeOfSize) {
+        for (let i = 0; i < maxSize; i++) {
+            stream.moveBackwardsBy(1);
+
+            // Read in sizeOfSize amount of bytes in.
+            const size = stream.readInt(sizeOfSize, "le") - 1;
+            stream.moveBackwardsBy(sizeOfSize);
+
+            // If the size matches.
+            if (size === i)
+                break;
+        }
+    }
+
+    /**
+     * Moves backwards in the stream until we meet bytes(when calculated) that are the same as the amount of bytes moved.
+     */
+    function moveBackwardsUntilImageSize() {
+        stream.moveBackwardsBy(5);
+
+        // The documentation said that 0x100000 was the largest the file could be.
+        for (let i = 0; i < 0x100000; i++) {
+
+            // (Height * Width * pixel depth in bits)/8
+            const total = (stream.readInt(2, "le") * stream.readInt(2, "le") * stream.readInt(1))/8;
+            if (total === i-1)
+                break;
+
+            stream.moveBackwardsBy(6);
+        }
+    }
+
+    if (extensionOffset || developerOffset) {
+        if (extensionOffset) {
+            // Size is stored in two bytes hence the maximum is 0xffff.
+            moveBackwardsUntilSize(0xffff, 2);
+
+            // Move to where we think the start of the file is.
+            stream.moveBackwardsBy(extensionOffset);
+        } else if (developerOffset) {
+            // Size is stored in 4 bytes hence the maxiumum is 0xffffffff.
+            moveBackwardsUntilSize(0xffffffff, 4);
+
+            // Size is stored in byte position 6 so have to move back.
+            stream.moveBackwardsBy(6);
+
+            // Move to where we think the start of the file is.
+            stream.moveBackwardsBy(developerOffset);
+        }
+    } else {
+        // Move backwards until size === number of bytes passed.
+        moveBackwardsUntilImageSize();
+
+        // Move backwards over the reaminder of the header + the 5 we borrowed in moveBackwardsUntilImageSize().
+        stream.moveBackwardsBy(0xc+5);
+    }
+
+    return stream.carve(stream.position, offset+0x12);
+}
+
+
 /**
  * WAV extractor.
  *
@@ -3048,6 +3209,79 @@ export function extractWAV(bytes, offset) {
 }
 
 
+/**
+ * MP3 extractor.
+ *
+ * @param {Uint8Array} bytes
+ * @param {Number} offset
+ * @returns {Uint8Array}
+ */
+export function extractMP3(bytes, offset) {
+    const stream = new Stream(bytes.slice(offset));
+
+    // Constants for flag byte.
+    const bitRateIndexes = ["free", 32000, 40000, 48000, 56000, 64000, 80000, 96000, 112000, 128000, 160000, 192000, 224000, 256000, 320000, "bad"];
+
+    const samplingRateFrequencyIndex = [44100, 48000, 32000, "reserved"];
+
+    // ID3 tag, move over it.
+    if ((stream.getBytes(3).toString() === [0x49, 0x44, 0x33].toString())) {
+        stream.moveTo(6);
+        const tagSize = (stream.readInt(1) << 21) | (stream.readInt(1) << 14) | (stream.readInt(1) << 7) | stream.readInt(1);
+        stream.moveForwardsBy(tagSize);
+    } else {
+        stream.moveTo(0);
+    }
+
+    // Loop over all the frame headers in the file.
+    while (stream.hasMore()) {
+
+        // If it has an old TAG frame at the end of it, fixed size, 128 bytes.
+        if (stream.getBytes(3) === [0x54, 0x41, 0x47].toString()) {
+            stream.moveForwardsBy(125);
+            break;
+        }
+
+        // If not start of frame.
+        if (stream.getBytes(2).toString() !== [0xff, 0xfb].toString()) {
+            stream.moveBackwardsBy(2);
+            break;
+        }
+
+        // Read flag byte.
+        const flags = stream.readInt(1);
+
+        // Extract frame bit rate from flag byte.
+        const bitRate = bitRateIndexes[flags >> 4];
+
+        // Extract frame sample rate from flag byte.
+        const sampleRate = samplingRateFrequencyIndex[(flags & 0x0f) >> 2];
+
+        // Padding if the frame size is not a multiple of the bitrate.
+        const padding = (flags & 0x02) >> 1;
+
+        // Things that are either not standard or undocumented.
+        if (bitRate === "free" || bitRate === "bad" || sampleRate === "reserved") {
+            stream.moveBackwardsBy(1);
+            break;
+        }
+
+        // Formula: FrameLength = (144 * BitRate / SampleRate ) + Padding
+        const frameSize = Math.floor(((144 * bitRate) / sampleRate) + padding);
+
+        // If the next move goes past the end of the bytestream then extract the entire bytestream.
+        // We assume complete frames in the above formula because there is no field that suggests otherwise.
+        if ((stream.position + frameSize) > stream.length) {
+            stream.moveTo(stream.length);
+            break;
+        } else {
+            stream.moveForwardsBy(frameSize - 3);
+        }
+    }
+    return stream.carve();
+}
+
+
 /**
  * FLV extractor.
  *
@@ -3202,6 +3436,26 @@ export function extractPListXML(bytes, offset) {
 }
 
 
+/**
+ * MacOS X Keychain Extactor.
+ *
+ * @param {Uint8Array} bytes
+ * @param {number} offset
+ * @returns {Uint8Array}
+ */
+export function extractMacOSXKeychain(bytes, offset) {
+    const stream = new Stream(bytes.slice(offset));
+
+    // Move to size field.
+    stream.moveTo(0x14);
+
+    // Move forwards by size.
+    stream.moveForwardsBy(stream.readInt(4));
+
+    return stream.carve();
+}
+
+
 /**
  * OLE2 extractor.
  *
@@ -3448,6 +3702,37 @@ export function extractXZ(bytes, offset) {
 }
 
 
+/**
+ * DEB extractor.
+ *
+ * @param {Uint8Array} bytes
+ * @param {Number} offset
+ */
+export function extractDEB(bytes, offset) {
+    const stream = new Stream(bytes.slice(offset));
+
+    // Move past !<arch>
+    stream.moveForwardsBy(8);
+    while (stream.hasMore()) {
+
+        // Move to size field.
+        stream.moveForwardsBy(48);
+        let fsize= "";
+
+        // Convert size to a usable number.
+        for (const elem of stream.getBytes(10)) {
+            fsize += String.fromCharCode(elem);
+        }
+        fsize = parseInt(fsize.trim(), 10);
+
+        // Move past `\n
+        stream.moveForwardsBy(2);
+        stream.moveForwardsBy(fsize);
+    }
+    return stream.carve();
+}
+
+
 /**
  * ELF extractor.
  *
@@ -3517,8 +3802,8 @@ function parseDEFLATE(stream) {
 
     while (!finalBlock) {
         // Read header
-        finalBlock = stream.readBits(1);
-        const blockType = stream.readBits(2);
+        finalBlock = stream.readBits(1, "le");
+        const blockType = stream.readBits(2, "le");
 
         if (blockType === 0) {
             /* No compression */
@@ -3537,16 +3822,16 @@ function parseDEFLATE(stream) {
             /* Dynamic Huffman */
 
             // Read the number of liternal and length codes
-            const hlit = stream.readBits(5) + 257;
+            const hlit = stream.readBits(5, "le") + 257;
             // Read the number of distance codes
-            const hdist = stream.readBits(5) + 1;
+            const hdist = stream.readBits(5, "le") + 1;
             // Read the number of code lengths
-            const hclen = stream.readBits(4) + 4;
+            const hclen = stream.readBits(4, "le") + 4;
 
             // Parse code lengths
             const codeLengths = new Uint8Array(huffmanOrder.length);
             for (let i = 0; i < hclen; i++) {
-                codeLengths[huffmanOrder[i]] = stream.readBits(3);
+                codeLengths[huffmanOrder[i]] = stream.readBits(3, "le");
             }
 
             // Parse length table
@@ -3558,16 +3843,16 @@ function parseDEFLATE(stream) {
                 code = readHuffmanCode(stream, codeLengthsTable);
                 switch (code) {
                     case 16:
-                        repeat = 3 + stream.readBits(2);
+                        repeat = 3 + stream.readBits(2, "le");
                         while (repeat--) lengthTable[i++] = prev;
                         break;
                     case 17:
-                        repeat = 3 + stream.readBits(3);
+                        repeat = 3 + stream.readBits(3, "le");
                         while (repeat--) lengthTable[i++] = 0;
                         prev = 0;
                         break;
                     case 18:
-                        repeat = 11 + stream.readBits(7);
+                        repeat = 11 + stream.readBits(7, "le");
                         while (repeat--) lengthTable[i++] = 0;
                         prev = 0;
                         break;
@@ -3625,11 +3910,11 @@ function parseHuffmanBlock(stream, litTab, distTab) {
         if (code < 256) continue;
 
         // Length code
-        stream.readBits(lengthExtraTable[code - 257]);
+        stream.readBits(lengthExtraTable[code - 257], "le");
 
         // Dist code
         code = readHuffmanCode(stream, distTab);
-        stream.readBits(distanceExtraTable[code]);
+        stream.readBits(distanceExtraTable[code], "le");
     }
 }
 
@@ -3687,7 +3972,7 @@ function readHuffmanCode(stream, table) {
     const [codeTable, maxCodeLength] = table;
 
     // Read max length
-    const bitsBuf = stream.readBits(maxCodeLength);
+    const bitsBuf = stream.readBits(maxCodeLength, "le");
     const codeWithLength = codeTable[bitsBuf & ((1 << maxCodeLength) - 1)];
     const codeLength = codeWithLength >>> 16;
 

src/core/lib/FileType.mjs

@@ -213,7 +213,7 @@ function locatePotentialSig(buf, sig, offset) {
 export function isType(type, buf) {
     const types = detectFileType(buf);
 
-    if (!(types && types.length)) return false;
+    if (!types.length) return false;
 
     if (typeof type === "string") {
         return types.reduce((acc, t) => {

src/core/lib/FuzzyMatch.mjs

@@ -0,0 +1,253 @@
+/**
+ * LICENSE
+ *
+ *   This software is dual-licensed to the public domain and under the following
+ *   license: you are granted a perpetual, irrevocable license to copy, modify,
+ *   publish, and distribute this file as you see fit.
+ *
+ * VERSION
+ *   0.1.0  (2016-03-28)  Initial release
+ *
+ * AUTHOR
+ *   Forrest Smith
+ *
+ * CONTRIBUTORS
+ *   J<>rgen Tjern<72> - async helper
+ *   Anurag Awasthi - updated to 0.2.0
+ */
+
+export const DEFAULT_WEIGHTS = {
+    sequentialBonus: 15, // bonus for adjacent matches
+    separatorBonus: 30, // bonus if match occurs after a separator
+    camelBonus: 30, // bonus if match is uppercase and prev is lower
+    firstLetterBonus: 15, // bonus if the first letter is matched
+
+    leadingLetterPenalty: -5, // penalty applied for every letter in str before the first match
+    maxLeadingLetterPenalty: -15, // maximum penalty for leading letters
+    unmatchedLetterPenalty: -1
+};
+
+/**
+ * Does a fuzzy search to find pattern inside a string.
+ * @param {string} pattern        pattern to search for
+ * @param {string} str            string which is being searched
+ * @param {boolean} global        whether to search for all matches or just one
+ * @returns [boolean, number]       a boolean which tells if pattern was
+ *                                  found or not and a search score
+ */
+export function fuzzyMatch(pattern, str, global=false, weights=DEFAULT_WEIGHTS) {
+    const recursionCount = 0;
+    const recursionLimit = 10;
+    const matches = [];
+    const maxMatches = 256;
+
+    if (!global) {
+        return fuzzyMatchRecursive(
+            pattern,
+            str,
+            0 /* patternCurIndex */,
+            0 /* strCurrIndex */,
+            null /* srcMatches */,
+            matches,
+            maxMatches,
+            0 /* nextMatch */,
+            recursionCount,
+            recursionLimit,
+            weights
+        );
+    }
+
+    // Return all matches
+    let foundMatch = true,
+        score,
+        idxs,
+        strCurrIndex = 0;
+    const results = [];
+
+    while (foundMatch) {
+        [foundMatch, score, idxs] = fuzzyMatchRecursive(
+            pattern,
+            str,
+            0 /* patternCurIndex */,
+            strCurrIndex,
+            null /* srcMatches */,
+            matches,
+            maxMatches,
+            0 /* nextMatch */,
+            recursionCount,
+            recursionLimit,
+            weights
+        );
+        if (foundMatch) results.push([foundMatch, score, [...idxs]]);
+        strCurrIndex = idxs[idxs.length - 1] + 1;
+    }
+    return results;
+}
+
+/**
+ * Recursive helper function
+ */
+function fuzzyMatchRecursive(
+    pattern,
+    str,
+    patternCurIndex,
+    strCurrIndex,
+    srcMatches,
+    matches,
+    maxMatches,
+    nextMatch,
+    recursionCount,
+    recursionLimit,
+    weights
+) {
+    let outScore = 0;
+
+    // Return if recursion limit is reached.
+    if (++recursionCount >= recursionLimit) {
+        return [false, outScore, []];
+    }
+
+    // Return if we reached ends of strings.
+    if (patternCurIndex === pattern.length || strCurrIndex === str.length) {
+        return [false, outScore, []];
+    }
+
+    // Recursion params
+    let recursiveMatch = false;
+    let bestRecursiveMatches = [];
+    let bestRecursiveScore = 0;
+
+    // Loop through pattern and str looking for a match.
+    let firstMatch = true;
+    while (patternCurIndex < pattern.length && strCurrIndex < str.length) {
+        // Match found.
+        if (
+            pattern[patternCurIndex].toLowerCase() === str[strCurrIndex].toLowerCase()
+        ) {
+            if (nextMatch >= maxMatches) {
+                return [false, outScore, []];
+            }
+
+            if (firstMatch && srcMatches) {
+                matches = [...srcMatches];
+                firstMatch = false;
+            }
+
+            const [matched, recursiveScore, recursiveMatches] = fuzzyMatchRecursive(
+                pattern,
+                str,
+                patternCurIndex,
+                strCurrIndex + 1,
+                matches,
+                recursiveMatches,
+                maxMatches,
+                nextMatch,
+                recursionCount,
+                recursionLimit,
+                weights
+            );
+
+            if (matched) {
+                // Pick best recursive score.
+                if (!recursiveMatch || recursiveScore > bestRecursiveScore) {
+                    bestRecursiveMatches = [...recursiveMatches];
+                    bestRecursiveScore = recursiveScore;
+                }
+                recursiveMatch = true;
+            }
+
+            matches[nextMatch++] = strCurrIndex;
+            ++patternCurIndex;
+        }
+        ++strCurrIndex;
+    }
+
+    const matched = patternCurIndex === pattern.length;
+
+    if (matched) {
+        outScore = 100;
+
+        // Apply leading letter penalty
+        let penalty = weights.leadingLetterPenalty * matches[0];
+        penalty =
+            penalty < weights.maxLeadingLetterPenalty ?
+                weights.maxLeadingLetterPenalty :
+                penalty;
+        outScore += penalty;
+
+        // Apply unmatched penalty
+        const unmatched = str.length - nextMatch;
+        outScore += weights.unmatchedLetterPenalty * unmatched;
+
+        // Apply ordering bonuses
+        for (let i = 0; i < nextMatch; i++) {
+            const currIdx = matches[i];
+
+            if (i > 0) {
+                const prevIdx = matches[i - 1];
+                if (currIdx === prevIdx + 1) {
+                    outScore += weights.sequentialBonus;
+                }
+            }
+
+            // Check for bonuses based on neighbor character value.
+            if (currIdx > 0) {
+                // Camel case
+                const neighbor = str[currIdx - 1];
+                const curr = str[currIdx];
+                if (
+                    neighbor !== neighbor.toUpperCase() &&
+                    curr !== curr.toLowerCase()
+                ) {
+                    outScore += weights.camelBonus;
+                }
+                const isNeighbourSeparator = neighbor === "_" || neighbor === " ";
+                if (isNeighbourSeparator) {
+                    outScore += weights.separatorBonus;
+                }
+            } else {
+                // First letter
+                outScore += weights.firstLetterBonus;
+            }
+        }
+
+        // Return best result
+        if (recursiveMatch && (!matched || bestRecursiveScore > outScore)) {
+            // Recursive score is better than "this"
+            matches = bestRecursiveMatches;
+            outScore = bestRecursiveScore;
+            return [true, outScore, matches];
+        } else if (matched) {
+            // "this" score is better than recursive
+            return [true, outScore, matches];
+        } else {
+            return [false, outScore, matches];
+        }
+    }
+    return [false, outScore, matches];
+}
+
+/**
+ * Turns a list of match indexes into a list of match ranges
+ *
+ * @author n1474335 [n1474335@gmail.com]
+ * @param [number] matches
+ * @returns [[number]]
+ */
+export function calcMatchRanges(matches) {
+    const ranges = [];
+    let start = matches[0],
+        curr = start;
+
+    matches.forEach(m => {
+        if (m === curr || m === curr + 1) curr = m;
+        else {
+            ranges.push([start, curr - start + 1]);
+            start = m;
+            curr = m;
+        }
+    });
+
+    ranges.push([start, curr - start + 1]);
+    return ranges;
+}

src/core/lib/Hex.mjs

@@ -7,6 +7,7 @@
  */
 
 import Utils from "../Utils.mjs";
+import OperationError from "../errors/OperationError.mjs";
 
 
 /**
@@ -100,14 +101,21 @@ export function toHexFast(data) {
  * fromHex("0a:14:1e", "Colon");
  */
 export function fromHex(data, delim="Auto", byteLen=2) {
+    if (byteLen < 1 || Math.round(byteLen) !== byteLen)
+        throw new OperationError("Byte length must be a positive integer");
+
     if (delim !== "None") {
-        const delimRegex = delim === "Auto" ? /[^a-f\d]|(0x)/gi : Utils.regexRep(delim);
-        data = data.replace(delimRegex, "");
+        const delimRegex = delim === "Auto" ? /[^a-f\d]|0x/gi : Utils.regexRep(delim);
+        data = data.split(delimRegex);
+    } else {
+        data = [data];
     }
 
     const output = [];
-    for (let i = 0; i < data.length; i += byteLen) {
-        output.push(parseInt(data.substr(i, byteLen), 16));
+    for (let i = 0; i < data.length; i++) {
+        for (let j = 0; j < data[i].length; j += byteLen) {
+            output.push(parseInt(data[i].substr(j, byteLen), 16));
+        }
     }
     return output;
 }

src/core/lib/IP.mjs

@@ -26,7 +26,7 @@ export function ipv4CidrRange(cidr, includeNetworkInfo, enumerateAddresses, allo
     let output = "";
 
     if (cidrRange < 0 || cidrRange > 31) {
-        return "IPv4 CIDR must be less than 32";
+        throw new OperationError("IPv4 CIDR must be less than 32");
     }
 
     const mask = ~(0xFFFFFFFF >>> cidrRange),
@@ -64,7 +64,7 @@ export function ipv6CidrRange(cidr, includeNetworkInfo) {
         cidrRange = parseInt(cidr[cidr.length-1], 10);
 
     if (cidrRange < 0 || cidrRange > 127) {
-        return "IPv6 CIDR must be less than 128";
+        throw new OperationError("IPv6 CIDR must be less than 128");
     }
 
     const ip1 = new Array(8),
@@ -211,7 +211,7 @@ export function ipv4ListedRange(match, includeNetworkInfo, enumerateAddresses, a
         const network = strToIpv4(ipv4CidrList[i].split("/")[0]);
         const cidrRange = parseInt(ipv4CidrList[i].split("/")[1], 10);
         if (cidrRange < 0 || cidrRange > 31) {
-            return "IPv4 CIDR must be less than 32";
+            throw new OperationError("IPv4 CIDR must be less than 32");
         }
         const mask = ~(0xFFFFFFFF >>> cidrRange),
             cidrIp1 = network & mask,
@@ -254,7 +254,7 @@ export function ipv6ListedRange(match, includeNetworkInfo) {
         const cidrRange = parseInt(ipv6CidrList[i].split("/")[1], 10);
 
         if (cidrRange < 0 || cidrRange > 127) {
-            return "IPv6 CIDR must be less than 128";
+            throw new OperationError("IPv6 CIDR must be less than 128");
         }
 
         const cidrIp1 = new Array(8),

src/core/lib/JWT.mjs

@@ -0,0 +1,24 @@
+/**
+ * JWT resources
+ *
+ * @author mt3571 [mt3571@protonmail.com]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+
+/**
+ * List of the JWT algorithms that can be used
+ */
+export const JWT_ALGORITHMS = [
+    "HS256",
+    "HS384",
+    "HS512",
+    "RS256",
+    "RS384",
+    "RS512",
+    "ES256",
+    "ES384",
+    "ES512",
+    "None"
+];

src/core/lib/LS47.mjs

@@ -0,0 +1,244 @@
+/**
+ * @author n1073645 [n1073645@gmail.com]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+import OperationError from "../errors/OperationError.mjs";
+
+const letters = "_abcdefghijklmnopqrstuvwxyz.0123456789,-+*/:?!'()";
+const tiles = [];
+
+/**
+ * Initialises the tiles with values and positions.
+ */
+export function initTiles() {
+    for (let i = 0; i < 49; i++)
+        tiles.push([letters.charAt(i), [Math.floor(i/7), i % 7]]);
+}
+
+/**
+ * Rotates the key "down".
+ *
+ * @param {string} key
+ * @param {number} col
+ * @param {number} n
+ * @returns {string}
+ */
+function rotateDown(key, col, n) {
+    const lines = [];
+    for (let i = 0; i < 7; i++)
+        lines.push(key.slice(i*7, (i + 1) * 7));
+    const lefts = [];
+    let mids = [];
+    const rights = [];
+    lines.forEach((element) => {
+        lefts.push(element.slice(0, col));
+        mids.push(element.charAt(col));
+        rights.push(element.slice(col+1));
+    });
+    n = (7 - n % 7) % 7;
+    mids = mids.slice(n).concat(mids.slice(0, n));
+    let result = "";
+    for (let i = 0; i < 7; i++)
+        result += lefts[i] + mids[i] + rights[i];
+    return result;
+}
+
+/**
+ * Rotates the key "right".
+ *
+ * @param {string} key
+ * @param {number} row
+ * @param {number} n
+ * @returns {string}
+ */
+function rotateRight(key, row, n) {
+    const mid = key.slice(row * 7, (row + 1) * 7);
+    n = (7 - n % 7) % 7;
+    return key.slice(0, 7 * row) + mid.slice(n) + mid.slice(0, n) + key.slice(7 * (row + 1));
+}
+
+/**
+ * Finds the position of a letter in the tiles.
+ *
+ * @param {string} letter
+ * @returns {string}
+ */
+function findIx(letter) {
+    for (let i = 0; i < tiles.length; i++)
+        if (tiles[i][0] === letter)
+            return tiles[i][1];
+    throw new OperationError("Letter " + letter + " is not included in LS47");
+}
+
+/**
+ * Derives key from the input password.
+ *
+ * @param {string} password
+ * @returns {string}
+ */
+export function deriveKey(password) {
+    let i = 0;
+    let k = letters;
+    for (const c of password) {
+        const [row, col] = findIx(c);
+        k = rotateDown(rotateRight(k, i, col), i, row);
+        i = (i + 1) % 7;
+    }
+    return k;
+}
+
+/**
+ * Checks the key is a valid key.
+ *
+ * @param {string} key
+ */
+function checkKey(key) {
+    if (key.length !== letters.length)
+        throw new OperationError("Wrong key size");
+    const counts = new Array();
+    for (let i = 0; i < letters.length; i++)
+        counts[letters.charAt(i)] = 0;
+    for (const elem of letters) {
+        if (letters.indexOf(elem) === -1)
+            throw new OperationError("Letter " + elem + " not in LS47");
+        counts[elem]++;
+        if (counts[elem] > 1)
+            throw new OperationError("Letter duplicated in the key");
+    }
+}
+
+/**
+ * Finds the position of a letter in they key.
+ *
+ * @param {letter} key
+ * @param {string} letter
+ * @returns {object}
+ */
+function findPos (key, letter) {
+    const index = key.indexOf(letter);
+    if (index >= 0 && index < 49)
+        return [Math.floor(index/7), index%7];
+    throw new OperationError("Letter " + letter + " is not in the key");
+}
+
+/**
+ * Returns the character at the position on the tiles.
+ *
+ * @param {string} key
+ * @param {object} coord
+ * @returns {string}
+ */
+function findAtPos(key, coord) {
+    return key.charAt(coord[1] + (coord[0] * 7));
+}
+
+/**
+ * Returns new position by adding two positions.
+ *
+ * @param {object} a
+ * @param {object} b
+ * @returns {object}
+ */
+function addPos(a, b) {
+    return [(a[0] + b[0]) % 7, (a[1] + b[1]) % 7];
+}
+
+/**
+ * Returns new position by subtracting two positions.
+ * Note: We have to manually do the remainder division, since JS does not
+ * operate correctly on negative numbers (e.g. -3 % 4 = -3 when it should be 1).
+ *
+ * @param {object} a
+ * @param {object} b
+ * @returns {object}
+ */
+function subPos(a, b) {
+    const asub = a[0] - b[0];
+    const bsub = a[1] - b[1];
+    return [asub - (Math.floor(asub/7) * 7), bsub - (Math.floor(bsub/7) * 7)];
+}
+
+/**
+ * Encrypts the plaintext string.
+ *
+ * @param {string} key
+ * @param {string} plaintext
+ * @returns {string}
+ */
+function encrypt(key, plaintext) {
+    checkKey(key);
+    let mp = [0, 0];
+    let ciphertext = "";
+    for (const p of plaintext) {
+        const pp = findPos(key, p);
+        const mix = findIx(findAtPos(key, mp));
+        let cp = addPos(pp, mix);
+        const c = findAtPos(key, cp);
+        ciphertext += c;
+        key = rotateRight(key, pp[0], 1);
+        cp = findPos(key, c);
+        key = rotateDown(key, cp[1], 1);
+        mp = addPos(mp, findIx(c));
+    }
+    return ciphertext;
+}
+
+/**
+ * Decrypts the ciphertext string.
+ *
+ * @param {string} key
+ * @param {string} ciphertext
+ * @returns {string}
+ */
+function decrypt(key, ciphertext) {
+    checkKey(key);
+    let mp = [0, 0];
+    let plaintext = "";
+    for (const c of ciphertext) {
+        let cp = findPos(key, c);
+        const mix = findIx(findAtPos(key, mp));
+        const pp = subPos(cp, mix);
+        const p = findAtPos(key, pp);
+        plaintext += p;
+        key = rotateRight(key, pp[0], 1);
+        cp = findPos(key, c);
+        key = rotateDown(key, cp[1], 1);
+        mp = addPos(mp, findIx(c));
+    }
+    return plaintext;
+}
+
+/**
+ * Adds padding to the input.
+ *
+ * @param {string} key
+ * @param {string} plaintext
+ * @param {string} signature
+ * @param {number} paddingSize
+ * @returns {string}
+ */
+export function encryptPad(key, plaintext, signature, paddingSize) {
+    initTiles();
+    checkKey(key);
+    let padding = "";
+    for (let i = 0; i < paddingSize; i++) {
+        padding += letters.charAt(Math.floor(Math.random() * letters.length));
+    }
+    return encrypt(key, padding+plaintext+"---"+signature);
+}
+
+/**
+ * Removes padding from the ouput.
+ *
+ * @param {string} key
+ * @param {string} ciphertext
+ * @param {number} paddingSize
+ * @returns {string}
+ */
+export function decryptPad(key, ciphertext, paddingSize) {
+    initTiles();
+    checkKey(key);
+    return decrypt(key, ciphertext).slice(paddingSize);
+}

src/core/lib/LZNT1.mjs

@@ -0,0 +1,88 @@
+/**
+ *
+ * LZNT1 Decompress.
+ *
+ * @author 0xThiebaut [thiebaut.dev]
+ * @copyright Crown Copyright 2023
+ * @license Apache-2.0
+ *
+ * https://github.com/Velocidex/go-ntfs/blob/master/parser%2Flznt1.go
+ */
+
+import Utils from "../Utils.mjs";
+import OperationError from "../errors/OperationError.mjs";
+
+const COMPRESSED_MASK = 1 << 15,
+    SIZE_MASK = (1 << 12) - 1;
+
+/**
+ * @param {number} offset
+ * @returns {number}
+ */
+function getDisplacement(offset) {
+    let result = 0;
+    while (offset >= 0x10) {
+        offset >>= 1;
+        result += 1;
+    }
+    return result;
+}
+
+/**
+ * @param {byteArray} compressed
+ * @returns {byteArray}
+ */
+export function decompress(compressed) {
+    const decompressed = Array();
+    let coffset = 0;
+
+    while (coffset + 2 <= compressed.length) {
+        const doffset = decompressed.length;
+
+        const blockHeader = Utils.byteArrayToInt(compressed.slice(coffset, coffset + 2), "little");
+        coffset += 2;
+
+        const size = blockHeader & SIZE_MASK;
+        const blockEnd = coffset + size + 1;
+
+        if (size === 0) {
+            break;
+        } else if (compressed.length < coffset + size) {
+            throw new OperationError("Malformed LZNT1 stream: Block too small! Has the stream been truncated?");
+        }
+
+        if ((blockHeader & COMPRESSED_MASK) !== 0) {
+            while (coffset < blockEnd) {
+                let header = compressed[coffset++];
+
+                for (let i = 0; i < 8 && coffset < blockEnd; i++) {
+                    if ((header & 1) === 0) {
+                        decompressed.push(compressed[coffset++]);
+                    } else {
+                        const pointer = Utils.byteArrayToInt(compressed.slice(coffset, coffset + 2), "little");
+                        coffset += 2;
+
+                        const displacement = getDisplacement(decompressed.length - doffset - 1);
+                        const symbolOffset = (pointer >> (12 - displacement)) + 1;
+                        const symbolLength = (pointer & (0xFFF >> displacement)) + 2;
+                        const shiftOffset = decompressed.length - symbolOffset;
+
+                        for (let shiftDelta = 0; shiftDelta < symbolLength + 1; shiftDelta++) {
+                            const shift = shiftOffset + shiftDelta;
+                            if (shift < 0 || decompressed.length <= shift) {
+                                throw new OperationError("Malformed LZNT1 stream: Invalid shift!");
+                            }
+                            decompressed.push(decompressed[shift]);
+                        }
+                    }
+                    header >>= 1;
+                }
+            }
+        } else {
+            decompressed.push(...compressed.slice(coffset, coffset + size + 1));
+            coffset += size + 1;
+        }
+    }
+
+    return decompressed;
+}

src/core/lib/LZString.mjs

@@ -0,0 +1,21 @@
+/**
+ * lz-string exports.
+ *
+ * @author crespyl [peter@crespyl.net]
+ * @copyright Peter Jacobs 2021
+ * @license Apache-2.0
+ */
+
+import LZString from "lz-string";
+
+export const COMPRESSION_OUTPUT_FORMATS = ["default", "UTF16", "Base64"];
+export const COMPRESSION_FUNCTIONS = {
+    "default": LZString.compress,
+    "UTF16":   LZString.compressToUTF16,
+    "Base64":  LZString.compressToBase64,
+};
+export const DECOMPRESSION_FUNCTIONS = {
+    "default": LZString.decompress,
+    "UTF16":   LZString.decompressFromUTF16,
+    "Base64":  LZString.decompressFromBase64,
+};

src/core/lib/Magic.mjs

@@ -1,8 +1,8 @@
-import OperationConfig from "../config/OperationConfig.json";
+import OperationConfig from "../config/OperationConfig.json" assert {type: "json"};
 import Utils, { isWorkerEnvironment } from "../Utils.mjs";
 import Recipe from "../Recipe.mjs";
 import Dish from "../Dish.mjs";
-import {detectFileType} from "./FileType.mjs";
+import {detectFileType, isType} from "./FileType.mjs";
 import chiSquared from "chi-squared";
 
 /**
@@ -19,31 +19,38 @@ class Magic {
      * Magic constructor.
      *
      * @param {ArrayBuffer} buf
-     * @param {Object[]} [opPatterns]
+     * @param {Object[]} [opCriteria]
+     * @param {Object} [prevOp]
      */
-    constructor(buf, opPatterns) {
+    constructor(buf, opCriteria=Magic._generateOpCriteria(), prevOp=null) {
         this.inputBuffer = new Uint8Array(buf);
         this.inputStr = Utils.arrayBufferToStr(buf);
-        this.opPatterns = opPatterns || Magic._generateOpPatterns();
+        this.opCriteria = opCriteria;
+        this.prevOp = prevOp;
     }
 
     /**
-     * Finds operations that claim to be able to decode the input based on regular
-     * expression matches.
+     * Finds operations that claim to be able to decode the input based on various criteria.
      *
      * @returns {Object[]}
      */
-    findMatchingOps() {
-        const matches = [];
+    findMatchingInputOps() {
+        const matches = [],
+            inputEntropy = this.calcEntropy();
 
-        for (let i = 0; i < this.opPatterns.length; i++) {
-            const pattern = this.opPatterns[i],
-                regex = new RegExp(pattern.match, pattern.flags);
+        this.opCriteria.forEach(check => {
+            // If the input doesn't lie in the required entropy range, move on
+            if (check.entropyRange &&
+                (inputEntropy < check.entropyRange[0] ||
+                inputEntropy > check.entropyRange[1]))
+                return;
+            // If the input doesn't match the pattern, move on
+            if (check.pattern &&
+                !check.pattern.test(this.inputStr))
+                return;
 
-            if (regex.test(this.inputStr)) {
-                matches.push(pattern);
-            }
-        }
+            matches.push(check);
+        });
 
         return matches;
     }
@@ -185,8 +192,10 @@ class Magic {
      *
      * @returns {number}
      */
-    calcEntropy() {
-        const prob = this._freqDist();
+    calcEntropy(data=this.inputBuffer, standalone=false) {
+        if (!standalone && this.inputEntropy) return this.inputEntropy;
+
+        const prob = this._freqDist(data, standalone);
         let entropy = 0,
             p;
 
@@ -195,6 +204,8 @@ class Magic {
             if (p === 0) continue;
             entropy += p * Math.log(p) / Math.log(2);
         }
+
+        if (!standalone) this.inputEntropy = -entropy;
         return -entropy;
     }
 
@@ -264,25 +275,59 @@ class Magic {
         return results;
     }
 
+    /**
+     * Checks whether the data passes output criteria for an operation check
+     *
+     * @param {ArrayBuffer} data
+     * @param {Object} criteria
+     * @returns {boolean}
+     */
+    outputCheckPasses(data, criteria) {
+        if (criteria.pattern) {
+            const dataStr = Utils.arrayBufferToStr(data),
+                regex = new RegExp(criteria.pattern, criteria.flags);
+            if (!regex.test(dataStr))
+                return false;
+        }
+        if (criteria.entropyRange) {
+            const dataEntropy = this.calcEntropy(data, true);
+            if (dataEntropy < criteria.entropyRange[0] || dataEntropy > criteria.entropyRange[1])
+                return false;
+        }
+        if (criteria.mime &&
+            !isType(criteria.mime, data))
+            return false;
+
+        return true;
+    }
+
     /**
      * Speculatively executes matching operations, recording metadata of each result.
      *
      * @param {number} [depth=0] - How many levels to try to execute
      * @param {boolean} [extLang=false] - Extensive language support (false = only check the most
-     *                                    common Internet languages)
+     *     common Internet languages)
      * @param {boolean} [intensive=false] - Run brute-forcing on each branch (significantly affects
-     *                                      performance)
+     *     performance)
      * @param {Object[]} [recipeConfig=[]] - The recipe configuration up to this point
      * @param {boolean} [useful=false] - Whether the current recipe should be scored highly
-     * @param {string} [crib=null] - The regex crib provided by the user, for filtering the operation output
+     * @param {string} [crib=null] - The regex crib provided by the user, for filtering the operation
+     *     output
      * @returns {Object[]} - A sorted list of the recipes most likely to result in correct decoding
      */
-    async speculativeExecution(depth=0, extLang=false, intensive=false, recipeConfig=[], useful=false, crib=null) {
+    async speculativeExecution(
+        depth=0,
+        extLang=false,
+        intensive=false,
+        recipeConfig=[],
+        useful=false,
+        crib=null) {
+
+        // If we have reached the recursion depth, return
         if (depth < 0) return [];
 
         // Find any operations that can be run on this data
-        const matchingOps = this.findMatchingOps();
-
+        const matchingOps = this.findMatchingInputOps();
         let results = [];
 
         // Record the properties of the current data
@@ -308,17 +353,21 @@ class Magic {
                 },
                 output = await this._runRecipe([opConfig]);
 
-            // If the recipe is repeating and returning the same data, do not continue
-            if (prevOp && op.op === prevOp.op && _buffersEqual(output, this.inputBuffer)) {
-                return;
-            }
-
             // If the recipe returned an empty buffer, do not continue
             if (_buffersEqual(output, new ArrayBuffer())) {
                 return;
             }
 
-            const magic = new Magic(output, this.opPatterns),
+            // If the recipe is repeating and returning the same data, do not continue
+            if (prevOp && op.op === prevOp.op && _buffersEqual(output, this.inputBuffer)) {
+                return;
+            }
+
+            // If the output criteria for this op doesn't match the output, do not continue
+            if (op.output && !this.outputCheckPasses(output, op.output))
+                return;
+
+            const magic = new Magic(output, this.opCriteria, OperationConfig[op.op]),
                 speculativeResults = await magic.speculativeExecution(
                     depth-1, extLang, intensive, [...recipeConfig, opConfig], op.useful, crib);
 
@@ -330,7 +379,7 @@ class Magic {
             const bfEncodings = await this.bruteForce();
 
             await Promise.all(bfEncodings.map(async enc => {
-                const magic = new Magic(enc.data, this.opPatterns),
+                const magic = new Magic(enc.data, this.opCriteria, undefined),
                     bfResults = await magic.speculativeExecution(
                         depth-1, extLang, false, [...recipeConfig, enc.conf], false, crib);
 
@@ -345,7 +394,8 @@ class Magic {
                 r.languageScores[0].probability > 0 ||    // Some kind of language was found
                 r.fileType ||                             // A file was found
                 r.isUTF8 ||                               // UTF-8 was found
-                r.matchingOps.length                      // A matching op was found
+                r.matchingOps.length ||                   // A matching op was found
+                r.matchesCrib                             // The crib matches
             )
         );
 
@@ -376,9 +426,10 @@ class Magic {
             bScore += b.entropy;
 
             // A result with no recipe but matching ops suggests there are better options
-            if ((!a.recipe.length && a.matchingOps.length) &&
-                b.recipe.length)
+            if ((!a.recipe.length && a.matchingOps.length) && b.recipe.length)
                 return 1;
+            if ((!b.recipe.length && b.matchingOps.length) && a.recipe.length)
+                return -1;
 
             return aScore - bScore;
         });
@@ -417,14 +468,16 @@ class Magic {
      * Calculates the number of times each byte appears in the input as a percentage
      *
      * @private
+     * @param {ArrayBuffer} [data]
+     * @param {boolean} [standalone]
      * @returns {number[]}
      */
-    _freqDist() {
-        if (this.freqDist) return this.freqDist;
+    _freqDist(data=this.inputBuffer, standalone=false) {
+        if (!standalone && this.freqDist) return this.freqDist;
 
-        const len = this.inputBuffer.length;
+        const len = data.length,
+            counts = new Array(256).fill(0);
         let i = len;
-        const counts = new Array(256).fill(0);
 
         if (!len) {
             this.freqDist = counts;
@@ -432,13 +485,15 @@ class Magic {
         }
 
         while (i--) {
-            counts[this.inputBuffer[i]]++;
+            counts[data[i]]++;
         }
 
-        this.freqDist = counts.map(c => {
+        const result = counts.map(c => {
             return c / len * 100;
         });
-        return this.freqDist;
+
+        if (!standalone) this.freqDist = result;
+        return result;
     }
 
     /**
@@ -447,24 +502,29 @@ class Magic {
      * @private
      * @returns {Object[]}
      */
-    static _generateOpPatterns() {
-        const opPatterns = [];
+    static _generateOpCriteria() {
+        const opCriteria = [];
 
         for (const op in OperationConfig) {
-            if (!("patterns" in OperationConfig[op])) continue;
+            if (!("checks" in OperationConfig[op]))
+                continue;
 
-            OperationConfig[op].patterns.forEach(pattern => {
-                opPatterns.push({
+            OperationConfig[op].checks.forEach(check => {
+                // Add to the opCriteria list.
+                // Compile the regex here and cache the compiled version so we
+                // don't have to keep calculating it.
+                opCriteria.push({
                     op: op,
-                    match: pattern.match,
-                    flags: pattern.flags,
-                    args: pattern.args,
-                    useful: pattern.useful || false
+                    pattern: check.pattern ? new RegExp(check.pattern, check.flags) : null,
+                    args: check.args,
+                    useful: check.useful,
+                    entropyRange: check.entropyRange,
+                    output: check.output
                 });
             });
         }
 
-        return opPatterns;
+        return opCriteria;
     }
 
     /**

src/core/lib/Protobuf.mjs

@@ -1,4 +1,5 @@
 import Utils from "../Utils.mjs";
+import protobuf from "protobufjs";
 
 /**
  * Protobuf lib. Contains functions to decode protobuf serialised
@@ -32,9 +33,10 @@ class Protobuf {
         this.MSB = 0x80;
         this.VALUE = 0x7f;
 
-        // Declare offset and length
+        // Declare offset, length, and field type object
         this.offset = 0;
         this.LENGTH = data.length;
+        this.fieldTypes = {};
     }
 
     // Public Functions
@@ -76,15 +78,281 @@ class Protobuf {
         return pb._varInt();
     }
 
+    /**
+     * Encode input JSON according to the given schema
+     *
+     * @param {Object} input
+     * @param {Object []} args
+     * @returns {Object}
+     */
+    static encode(input, args) {
+        this.updateProtoRoot(args[0]);
+        if (!this.mainMessageName) {
+            throw new Error("Schema Error: Schema not defined");
+        }
+        const message = this.parsedProto.root.nested[this.mainMessageName];
+
+        // Convert input into instance of message, and verify instance
+        input = message.fromObject(input);
+        const error = message.verify(input);
+        if (error) {
+            throw new Error("Input Error: " + error);
+        }
+        // Encode input
+        const output = message.encode(input).finish();
+        return new Uint8Array(output).buffer;
+    }
+
     /**
      * Parse Protobuf data
      *
      * @param {byteArray} input
      * @returns {Object}
      */
-    static decode(input) {
+    static decode(input, args) {
+        this.updateProtoRoot(args[0]);
+        this.showUnknownFields = args[1];
+        this.showTypes = args[2];
+        return this.mergeDecodes(input);
+    }
+
+    /**
+     * Update the parsedProto, throw parsing errors
+     *
+     * @param {string} protoText
+     */
+    static updateProtoRoot(protoText) {
+        try {
+            this.parsedProto = protobuf.parse(protoText);
+            if (this.parsedProto.package) {
+                this.parsedProto.root = this.parsedProto.root.nested[this.parsedProto.package];
+            }
+            this.updateMainMessageName();
+        } catch (error) {
+            throw new Error("Schema " + error);
+        }
+    }
+
+    /**
+     * Set mainMessageName to the first instance of a message defined in the schema that is not a submessage
+     *
+     */
+    static updateMainMessageName() {
+        const messageNames = [];
+        const fieldTypes = [];
+        this.parsedProto.root.nestedArray.forEach(block => {
+            if (block instanceof protobuf.Type) {
+                messageNames.push(block.name);
+                this.parsedProto.root.nested[block.name].fieldsArray.forEach(field => {
+                    fieldTypes.push(field.type);
+                });
+            }
+        });
+
+        if (messageNames.length === 0) {
+            this.mainMessageName = null;
+        } else {
+            // for (const name of messageNames) {
+            //     if (!fieldTypes.includes(name)) {
+            //         this.mainMessageName = name;
+            //         break;
+            //     }
+            // }
+            this.mainMessageName = messageNames[0];
+        }
+    }
+
+    /**
+     * Decode input using Protobufjs package and raw methods, compare, and merge results
+     *
+     * @param {byteArray} input
+     * @returns {Object}
+     */
+    static mergeDecodes(input) {
         const pb = new Protobuf(input);
-        return pb._parse();
+        let rawDecode = pb._parse();
+        let message;
+
+        if (this.showTypes) {
+            rawDecode = this.showRawTypes(rawDecode, pb.fieldTypes);
+            this.parsedProto.root = this.appendTypesToFieldNames(this.parsedProto.root);
+        }
+
+        try {
+            message = this.parsedProto.root.nested[this.mainMessageName];
+            const packageDecode = message.toObject(message.decode(input), {
+                bytes: String,
+                longs: Number,
+                enums: String,
+                defaults: true
+            });
+            const output = {};
+
+            if (this.showUnknownFields) {
+                output[message.name] = packageDecode;
+                output["Unknown Fields"] = this.compareFields(rawDecode, message);
+                return output;
+            } else {
+                return packageDecode;
+            }
+
+        } catch (error) {
+            if (message) {
+                throw new Error("Input " + error);
+            } else {
+                return rawDecode;
+            }
+        }
+    }
+
+    /**
+     * Replace fieldnames with fieldname and type
+     *
+     * @param {Object} schemaRoot
+     * @returns {Object}
+     */
+    static appendTypesToFieldNames(schemaRoot) {
+        for (const block of schemaRoot.nestedArray) {
+            if (block instanceof protobuf.Type) {
+                for (const [fieldName, fieldData] of Object.entries(block.fields)) {
+                    schemaRoot.nested[block.name].remove(block.fields[fieldName]);
+                    schemaRoot.nested[block.name].add(new protobuf.Field(`${fieldName} (${fieldData.type})`, fieldData.id, fieldData.type, fieldData.rule));
+                }
+            }
+        }
+        return schemaRoot;
+    }
+
+    /**
+     * Add field type to field name for fields in the raw decoded output
+     *
+     * @param {Object} rawDecode
+     * @param {Object} fieldTypes
+     * @returns {Object}
+     */
+    static showRawTypes(rawDecode, fieldTypes) {
+        for (const [fieldNum, value] of Object.entries(rawDecode)) {
+            const fieldType = fieldTypes[fieldNum];
+            let outputFieldValue;
+            let outputFieldType;
+
+            // Submessages
+            if (isNaN(fieldType)) {
+                outputFieldType = 2;
+
+                // Repeated submessages
+                if (Array.isArray(value)) {
+                    const fieldInstances = [];
+                    for (const instance of Object.keys(value)) {
+                        if (typeof(value[instance]) !== "string") {
+                            fieldInstances.push(this.showRawTypes(value[instance], fieldType));
+                        } else {
+                            fieldInstances.push(value[instance]);
+                        }
+                    }
+                    outputFieldValue = fieldInstances;
+
+                // Single submessage
+                } else {
+                    outputFieldValue = this.showRawTypes(value, fieldType);
+                }
+
+            // Non-submessage field
+            } else {
+                outputFieldType = fieldType;
+                outputFieldValue = value;
+            }
+
+            // Substitute fieldNum with field number and type
+            rawDecode[`field #${fieldNum}: ${this.getTypeInfo(outputFieldType)}`] = outputFieldValue;
+            delete rawDecode[fieldNum];
+        }
+        return rawDecode;
+    }
+
+    /**
+     * Compare raw decode to package decode and return discrepancies
+     *
+     * @param rawDecodedMessage
+     * @param schemaMessage
+     * @returns {Object}
+     */
+    static compareFields(rawDecodedMessage, schemaMessage) {
+        // Define message data using raw decode output and schema
+        const schemaFieldProperties = {};
+        const schemaFieldNames = Object.keys(schemaMessage.fields);
+        schemaFieldNames.forEach(field => schemaFieldProperties[schemaMessage.fields[field].id] = field);
+
+        // Loop over each field present in the raw decode output
+        for (const fieldName in rawDecodedMessage) {
+            let fieldId;
+            if (isNaN(fieldName)) {
+                fieldId = fieldName.match(/^field #(\d+)/)[1];
+            } else {
+                fieldId = fieldName;
+            }
+
+            // Check if this field is defined in the schema
+            if (fieldId in schemaFieldProperties) {
+                const schemaFieldName = schemaFieldProperties[fieldId];
+
+                // Extract the current field data from the raw decode and schema
+                const rawFieldData = rawDecodedMessage[fieldName];
+                const schemaField = schemaMessage.fields[schemaFieldName];
+
+                // Check for repeated fields
+                if (Array.isArray(rawFieldData) && !schemaField.repeated) {
+                    rawDecodedMessage[`(${schemaMessage.name}) ${schemaFieldName} is a repeated field`] = rawFieldData;
+                }
+
+                // Check for submessage fields
+                if (schemaField.resolvedType instanceof protobuf.Type) {
+                    const subMessageType = schemaMessage.fields[schemaFieldName].type;
+                    const schemaSubMessage = this.parsedProto.root.nested[subMessageType];
+                    const rawSubMessages = rawDecodedMessage[fieldName];
+                    let rawDecodedSubMessage = {};
+
+                    // Squash multiple submessage instances into one submessage
+                    if (Array.isArray(rawSubMessages)) {
+                        rawSubMessages.forEach(subMessageInstance => {
+                            const instanceFields = Object.entries(subMessageInstance);
+                            instanceFields.forEach(subField => {
+                                rawDecodedSubMessage[subField[0]] = subField[1];
+                            });
+                        });
+                    } else {
+                        rawDecodedSubMessage = rawSubMessages;
+                    }
+
+                    // Treat submessage as own message and compare its fields
+                    rawDecodedSubMessage = Protobuf.compareFields(rawDecodedSubMessage, schemaSubMessage);
+                    if (Object.entries(rawDecodedSubMessage).length !== 0) {
+                        rawDecodedMessage[`${schemaFieldName} (${subMessageType}) has missing fields`] = rawDecodedSubMessage;
+                    }
+                }
+                delete rawDecodedMessage[fieldName];
+            }
+        }
+        return rawDecodedMessage;
+    }
+
+    /**
+     * Returns wiretype information for input wiretype number
+     *
+     * @param {number} wireType
+     * @returns {string}
+     */
+    static getTypeInfo(wireType) {
+        switch (wireType) {
+            case 0:
+                return "VarInt (e.g. int32, bool)";
+            case 1:
+                return "64-Bit (e.g. fixed64, double)";
+            case 2:
+                return "L-delim (e.g. string, message)";
+            case 5:
+                return "32-Bit (e.g. fixed32, float)";
+        }
     }
 
     // Private Class Functions
@@ -143,6 +411,11 @@ class Protobuf {
         const header = this._fieldHeader();
         const type = header.type;
         const key = header.key;
+
+        if (typeof(this.fieldTypes[key]) !== "object") {
+            this.fieldTypes[key] = type;
+        }
+
         switch (type) {
             // varint
             case 0:
@@ -152,7 +425,7 @@ class Protobuf {
                 return { "key": key, "value": this._uint64() };
             // length delimited
             case 2:
-                return { "key": key, "value": this._lenDelim() };
+                return { "key": key, "value": this._lenDelim(key) };
             // fixed 32
             case 5:
                 return { "key": key, "value": this._uint32() };
@@ -237,10 +510,10 @@ class Protobuf {
      * @returns {number}
      */
     _uint64() {
-        // Read off a Uint64
-        let num = this.data[this.offset++] * 0x1000000 + (this.data[this.offset++] << 16) + (this.data[this.offset++] << 8) + this.data[this.offset++];
-        num = num * 0x100000000 + this.data[this.offset++] * 0x1000000 + (this.data[this.offset++] << 16) + (this.data[this.offset++] << 8) + this.data[this.offset++];
-        return num;
+        // Read off a Uint64 with little-endian
+        const lowerHalf = this.data[this.offset++] + (this.data[this.offset++] * 0x100) + (this.data[this.offset++] * 0x10000) + this.data[this.offset++] * 0x1000000;
+        const upperHalf = this.data[this.offset++] + (this.data[this.offset++] * 0x100) + (this.data[this.offset++] * 0x10000) + this.data[this.offset++] * 0x1000000;
+        return upperHalf * 0x100000000 + lowerHalf;
     }
 
     /**
@@ -249,7 +522,7 @@ class Protobuf {
      * @private
      * @returns {Object|string}
      */
-    _lenDelim() {
+    _lenDelim(fieldNum) {
         // Read off the field length
         const length = this._varInt();
         const fieldBytes = this.data.slice(this.offset, this.offset + length);
@@ -258,6 +531,10 @@ class Protobuf {
             // Attempt to parse as a new Protobuf Object
             const pbObject = new Protobuf(fieldBytes);
             field = pbObject._parse();
+
+            // Set field types object
+            this.fieldTypes[fieldNum] = {...this.fieldTypes[fieldNum], ...pbObject.fieldTypes};
+
         } catch (err) {
             // Otherwise treat as bytes
             field = Utils.byteArrayToChars(fieldBytes);
@@ -276,7 +553,7 @@ class Protobuf {
     _uint32() {
         // Use a dataview to read off the integer
         const dataview = new DataView(new Uint8Array(this.data.slice(this.offset, this.offset + 4)).buffer);
-        const value = dataview.getUint32(0);
+        const value = dataview.getUint32(0, true);
         this.offset += 4;
         return value;
     }

src/core/lib/Protocol.mjs

@@ -0,0 +1,47 @@
+/**
+ * Protocol parsing functions.
+ *
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import BigNumber from "bignumber.js";
+import {toHexFast} from "../lib/Hex.mjs";
+
+/**
+ * Recursively displays a JSON object as an HTML table
+ *
+ * @param {Object} obj
+ * @returns string
+ */
+export function objToTable(obj, nested=false) {
+    let html = `<table
+        class='table table-sm table-nonfluid ${nested ? "mb-0 table-borderless" : "table-bordered"}'
+        style='table-layout: fixed; ${nested ? "margin: -1px !important;" : ""}'>`;
+    if (!nested)
+        html += `<tr>
+            <th>Field</th>
+            <th>Value</th>
+        </tr>`;
+
+    for (const key in obj) {
+        html += `<tr><td style='word-wrap: break-word'>${key}</td>`;
+        if (typeof obj[key] === "object")
+            html += `<td style='padding: 0'>${objToTable(obj[key], true)}</td>`;
+        else
+            html += `<td>${obj[key]}</td>`;
+        html += "</tr>";
+    }
+    html += "</table>";
+    return html;
+}
+
+/**
+ * Converts bytes into a BigNumber string
+ * @param {Uint8Array} bs
+ * @returns {string}
+ */
+export function bytesToLargeNumber(bs) {
+    return BigNumber(toHexFast(bs), 16).toString();
+}

src/core/lib/PublicKey.mjs

@@ -9,35 +9,25 @@
 import { toHex, fromHex } from "./Hex.mjs";
 
 /**
- * Formats Distinguished Name (DN) strings.
+ * Formats Distinguished Name (DN) objects to strings.
  *
- * @param {string} dnStr
+ * @param {Object} dnObj
  * @param {number} indent
  * @returns {string}
  */
-export function formatDnStr (dnStr, indent) {
-    const fields = dnStr.substr(1).replace(/([^\\])\//g, "$1$1/").split(/[^\\]\//);
-    let output = "",
-        maxKeyLen = 0,
-        key,
-        value,
-        i,
-        str;
+export function formatDnObj(dnObj, indent) {
+    let output = "";
 
-    for (i = 0; i < fields.length; i++) {
-        if (!fields[i].length) continue;
+    const maxKeyLen = dnObj.array.reduce((max, item) => {
+        return item[0].type.length > max ? item[0].type.length : max;
+    }, 0);
 
-        key = fields[i].split("=")[0];
+    for (let i = 0; i < dnObj.array.length; i++) {
+        if (!dnObj.array[i].length) continue;
 
-        maxKeyLen = key.length > maxKeyLen ? key.length : maxKeyLen;
-    }
-
-    for (i = 0; i < fields.length; i++) {
-        if (!fields[i].length) continue;
-
-        key = fields[i].split("=")[0];
-        value = fields[i].split("=")[1];
-        str = key.padEnd(maxKeyLen, " ") + " = " + value + "\n";
+        const key = dnObj.array[i][0].type;
+        const value = dnObj.array[i][0].value;
+        const str = `${key.padEnd(maxKeyLen, " ")} = ${value}\n`;
 
         output += str.padStart(indent + str.length, " ");
     }
@@ -54,7 +44,7 @@ export function formatDnStr (dnStr, indent) {
  * @param {number} indent
  * @returns {string}
  */
-export function formatByteStr (byteStr, length, indent) {
+export function formatByteStr(byteStr, length, indent) {
     byteStr = toHex(fromHex(byteStr), ":");
     length = length * 3;
     let output = "";

src/core/lib/QRCode.mjs

@@ -9,8 +9,8 @@
 import OperationError from "../errors/OperationError.mjs";
 import jsQR from "jsqr";
 import qr from "qr-image";
-import jimp from "jimp";
 import Utils from "../Utils.mjs";
+import jimp from "jimp";
 
 /**
  * Parses a QR code image from an image

src/core/lib/RSA.mjs

@@ -0,0 +1,17 @@
+/**
+ * RSA resources.
+ *
+ * @author Matt C [me@mitt.dev]
+ * @copyright Crown Copyright 2021
+ * @license Apache-2.0
+ */
+
+import forge from "node-forge";
+
+export const MD_ALGORITHMS = {
+    "SHA-1": forge.md.sha1,
+    "MD5": forge.md.md5,
+    "SHA-256": forge.md.sha256,
+    "SHA-384": forge.md.sha384,
+    "SHA-512": forge.md.sha512,
+};

src/core/lib/SIGABA.mjs

@@ -0,0 +1,502 @@
+/**
+ * Emulation of the SIGABA machine
+ *
+ * @author hettysymes
+ * @copyright hettysymes 2020
+ * @license Apache-2.0
+ */
+
+/**
+ * A set of randomised example SIGABA cipher/control rotors (these rotors are interchangeable). Cipher and control rotors can be referred to as C and R rotors respectively.
+ */
+export const CR_ROTORS = [
+    {name: "Example 1", value: "SRGWANHPJZFXVIDQCEUKBYOLMT"},
+    {name: "Example 2", value: "THQEFSAZVKJYULBODCPXNIMWRG"},
+    {name: "Example 3", value: "XDTUYLEVFNQZBPOGIRCSMHWKAJ"},
+    {name: "Example 4", value: "LOHDMCWUPSTNGVXYFJREQIKBZA"},
+    {name: "Example 5", value: "ERXWNZQIJYLVOFUMSGHTCKPBDA"},
+    {name: "Example 6", value: "FQECYHJIOUMDZVPSLKRTGWXBAN"},
+    {name: "Example 7", value: "TBYIUMKZDJSOPEWXVANHLCFQGR"},
+    {name: "Example 8", value: "QZUPDTFNYIAOMLEBWJXCGHKRSV"},
+    {name: "Example 9", value: "CZWNHEMPOVXLKRSIDGJFYBTQAU"},
+    {name: "Example 10", value: "ENPXJVKYQBFZTICAGMOHWRLDUS"}
+];
+
+/**
+ * A set of randomised example SIGABA index rotors (may be referred to as I rotors).
+ */
+export const I_ROTORS = [
+    {name: "Example 1", value: "6201348957"},
+    {name: "Example 2", value: "6147253089"},
+    {name: "Example 3", value: "8239647510"},
+    {name: "Example 4", value: "7194835260"},
+    {name: "Example 5", value: "4873205916"}
+];
+
+export const NUMBERS = "0123456789".split("");
+
+/**
+ * Converts a letter to uppercase (if it already isn't)
+ *
+ * @param {char} letter - letter to convert to uppercase
+ * @returns {char}
+ */
+export function convToUpperCase(letter) {
+    const charCode = letter.charCodeAt();
+    if (97<=charCode && charCode<=122) {
+        return String.fromCharCode(charCode-32);
+    }
+    return letter;
+}
+
+/**
+ * The SIGABA machine consisting of the 3 rotor banks: cipher, control and index banks.
+ */
+export class SigabaMachine {
+
+    /**
+     * SigabaMachine constructor
+     *
+     * @param {Object[]} cipherRotors - list of CRRotors
+     * @param {Object[]} controlRotors - list of CRRotors
+     * @param {object[]} indexRotors - list of IRotors
+     */
+    constructor(cipherRotors, controlRotors, indexRotors) {
+        this.cipherBank = new CipherBank(cipherRotors);
+        this.controlBank = new ControlBank(controlRotors);
+        this.indexBank = new IndexBank(indexRotors);
+    }
+
+    /**
+     * Steps all the correct rotors in the machine.
+     */
+    step() {
+        const controlOut = this.controlBank.goThroughControl();
+        const indexOut = this.indexBank.goThroughIndex(controlOut);
+        this.cipherBank.step(indexOut);
+    }
+
+    /**
+     * Encrypts a letter. A space is converted to a "Z" before encryption, and a "Z" is converted to an "X". This allows spaces to be encrypted.
+     *
+     * @param {char} letter - letter to encrypt
+     * @returns {char}
+     */
+    encryptLetter(letter) {
+        letter = convToUpperCase(letter);
+        if (letter === " ") {
+            letter = "Z";
+        } else if (letter === "Z") {
+            letter = "X";
+        }
+        const encryptedLetter = this.cipherBank.encrypt(letter);
+        this.step();
+        return encryptedLetter;
+    }
+
+    /**
+     * Decrypts a letter. A letter decrypted as a "Z" is converted to a space before it is output, since spaces are converted to "Z"s before encryption.
+     *
+     * @param {char} letter - letter to decrypt
+     * @returns {char}
+     */
+    decryptLetter(letter) {
+        letter = convToUpperCase(letter);
+        let decryptedLetter = this.cipherBank.decrypt(letter);
+        if (decryptedLetter === "Z") {
+            decryptedLetter = " ";
+        }
+        this.step();
+        return decryptedLetter;
+    }
+
+    /**
+     * Encrypts a message of one or more letters
+     *
+     * @param {string} msg - message to encrypt
+     * @returns {string}
+     */
+    encrypt(msg) {
+        let ciphertext = "";
+        for (const letter of msg) {
+            ciphertext = ciphertext.concat(this.encryptLetter(letter));
+        }
+        return ciphertext;
+    }
+
+    /**
+     * Decrypts a message of one or more letters
+     *
+     * @param {string} msg - message to decrypt
+     * @returns {string}
+     */
+    decrypt(msg) {
+        let plaintext = "";
+        for (const letter of msg) {
+            plaintext = plaintext.concat(this.decryptLetter(letter));
+        }
+        return plaintext;
+    }
+
+}
+
+/**
+ * The cipher rotor bank consists of 5 cipher rotors in either a forward or reversed orientation.
+ */
+export class CipherBank {
+
+    /**
+     * CipherBank constructor
+     *
+     * @param {Object[]} rotors - list of CRRotors
+     */
+    constructor(rotors) {
+        this.rotors = rotors;
+    }
+
+    /**
+     * Encrypts a letter through the cipher rotors (signal goes from left-to-right)
+     *
+     * @param {char} inputPos - the input position of the signal (letter to be encrypted)
+     * @returns {char}
+     */
+    encrypt(inputPos) {
+        for (const rotor of this.rotors) {
+            inputPos = rotor.crypt(inputPos, "leftToRight");
+        }
+        return inputPos;
+    }
+
+    /**
+     * Decrypts a letter through the cipher rotors (signal goes from right-to-left)
+     *
+     * @param {char} inputPos - the input position of the signal (letter to be decrypted)
+     * @returns {char}
+     */
+    decrypt(inputPos) {
+        const revOrderedRotors = [...this.rotors].reverse();
+        for (const rotor of revOrderedRotors) {
+            inputPos = rotor.crypt(inputPos, "rightToLeft");
+        }
+        return inputPos;
+    }
+
+    /**
+     * Step the cipher rotors forward according to the inputs from the index rotors
+     *
+     * @param {number[]} indexInputs - the inputs from the index rotors
+     */
+    step(indexInputs) {
+        const logicDict = {0: [0, 9], 1: [7, 8], 2: [5, 6], 3: [3, 4], 4: [1, 2]};
+        const rotorsToMove = [];
+        for (const key in logicDict) {
+            const item = logicDict[key];
+            for (const i of indexInputs) {
+                if (item.includes(i)) {
+                    rotorsToMove.push(this.rotors[key]);
+                    break;
+                }
+            }
+        }
+        for (const rotor of rotorsToMove) {
+            rotor.step();
+        }
+    }
+
+}
+
+/**
+ * The control rotor bank consists of 5 control rotors in either a forward or reversed orientation. Signals to the control rotor bank always go from right-to-left.
+ */
+export class ControlBank {
+
+    /**
+     * ControlBank constructor. The rotors have been reversed as signals go from right-to-left through the control rotors.
+     *
+     * @param {Object[]} rotors - list of CRRotors
+     */
+    constructor(rotors) {
+        this.rotors = [...rotors].reverse();
+    }
+
+    /**
+     * Encrypts a letter.
+     *
+     * @param {char} inputPos - the input position of the signal
+     * @returns {char}
+     */
+    crypt(inputPos) {
+        for (const rotor of this.rotors) {
+            inputPos = rotor.crypt(inputPos, "rightToLeft");
+        }
+        return inputPos;
+    }
+
+    /**
+     * Gets the outputs of the control rotors. The inputs to the control rotors are always "F", "G", "H" and "I".
+     *
+     * @returns {number[]}
+     */
+    getOutputs() {
+        const outputs = [this.crypt("F"), this.crypt("G"), this.crypt("H"), this.crypt("I")];
+        const logicDict = {1: "B", 2: "C", 3: "DE", 4: "FGH", 5: "IJK", 6: "LMNO", 7: "PQRST", 8: "UVWXYZ", 9: "A"};
+        const numberOutputs = [];
+        for (const key in logicDict) {
+            const item = logicDict[key];
+            for (const output of outputs) {
+                if (item.includes(output)) {
+                    numberOutputs.push(key);
+                    break;
+                }
+            }
+        }
+        return numberOutputs;
+    }
+
+    /**
+     * Steps the control rotors. Only 3 of the control rotors step: one after every encryption, one after every 26, and one after every 26 squared.
+     */
+    step() {
+        const MRotor = this.rotors[1], FRotor = this.rotors[2], SRotor = this.rotors[3];
+        // 14 is the offset of "O" from "A" - the next rotor steps once the previous rotor reaches "O"
+        if (FRotor.state === 14) {
+            if (MRotor.state === 14) {
+                SRotor.step();
+            }
+            MRotor.step();
+        }
+        FRotor.step();
+    }
+
+    /**
+     * The goThroughControl function combines getting the outputs from the control rotor bank and then stepping them.
+     *
+     * @returns {number[]}
+     */
+    goThroughControl() {
+        const outputs = this.getOutputs();
+        this.step();
+        return outputs;
+    }
+
+}
+
+/**
+ * The index rotor bank consists of 5 index rotors all placed in the forwards orientation.
+ */
+export class IndexBank {
+
+    /**
+     * IndexBank constructor
+     *
+     * @param {Object[]} rotors - list of IRotors
+     */
+    constructor(rotors) {
+        this.rotors = rotors;
+    }
+
+    /**
+     * Encrypts a number.
+     *
+     * @param {number} inputPos - the input position of the signal
+     * @returns {number}
+     */
+    crypt(inputPos) {
+        for (const rotor of this.rotors) {
+            inputPos = rotor.crypt(inputPos);
+        }
+        return inputPos;
+    }
+
+    /**
+     * The goThroughIndex function takes the inputs from the control rotor bank and returns the list of outputs after encryption through the index rotors.
+     *
+     * @param {number[]} controlInputs - inputs from the control rotors
+     * @returns {number[]}
+     */
+    goThroughIndex(controlInputs) {
+        const outputs = [];
+        for (const inp of controlInputs) {
+            outputs.push(this.crypt(inp));
+        }
+        return outputs;
+    }
+
+}
+
+/**
+ * Rotor class
+ */
+export class Rotor {
+
+    /**
+     * Rotor constructor
+     *
+     * @param {number[]} wireSetting - the wirings within the rotor: mapping from left-to-right, the index of the number in the list maps onto the number at that index
+     * @param {bool} rev - true if the rotor is reversed, false if it isn't
+     * @param {number} key - the starting position or state of the rotor
+     */
+    constructor(wireSetting, key, rev) {
+        this.state = key;
+        this.numMapping = this.getNumMapping(wireSetting, rev);
+        this.posMapping = this.getPosMapping(rev);
+    }
+
+    /**
+     * Get the number mapping from the wireSetting (only different from wireSetting if rotor is reversed)
+     *
+     * @param {number[]} wireSetting - the wirings within the rotors
+     * @param {bool} rev - true if reversed, false if not
+     * @returns {number[]}
+     */
+    getNumMapping(wireSetting, rev) {
+        if (rev===false) {
+            return wireSetting;
+        } else {
+            const length = wireSetting.length;
+            const tempMapping = new Array(length);
+            for (let i=0; i<length; i++) {
+                tempMapping[wireSetting[i]] = i;
+            }
+            return tempMapping;
+        }
+    }
+
+    /**
+     * Get the position mapping (how the position numbers map onto the numbers of the rotor)
+     *
+     * @param {bool} rev - true if reversed, false if not
+     * @returns {number[]}
+     */
+    getPosMapping(rev) {
+        const length = this.numMapping.length;
+        const posMapping = [];
+        if (rev===false) {
+            for (let i = this.state; i < this.state+length; i++) {
+                let res = i%length;
+                if (res<0) {
+                    res += length;
+                }
+                posMapping.push(res);
+            }
+        } else {
+            for (let i = this.state; i > this.state-length; i--) {
+                let res = i%length;
+                if (res<0) {
+                    res += length;
+                }
+                posMapping.push(res);
+            }
+        }
+        return posMapping;
+    }
+
+    /**
+     * Encrypt/decrypt data. This process is identical to the rotors of cipher machines such as Enigma or Typex.
+     *
+     * @param {number} inputPos - the input position of the signal (the data to encrypt/decrypt)
+     * @param {string} direction - one of "leftToRight" and "rightToLeft", states the direction in which the signal passes through the rotor
+     * @returns {number}
+     */
+    cryptNum(inputPos, direction) {
+        const inpNum = this.posMapping[inputPos];
+        let outNum;
+        if (direction === "leftToRight") {
+            outNum = this.numMapping[inpNum];
+        } else if (direction === "rightToLeft") {
+            outNum = this.numMapping.indexOf(inpNum);
+        }
+        const outPos = this.posMapping.indexOf(outNum);
+        return outPos;
+    }
+
+    /**
+     * Steps the rotor. The number at position 0 will be moved to position 1 etc.
+     */
+    step() {
+        const lastNum = this.posMapping.pop();
+        this.posMapping.splice(0, 0, lastNum);
+        this.state = this.posMapping[0];
+    }
+
+}
+
+/**
+ * A CRRotor is a cipher (C) or control (R) rotor. These rotors are identical and interchangeable. A C or R rotor consists of 26 contacts, one for each letter, and may be put into either a forwards of reversed orientation.
+ */
+export class CRRotor extends Rotor {
+
+    /**
+     * CRRotor constructor
+     *
+     * @param {string} wireSetting - the rotor wirings (string of letters)
+     * @param {char} key - initial state of rotor
+     * @param {bool} rev - true if reversed, false if not
+     */
+    constructor(wireSetting, key, rev=false) {
+        wireSetting = wireSetting.split("").map(CRRotor.letterToNum);
+        super(wireSetting, CRRotor.letterToNum(key), rev);
+    }
+
+    /**
+     * Static function which converts a letter into its number i.e. its offset from the letter "A"
+     *
+     * @param {char} letter - letter to convert to number
+     * @returns {number}
+     */
+    static letterToNum(letter) {
+        return letter.charCodeAt()-65;
+    }
+
+    /**
+     * Static function which converts a number (a letter's offset from "A") into its letter
+     *
+     * @param {number} num - number to convert to letter
+     * @returns {char}
+     */
+    static numToLetter(num) {
+        return String.fromCharCode(num+65);
+    }
+
+    /**
+     * Encrypts/decrypts a letter.
+     *
+     * @param {char} inputPos - the input position of the signal ("A" refers to position 0 etc.)
+     * @param {string} direction - one of "leftToRight" and "rightToLeft"
+     * @returns {char}
+     */
+    crypt(inputPos, direction) {
+        inputPos = CRRotor.letterToNum(inputPos);
+        const outPos = this.cryptNum(inputPos, direction);
+        return CRRotor.numToLetter(outPos);
+    }
+
+}
+
+/**
+ * An IRotor is an index rotor, which consists of 10 contacts each numbered from 0 to 9. Unlike C and R rotors, they cannot be put in the reversed orientation. The index rotors do not step at any point during encryption or decryption.
+ */
+export class IRotor extends Rotor {
+
+    /**
+     * IRotor constructor
+     *
+     * @param {string} wireSetting - the rotor wirings (string of numbers)
+     * @param {char} key - initial state of rotor
+     */
+    constructor(wireSetting, key) {
+        wireSetting = wireSetting.split("").map(Number);
+        super(wireSetting, Number(key), false);
+    }
+
+    /**
+     * Encrypts a number
+     *
+     * @param {number} inputPos - the input position of the signal
+     * @returns {number}
+     */
+    crypt(inputPos) {
+        return this.cryptNum(inputPos, "leftToRight");
+    }
+
+}

src/core/lib/SM4.mjs

@@ -0,0 +1,331 @@
+/**
+ * Complete implementation of SM4 cipher encryption/decryption with
+ * ECB, CBC, CFB, OFB, CTR block modes.
+ * These modes are specified in IETF draft-ribose-cfrg-sm4-09, see:
+ * https://tools.ietf.org/id/draft-ribose-cfrg-sm4-09.html
+ * for details.
+ *
+ * Follows spec from Cryptography Standardization Technical Comittee:
+ * http://www.gmbz.org.cn/upload/2018-04-04/1522788048733065051.pdf
+ *
+ * @author swesven
+ * @copyright 2021
+ * @license Apache-2.0
+ */
+
+import OperationError from "../errors/OperationError.mjs";
+
+/** Number of rounds */
+const NROUNDS = 32;
+
+/** block size in bytes */
+const BLOCKSIZE = 16;
+
+/** The S box, 256 8-bit values */
+const Sbox = [
+    0xd6, 0x90, 0xe9, 0xfe, 0xcc, 0xe1, 0x3d, 0xb7, 0x16, 0xb6, 0x14, 0xc2, 0x28, 0xfb, 0x2c, 0x05,
+    0x2b, 0x67, 0x9a, 0x76, 0x2a, 0xbe, 0x04, 0xc3, 0xaa, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99,
+    0x9c, 0x42, 0x50, 0xf4, 0x91, 0xef, 0x98, 0x7a, 0x33, 0x54, 0x0b, 0x43, 0xed, 0xcf, 0xac, 0x62,
+    0xe4, 0xb3, 0x1c, 0xa9, 0xc9, 0x08, 0xe8, 0x95, 0x80, 0xdf, 0x94, 0xfa, 0x75, 0x8f, 0x3f, 0xa6,
+    0x47, 0x07, 0xa7, 0xfc, 0xf3, 0x73, 0x17, 0xba, 0x83, 0x59, 0x3c, 0x19, 0xe6, 0x85, 0x4f, 0xa8,
+    0x68, 0x6b, 0x81, 0xb2, 0x71, 0x64, 0xda, 0x8b, 0xf8, 0xeb, 0x0f, 0x4b, 0x70, 0x56, 0x9d, 0x35,
+    0x1e, 0x24, 0x0e, 0x5e, 0x63, 0x58, 0xd1, 0xa2, 0x25, 0x22, 0x7c, 0x3b, 0x01, 0x21, 0x78, 0x87,
+    0xd4, 0x00, 0x46, 0x57, 0x9f, 0xd3, 0x27, 0x52, 0x4c, 0x36, 0x02, 0xe7, 0xa0, 0xc4, 0xc8, 0x9e,
+    0xea, 0xbf, 0x8a, 0xd2, 0x40, 0xc7, 0x38, 0xb5, 0xa3, 0xf7, 0xf2, 0xce, 0xf9, 0x61, 0x15, 0xa1,
+    0xe0, 0xae, 0x5d, 0xa4, 0x9b, 0x34, 0x1a, 0x55, 0xad, 0x93, 0x32, 0x30, 0xf5, 0x8c, 0xb1, 0xe3,
+    0x1d, 0xf6, 0xe2, 0x2e, 0x82, 0x66, 0xca, 0x60, 0xc0, 0x29, 0x23, 0xab, 0x0d, 0x53, 0x4e, 0x6f,
+    0xd5, 0xdb, 0x37, 0x45, 0xde, 0xfd, 0x8e, 0x2f, 0x03, 0xff, 0x6a, 0x72, 0x6d, 0x6c, 0x5b, 0x51,
+    0x8d, 0x1b, 0xaf, 0x92, 0xbb, 0xdd, 0xbc, 0x7f, 0x11, 0xd9, 0x5c, 0x41, 0x1f, 0x10, 0x5a, 0xd8,
+    0x0a, 0xc1, 0x31, 0x88, 0xa5, 0xcd, 0x7b, 0xbd, 0x2d, 0x74, 0xd0, 0x12, 0xb8, 0xe5, 0xb4, 0xb0,
+    0x89, 0x69, 0x97, 0x4a, 0x0c, 0x96, 0x77, 0x7e, 0x65, 0xb9, 0xf1, 0x09, 0xc5, 0x6e, 0xc6, 0x84,
+    0x18, 0xf0, 0x7d, 0xec, 0x3a, 0xdc, 0x4d, 0x20, 0x79, 0xee, 0x5f, 0x3e, 0xd7, 0xcb, 0x39, 0x48
+];
+
+/** "Fixed parameter CK" used in key expansion */
+const CK = [
+    0x00070e15, 0x1c232a31, 0x383f464d, 0x545b6269,
+    0x70777e85, 0x8c939aa1, 0xa8afb6bd, 0xc4cbd2d9,
+    0xe0e7eef5, 0xfc030a11, 0x181f262d, 0x343b4249,
+    0x50575e65, 0x6c737a81, 0x888f969d, 0xa4abb2b9,
+    0xc0c7ced5, 0xdce3eaf1, 0xf8ff060d, 0x141b2229,
+    0x30373e45, 0x4c535a61, 0x686f767d, 0x848b9299,
+    0xa0a7aeb5, 0xbcc3cad1, 0xd8dfe6ed, 0xf4fb0209,
+    0x10171e25, 0x2c333a41, 0x484f565d, 0x646b7279
+];
+
+/** "System parameter FK" */
+const FK = [0xa3b1bac6, 0x56aa3350, 0x677d9197, 0xb27022dc];
+
+/**
+ * Rotating 32-bit shift left
+ *
+ * (Note that although JS integers are stored in doubles and thus have 53 bits,
+ * the JS bitwise operations are 32-bit)
+ */
+function ROL(i, n) {
+    return (i << n) | (i >>> (32 - n));
+}
+
+/**
+ * Linear transformation L
+ *
+ * @param {integer} b - a 32 bit integer
+ */
+function transformL(b) {
+    /* Replace each of the 4 bytes in b with the value at its offset in the Sbox */
+    b = (Sbox[(b >>> 24) & 0xFF] << 24) | (Sbox[(b >>> 16) & 0xFF] << 16) |
+        (Sbox[(b >>> 8) & 0xFF] << 8) | Sbox[b & 0xFF];
+    /* circular rotate and xor */
+    return b ^ ROL(b, 2) ^ ROL(b, 10) ^ ROL(b, 18) ^ ROL(b, 24);
+}
+
+/**
+ * Linear transformation L'
+ *
+ * @param {integer} b - a 32 bit integer
+ */
+function transformLprime(b) {
+    /* Replace each of the 4 bytes in b with the value at its offset in the Sbox */
+    b = (Sbox[(b >>> 24) & 0xFF] << 24) | (Sbox[(b >>> 16) & 0xFF] << 16) |
+        (Sbox[(b >>> 8) & 0xFF] << 8) | Sbox[b & 0xFF];
+    return b ^ ROL(b, 13) ^ ROL(b, 23); /* circular rotate and XOR */
+}
+
+/**
+ * Initialize the round key
+ */
+function initSM4RoundKey(rawkey) {
+    const K = rawkey.map((a, i) => a ^ FK[i]);    /* K = rawkey ^ FK */
+    const roundKey = [];
+    for (let i = 0; i < 32; i++)
+        roundKey[i] = K[i + 4] = K[i] ^ transformLprime(K[i + 1] ^ K[i + 2] ^ K[i + 3] ^ CK[i]);
+    return roundKey;
+}
+
+/**
+ * Encrypts/decrypts a single block X (4 32-bit values) with a prepared round key.
+ *
+ * @param {intArray} X - A cleartext block.
+ * @param {intArray} roundKey - The round key from initSMRoundKey for encrypting (reversed for decrypting).
+ * @returns {byteArray} - The cipher text.
+ */
+function encryptBlockSM4(X, roundKey) {
+    for (let i = 0; i < NROUNDS; i++)
+        X[i + 4] = X[i] ^ transformL(X[i + 1] ^ X[i + 2] ^ X[i + 3] ^ roundKey[i]);
+    return [X[35], X[34], X[33], X[32]];
+}
+
+/**
+ * Takes 16 bytes from an offset in an array and returns an array of 4 32-bit Big-Endian values.
+ * (DataView won't work portably here as we need Big-Endian)
+ *
+ * @param {byteArray} bArray - the array of bytes
+ * @param {integer} offset - starting offset in the array; 15 bytes must follow it.
+ */
+function bytesToInts(bArray, offs=0) {
+    let offset = offs;
+    const A = (bArray[offset] << 24) | (bArray[offset + 1] << 16) | (bArray[offset + 2] << 8) | bArray[offset + 3];
+    offset += 4;
+    const B = (bArray[offset] << 24) | (bArray[offset + 1] << 16) | (bArray[offset + 2] << 8) | bArray[offset + 3];
+    offset += 4;
+    const C = (bArray[offset] << 24) | (bArray[offset + 1] << 16) | (bArray[offset + 2] << 8) | bArray[offset + 3];
+    offset += 4;
+    const D = (bArray[offset] << 24) | (bArray[offset + 1] << 16) | (bArray[offset + 2] << 8) | bArray[offset + 3];
+    return [A, B, C, D];
+}
+
+/**
+ * Inverse of bytesToInts above; takes an array of 32-bit integers and turns it into an array of bytes.
+ * Again, Big-Endian order.
+ */
+function intsToBytes(ints) {
+    const bArr = [];
+    for (let i = 0; i < ints.length; i++) {
+        bArr.push((ints[i] >> 24) & 0xFF);
+        bArr.push((ints[i] >> 16) & 0xFF);
+        bArr.push((ints[i] >> 8) & 0xFF);
+        bArr.push(ints[i] & 0xFF);
+    }
+    return bArr;
+}
+
+/**
+ * Encrypt using SM4 using a given block cipher mode.
+ *
+ * @param {byteArray} message - The clear text message; any length under 32 Gb or so.
+ * @param {byteArray} key - The cipher key, 16 bytes.
+ * @param {byteArray} iv - The IV or nonce, 16 bytes (not used with ECB mode)
+ * @param {string} mode - The block cipher mode "CBC", "ECB", "CFB", "OFB", "CTR".
+ * @param {boolean} noPadding - Don't add PKCS#7 padding if set.
+ * @returns {byteArray} - The cipher text.
+ */
+export function encryptSM4(message, key, iv, mode="ECB", noPadding=false) {
+    const messageLength = message.length;
+    if (messageLength === 0)
+        return [];
+    const roundKey = initSM4RoundKey(bytesToInts(key, 0));
+
+    /* Pad with PKCS#7 if requested for ECB/CBC else add zeroes (which are sliced off at the end) */
+    let padByte = 0;
+    let nPadding = 16 - (message.length & 0xF);
+    if (mode === "ECB" || mode === "CBC") {
+        if (noPadding) {
+            if (nPadding !== 16)
+                throw new OperationError(`No padding requested in ${mode} mode but input is not a 16-byte multiple.`);
+            nPadding = 0;
+        } else
+            padByte = nPadding;
+    }
+    for (let i = 0; i < nPadding; i++)
+        message.push(padByte);
+
+    const cipherText = [];
+    switch (mode) {
+        case "ECB":
+            for (let i = 0; i < message.length; i += BLOCKSIZE)
+                Array.prototype.push.apply(cipherText, intsToBytes(encryptBlockSM4(bytesToInts(message, i), roundKey)));
+            break;
+        case "CBC":
+            iv = bytesToInts(iv, 0);
+            for (let i = 0; i < message.length; i += BLOCKSIZE) {
+                const block = bytesToInts(message, i);
+                block[0] ^= iv[0]; block[1] ^= iv[1];
+                block[2] ^= iv[2]; block[3] ^= iv[3];
+                iv = encryptBlockSM4(block, roundKey);
+                Array.prototype.push.apply(cipherText, intsToBytes(iv));
+            }
+            break;
+        case "CFB":
+            iv = bytesToInts(iv, 0);
+            for (let i = 0; i < message.length; i += BLOCKSIZE) {
+                iv = encryptBlockSM4(iv, roundKey);
+                const block = bytesToInts(message, i);
+                block[0] ^= iv[0]; block[1] ^= iv[1];
+                block[2] ^= iv[2]; block[3] ^= iv[3];
+                Array.prototype.push.apply(cipherText, intsToBytes(block));
+                iv = block;
+            }
+            break;
+        case "OFB":
+            iv = bytesToInts(iv, 0);
+            for (let i = 0; i < message.length; i += BLOCKSIZE) {
+                iv = encryptBlockSM4(iv, roundKey);
+                const block = bytesToInts(message, i);
+                block[0] ^= iv[0]; block[1] ^= iv[1];
+                block[2] ^= iv[2]; block[3] ^= iv[3];
+                Array.prototype.push.apply(cipherText, intsToBytes(block));
+            }
+            break;
+        case "CTR":
+            iv = bytesToInts(iv, 0);
+            for (let i = 0; i < message.length; i += BLOCKSIZE) {
+                let iv2 = [...iv]; /* containing the IV + counter */
+                iv2[3] += (i >> 4);/* Using a 32 bit counter here. 64 Gb encrypts should be enough for everyone. */
+                iv2 = encryptBlockSM4(iv2, roundKey);
+                const block = bytesToInts(message, i);
+                block[0] ^= iv2[0]; block[1] ^= iv2[1];
+                block[2] ^= iv2[2]; block[3] ^= iv2[3];
+                Array.prototype.push.apply(cipherText, intsToBytes(block));
+            }
+            break;
+        default:
+            throw new OperationError("Invalid block cipher mode: "+mode);
+    }
+    if (mode !== "ECB" && mode !== "CBC")
+        return cipherText.slice(0, messageLength);
+    return cipherText;
+}
+
+/**
+ * Decrypt using SM4 using a given block cipher mode.
+ *
+ * @param {byteArray} cipherText - The ciphertext
+ * @param {byteArray} key - The cipher key, 16 bytes.
+ * @param {byteArray} iv - The IV or nonce, 16 bytes (not used with ECB mode)
+ * @param {string} mode - The block cipher mode "CBC", "ECB", "CFB", "OFB", "CTR"
+ * @param {boolean] ignorePadding - If true, ignore padding issues in ECB/CBC mode.
+ * @returns {byteArray} - The cipher text.
+ */
+export function decryptSM4(cipherText, key, iv, mode="ECB", ignorePadding=false) {
+    const originalLength = cipherText.length;
+    if (originalLength === 0)
+        return [];
+    let roundKey = initSM4RoundKey(bytesToInts(key, 0));
+
+    if (mode === "ECB" || mode === "CBC") {
+        /* Init decryption key */
+        roundKey = roundKey.reverse();
+        if ((originalLength & 0xF) !== 0 && !ignorePadding)
+            throw new OperationError(`With ECB or CBC modes, the input must be divisible into 16 byte blocks. (${cipherText.length & 0xF} bytes extra)`);
+    } else { /* Pad dummy bytes for other modes, chop them off at the end */
+        while ((cipherText.length & 0xF) !== 0)
+            cipherText.push(0);
+    }
+
+    const clearText = [];
+    switch (mode) {
+        case "ECB":
+            for (let i = 0; i < cipherText.length; i += BLOCKSIZE)
+                Array.prototype.push.apply(clearText, intsToBytes(encryptBlockSM4(bytesToInts(cipherText, i), roundKey)));
+            break;
+        case "CBC":
+            iv = bytesToInts(iv, 0);
+            for (let i = 0; i < cipherText.length; i += BLOCKSIZE) {
+                const block = encryptBlockSM4(bytesToInts(cipherText, i), roundKey);
+                block[0] ^= iv[0]; block[1] ^= iv[1];
+                block[2] ^= iv[2]; block[3] ^= iv[3];
+                Array.prototype.push.apply(clearText, intsToBytes(block));
+                iv = bytesToInts(cipherText, i);
+            }
+            break;
+        case "CFB":
+            iv = bytesToInts(iv, 0);
+            for (let i = 0; i < cipherText.length; i += BLOCKSIZE) {
+                iv = encryptBlockSM4(iv, roundKey);
+                const block = bytesToInts(cipherText, i);
+                block[0] ^= iv[0]; block[1] ^= iv[1];
+                block[2] ^= iv[2]; block[3] ^= iv[3];
+                Array.prototype.push.apply(clearText, intsToBytes(block));
+                iv = bytesToInts(cipherText, i);
+            }
+            break;
+        case "OFB":
+            iv = bytesToInts(iv, 0);
+            for (let i = 0; i < cipherText.length; i += BLOCKSIZE) {
+                iv = encryptBlockSM4(iv, roundKey);
+                const block = bytesToInts(cipherText, i);
+                block[0] ^= iv[0]; block[1] ^= iv[1];
+                block[2] ^= iv[2]; block[3] ^= iv[3];
+                Array.prototype.push.apply(clearText, intsToBytes(block));
+            }
+            break;
+        case "CTR":
+            iv = bytesToInts(iv, 0);
+            for (let i = 0; i < cipherText.length; i += BLOCKSIZE) {
+                let iv2 = [...iv]; /* containing the IV + counter */
+                iv2[3] += (i >> 4);/* Using a 32 bit counter here. 64 Gb encrypts should be enough for everyone. */
+                iv2 = encryptBlockSM4(iv2, roundKey);
+                const block = bytesToInts(cipherText, i);
+                block[0] ^= iv2[0]; block[1] ^= iv2[1];
+                block[2] ^= iv2[2]; block[3] ^= iv2[3];
+                Array.prototype.push.apply(clearText, intsToBytes(block));
+            }
+            break;
+        default:
+            throw new OperationError(`Invalid block cipher mode: ${mode}`);
+    }
+    /* Check PKCS#7 padding */
+    if (mode === "ECB" || mode === "CBC") {
+        if (ignorePadding)
+            return clearText;
+        const padByte = clearText[clearText.length - 1];
+        if (padByte > 16)
+            throw new OperationError("Invalid PKCS#7 padding.");
+        for (let i = 0; i < padByte; i++)
+            if (clearText[clearText.length -i - 1] !== padByte)
+                throw new OperationError("Invalid PKCS#7 padding.");
+        return clearText.slice(0, clearText.length - padByte);
+    }
+    return clearText.slice(0, originalLength);
+}
+

src/core/lib/Sort.mjs

@@ -0,0 +1,117 @@
+/**
+ * Sorting functions
+ *
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ *
+ */
+
+/**
+ * Comparison operation for sorting of strings ignoring case.
+ *
+ * @param {string} a
+ * @param {string} b
+ * @returns {number}
+ */
+export function caseInsensitiveSort(a, b) {
+    return a.toLowerCase().localeCompare(b.toLowerCase());
+}
+
+
+/**
+ * Comparison operation for sorting of IPv4 addresses.
+ *
+ * @param {string} a
+ * @param {string} b
+ * @returns {number}
+ */
+export function ipSort(a, b) {
+    let a_ = a.split("."),
+        b_ = b.split(".");
+
+    a_ = a_[0] * 0x1000000 + a_[1] * 0x10000 + a_[2] * 0x100 + a_[3] * 1;
+    b_ = b_[0] * 0x1000000 + b_[1] * 0x10000 + b_[2] * 0x100 + b_[3] * 1;
+
+    if (isNaN(a_) && !isNaN(b_)) return 1;
+    if (!isNaN(a_) && isNaN(b_)) return -1;
+    if (isNaN(a_) && isNaN(b_)) return a.localeCompare(b);
+
+    return a_ - b_;
+}
+
+/**
+ * Comparison operation for sorting of numeric values.
+ *
+ * @author Chris van Marle
+ * @param {string} a
+ * @param {string} b
+ * @returns {number}
+ */
+export function numericSort(a, b) {
+    const a_ = a.split(/([^\d]+)/),
+        b_ = b.split(/([^\d]+)/);
+
+    for (let i = 0; i < a_.length && i < b.length; ++i) {
+        if (isNaN(a_[i]) && !isNaN(b_[i])) return 1; // Numbers after non-numbers
+        if (!isNaN(a_[i]) && isNaN(b_[i])) return -1;
+        if (isNaN(a_[i]) && isNaN(b_[i])) {
+            const ret = a_[i].localeCompare(b_[i]); // Compare strings
+            if (ret !== 0) return ret;
+        }
+        if (!isNaN(a_[i]) && !isNaN(b_[i])) { // Compare numbers
+            if (a_[i] - b_[i] !== 0) return a_[i] - b_[i];
+        }
+    }
+
+    return a.localeCompare(b);
+}
+
+/**
+ * Comparison operation for sorting of hexadecimal values.
+ *
+ * @author Chris van Marle
+ * @param {string} a
+ * @param {string} b
+ * @returns {number}
+ */
+export function hexadecimalSort(a, b) {
+    let a_ = a.split(/([^\da-f]+)/i),
+        b_ = b.split(/([^\da-f]+)/i);
+
+    a_ = a_.map(v => {
+        const t = parseInt(v, 16);
+        return isNaN(t) ? v : t;
+    });
+
+    b_ = b_.map(v => {
+        const t = parseInt(v, 16);
+        return isNaN(t) ? v : t;
+    });
+
+    for (let i = 0; i < a_.length && i < b.length; ++i) {
+        if (isNaN(a_[i]) && !isNaN(b_[i])) return 1; // Numbers after non-numbers
+        if (!isNaN(a_[i]) && isNaN(b_[i])) return -1;
+        if (isNaN(a_[i]) && isNaN(b_[i])) {
+            const ret = a_[i].localeCompare(b_[i]); // Compare strings
+            if (ret !== 0) return ret;
+        }
+        if (!isNaN(a_[i]) && !isNaN(b_[i])) { // Compare numbers
+            if (a_[i] - b_[i] !== 0) return a_[i] - b_[i];
+        }
+    }
+
+    return a.localeCompare(b);
+}
+
+/**
+ * Comparison operation for sorting by length
+ *
+ * @param {string} a
+ * @param {string} b
+ * @returns {number}
+ */
+export function lengthSort(a, b) {
+    return a.length - b.length;
+}
+

src/core/lib/Stream.mjs

@@ -27,15 +27,17 @@ export default class Stream {
     }
 
     /**
-     * Get a number of bytes from the current position.
+     * Get a number of bytes from the current position, or all remaining bytes.
      *
-     * @param {number} numBytes
+     * @param {number} [numBytes=null]
      * @returns {Uint8Array}
      */
-    getBytes(numBytes) {
+    getBytes(numBytes=null) {
         if (this.position > this.length) return undefined;
 
-        const newPosition = this.position + numBytes;
+        const newPosition = numBytes !== null ?
+            this.position + numBytes :
+            this.length;
         const bytes = this.bytes.slice(this.position, newPosition);
         this.position = newPosition;
         this.bitPos = 0;
@@ -46,12 +48,14 @@ export default class Stream {
      * Interpret the following bytes as a string, stopping at the next null byte or
      * the supplied limit.
      *
-     * @param {number} numBytes
+     * @param {number} [numBytes=-1]
      * @returns {string}
      */
-    readString(numBytes) {
+    readString(numBytes=-1) {
         if (this.position > this.length) return undefined;
 
+        if (numBytes === -1) numBytes = this.length - this.position;
+
         let result = "";
         for (let i = this.position; i < this.position + numBytes; i++) {
             const currentByte = this.bytes[i];
@@ -91,34 +95,40 @@ export default class Stream {
     }
 
     /**
-     * Reads a number of bits from the buffer.
-     *
-     * @TODO Add endianness
+     * Reads a number of bits from the buffer in big or little endian.
      *
      * @param {number} numBits
+     * @param {string} [endianness="be"]
      * @returns {number}
      */
-    readBits(numBits) {
+    readBits(numBits, endianness="be") {
         if (this.position > this.length) return undefined;
 
         let bitBuf = 0,
             bitBufLen = 0;
 
         // Add remaining bits from current byte
-        bitBuf = (this.bytes[this.position++] & bitMask(this.bitPos)) >>> this.bitPos;
+        bitBuf = this.bytes[this.position++] & bitMask(this.bitPos);
+        if (endianness !== "be") bitBuf >>>= this.bitPos;
         bitBufLen = 8 - this.bitPos;
         this.bitPos = 0;
 
         // Not enough bits yet
         while (bitBufLen < numBits) {
-            bitBuf |= this.bytes[this.position++] << bitBufLen;
+            if (endianness === "be")
+                bitBuf = (bitBuf << bitBufLen) | this.bytes[this.position++];
+            else
+                bitBuf |= this.bytes[this.position++] << bitBufLen;
             bitBufLen += 8;
         }
 
         // Reverse back to numBits
         if (bitBufLen > numBits) {
             const excess = bitBufLen - numBits;
-            bitBuf &= (1 << numBits) - 1;
+            if (endianness === "be")
+                bitBuf >>>= excess;
+            else
+                bitBuf &= (1 << numBits) - 1;
             bitBufLen -= excess;
             this.position--;
             this.bitPos = 8 - excess;
@@ -133,7 +143,9 @@ export default class Stream {
          * @returns {number} The bit mask
          */
         function bitMask(bitPos) {
-            return 256 - (1 << bitPos);
+            return endianness === "be" ?
+                (1 << (8 - bitPos)) - 1 :
+                256 - (1 << bitPos);
         }
     }
 
@@ -177,7 +189,7 @@ export default class Stream {
 
         // Get the skip table.
         const skiptable = preprocess(val, length);
-        let found = true;
+        let found;
 
         while (this.position < this.length) {
             // Until we hit the final element of val in the stream.
@@ -303,11 +315,13 @@ export default class Stream {
     /**
      * Returns a slice of the stream up to the current position.
      *
+     * @param {number} [start=0]
+     * @param {number} [finish=this.position]
      * @returns {Uint8Array}
      */
-    carve() {
-        if (this.bitPos > 0) this.position++;
-        return this.bytes.slice(0, this.position);
+    carve(start=0, finish=this.position) {
+        if (this.bitPos > 0) finish++;
+        return this.bytes.slice(start, finish);
     }
 
 }

src/core/operations/A1Z26CipherDecode.mjs

@@ -33,6 +33,38 @@ class A1Z26CipherDecode extends Operation {
                 value: DELIM_OPTIONS
             }
         ];
+        this.checks = [
+            {
+                pattern:  "^\\s*([12]?[0-9] )+[12]?[0-9]\\s*$",
+                flags:  "",
+                args:   ["Space"]
+            },
+            {
+                pattern:  "^\\s*([12]?[0-9],)+[12]?[0-9]\\s*$",
+                flags:  "",
+                args:   ["Comma"]
+            },
+            {
+                pattern:  "^\\s*([12]?[0-9];)+[12]?[0-9]\\s*$",
+                flags:  "",
+                args:   ["Semi-colon"]
+            },
+            {
+                pattern:  "^\\s*([12]?[0-9]:)+[12]?[0-9]\\s*$",
+                flags:  "",
+                args:   ["Colon"]
+            },
+            {
+                pattern:  "^\\s*([12]?[0-9]\\n)+[12]?[0-9]\\s*$",
+                flags:  "",
+                args:   ["Line feed"]
+            },
+            {
+                pattern:  "^\\s*([12]?[0-9]\\r\\n)+[12]?[0-9]\\s*$",
+                flags:  "",
+                args:   ["CRLF"]
+            }
+        ];
     }
 
     /**

src/core/operations/AESDecrypt.mjs

@@ -6,7 +6,7 @@
 
 import Operation from "../Operation.mjs";
 import Utils from "../Utils.mjs";
-import forge from "node-forge/dist/forge.min.js";
+import forge from "node-forge";
 import OperationError from "../errors/OperationError.mjs";
 
 /**
@@ -22,7 +22,7 @@ class AESDecrypt extends Operation {
 
         this.name = "AES Decrypt";
         this.module = "Ciphers";
-        this.description = "Advanced Encryption Standard (AES) is a U.S. Federal Information Processing Standard (FIPS). It was selected after a 5-year process where 15 competing designs were evaluated.<br><br><b>Key:</b> The following algorithms will be used based on the size of the key:<ul><li>16 bytes = AES-128</li><li>24 bytes = AES-192</li><li>32 bytes = AES-256</li></ul><br><br><b>IV:</b> The Initialization Vector should be 16 bytes long. If not entered, it will default to 16 null bytes.<br><br><b>Padding:</b> In CBC and ECB mode, PKCS#7 padding will be used.<br><br><b>GCM Tag:</b> This field is ignored unless 'GCM' mode is used.";
+        this.description = "Advanced Encryption Standard (AES) is a U.S. Federal Information Processing Standard (FIPS). It was selected after a 5-year process where 15 competing designs were evaluated.<br><br><b>Key:</b> The following algorithms will be used based on the size of the key:<ul><li>16 bytes = AES-128</li><li>24 bytes = AES-192</li><li>32 bytes = AES-256</li></ul><br><br><b>IV:</b> The Initialization Vector should be 16 bytes long. If not entered, it will default to 16 null bytes.<br><br><b>Padding:</b> In CBC and ECB mode, PKCS#7 padding will be used as a default.<br><br><b>GCM Tag:</b> This field is ignored unless 'GCM' mode is used.";
         this.infoURL = "https://wikipedia.org/wiki/Advanced_Encryption_Standard";
         this.inputType = "string";
         this.outputType = "string";
@@ -41,8 +41,41 @@ class AESDecrypt extends Operation {
             },
             {
                 "name": "Mode",
-                "type": "option",
-                "value": ["CBC", "CFB", "OFB", "CTR", "GCM", "ECB"]
+                "type": "argSelector",
+                "value": [
+                    {
+                        name: "CBC",
+                        off: [5, 6]
+                    },
+                    {
+                        name: "CFB",
+                        off: [5, 6]
+                    },
+                    {
+                        name: "OFB",
+                        off: [5, 6]
+                    },
+                    {
+                        name: "CTR",
+                        off: [5, 6]
+                    },
+                    {
+                        name: "GCM",
+                        on: [5, 6]
+                    },
+                    {
+                        name: "ECB",
+                        off: [5, 6]
+                    },
+                    {
+                        name: "CBC/NoPadding",
+                        off: [5, 6]
+                    },
+                    {
+                        name: "ECB/NoPadding",
+                        off: [5, 6]
+                    }
+                ]
             },
             {
                 "name": "Input",
@@ -59,6 +92,12 @@ class AESDecrypt extends Operation {
                 "type": "toggleString",
                 "value": "",
                 "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
+            },
+            {
+                "name": "Additional Authenticated Data",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
             }
         ];
     }
@@ -73,10 +112,12 @@ class AESDecrypt extends Operation {
     run(input, args) {
         const key = Utils.convertToByteString(args[0].string, args[0].option),
             iv = Utils.convertToByteString(args[1].string, args[1].option),
-            mode = args[2],
+            mode = args[2].substring(0, 3),
+            noPadding = args[2].endsWith("NoPadding"),
             inputType = args[3],
             outputType = args[4],
-            gcmTag = Utils.convertToByteString(args[5].string, args[5].option);
+            gcmTag = Utils.convertToByteString(args[5].string, args[5].option),
+            aad = Utils.convertToByteString(args[6].string, args[6].option);
 
         if ([16, 24, 32].indexOf(key.length) < 0) {
             throw new OperationError(`Invalid key length: ${key.length} bytes
@@ -90,9 +131,18 @@ The following algorithms will be used based on the size of the key:
         input = Utils.convertToByteString(input, inputType);
 
         const decipher = forge.cipher.createDecipher("AES-" + mode, key);
+
+        /* Allow for a "no padding" mode */
+        if (noPadding) {
+            decipher.mode.unpad = function(output, options) {
+                return true;
+            };
+        }
+
         decipher.start({
             iv: iv.length === 0 ? "" : iv,
-            tag: gcmTag
+            tag: mode === "GCM" ? gcmTag : undefined,
+            additionalData: mode === "GCM" ? aad : undefined
         });
         decipher.update(forge.util.createBuffer(input));
         const result = decipher.finish();

src/core/operations/AESEncrypt.mjs

@@ -6,7 +6,7 @@
 
 import Operation from "../Operation.mjs";
 import Utils from "../Utils.mjs";
-import forge from "node-forge/dist/forge.min.js";
+import forge from "node-forge";
 import OperationError from "../errors/OperationError.mjs";
 
 /**
@@ -41,8 +41,33 @@ class AESEncrypt extends Operation {
             },
             {
                 "name": "Mode",
-                "type": "option",
-                "value": ["CBC", "CFB", "OFB", "CTR", "GCM", "ECB"]
+                "type": "argSelector",
+                "value": [
+                    {
+                        name: "CBC",
+                        off: [5]
+                    },
+                    {
+                        name: "CFB",
+                        off: [5]
+                    },
+                    {
+                        name: "OFB",
+                        off: [5]
+                    },
+                    {
+                        name: "CTR",
+                        off: [5]
+                    },
+                    {
+                        name: "GCM",
+                        on: [5]
+                    },
+                    {
+                        name: "ECB",
+                        off: [5]
+                    }
+                ]
             },
             {
                 "name": "Input",
@@ -53,6 +78,12 @@ class AESEncrypt extends Operation {
                 "name": "Output",
                 "type": "option",
                 "value": ["Hex", "Raw"]
+            },
+            {
+                "name": "Additional Authenticated Data",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
             }
         ];
     }
@@ -69,7 +100,8 @@ class AESEncrypt extends Operation {
             iv = Utils.convertToByteString(args[1].string, args[1].option),
             mode = args[2],
             inputType = args[3],
-            outputType = args[4];
+            outputType = args[4],
+            aad = Utils.convertToByteString(args[5].string, args[5].option);
 
         if ([16, 24, 32].indexOf(key.length) < 0) {
             throw new OperationError(`Invalid key length: ${key.length} bytes
@@ -83,7 +115,10 @@ The following algorithms will be used based on the size of the key:
         input = Utils.convertToByteString(input, inputType);
 
         const cipher = forge.cipher.createCipher("AES-" + mode, key);
-        cipher.start({iv: iv});
+        cipher.start({
+            iv: iv,
+            additionalData: mode === "GCM" ? aad : undefined
+        });
         cipher.update(forge.util.createBuffer(input));
         cipher.finish();
 

src/core/operations/AESKeyUnwrap.mjs

@@ -0,0 +1,128 @@
+/**
+ * @author mikecat
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Utils from "../Utils.mjs";
+import { toHexFast } from "../lib/Hex.mjs";
+import forge from "node-forge";
+import OperationError from "../errors/OperationError.mjs";
+
+/**
+ * AES Key Unwrap operation
+ */
+class AESKeyUnwrap extends Operation {
+
+    /**
+     * AESKeyUnwrap constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "AES Key Unwrap";
+        this.module = "Ciphers";
+        this.description = "Decryptor for a key wrapping algorithm defined in RFC3394, which is used to protect keys in untrusted storage or communications, using AES.<br><br>This algorithm uses an AES key (KEK: key-encryption key) and a 64-bit IV to decrypt 64-bit blocks.";
+        this.infoURL = "https://wikipedia.org/wiki/Key_wrap";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                "name": "Key (KEK)",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
+            },
+            {
+                "name": "IV",
+                "type": "toggleString",
+                "value": "a6a6a6a6a6a6a6a6",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
+            },
+            {
+                "name": "Input",
+                "type": "option",
+                "value": ["Hex", "Raw"]
+            },
+            {
+                "name": "Output",
+                "type": "option",
+                "value": ["Hex", "Raw"]
+            },
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const kek = Utils.convertToByteString(args[0].string, args[0].option),
+            iv = Utils.convertToByteString(args[1].string, args[1].option),
+            inputType = args[2],
+            outputType = args[3];
+
+        if (kek.length !== 16 && kek.length !== 24 && kek.length !== 32) {
+            throw new OperationError("KEK must be either 16, 24, or 32 bytes (currently " + kek.length + " bytes)");
+        }
+        if (iv.length !== 8) {
+            throw new OperationError("IV must be 8 bytes (currently " + iv.length + " bytes)");
+        }
+        const inputData = Utils.convertToByteString(input, inputType);
+        if (inputData.length % 8 !== 0 || inputData.length < 24) {
+            throw new OperationError("input must be 8n (n>=3) bytes (currently " + inputData.length + " bytes)");
+        }
+
+        const cipher = forge.cipher.createCipher("AES-ECB", kek);
+        cipher.start();
+        cipher.update(forge.util.createBuffer(""));
+        cipher.finish();
+        const paddingBlock = cipher.output.getBytes();
+
+        const decipher = forge.cipher.createDecipher("AES-ECB", kek);
+
+        let A = inputData.substring(0, 8);
+        const R = [];
+        for (let i = 8; i < inputData.length; i += 8) {
+            R.push(inputData.substring(i, i + 8));
+        }
+        let cntLower = R.length >>> 0;
+        let cntUpper = (R.length / ((1 << 30) * 4)) >>> 0;
+        cntUpper = cntUpper * 6 + ((cntLower * 6 / ((1 << 30) * 4)) >>> 0);
+        cntLower = cntLower * 6 >>> 0;
+        for (let j = 5; j >= 0; j--) {
+            for (let i = R.length - 1; i >= 0; i--) {
+                const aBuffer = Utils.strToArrayBuffer(A);
+                const aView = new DataView(aBuffer);
+                aView.setUint32(0, aView.getUint32(0) ^ cntUpper);
+                aView.setUint32(4, aView.getUint32(4) ^ cntLower);
+                A = Utils.arrayBufferToStr(aBuffer, false);
+                decipher.start();
+                decipher.update(forge.util.createBuffer(A + R[i] + paddingBlock));
+                decipher.finish();
+                const B = decipher.output.getBytes();
+                A = B.substring(0, 8);
+                R[i] = B.substring(8, 16);
+                cntLower--;
+                if (cntLower < 0) {
+                    cntUpper--;
+                    cntLower = 0xffffffff;
+                }
+            }
+        }
+        if (A !== iv) {
+            throw new OperationError("IV mismatch");
+        }
+        const P = R.join("");
+
+        if (outputType === "Hex") {
+            return toHexFast(Utils.strToArrayBuffer(P));
+        }
+        return P;
+    }
+
+}
+
+export default AESKeyUnwrap;

src/core/operations/AESKeyWrap.mjs

@@ -0,0 +1,115 @@
+/**
+ * @author mikecat
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Utils from "../Utils.mjs";
+import { toHexFast } from "../lib/Hex.mjs";
+import forge from "node-forge";
+import OperationError from "../errors/OperationError.mjs";
+
+/**
+ * AES Key Wrap operation
+ */
+class AESKeyWrap extends Operation {
+
+    /**
+     * AESKeyWrap constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "AES Key Wrap";
+        this.module = "Ciphers";
+        this.description = "A key wrapping algorithm defined in RFC3394, which is used to protect keys in untrusted storage or communications, using AES.<br><br>This algorithm uses an AES key (KEK: key-encryption key) and a 64-bit IV to encrypt 64-bit blocks.";
+        this.infoURL = "https://wikipedia.org/wiki/Key_wrap";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                "name": "Key (KEK)",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
+            },
+            {
+                "name": "IV",
+                "type": "toggleString",
+                "value": "a6a6a6a6a6a6a6a6",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
+            },
+            {
+                "name": "Input",
+                "type": "option",
+                "value": ["Hex", "Raw"]
+            },
+            {
+                "name": "Output",
+                "type": "option",
+                "value": ["Hex", "Raw"]
+            },
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const kek = Utils.convertToByteString(args[0].string, args[0].option),
+            iv = Utils.convertToByteString(args[1].string, args[1].option),
+            inputType = args[2],
+            outputType = args[3];
+
+        if (kek.length !== 16 && kek.length !== 24 && kek.length !== 32) {
+            throw new OperationError("KEK must be either 16, 24, or 32 bytes (currently " + kek.length + " bytes)");
+        }
+        if (iv.length !== 8) {
+            throw new OperationError("IV must be 8 bytes (currently " + iv.length + " bytes)");
+        }
+        const inputData = Utils.convertToByteString(input, inputType);
+        if (inputData.length % 8 !== 0 || inputData.length < 16) {
+            throw new OperationError("input must be 8n (n>=2) bytes (currently " + inputData.length + " bytes)");
+        }
+
+        const cipher = forge.cipher.createCipher("AES-ECB", kek);
+
+        let A = iv;
+        const R = [];
+        for (let i = 0; i < inputData.length; i += 8) {
+            R.push(inputData.substring(i, i + 8));
+        }
+        let cntLower = 1, cntUpper = 0;
+        for (let j = 0; j < 6; j++) {
+            for (let i = 0; i < R.length; i++) {
+                cipher.start();
+                cipher.update(forge.util.createBuffer(A + R[i]));
+                cipher.finish();
+                const B = cipher.output.getBytes();
+                const msbBuffer = Utils.strToArrayBuffer(B.substring(0, 8));
+                const msbView = new DataView(msbBuffer);
+                msbView.setUint32(0, msbView.getUint32(0) ^ cntUpper);
+                msbView.setUint32(4, msbView.getUint32(4) ^ cntLower);
+                A = Utils.arrayBufferToStr(msbBuffer, false);
+                R[i] = B.substring(8, 16);
+                cntLower++;
+                if (cntLower > 0xffffffff) {
+                    cntUpper++;
+                    cntLower = 0;
+                }
+            }
+        }
+        const C = A + R.join("");
+
+        if (outputType === "Hex") {
+            return toHexFast(Utils.strToArrayBuffer(C));
+        }
+        return C;
+    }
+
+}
+
+export default AESKeyWrap;

src/core/operations/AMFDecode.mjs

@@ -0,0 +1,52 @@
+/**
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import "reflect-metadata"; // Required as a shim for the amf library
+import { AMF0, AMF3 } from "@astronautlabs/amf";
+
+/**
+ * AMF Decode operation
+ */
+class AMFDecode extends Operation {
+
+    /**
+     * AMFDecode constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "AMF Decode";
+        this.module = "Encodings";
+        this.description = "Action Message Format (AMF) is a binary format used to serialize object graphs such as ActionScript objects and XML, or send messages between an Adobe Flash client and a remote service, usually a Flash Media Server or third party alternatives.";
+        this.infoURL = "https://wikipedia.org/wiki/Action_Message_Format";
+        this.inputType = "ArrayBuffer";
+        this.outputType = "JSON";
+        this.args = [
+            {
+                name: "Format",
+                type: "option",
+                value: ["AMF0", "AMF3"],
+                defaultIndex: 1
+            }
+        ];
+    }
+
+    /**
+     * @param {ArrayBuffer} input
+     * @param {Object[]} args
+     * @returns {JSON}
+     */
+    run(input, args) {
+        const [format] = args;
+        const handler = format === "AMF0" ? AMF0 : AMF3;
+        const encoded = new Uint8Array(input);
+        return handler.Value.deserialize(encoded);
+    }
+
+}
+
+export default AMFDecode;

src/core/operations/AMFEncode.mjs

@@ -0,0 +1,52 @@
+/**
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import "reflect-metadata"; // Required as a shim for the amf library
+import { AMF0, AMF3 } from "@astronautlabs/amf";
+
+/**
+ * AMF Encode operation
+ */
+class AMFEncode extends Operation {
+
+    /**
+     * AMFEncode constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "AMF Encode";
+        this.module = "Encodings";
+        this.description = "Action Message Format (AMF) is a binary format used to serialize object graphs such as ActionScript objects and XML, or send messages between an Adobe Flash client and a remote service, usually a Flash Media Server or third party alternatives.";
+        this.infoURL = "https://wikipedia.org/wiki/Action_Message_Format";
+        this.inputType = "JSON";
+        this.outputType = "ArrayBuffer";
+        this.args = [
+            {
+                name: "Format",
+                type: "option",
+                value: ["AMF0", "AMF3"],
+                defaultIndex: 1
+            }
+        ];
+    }
+
+    /**
+     * @param {JSON} input
+     * @param {Object[]} args
+     * @returns {ArrayBuffer}
+     */
+    run(input, args) {
+        const [format] = args;
+        const handler = format === "AMF0" ? AMF0 : AMF3;
+        const output = handler.Value.any(input).serialize();
+        return output.buffer;
+    }
+
+}
+
+export default AMFEncode;

src/core/operations/Argon2.mjs

@@ -0,0 +1,117 @@
+/**
+ * @author Tan Zhen Yong [tzy@beyondthesprawl.com]
+ * @copyright Crown Copyright 2019
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import OperationError from "../errors/OperationError.mjs";
+import Utils from "../Utils.mjs";
+import argon2 from "argon2-browser";
+
+/**
+ * Argon2 operation
+ */
+class Argon2 extends Operation {
+
+    /**
+     * Argon2 constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Argon2";
+        this.module = "Crypto";
+        this.description = "Argon2 is a key derivation function that was selected as the winner of the Password Hashing Competition in July 2015. It was designed by Alex Biryukov, Daniel Dinu, and Dmitry Khovratovich from the University of Luxembourg.<br><br>Enter the password in the input to generate its hash.";
+        this.infoURL = "https://wikipedia.org/wiki/Argon2";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                "name": "Salt",
+                "type": "toggleString",
+                "value": "somesalt",
+                "toggleValues": ["UTF8", "Hex", "Base64", "Latin1"]
+            },
+            {
+                "name": "Iterations",
+                "type": "number",
+                "value": 3
+            },
+            {
+                "name": "Memory (KiB)",
+                "type": "number",
+                "value": 4096
+            },
+            {
+                "name": "Parallelism",
+                "type": "number",
+                "value": 1
+            },
+            {
+                "name": "Hash length (bytes)",
+                "type": "number",
+                "value": 32
+            },
+            {
+                "name": "Type",
+                "type": "option",
+                "value": ["Argon2i", "Argon2d", "Argon2id"],
+                "defaultIndex": 0
+            },
+            {
+                "name": "Output format",
+                "type": "option",
+                "value": ["Encoded hash", "Hex hash", "Raw hash"]
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    async run(input, args) {
+        const argon2Types = {
+            "Argon2i": argon2.ArgonType.Argon2i,
+            "Argon2d": argon2.ArgonType.Argon2d,
+            "Argon2id": argon2.ArgonType.Argon2id
+        };
+
+        const salt = Utils.convertToByteString(args[0].string || "", args[0].option),
+            time = args[1],
+            mem = args[2],
+            parallelism = args[3],
+            hashLen = args[4],
+            type = argon2Types[args[5]],
+            outFormat = args[6];
+
+        try {
+            const result = await argon2.hash({
+                pass: input,
+                salt,
+                time,
+                mem,
+                parallelism,
+                hashLen,
+                type,
+            });
+
+            switch (outFormat) {
+                case "Hex hash":
+                    return result.hashHex;
+                case "Raw hash":
+                    return Utils.arrayBufferToStr(result.hash);
+                case "Encoded hash":
+                default:
+                    return result.encoded;
+            }
+        } catch (err) {
+            throw new OperationError(`Error: ${err.message}`);
+        }
+    }
+
+}
+
+export default Argon2;

src/core/operations/Argon2Compare.mjs

@@ -0,0 +1,58 @@
+/**
+ * @author Tan Zhen Yong [tzy@beyondthesprawl.com]
+ * @copyright Crown Copyright 2019
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import argon2 from "argon2-browser";
+
+/**
+ * Argon2 compare operation
+ */
+class Argon2Compare extends Operation {
+
+    /**
+     * Argon2Compare constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Argon2 compare";
+        this.module = "Crypto";
+        this.description = "Tests whether the input matches the given Argon2 hash. To test multiple possible passwords, use the 'Fork' operation.";
+        this.infoURL = "https://wikipedia.org/wiki/Argon2";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                "name": "Encoded hash",
+                "type": "string",
+                "value": ""
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    async run(input, args) {
+        const encoded = args[0];
+
+        try {
+            await argon2.verify({
+                pass: input,
+                encoded
+            });
+
+            return `Match: ${input}`;
+        } catch (err) {
+            return "No match";
+        }
+    }
+
+}
+
+export default Argon2Compare;

src/core/operations/BaconCipherDecode.mjs

@@ -44,6 +44,48 @@ class BaconCipherDecode extends Operation {
                 "value": false
             }
         ];
+        this.checks = [
+            {
+                pattern:  "^\\s*([01]{5}\\s?)+$",
+                flags:  "",
+                args:   ["Standard (I=J and U=V)", "0/1", false]
+            },
+            {
+                pattern:  "^\\s*([01]{5}\\s?)+$",
+                flags:  "",
+                args:   ["Standard (I=J and U=V)", "0/1", true]
+            },
+            {
+                pattern:  "^\\s*([AB]{5}\\s?)+$",
+                flags:  "",
+                args:   ["Standard (I=J and U=V)", "A/B", false]
+            },
+            {
+                pattern:  "^\\s*([AB]{5}\\s?)+$",
+                flags:  "",
+                args:   ["Standard (I=J and U=V)", "A/B", true]
+            },
+            {
+                pattern:  "^\\s*([01]{5}\\s?)+$",
+                flags:  "",
+                args:   ["Complete", "0/1", false]
+            },
+            {
+                pattern:  "^\\s*([01]{5}\\s?)+$",
+                flags:  "",
+                args:   ["Complete", "0/1", true]
+            },
+            {
+                pattern:  "^\\s*([AB]{5}\\s?)+$",
+                flags:  "",
+                args:   ["Complete", "A/B", false]
+            },
+            {
+                pattern:  "^\\s*([AB]{5}\\s?)+$",
+                flags:  "",
+                args:   ["Complete", "A/B", true]
+            }
+        ];
     }
 
     /**

src/core/operations/BlowfishDecrypt.mjs

@@ -6,7 +6,7 @@
 
 import Operation from "../Operation.mjs";
 import Utils from "../Utils.mjs";
-import forge from "node-forge/dist/forge.min.js";
+import forge from "node-forge";
 import OperationError from "../errors/OperationError.mjs";
 import { Blowfish } from "../lib/Blowfish.mjs";
 

src/core/operations/BlowfishEncrypt.mjs

@@ -6,7 +6,7 @@
 
 import Operation from "../Operation.mjs";
 import Utils from "../Utils.mjs";
-import forge from "node-forge/dist/forge.min.js";
+import forge from "node-forge";
 import OperationError from "../errors/OperationError.mjs";
 import { Blowfish } from "../lib/Blowfish.mjs";
 

src/core/operations/BlurImage.mjs

@@ -9,8 +9,8 @@ import OperationError from "../errors/OperationError.mjs";
 import { isWorkerEnvironment } from "../Utils.mjs";
 import { isImage } from "../lib/FileType.mjs";
 import { toBase64 } from "../lib/Base64.mjs";
-import jimp from "jimp";
 import { gaussianBlur } from "../lib/ImageManipulation.mjs";
+import jimp from "jimp";
 
 /**
  * Blur Image operation

src/core/operations/Bombe.mjs

@@ -1,6 +1,9 @@
 /**
  * Emulation of the Bombe machine.
  *
+ * Tested against the Bombe Rebuild at Bletchley Park's TNMOC
+ * using a variety of inputs and settings to confirm correctness.
+ *
  * @author s2224834
  * @copyright Crown Copyright 2019
  * @license Apache-2.0

src/core/operations/Bzip2Decompress.mjs

@@ -33,9 +33,9 @@ class Bzip2Decompress extends Operation {
                 value: false
             }
         ];
-        this.patterns = [
+        this.checks = [
             {
-                "match": "^\\x42\\x5a\\x68",
+                "pattern": "^\\x42\\x5a\\x68",
                 "flags": "",
                 "args": []
             }

src/core/operations/CBORDecode.mjs

@@ -0,0 +1,41 @@
+/**
+ * @author Danh4 [dan.h4@ncsc.gov.uk]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Cbor from "cbor";
+
+/**
+ * CBOR Decode operation
+ */
+class CBORDecode extends Operation {
+
+    /**
+     * CBORDecode constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "CBOR Decode";
+        this.module = "Serialise";
+        this.description = "Concise Binary Object Representation (CBOR) is a binary data serialization format loosely based on JSON. Like JSON it allows the transmission of data objects that contain name–value pairs, but in a more concise manner. This increases processing and transfer speeds at the cost of human readability. It is defined in IETF RFC 8949.";
+        this.infoURL = "https://wikipedia.org/wiki/CBOR";
+        this.inputType = "ArrayBuffer";
+        this.outputType = "JSON";
+        this.args = [];
+    }
+
+    /**
+     * @param {ArrayBuffer} input
+     * @param {Object[]} args
+     * @returns {JSON}
+     */
+    run(input, args) {
+        return Cbor.decodeFirstSync(Buffer.from(input).toString("hex"));
+    }
+
+}
+
+export default CBORDecode;

src/core/operations/CBOREncode.mjs

@@ -0,0 +1,41 @@
+/**
+ * @author Danh4 [dan.h4@ncsc.gov.uk]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Cbor from "cbor";
+
+/**
+ * CBOR Encode operation
+ */
+class CBOREncode extends Operation {
+
+    /**
+     * CBOREncode constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "CBOR Encode";
+        this.module = "Serialise";
+        this.description = "Concise Binary Object Representation (CBOR) is a binary data serialization format loosely based on JSON. Like JSON it allows the transmission of data objects that contain name–value pairs, but in a more concise manner. This increases processing and transfer speeds at the cost of human readability. It is defined in IETF RFC 8949.";
+        this.infoURL = "https://wikipedia.org/wiki/CBOR";
+        this.inputType = "JSON";
+        this.outputType = "ArrayBuffer";
+        this.args = [];
+    }
+
+    /**
+     * @param {JSON} input
+     * @param {Object[]} args
+     * @returns {ArrayBuffer}
+     */
+    run(input, args) {
+        return new Uint8Array(Cbor.encodeCanonical(input)).buffer;
+    }
+
+}
+
+export default CBOREncode;

src/core/operations/CMAC.mjs

@@ -0,0 +1,149 @@
+/**
+ * @author mikecat
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Utils from "../Utils.mjs";
+import forge from "node-forge";
+import { toHexFast } from "../lib/Hex.mjs";
+import OperationError from "../errors/OperationError.mjs";
+
+/**
+ * CMAC operation
+ */
+class CMAC extends Operation {
+
+    /**
+     * CMAC constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "CMAC";
+        this.module = "Crypto";
+        this.description = "CMAC is a block-cipher based message authentication code algorithm.<br><br>RFC4493 defines AES-CMAC that uses AES encryption with a 128-bit key.<br>NIST SP 800-38B suggests usages of AES with other key lengths and Triple DES.";
+        this.infoURL = "https://wikipedia.org/wiki/CMAC";
+        this.inputType = "ArrayBuffer";
+        this.outputType = "string";
+        this.args = [
+            {
+                "name": "Key",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
+            },
+            {
+                "name": "Encryption algorithm",
+                "type": "option",
+                "value": ["AES", "Triple DES"]
+            }
+        ];
+    }
+
+    /**
+     * @param {ArrayBuffer} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const key = Utils.convertToByteString(args[0].string, args[0].option);
+        const algo = args[1];
+
+        const info = (function() {
+            switch (algo) {
+                case "AES":
+                    if (key.length !== 16 && key.length !== 24 && key.length !== 32) {
+                        throw new OperationError("The key for AES must be either 16, 24, or 32 bytes (currently " + key.length + " bytes)");
+                    }
+                    return {
+                        "algorithm": "AES-ECB",
+                        "key": key,
+                        "blockSize": 16,
+                        "Rb": new Uint8Array([0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x87]),
+                    };
+                case "Triple DES":
+                    if (key.length !== 16 && key.length !== 24) {
+                        throw new OperationError("The key for Triple DES must be 16 or 24 bytes (currently " + key.length + " bytes)");
+                    }
+                    return {
+                        "algorithm": "3DES-ECB",
+                        "key": key.length === 16 ? key + key.substring(0, 8) : key,
+                        "blockSize": 8,
+                        "Rb": new Uint8Array([0, 0, 0, 0, 0, 0, 0, 0x1b]),
+                    };
+                default:
+                    throw new OperationError("Undefined encryption algorithm");
+            }
+        })();
+
+        const xor = function(a, b, out) {
+            if (!out) out = new Uint8Array(a.length);
+            for (let i = 0; i < a.length; i++) {
+                out[i] = a[i] ^ b[i];
+            }
+            return out;
+        };
+
+        const leftShift1 = function(a) {
+            const out = new Uint8Array(a.length);
+            let carry = 0;
+            for (let i = a.length - 1; i >= 0; i--) {
+                out[i] = (a[i] << 1) | carry;
+                carry = a[i] >> 7;
+            }
+            return out;
+        };
+
+        const cipher = forge.cipher.createCipher(info.algorithm, info.key);
+        const encrypt = function(a, out) {
+            if (!out) out = new Uint8Array(a.length);
+            cipher.start();
+            cipher.update(forge.util.createBuffer(a));
+            cipher.finish();
+            const cipherText = cipher.output.getBytes();
+            for (let i = 0; i < a.length; i++) {
+                out[i] = cipherText.charCodeAt(i);
+            }
+            return out;
+        };
+
+        const L = encrypt(new Uint8Array(info.blockSize));
+        const K1 = leftShift1(L);
+        if (L[0] & 0x80) xor(K1, info.Rb, K1);
+        const K2 = leftShift1(K1);
+        if (K1[0] & 0x80) xor(K2, info.Rb, K2);
+
+        const n = Math.ceil(input.byteLength / info.blockSize);
+        const lastBlock = (function() {
+            if (n === 0) {
+                const data = new Uint8Array(K2);
+                data[0] ^= 0x80;
+                return data;
+            }
+            const inputLast = new Uint8Array(input, info.blockSize * (n - 1));
+            if (inputLast.length === info.blockSize) {
+                return xor(inputLast, K1, inputLast);
+            } else {
+                const data = new Uint8Array(info.blockSize);
+                data.set(inputLast, 0);
+                data[inputLast.length] = 0x80;
+                return xor(data, K2, data);
+            }
+        })();
+
+        const X = new Uint8Array(info.blockSize);
+        const Y = new Uint8Array(info.blockSize);
+        for (let i = 0; i < n - 1; i++) {
+            xor(X, new Uint8Array(input, info.blockSize * i, info.blockSize), Y);
+            encrypt(Y, X);
+        }
+        xor(lastBlock, X, Y);
+        const T = encrypt(Y);
+        return toHexFast(T);
+    }
+
+}
+
+export default CMAC;

src/core/operations/CTPH.mjs

@@ -21,7 +21,7 @@ class CTPH extends Operation {
         this.name = "CTPH";
         this.module = "Crypto";
         this.description = "Context Triggered Piecewise Hashing, also called Fuzzy Hashing, can match inputs that have homologies. Such inputs have sequences of identical bytes in the same order, although bytes in between these sequences may be different in both content and length.<br><br>CTPH was originally based on the work of Dr. Andrew Tridgell and a spam email detector called SpamSum. This method was adapted by Jesse Kornblum and published at the DFRWS conference in 2006 in a paper 'Identifying Almost Identical Files Using Context Triggered Piecewise Hashing'.";
-        this.infoURL = "https://forensicswiki.org/wiki/Context_Triggered_Piecewise_Hashing";
+        this.infoURL = "https://forensics.wiki/context_triggered_piecewise_hashing/";
         this.inputType = "string";
         this.outputType = "string";
         this.args = [];

src/core/operations/CaesarBoxCipher.mjs

@@ -0,0 +1,61 @@
+/**
+ * @author n1073645 [n1073645@gmail.com]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+
+/**
+ * Caesar Box Cipher operation
+ */
+class CaesarBoxCipher extends Operation {
+
+    /**
+     * CaesarBoxCipher constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Caesar Box Cipher";
+        this.module = "Ciphers";
+        this.description = "Caesar Box is a transposition cipher used in the Roman Empire, in which letters of the message are written in rows in a square (or a rectangle) and then, read by column.";
+        this.infoURL = "https://www.dcode.fr/caesar-box-cipher";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                name: "Box Height",
+                type: "number",
+                value: 1
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const tableHeight = args[0];
+        const tableWidth = Math.ceil(input.length / tableHeight);
+        while (input.indexOf(" ") !== -1)
+            input = input.replace(" ", "");
+        for (let i = 0; i < (tableHeight * tableWidth) - input.length; i++) {
+            input += "\x00";
+        }
+        let result = "";
+        for (let i = 0; i < tableHeight; i++) {
+            for (let j = i; j < input.length; j += tableHeight) {
+                if (input.charAt(j) !== "\x00") {
+                    result += input.charAt(j);
+                }
+            }
+        }
+        return result;
+    }
+
+}
+
+export default CaesarBoxCipher;

src/core/operations/CetaceanCipherDecode.mjs

@@ -0,0 +1,63 @@
+/**
+ * @author dolphinOnKeys [robin@weird.io]
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+
+/**
+ * Cetacean Cipher Decode operation
+ */
+class CetaceanCipherDecode extends Operation {
+
+    /**
+     * CetaceanCipherDecode constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Cetacean Cipher Decode";
+        this.module = "Ciphers";
+        this.description = "Decode Cetacean Cipher input. <br/><br/>e.g. <code>EEEEEEEEEeeEeEEEEEEEEEEEEeeEeEEe</code> becomes <code>hi</code>";
+        this.infoURL = "https://hitchhikers.fandom.com/wiki/Dolphins";
+        this.inputType = "string";
+        this.outputType = "string";
+
+        this.checks = [
+            {
+                pattern: "^(?:[eE]{16,})(?: [eE]{16,})*$",
+                flags: "",
+                args: []
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const binaryArray = [];
+        for (const char of input) {
+            if (char === " ") {
+                binaryArray.push(...[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0]);
+            } else {
+                binaryArray.push(char === "e" ? 1 : 0);
+            }
+        }
+
+        const byteArray = [];
+
+        for (let i = 0;  i < binaryArray.length; i += 16) {
+            byteArray.push(binaryArray.slice(i, i + 16).join(""));
+        }
+
+        return byteArray.map(byte =>
+            String.fromCharCode(parseInt(byte, 2))
+        ).join("");
+    }
+}
+
+export default CetaceanCipherDecode;

src/core/operations/CetaceanCipherEncode.mjs

@@ -0,0 +1,51 @@
+/**
+ * @author dolphinOnKeys [robin@weird.io]
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import {toBinary} from "../lib/Binary.mjs";
+
+/**
+ * Cetacean Cipher Encode operation
+ */
+class CetaceanCipherEncode extends Operation {
+
+    /**
+     * CetaceanCipherEncode constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Cetacean Cipher Encode";
+        this.module = "Ciphers";
+        this.description = "Converts any input into Cetacean Cipher. <br/><br/>e.g. <code>hi</code> becomes <code>EEEEEEEEEeeEeEEEEEEEEEEEEeeEeEEe</code>";
+        this.infoURL = "https://hitchhikers.fandom.com/wiki/Dolphins";
+        this.inputType = "string";
+        this.outputType = "string";
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const result = [];
+        const charArray = input.split("");
+
+        charArray.map(character => {
+            if (character === " ") {
+                result.push(character);
+            } else {
+                const binaryArray = toBinary(character.charCodeAt(0), "None", 16).split("");
+                result.push(binaryArray.map(str => str === "1" ? "e" : "E").join(""));
+            }
+        });
+
+        return result.join("");
+    }
+}
+
+export default CetaceanCipherEncode;

src/core/operations/ChaCha.mjs

@@ -0,0 +1,234 @@
+/**
+ * @author joostrijneveld [joost@joostrijneveld.nl]
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import OperationError from "../errors/OperationError.mjs";
+import Utils from "../Utils.mjs";
+import { toHex } from "../lib/Hex.mjs";
+
+/**
+ * Computes the ChaCha block function
+ *
+ * @param {byteArray} key
+ * @param {byteArray} nonce
+ * @param {byteArray} counter
+ * @param {integer} rounds
+ * @returns {byteArray}
+ */
+function chacha(key, nonce, counter, rounds) {
+    const tau = "expand 16-byte k";
+    const sigma = "expand 32-byte k";
+
+    let state, c;
+    if (key.length === 16) {
+        c = Utils.strToByteArray(tau);
+        state = c.concat(key).concat(key);
+    } else {
+        c = Utils.strToByteArray(sigma);
+        state = c.concat(key);
+    }
+    state = state.concat(counter).concat(nonce);
+
+    const x = Array();
+    for (let i = 0; i < 64; i += 4) {
+        x.push(Utils.byteArrayToInt(state.slice(i, i + 4), "little"));
+    }
+    const a = [...x];
+
+    /**
+     * Macro to compute a 32-bit rotate-left operation
+     *
+     * @param {integer} x
+     * @param {integer} n
+     * @returns {integer}
+     */
+    function ROL32(x, n) {
+        return ((x << n) & 0xFFFFFFFF) | (x >>> (32 - n));
+    }
+
+    /**
+     * Macro to compute a single ChaCha quarterround operation
+     *
+     * @param {integer} x
+     * @param {integer} a
+     * @param {integer} b
+     * @param {integer} c
+     * @param {integer} d
+     * @returns {integer}
+     */
+    function quarterround(x, a, b, c, d) {
+        x[a] = ((x[a] + x[b]) & 0xFFFFFFFF); x[d] = ROL32(x[d] ^ x[a], 16);
+        x[c] = ((x[c] + x[d]) & 0xFFFFFFFF); x[b] = ROL32(x[b] ^ x[c], 12);
+        x[a] = ((x[a] + x[b]) & 0xFFFFFFFF); x[d] = ROL32(x[d] ^ x[a], 8);
+        x[c] = ((x[c] + x[d]) & 0xFFFFFFFF); x[b] = ROL32(x[b] ^ x[c], 7);
+    }
+
+    for (let i = 0; i < rounds / 2; i++)  {
+        quarterround(x, 0, 4,  8, 12);
+        quarterround(x, 1, 5,  9, 13);
+        quarterround(x, 2, 6, 10, 14);
+        quarterround(x, 3, 7, 11, 15);
+        quarterround(x, 0, 5, 10, 15);
+        quarterround(x, 1, 6, 11, 12);
+        quarterround(x, 2, 7,  8, 13);
+        quarterround(x, 3, 4,  9, 14);
+    }
+
+    for (let i = 0; i < 16; i++) {
+        x[i] = (x[i] + a[i]) & 0xFFFFFFFF;
+    }
+
+    let output = Array();
+    for (let i = 0; i < 16; i++) {
+        output = output.concat(Utils.intToByteArray(x[i], 4, "little"));
+    }
+    return output;
+}
+
+/**
+ * ChaCha operation
+ */
+class ChaCha extends Operation {
+
+    /**
+     * ChaCha constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "ChaCha";
+        this.module = "Default";
+        this.description = "ChaCha is a stream cipher designed by Daniel J. Bernstein. It is a variant of the Salsa stream cipher. Several parameterizations exist; 'ChaCha' may refer to the original construction, or to the variant as described in RFC-8439. ChaCha is often used with Poly1305, in the ChaCha20-Poly1305 AEAD construction.<br><br><b>Key:</b> ChaCha uses a key of 16 or 32 bytes (128 or 256 bits).<br><br><b>Nonce:</b> ChaCha uses a nonce of 8 or 12 bytes (64 or 96 bits).<br><br><b>Counter:</b> ChaCha uses a counter of 4 or 8 bytes (32 or 64 bits); together, the nonce and counter must add up to 16 bytes. The counter starts at zero at the start of the keystream, and is incremented at every 64 bytes.";
+        this.infoURL = "https://wikipedia.org/wiki/Salsa20#ChaCha_variant";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                "name": "Key",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
+            },
+            {
+                "name": "Nonce",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64", "Integer"]
+            },
+            {
+                "name": "Counter",
+                "type": "number",
+                "value": 0,
+                "min": 0
+            },
+            {
+                "name": "Rounds",
+                "type": "option",
+                "value": ["20", "12", "8"]
+            },
+            {
+                "name": "Input",
+                "type": "option",
+                "value": ["Hex", "Raw"]
+            },
+            {
+                "name": "Output",
+                "type": "option",
+                "value": ["Raw", "Hex"]
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const key = Utils.convertToByteArray(args[0].string, args[0].option),
+            nonceType = args[1].option,
+            rounds = parseInt(args[3], 10),
+            inputType = args[4],
+            outputType = args[5];
+
+        if (key.length !== 16 && key.length !== 32) {
+            throw new OperationError(`Invalid key length: ${key.length} bytes.
+
+ChaCha uses a key of 16 or 32 bytes (128 or 256 bits).`);
+        }
+
+        let counter, nonce, counterLength;
+        if (nonceType === "Integer") {
+            nonce = Utils.intToByteArray(parseInt(args[1].string, 10), 12, "little");
+            counterLength = 4;
+        } else {
+            nonce = Utils.convertToByteArray(args[1].string, args[1].option);
+            if (!(nonce.length === 12 || nonce.length === 8)) {
+                throw new OperationError(`Invalid nonce length: ${nonce.length} bytes.
+
+ChaCha uses a nonce of 8 or 12 bytes (64 or 96 bits).`);
+            }
+            counterLength = 16 - nonce.length;
+        }
+        counter = Utils.intToByteArray(args[2], counterLength, "little");
+
+        const output = [];
+        input = Utils.convertToByteArray(input, inputType);
+
+        let counterAsInt = Utils.byteArrayToInt(counter, "little");
+        for (let i = 0; i < input.length; i += 64) {
+            counter = Utils.intToByteArray(counterAsInt, counterLength, "little");
+            const stream = chacha(key, nonce, counter, rounds);
+            for (let j = 0; j < 64 && i + j < input.length; j++) {
+                output.push(input[i + j] ^ stream[j]);
+            }
+            counterAsInt++;
+        }
+
+        if (outputType === "Hex") {
+            return toHex(output);
+        } else {
+            return Utils.arrayBufferToStr(output);
+        }
+    }
+
+    /**
+     * Highlight ChaCha
+     *
+     * @param {Object[]} pos
+     * @param {number} pos[].start
+     * @param {number} pos[].end
+     * @param {Object[]} args
+     * @returns {Object[]} pos
+     */
+    highlight(pos, args) {
+        const inputType = args[4],
+            outputType = args[5];
+        if (inputType === "Raw" && outputType === "Raw") {
+            return pos;
+        }
+    }
+
+    /**
+     * Highlight ChaCha in reverse
+     *
+     * @param {Object[]} pos
+     * @param {number} pos[].start
+     * @param {number} pos[].end
+     * @param {Object[]} args
+     * @returns {Object[]} pos
+     */
+    highlightReverse(pos, args) {
+        const inputType = args[4],
+            outputType = args[5];
+        if (inputType === "Raw" && outputType === "Raw") {
+            return pos;
+        }
+    }
+
+}
+
+export default ChaCha;

src/core/operations/Colossus.mjs

@@ -1,12 +1,15 @@
 /**
  * Emulation of Colossus.
  *
+ * Tested against the Colossus Rebuild at Bletchley Park's TNMOC
+ * using a variety of inputs and settings to confirm correctness.
+ *
  * @author VirtualColossus [martin@virtualcolossus.co.uk]
  * @copyright Crown Copyright 2019
  * @license Apache-2.0
  */
 
-import Operation from "../Operation";
+import Operation from "../Operation.mjs";
 import OperationError from "../errors/OperationError.mjs";
 import { ColossusComputer } from "../lib/Colossus.mjs";
 import { SWITCHES, VALID_ITA2 } from "../lib/Lorenz.mjs";
@@ -125,7 +128,8 @@ class Colossus extends Operation {
             },
             {
                 name: "R1-Negate",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "R1-Counter",
@@ -164,7 +168,8 @@ class Colossus extends Operation {
             },
             {
                 name: "R2-Negate",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "R2-Counter",
@@ -203,7 +208,8 @@ class Colossus extends Operation {
             },
             {
                 name: "R3-Negate",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "R3-Counter",
@@ -212,7 +218,8 @@ class Colossus extends Operation {
             },
             {
                 name: "Negate All",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "K Rack: Addition",
@@ -220,23 +227,28 @@ class Colossus extends Operation {
             },
             {
                 name: "Add-Q1",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add-Q2",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add-Q3",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add-Q4",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add-Q5",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add-Equals",
@@ -246,11 +258,13 @@ class Colossus extends Operation {
             },
             {
                 name: "Add-Counter1",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add Negate All",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Total Motor",

src/core/operations/CompareCTPHHashes.mjs

@@ -24,7 +24,7 @@ class CompareCTPHHashes extends Operation {
         this.name = "Compare CTPH hashes";
         this.module = "Crypto";
         this.description = "Compares two Context Triggered Piecewise Hashing (CTPH) fuzzy hashes to determine the similarity between them on a scale of 0 to 100.";
-        this.infoURL = "https://forensicswiki.org/wiki/Context_Triggered_Piecewise_Hashing";
+        this.infoURL = "https://forensics.wiki/context_triggered_piecewise_hashing/";
         this.inputType = "string";
         this.outputType = "Number";
         this.args = [

src/core/operations/CompareSSDEEPHashes.mjs

@@ -24,7 +24,7 @@ class CompareSSDEEPHashes extends Operation {
         this.name = "Compare SSDEEP hashes";
         this.module = "Crypto";
         this.description = "Compares two SSDEEP fuzzy hashes to determine the similarity between them on a scale of 0 to 100.";
-        this.infoURL = "https://forensicswiki.org/wiki/Ssdeep";
+        this.infoURL = "https://forensics.wiki/ssdeep/";
         this.inputType = "string";
         this.outputType = "Number";
         this.args = [

src/core/operations/ConditionalJump.mjs

@@ -64,6 +64,7 @@ class ConditionalJump extends Operation {
             jmpIndex = getLabelIndex(label, state);
 
         if (state.numJumps >= maxJumps || jmpIndex === -1) {
+            state.numJumps = 0;
             return state;
         }
 
@@ -73,6 +74,8 @@ class ConditionalJump extends Operation {
             if (!invert && strMatch || invert && !strMatch) {
                 state.progress = jmpIndex;
                 state.numJumps++;
+            } else {
+                state.numJumps = 0;
             }
         }
 

src/core/operations/ConvertImageFormat.mjs

@@ -88,7 +88,7 @@ class ConvertImageFormat extends Operation {
             "Sub": jimp.PNG_FILTER_SUB,
             "Up": jimp.PNG_FILTER_UP,
             "Average": jimp.PNG_FILTER_AVERAGE,
-            "Paeth": jimp.PNG_FILTER_PATH // Incorrect spelling in Jimp library
+            "Paeth": jimp.PNG_FILTER_PATH
         };
 
         const mime = formatMap[format];

src/core/operations/ConvertToNATOAlphabet.mjs

@@ -0,0 +1,82 @@
+/**
+ * @author MarvinJWendt [git@marvinjwendt.com]
+ * @copyright Crown Copyright 2019
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+
+/**
+ * Convert to NATO alphabet operation
+ */
+class ConvertToNATOAlphabet extends Operation {
+    /**
+     * ConvertToNATOAlphabet constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Convert to NATO alphabet";
+        this.module = "Default";
+        this.description = "Converts characters to their representation in the NATO phonetic alphabet.";
+        this.infoURL = "https://wikipedia.org/wiki/NATO_phonetic_alphabet";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        return input.replace(/[a-z0-9,/.]/ig, letter => {
+            return lookup[letter.toUpperCase()];
+        });
+    }
+}
+
+const lookup = {
+    "A": "Alfa ",
+    "B": "Bravo ",
+    "C": "Charlie ",
+    "D": "Delta ",
+    "E": "Echo ",
+    "F": "Foxtrot ",
+    "G": "Golf ",
+    "H": "Hotel ",
+    "I": "India ",
+    "J": "Juliett ",
+    "K": "Kilo ",
+    "L": "Lima ",
+    "M": "Mike ",
+    "N": "November ",
+    "O": "Oscar ",
+    "P": "Papa ",
+    "Q": "Quebec ",
+    "R": "Romeo ",
+    "S": "Sierra ",
+    "T": "Tango ",
+    "U": "Uniform ",
+    "V": "Victor ",
+    "W": "Whiskey ",
+    "X": "X-ray ",
+    "Y": "Yankee ",
+    "Z": "Zulu ",
+    "0": "Zero ",
+    "1": "One ",
+    "2": "Two ",
+    "3": "Three ",
+    "4": "Four ",
+    "5": "Five ",
+    "6": "Six ",
+    "7": "Seven ",
+    "8": "Eight ",
+    "9": "Nine ",
+    ",": "Comma ",
+    "/": "Fraction bar ",
+    ".": "Full stop ",
+};
+
+export default ConvertToNATOAlphabet;

src/core/operations/DESDecrypt.mjs

@@ -7,7 +7,7 @@
 import Operation from "../Operation.mjs";
 import Utils from "../Utils.mjs";
 import OperationError from "../errors/OperationError.mjs";
-import forge from "node-forge/dist/forge.min.js";
+import forge from "node-forge";
 
 /**
  * DES Decrypt operation
@@ -22,7 +22,7 @@ class DESDecrypt extends Operation {
 
         this.name = "DES Decrypt";
         this.module = "Ciphers";
-        this.description = "DES is a previously dominant algorithm for encryption, and was published as an official U.S. Federal Information Processing Standard (FIPS). It is now considered to be insecure due to its small key size.<br><br><b>Key:</b> DES uses a key length of 8 bytes (64 bits).<br>Triple DES uses a key length of 24 bytes (192 bits).<br><br><b>IV:</b> The Initialization Vector should be 8 bytes long. If not entered, it will default to 8 null bytes.<br><br><b>Padding:</b> In CBC and ECB mode, PKCS#7 padding will be used.";
+        this.description = "DES is a previously dominant algorithm for encryption, and was published as an official U.S. Federal Information Processing Standard (FIPS). It is now considered to be insecure due to its small key size.<br><br><b>Key:</b> DES uses a key length of 8 bytes (64 bits).<br>Triple DES uses a key length of 24 bytes (192 bits).<br><br><b>IV:</b> The Initialization Vector should be 8 bytes long. If not entered, it will default to 8 null bytes.<br><br><b>Padding:</b> In CBC and ECB mode, PKCS#7 padding will be used as a default.";
         this.infoURL = "https://wikipedia.org/wiki/Data_Encryption_Standard";
         this.inputType = "string";
         this.outputType = "string";
@@ -42,7 +42,7 @@ class DESDecrypt extends Operation {
             {
                 "name": "Mode",
                 "type": "option",
-                "value": ["CBC", "CFB", "OFB", "CTR", "ECB"]
+                "value": ["CBC", "CFB", "OFB", "CTR", "ECB", "CBC/NoPadding", "ECB/NoPadding"]
             },
             {
                 "name": "Input",
@@ -65,7 +65,9 @@ class DESDecrypt extends Operation {
     run(input, args) {
         const key = Utils.convertToByteString(args[0].string, args[0].option),
             iv = Utils.convertToByteArray(args[1].string, args[1].option),
-            [,, mode, inputType, outputType] = args;
+            mode = args[2].substring(0, 3),
+            noPadding = args[2].endsWith("NoPadding"),
+            [,,, inputType, outputType] = args;
 
         if (key.length !== 8) {
             throw new OperationError(`Invalid key length: ${key.length} bytes
@@ -83,6 +85,14 @@ Make sure you have specified the type correctly (e.g. Hex vs UTF8).`);
         input = Utils.convertToByteString(input, inputType);
 
         const decipher = forge.cipher.createDecipher("DES-" + mode, key);
+
+        /* Allow for a "no padding" mode */
+        if (noPadding) {
+            decipher.mode.unpad = function(output, options) {
+                return true;
+            };
+        }
+
         decipher.start({iv: iv});
         decipher.update(forge.util.createBuffer(input));
         const result = decipher.finish();

src/core/operations/DESEncrypt.mjs

@@ -7,7 +7,7 @@
 import Operation from "../Operation.mjs";
 import Utils from "../Utils.mjs";
 import OperationError from "../errors/OperationError.mjs";
-import forge from "node-forge/dist/forge.min.js";
+import forge from "node-forge";
 
 /**
  * DES Encrypt operation

src/core/operations/DNSOverHTTPS.mjs

@@ -51,10 +51,27 @@ class DNSOverHTTPS extends Operation {
                 value: [
                     "A",
                     "AAAA",
-                    "TXT",
-                    "MX",
+                    "ANAME",
+                    "CERT",
+                    "CNAME",
                     "DNSKEY",
-                    "NS"
+                    "HTTPS",
+                    "IPSECKEY",
+                    "LOC",
+                    "MX",
+                    "NS",
+                    "OPENPGPKEY",
+                    "PTR",
+                    "RRSIG",
+                    "SIG",
+                    "SOA",
+                    "SPF",
+                    "SRV",
+                    "SSHFP",
+                    "TA",
+                    "TXT",
+                    "URI",
+                    "ANY"
                 ]
             },
             {

src/core/operations/DechunkHTTPResponse.mjs

@@ -24,6 +24,13 @@ class DechunkHTTPResponse extends Operation {
         this.inputType = "string";
         this.outputType = "string";
         this.args = [];
+        this.checks = [
+            {
+                pattern:  "^[0-9A-F]+\r\n",
+                flags:  "i",
+                args:   []
+            }
+        ];
     }
 
     /**

src/core/operations/DecodeNetBIOSName.mjs

@@ -30,6 +30,13 @@ class DecodeNetBIOSName extends Operation {
                 "value": 65
             }
         ];
+        this.checks = [
+            {
+                pattern:  "^\\s*\\S{32}$",
+                flags:  "",
+                args:   [65]
+            }
+        ];
     }
 
     /**

src/core/operations/DecodeText.mjs

@@ -6,7 +6,7 @@
 
 import Operation from "../Operation.mjs";
 import cptable from "codepage";
-import {IO_FORMAT} from "../lib/ChrEnc.mjs";
+import {CHR_ENC_CODE_PAGES} from "../lib/ChrEnc.mjs";
 
 /**
  * Decode text operation
@@ -26,7 +26,7 @@ class DecodeText extends Operation {
             "<br><br>",
             "Supported charsets are:",
             "<ul>",
-            Object.keys(IO_FORMAT).map(e => `<li>${e}</li>`).join("\n"),
+            Object.keys(CHR_ENC_CODE_PAGES).map(e => `<li>${e}</li>`).join("\n"),
             "</ul>",
         ].join("\n");
         this.infoURL = "https://wikipedia.org/wiki/Character_encoding";
@@ -36,7 +36,7 @@ class DecodeText extends Operation {
             {
                 "name": "Encoding",
                 "type": "option",
-                "value": Object.keys(IO_FORMAT)
+                "value": Object.keys(CHR_ENC_CODE_PAGES)
             }
         ];
     }
@@ -47,7 +47,7 @@ class DecodeText extends Operation {
      * @returns {string}
      */
     run(input, args) {
-        const format = IO_FORMAT[args[0]];
+        const format = CHR_ENC_CODE_PAGES[args[0]];
         return cptable.utils.decode(format, new Uint8Array(input));
     }
 

src/core/operations/DefangIPAddresses.mjs

@@ -25,7 +25,17 @@ class DefangIPAddresses extends Operation {
         this.inputType = "string";
         this.outputType = "string";
         this.args = [];
-
+        this.checks = [
+            {
+                pattern: "^\\s*(([0-9]{1,3}\\.){3}[0-9]{1,3}|([0-9a-f]{4}:){7}[0-9a-f]{4})\\s*$",
+                flags: "i",
+                args: [],
+                output: {
+                    pattern: "^\\s*(([0-9]{1,3}\\[\\.\\]){3}[0-9]{1,3}|([0-9a-f]{4}\\[\\:\\]){7}[0-9a-f]{4})\\s*$",
+                    flags: "i"
+                }
+            }
+        ];
     }
 
     /**

src/core/operations/DeriveEVPKey.mjs

@@ -67,7 +67,7 @@ class DeriveEVPKey extends Operation {
             iterations = args[2],
             hasher = args[3],
             salt = Utils.convertToByteString(args[4].string, args[4].option),
-            key = CryptoJS.EvpKDF(passphrase, salt, {
+            key = CryptoJS.EvpKDF(passphrase, salt, { // lgtm [js/insufficient-password-hash]
                 keySize: keySize,
                 hasher: CryptoJS.algo[hasher],
                 iterations: iterations,

src/core/operations/DeriveHKDFKey.mjs

@@ -0,0 +1,138 @@
+/**
+ * @author mikecat
+ * @copyright Crown Copyright 2023
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Utils from "../Utils.mjs";
+import OperationError from "../errors/OperationError.mjs";
+import CryptoApi from "crypto-api/src/crypto-api.mjs";
+
+/**
+ * Derive HKDF Key operation
+ */
+class DeriveHKDFKey extends Operation {
+
+    /**
+     * DeriveHKDFKey constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Derive HKDF key";
+        this.module = "Crypto";
+        this.description = "A simple Hashed Message Authenticaton Code (HMAC)-based key derivation function (HKDF), defined in RFC5869.";
+        this.infoURL = "https://wikipedia.org/wiki/HKDF";
+        this.inputType = "ArrayBuffer";
+        this.outputType = "string";
+        this.args = [
+            {
+                "name": "Salt",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "Decimal", "Base64", "UTF8", "Latin1"]
+            },
+            {
+                "name": "Info",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "Decimal", "Base64", "UTF8", "Latin1"]
+            },
+            {
+                "name": "Hashing function",
+                "type": "option",
+                "value": [
+                    "MD2",
+                    "MD4",
+                    "MD5",
+                    "SHA0",
+                    "SHA1",
+                    "SHA224",
+                    "SHA256",
+                    "SHA384",
+                    "SHA512",
+                    "SHA512/224",
+                    "SHA512/256",
+                    "RIPEMD128",
+                    "RIPEMD160",
+                    "RIPEMD256",
+                    "RIPEMD320",
+                    "HAS160",
+                    "Whirlpool",
+                    "Whirlpool-0",
+                    "Whirlpool-T",
+                    "Snefru"
+                ],
+                "defaultIndex": 6
+            },
+            {
+                "name": "Extract mode",
+                "type": "argSelector",
+                "value": [
+                    {
+                        "name": "with salt",
+                        "on": [0]
+                    },
+                    {
+                        "name": "no salt",
+                        "off": [0]
+                    },
+                    {
+                        "name": "skip",
+                        "off": [0]
+                    }
+                ]
+            },
+            {
+                "name": "L (number of output octets)",
+                "type": "number",
+                "value": 16,
+                "min": 0
+            },
+        ];
+    }
+
+    /**
+     * @param {ArrayBuffer} input
+     * @param {Object[]} args
+     * @returns {ArrayBuffer}
+     */
+    run(input, args) {
+        const argSalt = Utils.convertToByteString(args[0].string || "", args[0].option),
+            info = Utils.convertToByteString(args[1].string || "", args[1].option),
+            hashFunc = args[2].toLowerCase(),
+            extractMode = args[3],
+            L = args[4],
+            IKM = Utils.arrayBufferToStr(input, false),
+            hasher = CryptoApi.getHasher(hashFunc),
+            HashLen = hasher.finalize().length;
+
+        if (L < 0) {
+            throw new OperationError("L must be non-negative");
+        }
+        if (L > 255 * HashLen) {
+            throw new OperationError("L too large (maximum length for " + args[2] + " is " + (255 * HashLen) + ")");
+        }
+
+        const hmacHash = function(key, data) {
+            hasher.reset();
+            const mac = CryptoApi.getHmac(key, hasher);
+            mac.update(data);
+            return mac.finalize();
+        };
+        const salt = extractMode === "with salt" ? argSalt : "\0".repeat(HashLen);
+        const PRK = extractMode === "skip" ? IKM : hmacHash(salt, IKM);
+        let T = "";
+        let result = "";
+        for (let i = 1; i <= 255 && result.length < L; i++) {
+            const TNext = hmacHash(PRK, T + info + String.fromCharCode(i));
+            result += TNext;
+            T = TNext;
+        }
+        return CryptoApi.encoder.toHex(result.substring(0, L));
+    }
+
+}
+
+export default DeriveHKDFKey;

src/core/operations/DerivePBKDF2Key.mjs

@@ -6,7 +6,7 @@
 
 import Operation from "../Operation.mjs";
 import Utils from "../Utils.mjs";
-import forge from "node-forge/dist/forge.min.js";
+import forge from "node-forge";
 
 /**
  * Derive PBKDF2 key operation