9.24.3

.eslintrc.json

@@ -63,7 +63,8 @@
         }],
         "linebreak-style": ["error", "unix"],
         "quotes": ["error", "double", {
-            "avoidEscape": true
+            "avoidEscape": true,
+            "allowTemplateLiterals": true
         }],
         "camelcase": ["error", {
             "properties": "always"

.github/workflows/releases.yml

@@ -47,6 +47,7 @@ jobs:
         tag: ${{ github.ref }}
         overwrite: true
         file_glob: true
+        body: "See the [CHANGELOG](https://github.com/gchq/CyberChef/blob/master/CHANGELOG.md) and [commit messages](https://github.com/gchq/CyberChef/commits/master) for details."
 
     - name: Publish to NPM
       if: success()

CHANGELOG.md

@@ -1,7 +1,27 @@
 # Changelog
+
+## Versioning
+
+CyberChef uses the [semver](https://semver.org/) system to manage versioning: `<MAJOR>.<MINOR>.<PATCH>`.
+
+- MAJOR version changes represent a significant change to the fundamental architecture of CyberChef and may (but don't always) make breaking changes that are not backwards compatible.
+- MINOR version changes usually mean the addition of new operations or reasonably significant new features.
+- PATCH versions are used for bug fixes and any other small tweaks that modify or improve existing capabilities.
+
 All major and minor version changes will be documented in this file. Details of patch-level version changes can be found in [commit messages](https://github.com/gchq/CyberChef/commits/master).
 
 
+## Details
+
+### [9.24.0] - 2020-02-02
+- 'SM3' hashing function added along with more configuration options for other hashing operations [@n1073645] [@n1474335] | [#1022]
+
+### [9.23.0] - 2020-02-01
+- Various RSA operations added to encrypt, decrypt, sign, verify and generate keys [@mattnotmitt] [@GCHQ77703] | [#652]
+
+### [9.22.0] - 2021-02-01
+- 'Unicode Text Format' operation added [@mattnotmitt] | [#1083]
+
 ### [9.21.0] - 2020-06-12
 - Node API now exports `magic` operation [@d98762625] | [#1049]
 
@@ -227,6 +247,10 @@ All major and minor version changes will be documented in this file. Details of
 
 
 
+[9.24.0]: https://github.com/gchq/CyberChef/releases/tag/v9.24.0
+[9.23.0]: https://github.com/gchq/CyberChef/releases/tag/v9.23.0
+[9.22.0]: https://github.com/gchq/CyberChef/releases/tag/v9.22.0
+[9.21.0]: https://github.com/gchq/CyberChef/releases/tag/v9.21.0
 [9.20.0]: https://github.com/gchq/CyberChef/releases/tag/v9.20.0
 [9.19.0]: https://github.com/gchq/CyberChef/releases/tag/v9.19.0
 [9.18.0]: https://github.com/gchq/CyberChef/releases/tag/v9.18.0
@@ -326,6 +350,7 @@ All major and minor version changes will be documented in this file. Details of
 [@pointhi]: https://github.com/pointhi
 [@MarvinJWendt]: https://github.com/MarvinJWendt
 [@dmfj]: https://github.com/dmfj
+[@mattnotmitt]: https://github.com/mattnotmitt
 
 [#95]: https://github.com/gchq/CyberChef/pull/299
 [#173]: https://github.com/gchq/CyberChef/pull/173
@@ -387,6 +412,7 @@ All major and minor version changes will be documented in this file. Details of
 [#625]: https://github.com/gchq/CyberChef/pull/625
 [#627]: https://github.com/gchq/CyberChef/pull/627
 [#632]: https://github.com/gchq/CyberChef/pull/632
+[#652]: https://github.com/gchq/CyberChef/pull/652
 [#653]: https://github.com/gchq/CyberChef/pull/653
 [#674]: https://github.com/gchq/CyberChef/pull/674
 [#683]: https://github.com/gchq/CyberChef/pull/683
@@ -398,3 +424,6 @@ All major and minor version changes will be documented in this file. Details of
 [#965]: https://github.com/gchq/CyberChef/pull/965
 [#966]: https://github.com/gchq/CyberChef/pull/966
 [#987]: https://github.com/gchq/CyberChef/pull/987
+[#1022]: https://github.com/gchq/CyberChef/pull/1022
+[#1049]: https://github.com/gchq/CyberChef/pull/1049
+[#1083]: https://github.com/gchq/CyberChef/pull/1083

Gruntfile.js

@@ -411,6 +411,16 @@ module.exports = function (grunt) {
                 ]),
                 stdout: false,
             },
+            fixCryptoApiImports: {
+                command: [
+                    `[[ "$OSTYPE" == "darwin"* ]]`,
+                    "&&",
+                    `find ./node_modules/crypto-api/src/ \\( -type d -name .git -prune \\) -o -type f -print0 | xargs -0 sed -i '' -e '/\\.mjs/!s/\\(from "\\.[^"]*\\)";/\\1.mjs";/g'`,
+                    "||",
+                    `find ./node_modules/crypto-api/src/ \\( -type d -name .git -prune \\) -o -type f -print0 | xargs -0 sed -i -e '/\\.mjs/!s/\\(from "\\.[^"]*\\)";/\\1.mjs";/g'`
+                ].join(" "),
+                stdout: false
+            }
         },
     });
 };

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "cyberchef",
-  "version": "9.23.0",
+  "version": "9.24.3",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cyberchef",
-  "version": "9.23.0",
+  "version": "9.24.3",
   "description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.",
   "author": "n1474335 <n1474335@gmail.com>",
   "homepage": "https://gchq.github.io/CyberChef",
@@ -164,15 +164,15 @@
     "zlibjs": "^0.3.1"
   },
   "scripts": {
-    "start": "grunt dev",
-    "build": "grunt prod",
+    "start": "npx grunt dev",
+    "build": "npx grunt prod",
     "repl": "node src/node/repl.js",
-    "test": "grunt configTests && node --experimental-modules --no-warnings --no-deprecation tests/node/index.mjs && node --experimental-modules --no-warnings --no-deprecation tests/operations/index.mjs",
-    "test-node-consumer": "grunt testnodeconsumer",
-    "testui": "grunt testui",
+    "test": "npx grunt configTests && node --experimental-modules --no-warnings --no-deprecation tests/node/index.mjs && node --experimental-modules --no-warnings --no-deprecation tests/operations/index.mjs",
+    "test-node-consumer": "npx grunt testnodeconsumer",
+    "testui": "npx grunt testui",
     "testuidev": "npx nightwatch --env=dev",
-    "lint": "grunt lint",
-    "postinstall": "bash postinstall.sh",
+    "lint": "npx grunt lint",
+    "postinstall": "npx grunt exec:fixCryptoApiImports",
     "newop": "node --experimental-modules src/core/config/scripts/newOperation.mjs"
   }
 }

postinstall.sh

@@ -1,8 +0,0 @@
-#!/bin/bash
-
-# Add file extensions to Crypto-Api imports
-if [[ "$OSTYPE" == "darwin"* ]]; then
-  find ./node_modules/crypto-api/src/ \( -type d -name .git -prune \) -o -type f -print0 | xargs -0 sed -i '' -e '/\.mjs/!s/\(from "\.[^"]*\)";/\1.mjs";/g'
-else
-  find ./node_modules/crypto-api/src/ \( -type d -name .git -prune \) -o -type f -print0 | xargs -0 sed -i -e '/\.mjs/!s/\(from "\.[^"]*\)";/\1.mjs";/g'
-fi

src/core/Recipe.mjs

@@ -46,7 +46,7 @@ class Recipe  {
                 module: OperationConfig[c.op].module,
                 ingValues: c.args,
                 breakpoint: c.breakpoint,
-                disabled: c.disabled,
+                disabled: c.disabled || c.op === "Comment",
             });
         });
     }

src/core/config/Categories.json

@@ -18,15 +18,15 @@
             "From Binary",
             "To Octal",
             "From Octal",
-            "To Base64",
-            "From Base64",
-            "Show Base64 offsets",
             "To Base32",
             "From Base32",
             "To Base58",
             "From Base58",
             "To Base62",
             "From Base62",
+            "To Base64",
+            "From Base64",
+            "Show Base64 offsets",
             "To Base85",
             "From Base85",
             "To Base",
@@ -319,6 +319,7 @@
             "SHA1",
             "SHA2",
             "SHA3",
+            "SM3",
             "Keccak",
             "Shake",
             "RIPEMD",

src/core/operations/AESDecrypt.mjs

@@ -41,8 +41,33 @@ class AESDecrypt extends Operation {
             },
             {
                 "name": "Mode",
-                "type": "option",
-                "value": ["CBC", "CFB", "OFB", "CTR", "GCM", "ECB"]
+                "type": "argSelector",
+                "value": [
+                    {
+                        name: "CBC",
+                        off: [5, 6]
+                    },
+                    {
+                        name: "CFB",
+                        off: [5, 6]
+                    },
+                    {
+                        name: "OFB",
+                        off: [5, 6]
+                    },
+                    {
+                        name: "CTR",
+                        off: [5, 6]
+                    },
+                    {
+                        name: "GCM",
+                        on: [5, 6]
+                    },
+                    {
+                        name: "ECB",
+                        off: [5, 6]
+                    }
+                ]
             },
             {
                 "name": "Input",
@@ -59,6 +84,11 @@ class AESDecrypt extends Operation {
                 "type": "toggleString",
                 "value": "",
                 "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
+            },
+            {
+                "name": "Additional Authenticated Data",
+                "type": "binaryString",
+                "value": ""
             }
         ];
     }
@@ -76,7 +106,8 @@ class AESDecrypt extends Operation {
             mode = args[2],
             inputType = args[3],
             outputType = args[4],
-            gcmTag = Utils.convertToByteString(args[5].string, args[5].option);
+            gcmTag = Utils.convertToByteString(args[5].string, args[5].option),
+            aad = args[6];
 
         if ([16, 24, 32].indexOf(key.length) < 0) {
             throw new OperationError(`Invalid key length: ${key.length} bytes
@@ -92,7 +123,8 @@ The following algorithms will be used based on the size of the key:
         const decipher = forge.cipher.createDecipher("AES-" + mode, key);
         decipher.start({
             iv: iv.length === 0 ? "" : iv,
-            tag: gcmTag
+            tag: mode === "GCM" ? gcmTag : undefined,
+            additionalData: mode === "GCM" ? aad : undefined
         });
         decipher.update(forge.util.createBuffer(input));
         const result = decipher.finish();

src/core/operations/AESEncrypt.mjs

@@ -41,8 +41,33 @@ class AESEncrypt extends Operation {
             },
             {
                 "name": "Mode",
-                "type": "option",
-                "value": ["CBC", "CFB", "OFB", "CTR", "GCM", "ECB"]
+                "type": "argSelector",
+                "value": [
+                    {
+                        name: "CBC",
+                        off: [5]
+                    },
+                    {
+                        name: "CFB",
+                        off: [5]
+                    },
+                    {
+                        name: "OFB",
+                        off: [5]
+                    },
+                    {
+                        name: "CTR",
+                        off: [5]
+                    },
+                    {
+                        name: "GCM",
+                        on: [5]
+                    },
+                    {
+                        name: "ECB",
+                        off: [5]
+                    }
+                ]
             },
             {
                 "name": "Input",
@@ -53,6 +78,11 @@ class AESEncrypt extends Operation {
                 "name": "Output",
                 "type": "option",
                 "value": ["Hex", "Raw"]
+            },
+            {
+                "name": "Additional Authenticated Data",
+                "type": "binaryString",
+                "value": ""
             }
         ];
     }
@@ -69,7 +99,8 @@ class AESEncrypt extends Operation {
             iv = Utils.convertToByteString(args[1].string, args[1].option),
             mode = args[2],
             inputType = args[3],
-            outputType = args[4];
+            outputType = args[4],
+            aad = args[5];
 
         if ([16, 24, 32].indexOf(key.length) < 0) {
             throw new OperationError(`Invalid key length: ${key.length} bytes
@@ -83,7 +114,10 @@ The following algorithms will be used based on the size of the key:
         input = Utils.convertToByteString(input, inputType);
 
         const cipher = forge.cipher.createCipher("AES-" + mode, key);
-        cipher.start({iv: iv});
+        cipher.start({
+            iv: iv,
+            additionalData: mode === "GCM" ? aad : undefined
+        });
         cipher.update(forge.util.createBuffer(input));
         cipher.finish();
 

src/core/operations/Colossus.mjs

@@ -125,7 +125,8 @@ class Colossus extends Operation {
             },
             {
                 name: "R1-Negate",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "R1-Counter",
@@ -164,7 +165,8 @@ class Colossus extends Operation {
             },
             {
                 name: "R2-Negate",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "R2-Counter",
@@ -203,7 +205,8 @@ class Colossus extends Operation {
             },
             {
                 name: "R3-Negate",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "R3-Counter",
@@ -212,7 +215,8 @@ class Colossus extends Operation {
             },
             {
                 name: "Negate All",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "K Rack: Addition",
@@ -220,23 +224,28 @@ class Colossus extends Operation {
             },
             {
                 name: "Add-Q1",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add-Q2",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add-Q3",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add-Q4",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add-Q5",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add-Equals",
@@ -246,11 +255,13 @@ class Colossus extends Operation {
             },
             {
                 name: "Add-Counter1",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add Negate All",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Total Motor",

src/core/operations/ExtractDomains.mjs

@@ -27,7 +27,7 @@ class ExtractDomains extends Operation {
             {
                 "name": "Display total",
                 "type": "boolean",
-                "value": "Extract.DISPLAY_TOTAL"
+                "value": true
             }
         ];
     }

src/core/operations/ExtractFiles.mjs

@@ -38,7 +38,7 @@ class ExtractFiles extends Operation {
             {
                 name: "Ignore failed extractions",
                 type: "boolean",
-                value: "true"
+                value: true
             }
         ]);
     }

src/core/operations/FrequencyDistribution.mjs

@@ -30,7 +30,7 @@ class FrequencyDistribution extends Operation {
             {
                 "name": "Show 0%s",
                 "type": "boolean",
-                "value": "Entropy.FREQ_ZEROS"
+                "value": true
             }
         ];
     }

src/core/operations/HAS160.mjs

@@ -20,11 +20,19 @@ class HAS160 extends Operation {
 
         this.name = "HAS-160";
         this.module = "Crypto";
-        this.description = "HAS-160 is a cryptographic hash function designed for use with the Korean KCDSA digital signature algorithm. It is derived from SHA-1, with assorted changes intended to increase its security. It produces a 160-bit output.<br><br>HAS-160 is used in the same way as SHA-1. First it divides input in blocks of 512 bits each and pads the final block. A digest function updates the intermediate hash value by processing the input blocks in turn.<br><br>The message digest algorithm consists of 80 rounds.";
+        this.description = "HAS-160 is a cryptographic hash function designed for use with the Korean KCDSA digital signature algorithm. It is derived from SHA-1, with assorted changes intended to increase its security. It produces a 160-bit output.<br><br>HAS-160 is used in the same way as SHA-1. First it divides input in blocks of 512 bits each and pads the final block. A digest function updates the intermediate hash value by processing the input blocks in turn.<br><br>The message digest algorithm consists, by default, of 80 rounds.";
         this.infoURL = "https://wikipedia.org/wiki/HAS-160";
         this.inputType = "ArrayBuffer";
         this.outputType = "string";
-        this.args = [];
+        this.args = [
+            {
+                name: "Rounds",
+                type: "number",
+                value: 80,
+                min: 1,
+                max: 80
+            }
+        ];
     }
 
     /**
@@ -33,7 +41,7 @@ class HAS160 extends Operation {
      * @returns {string}
      */
     run(input, args) {
-        return runHash("has160", input);
+        return runHash("has160", input, {rounds: args[0]});
     }
 
 }

src/core/operations/Lorenz.mjs

@@ -60,7 +60,8 @@ class Lorenz extends Operation {
             },
             {
                 name: "KT-Schalter",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Mode",

src/core/operations/MD2.mjs

@@ -20,11 +20,18 @@ class MD2 extends Operation {
 
         this.name = "MD2";
         this.module = "Crypto";
-        this.description = "The MD2 (Message-Digest 2) algorithm is a cryptographic hash function developed by Ronald Rivest in 1989. The algorithm is optimized for 8-bit computers.<br><br>Although MD2 is no longer considered secure, even as of 2014, it remains in use in public key infrastructures as part of certificates generated with MD2 and RSA.";
+        this.description = "The MD2 (Message-Digest 2) algorithm is a cryptographic hash function developed by Ronald Rivest in 1989. The algorithm is optimized for 8-bit computers.<br><br>Although MD2 is no longer considered secure, even as of 2014, it remains in use in public key infrastructures as part of certificates generated with MD2 and RSA. The message digest algorithm consists, by default, of 18 rounds.";
         this.infoURL = "https://wikipedia.org/wiki/MD2_(cryptography)";
         this.inputType = "ArrayBuffer";
         this.outputType = "string";
-        this.args = [];
+        this.args = [
+            {
+                name: "Rounds",
+                type: "number",
+                value: 18,
+                min: 0
+            }
+        ];
     }
 
     /**
@@ -33,7 +40,7 @@ class MD2 extends Operation {
      * @returns {string}
      */
     run(input, args) {
-        return runHash("md2", input);
+        return runHash("md2", input, {rounds: args[0]});
     }
 
 }

src/core/operations/MicrosoftScriptDecoder.mjs

@@ -24,6 +24,13 @@ class MicrosoftScriptDecoder extends Operation {
         this.inputType = "string";
         this.outputType = "string";
         this.args = [];
+        this.checks = [
+            {
+                pattern: "#@~\\^.{6}==(.+).{6}==\\^#~@",
+                flags: "i",
+                args: []
+            }
+        ];
     }
 
     /**

src/core/operations/RailFenceCipherDecode.mjs

@@ -46,7 +46,7 @@ class RailFenceCipherDecode extends Operation {
     run(input, args) {
         const [key, offset] = args;
 
-        let cipher = input;
+        const cipher = input;
 
         if (key < 2) {
             throw new OperationError("Key has to be bigger than 2");
@@ -59,13 +59,6 @@ class RailFenceCipherDecode extends Operation {
         }
 
         const cycle = (key - 1) * 2;
-
-        const rest = cipher.length % key;
-
-        if (rest !== 0) {
-            cipher = cipher + (" ".repeat(key - rest));
-        }
-
         const plaintext = new Array(cipher.length);
 
         let j = 0;

src/core/operations/SHA0.mjs

@@ -20,11 +20,18 @@ class SHA0 extends Operation {
 
         this.name = "SHA0";
         this.module = "Crypto";
-        this.description = "SHA-0 is a retronym applied to the original version of the 160-bit hash function published in 1993 under the name 'SHA'. It was withdrawn shortly after publication due to an undisclosed 'significant flaw' and replaced by the slightly revised version SHA-1.";
+        this.description = "SHA-0 is a retronym applied to the original version of the 160-bit hash function published in 1993 under the name 'SHA'. It was withdrawn shortly after publication due to an undisclosed 'significant flaw' and replaced by the slightly revised version SHA-1. The message digest algorithm consists, by default, of 80 rounds.";
         this.infoURL = "https://wikipedia.org/wiki/SHA-1#SHA-0";
         this.inputType = "ArrayBuffer";
         this.outputType = "string";
-        this.args = [];
+        this.args = [
+            {
+                name: "Rounds",
+                type: "number",
+                value: 80,
+                min: 16
+            }
+        ];
     }
 
     /**
@@ -33,7 +40,7 @@ class SHA0 extends Operation {
      * @returns {string}
      */
     run(input, args) {
-        return runHash("sha0", input);
+        return runHash("sha0", input, {rounds: args[0]});
     }
 
 }

src/core/operations/SHA1.mjs

@@ -20,11 +20,18 @@ class SHA1 extends Operation {
 
         this.name = "SHA1";
         this.module = "Crypto";
-        this.description = "The SHA (Secure Hash Algorithm) hash functions were designed by the NSA. SHA-1 is the most established of the existing SHA hash functions and it is used in a variety of security applications and protocols.<br><br>However, SHA-1's collision resistance has been weakening as new attacks are discovered or improved.";
+        this.description = "The SHA (Secure Hash Algorithm) hash functions were designed by the NSA. SHA-1 is the most established of the existing SHA hash functions and it is used in a variety of security applications and protocols.<br><br>However, SHA-1's collision resistance has been weakening as new attacks are discovered or improved. The message digest algorithm consists, by default, of 80 rounds.";
         this.infoURL = "https://wikipedia.org/wiki/SHA-1";
         this.inputType = "ArrayBuffer";
         this.outputType = "string";
-        this.args = [];
+        this.args = [
+            {
+                name: "Rounds",
+                type: "number",
+                value: 80,
+                min: 16
+            }
+        ];
     }
 
     /**
@@ -33,7 +40,7 @@ class SHA1 extends Operation {
      * @returns {string}
      */
     run(input, args) {
-        return runHash("sha1", input);
+        return runHash("sha1", input, {rounds: args[0]});
     }
 
 }

src/core/operations/SHA2.mjs

@@ -20,15 +20,58 @@ class SHA2 extends Operation {
 
         this.name = "SHA2";
         this.module = "Crypto";
-        this.description = "The SHA-2 (Secure Hash Algorithm 2) hash functions were designed by the NSA. SHA-2 includes significant changes from its predecessor, SHA-1. The SHA-2 family consists of hash functions with digests (hash values) that are 224, 256, 384 or 512 bits: SHA224, SHA256, SHA384, SHA512.<br><br><ul><li>SHA-512 operates on 64-bit words.</li><li>SHA-256 operates on 32-bit words.</li><li>SHA-384 is largely identical to SHA-512 but is truncated to 384 bytes.</li><li>SHA-224 is largely identical to SHA-256 but is truncated to 224 bytes.</li><li>SHA-512/224 and SHA-512/256 are truncated versions of SHA-512, but the initial values are generated using the method described in Federal Information Processing Standards (FIPS) PUB 180-4.</li></ul>";
+        this.description = "The SHA-2 (Secure Hash Algorithm 2) hash functions were designed by the NSA. SHA-2 includes significant changes from its predecessor, SHA-1. The SHA-2 family consists of hash functions with digests (hash values) that are 224, 256, 384 or 512 bits: SHA224, SHA256, SHA384, SHA512.<br><br><ul><li>SHA-512 operates on 64-bit words.</li><li>SHA-256 operates on 32-bit words.</li><li>SHA-384 is largely identical to SHA-512 but is truncated to 384 bytes.</li><li>SHA-224 is largely identical to SHA-256 but is truncated to 224 bytes.</li><li>SHA-512/224 and SHA-512/256 are truncated versions of SHA-512, but the initial values are generated using the method described in Federal Information Processing Standards (FIPS) PUB 180-4.</li></ul> The message digest algorithm for SHA256 variants consists, by default, of 64 rounds, and for SHA512 variants, it is, by default, 160.";
         this.infoURL = "https://wikipedia.org/wiki/SHA-2";
         this.inputType = "ArrayBuffer";
         this.outputType = "string";
         this.args = [
             {
-                "name": "Size",
-                "type": "option",
-                "value": ["512", "256", "384", "224", "512/256", "512/224"]
+                name: "Size",
+                type: "argSelector",
+                value: [
+                    {
+                        name: "512",
+                        on: [2],
+                        off: [1]
+                    },
+                    {
+                        name: "384",
+                        on: [2],
+                        off: [1]
+                    },
+                    {
+                        name: "256",
+                        on: [1],
+                        off: [2]
+                    },
+                    {
+                        name: "224",
+                        on: [1],
+                        off: [2]
+                    },
+                    {
+                        name: "512/256",
+                        on: [2],
+                        off: [1]
+                    },
+                    {
+                        name: "512/224",
+                        on: [2],
+                        off: [1]
+                    }
+                ]
+            },
+            {
+                name: "Rounds", // For SHA256 variants
+                type: "number",
+                value: 64,
+                min: 16
+            },
+            {
+                name: "Rounds", // For SHA512 variants
+                type: "number",
+                value: 160,
+                min: 32
             }
         ];
     }
@@ -40,7 +83,8 @@ class SHA2 extends Operation {
      */
     run(input, args) {
         const size = args[0];
-        return runHash("sha" + size, input);
+        const rounds = (size === "256" || size === "224") ? args[1] : args[2];
+        return runHash("sha" + size, input, {rounds: rounds});
     }
 
 }

src/core/operations/SM3.mjs

@@ -0,0 +1,57 @@
+/**
+ * @author n1073645 [n1073645@gmail.com]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Utils from "../Utils.mjs";
+import Sm3 from "crypto-api/src/hasher/sm3.mjs";
+import {toHex} from "crypto-api/src/encoder/hex.mjs";
+
+/**
+ * SM3 operation
+ */
+class SM3 extends Operation {
+
+    /**
+     * SM3 constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "SM3";
+        this.module = "Crypto";
+        this.description = "SM3 is a cryptographic hash function used in the Chinese National Standard. SM3 is mainly used in digital signatures, message authentication codes, and pseudorandom number generators. The message digest algorithm consists, by default, of 64 rounds and length of 256.";
+        this.infoURL = "https://wikipedia.org/wiki/SM3_(hash_function)";
+        this.inputType = "ArrayBuffer";
+        this.outputType = "string";
+        this.args = [
+            {
+                name: "Length",
+                type: "number",
+                value: 256
+            },
+            {
+                name: "Rounds",
+                type: "number",
+                value: 64,
+                min: 16
+            }
+        ];
+    }
+
+    /**
+     * @param {ArrayBuffer} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const msg = Utils.arrayBufferToStr(input, false);
+        const hasher = new Sm3({length: args[0], rounds: args[1]});
+        hasher.update(msg);
+        return toHex(hasher.finalize());
+    }
+}
+
+export default SM3;

src/core/operations/Snefru.mjs

@@ -26,14 +26,17 @@ class Snefru extends Operation {
         this.outputType = "string";
         this.args = [
             {
-                "name": "Rounds",
-                "type": "option",
-                "value": ["8", "4", "2"]
+                name: "Size",
+                type: "number",
+                value: 128,
+                min: 32,
+                max: 480,
+                step: 32
             },
             {
-                "name": "Size",
-                "type": "option",
-                "value": ["256", "128"]
+                name: "Rounds",
+                type: "option",
+                value: ["8", "4", "2"]
             }
         ];
     }
@@ -45,8 +48,8 @@ class Snefru extends Operation {
      */
     run(input, args) {
         return runHash("snefru", input, {
-            rounds: args[0],
-            length: args[1]
+            length: args[0],
+            rounds: args[1]
         });
     }
 

src/core/operations/Whirlpool.mjs

@@ -26,9 +26,16 @@ class Whirlpool extends Operation {
         this.outputType = "string";
         this.args = [
             {
-                "name": "Variant",
-                "type": "option",
-                "value": ["Whirlpool", "Whirlpool-T", "Whirlpool-0"]
+                name: "Variant",
+                type: "option",
+                value: ["Whirlpool", "Whirlpool-T", "Whirlpool-0"]
+            },
+            {
+                name: "Rounds",
+                type: "number",
+                value: 10,
+                min: 1,
+                max: 10
             }
         ];
     }
@@ -40,7 +47,7 @@ class Whirlpool extends Operation {
      */
     run(input, args) {
         const variant = args[0].toLowerCase();
-        return runHash(variant, input);
+        return runHash(variant, input, {rounds: args[1]});
     }
 
 }

tests/node/tests/operations.mjs

@@ -854,7 +854,7 @@ pCGTErs=
 
     it("Snefru", () => {
         assert.strictEqual(
-            chef.snefru("demeaning milestone").toString(),
+            chef.snefru("demeaning milestone", {size: 256, rounds: 8}).toString(),
             "a671b48770fe073ce49e9259cc2f47d345a53712639f8ae23c5ad3fec19540a5");
     }),
 

tests/operations/tests/Bombe.mjs

@@ -104,26 +104,26 @@ TestRegister.addTests([
             }
         ]
     },
-    // This test is a bit slow - it takes about 12s on my test hardware
-    {
-        name: "Bombe: 4 rotor",
-        input: "LUOXGJSHGEDSRDOQQX",
-        expectedMatch: /<td>LHSC<\/td> {2}<td>SS<\/td> {2}<td>HHHSSSGQUUQPKSEKWK<\/td>/,
-        recipeConfig: [
-            {
-                "op": "Bombe",
-                "args": [
-                    "4-rotor",
-                    "LEYJVCNIXWPBQMDRTAKZGFUHOS", // Beta
-                    "EKMFLGDQVZNTOWYHXUSPAIBRCJ<R", // I
-                    "AJDKSIRUXBLHWTMCQGZNPYFVOE<F", // II
-                    "BDFHJLCPRTXVZNYEIWGAKMUSQO<W", // III
-                    "AE BN CK DQ FU GY HW IJ LO MP RX SZ TV", // B thin
-                    "THISISATESTMESSAGE", 0, false
-                ]
-            }
-        ]
-    },
+    // Takes a while to run, so disabling for general purpose testing. Re-enable if modifying this operation.
+    // {
+    //     name: "Bombe: 4 rotor",
+    //     input: "LUOXGJSHGEDSRDOQQX",
+    //     expectedMatch: /<td>LHSC<\/td> {2}<td>SS<\/td> {2}<td>HHHSSSGQUUQPKSEKWK<\/td>/,
+    //     recipeConfig: [
+    //         {
+    //             "op": "Bombe",
+    //             "args": [
+    //                 "4-rotor",
+    //                 "LEYJVCNIXWPBQMDRTAKZGFUHOS", // Beta
+    //                 "EKMFLGDQVZNTOWYHXUSPAIBRCJ<R", // I
+    //                 "AJDKSIRUXBLHWTMCQGZNPYFVOE<F", // II
+    //                 "BDFHJLCPRTXVZNYEIWGAKMUSQO<W", // III
+    //                 "AE BN CK DQ FU GY HW IJ LO MP RX SZ TV", // B thin
+    //                 "THISISATESTMESSAGE", 0, false
+    //             ]
+    //         }
+    //     ]
+    // },
     {
         name: "Bombe: no crib",
         input: "JBYALIHDYNUAAVKBYM",

tests/operations/tests/Crypt.mjs

@@ -25,15 +25,18 @@ TestRegister.addTests([
      *
      * from Crypto.Cipher import AES
      * import binascii
-
+     *
      * input_data = "0123456789ABCDEF"
      * key = binascii.unhexlify("00112233445566778899aabbccddeeff")
      * iv = binascii.unhexlify("ffeeddccbbaa99887766554433221100")
+     * aad = b'additional data'
      *
      * cipher = AES.new(key, AES.MODE_GCM, nonce=iv)
+     * cipher.update(aad)
      * cipher_text, tag = cipher.encrypt_and_digest(binascii.unhexlify(input_data))
      *
      * cipher = AES.new(key, AES.MODE_GCM, nonce=iv)
+     * cipher.update(aad)
      * decrypted = cipher.decrypt_and_verify(cipher_text, tag)
      *
      * key = binascii.hexlify(key).decode("UTF-8")
@@ -42,7 +45,7 @@ TestRegister.addTests([
      * tag = binascii.hexlify(tag).decode("UTF-8")
      * decrypted = binascii.hexlify(decrypted).decode("UTF-8")
      *
-     * print("Key: {}\nIV : {}\nInput data: {}\n\nEncrypted ciphertext: {}\nGCM tag: {}\n\nDecrypted plaintext : {}".format(key, iv, input_data, cipher_text, tag, decrypted))
+     * print("Key: {}\nIV : {}\nInput data: {}\nAAD: {}\n\nEncrypted ciphertext: {}\nGCM tag: {}\n\nDecrypted plaintext : {}".format(key, iv, input_data, aad, cipher_text, tag, decrypted))
      *
      *
      * Outputs:
@@ -192,7 +195,24 @@ Tag: 16a3e732a605cc9ca29108f742ca0743`,
                 "args": [
                     {"option": "Hex", "string": "00112233445566778899aabbccddeeff"},
                     {"option": "Hex", "string": ""},
-                    "GCM", "Raw", "Hex"
+                    "GCM", "Raw", "Hex", ""
+                ]
+            }
+        ],
+    },
+    {
+        name: "AES Encrypt: AES-128-GCM, ASCII, AAD",
+        input: "The quick brown fox jumps over the lazy dog.",
+        expectedOutput: `daa58faa056c52756aa488aeafbd265b6effcf4eca58220a97b0005b1a9b1e1c9e7a6725d35f5f79b9493de7
+
+Tag: 3b5378917f67b0aade9891fc6c291646`,
+        recipeConfig: [
+            {
+                "op": "AES Encrypt",
+                "args": [
+                    {"option": "Hex", "string": "00112233445566778899aabbccddeeff"},
+                    {"option": "Hex", "string": "ffeeddccbbaa99887766554433221100"},
+                    "GCM", "Raw", "Hex", "additional data"
                 ]
             }
         ],
@@ -269,7 +289,24 @@ Tag: 70fad2ca19412c20f40fd06918736e56`,
                 "args": [
                     {"option": "Hex", "string": "51e201d463698ef5f717f71f5b4712af"},
                     {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
-                    "GCM", "Hex", "Hex"
+                    "GCM", "Hex", "Hex", ""
+                ]
+            }
+        ],
+    },
+    {
+        name: "AES Encrypt: AES-128-GCM, Binary, AAD",
+        input: "7a0e643132750e96d805d11e9e48e281fa39a41039286423cc1c045e5442b40bf1c3f2822bded3f9c8ef11cb25da64dda9c7ab87c246bd305385150c98f31465c2a6180fe81d31ea289b916504d5a12e1de26cb10adba84a0cb0c86f94bc14bc554f3018",
+        expectedOutput: `5a29debb5c5f38cdf8aee421bd94dbbf3399947faddf205f88b3ad8ecb0c51214ec0e28bf78942dfa212d7eb15259bbdcac677b4c05f473eeb9331d74f31d441d97d56eb5c73b586342d72128ca528813543dc0fc7eddb7477172cc9194c18b2e1383e4e
+
+Tag: 61cc4b70809452b0b3e38f913fa0a109`,
+        recipeConfig: [
+            {
+                "op": "AES Encrypt",
+                "args": [
+                    {"option": "Hex", "string": "51e201d463698ef5f717f71f5b4712af"},
+                    {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
+                    "GCM", "Hex", "Hex", "additional data"
                 ]
             }
         ],
@@ -361,7 +398,24 @@ Tag: 86db597d5302595223cadbd990f1309b`,
                 "args": [
                     {"option": "Hex", "string": "6801ed503c9d96ee5f9d78b07ab1b295dba3c2adf81c7816"},
                     {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
-                    "GCM", "Hex", "Hex"
+                    "GCM", "Hex", "Hex", ""
+                ]
+            }
+        ],
+    },
+    {
+        name: "AES Encrypt: AES-192-GCM, Binary, AAD",
+        input: "7a0e643132750e96d805d11e9e48e281fa39a41039286423cc1c045e5442b40bf1c3f2822bded3f9c8ef11cb25da64dda9c7ab87c246bd305385150c98f31465c2a6180fe81d31ea289b916504d5a12e1de26cb10adba84a0cb0c86f94bc14bc554f3018",
+        expectedOutput: `318b479d919d506f0cd904f2676fab263a7921b6d7e0514f36e03ae2333b77fa66ef5600babcb2ee9718aeb71fc357412343c1f2cb351d8715bb0aedae4a6468124f9c4aaf6a721b306beddbe63a978bec8baeeba4b663be33ee5bc982746bd4aed1c38b
+
+Tag: aeedf3e6ca4201577c0cf3e9ce58159d`,
+        recipeConfig: [
+            {
+                "op": "AES Encrypt",
+                "args": [
+                    {"option": "Hex", "string": "6801ed503c9d96ee5f9d78b07ab1b295dba3c2adf81c7816"},
+                    {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
+                    "GCM", "Hex", "Hex", "additional data"
                 ]
             }
         ],
@@ -453,7 +507,24 @@ Tag: 821b1e5f32dad052e502775a523d957a`,
                 "args": [
                     {"option": "Hex", "string": "2d767f6e9333d1c77581946e160b2b7368c2cdd5e2b80f04ca09d64e02afbfe1"},
                     {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
-                    "GCM", "Hex", "Hex"
+                    "GCM", "Hex", "Hex", ""
+                ]
+            }
+        ],
+    },
+    {
+        name: "AES Encrypt: AES-256-GCM, Binary, AAD",
+        input: "7a0e643132750e96d805d11e9e48e281fa39a41039286423cc1c045e5442b40bf1c3f2822bded3f9c8ef11cb25da64dda9c7ab87c246bd305385150c98f31465c2a6180fe81d31ea289b916504d5a12e1de26cb10adba84a0cb0c86f94bc14bc554f3018",
+        expectedOutput: `1287f188ad4d7ab0d9ff69b3c29cb11f861389532d8cb9337181da2e8cfc74a84927e8c0dd7a28a32fd485afe694259a63c199b199b95edd87c7aa95329feac340f2b78b72956a85f367044d821766b1b7135815571df44900695f1518cf3ae38ecb650f
+
+Tag: a8f04c4d93bbef82bef61a103371aef9`,
+        recipeConfig: [
+            {
+                "op": "AES Encrypt",
+                "args": [
+                    {"option": "Hex", "string": "2d767f6e9333d1c77581946e160b2b7368c2cdd5e2b80f04ca09d64e02afbfe1"},
+                    {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
+                    "GCM", "Hex", "Hex", "additional data"
                 ]
             }
         ],
@@ -805,7 +876,25 @@ The following algorithms will be used based on the size of the key:
                     {"option": "Hex", "string": "00112233445566778899aabbccddeeff"},
                     {"option": "Hex", "string": ""},
                     "GCM", "Hex", "Raw",
-                    {"option": "Hex", "string": "16a3e732a605cc9ca29108f742ca0743"}
+                    {"option": "Hex", "string": "16a3e732a605cc9ca29108f742ca0743"},
+                    ""
+                ]
+            }
+        ],
+    },
+    {
+        name: "AES Decrypt: AES-128-GCM, ASCII, AAD",
+        input: "daa58faa056c52756aa488aeafbd265b6effcf4eca58220a97b0005b1a9b1e1c9e7a6725d35f5f79b9493de7",
+        expectedOutput: "The quick brown fox jumps over the lazy dog.",
+        recipeConfig: [
+            {
+                "op": "AES Decrypt",
+                "args": [
+                    {"option": "Hex", "string": "00112233445566778899aabbccddeeff"},
+                    {"option": "Hex", "string": "ffeeddccbbaa99887766554433221100"},
+                    "GCM", "Hex", "Raw",
+                    {"option": "Hex", "string": "3b5378917f67b0aade9891fc6c291646"},
+                    "additional data"
                 ]
             }
         ],
@@ -885,7 +974,25 @@ The following algorithms will be used based on the size of the key:
                     {"option": "Hex", "string": "51e201d463698ef5f717f71f5b4712af"},
                     {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
                     "GCM", "Hex", "Hex",
-                    {"option": "Hex", "string": "70fad2ca19412c20f40fd06918736e56"}
+                    {"option": "Hex", "string": "70fad2ca19412c20f40fd06918736e56"},
+                    ""
+                ]
+            }
+        ],
+    },
+    {
+        name: "AES Decrypt: AES-128-GCM, Binary, AAD",
+        input: "5a29debb5c5f38cdf8aee421bd94dbbf3399947faddf205f88b3ad8ecb0c51214ec0e28bf78942dfa212d7eb15259bbdcac677b4c05f473eeb9331d74f31d441d97d56eb5c73b586342d72128ca528813543dc0fc7eddb7477172cc9194c18b2e1383e4e",
+        expectedOutput: "7a0e643132750e96d805d11e9e48e281fa39a41039286423cc1c045e5442b40bf1c3f2822bded3f9c8ef11cb25da64dda9c7ab87c246bd305385150c98f31465c2a6180fe81d31ea289b916504d5a12e1de26cb10adba84a0cb0c86f94bc14bc554f3018",
+        recipeConfig: [
+            {
+                "op": "AES Decrypt",
+                "args": [
+                    {"option": "Hex", "string": "51e201d463698ef5f717f71f5b4712af"},
+                    {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
+                    "GCM", "Hex", "Hex",
+                    {"option": "Hex", "string": "61cc4b70809452b0b3e38f913fa0a109"},
+                    "additional data"
                 ]
             }
         ],
@@ -981,7 +1088,25 @@ The following algorithms will be used based on the size of the key:
                     {"option": "Hex", "string": "6801ed503c9d96ee5f9d78b07ab1b295dba3c2adf81c7816"},
                     {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
                     "GCM", "Hex", "Hex",
-                    {"option": "Hex", "string": "86db597d5302595223cadbd990f1309b"}
+                    {"option": "Hex", "string": "86db597d5302595223cadbd990f1309b"},
+                    ""
+                ]
+            }
+        ],
+    },
+    {
+        name: "AES Decrypt: AES-192-GCM, Binary, AAD",
+        input: "318b479d919d506f0cd904f2676fab263a7921b6d7e0514f36e03ae2333b77fa66ef5600babcb2ee9718aeb71fc357412343c1f2cb351d8715bb0aedae4a6468124f9c4aaf6a721b306beddbe63a978bec8baeeba4b663be33ee5bc982746bd4aed1c38b",
+        expectedOutput: "7a0e643132750e96d805d11e9e48e281fa39a41039286423cc1c045e5442b40bf1c3f2822bded3f9c8ef11cb25da64dda9c7ab87c246bd305385150c98f31465c2a6180fe81d31ea289b916504d5a12e1de26cb10adba84a0cb0c86f94bc14bc554f3018",
+        recipeConfig: [
+            {
+                "op": "AES Decrypt",
+                "args": [
+                    {"option": "Hex", "string": "6801ed503c9d96ee5f9d78b07ab1b295dba3c2adf81c7816"},
+                    {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
+                    "GCM", "Hex", "Hex",
+                    {"option": "Hex", "string": "aeedf3e6ca4201577c0cf3e9ce58159d"},
+                    "additional data"
                 ]
             }
         ],
@@ -1077,7 +1202,25 @@ The following algorithms will be used based on the size of the key:
                     {"option": "Hex", "string": "2d767f6e9333d1c77581946e160b2b7368c2cdd5e2b80f04ca09d64e02afbfe1"},
                     {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
                     "GCM", "Hex", "Hex",
-                    {"option": "Hex", "string": "821b1e5f32dad052e502775a523d957a"}
+                    {"option": "Hex", "string": "821b1e5f32dad052e502775a523d957a"},
+                    ""
+                ]
+            }
+        ],
+    },
+    {
+        name: "AES Decrypt: AES-256-GCM, Binary, AAD",
+        input: "1287f188ad4d7ab0d9ff69b3c29cb11f861389532d8cb9337181da2e8cfc74a84927e8c0dd7a28a32fd485afe694259a63c199b199b95edd87c7aa95329feac340f2b78b72956a85f367044d821766b1b7135815571df44900695f1518cf3ae38ecb650f",
+        expectedOutput: "7a0e643132750e96d805d11e9e48e281fa39a41039286423cc1c045e5442b40bf1c3f2822bded3f9c8ef11cb25da64dda9c7ab87c246bd305385150c98f31465c2a6180fe81d31ea289b916504d5a12e1de26cb10adba84a0cb0c86f94bc14bc554f3018",
+        recipeConfig: [
+            {
+                "op": "AES Decrypt",
+                "args": [
+                    {"option": "Hex", "string": "2d767f6e9333d1c77581946e160b2b7368c2cdd5e2b80f04ca09d64e02afbfe1"},
+                    {"option": "Hex", "string": "1748e7179bd56570d51fa4ba287cc3e5"},
+                    "GCM", "Hex", "Hex",
+                    {"option": "Hex", "string": "a8f04c4d93bbef82bef61a103371aef9"},
+                    "additional data"
                 ]
             }
         ],

tests/operations/tests/Hash.mjs

@@ -345,7 +345,7 @@ TestRegister.addTests([
         recipeConfig: [
             {
                 "op": "Snefru",
-                "args": ["2", "128"]
+                "args": ["128", "2"]
             }
         ]
     },
@@ -356,7 +356,7 @@ TestRegister.addTests([
         recipeConfig: [
             {
                 "op": "Snefru",
-                "args": ["4", "128"]
+                "args": ["128", "4"]
             }
         ]
     },
@@ -367,7 +367,7 @@ TestRegister.addTests([
         recipeConfig: [
             {
                 "op": "Snefru",
-                "args": ["8", "128"]
+                "args": ["128", "8"]
             }
         ]
     },
@@ -378,7 +378,7 @@ TestRegister.addTests([
         recipeConfig: [
             {
                 "op": "Snefru",
-                "args": ["2", "256"]
+                "args": ["256", "2"]
             }
         ]
     },
@@ -389,7 +389,7 @@ TestRegister.addTests([
         recipeConfig: [
             {
                 "op": "Snefru",
-                "args": ["4", "256"]
+                "args": ["256", "4"]
             }
         ]
     },
@@ -400,7 +400,18 @@ TestRegister.addTests([
         recipeConfig: [
             {
                 "op": "Snefru",
-                "args": ["8", "256"]
+                "args": ["256", "8"]
+            }
+        ]
+    },
+    {
+        name: "SM3 256 64",
+        input: "Hello, World!",
+        expectedOutput: "7ed26cbf0bee4ca7d55c1e64714c4aa7d1f163089ef5ceb603cd102c81fbcbc5",
+        recipeConfig: [
+            {
+                "op": "SM3",
+                "args": ["256", "64"]
             }
         ]
     },

tests/operations/tests/Register.mjs

@@ -63,7 +63,8 @@ TestRegister.addTests([
                     {
                         "option": "Hex",
                         "string": ""
-                    }
+                    },
+                    ""
                 ]
             }
         ]