9.36.0

add nodeFlags

.eslintrc.json

@@ -1,5 +1,5 @@
 {
-    "parser": "babel-eslint",
+    "parser": "@babel/eslint-parser",
     "parserOptions": {
         "ecmaVersion": 9,
         "ecmaFeatures": {
@@ -63,7 +63,8 @@
         }],
         "linebreak-style": ["error", "unix"],
         "quotes": ["error", "double", {
-            "avoidEscape": true
+            "avoidEscape": true,
+            "allowTemplateLiterals": true
         }],
         "camelcase": ["error", {
             "properties": "always"

.github/workflows/codeql.yml

@@ -0,0 +1,33 @@
+name: "CodeQL Analysis"
+
+on:
+  workflow_dispatch:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '22 17 * * 5'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

.github/workflows/master.yml

@@ -1,6 +1,7 @@
-name: Master
+name: "Master Build, Test & Deploy"
 
 on:
+  workflow_dispatch:
   push:
     branches:
     - master
@@ -14,12 +15,12 @@ jobs:
     - name: Set node version
       uses: actions/setup-node@v1
       with:
-        node-version: '10.x'
+        node-version: '17.x'
 
     - name: Install
       run: |
         npm install
-        export NODE_OPTIONS=--max_old_space_size=2048
+        npm run setheapsize
 
     - name: Lint
       run: npx grunt lint
@@ -27,7 +28,7 @@ jobs:
     - name: Unit Tests
       run: |
         npm test
-        npx grunt testnodeconsumer
+        npm run testnodeconsumer
 
     - name: Production Build
       if: success()
@@ -36,9 +37,9 @@ jobs:
     - name: Generate sitemap
       run: npx grunt exec:sitemap
 
-    - name: UI Tests
-      if: success()
-      run: xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
+    # - name: UI Tests
+    #   if: success()
+    #   run: xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
 
     - name: Prepare for GitHub Pages
       if: success()

.github/workflows/pull_requests.yml

@@ -1,6 +1,7 @@
-name: PRs
+name: "Pull Requests"
 
 on:
+  workflow_dispatch:
   pull_request:
     types: [synchronize, opened, reopened]
 
@@ -13,12 +14,12 @@ jobs:
     - name: Set node version
       uses: actions/setup-node@v1
       with:
-        node-version: '10.x'
+        node-version: '17.x'
 
     - name: Install
       run: |
         npm install
-        export NODE_OPTIONS=--max_old_space_size=2048
+        npm run setheapsize
 
     - name: Lint
       run: npx grunt lint
@@ -26,12 +27,12 @@ jobs:
     - name: Unit Tests
       run: |
         npm test
-        npx grunt testnodeconsumer
+        npm run testnodeconsumer
 
     - name: Production Build
       if: success()
       run: npx grunt prod
 
-    - name: UI Tests
-      if: success()
-      run: xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
+    # - name: UI Tests
+    #   if: success()
+    #   run: xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui

.github/workflows/releases.yml

@@ -1,6 +1,7 @@
-name: Release
+name: "Releases"
 
 on:
+  workflow_dispatch:
   push:
     tags:
     - 'v*'
@@ -14,12 +15,12 @@ jobs:
     - name: Set node version
       uses: actions/setup-node@v1
       with:
-        node-version: '10.x'
+        node-version: '17.x'
 
     - name: Install
       run: |
         npm install
-        export NODE_OPTIONS=--max_old_space_size=2048
+        npm run setheapsize
 
     - name: Lint
       run: npx grunt lint
@@ -27,15 +28,15 @@ jobs:
     - name: Unit Tests
       run: |
         npm test
-        npx grunt testnodeconsumer
+        npm run testnodeconsumer
 
     - name: Production Build
       if: success()
       run: npx grunt prod
 
-    - name: UI Tests
-      if: success()
-      run: xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
+    # - name: UI Tests
+    #   if: success()
+    #   run: xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui
 
     - name: Upload Release Assets
       if: success()
@@ -47,6 +48,7 @@ jobs:
         tag: ${{ github.ref }}
         overwrite: true
         file_glob: true
+        body: "See the [CHANGELOG](https://github.com/gchq/CyberChef/blob/master/CHANGELOG.md) and [commit messages](https://github.com/gchq/CyberChef/commits/master) for details."
 
     - name: Publish to NPM
       if: success()

.gitignore

@@ -11,4 +11,4 @@ src/node/config/OperationConfig.json
 src/node/index.mjs
 **/*.DS_Store
 tests/browser/output/*
-
+.node-version

.nvmrc

@@ -1 +1 @@
-lts/dubnium
+17

CHANGELOG.md

@@ -1,7 +1,64 @@
 # Changelog
+
+## Versioning
+
+CyberChef uses the [semver](https://semver.org/) system to manage versioning: `<MAJOR>.<MINOR>.<PATCH>`.
+
+- MAJOR version changes represent a significant change to the fundamental architecture of CyberChef and may (but don't always) make breaking changes that are not backwards compatible.
+- MINOR version changes usually mean the addition of new operations or reasonably significant new features.
+- PATCH versions are used for bug fixes and any other small tweaks that modify or improve existing capabilities.
+
 All major and minor version changes will be documented in this file. Details of patch-level version changes can be found in [commit messages](https://github.com/gchq/CyberChef/commits/master).
 
 
+## Details
+
+### [9.36.0] - 2022-03-29
+- 'SIGABA' operation added [@hettysymes] | [#934]
+
+### [9.35.0] - 2022-03-28
+- 'To Base45' and 'From Base45' operations added [@t-8ch] | [#1242]
+
+### [9.34.0] - 2022-03-28
+- 'Get All Casings' operation added [@n1073645] | [#1065]
+
+### [9.33.0] - 2022-03-25
+- Updated to support Node 17 [@n1474335] [@john19696] [@t-8ch] | [[#1326] [#1313] [#1244]
+- Improved CJS and ESM module support [@d98762625] | [#1037]
+
+### [9.32.0] - 2021-08-18
+- 'Protobuf Encode' operation added and decode operation modified to allow decoding with full and partial schemas [@n1474335] | [dd18e52]
+
+### [9.31.0] - 2021-08-10
+- 'HASSH Client Fingerprint' and 'HASSH Server Fingerprint' operations added [@n1474335] | [e9ca4dc]
+
+### [9.30.0] - 2021-08-10
+- 'JA3S Fingerprint' operation added [@n1474335] | [289a417]
+
+### [9.29.0] - 2021-07-28
+- 'JA3 Fingerprint' operation added [@n1474335] | [9a33498]
+
+### [9.28.0] - 2021-03-26
+- 'CBOR Encode' and 'CBOR Decode' operations added [@Danh4] | [#999]
+
+### [9.27.0] - 2021-02-12
+- 'Fuzzy Match' operation added [@n1474335] | [8ad18b]
+
+### [9.26.0] - 2021-02-11
+- 'Get Time' operation added [@n1073645] [@n1474335] | [#1045]
+
+### [9.25.0] - 2021-02-11
+- 'Extract ID3' operation added [@n1073645] [@n1474335] | [#1006]
+
+### [9.24.0] - 2021-02-02
+- 'SM3' hashing function added along with more configuration options for other hashing operations [@n1073645] [@n1474335] | [#1022]
+
+### [9.23.0] - 2021-02-01
+- Various RSA operations added to encrypt, decrypt, sign, verify and generate keys [@mattnotmitt] [@GCHQ77703] | [#652]
+
+### [9.22.0] - 2021-02-01
+- 'Unicode Text Format' operation added [@mattnotmitt] | [#1083]
+
 ### [9.21.0] - 2020-06-12
 - Node API now exports `magic` operation [@d98762625] | [#1049]
 
@@ -227,6 +284,22 @@ All major and minor version changes will be documented in this file. Details of
 
 
 
+[9.36.0]: https://github.com/gchq/CyberChef/releases/tag/v9.36.0
+[9.35.0]: https://github.com/gchq/CyberChef/releases/tag/v9.35.0
+[9.34.0]: https://github.com/gchq/CyberChef/releases/tag/v9.34.0
+[9.33.0]: https://github.com/gchq/CyberChef/releases/tag/v9.33.0
+[9.32.0]: https://github.com/gchq/CyberChef/releases/tag/v9.32.0
+[9.31.0]: https://github.com/gchq/CyberChef/releases/tag/v9.31.0
+[9.30.0]: https://github.com/gchq/CyberChef/releases/tag/v9.30.0
+[9.29.0]: https://github.com/gchq/CyberChef/releases/tag/v9.29.0
+[9.28.0]: https://github.com/gchq/CyberChef/releases/tag/v9.28.0
+[9.27.0]: https://github.com/gchq/CyberChef/releases/tag/v9.27.0
+[9.26.0]: https://github.com/gchq/CyberChef/releases/tag/v9.26.0
+[9.25.0]: https://github.com/gchq/CyberChef/releases/tag/v9.25.0
+[9.24.0]: https://github.com/gchq/CyberChef/releases/tag/v9.24.0
+[9.23.0]: https://github.com/gchq/CyberChef/releases/tag/v9.23.0
+[9.22.0]: https://github.com/gchq/CyberChef/releases/tag/v9.22.0
+[9.21.0]: https://github.com/gchq/CyberChef/releases/tag/v9.21.0
 [9.20.0]: https://github.com/gchq/CyberChef/releases/tag/v9.20.0
 [9.19.0]: https://github.com/gchq/CyberChef/releases/tag/v9.19.0
 [9.18.0]: https://github.com/gchq/CyberChef/releases/tag/v9.18.0
@@ -326,6 +399,17 @@ All major and minor version changes will be documented in this file. Details of
 [@pointhi]: https://github.com/pointhi
 [@MarvinJWendt]: https://github.com/MarvinJWendt
 [@dmfj]: https://github.com/dmfj
+[@mattnotmitt]: https://github.com/mattnotmitt
+[@Danh4]: https://github.com/Danh4
+[@john19696]: https://github.com/john19696
+[@t-8ch]: https://github.com/t-8ch
+[@hettysymes]: https://github.com/hettysymes
+
+[8ad18b]: https://github.com/gchq/CyberChef/commit/8ad18bc7db6d9ff184ba3518686293a7685bf7b7
+[9a33498]: https://github.com/gchq/CyberChef/commit/9a33498fed26a8df9c9f35f39a78a174bf50a513
+[289a417]: https://github.com/gchq/CyberChef/commit/289a417dfb5923de5e1694354ec42a08d9395bfe
+[e9ca4dc]: https://github.com/gchq/CyberChef/commit/e9ca4dc9caf98f33fd986431cd400c88082a42b8
+[dd18e52]: https://github.com/gchq/CyberChef/commit/dd18e529939078b89867297b181a584e8b2cc7da
 
 [#95]: https://github.com/gchq/CyberChef/pull/299
 [#173]: https://github.com/gchq/CyberChef/pull/173
@@ -387,14 +471,28 @@ All major and minor version changes will be documented in this file. Details of
 [#625]: https://github.com/gchq/CyberChef/pull/625
 [#627]: https://github.com/gchq/CyberChef/pull/627
 [#632]: https://github.com/gchq/CyberChef/pull/632
+[#652]: https://github.com/gchq/CyberChef/pull/652
 [#653]: https://github.com/gchq/CyberChef/pull/653
 [#674]: https://github.com/gchq/CyberChef/pull/674
 [#683]: https://github.com/gchq/CyberChef/pull/683
 [#865]: https://github.com/gchq/CyberChef/pull/865
 [#912]: https://github.com/gchq/CyberChef/pull/912
 [#917]: https://github.com/gchq/CyberChef/pull/917
+[#934]: https://github.com/gchq/CyberChef/pull/934
 [#948]: https://github.com/gchq/CyberChef/pull/948
 [#952]: https://github.com/gchq/CyberChef/pull/952
 [#965]: https://github.com/gchq/CyberChef/pull/965
 [#966]: https://github.com/gchq/CyberChef/pull/966
 [#987]: https://github.com/gchq/CyberChef/pull/987
+[#999]: https://github.com/gchq/CyberChef/pull/999
+[#1006]: https://github.com/gchq/CyberChef/pull/1006
+[#1022]: https://github.com/gchq/CyberChef/pull/1022
+[#1037]: https://github.com/gchq/CyberChef/pull/1037
+[#1045]: https://github.com/gchq/CyberChef/pull/1045
+[#1049]: https://github.com/gchq/CyberChef/pull/1049
+[#1065]: https://github.com/gchq/CyberChef/pull/1065
+[#1083]: https://github.com/gchq/CyberChef/pull/1083
+[#1242]: https://github.com/gchq/CyberChef/pull/1242
+[#1244]: https://github.com/gchq/CyberChef/pull/1244
+[#1313]: https://github.com/gchq/CyberChef/pull/1313
+[#1326]: https://github.com/gchq/CyberChef/pull/1326

Gruntfile.js

@@ -6,6 +6,8 @@ const BundleAnalyzerPlugin = require("webpack-bundle-analyzer").BundleAnalyzerPl
 const glob = require("glob");
 const path = require("path");
 
+const nodeFlags = "--experimental-modules --experimental-json-modules --experimental-specifier-resolution=node --no-warnings --no-deprecation";
+
 /**
  * Grunt configuration for building the app in various formats.
  *
@@ -48,7 +50,7 @@ module.exports = function (grunt) {
 
     grunt.registerTask("testnodeconsumer",
         "A task which checks whether consuming CJS and ESM apps work with the CyberChef build",
-        ["exec:setupNodeConsumers", "exec:testCJSNodeConsumer", "exec:testESMNodeConsumer", "exec:testESMDeepImportNodeConsumer", "exec:teardownNodeConsumers"]);
+        ["exec:setupNodeConsumers", "exec:testCJSNodeConsumer", "exec:testESMNodeConsumer", "exec:teardownNodeConsumers"]);
 
     grunt.registerTask("default",
         "Lints the code base",
@@ -174,7 +176,7 @@ module.exports = function (grunt) {
             // previous one fails. & would coninue on a fail
             .join("&&")
             // Windows does not support \n properly
-            .replace("\n", "\\n");
+            .replace(/\n/g, "\\n");
     }
 
     grunt.initConfig({
@@ -187,9 +189,6 @@ module.exports = function (grunt) {
             standalone: ["build/prod/CyberChef*.html"]
         },
         eslint: {
-            options: {
-                configFile: "./.eslintrc.json"
-            },
             configs: ["*.{js,mjs}"],
             core: ["src/core/**/*.{js,mjs}", "!src/core/vendor/**/*", "!src/core/operations/legacy/**/*"],
             web: ["src/web/**/*.{js,mjs}", "!src/web/static/**/*"],
@@ -201,50 +200,35 @@ module.exports = function (grunt) {
             web: webpackProdConf(),
         },
         "webpack-dev-server": {
-            options: {
-                webpack: webpackConfig,
-                host: "0.0.0.0",
-                port: grunt.option("port") || 8080,
-                disableHostCheck: true,
-                overlay: true,
-                inline: false,
-                clientLogLevel: "error",
-                stats: {
-                    children: false,
-                    chunks: false,
-                    modules: false,
-                    entrypoints: false,
-                    warningsFilter: [
-                        /source-map/,
-                        /dependency is an expression/,
-                        /export 'default'/,
-                        /Can't resolve 'sodium'/
-                    ],
-                }
-            },
+            options: webpackConfig,
             start: {
-                webpack: {
-                    mode: "development",
-                    target: "web",
-                    entry: Object.assign({
-                        main: "./src/web/index.js"
-                    }, moduleEntryPoints),
-                    resolve: {
-                        alias: {
-                            "./config/modules/OpModules.mjs": "./config/modules/Default.mjs"
-                        }
-                    },
-                    plugins: [
-                        new webpack.DefinePlugin(BUILD_CONSTANTS),
-                        new HtmlWebpackPlugin({
-                            filename: "index.html",
-                            template: "./src/web/html/index.html",
-                            chunks: ["main"],
-                            compileTime: compileTime,
-                            version: pkg.version,
-                        })
-                    ]
-                }
+                mode: "development",
+                target: "web",
+                entry: Object.assign({
+                    main: "./src/web/index.js"
+                }, moduleEntryPoints),
+                resolve: {
+                    alias: {
+                        "./config/modules/OpModules.mjs": "./config/modules/Default.mjs"
+                    }
+                },
+                devServer: {
+                    port: grunt.option("port") || 8080,
+                    client: {
+                        logging: "error",
+                        overlay: true
+                    }
+                },
+                plugins: [
+                    new webpack.DefinePlugin(BUILD_CONSTANTS),
+                    new HtmlWebpackPlugin({
+                        filename: "index.html",
+                        template: "./src/web/html/index.html",
+                        chunks: ["main"],
+                        compileTime: compileTime,
+                        version: pkg.version,
+                    })
+                ]
             }
         },
         zip: {
@@ -349,15 +333,15 @@ module.exports = function (grunt) {
                 command: "git gc --prune=now --aggressive"
             },
             sitemap: {
-                command: "node --experimental-modules --no-warnings --no-deprecation src/web/static/sitemap.mjs > build/prod/sitemap.xml",
+                command: `node ${nodeFlags} src/web/static/sitemap.mjs > build/prod/sitemap.xml`,
                 sync: true
             },
             generateConfig: {
                 command: chainCommands([
                     "echo '\n--- Regenerating config files. ---'",
                     "echo [] > src/core/config/OperationConfig.json",
-                    "node --experimental-modules --no-warnings --no-deprecation src/core/config/scripts/generateOpsIndex.mjs",
-                    "node --experimental-modules --no-warnings --no-deprecation src/core/config/scripts/generateConfig.mjs",
+                    `node ${nodeFlags} src/core/config/scripts/generateOpsIndex.mjs`,
+                    `node ${nodeFlags} src/core/config/scripts/generateConfig.mjs`,
                     "echo '--- Config scripts finished. ---\n'"
                 ]),
                 sync: true
@@ -365,7 +349,7 @@ module.exports = function (grunt) {
             generateNodeIndex: {
                 command: chainCommands([
                     "echo '\n--- Regenerating node index ---'",
-                    "node --experimental-modules --no-warnings --no-deprecation src/node/config/scripts/generateNodeIndex.mjs",
+                    `node ${nodeFlags} src/node/config/scripts/generateNodeIndex.mjs`,
                     "echo '--- Node index generated. ---\n'"
                 ]),
                 sync: true
@@ -393,24 +377,27 @@ module.exports = function (grunt) {
             testCJSNodeConsumer: {
                 command: chainCommands([
                     `cd ${nodeConsumerTestPath}`,
-                    "node --no-warnings cjs-consumer.js",
+                    `node ${nodeFlags} cjs-consumer.js`,
                 ]),
                 stdout: false,
             },
             testESMNodeConsumer: {
                 command: chainCommands([
                     `cd ${nodeConsumerTestPath}`,
-                    "node --no-warnings --experimental-modules esm-consumer.mjs",
-                ]),
-                stdout: false,
-            },
-            testESMDeepImportNodeConsumer: {
-                command: chainCommands([
-                    `cd ${nodeConsumerTestPath}`,
-                    "node --no-warnings --experimental-modules esm-deep-import-consumer.mjs",
+                    `node ${nodeFlags} esm-consumer.mjs`,
                 ]),
                 stdout: false,
             },
+            fixCryptoApiImports: {
+                command: [
+                    `[[ "$OSTYPE" == "darwin"* ]]`,
+                    "&&",
+                    `find ./node_modules/crypto-api/src/ \\( -type d -name .git -prune \\) -o -type f -print0 | xargs -0 sed -i '' -e '/\\.mjs/!s/\\(from "\\.[^"]*\\)";/\\1.mjs";/g'`,
+                    "||",
+                    `find ./node_modules/crypto-api/src/ \\( -type d -name .git -prune \\) -o -type f -print0 | xargs -0 sed -i -e '/\\.mjs/!s/\\(from "\\.[^"]*\\)";/\\1.mjs";/g'`
+                ].join(" "),
+                stdout: false
+            }
         },
     });
 };

README.md

@@ -1,7 +1,7 @@
 # CyberChef
 
-[![Build Status](https://travis-ci.org/gchq/CyberChef.svg?branch=master)](https://travis-ci.org/gchq/CyberChef)
-[![dependencies Status](https://david-dm.org/gchq/CyberChef/status.svg)](https://david-dm.org/gchq/CyberChef)
+[![](https://github.com/gchq/CyberChef/workflows/Master%20Build,%20Test%20&%20Deploy/badge.svg)](https://github.com/gchq/CyberChef/actions?query=workflow%3A%22Master+Build%2C+Test+%26+Deploy%22)
+[![Language grade: JavaScript](https://img.shields.io/lgtm/grade/javascript/g/gchq/CyberChef.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/gchq/CyberChef/context:javascript)
 [![npm](https://img.shields.io/npm/v/cyberchef.svg)](https://www.npmjs.com/package/cyberchef)
 [![](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](https://github.com/gchq/CyberChef/blob/master/LICENSE)
 [![Gitter](https://badges.gitter.im/gchq/CyberChef.svg)](https://gitter.im/gchq/CyberChef?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge)
@@ -9,7 +9,7 @@
 
 #### *The Cyber Swiss Army Knife*
 
-CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more.
+CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more.
 
 The tool is designed to enable both technical and non-technical analysts to manipulate data in complex ways without having to deal with complex tools or algorithms. It was conceived, designed, built and incrementally improved by an analyst in their 10% innovation time over several years.
 
@@ -105,7 +105,7 @@ An installation walkthrough, how-to guides for adding new operations and themes,
 
 ## Licencing
 
-CyberChef is released under the [Apache 2.0 Licence](https://www.apache.org/licenses/LICENSE-2.0) and is covered by [Crown Copyright](https://www.nationalarchives.gov.uk/information-management/re-using-public-sector-information/copyright-and-re-use/crown-copyright/).
+CyberChef is released under the [Apache 2.0 Licence](https://www.apache.org/licenses/LICENSE-2.0) and is covered by [Crown Copyright](https://www.nationalarchives.gov.uk/information-management/re-using-public-sector-information/uk-government-licensing-framework/crown-copyright/).
 
 
   [1]: https://gchq.github.io/CyberChef

babel.config.js

@@ -11,6 +11,7 @@ module.exports = function(api) {
         ],
         "plugins": [
             "dynamic-import-node",
+            "@babel/plugin-syntax-import-assertions",
             [
                 "babel-plugin-transform-builtin-extend", {
                     "globals": ["Error"]

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cyberchef",
-  "version": "9.23.1",
+  "version": "9.36.0",
   "description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.",
   "author": "n1474335 <n1474335@gmail.com>",
   "homepage": "https://gchq.github.io/CyberChef",
@@ -27,152 +27,154 @@
     "type": "git",
     "url": "https://github.com/gchq/CyberChef/"
   },
-  "main": "src/node/cjs.js",
-  "module": "src/node/index.mjs",
+  "main": "src/node/wrapper.js",
+  "exports": {
+    "import": "./src/node/index.mjs",
+    "require": "./src/node/wrapper.js"
+  },
   "bugs": "https://github.com/gchq/CyberChef/issues",
   "browserslist": [
     "Chrome >= 50",
     "Firefox >= 38",
-    "node >= 10"
+    "node >= 16"
   ],
   "devDependencies": {
-    "@babel/core": "^7.12.10",
-    "@babel/plugin-transform-runtime": "^7.12.10",
-    "@babel/preset-env": "^7.12.11",
-    "autoprefixer": "^10.2.4",
-    "babel-eslint": "^10.1.0",
-    "babel-loader": "^8.2.2",
+    "@babel/core": "^7.17.8",
+    "@babel/eslint-parser": "^7.17.0",
+    "@babel/plugin-syntax-import-assertions": "^7.16.7",
+    "@babel/plugin-transform-runtime": "^7.17.0",
+    "@babel/preset-env": "^7.16.11",
+    "@babel/runtime": "^7.17.8",
+    "autoprefixer": "^10.4.4",
+    "babel-loader": "^8.2.4",
     "babel-plugin-dynamic-import-node": "^2.3.3",
-    "chromedriver": "^88.0.0",
-    "cli-progress": "^3.9.0",
+    "chromedriver": "^99.0.0",
+    "cli-progress": "^3.10.0",
     "colors": "^1.4.0",
-    "copy-webpack-plugin": "^7.0.0",
-    "css-loader": "^5.0.1",
-    "eslint": "^7.19.0",
-    "exports-loader": "^2.0.0",
-    "file-loader": "^6.2.0",
-    "grunt": "^1.3.0",
+    "copy-webpack-plugin": "^10.2.4",
+    "core-js": "^3.21.1",
+    "css-loader": "6.7.1",
+    "eslint": "^8.12.0",
+    "grunt": "^1.4.1",
     "grunt-chmod": "~1.1.1",
     "grunt-concurrent": "^3.0.0",
     "grunt-contrib-clean": "~2.0.0",
     "grunt-contrib-connect": "^3.0.0",
     "grunt-contrib-copy": "~1.0.0",
     "grunt-contrib-watch": "^1.1.0",
-    "grunt-eslint": "^23.0.0",
+    "grunt-eslint": "^24.0.0",
     "grunt-exec": "~3.0.0",
-    "grunt-webpack": "^4.0.2",
+    "grunt-webpack": "^5.0.0",
     "grunt-zip": "^0.18.2",
-    "html-webpack-plugin": "^4.5.1",
-    "imports-loader": "^2.0.0",
-    "mini-css-extract-plugin": "^1.3.5",
-    "nightwatch": "^1.5.1",
-    "node-sass": "^5.0.0",
-    "postcss": "^8.2.4",
-    "postcss-css-variables": "^0.17.0",
-    "postcss-import": "^14.0.0",
-    "postcss-loader": "^4.2.0",
-    "prompt": "^1.1.0",
-    "sass-loader": "^10.1.1",
-    "sitemap": "^6.3.5",
-    "style-loader": "^2.0.0",
-    "svg-url-loader": "^7.1.1",
-    "url-loader": "^4.1.1",
-    "webpack": "^5.19.0",
-    "webpack-bundle-analyzer": "^4.4.0",
-    "webpack-dev-server": "^3.11.2",
-    "webpack-node-externals": "^2.5.2",
-    "worker-loader": "^3.0.7"
+    "html-webpack-plugin": "^5.5.0",
+    "imports-loader": "^3.1.1",
+    "mini-css-extract-plugin": "2.6.0",
+    "nightwatch": "^2.0.10",
+    "postcss": "^8.4.12",
+    "postcss-css-variables": "^0.18.0",
+    "postcss-import": "^14.1.0",
+    "postcss-loader": "^6.2.1",
+    "prompt": "^1.2.2",
+    "sass-loader": "^12.6.0",
+    "sitemap": "^7.1.1",
+    "terser": "^5.12.1",
+    "webpack": "^5.70.0",
+    "webpack-bundle-analyzer": "^4.5.0",
+    "webpack-dev-server": "4.7.4",
+    "webpack-node-externals": "^3.0.0",
+    "worker-loader": "^3.0.8"
   },
   "dependencies": {
     "@babel/polyfill": "^7.12.1",
-    "@babel/runtime": "^7.12.5",
     "arrive": "^2.4.1",
-    "avsc": "^5.5.3",
+    "avsc": "^5.7.3",
     "babel-plugin-transform-builtin-extend": "1.1.2",
     "bcryptjs": "^2.4.3",
-    "bignumber.js": "^9.0.1",
-    "blakejs": "^1.1.0",
-    "bootstrap": "4.6.0",
-    "bootstrap-colorpicker": "^3.2.0",
+    "bignumber.js": "^9.0.2",
+    "blakejs": "^1.2.1",
+    "bootstrap": "4.6.1",
+    "bootstrap-colorpicker": "^3.4.0",
     "bootstrap-material-design": "^4.1.3",
     "browserify-zlib": "^0.2.0",
-    "bson": "^4.2.2",
+    "bson": "^4.6.2",
     "buffer": "^6.0.3",
+    "cbor": "8.1.0",
     "chi-squared": "^1.1.0",
-    "codepage": "^1.14.0",
-    "core-js": "^3.8.3",
+    "codepage": "^1.15.0",
     "crypto-api": "^0.8.5",
     "crypto-browserify": "^3.12.0",
-    "crypto-js": "^4.0.0",
+    "crypto-js": "^4.1.1",
     "ctph.js": "0.0.5",
-    "d3": "^6.5.0",
+    "d3": "7.3.0",
     "d3-hexbin": "^0.2.2",
     "diff": "^5.0.0",
-    "es6-promisify": "^6.1.1",
+    "es6-promisify": "^7.0.0",
     "escodegen": "^2.0.0",
-    "esm": "^3.2.25",
     "esprima": "^4.0.1",
     "exif-parser": "^0.1.12",
     "file-saver": "^2.0.5",
     "flat": "^5.0.2",
-    "geodesy": "^1.1.3",
-    "highlight.js": "^10.5.0",
+    "geodesy": "1.1.3",
+    "highlight.js": "^11.5.0",
     "jimp": "^0.16.1",
-    "jquery": "3.5.1",
+    "jquery": "3.6.0",
     "js-crc": "^0.2.0",
     "js-sha3": "^0.8.0",
     "jsesc": "^3.0.2",
-    "jsonpath": "^1.1.0",
+    "jsonpath": "^1.1.1",
     "jsonwebtoken": "^8.5.1",
-    "jsqr": "^1.3.1",
-    "jsrsasign": "10.1.5",
+    "jsqr": "^1.4.0",
+    "jsrsasign": "^10.5.14",
     "kbpgp": "2.1.15",
     "libbzip2-wasm": "0.0.4",
     "libyara-wasm": "^1.1.0",
-    "lodash": "^4.17.20",
-    "loglevel": "^1.7.1",
+    "lodash": "^4.17.21",
+    "loglevel": "^1.8.0",
     "loglevel-message-prefix": "^3.0.0",
-    "markdown-it": "^12.0.4",
+    "markdown-it": "^12.3.2",
     "moment": "^2.29.1",
-    "moment-timezone": "^0.5.32",
+    "moment-timezone": "^0.5.34",
     "ngeohash": "^0.6.3",
-    "node-forge": "^0.10.0",
+    "node-forge": "^1.3.0",
     "node-md6": "^0.1.0",
+    "node-sass": "^7.0.1",
     "nodom": "^2.4.0",
     "notepack.io": "^2.3.0",
     "nwmatcher": "^1.4.4",
-    "otp": "^0.1.3",
+    "otp": "0.1.3",
     "path": "^0.12.7",
     "popper.js": "^1.16.1",
     "process": "^0.11.10",
+    "protobufjs": "^6.11.2",
     "qr-image": "^3.2.0",
     "scryptsy": "^2.1.0",
     "snackbarjs": "^1.1.0",
-    "sortablejs": "^1.13.0",
-    "split.js": "^1.6.2",
-    "ssdeep.js": "0.0.2",
+    "sortablejs": "^1.15.0",
+    "split.js": "^1.6.5",
+    "ssdeep.js": "0.0.3",
     "stream-browserify": "^3.0.0",
-    "terser": "^5.5.1",
-    "tesseract.js": "^2.1.1",
-    "ua-parser-js": "^0.7.23",
+    "tesseract.js": "2.1.5",
+    "ua-parser-js": "^1.0.2",
     "unorm": "^1.6.0",
     "utf8": "^3.0.0",
     "vkbeautify": "^0.99.3",
-    "xmldom": "^0.4.0",
+    "xmldom": "^0.6.0",
     "xpath": "0.0.32",
-    "xregexp": "^4.4.1",
+    "xregexp": "^5.1.0",
     "zlibjs": "^0.3.1"
   },
   "scripts": {
-    "start": "grunt dev",
-    "build": "grunt prod",
-    "repl": "node src/node/repl.js",
-    "test": "grunt configTests && node --experimental-modules --no-warnings --no-deprecation tests/node/index.mjs && node --experimental-modules --no-warnings --no-deprecation tests/operations/index.mjs",
-    "test-node-consumer": "grunt testnodeconsumer",
-    "testui": "grunt testui",
+    "start": "npx grunt dev",
+    "build": "npx grunt prod",
+    "repl": "node --experimental-modules --experimental-json-modules --experimental-specifier-resolution=node --no-warnings src/node/repl.mjs",
+    "test": "npx grunt configTests && node --experimental-modules --experimental-json-modules --no-warnings --no-deprecation tests/node/index.mjs && node --experimental-modules --experimental-json-modules --no-warnings --no-deprecation tests/operations/index.mjs",
+    "testnodeconsumer": "npx grunt testnodeconsumer",
+    "testui": "npx grunt testui",
     "testuidev": "npx nightwatch --env=dev",
-    "lint": "grunt lint",
-    "postinstall": "bash postinstall.sh",
-    "newop": "node --experimental-modules src/core/config/scripts/newOperation.mjs"
+    "lint": "npx grunt lint",
+    "postinstall": "npx grunt exec:fixCryptoApiImports",
+    "newop": "node --experimental-modules --experimental-json-modules src/core/config/scripts/newOperation.mjs",
+    "getheapsize": "node -e 'console.log(`node heap limit = ${require(\"v8\").getHeapStatistics().heap_size_limit / (1024 * 1024)} Mb`)'",
+    "setheapsize": "export NODE_OPTIONS=--max_old_space_size=2048"
   }
 }

postinstall.sh

@@ -1,8 +0,0 @@
-#!/bin/bash
-
-# Add file extensions to Crypto-Api imports
-if [[ "$OSTYPE" == "darwin"* ]]; then
-  find ./node_modules/crypto-api/src/ \( -type d -name .git -prune \) -o -type f -print0 | xargs -0 sed -i '' -e '/\.mjs/!s/\(from "\.[^"]*\)";/\1.mjs";/g'
-else
-  find ./node_modules/crypto-api/src/ \( -type d -name .git -prune \) -o -type f -print0 | xargs -0 sed -i -e '/\.mjs/!s/\(from "\.[^"]*\)";/\1.mjs";/g'
-fi

src/core/ChefWorker.js

@@ -7,7 +7,7 @@
  */
 
 import Chef from "./Chef.mjs";
-import OperationConfig from "./config/OperationConfig.json";
+import OperationConfig from "./config/OperationConfig.json" assert {type: "json"};
 import OpModules from "./config/modules/OpModules.mjs";
 
 // Add ">" to the start of all log messages in the Chef Worker
@@ -212,7 +212,7 @@ self.loadRequiredModules = function(recipeConfig) {
         if (!(module in OpModules)) {
             log.info(`Loading ${module} module`);
             self.sendStatusMessage(`Loading ${module} module`);
-            self.importScripts(`${self.docURL}/modules/${module}.js`);
+            self.importScripts(`${self.docURL}/modules/${module}.js`); // lgtm [js/client-side-unvalidated-url-redirection]
             self.sendStatusMessage("");
         }
     });

src/core/Dish.mjs

@@ -207,7 +207,7 @@ class Dish {
         const data = new Uint8Array(this.value.slice(0, 2048)),
             types = detectFileType(data);
 
-        if (!types.length || !types[0].mime || !types[0].mime === "text/plain") {
+        if (!types.length || !types[0].mime || !(types[0].mime === "text/plain")) {
             return null;
         } else {
             return types[0].mime;

src/core/Recipe.mjs

@@ -4,7 +4,7 @@
  * @license Apache-2.0
  */
 
-import OperationConfig from "./config/OperationConfig.json";
+import OperationConfig from "./config/OperationConfig.json" assert {type: "json"};
 import OperationError from "./errors/OperationError.mjs";
 import Operation from "./Operation.mjs";
 import DishError from "./errors/DishError.mjs";
@@ -46,7 +46,7 @@ class Recipe  {
                 module: OperationConfig[c.op].module,
                 ingValues: c.args,
                 breakpoint: c.breakpoint,
-                disabled: c.disabled,
+                disabled: c.disabled || c.op === "Comment",
             });
         });
     }

src/core/Utils.mjs

@@ -170,13 +170,18 @@ class Utils {
      *
      * @param {string} str - The input string to display.
      * @param {boolean} [preserveWs=false] - Whether or not to print whitespace.
+     * @param {boolean} [onlyAscii=false] - Whether or not to replace non ASCII characters.
      * @returns {string}
      */
-    static printable(str, preserveWs=false) {
+    static printable(str, preserveWs=false, onlyAscii=false) {
         if (isWebEnvironment() && window.app && !window.app.options.treatAsUtf8) {
             str = Utils.byteArrayToChars(Utils.strToByteArray(str));
         }
 
+        if (onlyAscii) {
+            return str.replace(/[^\x20-\x7f]/g, ".");
+        }
+
         // eslint-disable-next-line no-misleading-character-class
         const re = /[\0-\x08\x0B-\x0C\x0E-\x1F\x7F-\x9F\xAD\u0378\u0379\u037F-\u0383\u038B\u038D\u03A2\u0528-\u0530\u0557\u0558\u0560\u0588\u058B-\u058E\u0590\u05C8-\u05CF\u05EB-\u05EF\u05F5-\u0605\u061C\u061D\u06DD\u070E\u070F\u074B\u074C\u07B2-\u07BF\u07FB-\u07FF\u082E\u082F\u083F\u085C\u085D\u085F-\u089F\u08A1\u08AD-\u08E3\u08FF\u0978\u0980\u0984\u098D\u098E\u0991\u0992\u09A9\u09B1\u09B3-\u09B5\u09BA\u09BB\u09C5\u09C6\u09C9\u09CA\u09CF-\u09D6\u09D8-\u09DB\u09DE\u09E4\u09E5\u09FC-\u0A00\u0A04\u0A0B-\u0A0E\u0A11\u0A12\u0A29\u0A31\u0A34\u0A37\u0A3A\u0A3B\u0A3D\u0A43-\u0A46\u0A49\u0A4A\u0A4E-\u0A50\u0A52-\u0A58\u0A5D\u0A5F-\u0A65\u0A76-\u0A80\u0A84\u0A8E\u0A92\u0AA9\u0AB1\u0AB4\u0ABA\u0ABB\u0AC6\u0ACA\u0ACE\u0ACF\u0AD1-\u0ADF\u0AE4\u0AE5\u0AF2-\u0B00\u0B04\u0B0D\u0B0E\u0B11\u0B12\u0B29\u0B31\u0B34\u0B3A\u0B3B\u0B45\u0B46\u0B49\u0B4A\u0B4E-\u0B55\u0B58-\u0B5B\u0B5E\u0B64\u0B65\u0B78-\u0B81\u0B84\u0B8B-\u0B8D\u0B91\u0B96-\u0B98\u0B9B\u0B9D\u0BA0-\u0BA2\u0BA5-\u0BA7\u0BAB-\u0BAD\u0BBA-\u0BBD\u0BC3-\u0BC5\u0BC9\u0BCE\u0BCF\u0BD1-\u0BD6\u0BD8-\u0BE5\u0BFB-\u0C00\u0C04\u0C0D\u0C11\u0C29\u0C34\u0C3A-\u0C3C\u0C45\u0C49\u0C4E-\u0C54\u0C57\u0C5A-\u0C5F\u0C64\u0C65\u0C70-\u0C77\u0C80\u0C81\u0C84\u0C8D\u0C91\u0CA9\u0CB4\u0CBA\u0CBB\u0CC5\u0CC9\u0CCE-\u0CD4\u0CD7-\u0CDD\u0CDF\u0CE4\u0CE5\u0CF0\u0CF3-\u0D01\u0D04\u0D0D\u0D11\u0D3B\u0D3C\u0D45\u0D49\u0D4F-\u0D56\u0D58-\u0D5F\u0D64\u0D65\u0D76-\u0D78\u0D80\u0D81\u0D84\u0D97-\u0D99\u0DB2\u0DBC\u0DBE\u0DBF\u0DC7-\u0DC9\u0DCB-\u0DCE\u0DD5\u0DD7\u0DE0-\u0DF1\u0DF5-\u0E00\u0E3B-\u0E3E\u0E5C-\u0E80\u0E83\u0E85\u0E86\u0E89\u0E8B\u0E8C\u0E8E-\u0E93\u0E98\u0EA0\u0EA4\u0EA6\u0EA8\u0EA9\u0EAC\u0EBA\u0EBE\u0EBF\u0EC5\u0EC7\u0ECE\u0ECF\u0EDA\u0EDB\u0EE0-\u0EFF\u0F48\u0F6D-\u0F70\u0F98\u0FBD\u0FCD\u0FDB-\u0FFF\u10C6\u10C8-\u10CC\u10CE\u10CF\u1249\u124E\u124F\u1257\u1259\u125E\u125F\u1289\u128E\u128F\u12B1\u12B6\u12B7\u12BF\u12C1\u12C6\u12C7\u12D7\u1311\u1316\u1317\u135B\u135C\u137D-\u137F\u139A-\u139F\u13F5-\u13FF\u169D-\u169F\u16F1-\u16FF\u170D\u1715-\u171F\u1737-\u173F\u1754-\u175F\u176D\u1771\u1774-\u177F\u17DE\u17DF\u17EA-\u17EF\u17FA-\u17FF\u180F\u181A-\u181F\u1878-\u187F\u18AB-\u18AF\u18F6-\u18FF\u191D-\u191F\u192C-\u192F\u193C-\u193F\u1941-\u1943\u196E\u196F\u1975-\u197F\u19AC-\u19AF\u19CA-\u19CF\u19DB-\u19DD\u1A1C\u1A1D\u1A5F\u1A7D\u1A7E\u1A8A-\u1A8F\u1A9A-\u1A9F\u1AAE-\u1AFF\u1B4C-\u1B4F\u1B7D-\u1B7F\u1BF4-\u1BFB\u1C38-\u1C3A\u1C4A-\u1C4C\u1C80-\u1CBF\u1CC8-\u1CCF\u1CF7-\u1CFF\u1DE7-\u1DFB\u1F16\u1F17\u1F1E\u1F1F\u1F46\u1F47\u1F4E\u1F4F\u1F58\u1F5A\u1F5C\u1F5E\u1F7E\u1F7F\u1FB5\u1FC5\u1FD4\u1FD5\u1FDC\u1FF0\u1FF1\u1FF5\u1FFF\u200B-\u200F\u202A-\u202E\u2060-\u206F\u2072\u2073\u208F\u209D-\u209F\u20BB-\u20CF\u20F1-\u20FF\u218A-\u218F\u23F4-\u23FF\u2427-\u243F\u244B-\u245F\u2700\u2B4D-\u2B4F\u2B5A-\u2BFF\u2C2F\u2C5F\u2CF4-\u2CF8\u2D26\u2D28-\u2D2C\u2D2E\u2D2F\u2D68-\u2D6E\u2D71-\u2D7E\u2D97-\u2D9F\u2DA7\u2DAF\u2DB7\u2DBF\u2DC7\u2DCF\u2DD7\u2DDF\u2E3C-\u2E7F\u2E9A\u2EF4-\u2EFF\u2FD6-\u2FEF\u2FFC-\u2FFF\u3040\u3097\u3098\u3100-\u3104\u312E-\u3130\u318F\u31BB-\u31BF\u31E4-\u31EF\u321F\u32FF\u4DB6-\u4DBF\u9FCD-\u9FFF\uA48D-\uA48F\uA4C7-\uA4CF\uA62C-\uA63F\uA698-\uA69E\uA6F8-\uA6FF\uA78F\uA794-\uA79F\uA7AB-\uA7F7\uA82C-\uA82F\uA83A-\uA83F\uA878-\uA87F\uA8C5-\uA8CD\uA8DA-\uA8DF\uA8FC-\uA8FF\uA954-\uA95E\uA97D-\uA97F\uA9CE\uA9DA-\uA9DD\uA9E0-\uA9FF\uAA37-\uAA3F\uAA4E\uAA4F\uAA5A\uAA5B\uAA7C-\uAA7F\uAAC3-\uAADA\uAAF7-\uAB00\uAB07\uAB08\uAB0F\uAB10\uAB17-\uAB1F\uAB27\uAB2F-\uABBF\uABEE\uABEF\uABFA-\uABFF\uD7A4-\uD7AF\uD7C7-\uD7CA\uD7FC-\uD7FF\uE000-\uF8FF\uFA6E\uFA6F\uFADA-\uFAFF\uFB07-\uFB12\uFB18-\uFB1C\uFB37\uFB3D\uFB3F\uFB42\uFB45\uFBC2-\uFBD2\uFD40-\uFD4F\uFD90\uFD91\uFDC8-\uFDEF\uFDFE\uFDFF\uFE1A-\uFE1F\uFE27-\uFE2F\uFE53\uFE67\uFE6C-\uFE6F\uFE75\uFEFD-\uFF00\uFFBF-\uFFC1\uFFC8\uFFC9\uFFD0\uFFD1\uFFD8\uFFD9\uFFDD-\uFFDF\uFFE7\uFFEF-\uFFFB\uFFFE\uFFFF]/g;
         const wsRe = /[\x09-\x10\x0D\u2028\u2029]/g;
@@ -704,8 +709,22 @@ class Utils {
      * Utils.stripHtmlTags("<div>Test</div>");
      */
     static stripHtmlTags(htmlStr, removeScriptAndStyle=false) {
+        /**
+         * Recursively remove a pattern from a string until there are no more matches.
+         * Avoids incomplete sanitization e.g. "aabcbc".replace(/abc/g, "") === "abc"
+         *
+         * @param {RegExp} pattern
+         * @param {string} str
+         * @returns {string}
+         */
+        function recursiveRemove(pattern, str) {
+            const newStr = str.replace(pattern, "");
+            return newStr.length === str.length ? newStr : recursiveRemove(pattern, newStr);
+        }
+
         if (removeScriptAndStyle) {
-            htmlStr = htmlStr.replace(/<(script|style)[^>]*>.*<\/(script|style)>/gmi, "");
+            htmlStr = recursiveRemove(/<script[^>]*>.*?<\/script>/gi, htmlStr);
+            htmlStr = recursiveRemove(/<style[^>]*>.*?<\/style>/gi, htmlStr);
         }
         return htmlStr.replace(/<[^>]+>/g, "");
     }
@@ -729,11 +748,10 @@ class Utils {
             ">": "&gt;",
             '"': "&quot;",
             "'": "&#x27;", // &apos; not recommended because it's not in the HTML spec
-            "/": "&#x2F;", // forward slash is included as it helps end an HTML entity
             "`": "&#x60;"
         };
 
-        return str.replace(/[&<>"'/`]/g, function (match) {
+        return str.replace(/[&<>"'`]/g, function (match) {
             return HTML_CHARS[match];
         });
     }
@@ -878,7 +896,7 @@ class Utils {
 
         while ((m = recipeRegex.exec(recipe))) {
             // Translate strings in args back to double-quotes
-            args = m[2]
+            args = m[2] // lgtm [js/incomplete-sanitization]
                 .replace(/"/g, '\\"') // Escape double quotes
                 .replace(/(^|,|{|:)'/g, '$1"') // Replace opening ' with "
                 .replace(/([^\\]|(?:\\\\)+)'(,|:|}|$)/g, '$1"$2') // Replace closing ' with "
@@ -1189,6 +1207,30 @@ class Utils {
         }[token];
     }
 
+    /**
+     * Iterate object in chunks of given size.
+     *
+     * @param {Iterable} iterable
+     * @param {number} chunksize
+     */
+    static* chunked(iterable, chunksize) {
+        const iterator = iterable[Symbol.iterator]();
+        while (true) {
+            const res = [];
+            for (let i = 0; i < chunksize; i++) {
+                const next = iterator.next();
+                if (next.done) {
+                    break;
+                }
+                res.push(next.value);
+            }
+            if (res.length) {
+                yield res;
+            } else {
+                return;
+            }
+        }
+    }
 }
 
 /**

src/core/config/Categories.json

@@ -18,15 +18,17 @@
             "From Binary",
             "To Octal",
             "From Octal",
-            "To Base64",
-            "From Base64",
-            "Show Base64 offsets",
             "To Base32",
             "From Base32",
+            "To Base45",
+            "From Base45",
             "To Base58",
             "From Base58",
             "To Base62",
             "From Base62",
+            "To Base64",
+            "From Base64",
+            "Show Base64 offsets",
             "To Base85",
             "From Base85",
             "To Base",
@@ -61,7 +63,9 @@
             "Parse TLV",
             "CSV to JSON",
             "JSON to CSV",
-            "Avro to JSON"
+            "Avro to JSON",
+            "CBOR Encode",
+            "CBOR Decode"
         ]
     },
     {
@@ -116,7 +120,8 @@
             "Multiple Bombe",
             "Typex",
             "Lorenz",
-            "Colossus"
+            "Colossus",
+            "SIGABA"
         ]
     },
     {
@@ -189,8 +194,13 @@
             "URL Encode",
             "URL Decode",
             "Protobuf Decode",
+            "Protobuf Encode",
             "VarInt Encode",
             "VarInt Decode",
+            "JA3 Fingerprint",
+            "JA3S Fingerprint",
+            "HASSH Client Fingerprint",
+            "HASSH Server Fingerprint",
             "Format MAC addresses",
             "Change IP format",
             "Group IP addresses",
@@ -223,6 +233,7 @@
             "From Case Insensitive Regex",
             "Add line numbers",
             "Remove line numbers",
+            "Get All Casings",
             "To Table",
             "Reverse",
             "Sort",
@@ -238,6 +249,7 @@
             "Pad lines",
             "Find / Replace",
             "Regular expression",
+            "Fuzzy Match",
             "Offset checker",
             "Hamming Distance",
             "Convert distance",
@@ -267,6 +279,7 @@
             "Windows Filetime to UNIX Timestamp",
             "UNIX Timestamp to Windows Filetime",
             "Extract dates",
+            "Get Time",
             "Sleep"
         ]
     },
@@ -286,6 +299,7 @@
             "JPath expression",
             "CSS selector",
             "Extract EXIF",
+            "Extract ID3",
             "Extract Files"
         ]
     },
@@ -319,6 +333,7 @@
             "SHA1",
             "SHA2",
             "SHA3",
+            "SM3",
             "Keccak",
             "Shake",
             "RIPEMD",

src/core/config/scripts/newOperation.mjs

@@ -121,7 +121,7 @@ prompt.get(schema, (err, result) => {
 
     const moduleName = result.opName.replace(/\w\S*/g, txt => {
         return txt.charAt(0).toUpperCase() + txt.substr(1);
-    }).replace(/[\s-()/./]/g, "");
+    }).replace(/[\s-()./]/g, "");
 
 
     const template = `/**

src/core/errors/index.mjs

@@ -1,6 +1,6 @@
 import OperationError from "./OperationError.mjs";
 import DishError from "./DishError.mjs";
-import ExcludedOperationError from "./ExcludedOperationError";
+import ExcludedOperationError from "./ExcludedOperationError.mjs";
 
 export {
     OperationError,

src/core/lib/Base45.mjs

@@ -0,0 +1,27 @@
+/**
+ * Base45 resources.
+ *
+ * @author Thomas Weißschuh [thomas@t-8ch.de]
+ * @copyright Crown Copyright 2021
+ * @license Apache-2.0
+ */
+
+/**
+ * Highlight to Base45
+ */
+export function highlightToBase45(pos, args) {
+    pos[0].start = Math.floor(pos[0].start / 2) * 3;
+    pos[0].end = Math.ceil(pos[0].end / 2) * 3;
+    return pos;
+}
+
+/**
+ * Highlight from Base45
+ */
+export function highlightFromBase45(pos, args) {
+    pos[0].start = Math.floor(pos[0].start / 3) * 2;
+    pos[0].end = Math.ceil(pos[0].end / 3) * 2;
+    return pos;
+}
+
+export const ALPHABET = "0-9A-Z $%*+\\-./:";

src/core/lib/Base64.mjs

@@ -148,4 +148,8 @@ export const ALPHABET_OPTIONS = [
     {name: "BinHex: !-,-0-689@A-NP-VX-Z[`a-fh-mp-r", value: "!-,-0-689@A-NP-VX-Z[`a-fh-mp-r"},
     {name: "ROT13: N-ZA-Mn-za-m0-9+/=", value: "N-ZA-Mn-za-m0-9+/="},
     {name: "UNIX crypt: ./0-9A-Za-z", value: "./0-9A-Za-z"},
+    {name: "Atom128: /128GhIoPQROSTeUbADfgHijKLM+n0pFWXY456xyzB7=39VaqrstJklmNuZvwcdEC", value: "/128GhIoPQROSTeUbADfgHijKLM+n0pFWXY456xyzB7=39VaqrstJklmNuZvwcdEC"},
+    {name: "Megan35: 3GHIJKLMNOPQRSTUb=cdefghijklmnopWXYZ/12+406789VaqrstuvwxyzABCDEF5", value: "3GHIJKLMNOPQRSTUb=cdefghijklmnopWXYZ/12+406789VaqrstuvwxyzABCDEF5"},
+    {name: "Zong22: ZKj9n+yf0wDVX1s/5YbdxSo=ILaUpPBCHg8uvNO4klm6iJGhQ7eFrWczAMEq3RTt2", value: "ZKj9n+yf0wDVX1s/5YbdxSo=ILaUpPBCHg8uvNO4klm6iJGhQ7eFrWczAMEq3RTt2"},
+    {name: "Hazz15: HNO4klm6ij9n+J2hyf0gzA8uvwDEq3X1Q7ZKeFrWcVTts/MRGYbdxSo=ILaUpPBC5", value: "HNO4klm6ij9n+J2hyf0gzA8uvwDEq3X1Q7ZKeFrWcVTts/MRGYbdxSo=ILaUpPBC5"}
 ];

src/core/lib/Base85.mjs

@@ -32,9 +32,9 @@ export const ALPHABET_OPTIONS = [
  * @returns {string}
  */
 export function alphabetName(alphabet) {
-    alphabet = alphabet.replace("'", "'");
-    alphabet = alphabet.replace("\"", """);
-    alphabet = alphabet.replace("\\", "\");
+    alphabet = alphabet.replace(/'/g, "'");
+    alphabet = alphabet.replace(/"/g, """);
+    alphabet = alphabet.replace(/\\/g, "\");
     let name;
 
     ALPHABET_OPTIONS.forEach(function(a) {

src/core/lib/Binary.mjs

@@ -7,6 +7,7 @@
  */
 
 import Utils from "../Utils.mjs";
+import OperationError from "../errors/OperationError.mjs";
 
 
 /**
@@ -58,6 +59,9 @@ export function toBinary(data, delim="Space", padding=8) {
  * fromBinary("00010000:00100000:00110000", "Colon");
  */
 export function fromBinary(data, delim="Space", byteLen=8) {
+    if (byteLen < 1 || Math.round(byteLen) !== byteLen)
+        throw new OperationError("Byte length must be a positive integer");
+
     const delimRegex = Utils.regexRep(delim);
     data = data.replace(delimRegex, "");
 

src/core/lib/BitwiseOp.mjs

@@ -34,10 +34,10 @@ export function bitOp (input, key, func, nullPreserving, scheme) {
             !(nullPreserving && (o === 0 || o === k))) {
             switch (scheme) {
                 case "Input differential":
-                    key[i % key.length] = x;
+                    key[i % key.length] = o;
                     break;
                 case "Output differential":
-                    key[i % key.length] = o;
+                    key[i % key.length] = x;
                     break;
             }
         }

src/core/lib/Charts.mjs

@@ -6,6 +6,7 @@
  */
 
 import OperationError from "../errors/OperationError.mjs";
+import Utils from "../Utils.mjs";
 
 /**
  * @constant
@@ -86,8 +87,8 @@ export function getScatterValues(input, recordDelimiter, fieldDelimiter, columnH
     }
 
     values = values.map(row => {
-        const x = parseFloat(row[0], 10),
-            y = parseFloat(row[1], 10);
+        const x = parseFloat(row[0]),
+            y = parseFloat(row[1]);
 
         if (Number.isNaN(x)) throw new OperationError("Values must be numbers in base 10.");
         if (Number.isNaN(y)) throw new OperationError("Values must be numbers in base 10.");
@@ -121,14 +122,14 @@ export function getScatterValuesWithColour(input, recordDelimiter, fieldDelimite
     }
 
     values = values.map(row => {
-        const x = parseFloat(row[0], 10),
-            y = parseFloat(row[1], 10),
+        const x = parseFloat(row[0]),
+            y = parseFloat(row[1]),
             colour = row[2];
 
         if (Number.isNaN(x)) throw new OperationError("Values must be numbers in base 10.");
         if (Number.isNaN(y)) throw new OperationError("Values must be numbers in base 10.");
 
-        return [x, y, colour];
+        return [x, y, Utils.escapeHtml(colour)];
     });
 
     return { headings, values };
@@ -157,7 +158,7 @@ export function getSeriesValues(input, recordDelimiter, fieldDelimiter, columnHe
     values.forEach(row => {
         const serie = row[0],
             xVal = row[1],
-            val = parseFloat(row[2], 10);
+            val = parseFloat(row[2]);
 
         if (Number.isNaN(val)) throw new OperationError("Values must be numbers in base 10.");
 

src/core/lib/Crypt.mjs

@@ -0,0 +1,9 @@
+/**
+ * Crypt resources.
+ *
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2021
+ * @license Apache-2.0
+ */
+
+export const cryptNotice = "WARNING: Cryptographic operations in CyberChef should not be relied upon to provide security in any situation. No guarantee is offered for their correctness. We advise you not to use keys generated from CyberChef in operational contexts.";

src/core/lib/FileSignatures.mjs

@@ -2197,14 +2197,14 @@ export const FILE_SIGNATURES = {
             mime: "application/octet-stream",
             description: "",
             signature: {
-                0: 0x6b, // keych
+                0: 0x6b, // kych
                 1: 0x79,
                 2: 0x63,
                 3: 0x68,
                 4: 0x00,
                 5: 0x01
             },
-            extractor: null
+            extractor: extractMacOSXKeychain
         },
         {
             name: "TCP Packet",
@@ -2355,6 +2355,12 @@ export const FILE_SIGNATURES = {
                     1: 0x03,
                     2: 0xc6,
                     3: 0x04
+                },
+                {
+                    0: 0x95,
+                    1: 0x05,
+                    2: 0x86,
+                    3: 0x04
                 }
             ],
             extractor: null
@@ -3406,6 +3412,26 @@ export function extractPListXML(bytes, offset) {
 }
 
 
+/**
+ * MacOS X Keychain Extactor.
+ *
+ * @param {Uint8Array} bytes
+ * @param {number} offset
+ * @returns {Uint8Array}
+ */
+export function extractMacOSXKeychain(bytes, offset) {
+    const stream = new Stream(bytes.slice(offset));
+
+    // Move to size field.
+    stream.moveTo(0x14);
+
+    // Move forwards by size.
+    stream.moveForwardsBy(stream.readInt(4));
+
+    return stream.carve();
+}
+
+
 /**
  * OLE2 extractor.
  *

src/core/lib/FileType.mjs

@@ -213,7 +213,7 @@ function locatePotentialSig(buf, sig, offset) {
 export function isType(type, buf) {
     const types = detectFileType(buf);
 
-    if (!(types && types.length)) return false;
+    if (!types.length) return false;
 
     if (typeof type === "string") {
         return types.reduce((acc, t) => {

src/core/lib/FuzzyMatch.mjs

@@ -0,0 +1,253 @@
+/**
+ * LICENSE
+ *
+ *   This software is dual-licensed to the public domain and under the following
+ *   license: you are granted a perpetual, irrevocable license to copy, modify,
+ *   publish, and distribute this file as you see fit.
+ *
+ * VERSION
+ *   0.1.0  (2016-03-28)  Initial release
+ *
+ * AUTHOR
+ *   Forrest Smith
+ *
+ * CONTRIBUTORS
+ *   J<>rgen Tjern<72> - async helper
+ *   Anurag Awasthi - updated to 0.2.0
+ */
+
+export const DEFAULT_WEIGHTS = {
+    sequentialBonus: 15, // bonus for adjacent matches
+    separatorBonus: 30, // bonus if match occurs after a separator
+    camelBonus: 30, // bonus if match is uppercase and prev is lower
+    firstLetterBonus: 15, // bonus if the first letter is matched
+
+    leadingLetterPenalty: -5, // penalty applied for every letter in str before the first match
+    maxLeadingLetterPenalty: -15, // maximum penalty for leading letters
+    unmatchedLetterPenalty: -1
+};
+
+/**
+ * Does a fuzzy search to find pattern inside a string.
+ * @param {string} pattern        pattern to search for
+ * @param {string} str            string which is being searched
+ * @param {boolean} global        whether to search for all matches or just one
+ * @returns [boolean, number]       a boolean which tells if pattern was
+ *                                  found or not and a search score
+ */
+export function fuzzyMatch(pattern, str, global=false, weights=DEFAULT_WEIGHTS) {
+    const recursionCount = 0;
+    const recursionLimit = 10;
+    const matches = [];
+    const maxMatches = 256;
+
+    if (!global) {
+        return fuzzyMatchRecursive(
+            pattern,
+            str,
+            0 /* patternCurIndex */,
+            0 /* strCurrIndex */,
+            null /* srcMatches */,
+            matches,
+            maxMatches,
+            0 /* nextMatch */,
+            recursionCount,
+            recursionLimit,
+            weights
+        );
+    }
+
+    // Return all matches
+    let foundMatch = true,
+        score,
+        idxs,
+        strCurrIndex = 0;
+    const results = [];
+
+    while (foundMatch) {
+        [foundMatch, score, idxs] = fuzzyMatchRecursive(
+            pattern,
+            str,
+            0 /* patternCurIndex */,
+            strCurrIndex,
+            null /* srcMatches */,
+            matches,
+            maxMatches,
+            0 /* nextMatch */,
+            recursionCount,
+            recursionLimit,
+            weights
+        );
+        if (foundMatch) results.push([foundMatch, score, [...idxs]]);
+        strCurrIndex = idxs[idxs.length - 1] + 1;
+    }
+    return results;
+}
+
+/**
+ * Recursive helper function
+ */
+function fuzzyMatchRecursive(
+    pattern,
+    str,
+    patternCurIndex,
+    strCurrIndex,
+    srcMatches,
+    matches,
+    maxMatches,
+    nextMatch,
+    recursionCount,
+    recursionLimit,
+    weights
+) {
+    let outScore = 0;
+
+    // Return if recursion limit is reached.
+    if (++recursionCount >= recursionLimit) {
+        return [false, outScore, []];
+    }
+
+    // Return if we reached ends of strings.
+    if (patternCurIndex === pattern.length || strCurrIndex === str.length) {
+        return [false, outScore, []];
+    }
+
+    // Recursion params
+    let recursiveMatch = false;
+    let bestRecursiveMatches = [];
+    let bestRecursiveScore = 0;
+
+    // Loop through pattern and str looking for a match.
+    let firstMatch = true;
+    while (patternCurIndex < pattern.length && strCurrIndex < str.length) {
+        // Match found.
+        if (
+            pattern[patternCurIndex].toLowerCase() === str[strCurrIndex].toLowerCase()
+        ) {
+            if (nextMatch >= maxMatches) {
+                return [false, outScore, []];
+            }
+
+            if (firstMatch && srcMatches) {
+                matches = [...srcMatches];
+                firstMatch = false;
+            }
+
+            const [matched, recursiveScore, recursiveMatches] = fuzzyMatchRecursive(
+                pattern,
+                str,
+                patternCurIndex,
+                strCurrIndex + 1,
+                matches,
+                recursiveMatches,
+                maxMatches,
+                nextMatch,
+                recursionCount,
+                recursionLimit,
+                weights
+            );
+
+            if (matched) {
+                // Pick best recursive score.
+                if (!recursiveMatch || recursiveScore > bestRecursiveScore) {
+                    bestRecursiveMatches = [...recursiveMatches];
+                    bestRecursiveScore = recursiveScore;
+                }
+                recursiveMatch = true;
+            }
+
+            matches[nextMatch++] = strCurrIndex;
+            ++patternCurIndex;
+        }
+        ++strCurrIndex;
+    }
+
+    const matched = patternCurIndex === pattern.length;
+
+    if (matched) {
+        outScore = 100;
+
+        // Apply leading letter penalty
+        let penalty = weights.leadingLetterPenalty * matches[0];
+        penalty =
+            penalty < weights.maxLeadingLetterPenalty ?
+                weights.maxLeadingLetterPenalty :
+                penalty;
+        outScore += penalty;
+
+        // Apply unmatched penalty
+        const unmatched = str.length - nextMatch;
+        outScore += weights.unmatchedLetterPenalty * unmatched;
+
+        // Apply ordering bonuses
+        for (let i = 0; i < nextMatch; i++) {
+            const currIdx = matches[i];
+
+            if (i > 0) {
+                const prevIdx = matches[i - 1];
+                if (currIdx === prevIdx + 1) {
+                    outScore += weights.sequentialBonus;
+                }
+            }
+
+            // Check for bonuses based on neighbor character value.
+            if (currIdx > 0) {
+                // Camel case
+                const neighbor = str[currIdx - 1];
+                const curr = str[currIdx];
+                if (
+                    neighbor !== neighbor.toUpperCase() &&
+                    curr !== curr.toLowerCase()
+                ) {
+                    outScore += weights.camelBonus;
+                }
+                const isNeighbourSeparator = neighbor === "_" || neighbor === " ";
+                if (isNeighbourSeparator) {
+                    outScore += weights.separatorBonus;
+                }
+            } else {
+                // First letter
+                outScore += weights.firstLetterBonus;
+            }
+        }
+
+        // Return best result
+        if (recursiveMatch && (!matched || bestRecursiveScore > outScore)) {
+            // Recursive score is better than "this"
+            matches = bestRecursiveMatches;
+            outScore = bestRecursiveScore;
+            return [true, outScore, matches];
+        } else if (matched) {
+            // "this" score is better than recursive
+            return [true, outScore, matches];
+        } else {
+            return [false, outScore, matches];
+        }
+    }
+    return [false, outScore, matches];
+}
+
+/**
+ * Turns a list of match indexes into a list of match ranges
+ *
+ * @author n1474335 [n1474335@gmail.com]
+ * @param [number] matches
+ * @returns [[number]]
+ */
+export function calcMatchRanges(matches) {
+    const ranges = [];
+    let start = matches[0],
+        curr = start;
+
+    matches.forEach(m => {
+        if (m === curr || m === curr + 1) curr = m;
+        else {
+            ranges.push([start, curr - start + 1]);
+            start = m;
+            curr = m;
+        }
+    });
+
+    ranges.push([start, curr - start + 1]);
+    return ranges;
+}

src/core/lib/Hex.mjs

@@ -7,6 +7,7 @@
  */
 
 import Utils from "../Utils.mjs";
+import OperationError from "../errors/OperationError.mjs";
 
 
 /**
@@ -100,6 +101,9 @@ export function toHexFast(data) {
  * fromHex("0a:14:1e", "Colon");
  */
 export function fromHex(data, delim="Auto", byteLen=2) {
+    if (byteLen < 1 || Math.round(byteLen) !== byteLen)
+        throw new OperationError("Byte length must be a positive integer");
+
     if (delim !== "None") {
         const delimRegex = delim === "Auto" ? /[^a-f\d]|(0x)/gi : Utils.regexRep(delim);
         data = data.replace(delimRegex, "");

src/core/lib/JWT.mjs

@@ -0,0 +1,24 @@
+/**
+ * JWT resources
+ *
+ * @author mt3571 [mt3571@protonmail.com]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+
+/**
+ * List of the JWT algorithms that can be used
+ */
+export const JWT_ALGORITHMS = [
+    "HS256",
+    "HS384",
+    "HS512",
+    "RS256",
+    "RS384",
+    "RS512",
+    "ES256",
+    "ES384",
+    "ES512",
+    "None"
+];

src/core/lib/Magic.mjs

@@ -1,4 +1,4 @@
-import OperationConfig from "../config/OperationConfig.json";
+import OperationConfig from "../config/OperationConfig.json" assert {type: "json"};
 import Utils, { isWorkerEnvironment } from "../Utils.mjs";
 import Recipe from "../Recipe.mjs";
 import Dish from "../Dish.mjs";

src/core/lib/Protobuf.mjs

@@ -1,4 +1,5 @@
 import Utils from "../Utils.mjs";
+import protobuf from "protobufjs";
 
 /**
  * Protobuf lib. Contains functions to decode protobuf serialised
@@ -32,9 +33,10 @@ class Protobuf {
         this.MSB = 0x80;
         this.VALUE = 0x7f;
 
-        // Declare offset and length
+        // Declare offset, length, and field type object
         this.offset = 0;
         this.LENGTH = data.length;
+        this.fieldTypes = {};
     }
 
     // Public Functions
@@ -76,15 +78,281 @@ class Protobuf {
         return pb._varInt();
     }
 
+    /**
+     * Encode input JSON according to the given schema
+     *
+     * @param {Object} input
+     * @param {Object []} args
+     * @returns {Object}
+     */
+    static encode(input, args) {
+        this.updateProtoRoot(args[0]);
+        if (!this.mainMessageName) {
+            throw new Error("Schema Error: Schema not defined");
+        }
+        const message = this.parsedProto.root.nested[this.mainMessageName];
+
+        // Convert input into instance of message, and verify instance
+        input = message.fromObject(input);
+        const error = message.verify(input);
+        if (error) {
+            throw new Error("Input Error: " + error);
+        }
+        // Encode input
+        const output = message.encode(input).finish();
+        return new Uint8Array(output).buffer;
+    }
+
     /**
      * Parse Protobuf data
      *
      * @param {byteArray} input
      * @returns {Object}
      */
-    static decode(input) {
+    static decode(input, args) {
+        this.updateProtoRoot(args[0]);
+        this.showUnknownFields = args[1];
+        this.showTypes = args[2];
+        return this.mergeDecodes(input);
+    }
+
+    /**
+     * Update the parsedProto, throw parsing errors
+     *
+     * @param {string} protoText
+     */
+    static updateProtoRoot(protoText) {
+        try {
+            this.parsedProto = protobuf.parse(protoText);
+            if (this.parsedProto.package) {
+                this.parsedProto.root = this.parsedProto.root.nested[this.parsedProto.package];
+            }
+            this.updateMainMessageName();
+        } catch (error) {
+            throw new Error("Schema " + error);
+        }
+    }
+
+    /**
+     * Set mainMessageName to the first instance of a message defined in the schema that is not a submessage
+     *
+     */
+    static updateMainMessageName() {
+        const messageNames = [];
+        const fieldTypes = [];
+        this.parsedProto.root.nestedArray.forEach(block => {
+            if (block instanceof protobuf.Type) {
+                messageNames.push(block.name);
+                this.parsedProto.root.nested[block.name].fieldsArray.forEach(field => {
+                    fieldTypes.push(field.type);
+                });
+            }
+        });
+
+        if (messageNames.length === 0) {
+            this.mainMessageName = null;
+        } else {
+            // for (const name of messageNames) {
+            //     if (!fieldTypes.includes(name)) {
+            //         this.mainMessageName = name;
+            //         break;
+            //     }
+            // }
+            this.mainMessageName = messageNames[0];
+        }
+    }
+
+    /**
+     * Decode input using Protobufjs package and raw methods, compare, and merge results
+     *
+     * @param {byteArray} input
+     * @returns {Object}
+     */
+    static mergeDecodes(input) {
         const pb = new Protobuf(input);
-        return pb._parse();
+        let rawDecode = pb._parse();
+        let message;
+
+        if (this.showTypes) {
+            rawDecode = this.showRawTypes(rawDecode, pb.fieldTypes);
+            this.parsedProto.root = this.appendTypesToFieldNames(this.parsedProto.root);
+        }
+
+        try {
+            message = this.parsedProto.root.nested[this.mainMessageName];
+            const packageDecode = message.toObject(message.decode(input), {
+                bytes: String,
+                longs: Number,
+                enums: String,
+                defualts: true
+            });
+            const output = {};
+
+            if (this.showUnknownFields) {
+                output[message.name] = packageDecode;
+                output["Unknown Fields"] = this.compareFields(rawDecode, message);
+                return output;
+            } else {
+                return packageDecode;
+            }
+
+        } catch (error) {
+            if (message) {
+                throw new Error("Input " + error);
+            } else {
+                return rawDecode;
+            }
+        }
+    }
+
+    /**
+     * Replace fieldnames with fieldname and type
+     *
+     * @param {Object} schemaRoot
+     * @returns {Object}
+     */
+    static appendTypesToFieldNames(schemaRoot) {
+        for (const block of schemaRoot.nestedArray) {
+            if (block instanceof protobuf.Type) {
+                for (const [fieldName, fieldData] of Object.entries(block.fields)) {
+                    schemaRoot.nested[block.name].remove(block.fields[fieldName]);
+                    schemaRoot.nested[block.name].add(new protobuf.Field(`${fieldName} (${fieldData.type})`, fieldData.id, fieldData.type, fieldData.rule));
+                }
+            }
+        }
+        return schemaRoot;
+    }
+
+    /**
+     * Add field type to field name for fields in the raw decoded output
+     *
+     * @param {Object} rawDecode
+     * @param {Object} fieldTypes
+     * @returns {Object}
+     */
+    static showRawTypes(rawDecode, fieldTypes) {
+        for (const [fieldNum, value] of Object.entries(rawDecode)) {
+            const fieldType = fieldTypes[fieldNum];
+            let outputFieldValue;
+            let outputFieldType;
+
+            // Submessages
+            if (isNaN(fieldType)) {
+                outputFieldType = 2;
+
+                // Repeated submessages
+                if (Array.isArray(value)) {
+                    const fieldInstances = [];
+                    for (const instance of Object.keys(value)) {
+                        if (typeof(value[instance]) !== "string") {
+                            fieldInstances.push(this.showRawTypes(value[instance], fieldType));
+                        } else {
+                            fieldInstances.push(value[instance]);
+                        }
+                    }
+                    outputFieldValue = fieldInstances;
+
+                // Single submessage
+                } else {
+                    outputFieldValue = this.showRawTypes(value, fieldType);
+                }
+
+            // Non-submessage field
+            } else {
+                outputFieldType = fieldType;
+                outputFieldValue = value;
+            }
+
+            // Substitute fieldNum with field number and type
+            rawDecode[`field #${fieldNum}: ${this.getTypeInfo(outputFieldType)}`] = outputFieldValue;
+            delete rawDecode[fieldNum];
+        }
+        return rawDecode;
+    }
+
+    /**
+     * Compare raw decode to package decode and return discrepancies
+     *
+     * @param rawDecodedMessage
+     * @param schemaMessage
+     * @returns {Object}
+     */
+    static compareFields(rawDecodedMessage, schemaMessage) {
+        // Define message data using raw decode output and schema
+        const schemaFieldProperties = {};
+        const schemaFieldNames = Object.keys(schemaMessage.fields);
+        schemaFieldNames.forEach(field => schemaFieldProperties[schemaMessage.fields[field].id] = field);
+
+        // Loop over each field present in the raw decode output
+        for (const fieldName in rawDecodedMessage) {
+            let fieldId;
+            if (isNaN(fieldName)) {
+                fieldId = fieldName.match(/^field #(\d+)/)[1];
+            } else {
+                fieldId = fieldName;
+            }
+
+            // Check if this field is defined in the schema
+            if (fieldId in schemaFieldProperties) {
+                const schemaFieldName = schemaFieldProperties[fieldId];
+
+                // Extract the current field data from the raw decode and schema
+                const rawFieldData = rawDecodedMessage[fieldName];
+                const schemaField = schemaMessage.fields[schemaFieldName];
+
+                // Check for repeated fields
+                if (Array.isArray(rawFieldData) && !schemaField.repeated) {
+                    rawDecodedMessage[`(${schemaMessage.name}) ${schemaFieldName} is a repeated field`] = rawFieldData;
+                }
+
+                // Check for submessage fields
+                if (schemaField.resolvedType instanceof protobuf.Type) {
+                    const subMessageType = schemaMessage.fields[schemaFieldName].type;
+                    const schemaSubMessage = this.parsedProto.root.nested[subMessageType];
+                    const rawSubMessages = rawDecodedMessage[fieldName];
+                    let rawDecodedSubMessage = {};
+
+                    // Squash multiple submessage instances into one submessage
+                    if (Array.isArray(rawSubMessages)) {
+                        rawSubMessages.forEach(subMessageInstance => {
+                            const instanceFields = Object.entries(subMessageInstance);
+                            instanceFields.forEach(subField => {
+                                rawDecodedSubMessage[subField[0]] = subField[1];
+                            });
+                        });
+                    } else {
+                        rawDecodedSubMessage = rawSubMessages;
+                    }
+
+                    // Treat submessage as own message and compare its fields
+                    rawDecodedSubMessage = Protobuf.compareFields(rawDecodedSubMessage, schemaSubMessage);
+                    if (Object.entries(rawDecodedSubMessage).length !== 0) {
+                        rawDecodedMessage[`${schemaFieldName} (${subMessageType}) has missing fields`] = rawDecodedSubMessage;
+                    }
+                }
+                delete rawDecodedMessage[fieldName];
+            }
+        }
+        return rawDecodedMessage;
+    }
+
+    /**
+     * Returns wiretype information for input wiretype number
+     *
+     * @param {number} wireType
+     * @returns {string}
+     */
+    static getTypeInfo(wireType) {
+        switch (wireType) {
+            case 0:
+                return "VarInt (e.g. int32, bool)";
+            case 1:
+                return "64-Bit (e.g. fixed64, double)";
+            case 2:
+                return "L-delim (e.g. string, message)";
+            case 5:
+                return "32-Bit (e.g. fixed32, float)";
+        }
     }
 
     // Private Class Functions
@@ -143,6 +411,11 @@ class Protobuf {
         const header = this._fieldHeader();
         const type = header.type;
         const key = header.key;
+
+        if (typeof(this.fieldTypes[key]) !== "object") {
+            this.fieldTypes[key] = type;
+        }
+
         switch (type) {
             // varint
             case 0:
@@ -152,7 +425,7 @@ class Protobuf {
                 return { "key": key, "value": this._uint64() };
             // length delimited
             case 2:
-                return { "key": key, "value": this._lenDelim() };
+                return { "key": key, "value": this._lenDelim(key) };
             // fixed 32
             case 5:
                 return { "key": key, "value": this._uint32() };
@@ -237,10 +510,10 @@ class Protobuf {
      * @returns {number}
      */
     _uint64() {
-        // Read off a Uint64
-        let num = this.data[this.offset++] * 0x1000000 + (this.data[this.offset++] << 16) + (this.data[this.offset++] << 8) + this.data[this.offset++];
-        num = num * 0x100000000 + this.data[this.offset++] * 0x1000000 + (this.data[this.offset++] << 16) + (this.data[this.offset++] << 8) + this.data[this.offset++];
-        return num;
+        // Read off a Uint64 with little-endian
+        const lowerHalf = this.data[this.offset++] + (this.data[this.offset++] * 0x100) + (this.data[this.offset++] * 0x10000) + this.data[this.offset++] * 0x1000000;
+        const upperHalf = this.data[this.offset++] + (this.data[this.offset++] * 0x100) + (this.data[this.offset++] * 0x10000) + this.data[this.offset++] * 0x1000000;
+        return upperHalf * 0x100000000 + lowerHalf;
     }
 
     /**
@@ -249,7 +522,7 @@ class Protobuf {
      * @private
      * @returns {Object|string}
      */
-    _lenDelim() {
+    _lenDelim(fieldNum) {
         // Read off the field length
         const length = this._varInt();
         const fieldBytes = this.data.slice(this.offset, this.offset + length);
@@ -258,6 +531,10 @@ class Protobuf {
             // Attempt to parse as a new Protobuf Object
             const pbObject = new Protobuf(fieldBytes);
             field = pbObject._parse();
+
+            // Set field types object
+            this.fieldTypes[fieldNum] = {...this.fieldTypes[fieldNum], ...pbObject.fieldTypes};
+
         } catch (err) {
             // Otherwise treat as bytes
             field = Utils.byteArrayToChars(fieldBytes);
@@ -276,7 +553,7 @@ class Protobuf {
     _uint32() {
         // Use a dataview to read off the integer
         const dataview = new DataView(new Uint8Array(this.data.slice(this.offset, this.offset + 4)).buffer);
-        const value = dataview.getUint32(0);
+        const value = dataview.getUint32(0, true);
         this.offset += 4;
         return value;
     }

src/core/lib/PublicKey.mjs

@@ -15,7 +15,7 @@ import { toHex, fromHex } from "./Hex.mjs";
  * @param {number} indent
  * @returns {string}
  */
-export function formatDnStr (dnStr, indent) {
+export function formatDnStr(dnStr, indent) {
     const fields = dnStr.substr(1).replace(/([^\\])\//g, "$1$1/").split(/[^\\]\//);
     let output = "",
         maxKeyLen = 0,
@@ -54,7 +54,7 @@ export function formatDnStr (dnStr, indent) {
  * @param {number} indent
  * @returns {string}
  */
-export function formatByteStr (byteStr, length, indent) {
+export function formatByteStr(byteStr, length, indent) {
     byteStr = toHex(fromHex(byteStr), ":");
     length = length * 3;
     let output = "";

src/core/lib/SIGABA.mjs

@@ -0,0 +1,502 @@
+/**
+ * Emulation of the SIGABA machine
+ *
+ * @author hettysymes
+ * @copyright hettysymes 2020
+ * @license Apache-2.0
+ */
+
+/**
+ * A set of randomised example SIGABA cipher/control rotors (these rotors are interchangeable). Cipher and control rotors can be referred to as C and R rotors respectively.
+ */
+export const CR_ROTORS = [
+    {name: "Example 1", value: "SRGWANHPJZFXVIDQCEUKBYOLMT"},
+    {name: "Example 2", value: "THQEFSAZVKJYULBODCPXNIMWRG"},
+    {name: "Example 3", value: "XDTUYLEVFNQZBPOGIRCSMHWKAJ"},
+    {name: "Example 4", value: "LOHDMCWUPSTNGVXYFJREQIKBZA"},
+    {name: "Example 5", value: "ERXWNZQIJYLVOFUMSGHTCKPBDA"},
+    {name: "Example 6", value: "FQECYHJIOUMDZVPSLKRTGWXBAN"},
+    {name: "Example 7", value: "TBYIUMKZDJSOPEWXVANHLCFQGR"},
+    {name: "Example 8", value: "QZUPDTFNYIAOMLEBWJXCGHKRSV"},
+    {name: "Example 9", value: "CZWNHEMPOVXLKRSIDGJFYBTQAU"},
+    {name: "Example 10", value: "ENPXJVKYQBFZTICAGMOHWRLDUS"}
+];
+
+/**
+ * A set of randomised example SIGABA index rotors (may be referred to as I rotors).
+ */
+export const I_ROTORS = [
+    {name: "Example 1", value: "6201348957"},
+    {name: "Example 2", value: "6147253089"},
+    {name: "Example 3", value: "8239647510"},
+    {name: "Example 4", value: "7194835260"},
+    {name: "Example 5", value: "4873205916"}
+];
+
+export const NUMBERS = "0123456789".split("");
+
+/**
+ * Converts a letter to uppercase (if it already isn't)
+ *
+ * @param {char} letter - letter to convert to uppercase
+ * @returns {char}
+ */
+export function convToUpperCase(letter) {
+    const charCode = letter.charCodeAt();
+    if (97<=charCode && charCode<=122) {
+        return String.fromCharCode(charCode-32);
+    }
+    return letter;
+}
+
+/**
+ * The SIGABA machine consisting of the 3 rotor banks: cipher, control and index banks.
+ */
+export class SigabaMachine {
+
+    /**
+     * SigabaMachine constructor
+     *
+     * @param {Object[]} cipherRotors - list of CRRotors
+     * @param {Object[]} controlRotors - list of CRRotors
+     * @param {object[]} indexRotors - list of IRotors
+     */
+    constructor(cipherRotors, controlRotors, indexRotors) {
+        this.cipherBank = new CipherBank(cipherRotors);
+        this.controlBank = new ControlBank(controlRotors);
+        this.indexBank = new IndexBank(indexRotors);
+    }
+
+    /**
+     * Steps all the correct rotors in the machine.
+     */
+    step() {
+        const controlOut = this.controlBank.goThroughControl();
+        const indexOut = this.indexBank.goThroughIndex(controlOut);
+        this.cipherBank.step(indexOut);
+    }
+
+    /**
+     * Encrypts a letter. A space is converted to a "Z" before encryption, and a "Z" is converted to an "X". This allows spaces to be encrypted.
+     *
+     * @param {char} letter - letter to encrypt
+     * @returns {char}
+     */
+    encryptLetter(letter) {
+        letter = convToUpperCase(letter);
+        if (letter === " ") {
+            letter = "Z";
+        } else if (letter === "Z") {
+            letter = "X";
+        }
+        const encryptedLetter = this.cipherBank.encrypt(letter);
+        this.step();
+        return encryptedLetter;
+    }
+
+    /**
+     * Decrypts a letter. A letter decrypted as a "Z" is converted to a space before it is output, since spaces are converted to "Z"s before encryption.
+     *
+     * @param {char} letter - letter to decrypt
+     * @returns {char}
+     */
+    decryptLetter(letter) {
+        letter = convToUpperCase(letter);
+        let decryptedLetter = this.cipherBank.decrypt(letter);
+        if (decryptedLetter === "Z") {
+            decryptedLetter = " ";
+        }
+        this.step();
+        return decryptedLetter;
+    }
+
+    /**
+     * Encrypts a message of one or more letters
+     *
+     * @param {string} msg - message to encrypt
+     * @returns {string}
+     */
+    encrypt(msg) {
+        let ciphertext = "";
+        for (const letter of msg) {
+            ciphertext = ciphertext.concat(this.encryptLetter(letter));
+        }
+        return ciphertext;
+    }
+
+    /**
+     * Decrypts a message of one or more letters
+     *
+     * @param {string} msg - message to decrypt
+     * @returns {string}
+     */
+    decrypt(msg) {
+        let plaintext = "";
+        for (const letter of msg) {
+            plaintext = plaintext.concat(this.decryptLetter(letter));
+        }
+        return plaintext;
+    }
+
+}
+
+/**
+ * The cipher rotor bank consists of 5 cipher rotors in either a forward or reversed orientation.
+ */
+export class CipherBank {
+
+    /**
+     * CipherBank constructor
+     *
+     * @param {Object[]} rotors - list of CRRotors
+     */
+    constructor(rotors) {
+        this.rotors = rotors;
+    }
+
+    /**
+     * Encrypts a letter through the cipher rotors (signal goes from left-to-right)
+     *
+     * @param {char} inputPos - the input position of the signal (letter to be encrypted)
+     * @returns {char}
+     */
+    encrypt(inputPos) {
+        for (const rotor of this.rotors) {
+            inputPos = rotor.crypt(inputPos, "leftToRight");
+        }
+        return inputPos;
+    }
+
+    /**
+     * Decrypts a letter through the cipher rotors (signal goes from right-to-left)
+     *
+     * @param {char} inputPos - the input position of the signal (letter to be decrypted)
+     * @returns {char}
+     */
+    decrypt(inputPos) {
+        const revOrderedRotors = [...this.rotors].reverse();
+        for (const rotor of revOrderedRotors) {
+            inputPos = rotor.crypt(inputPos, "rightToLeft");
+        }
+        return inputPos;
+    }
+
+    /**
+     * Step the cipher rotors forward according to the inputs from the index rotors
+     *
+     * @param {number[]} indexInputs - the inputs from the index rotors
+     */
+    step(indexInputs) {
+        const logicDict = {0: [0, 9], 1: [7, 8], 2: [5, 6], 3: [3, 4], 4: [1, 2]};
+        const rotorsToMove = [];
+        for (const key in logicDict) {
+            const item = logicDict[key];
+            for (const i of indexInputs) {
+                if (item.includes(i)) {
+                    rotorsToMove.push(this.rotors[key]);
+                    break;
+                }
+            }
+        }
+        for (const rotor of rotorsToMove) {
+            rotor.step();
+        }
+    }
+
+}
+
+/**
+ * The control rotor bank consists of 5 control rotors in either a forward or reversed orientation. Signals to the control rotor bank always go from right-to-left.
+ */
+export class ControlBank {
+
+    /**
+     * ControlBank constructor. The rotors have been reversed as signals go from right-to-left through the control rotors.
+     *
+     * @param {Object[]} rotors - list of CRRotors
+     */
+    constructor(rotors) {
+        this.rotors = [...rotors].reverse();
+    }
+
+    /**
+     * Encrypts a letter.
+     *
+     * @param {char} inputPos - the input position of the signal
+     * @returns {char}
+     */
+    crypt(inputPos) {
+        for (const rotor of this.rotors) {
+            inputPos = rotor.crypt(inputPos, "rightToLeft");
+        }
+        return inputPos;
+    }
+
+    /**
+     * Gets the outputs of the control rotors. The inputs to the control rotors are always "F", "G", "H" and "I".
+     *
+     * @returns {number[]}
+     */
+    getOutputs() {
+        const outputs = [this.crypt("F"), this.crypt("G"), this.crypt("H"), this.crypt("I")];
+        const logicDict = {1: "B", 2: "C", 3: "DE", 4: "FGH", 5: "IJK", 6: "LMNO", 7: "PQRST", 8: "UVWXYZ", 9: "A"};
+        const numberOutputs = [];
+        for (const key in logicDict) {
+            const item = logicDict[key];
+            for (const output of outputs) {
+                if (item.includes(output)) {
+                    numberOutputs.push(key);
+                    break;
+                }
+            }
+        }
+        return numberOutputs;
+    }
+
+    /**
+     * Steps the control rotors. Only 3 of the control rotors step: one after every encryption, one after every 26, and one after every 26 squared.
+     */
+    step() {
+        const MRotor = this.rotors[1], FRotor = this.rotors[2], SRotor = this.rotors[3];
+        // 14 is the offset of "O" from "A" - the next rotor steps once the previous rotor reaches "O"
+        if (FRotor.state === 14) {
+            if (MRotor.state === 14) {
+                SRotor.step();
+            }
+            MRotor.step();
+        }
+        FRotor.step();
+    }
+
+    /**
+     * The goThroughControl function combines getting the outputs from the control rotor bank and then stepping them.
+     *
+     * @returns {number[]}
+     */
+    goThroughControl() {
+        const outputs = this.getOutputs();
+        this.step();
+        return outputs;
+    }
+
+}
+
+/**
+ * The index rotor bank consists of 5 index rotors all placed in the forwards orientation.
+ */
+export class IndexBank {
+
+    /**
+     * IndexBank constructor
+     *
+     * @param {Object[]} rotors - list of IRotors
+     */
+    constructor(rotors) {
+        this.rotors = rotors;
+    }
+
+    /**
+     * Encrypts a number.
+     *
+     * @param {number} inputPos - the input position of the signal
+     * @returns {number}
+     */
+    crypt(inputPos) {
+        for (const rotor of this.rotors) {
+            inputPos = rotor.crypt(inputPos);
+        }
+        return inputPos;
+    }
+
+    /**
+     * The goThroughIndex function takes the inputs from the control rotor bank and returns the list of outputs after encryption through the index rotors.
+     *
+     * @param {number[]} controlInputs - inputs from the control rotors
+     * @returns {number[]}
+     */
+    goThroughIndex(controlInputs) {
+        const outputs = [];
+        for (const inp of controlInputs) {
+            outputs.push(this.crypt(inp));
+        }
+        return outputs;
+    }
+
+}
+
+/**
+ * Rotor class
+ */
+export class Rotor {
+
+    /**
+     * Rotor constructor
+     *
+     * @param {number[]} wireSetting - the wirings within the rotor: mapping from left-to-right, the index of the number in the list maps onto the number at that index
+     * @param {bool} rev - true if the rotor is reversed, false if it isn't
+     * @param {number} key - the starting position or state of the rotor
+     */
+    constructor(wireSetting, key, rev) {
+        this.state = key;
+        this.numMapping = this.getNumMapping(wireSetting, rev);
+        this.posMapping = this.getPosMapping(rev);
+    }
+
+    /**
+     * Get the number mapping from the wireSetting (only different from wireSetting if rotor is reversed)
+     *
+     * @param {number[]} wireSetting - the wirings within the rotors
+     * @param {bool} rev - true if reversed, false if not
+     * @returns {number[]}
+     */
+    getNumMapping(wireSetting, rev) {
+        if (rev===false) {
+            return wireSetting;
+        } else {
+            const length = wireSetting.length;
+            const tempMapping = new Array(length);
+            for (let i=0; i<length; i++) {
+                tempMapping[wireSetting[i]] = i;
+            }
+            return tempMapping;
+        }
+    }
+
+    /**
+     * Get the position mapping (how the position numbers map onto the numbers of the rotor)
+     *
+     * @param {bool} rev - true if reversed, false if not
+     * @returns {number[]}
+     */
+    getPosMapping(rev) {
+        const length = this.numMapping.length;
+        const posMapping = [];
+        if (rev===false) {
+            for (let i = this.state; i < this.state+length; i++) {
+                let res = i%length;
+                if (res<0) {
+                    res += length;
+                }
+                posMapping.push(res);
+            }
+        } else {
+            for (let i = this.state; i > this.state-length; i--) {
+                let res = i%length;
+                if (res<0) {
+                    res += length;
+                }
+                posMapping.push(res);
+            }
+        }
+        return posMapping;
+    }
+
+    /**
+     * Encrypt/decrypt data. This process is identical to the rotors of cipher machines such as Enigma or Typex.
+     *
+     * @param {number} inputPos - the input position of the signal (the data to encrypt/decrypt)
+     * @param {string} direction - one of "leftToRight" and "rightToLeft", states the direction in which the signal passes through the rotor
+     * @returns {number}
+     */
+    cryptNum(inputPos, direction) {
+        const inpNum = this.posMapping[inputPos];
+        let outNum;
+        if (direction === "leftToRight") {
+            outNum = this.numMapping[inpNum];
+        } else if (direction === "rightToLeft") {
+            outNum = this.numMapping.indexOf(inpNum);
+        }
+        const outPos = this.posMapping.indexOf(outNum);
+        return outPos;
+    }
+
+    /**
+     * Steps the rotor. The number at position 0 will be moved to position 1 etc.
+     */
+    step() {
+        const lastNum = this.posMapping.pop();
+        this.posMapping.splice(0, 0, lastNum);
+        this.state = this.posMapping[0];
+    }
+
+}
+
+/**
+ * A CRRotor is a cipher (C) or control (R) rotor. These rotors are identical and interchangeable. A C or R rotor consists of 26 contacts, one for each letter, and may be put into either a forwards of reversed orientation.
+ */
+export class CRRotor extends Rotor {
+
+    /**
+     * CRRotor constructor
+     *
+     * @param {string} wireSetting - the rotor wirings (string of letters)
+     * @param {char} key - initial state of rotor
+     * @param {bool} rev - true if reversed, false if not
+     */
+    constructor(wireSetting, key, rev=false) {
+        wireSetting = wireSetting.split("").map(CRRotor.letterToNum);
+        super(wireSetting, CRRotor.letterToNum(key), rev);
+    }
+
+    /**
+     * Static function which converts a letter into its number i.e. its offset from the letter "A"
+     *
+     * @param {char} letter - letter to convert to number
+     * @returns {number}
+     */
+    static letterToNum(letter) {
+        return letter.charCodeAt()-65;
+    }
+
+    /**
+     * Static function which converts a number (a letter's offset from "A") into its letter
+     *
+     * @param {number} num - number to convert to letter
+     * @returns {char}
+     */
+    static numToLetter(num) {
+        return String.fromCharCode(num+65);
+    }
+
+    /**
+     * Encrypts/decrypts a letter.
+     *
+     * @param {char} inputPos - the input position of the signal ("A" refers to position 0 etc.)
+     * @param {string} direction - one of "leftToRight" and "rightToLeft"
+     * @returns {char}
+     */
+    crypt(inputPos, direction) {
+        inputPos = CRRotor.letterToNum(inputPos);
+        const outPos = this.cryptNum(inputPos, direction);
+        return CRRotor.numToLetter(outPos);
+    }
+
+}
+
+/**
+ * An IRotor is an index rotor, which consists of 10 contacts each numbered from 0 to 9. Unlike C and R rotors, they cannot be put in the reversed orientation. The index rotors do not step at any point during encryption or decryption.
+ */
+export class IRotor extends Rotor {
+
+    /**
+     * IRotor constructor
+     *
+     * @param {string} wireSetting - the rotor wirings (string of numbers)
+     * @param {char} key - initial state of rotor
+     */
+    constructor(wireSetting, key) {
+        wireSetting = wireSetting.split("").map(Number);
+        super(wireSetting, Number(key), false);
+    }
+
+    /**
+     * Encrypts a number
+     *
+     * @param {number} inputPos - the input position of the signal
+     * @returns {number}
+     */
+    crypt(inputPos) {
+        return this.cryptNum(inputPos, "leftToRight");
+    }
+
+}

src/core/lib/Stream.mjs

@@ -177,7 +177,7 @@ export default class Stream {
 
         // Get the skip table.
         const skiptable = preprocess(val, length);
-        let found = true;
+        let found;
 
         while (this.position < this.length) {
             // Until we hit the final element of val in the stream.

src/core/operations/AESDecrypt.mjs

@@ -41,8 +41,33 @@ class AESDecrypt extends Operation {
             },
             {
                 "name": "Mode",
-                "type": "option",
-                "value": ["CBC", "CFB", "OFB", "CTR", "GCM", "ECB"]
+                "type": "argSelector",
+                "value": [
+                    {
+                        name: "CBC",
+                        off: [5, 6]
+                    },
+                    {
+                        name: "CFB",
+                        off: [5, 6]
+                    },
+                    {
+                        name: "OFB",
+                        off: [5, 6]
+                    },
+                    {
+                        name: "CTR",
+                        off: [5, 6]
+                    },
+                    {
+                        name: "GCM",
+                        on: [5, 6]
+                    },
+                    {
+                        name: "ECB",
+                        off: [5, 6]
+                    }
+                ]
             },
             {
                 "name": "Input",
@@ -59,6 +84,12 @@ class AESDecrypt extends Operation {
                 "type": "toggleString",
                 "value": "",
                 "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
+            },
+            {
+                "name": "Additional Authenticated Data",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
             }
         ];
     }
@@ -76,7 +107,8 @@ class AESDecrypt extends Operation {
             mode = args[2],
             inputType = args[3],
             outputType = args[4],
-            gcmTag = Utils.convertToByteString(args[5].string, args[5].option);
+            gcmTag = Utils.convertToByteString(args[5].string, args[5].option),
+            aad = Utils.convertToByteString(args[6].string, args[6].option);
 
         if ([16, 24, 32].indexOf(key.length) < 0) {
             throw new OperationError(`Invalid key length: ${key.length} bytes
@@ -92,7 +124,8 @@ The following algorithms will be used based on the size of the key:
         const decipher = forge.cipher.createDecipher("AES-" + mode, key);
         decipher.start({
             iv: iv.length === 0 ? "" : iv,
-            tag: gcmTag
+            tag: mode === "GCM" ? gcmTag : undefined,
+            additionalData: mode === "GCM" ? aad : undefined
         });
         decipher.update(forge.util.createBuffer(input));
         const result = decipher.finish();

src/core/operations/AESEncrypt.mjs

@@ -41,8 +41,33 @@ class AESEncrypt extends Operation {
             },
             {
                 "name": "Mode",
-                "type": "option",
-                "value": ["CBC", "CFB", "OFB", "CTR", "GCM", "ECB"]
+                "type": "argSelector",
+                "value": [
+                    {
+                        name: "CBC",
+                        off: [5]
+                    },
+                    {
+                        name: "CFB",
+                        off: [5]
+                    },
+                    {
+                        name: "OFB",
+                        off: [5]
+                    },
+                    {
+                        name: "CTR",
+                        off: [5]
+                    },
+                    {
+                        name: "GCM",
+                        on: [5]
+                    },
+                    {
+                        name: "ECB",
+                        off: [5]
+                    }
+                ]
             },
             {
                 "name": "Input",
@@ -53,6 +78,12 @@ class AESEncrypt extends Operation {
                 "name": "Output",
                 "type": "option",
                 "value": ["Hex", "Raw"]
+            },
+            {
+                "name": "Additional Authenticated Data",
+                "type": "toggleString",
+                "value": "",
+                "toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
             }
         ];
     }
@@ -69,7 +100,8 @@ class AESEncrypt extends Operation {
             iv = Utils.convertToByteString(args[1].string, args[1].option),
             mode = args[2],
             inputType = args[3],
-            outputType = args[4];
+            outputType = args[4],
+            aad = Utils.convertToByteString(args[5].string, args[5].option);
 
         if ([16, 24, 32].indexOf(key.length) < 0) {
             throw new OperationError(`Invalid key length: ${key.length} bytes
@@ -83,7 +115,10 @@ The following algorithms will be used based on the size of the key:
         input = Utils.convertToByteString(input, inputType);
 
         const cipher = forge.cipher.createCipher("AES-" + mode, key);
-        cipher.start({iv: iv});
+        cipher.start({
+            iv: iv,
+            additionalData: mode === "GCM" ? aad : undefined
+        });
         cipher.update(forge.util.createBuffer(input));
         cipher.finish();
 

src/core/operations/Bombe.mjs

@@ -1,6 +1,9 @@
 /**
  * Emulation of the Bombe machine.
  *
+ * Tested against the Bombe Rebuild at Bletchley Park's TNMOC
+ * using a variety of inputs and settings to confirm correctness.
+ *
  * @author s2224834
  * @copyright Crown Copyright 2019
  * @license Apache-2.0

src/core/operations/CBORDecode.mjs

@@ -0,0 +1,41 @@
+/**
+ * @author Danh4 [dan.h4@ncsc.gov.uk]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Cbor from "cbor";
+
+/**
+ * CBOR Decode operation
+ */
+class CBORDecode extends Operation {
+
+    /**
+     * CBORDecode constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "CBOR Decode";
+        this.module = "Serialise";
+        this.description = "Concise Binary Object Representation (CBOR) is a binary data serialization format loosely based on JSON. Like JSON it allows the transmission of data objects that contain name–value pairs, but in a more concise manner. This increases processing and transfer speeds at the cost of human readability. It is defined in IETF RFC 8949.";
+        this.infoURL = "https://wikipedia.org/wiki/CBOR";
+        this.inputType = "ArrayBuffer";
+        this.outputType = "JSON";
+        this.args = [];
+    }
+
+    /**
+     * @param {ArrayBuffer} input
+     * @param {Object[]} args
+     * @returns {JSON}
+     */
+    run(input, args) {
+        return Cbor.decodeFirstSync(Buffer.from(input).toString("hex"));
+    }
+
+}
+
+export default CBORDecode;

src/core/operations/CBOREncode.mjs

@@ -0,0 +1,41 @@
+/**
+ * @author Danh4 [dan.h4@ncsc.gov.uk]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Cbor from "cbor";
+
+/**
+ * CBOR Encode operation
+ */
+class CBOREncode extends Operation {
+
+    /**
+     * CBOREncode constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "CBOR Encode";
+        this.module = "Serialise";
+        this.description = "Concise Binary Object Representation (CBOR) is a binary data serialization format loosely based on JSON. Like JSON it allows the transmission of data objects that contain name–value pairs, but in a more concise manner. This increases processing and transfer speeds at the cost of human readability. It is defined in IETF RFC 8949.";
+        this.infoURL = "https://wikipedia.org/wiki/CBOR";
+        this.inputType = "JSON";
+        this.outputType = "ArrayBuffer";
+        this.args = [];
+    }
+
+    /**
+     * @param {JSON} input
+     * @param {Object[]} args
+     * @returns {ArrayBuffer}
+     */
+    run(input, args) {
+        return new Uint8Array(Cbor.encodeCanonical(input)).buffer;
+    }
+
+}
+
+export default CBOREncode;

src/core/operations/Colossus.mjs

@@ -1,6 +1,9 @@
 /**
  * Emulation of Colossus.
  *
+ * Tested against the Colossus Rebuild at Bletchley Park's TNMOC
+ * using a variety of inputs and settings to confirm correctness.
+ *
  * @author VirtualColossus [martin@virtualcolossus.co.uk]
  * @copyright Crown Copyright 2019
  * @license Apache-2.0
@@ -125,7 +128,8 @@ class Colossus extends Operation {
             },
             {
                 name: "R1-Negate",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "R1-Counter",
@@ -164,7 +168,8 @@ class Colossus extends Operation {
             },
             {
                 name: "R2-Negate",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "R2-Counter",
@@ -203,7 +208,8 @@ class Colossus extends Operation {
             },
             {
                 name: "R3-Negate",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "R3-Counter",
@@ -212,7 +218,8 @@ class Colossus extends Operation {
             },
             {
                 name: "Negate All",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "K Rack: Addition",
@@ -220,23 +227,28 @@ class Colossus extends Operation {
             },
             {
                 name: "Add-Q1",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add-Q2",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add-Q3",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add-Q4",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add-Q5",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add-Equals",
@@ -246,11 +258,13 @@ class Colossus extends Operation {
             },
             {
                 name: "Add-Counter1",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Add Negate All",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Total Motor",

src/core/operations/DeriveEVPKey.mjs

@@ -67,7 +67,7 @@ class DeriveEVPKey extends Operation {
             iterations = args[2],
             hasher = args[3],
             salt = Utils.convertToByteString(args[4].string, args[4].option),
-            key = CryptoJS.EvpKDF(passphrase, salt, {
+            key = CryptoJS.EvpKDF(passphrase, salt, { // lgtm [js/insufficient-password-hash]
                 keySize: keySize,
                 hasher: CryptoJS.algo[hasher],
                 iterations: iterations,

src/core/operations/Enigma.mjs

@@ -1,6 +1,9 @@
 /**
  * Emulation of the Enigma machine.
  *
+ * Tested against various genuine Enigma machines using a variety of inputs
+ * and settings to confirm correctness.
+ *
  * @author s2224834
  * @copyright Crown Copyright 2019
  * @license Apache-2.0

src/core/operations/ExtractDomains.mjs

@@ -27,7 +27,7 @@ class ExtractDomains extends Operation {
             {
                 "name": "Display total",
                 "type": "boolean",
-                "value": "Extract.DISPLAY_TOTAL"
+                "value": true
             }
         ];
     }

src/core/operations/ExtractEmailAddresses.mjs

@@ -39,8 +39,8 @@ class ExtractEmailAddresses extends Operation {
      */
     run(input, args) {
         const displayTotal = args[0],
-        // email regex from: https://www.regextester.com/98066
-            regex = /(?:[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9](?:[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9-]*[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9])?\.)+[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9](?:[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9-]*[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9])?|\[(?:(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9]))\.){3}(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9])|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])/ig;
+            // email regex from: https://www.regextester.com/98066
+            regex = /(?:[\u00A0-\uD7FF\uE000-\uFFFFa-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[\u00A0-\uD7FF\uE000-\uFFFFa-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[\u00A0-\uD7FF\uE000-\uFFFFa-z0-9](?:[\u00A0-\uD7FF\uE000-\uFFFFa-z0-9-]*[\u00A0-\uD7FF\uE000-\uFFFFa-z0-9])?\.)+[\u00A0-\uD7FF\uE000-\uFFFFa-z0-9](?:[\u00A0-\uD7FF\uE000-\uFFFFa-z0-9-]*[\u00A0-\uD7FF\uE000-\uFFFFa-z0-9])?|\[(?:(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9]))\.){3}\])/ig;
         return search(input, regex, null, displayTotal);
     }
 

src/core/operations/ExtractFiles.mjs

@@ -21,9 +21,24 @@ class ExtractFiles extends Operation {
     constructor() {
         super();
 
+        // Get the first extension for each signature that can be extracted
+        let supportedExts = Object.keys(FILE_SIGNATURES).map(cat => {
+            return FILE_SIGNATURES[cat]
+                .filter(sig => sig.extractor)
+                .map(sig => sig.extension.toUpperCase());
+        });
+
+        // Flatten categories and remove duplicates
+        supportedExts = [].concat(...supportedExts).unique();
+
         this.name = "Extract Files";
         this.module = "Default";
-        this.description = "Performs file carving to attempt to extract files from the input.<br><br>This operation is currently capable of carving out the following formats:<ul><li>JPG</li><li>EXE</li><li>ZIP</li><li>PDF</li><li>PNG</li><li>BMP</li><li>FLV</li><li>RTF</li><li>DOCX, PPTX, XLSX</li><li>EPUB</li><li>GZIP</li><li>ZLIB</li><li>ELF, BIN, AXF, O, PRX, SO</li></ul>";
+        this.description = `Performs file carving to attempt to extract files from the input.<br><br>This operation is currently capable of carving out the following formats:
+            <ul>
+                <li>
+                ${supportedExts.join("</li><li>")}
+                </li>
+            </ul>`;
         this.infoURL = "https://forensicswiki.xyz/wiki/index.php?title=File_Carving";
         this.inputType = "ArrayBuffer";
         this.outputType = "List<File>";
@@ -38,7 +53,7 @@ class ExtractFiles extends Operation {
             {
                 name: "Ignore failed extractions",
                 type: "boolean",
-                value: "true"
+                value: true
             }
         ]);
     }

src/core/operations/ExtractID3.mjs

@@ -0,0 +1,324 @@
+/**
+ * @author n1073645 [n1073645@gmail.com]
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import OperationError from "../errors/OperationError.mjs";
+import Utils from "../Utils.mjs";
+
+/**
+ * Extract ID3 operation
+ */
+class ExtractID3 extends Operation {
+
+    /**
+     * ExtractID3 constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Extract ID3";
+        this.module = "Default";
+        this.description = "This operation extracts ID3 metadata from an MP3 file.<br><br>ID3 is a metadata container most often used in conjunction with the MP3 audio file format. It allows information such as the title, artist, album, track number, and other information about the file to be stored in the file itself.";
+        this.infoURL = "https://wikipedia.org/wiki/ID3";
+        this.inputType = "ArrayBuffer";
+        this.outputType = "JSON";
+        this.presentType = "html";
+        this.args = [];
+    }
+
+    /**
+     * @param {ArrayBuffer} input
+     * @param {Object[]} args
+     * @returns {JSON}
+     */
+    run(input, args) {
+        input = new Uint8Array(input);
+
+        /**
+         * Extracts the ID3 header fields.
+         */
+        function extractHeader() {
+            if (!Array.from(input.slice(0, 3)).equals([0x49, 0x44, 0x33]))
+                throw new OperationError("No valid ID3 header.");
+
+            const header = {
+                "Type": "ID3",
+                // Tag version
+                "Version": input[3].toString() + "." + input[4].toString(),
+                // Header version
+                "Flags": input[5].toString()
+            };
+
+            input = input.slice(6);
+            return header;
+        }
+
+        /**
+         * Converts the size fields to a single integer.
+         *
+         * @param {number} num
+         * @returns {string}
+         */
+        function readSize(num) {
+            let result = 0;
+
+            // The sizes are 7 bit numbers stored in 8 bit locations
+            for (let i = (num) * 7; i; i -= 7) {
+                result = (result << i) | input[0];
+                input = input.slice(1);
+            }
+            return result;
+        }
+
+        /**
+         * Reads frame header based on ID.
+         *
+         * @param {string} id
+         * @returns {number}
+         */
+        function readFrame(id) {
+            const frame = {};
+
+            // Size of frame
+            const size = readSize(4);
+            frame.Size = size.toString();
+            frame.Description = FRAME_DESCRIPTIONS[id];
+            input = input.slice(2);
+
+            // Read data from frame
+            let data = "";
+            for (let i = 1; i < size; i++)
+                data += String.fromCharCode(input[i]);
+            frame.Data = data;
+
+            // Move to next Frame
+            input = input.slice(size);
+
+            return [frame, size];
+        }
+
+        const result = extractHeader();
+
+        const headerTagSize = readSize(4);
+        result.Size = headerTagSize.toString();
+
+        const tags = {};
+        let pos = 10;
+
+        // While the current element is in the header
+        while (pos < headerTagSize) {
+
+            // Frame Identifier of frame
+            let id = String.fromCharCode(input[0]) + String.fromCharCode(input[1]) + String.fromCharCode(input[2]);
+            input = input.slice(3);
+
+            // If the next character is non-zero it is an identifier
+            if (input[0] !== 0) {
+                id += String.fromCharCode(input[0]);
+            }
+            input = input.slice(1);
+
+            if (id in FRAME_DESCRIPTIONS) {
+                const [frame, size] = readFrame(id);
+                tags[id] = frame;
+                pos += 10 + size;
+            } else if (id === "\x00\x00\x00") { // end of header
+                break;
+            } else {
+                throw new OperationError("Unknown Frame Identifier: " + id);
+            }
+        }
+
+        result.Tags = tags;
+
+        return result;
+    }
+
+    /**
+     * Displays the extracted data in a more accessible format for web apps.
+     * @param {JSON} data
+     * @returns {html}
+     */
+    present(data) {
+        if (!data || !Object.prototype.hasOwnProperty.call(data, "Tags"))
+            return JSON.stringify(data, null, 4);
+
+        let output = `<table class="table table-hover table-sm table-bordered table-nonfluid">
+            <tr><th>Tag</th><th>Description</th><th>Data</th></tr>`;
+
+        for (const tagID in data.Tags) {
+            const description = data.Tags[tagID].Description,
+                contents = data.Tags[tagID].Data;
+            output += `<tr><td>${tagID}</td><td>${Utils.escapeHtml(description)}</td><td>${Utils.escapeHtml(contents)}</td></tr>`;
+        }
+        output += "</table>";
+        return output;
+    }
+
+}
+
+// Borrowed from https://github.com/aadsm/jsmediatags
+const FRAME_DESCRIPTIONS = {
+    // v2.2
+    "BUF": "Recommended buffer size",
+    "CNT": "Play counter",
+    "COM": "Comments",
+    "CRA": "Audio encryption",
+    "CRM": "Encrypted meta frame",
+    "ETC": "Event timing codes",
+    "EQU": "Equalization",
+    "GEO": "General encapsulated object",
+    "IPL": "Involved people list",
+    "LNK": "Linked information",
+    "MCI": "Music CD Identifier",
+    "MLL": "MPEG location lookup table",
+    "PIC": "Attached picture",
+    "POP": "Popularimeter",
+    "REV": "Reverb",
+    "RVA": "Relative volume adjustment",
+    "SLT": "Synchronized lyric/text",
+    "STC": "Synced tempo codes",
+    "TAL": "Album/Movie/Show title",
+    "TBP": "BPM (Beats Per Minute)",
+    "TCM": "Composer",
+    "TCO": "Content type",
+    "TCR": "Copyright message",
+    "TDA": "Date",
+    "TDY": "Playlist delay",
+    "TEN": "Encoded by",
+    "TFT": "File type",
+    "TIM": "Time",
+    "TKE": "Initial key",
+    "TLA": "Language(s)",
+    "TLE": "Length",
+    "TMT": "Media type",
+    "TOA": "Original artist(s)/performer(s)",
+    "TOF": "Original filename",
+    "TOL": "Original Lyricist(s)/text writer(s)",
+    "TOR": "Original release year",
+    "TOT": "Original album/Movie/Show title",
+    "TP1": "Lead artist(s)/Lead performer(s)/Soloist(s)/Performing group",
+    "TP2": "Band/Orchestra/Accompaniment",
+    "TP3": "Conductor/Performer refinement",
+    "TP4": "Interpreted, remixed, or otherwise modified by",
+    "TPA": "Part of a set",
+    "TPB": "Publisher",
+    "TRC": "ISRC (International Standard Recording Code)",
+    "TRD": "Recording dates",
+    "TRK": "Track number/Position in set",
+    "TSI": "Size",
+    "TSS": "Software/hardware and settings used for encoding",
+    "TT1": "Content group description",
+    "TT2": "Title/Songname/Content description",
+    "TT3": "Subtitle/Description refinement",
+    "TXT": "Lyricist/text writer",
+    "TXX": "User defined text information frame",
+    "TYE": "Year",
+    "UFI": "Unique file identifier",
+    "ULT": "Unsychronized lyric/text transcription",
+    "WAF": "Official audio file webpage",
+    "WAR": "Official artist/performer webpage",
+    "WAS": "Official audio source webpage",
+    "WCM": "Commercial information",
+    "WCP": "Copyright/Legal information",
+    "WPB": "Publishers official webpage",
+    "WXX": "User defined URL link frame",
+    // v2.3
+    "AENC": "Audio encryption",
+    "APIC": "Attached picture",
+    "ASPI": "Audio seek point index",
+    "CHAP": "Chapter",
+    "CTOC": "Table of contents",
+    "COMM": "Comments",
+    "COMR": "Commercial frame",
+    "ENCR": "Encryption method registration",
+    "EQU2": "Equalisation (2)",
+    "EQUA": "Equalization",
+    "ETCO": "Event timing codes",
+    "GEOB": "General encapsulated object",
+    "GRID": "Group identification registration",
+    "IPLS": "Involved people list",
+    "LINK": "Linked information",
+    "MCDI": "Music CD identifier",
+    "MLLT": "MPEG location lookup table",
+    "OWNE": "Ownership frame",
+    "PRIV": "Private frame",
+    "PCNT": "Play counter",
+    "POPM": "Popularimeter",
+    "POSS": "Position synchronisation frame",
+    "RBUF": "Recommended buffer size",
+    "RVA2": "Relative volume adjustment (2)",
+    "RVAD": "Relative volume adjustment",
+    "RVRB": "Reverb",
+    "SEEK": "Seek frame",
+    "SYLT": "Synchronized lyric/text",
+    "SYTC": "Synchronized tempo codes",
+    "TALB": "Album/Movie/Show title",
+    "TBPM": "BPM (beats per minute)",
+    "TCOM": "Composer",
+    "TCON": "Content type",
+    "TCOP": "Copyright message",
+    "TDAT": "Date",
+    "TDLY": "Playlist delay",
+    "TDRC": "Recording time",
+    "TDRL": "Release time",
+    "TDTG": "Tagging time",
+    "TENC": "Encoded by",
+    "TEXT": "Lyricist/Text writer",
+    "TFLT": "File type",
+    "TIME": "Time",
+    "TIPL": "Involved people list",
+    "TIT1": "Content group description",
+    "TIT2": "Title/songname/content description",
+    "TIT3": "Subtitle/Description refinement",
+    "TKEY": "Initial key",
+    "TLAN": "Language(s)",
+    "TLEN": "Length",
+    "TMCL": "Musician credits list",
+    "TMED": "Media type",
+    "TMOO": "Mood",
+    "TOAL": "Original album/movie/show title",
+    "TOFN": "Original filename",
+    "TOLY": "Original lyricist(s)/text writer(s)",
+    "TOPE": "Original artist(s)/performer(s)",
+    "TORY": "Original release year",
+    "TOWN": "File owner/licensee",
+    "TPE1": "Lead performer(s)/Soloist(s)",
+    "TPE2": "Band/orchestra/accompaniment",
+    "TPE3": "Conductor/performer refinement",
+    "TPE4": "Interpreted, remixed, or otherwise modified by",
+    "TPOS": "Part of a set",
+    "TPRO": "Produced notice",
+    "TPUB": "Publisher",
+    "TRCK": "Track number/Position in set",
+    "TRDA": "Recording dates",
+    "TRSN": "Internet radio station name",
+    "TRSO": "Internet radio station owner",
+    "TSOA": "Album sort order",
+    "TSOP": "Performer sort order",
+    "TSOT": "Title sort order",
+    "TSIZ": "Size",
+    "TSRC": "ISRC (international standard recording code)",
+    "TSSE": "Software/Hardware and settings used for encoding",
+    "TSST": "Set subtitle",
+    "TYER": "Year",
+    "TXXX": "User defined text information frame",
+    "UFID": "Unique file identifier",
+    "USER": "Terms of use",
+    "USLT": "Unsychronized lyric/text transcription",
+    "WCOM": "Commercial information",
+    "WCOP": "Copyright/Legal information",
+    "WOAF": "Official audio file webpage",
+    "WOAR": "Official artist/performer webpage",
+    "WOAS": "Official audio source webpage",
+    "WORS": "Official internet radio station homepage",
+    "WPAY": "Payment",
+    "WPUB": "Publishers official webpage",
+    "WXXX": "User defined URL link frame"
+};
+
+export default ExtractID3;

src/core/operations/FrequencyDistribution.mjs

@@ -30,7 +30,12 @@ class FrequencyDistribution extends Operation {
             {
                 "name": "Show 0%s",
                 "type": "boolean",
-                "value": "Entropy.FREQ_ZEROS"
+                "value": true
+            },
+            {
+                "name": "Show ASCII",
+                "type": "boolean",
+                "value": true
             }
         ];
     }
@@ -76,14 +81,14 @@ class FrequencyDistribution extends Operation {
      * @returns {html}
      */
     present(freq, args) {
-        const showZeroes = args[0];
+        const [showZeroes, showAscii] = args;
+
         // Print
         let output = `<canvas id='chart-area'></canvas><br>
 Total data length: ${freq.dataLength}
 Number of bytes represented: ${freq.bytesRepresented}
 Number of bytes not represented: ${256 - freq.bytesRepresented}
 
-Byte   Percentage
 <script>
     var canvas = document.getElementById("chart-area"),
         parentRect = canvas.parentNode.getBoundingClientRect(),
@@ -93,16 +98,32 @@ Byte   Percentage
     canvas.height = parentRect.height * 0.9;
 
     CanvasComponents.drawBarChart(canvas, scores, "Byte", "Frequency %", 16, 6);
-</script>`;
+</script>
+<table class="table table-hover table-sm">
+    <tr><th>Byte</th>${showAscii ? "<th>ASCII</th>" : ""}<th>Percentage</th><th></th></tr>`;
 
         for (let i = 0; i < 256; i++) {
             if (freq.distribution[i] || showZeroes) {
-                output += " " + Utils.hex(i, 2) + "    (" +
-                    (freq.percentages[i].toFixed(2).replace(".00", "") + "%)").padEnd(8, " ") +
-                    Array(Math.ceil(freq.percentages[i])+1).join("|") + "\n";
+                let c = "";
+                if (showAscii) {
+                    if (i <= 32) {
+                        c = String.fromCharCode(0x2400 + i);
+                    } else  if (i === 127) {
+                        c = String.fromCharCode(0x2421);
+                    } else {
+                        c = String.fromCharCode(i);
+                    }
+                }
+                const bite = `<td>${Utils.hex(i, 2)}</td>`,
+                    ascii = showAscii ? `<td>${c}</td>` : "",
+                    percentage = `<td>${(freq.percentages[i].toFixed(2).replace(".00", "") + "%").padEnd(8, " ")}</td>`,
+                    bars = `<td>${Array(Math.ceil(freq.percentages[i])+1).join("|")}</td>`;
+
+                output += `<tr>${bite}${ascii}${percentage}${bars}</tr>`;
             }
         }
 
+        output += "</table>";
         return output;
     }
 

src/core/operations/FromBCD.mjs

@@ -95,7 +95,7 @@ class FromBCD extends Operation {
         if (!packed) {
             // Discard each high nibble
             for (let i = 0; i < nibbles.length; i++) {
-                nibbles.splice(i, 1);
+                nibbles.splice(i, 1); // lgtm [js/loop-iteration-skipped-due-to-shifting]
             }
         }
 

src/core/operations/FromBase.mjs

@@ -46,7 +46,7 @@ class FromBase extends Operation {
         }
 
         const number = input.replace(/\s/g, "").split(".");
-        let result = new BigNumber(number[0], radix) || 0;
+        let result = new BigNumber(number[0], radix);
 
         if (number.length === 1) return result;
 

src/core/operations/FromBase32.mjs

@@ -84,10 +84,10 @@ class FromBase32 extends Operation {
             chr5 = ((enc7 & 7) << 5) | enc8;
 
             output.push(chr1);
-            if (enc2 & 3 !== 0 || enc3 !== 32) output.push(chr2);
-            if (enc4 & 15 !== 0 || enc5 !== 32) output.push(chr3);
-            if (enc5 & 1 !== 0 || enc6 !== 32) output.push(chr4);
-            if (enc7 & 7 !== 0 || enc8 !== 32) output.push(chr5);
+            if ((enc2 & 3) !== 0 || enc3 !== 32) output.push(chr2);
+            if ((enc4 & 15) !== 0 || enc5 !== 32) output.push(chr3);
+            if ((enc5 & 1) !== 0 || enc6 !== 32) output.push(chr4);
+            if ((enc7 & 7) !== 0 || enc8 !== 32) output.push(chr5);
         }
 
         return output;

src/core/operations/FromBase45.mjs

@@ -0,0 +1,89 @@
+/**
+ * @author Thomas Weißschuh [thomas@t-8ch.de]
+ * @copyright Crown Copyright 2021
+ * @license Apache-2.0
+ */
+
+import {ALPHABET, highlightToBase45, highlightFromBase45} from "../lib/Base45.mjs";
+import Operation from "../Operation.mjs";
+import OperationError from "../errors/OperationError.mjs";
+import Utils from "../Utils.mjs";
+
+
+/**
+ * From Base45 operation
+ */
+class FromBase45 extends Operation {
+
+    /**
+     * FromBase45 constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "From Base45";
+        this.module = "Default";
+        this.description = "Base45 is a notation for encoding arbitrary byte data using a restricted set of symbols that can be conveniently used by humans and processed by computers. The high number base results in shorter strings than with the decimal or hexadecimal system. Base45 is optimized for usage with QR codes.";
+        this.infoURL = "https://wikipedia.org/wiki/List_of_numeral_systems";
+        this.inputType = "string";
+        this.outputType = "byteArray";
+        this.args = [
+            {
+                name: "Alphabet",
+                type: "string",
+                value: ALPHABET
+            }
+        ];
+
+        this.highlight = highlightFromBase45;
+        this.highlightReverse = highlightToBase45;
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {byteArray}
+     */
+    run(input, args) {
+        if (!input) return [];
+        const alphabet = Utils.expandAlphRange(args[0]);
+
+        const res = [];
+
+        for (const triple of Utils.chunked(input, 3)) {
+            triple.reverse();
+            let b = 0;
+            for (const c of triple) {
+                const idx = alphabet.indexOf(c);
+                if (idx === -1) {
+                    throw new OperationError(`Character not in alphabet: '${c}'`);
+                }
+                b *= 45;
+                b += idx;
+            }
+
+            if (b > 65535) {
+                throw new OperationError(`Triplet too large: '${triple.join("")}'`);
+            }
+
+            if (triple.length > 2) {
+                /**
+                 * The last triple may only have 2 bytes so we push the MSB when we got 3 bytes
+                 * Pushing MSB
+                 */
+                res.push(b >> 8);
+            }
+
+            /**
+             * Pushing LSB
+             */
+            res.push(b & 0xff);
+
+        }
+
+        return res;
+    }
+
+}
+
+export default FromBase45;

src/core/operations/FromBase64.mjs

@@ -102,6 +102,26 @@ class FromBase64 extends Operation {
                 flags: "i",
                 args: ["./0-9A-Za-z", true]
             },
+            {
+                pattern: "^\\s*(?:[A-Z=\\d\\+/]{4}){5,}(?:[A-Z=\\d\\+/]{2}CC|[A-Z=\\d\\+/]{3}C)?\\s*$",
+                flags: "i",
+                args: ["/128GhIoPQROSTeUbADfgHijKLM+n0pFWXY456xyzB7=39VaqrstJklmNuZvwcdEC", true]
+            },
+            {
+                pattern: "^\\s*(?:[A-Z=\\d\\+/]{4}){5,}(?:[A-Z=\\d\\+/]{2}55|[A-Z=\\d\\+/]{3}5)?\\s*$",
+                flags: "i",
+                args: ["3GHIJKLMNOPQRSTUb=cdefghijklmnopWXYZ/12+406789VaqrstuvwxyzABCDEF5", true]
+            },
+            {
+                pattern: "^\\s*(?:[A-Z=\\d\\+/]{4}){5,}(?:[A-Z=\\d\\+/]{2}22|[A-Z=\\d\\+/]{3}2)?\\s*$",
+                flags: "i",
+                args: ["ZKj9n+yf0wDVX1s/5YbdxSo=ILaUpPBCHg8uvNO4klm6iJGhQ7eFrWczAMEq3RTt2", true]
+            },
+            {
+                pattern: "^\\s*(?:[A-Z=\\d\\+/]{4}){5,}(?:[A-Z=\\d\\+/]{2}55|[A-Z=\\d\\+/]{3}5)?\\s*$",
+                flags: "i",
+                args: ["HNO4klm6ij9n+J2hyf0gzA8uvwDEq3X1Q7ZKeFrWcVTts/MRGYbdxSo=ILaUpPBC5", true]
+            }
         ];
     }
 

src/core/operations/FromBinary.mjs

@@ -35,7 +35,8 @@ class FromBinary extends Operation {
             {
                 "name": "Byte Length",
                 "type": "number",
-                "value": 8
+                "value": 8,
+                "min": 1
             }
         ];
         this.checks = [

src/core/operations/FuzzyMatch.mjs

@@ -0,0 +1,121 @@
+/**
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2021
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import {fuzzyMatch, calcMatchRanges, DEFAULT_WEIGHTS} from "../lib/FuzzyMatch.mjs";
+import Utils from "../Utils.mjs";
+
+/**
+ * Fuzzy Match operation
+ */
+class FuzzyMatch extends Operation {
+
+    /**
+     * FuzzyMatch constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Fuzzy Match";
+        this.module = "Default";
+        this.description = "Conducts a fuzzy search to find a pattern within the input based on weighted criteria.<br><br>e.g. A search for <code>dpan</code> will match on <code><b>D</b>on't <b>Pan</b>ic</code>";
+        this.infoURL = "https://wikipedia.org/wiki/Fuzzy_matching_(computer-assisted_translation)";
+        this.inputType = "string";
+        this.outputType = "html";
+        this.args = [
+            {
+                name: "Search",
+                type: "binaryString",
+                value: ""
+            },
+            {
+                name: "Sequential bonus",
+                type: "number",
+                value: DEFAULT_WEIGHTS.sequentialBonus,
+                hint: "Bonus for adjacent matches"
+            },
+            {
+                name: "Separator bonus",
+                type: "number",
+                value: DEFAULT_WEIGHTS.separatorBonus,
+                hint: "Bonus if match occurs after a separator"
+            },
+            {
+                name: "Camel bonus",
+                type: "number",
+                value: DEFAULT_WEIGHTS.camelBonus,
+                hint: "Bonus if match is uppercase and previous is lower"
+            },
+            {
+                name: "First letter bonus",
+                type: "number",
+                value: DEFAULT_WEIGHTS.firstLetterBonus,
+                hint: "Bonus if the first letter is matched"
+            },
+            {
+                name: "Leading letter penalty",
+                type: "number",
+                value: DEFAULT_WEIGHTS.leadingLetterPenalty,
+                hint: "Penalty applied for every letter in the input before the first match"
+            },
+            {
+                name: "Max leading letter penalty",
+                type: "number",
+                value: DEFAULT_WEIGHTS.maxLeadingLetterPenalty,
+                hint: "Maxiumum penalty for leading letters"
+            },
+            {
+                name: "Unmatched letter penalty",
+                type: "number",
+                value: DEFAULT_WEIGHTS.unmatchedLetterPenalty
+            },
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {html}
+     */
+    run(input, args) {
+        const searchStr = args[0];
+        const weights = {
+            sequentialBonus: args[1],
+            separatorBonus: args[2],
+            camelBonus: args[3],
+            firstLetterBonus: args[4],
+            leadingLetterPenalty: args[5],
+            maxLeadingLetterPenalty: args[6],
+            unmatchedLetterPenalty: args[7]
+        };
+        const matches = fuzzyMatch(searchStr, input, true, weights);
+
+        if (!matches) {
+            return "No matches.";
+        }
+
+        let result = "", pos = 0, hlClass = "hl1";
+        matches.forEach(([matches, score, idxs]) => {
+            const matchRanges = calcMatchRanges(idxs);
+
+            matchRanges.forEach(([start, length], i) => {
+                result += Utils.escapeHtml(input.slice(pos, start));
+                if (i === 0) result += `<span class="${hlClass}">`;
+                pos = start + length;
+                result += `<b>${Utils.escapeHtml(input.slice(start, pos))}</b>`;
+            });
+            result += "</span>";
+            hlClass = hlClass === "hl1" ? "hl2" : "hl1";
+        });
+
+        result += Utils.escapeHtml(input.slice(pos, input.length));
+
+        return result;
+    }
+
+}
+
+export default FuzzyMatch;

src/core/operations/GeneratePGPKeyPair.mjs

@@ -9,9 +9,11 @@
 import Operation from "../Operation.mjs";
 import kbpgp from "kbpgp";
 import { getSubkeySize, ASP } from "../lib/PGP.mjs";
+import { cryptNotice } from "../lib/Crypt.mjs";
 import * as es6promisify from "es6-promisify";
 const promisify = es6promisify.default ? es6promisify.default.promisify : es6promisify.promisify;
 
+
 /**
  * Generate PGP Key Pair operation
  */
@@ -25,7 +27,7 @@ class GeneratePGPKeyPair extends Operation {
 
         this.name = "Generate PGP Key Pair";
         this.module = "PGP";
-        this.description = "Generates a new public/private PGP key pair. Supports RSA and Eliptic Curve (EC) keys.<br><br>WARNING: Cryptographic operations in CyberChef should not be relied upon to provide security in any situation. No guarantee is offered for their correctness. We advise you not to use keys generated from CyberChef in operational contexts.";
+        this.description = `Generates a new public/private PGP key pair. Supports RSA and Eliptic Curve (EC) keys.<br><br>${cryptNotice}`;
         this.infoURL = "https://wikipedia.org/wiki/Pretty_Good_Privacy";
         this.inputType = "string";
         this.outputType = "string";

src/core/operations/GenerateRSAKeyPair.mjs

@@ -7,6 +7,7 @@
 
 import Operation from "../Operation.mjs";
 import forge from "node-forge";
+import { cryptNotice } from "../lib/Crypt.mjs";
 
 /**
  * Generate RSA Key Pair operation
@@ -21,7 +22,7 @@ class GenerateRSAKeyPair extends Operation {
 
         this.name = "Generate RSA Key Pair";
         this.module = "Ciphers";
-        this.description = "Generate an RSA key pair with a given number of bits.<br><br>WARNING: Cryptographic operations in CyberChef should not be relied upon to provide security in any situation. No guarantee is offered for their correctness. We advise you not to use keys generated from CyberChef in operational contexts.";
+        this.description = `Generate an RSA key pair with a given number of bits.<br><br>${cryptNotice}`;
         this.infoURL = "https://wikipedia.org/wiki/RSA_(cryptosystem)";
         this.inputType = "string";
         this.outputType = "string";

src/core/operations/GetAllCasings.mjs

@@ -0,0 +1,53 @@
+/**
+ * @author n1073645 [n1073645@gmail.com]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+
+/**
+ * Permutate String operation
+ */
+class GetAllCasings extends Operation {
+
+    /**
+     * GetAllCasings constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Get All Casings";
+        this.module = "Default";
+        this.description = "Outputs all possible casing variations of a string.";
+        this.infoURL = "";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const length = input.length;
+        const max = 1 << length;
+        input = input.toLowerCase();
+        let result = "";
+
+        for (let i = 0; i < max; i++) {
+            const temp = input.split("");
+            for (let j = 0; j < length; j++) {
+                if (((i >> j) & 1) === 1) {
+                    temp[j] = temp[j].toUpperCase();
+                }
+            }
+            result += temp.join("") + "\n";
+        }
+        return result;
+    }
+}
+
+export default GetAllCasings;

src/core/operations/GetTime.mjs

@@ -0,0 +1,63 @@
+/**
+ * @author n1073645 [n1073645@gmail.com]
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import OperationError from "../errors/OperationError.mjs";
+import {UNITS} from "../lib/DateTime.mjs";
+
+/**
+ * Get Time operation
+ */
+class GetTime extends Operation {
+
+    /**
+     * GetTime constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Get Time";
+        this.module = "Default";
+        this.description = "Generates a timestamp showing the amount of time since the UNIX epoch (1970-01-01 00:00:00 UTC). Uses the W3C High Resolution Time API.";
+        this.infoURL = "https://wikipedia.org/wiki/Unix_time";
+        this.inputType = "string";
+        this.outputType = "number";
+        this.args = [
+            {
+                name: "Granularity",
+                type: "option",
+                value: UNITS
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {number}
+     */
+    run(input, args) {
+        const nowMs = (performance.timeOrigin + performance.now()),
+            granularity = args[0];
+
+        switch (granularity) {
+            case "Nanoseconds (ns)":
+                return Math.round(nowMs * 1000 * 1000);
+            case "Microseconds (μs)":
+                return Math.round(nowMs * 1000);
+            case "Milliseconds (ms)":
+                return Math.round(nowMs);
+            case "Seconds (s)":
+                return Math.round(nowMs / 1000);
+            default:
+                throw new OperationError("Unknown granularity value: " + granularity);
+        }
+    }
+
+}
+
+export default GetTime;

src/core/operations/HAS160.mjs

@@ -20,11 +20,19 @@ class HAS160 extends Operation {
 
         this.name = "HAS-160";
         this.module = "Crypto";
-        this.description = "HAS-160 is a cryptographic hash function designed for use with the Korean KCDSA digital signature algorithm. It is derived from SHA-1, with assorted changes intended to increase its security. It produces a 160-bit output.<br><br>HAS-160 is used in the same way as SHA-1. First it divides input in blocks of 512 bits each and pads the final block. A digest function updates the intermediate hash value by processing the input blocks in turn.<br><br>The message digest algorithm consists of 80 rounds.";
+        this.description = "HAS-160 is a cryptographic hash function designed for use with the Korean KCDSA digital signature algorithm. It is derived from SHA-1, with assorted changes intended to increase its security. It produces a 160-bit output.<br><br>HAS-160 is used in the same way as SHA-1. First it divides input in blocks of 512 bits each and pads the final block. A digest function updates the intermediate hash value by processing the input blocks in turn.<br><br>The message digest algorithm consists, by default, of 80 rounds.";
         this.infoURL = "https://wikipedia.org/wiki/HAS-160";
         this.inputType = "ArrayBuffer";
         this.outputType = "string";
-        this.args = [];
+        this.args = [
+            {
+                name: "Rounds",
+                type: "number",
+                value: 80,
+                min: 1,
+                max: 80
+            }
+        ];
     }
 
     /**
@@ -33,7 +41,7 @@ class HAS160 extends Operation {
      * @returns {string}
      */
     run(input, args) {
-        return runHash("has160", input);
+        return runHash("has160", input, {rounds: args[0]});
     }
 
 }

src/core/operations/HASSHClientFingerprint.mjs

@@ -0,0 +1,166 @@
+/**
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2021
+ * @license Apache-2.0
+ *
+ * HASSH created by Salesforce
+ *   Ben Reardon (@benreardon)
+ *   Adel Karimi (@0x4d31)
+ *   and the JA3 crew:
+ *     John B. Althouse
+ *     Jeff Atkinson
+ *     Josh Atkins
+ *
+ * Algorithm released under the BSD-3-clause licence
+ */
+
+import Operation from "../Operation.mjs";
+import OperationError from "../errors/OperationError.mjs";
+import Utils from "../Utils.mjs";
+import Stream from "../lib/Stream.mjs";
+import {runHash} from "../lib/Hash.mjs";
+
+/**
+ * HASSH Client Fingerprint operation
+ */
+class HASSHClientFingerprint extends Operation {
+
+    /**
+     * HASSHClientFingerprint constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "HASSH Client Fingerprint";
+        this.module = "Crypto";
+        this.description = "Generates a HASSH fingerprint to help identify SSH clients based on hashing together values from the Client Key Exchange Init message.<br><br>Input: A hex stream of the SSH_MSG_KEXINIT packet application layer from Client to Server.";
+        this.infoURL = "https://engineering.salesforce.com/open-sourcing-hassh-abed3ae5044c";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                name: "Input format",
+                type: "option",
+                value: ["Hex", "Base64", "Raw"]
+            },
+            {
+                name: "Output format",
+                type: "option",
+                value: ["Hash digest", "HASSH algorithms string", "Full details"]
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const [inputFormat, outputFormat] = args;
+
+        input = Utils.convertToByteArray(input, inputFormat);
+        const s = new Stream(new Uint8Array(input));
+
+        // Length
+        const length = s.readInt(4);
+        if (s.length !== length + 4)
+            throw new OperationError("Incorrect packet length.");
+
+        // Padding length
+        const paddingLength = s.readInt(1);
+
+        // Message code
+        const messageCode = s.readInt(1);
+        if (messageCode !== 20)
+            throw new OperationError("Not a Key Exchange Init.");
+
+        // Cookie
+        s.moveForwardsBy(16);
+
+        // KEX Algorithms
+        const kexAlgosLength = s.readInt(4);
+        const kexAlgos = s.readString(kexAlgosLength);
+
+        // Server Host Key Algorithms
+        const serverHostKeyAlgosLength = s.readInt(4);
+        s.moveForwardsBy(serverHostKeyAlgosLength);
+
+        // Encryption Algorithms Client to Server
+        const encAlgosC2SLength = s.readInt(4);
+        const encAlgosC2S = s.readString(encAlgosC2SLength);
+
+        // Encryption Algorithms Server to Client
+        const encAlgosS2CLength = s.readInt(4);
+        s.moveForwardsBy(encAlgosS2CLength);
+
+        // MAC Algorithms Client to Server
+        const macAlgosC2SLength = s.readInt(4);
+        const macAlgosC2S = s.readString(macAlgosC2SLength);
+
+        // MAC Algorithms Server to Client
+        const macAlgosS2CLength = s.readInt(4);
+        s.moveForwardsBy(macAlgosS2CLength);
+
+        // Compression Algorithms Client to Server
+        const compAlgosC2SLength = s.readInt(4);
+        const compAlgosC2S = s.readString(compAlgosC2SLength);
+
+        // Compression Algorithms Server to Client
+        const compAlgosS2CLength = s.readInt(4);
+        s.moveForwardsBy(compAlgosS2CLength);
+
+        // Languages Client to Server
+        const langsC2SLength = s.readInt(4);
+        s.moveForwardsBy(langsC2SLength);
+
+        // Languages Server to Client
+        const langsS2CLength = s.readInt(4);
+        s.moveForwardsBy(langsS2CLength);
+
+        // First KEX packet follows
+        s.moveForwardsBy(1);
+
+        // Reserved
+        s.moveForwardsBy(4);
+
+        // Padding string
+        s.moveForwardsBy(paddingLength);
+
+        // Output
+        const hassh = [
+            kexAlgos,
+            encAlgosC2S,
+            macAlgosC2S,
+            compAlgosC2S
+        ];
+        const hasshStr = hassh.join(";");
+        const hasshHash = runHash("md5", Utils.strToArrayBuffer(hasshStr));
+
+        switch (outputFormat) {
+            case "HASSH algorithms string":
+                return hasshStr;
+            case "Full details":
+                return `Hash digest:
+${hasshHash}
+
+Full HASSH algorithms string:
+${hasshStr}
+
+Key Exchange Algorithms:
+${kexAlgos}
+Encryption Algorithms Client to Server:
+${encAlgosC2S}
+MAC Algorithms Client to Server:
+${macAlgosC2S}
+Compression Algorithms Client to Server:
+${compAlgosC2S}`;
+            case "Hash digest":
+            default:
+                return hasshHash;
+        }
+    }
+
+}
+
+export default HASSHClientFingerprint;

src/core/operations/HASSHServerFingerprint.mjs

@@ -0,0 +1,166 @@
+/**
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2021
+ * @license Apache-2.0
+ *
+ * HASSH created by Salesforce
+ *   Ben Reardon (@benreardon)
+ *   Adel Karimi (@0x4d31)
+ *   and the JA3 crew:
+ *     John B. Althouse
+ *     Jeff Atkinson
+ *     Josh Atkins
+ *
+ * Algorithm released under the BSD-3-clause licence
+*/
+
+import Operation from "../Operation.mjs";
+import OperationError from "../errors/OperationError.mjs";
+import Utils from "../Utils.mjs";
+import Stream from "../lib/Stream.mjs";
+import {runHash} from "../lib/Hash.mjs";
+
+/**
+ * HASSH Server Fingerprint operation
+ */
+class HASSHServerFingerprint extends Operation {
+
+    /**
+     * HASSHServerFingerprint constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "HASSH Server Fingerprint";
+        this.module = "Crypto";
+        this.description = "Generates a HASSH fingerprint to help identify SSH servers based on hashing together values from the Server Key Exchange Init message.<br><br>Input: A hex stream of the SSH_MSG_KEXINIT packet application layer from Server to Client.";
+        this.infoURL = "https://engineering.salesforce.com/open-sourcing-hassh-abed3ae5044c";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                name: "Input format",
+                type: "option",
+                value: ["Hex", "Base64", "Raw"]
+            },
+            {
+                name: "Output format",
+                type: "option",
+                value: ["Hash digest", "HASSH algorithms string", "Full details"]
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const [inputFormat, outputFormat] = args;
+
+        input = Utils.convertToByteArray(input, inputFormat);
+        const s = new Stream(new Uint8Array(input));
+
+        // Length
+        const length = s.readInt(4);
+        if (s.length !== length + 4)
+            throw new OperationError("Incorrect packet length.");
+
+        // Padding length
+        const paddingLength = s.readInt(1);
+
+        // Message code
+        const messageCode = s.readInt(1);
+        if (messageCode !== 20)
+            throw new OperationError("Not a Key Exchange Init.");
+
+        // Cookie
+        s.moveForwardsBy(16);
+
+        // KEX Algorithms
+        const kexAlgosLength = s.readInt(4);
+        const kexAlgos = s.readString(kexAlgosLength);
+
+        // Server Host Key Algorithms
+        const serverHostKeyAlgosLength = s.readInt(4);
+        s.moveForwardsBy(serverHostKeyAlgosLength);
+
+        // Encryption Algorithms Client to Server
+        const encAlgosC2SLength = s.readInt(4);
+        s.moveForwardsBy(encAlgosC2SLength);
+
+        // Encryption Algorithms Server to Client
+        const encAlgosS2CLength = s.readInt(4);
+        const encAlgosS2C = s.readString(encAlgosS2CLength);
+
+        // MAC Algorithms Client to Server
+        const macAlgosC2SLength = s.readInt(4);
+        s.moveForwardsBy(macAlgosC2SLength);
+
+        // MAC Algorithms Server to Client
+        const macAlgosS2CLength = s.readInt(4);
+        const macAlgosS2C = s.readString(macAlgosS2CLength);
+
+        // Compression Algorithms Client to Server
+        const compAlgosC2SLength = s.readInt(4);
+        s.moveForwardsBy(compAlgosC2SLength);
+
+        // Compression Algorithms Server to Client
+        const compAlgosS2CLength = s.readInt(4);
+        const compAlgosS2C = s.readString(compAlgosS2CLength);
+
+        // Languages Client to Server
+        const langsC2SLength = s.readInt(4);
+        s.moveForwardsBy(langsC2SLength);
+
+        // Languages Server to Client
+        const langsS2CLength = s.readInt(4);
+        s.moveForwardsBy(langsS2CLength);
+
+        // First KEX packet follows
+        s.moveForwardsBy(1);
+
+        // Reserved
+        s.moveForwardsBy(4);
+
+        // Padding string
+        s.moveForwardsBy(paddingLength);
+
+        // Output
+        const hassh = [
+            kexAlgos,
+            encAlgosS2C,
+            macAlgosS2C,
+            compAlgosS2C
+        ];
+        const hasshStr = hassh.join(";");
+        const hasshHash = runHash("md5", Utils.strToArrayBuffer(hasshStr));
+
+        switch (outputFormat) {
+            case "HASSH algorithms string":
+                return hasshStr;
+            case "Full details":
+                return `Hash digest:
+${hasshHash}
+
+Full HASSH algorithms string:
+${hasshStr}
+
+Key Exchange Algorithms:
+${kexAlgos}
+Encryption Algorithms Server to Client:
+${encAlgosS2C}
+MAC Algorithms Server to Client:
+${macAlgosS2C}
+Compression Algorithms Server to Client:
+${compAlgosS2C}`;
+            case "Hash digest":
+            default:
+                return hasshHash;
+        }
+    }
+
+}
+
+export default HASSHServerFingerprint;

src/core/operations/JA3Fingerprint.mjs

@@ -0,0 +1,205 @@
+/**
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2021
+ * @license Apache-2.0
+ *
+ * JA3 created by Salesforce
+ *   John B. Althouse
+ *   Jeff Atkinson
+ *   Josh Atkins
+ *
+ * Algorithm released under the BSD-3-clause licence
+ */
+
+import Operation from "../Operation.mjs";
+import OperationError from "../errors/OperationError.mjs";
+import Utils from "../Utils.mjs";
+import Stream from "../lib/Stream.mjs";
+import {runHash} from "../lib/Hash.mjs";
+
+/**
+ * JA3 Fingerprint operation
+ */
+class JA3Fingerprint extends Operation {
+
+    /**
+     * JA3Fingerprint constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "JA3 Fingerprint";
+        this.module = "Crypto";
+        this.description = "Generates a JA3 fingerprint to help identify TLS clients based on hashing together values from the Client Hello.<br><br>Input: A hex stream of the TLS Client Hello packet application layer.";
+        this.infoURL = "https://engineering.salesforce.com/tls-fingerprinting-with-ja3-and-ja3s-247362855967";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                name: "Input format",
+                type: "option",
+                value: ["Hex", "Base64", "Raw"]
+            },
+            {
+                name: "Output format",
+                type: "option",
+                value: ["Hash digest", "JA3 string", "Full details"]
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const [inputFormat, outputFormat] = args;
+
+        input = Utils.convertToByteArray(input, inputFormat);
+        const s = new Stream(new Uint8Array(input));
+
+        const handshake = s.readInt(1);
+        if (handshake !== 0x16)
+            throw new OperationError("Not handshake data.");
+
+        // Version
+        s.moveForwardsBy(2);
+
+        // Length
+        const length = s.readInt(2);
+        if (s.length !== length + 5)
+            throw new OperationError("Incorrect handshake length.");
+
+        // Handshake type
+        const handshakeType = s.readInt(1);
+        if (handshakeType !== 1)
+            throw new OperationError("Not a Client Hello.");
+
+        // Handshake length
+        const handshakeLength = s.readInt(3);
+        if (s.length !== handshakeLength + 9)
+            throw new OperationError("Not enough data in Client Hello.");
+
+        // Hello version
+        const helloVersion = s.readInt(2);
+
+        // Random
+        s.moveForwardsBy(32);
+
+        // Session ID
+        const sessionIDLength = s.readInt(1);
+        s.moveForwardsBy(sessionIDLength);
+
+        // Cipher suites
+        const cipherSuitesLength = s.readInt(2);
+        const cipherSuites = s.getBytes(cipherSuitesLength);
+        const cs = new Stream(cipherSuites);
+        const cipherSegment = parseJA3Segment(cs, 2);
+
+        // Compression Methods
+        const compressionMethodsLength = s.readInt(1);
+        s.moveForwardsBy(compressionMethodsLength);
+
+        // Extensions
+        const extensionsLength = s.readInt(2);
+        const extensions = s.getBytes(extensionsLength);
+        const es = new Stream(extensions);
+        let ecsLen, ecs, ellipticCurves = "", ellipticCurvePointFormats = "";
+        const exts = [];
+        while (es.hasMore()) {
+            const type = es.readInt(2);
+            const length = es.readInt(2);
+            switch (type) {
+                case 0x0a: // Elliptic curves
+                    ecsLen = es.readInt(2);
+                    ecs = new Stream(es.getBytes(ecsLen));
+                    ellipticCurves = parseJA3Segment(ecs, 2);
+                    break;
+                case 0x0b: // Elliptic curve point formats
+                    ecsLen = es.readInt(1);
+                    ecs = new Stream(es.getBytes(ecsLen));
+                    ellipticCurvePointFormats = parseJA3Segment(ecs, 1);
+                    break;
+                default:
+                    es.moveForwardsBy(length);
+            }
+            if (!GREASE_CIPHERSUITES.includes(type))
+                exts.push(type);
+        }
+
+        // Output
+        const ja3 = [
+            helloVersion.toString(),
+            cipherSegment,
+            exts.join("-"),
+            ellipticCurves,
+            ellipticCurvePointFormats
+        ];
+        const ja3Str = ja3.join(",");
+        const ja3Hash = runHash("md5", Utils.strToArrayBuffer(ja3Str));
+
+        switch (outputFormat) {
+            case "JA3 string":
+                return ja3Str;
+            case "Full details":
+                return `Hash digest:
+${ja3Hash}
+
+Full JA3 string:
+${ja3Str}
+
+TLS Version:
+${helloVersion.toString()}
+Cipher Suites:
+${cipherSegment}
+Extensions:
+${exts.join("-")}
+Elliptic Curves:
+${ellipticCurves}
+Elliptic Curve Point Formats:
+${ellipticCurvePointFormats}`;
+            case "Hash digest":
+            default:
+                return ja3Hash;
+        }
+    }
+
+}
+
+/**
+ * Parses a JA3 segment, returning a "-" separated list
+ *
+ * @param {Stream} stream
+ * @returns {string}
+ */
+function parseJA3Segment(stream, size=2) {
+    const segment = [];
+    while (stream.hasMore()) {
+        const element = stream.readInt(size);
+        if (!GREASE_CIPHERSUITES.includes(element))
+            segment.push(element);
+    }
+    return segment.join("-");
+}
+
+const GREASE_CIPHERSUITES = [
+    0x0a0a,
+    0x1a1a,
+    0x2a2a,
+    0x3a3a,
+    0x4a4a,
+    0x5a5a,
+    0x6a6a,
+    0x7a7a,
+    0x8a8a,
+    0x9a9a,
+    0xaaaa,
+    0xbaba,
+    0xcaca,
+    0xdada,
+    0xeaea,
+    0xfafa
+];
+
+export default JA3Fingerprint;

src/core/operations/JA3SFingerprint.mjs

@@ -0,0 +1,145 @@
+/**
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2021
+ * @license Apache-2.0
+ *
+ * JA3S created by Salesforce
+ *   John B. Althouse
+ *   Jeff Atkinson
+ *   Josh Atkins
+ *
+ * Algorithm released under the BSD-3-clause licence
+ */
+
+import Operation from "../Operation.mjs";
+import OperationError from "../errors/OperationError.mjs";
+import Utils from "../Utils.mjs";
+import Stream from "../lib/Stream.mjs";
+import {runHash} from "../lib/Hash.mjs";
+
+/**
+ * JA3S Fingerprint operation
+ */
+class JA3SFingerprint extends Operation {
+
+    /**
+     * JA3SFingerprint constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "JA3S Fingerprint";
+        this.module = "Crypto";
+        this.description = "Generates a JA3S fingerprint to help identify TLS servers based on hashing together values from the Server Hello.<br><br>Input: A hex stream of the TLS Server Hello record application layer.";
+        this.infoURL = "https://engineering.salesforce.com/tls-fingerprinting-with-ja3-and-ja3s-247362855967";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                name: "Input format",
+                type: "option",
+                value: ["Hex", "Base64", "Raw"]
+            },
+            {
+                name: "Output format",
+                type: "option",
+                value: ["Hash digest", "JA3S string", "Full details"]
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const [inputFormat, outputFormat] = args;
+
+        input = Utils.convertToByteArray(input, inputFormat);
+        const s = new Stream(new Uint8Array(input));
+
+        const handshake = s.readInt(1);
+        if (handshake !== 0x16)
+            throw new OperationError("Not handshake data.");
+
+        // Version
+        s.moveForwardsBy(2);
+
+        // Length
+        const length = s.readInt(2);
+        if (s.length !== length + 5)
+            throw new OperationError("Incorrect handshake length.");
+
+        // Handshake type
+        const handshakeType = s.readInt(1);
+        if (handshakeType !== 2)
+            throw new OperationError("Not a Server Hello.");
+
+        // Handshake length
+        const handshakeLength = s.readInt(3);
+        if (s.length !== handshakeLength + 9)
+            throw new OperationError("Not enough data in Server Hello.");
+
+        // Hello version
+        const helloVersion = s.readInt(2);
+
+        // Random
+        s.moveForwardsBy(32);
+
+        // Session ID
+        const sessionIDLength = s.readInt(1);
+        s.moveForwardsBy(sessionIDLength);
+
+        // Cipher suite
+        const cipherSuite = s.readInt(2);
+
+        // Compression Method
+        s.moveForwardsBy(1);
+
+        // Extensions
+        const extensionsLength = s.readInt(2);
+        const extensions = s.getBytes(extensionsLength);
+        const es = new Stream(extensions);
+        const exts = [];
+        while (es.hasMore()) {
+            const type = es.readInt(2);
+            const length = es.readInt(2);
+            es.moveForwardsBy(length);
+            exts.push(type);
+        }
+
+        // Output
+        const ja3s = [
+            helloVersion.toString(),
+            cipherSuite,
+            exts.join("-")
+        ];
+        const ja3sStr = ja3s.join(",");
+        const ja3sHash = runHash("md5", Utils.strToArrayBuffer(ja3sStr));
+
+        switch (outputFormat) {
+            case "JA3S string":
+                return ja3sStr;
+            case "Full details":
+                return `Hash digest:
+${ja3sHash}
+
+Full JA3S string:
+${ja3sStr}
+
+TLS Version:
+${helloVersion.toString()}
+Cipher Suite:
+${cipherSuite}
+Extensions:
+${exts.join("-")}`;
+            case "Hash digest":
+            default:
+                return ja3sHash;
+        }
+    }
+
+}
+
+export default JA3SFingerprint;

src/core/operations/JSONToCSV.mjs

@@ -43,15 +43,16 @@ class JSONToCSV extends Operation {
     /**
      * Converts JSON to a CSV equivalent.
      *
+     * @param {boolean} force - Whether to force conversion of data to fit in a cell
      * @returns {string}
      */
-    toCSV() {
+    toCSV(force=false) {
         const self = this;
         // If the JSON is an array of arrays, this is easy
         if (this.flattened[0] instanceof Array) {
             return this.flattened
                 .map(row => row
-                    .map(self.escapeCellContents.bind(self))
+                    .map(d => self.escapeCellContents(d, force))
                     .join(this.cellDelim)
                 )
                 .join(this.rowDelim) +
@@ -61,13 +62,13 @@ class JSONToCSV extends Operation {
         // If it's an array of dictionaries...
         const header = Object.keys(this.flattened[0]);
         return header
-            .map(self.escapeCellContents.bind(self))
+            .map(d => self.escapeCellContents(d, force))
             .join(this.cellDelim) +
             this.rowDelim +
             this.flattened
                 .map(row => header
                     .map(h => row[h])
-                    .map(self.escapeCellContents.bind(self))
+                    .map(d => self.escapeCellContents(d, force))
                     .join(this.cellDelim)
                 )
                 .join(this.rowDelim) +
@@ -98,7 +99,7 @@ class JSONToCSV extends Operation {
                 if (!(this.flattened instanceof Array)) {
                     this.flattened = [this.flattened];
                 }
-                return this.toCSV();
+                return this.toCSV(true);
             } catch (err) {
                 throw new OperationError("Unable to parse JSON to CSV: " + err.toString());
             }
@@ -109,15 +110,17 @@ class JSONToCSV extends Operation {
      * Correctly escapes a cell's contents based on the cell and row delimiters.
      *
      * @param {string} data
+     * @param {boolean} force - Whether to force conversion of data to fit in a cell
      * @returns {string}
      */
-    escapeCellContents(data) {
+    escapeCellContents(data, force=false) {
         if (typeof data === "number") data = data.toString();
+        if (force && typeof data !== "string") data = JSON.stringify(data);
 
         // Double quotes should be doubled up
         data = data.replace(/"/g, '""');
 
-        // If the cell contains a cell or row delimiter or a double quote, it mut be enclosed in double quotes
+        // If the cell contains a cell or row delimiter or a double quote, it must be enclosed in double quotes
         if (
             data.indexOf(this.cellDelim) >= 0 ||
             data.indexOf(this.rowDelim) >= 0 ||

src/core/operations/JWTSign.mjs

@@ -3,10 +3,11 @@
  * @copyright Crown Copyright 2018
  * @license Apache-2.0
  */
-
 import Operation from "../Operation.mjs";
 import jwt from "jsonwebtoken";
 import OperationError from "../errors/OperationError.mjs";
+import {JWT_ALGORITHMS} from "../lib/JWT.mjs";
+
 
 /**
  * JWT Sign operation
@@ -34,18 +35,7 @@ class JWTSign extends Operation {
             {
                 name: "Signing algorithm",
                 type: "option",
-                value: [
-                    "HS256",
-                    "HS384",
-                    "HS512",
-                    "RS256",
-                    "RS384",
-                    "RS512",
-                    "ES256",
-                    "ES384",
-                    "ES512",
-                    "None"
-                ]
+                value: JWT_ALGORITHMS
             }
         ];
     }

src/core/operations/JWTVerify.mjs

@@ -3,10 +3,11 @@
  * @copyright Crown Copyright 2018
  * @license Apache-2.0
  */
-
 import Operation from "../Operation.mjs";
 import jwt from "jsonwebtoken";
 import OperationError from "../errors/OperationError.mjs";
+import {JWT_ALGORITHMS} from "../lib/JWT.mjs";
+
 
 /**
  * JWT Verify operation
@@ -27,7 +28,7 @@ class JWTVerify extends Operation {
         this.outputType = "JSON";
         this.args = [
             {
-                name: "Private/Secret Key",
+                name: "Public/Secret Key",
                 type: "text",
                 value: "secret"
             },
@@ -41,14 +42,11 @@ class JWTVerify extends Operation {
      */
     run(input, args) {
         const [key] = args;
+        const algos = JWT_ALGORITHMS;
+        algos[algos.indexOf("None")] = "none";
 
         try {
-            const verified = jwt.verify(input, key, { algorithms: [
-                "HS256",
-                "HS384",
-                "HS512",
-                "none"
-            ]});
+            const verified = jwt.verify(input, key, { algorithms: algos });
 
             if (Object.prototype.hasOwnProperty.call(verified, "name") && verified.name === "JsonWebTokenError") {
                 throw new OperationError(verified.message);

src/core/operations/Lorenz.mjs

@@ -1,6 +1,9 @@
 /**
  * Emulation of the Lorenz SZ40/42a/42b cipher attachment.
  *
+ * Tested against the Colossus Rebuild at Bletchley Park's TNMOC
+ * using a variety of inputs and settings to confirm correctness.
+ *
  * @author VirtualColossus [martin@virtualcolossus.co.uk]
  * @copyright Crown Copyright 2019
  * @license Apache-2.0
@@ -60,7 +63,8 @@ class Lorenz extends Operation {
             },
             {
                 name: "KT-Schalter",
-                type: "boolean"
+                type: "boolean",
+                value: false
             },
             {
                 name: "Mode",
@@ -375,7 +379,7 @@ class Lorenz extends Operation {
             // Psi wheels only move sometimes, dependent on M37 current setting and limitations
 
             const basicmotor = m37lug;
-            let totalmotor = basicmotor;
+            let totalmotor;
             let lim = 0;
 
             p5[2] = p5[1];

src/core/operations/MD2.mjs

@@ -20,11 +20,18 @@ class MD2 extends Operation {
 
         this.name = "MD2";
         this.module = "Crypto";
-        this.description = "The MD2 (Message-Digest 2) algorithm is a cryptographic hash function developed by Ronald Rivest in 1989. The algorithm is optimized for 8-bit computers.<br><br>Although MD2 is no longer considered secure, even as of 2014, it remains in use in public key infrastructures as part of certificates generated with MD2 and RSA.";
+        this.description = "The MD2 (Message-Digest 2) algorithm is a cryptographic hash function developed by Ronald Rivest in 1989. The algorithm is optimized for 8-bit computers.<br><br>Although MD2 is no longer considered secure, even as of 2014, it remains in use in public key infrastructures as part of certificates generated with MD2 and RSA. The message digest algorithm consists, by default, of 18 rounds.";
         this.infoURL = "https://wikipedia.org/wiki/MD2_(cryptography)";
         this.inputType = "ArrayBuffer";
         this.outputType = "string";
-        this.args = [];
+        this.args = [
+            {
+                name: "Rounds",
+                type: "number",
+                value: 18,
+                min: 0
+            }
+        ];
     }
 
     /**
@@ -33,7 +40,7 @@ class MD2 extends Operation {
      * @returns {string}
      */
     run(input, args) {
-        return runHash("md2", input);
+        return runHash("md2", input, {rounds: args[0]});
     }
 
 }

src/core/operations/MicrosoftScriptDecoder.mjs

@@ -24,6 +24,13 @@ class MicrosoftScriptDecoder extends Operation {
         this.inputType = "string";
         this.outputType = "string";
         this.args = [];
+        this.checks = [
+            {
+                pattern: "#@~\\^.{6}==(.+).{6}==\\^#~@",
+                flags: "i",
+                args: []
+            }
+        ];
     }
 
     /**

src/core/operations/OpticalCharacterRecognition.mjs

@@ -51,7 +51,7 @@ class OpticalCharacterRecognition extends Operation {
     async run(input, args) {
         const [showConfidence] = args;
 
-        if (!isWorkerEnvironment()) throw OperationError("This operation only works in a browser");
+        if (!isWorkerEnvironment()) throw new OperationError("This operation only works in a browser");
 
         const type = isImage(input);
         if (!type) {

src/core/operations/PHPDeserialize.mjs

@@ -111,7 +111,7 @@ class PHPDeserialize extends Operation {
                     } else {
                         const numberCheck = lastItem.match(/[0-9]+/);
                         if (args[0] && numberCheck && numberCheck[0].length === lastItem.length) {
-                            result.push("\"" + lastItem + "\": " + item);
+                            result.push('"' + lastItem + '": ' + item);
                         } else {
                             result.push(lastItem + ": " + item);
                         }
@@ -149,11 +149,11 @@ class PHPDeserialize extends Operation {
                     const length = readUntil(":");
                     expect("\"");
                     const value = read(length);
-                    expect("\";");
+                    expect('";');
                     if (args[0]) {
-                        return "\"" + value.replace(/"/g, "\\\"") + "\"";
+                        return '"' + value.replace(/"/g, '\\"') + '"'; // lgtm [js/incomplete-sanitization]
                     } else {
-                        return "\"" + value + "\"";
+                        return '"' + value + '"';
                     }
                 }
 

src/core/operations/ParseIPv6Address.mjs

@@ -165,11 +165,94 @@ class ParseIPv6Address extends Operation {
                 // Multicast
                 output += "\nThis is a reserved multicast address.";
                 output += "\nMulticast addresses range: ff00::/8";
+
+                switch (ipv6[0]) {
+                    case 0xff01:
+                        output += "\n\nReserved Multicast Block for Interface Local Scope";
+                        break;
+                    case 0xff02:
+                        output += "\n\nReserved Multicast Block for Link Local Scope";
+                        break;
+                    case 0xff03:
+                        output += "\n\nReserved Multicast Block for Realm Local Scope";
+                        break;
+                    case 0xff04:
+                        output += "\n\nReserved Multicast Block for Admin Local Scope";
+                        break;
+                    case 0xff05:
+                        output += "\n\nReserved Multicast Block for Site Local Scope";
+                        break;
+                    case 0xff08:
+                        output += "\n\nReserved Multicast Block for Organisation Local Scope";
+                        break;
+                    case 0xff0e:
+                        output += "\n\nReserved Multicast Block for Global Scope";
+                        break;
+                }
+
+                if (ipv6[6] === 1) {
+                    if (ipv6[7] === 2) {
+                        output += "\nReserved Multicast Address for 'All DHCP Servers and Relay Agents (defined in RFC3315)'";
+                    } else if (ipv6[7] === 3) {
+                        output += "\nReserved Multicast Address for 'All LLMNR Hosts (defined in RFC4795)'";
+                    }
+                } else {
+                    switch (ipv6[7]) {
+                        case 1:
+                            output += "\nReserved Multicast Address for 'All nodes'";
+                            break;
+                        case 2:
+                            output += "\nReserved Multicast Address for 'All routers'";
+                            break;
+                        case 5:
+                            output += "\nReserved Multicast Address for 'OSPFv3 - All OSPF routers'";
+                            break;
+                        case 6:
+                            output += "\nReserved Multicast Address for 'OSPFv3 - All Designated Routers'";
+                            break;
+                        case 8:
+                            output += "\nReserved Multicast Address for 'IS-IS for IPv6 Routers'";
+                            break;
+                        case 9:
+                            output += "\nReserved Multicast Address for 'RIP Routers'";
+                            break;
+                        case 0xa:
+                            output += "\nReserved Multicast Address for 'EIGRP Routers'";
+                            break;
+                        case 0xc:
+                            output += "\nReserved Multicast Address for 'Simple Service Discovery Protocol'";
+                            break;
+                        case 0xd:
+                            output += "\nReserved Multicast Address for 'PIM Routers'";
+                            break;
+                        case 0x16:
+                            output += "\nReserved Multicast Address for 'MLDv2 Reports (defined in RFC3810)'";
+                            break;
+                        case 0x6b:
+                            output += "\nReserved Multicast Address for 'Precision Time Protocol v2 Peer Delay Measurement Messages'";
+                            break;
+                        case 0xfb:
+                            output += "\nReserved Multicast Address for 'Multicast DNS'";
+                            break;
+                        case 0x101:
+                            output += "\nReserved Multicast Address for 'Network Time Protocol'";
+                            break;
+                        case 0x108:
+                            output += "\nReserved Multicast Address for 'Network Information Service'";
+                            break;
+                        case 0x114:
+                            output += "\nReserved Multicast Address for 'Experiments'";
+                            break;
+                        case 0x181:
+                            output += "\nReserved Multicast Address for 'Precision Time Protocol v2 Messages (exc. Peer Delay)'";
+                            break;
+                    }
+                }
             }
 
 
             // Detect possible EUI-64 addresses
-            if ((ipv6[5] & 0xff === 0xff) && (ipv6[6] >>> 8 === 0xfe)) {
+            if (((ipv6[5] & 0xff) === 0xff) && (ipv6[6] >>> 8 === 0xfe)) {
                 output += "\n\nThis IPv6 address contains a modified EUI-64 address, identified by the presence of FF:FE in the 12th and 13th octets.";
 
                 const intIdent = Utils.hex(ipv6[4] >>> 8) + ":" + Utils.hex(ipv6[4] & 0xff) + ":" +

src/core/operations/ParseSSHHostKey.mjs

@@ -87,7 +87,7 @@ class ParseSSHHostKey extends Operation {
      * @returns {byteArray}
      */
     convertKeyToBinary(inputKey, inputFormat) {
-        const keyPattern = new RegExp(/^(?:[ssh]|[ecdsa-sha2])\S+\s+(\S*)/),
+        const keyPattern = new RegExp(/^(?:ssh|ecdsa-sha2)\S+\s+(\S*)/),
             keyMatch = inputKey.match(keyPattern);
 
         if (keyMatch) {

src/core/operations/ProtobufDecode.mjs

@@ -20,12 +20,30 @@ class ProtobufDecode extends Operation {
         super();
 
         this.name = "Protobuf Decode";
-        this.module = "Default";
-        this.description = "Decodes any Protobuf encoded data to a JSON representation of the data using the field number as the field key.";
+        this.module = "Protobuf";
+        this.description = "Decodes any Protobuf encoded data to a JSON representation of the data using the field number as the field key.<br><br>If a .proto schema is defined, the encoded data will be decoded with reference to the schema. Only one message instance will be decoded. <br><br><u>Show Unknown Fields</u><br>When a schema is used, this option shows fields that are present in the input data but not defined in the schema.<br><br><u>Show Types</u><br>Show the type of a field next to its name. For undefined fields, the wiretype and example types are shown instead.";
         this.infoURL = "https://wikipedia.org/wiki/Protocol_Buffers";
         this.inputType = "ArrayBuffer";
         this.outputType = "JSON";
-        this.args = [];
+        this.args = [
+            {
+                name: "Schema (.proto text)",
+                type: "text",
+                value: "",
+                rows: 8,
+                hint: "Drag and drop is enabled on this ingredient"
+            },
+            {
+                name: "Show Unknown Fields",
+                type: "boolean",
+                value: false
+            },
+            {
+                name: "Show Types",
+                type: "boolean",
+                value: false
+            }
+        ];
     }
 
     /**
@@ -36,7 +54,7 @@ class ProtobufDecode extends Operation {
     run(input, args) {
         input = new Uint8Array(input);
         try {
-            return Protobuf.decode(input);
+            return Protobuf.decode(input, args);
         } catch (err) {
             throw new OperationError(err);
         }

src/core/operations/ProtobufEncode.mjs

@@ -0,0 +1,54 @@
+/**
+ * @author GCHQ Contributor [3]
+ * @copyright Crown Copyright 2021
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import OperationError from "../errors/OperationError.mjs";
+import Protobuf from "../lib/Protobuf.mjs";
+
+/**
+ * Protobuf Encode operation
+ */
+class ProtobufEncode extends Operation {
+
+    /**
+     * ProtobufEncode constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Protobuf Encode";
+        this.module = "Protobuf";
+        this.description = "Encodes a valid JSON object into a protobuf byte array using the input .proto schema.";
+        this.infoURL = "https://developers.google.com/protocol-buffers/docs/encoding";
+        this.inputType = "JSON";
+        this.outputType = "ArrayBuffer";
+        this.args = [
+            {
+                name: "Schema (.proto text)",
+                type: "text",
+                value: "",
+                rows: 8,
+                hint: "Drag and drop is enabled on this ingredient"
+            }
+        ];
+    }
+
+    /**
+     * @param {Object} input
+     * @param {Object[]} args
+     * @returns {ArrayBuffer}
+     */
+    run(input, args) {
+        try {
+            return Protobuf.encode(input, args);
+        } catch (error) {
+            throw new OperationError(error);
+        }
+    }
+
+}
+
+export default ProtobufEncode;

src/core/operations/RegularExpression.mjs

@@ -45,7 +45,7 @@ class RegularExpression extends Operation {
                     },
                     {
                         name: "Email address",
-                        value: "(?:[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\\.[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|\"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*\")@(?:(?:[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9](?:[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9-]*[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9])?\\.)+[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9](?:[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9-]*[\u00A0-\uD7FF\uE000-\uFFFF-a-z0-9])?|\\[(?:(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9]))\\.){3}(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9])|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\\])"
+                        value: "(?:[\\u00A0-\\uD7FF\\uE000-\\uFFFFa-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\\.[\\u00A0-\\uD7FF\\uE000-\\uFFFFa-z0-9!#$%&'*+/=?^_`{|}~-]+)*|\"(?:[\\x01-\\x08\\x0b\\x0c\\x0e-\\x1f\\x21\\x23-\\x5b\\x5d-\\x7f]|\\[\\x01-\\x09\\x0b\\x0c\\x0e-\\x7f])*\")@(?:(?:[\\u00A0-\\uD7FF\\uE000-\\uFFFFa-z0-9](?:[\\u00A0-\\uD7FF\\uE000-\\uFFFF-a-z0-9-]*[\\u00A0-\\uD7FF\\uE000-\\uFFFFa-z0-9])?\\.)+[\\u00A0-\\uD7FF\\uE000-\\uFFFFa-z0-9](?:[\\u00A0-\\uD7FF\\uE000-\\uFFFFa-z0-9-]*[\\u00A0-\\uD7FF\\uE000-\\uFFFFa-z0-9])?|\\[(?:(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9]))\\.){3}\\])"
                     },
                     {
                         name: "URL",
@@ -185,7 +185,7 @@ class RegularExpression extends Operation {
  * @param {boolean} captureGroups - Display each of the capture groups separately
  * @returns {string}
  */
-function regexList (input, regex, displayTotal, matches, captureGroups) {
+function regexList(input, regex, displayTotal, matches, captureGroups) {
     let output = "",
         total = 0,
         match;
@@ -225,7 +225,7 @@ function regexList (input, regex, displayTotal, matches, captureGroups) {
  * @param {boolean} displayTotal
  * @returns {string}
  */
-function regexHighlight (input, regex, displayTotal) {
+function regexHighlight(input, regex, displayTotal) {
     let output = "",
         title = "",
         hl = 1,

src/core/operations/SHA0.mjs

@@ -20,11 +20,18 @@ class SHA0 extends Operation {
 
         this.name = "SHA0";
         this.module = "Crypto";
-        this.description = "SHA-0 is a retronym applied to the original version of the 160-bit hash function published in 1993 under the name 'SHA'. It was withdrawn shortly after publication due to an undisclosed 'significant flaw' and replaced by the slightly revised version SHA-1.";
+        this.description = "SHA-0 is a retronym applied to the original version of the 160-bit hash function published in 1993 under the name 'SHA'. It was withdrawn shortly after publication due to an undisclosed 'significant flaw' and replaced by the slightly revised version SHA-1. The message digest algorithm consists, by default, of 80 rounds.";
         this.infoURL = "https://wikipedia.org/wiki/SHA-1#SHA-0";
         this.inputType = "ArrayBuffer";
         this.outputType = "string";
-        this.args = [];
+        this.args = [
+            {
+                name: "Rounds",
+                type: "number",
+                value: 80,
+                min: 16
+            }
+        ];
     }
 
     /**
@@ -33,7 +40,7 @@ class SHA0 extends Operation {
      * @returns {string}
      */
     run(input, args) {
-        return runHash("sha0", input);
+        return runHash("sha0", input, {rounds: args[0]});
     }
 
 }

src/core/operations/SHA1.mjs

@@ -20,11 +20,18 @@ class SHA1 extends Operation {
 
         this.name = "SHA1";
         this.module = "Crypto";
-        this.description = "The SHA (Secure Hash Algorithm) hash functions were designed by the NSA. SHA-1 is the most established of the existing SHA hash functions and it is used in a variety of security applications and protocols.<br><br>However, SHA-1's collision resistance has been weakening as new attacks are discovered or improved.";
+        this.description = "The SHA (Secure Hash Algorithm) hash functions were designed by the NSA. SHA-1 is the most established of the existing SHA hash functions and it is used in a variety of security applications and protocols.<br><br>However, SHA-1's collision resistance has been weakening as new attacks are discovered or improved. The message digest algorithm consists, by default, of 80 rounds.";
         this.infoURL = "https://wikipedia.org/wiki/SHA-1";
         this.inputType = "ArrayBuffer";
         this.outputType = "string";
-        this.args = [];
+        this.args = [
+            {
+                name: "Rounds",
+                type: "number",
+                value: 80,
+                min: 16
+            }
+        ];
     }
 
     /**
@@ -33,7 +40,7 @@ class SHA1 extends Operation {
      * @returns {string}
      */
     run(input, args) {
-        return runHash("sha1", input);
+        return runHash("sha1", input, {rounds: args[0]});
     }
 
 }

src/core/operations/SHA2.mjs

@@ -20,15 +20,58 @@ class SHA2 extends Operation {
 
         this.name = "SHA2";
         this.module = "Crypto";
-        this.description = "The SHA-2 (Secure Hash Algorithm 2) hash functions were designed by the NSA. SHA-2 includes significant changes from its predecessor, SHA-1. The SHA-2 family consists of hash functions with digests (hash values) that are 224, 256, 384 or 512 bits: SHA224, SHA256, SHA384, SHA512.<br><br><ul><li>SHA-512 operates on 64-bit words.</li><li>SHA-256 operates on 32-bit words.</li><li>SHA-384 is largely identical to SHA-512 but is truncated to 384 bytes.</li><li>SHA-224 is largely identical to SHA-256 but is truncated to 224 bytes.</li><li>SHA-512/224 and SHA-512/256 are truncated versions of SHA-512, but the initial values are generated using the method described in Federal Information Processing Standards (FIPS) PUB 180-4.</li></ul>";
+        this.description = "The SHA-2 (Secure Hash Algorithm 2) hash functions were designed by the NSA. SHA-2 includes significant changes from its predecessor, SHA-1. The SHA-2 family consists of hash functions with digests (hash values) that are 224, 256, 384 or 512 bits: SHA224, SHA256, SHA384, SHA512.<br><br><ul><li>SHA-512 operates on 64-bit words.</li><li>SHA-256 operates on 32-bit words.</li><li>SHA-384 is largely identical to SHA-512 but is truncated to 384 bytes.</li><li>SHA-224 is largely identical to SHA-256 but is truncated to 224 bytes.</li><li>SHA-512/224 and SHA-512/256 are truncated versions of SHA-512, but the initial values are generated using the method described in Federal Information Processing Standards (FIPS) PUB 180-4.</li></ul> The message digest algorithm for SHA256 variants consists, by default, of 64 rounds, and for SHA512 variants, it is, by default, 160.";
         this.infoURL = "https://wikipedia.org/wiki/SHA-2";
         this.inputType = "ArrayBuffer";
         this.outputType = "string";
         this.args = [
             {
-                "name": "Size",
-                "type": "option",
-                "value": ["512", "256", "384", "224", "512/256", "512/224"]
+                name: "Size",
+                type: "argSelector",
+                value: [
+                    {
+                        name: "512",
+                        on: [2],
+                        off: [1]
+                    },
+                    {
+                        name: "384",
+                        on: [2],
+                        off: [1]
+                    },
+                    {
+                        name: "256",
+                        on: [1],
+                        off: [2]
+                    },
+                    {
+                        name: "224",
+                        on: [1],
+                        off: [2]
+                    },
+                    {
+                        name: "512/256",
+                        on: [2],
+                        off: [1]
+                    },
+                    {
+                        name: "512/224",
+                        on: [2],
+                        off: [1]
+                    }
+                ]
+            },
+            {
+                name: "Rounds", // For SHA256 variants
+                type: "number",
+                value: 64,
+                min: 16
+            },
+            {
+                name: "Rounds", // For SHA512 variants
+                type: "number",
+                value: 160,
+                min: 32
             }
         ];
     }
@@ -40,7 +83,8 @@ class SHA2 extends Operation {
      */
     run(input, args) {
         const size = args[0];
-        return runHash("sha" + size, input);
+        const rounds = (size === "256" || size === "224") ? args[1] : args[2];
+        return runHash("sha" + size, input, {rounds: rounds});
     }
 
 }

src/core/operations/SIGABA.mjs

@@ -0,0 +1,287 @@
+/**
+ * Emulation of the SIGABA machine.
+ *
+ * @author hettysymes
+ * @copyright hettysymes 2020
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import {LETTERS} from "../lib/Enigma.mjs";
+import {NUMBERS, CR_ROTORS, I_ROTORS, SigabaMachine, CRRotor, IRotor} from "../lib/SIGABA.mjs";
+
+/**
+ * Sigaba operation
+ */
+class Sigaba extends Operation {
+
+    /**
+     * Sigaba constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "SIGABA";
+        this.module = "Bletchley";
+        this.description = "Encipher/decipher with the WW2 SIGABA machine. <br><br>SIGABA, otherwise known as ECM Mark II, was used by the United States for message encryption during WW2 up to the 1950s. It was developed in the 1930s by the US Army and Navy, and has up to this day never been broken. Consisting of 15 rotors: 5 cipher rotors and 10 rotors (5 control rotors and 5 index rotors) controlling the stepping of the cipher rotors, the rotor stepping for SIGABA is much more complex than other rotor machines of its time, such as Enigma. All example rotor wirings are random example sets.<br><br>To configure rotor wirings, for the cipher and control rotors enter a string of letters which map from A to Z, and for the index rotors enter a sequence of numbers which map from 0 to 9. Note that encryption is not the same as decryption, so first choose the desired mode. <br><br> Note: Whilst this has been tested against other software emulators, it has not been tested against hardware.";
+        this.infoURL = "https://wikipedia.org/wiki/SIGABA";
+        this.inputType = "string";
+        this.outputType = "string";
+        this.args = [
+            {
+                name: "1st (left-hand) cipher rotor",
+                type: "editableOption",
+                value: CR_ROTORS,
+                defaultIndex: 0
+            },
+            {
+                name: "1st cipher rotor reversed",
+                type: "boolean",
+                value: false
+            },
+            {
+                name: "1st cipher rotor intial value",
+                type: "option",
+                value: LETTERS
+            },
+            {
+                name: "2nd cipher rotor",
+                type: "editableOption",
+                value: CR_ROTORS,
+                defaultIndex: 0
+            },
+            {
+                name: "2nd cipher rotor reversed",
+                type: "boolean",
+                value: false
+            },
+            {
+                name: "2nd cipher rotor intial value",
+                type: "option",
+                value: LETTERS
+            },
+            {
+                name: "3rd (middle) cipher rotor",
+                type: "editableOption",
+                value: CR_ROTORS,
+                defaultIndex: 0
+            },
+            {
+                name: "3rd cipher rotor reversed",
+                type: "boolean",
+                value: false
+            },
+            {
+                name: "3rd cipher rotor intial value",
+                type: "option",
+                value: LETTERS
+            },
+            {
+                name: "4th cipher rotor",
+                type: "editableOption",
+                value: CR_ROTORS,
+                defaultIndex: 0
+            },
+            {
+                name: "4th cipher rotor reversed",
+                type: "boolean",
+                value: false
+            },
+            {
+                name: "4th cipher rotor intial value",
+                type: "option",
+                value: LETTERS
+            },
+            {
+                name: "5th (right-hand) cipher rotor",
+                type: "editableOption",
+                value: CR_ROTORS,
+                defaultIndex: 0
+            },
+            {
+                name: "5th cipher rotor reversed",
+                type: "boolean",
+                value: false
+            },
+            {
+                name: "5th cipher rotor intial value",
+                type: "option",
+                value: LETTERS
+            },
+            {
+                name: "1st (left-hand) control rotor",
+                type: "editableOption",
+                value: CR_ROTORS,
+                defaultIndex: 0
+            },
+            {
+                name: "1st control rotor reversed",
+                type: "boolean",
+                value: false
+            },
+            {
+                name: "1st control rotor intial value",
+                type: "option",
+                value: LETTERS
+            },
+            {
+                name: "2nd control rotor",
+                type: "editableOption",
+                value: CR_ROTORS,
+                defaultIndex: 0
+            },
+            {
+                name: "2nd control rotor reversed",
+                type: "boolean",
+                value: false
+            },
+            {
+                name: "2nd control rotor intial value",
+                type: "option",
+                value: LETTERS
+            },
+            {
+                name: "3rd (middle) control rotor",
+                type: "editableOption",
+                value: CR_ROTORS,
+                defaultIndex: 0
+            },
+            {
+                name: "3rd control rotor reversed",
+                type: "boolean",
+                value: false
+            },
+            {
+                name: "3rd control rotor intial value",
+                type: "option",
+                value: LETTERS
+            },
+            {
+                name: "4th control rotor",
+                type: "editableOption",
+                value: CR_ROTORS,
+                defaultIndex: 0
+            },
+            {
+                name: "4th control rotor reversed",
+                type: "boolean",
+                value: false
+            },
+            {
+                name: "4th control rotor intial value",
+                type: "option",
+                value: LETTERS
+            },
+            {
+                name: "5th (right-hand) control rotor",
+                type: "editableOption",
+                value: CR_ROTORS,
+                defaultIndex: 0
+            },
+            {
+                name: "5th control rotor reversed",
+                type: "boolean",
+                value: false
+            },
+            {
+                name: "5th control rotor intial value",
+                type: "option",
+                value: LETTERS
+            },
+            {
+                name: "1st (left-hand) index rotor",
+                type: "editableOption",
+                value: I_ROTORS,
+                defaultIndex: 0
+            },
+            {
+                name: "1st index rotor intial value",
+                type: "option",
+                value: NUMBERS
+            },
+            {
+                name: "2nd index rotor",
+                type: "editableOption",
+                value: I_ROTORS,
+                defaultIndex: 0
+            },
+            {
+                name: "2nd index rotor intial value",
+                type: "option",
+                value: NUMBERS
+            },
+            {
+                name: "3rd (middle) index rotor",
+                type: "editableOption",
+                value: I_ROTORS,
+                defaultIndex: 0
+            },
+            {
+                name: "3rd index rotor intial value",
+                type: "option",
+                value: NUMBERS
+            },
+            {
+                name: "4th index rotor",
+                type: "editableOption",
+                value: I_ROTORS,
+                defaultIndex: 0
+            },
+            {
+                name: "4th index rotor intial value",
+                type: "option",
+                value: NUMBERS
+            },
+            {
+                name: "5th (right-hand) index rotor",
+                type: "editableOption",
+                value: I_ROTORS,
+                defaultIndex: 0
+            },
+            {
+                name: "5th index rotor intial value",
+                type: "option",
+                value: NUMBERS
+            },
+            {
+                name: "SIGABA mode",
+                type: "option",
+                value: ["Encrypt", "Decrypt"]
+            }
+        ];
+    }
+
+    /**
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const sigabaSwitch = args[40];
+        const cipherRotors = [];
+        const controlRotors = [];
+        const indexRotors = [];
+        for (let i=0; i<5; i++) {
+            const rotorWiring = args[i*3];
+            cipherRotors.push(new CRRotor(rotorWiring, args[i*3+2], args[i*3+1]));
+        }
+        for (let i=5; i<10; i++) {
+            const rotorWiring = args[i*3];
+            controlRotors.push(new CRRotor(rotorWiring, args[i*3+2], args[i*3+1]));
+        }
+        for (let i=15; i<20; i++) {
+            const rotorWiring = args[i*2];
+            indexRotors.push(new IRotor(rotorWiring, args[i*2+1]));
+        }
+        const sigaba = new SigabaMachine(cipherRotors, controlRotors, indexRotors);
+        let result;
+        if (sigabaSwitch === "Encrypt") {
+            result = sigaba.encrypt(input);
+        } else if (sigabaSwitch === "Decrypt") {
+            result = sigaba.decrypt(input);
+        }
+        return result;
+    }
+
+}
+export default Sigaba;

src/core/operations/SM3.mjs

@@ -0,0 +1,57 @@
+/**
+ * @author n1073645 [n1073645@gmail.com]
+ * @copyright Crown Copyright 2020
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Utils from "../Utils.mjs";
+import Sm3 from "crypto-api/src/hasher/sm3.mjs";
+import {toHex} from "crypto-api/src/encoder/hex.mjs";
+
+/**
+ * SM3 operation
+ */
+class SM3 extends Operation {
+
+    /**
+     * SM3 constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "SM3";
+        this.module = "Crypto";
+        this.description = "SM3 is a cryptographic hash function used in the Chinese National Standard. SM3 is mainly used in digital signatures, message authentication codes, and pseudorandom number generators. The message digest algorithm consists, by default, of 64 rounds and length of 256.";
+        this.infoURL = "https://wikipedia.org/wiki/SM3_(hash_function)";
+        this.inputType = "ArrayBuffer";
+        this.outputType = "string";
+        this.args = [
+            {
+                name: "Length",
+                type: "number",
+                value: 256
+            },
+            {
+                name: "Rounds",
+                type: "number",
+                value: 64,
+                min: 16
+            }
+        ];
+    }
+
+    /**
+     * @param {ArrayBuffer} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        const msg = Utils.arrayBufferToStr(input, false);
+        const hasher = new Sm3({length: args[0], rounds: args[1]});
+        hasher.update(msg);
+        return toHex(hasher.finalize());
+    }
+}
+
+export default SM3;

src/core/operations/ScatterChart.mjs

@@ -87,7 +87,7 @@ class ScatterChart extends Operation {
         const recordDelimiter = Utils.charRep(args[0]),
             fieldDelimiter = Utils.charRep(args[1]),
             columnHeadingsAreIncluded = args[2],
-            fillColour = args[5],
+            fillColour = Utils.escapeHtml(args[5]),
             radius = args[6],
             colourInInput = args[7],
             dimension = 500;

src/core/operations/SeriesChart.mjs

@@ -72,7 +72,10 @@ class SeriesChart extends Operation {
             fieldDelimiter = Utils.charRep(args[1]),
             xLabel = args[2],
             pipRadius = args[3],
-            seriesColours = args[4].split(","),
+            // Escape HTML from all colours to prevent reflected XSS. See https://github.com/gchq/CyberChef/issues/1265
+            seriesColours = args[4].split(",").map((colour) => {
+                return Utils.escapeHtml(colour);
+            }),
             svgWidth = 500,
             interSeriesPadding = 20,
             xAxisHeight = 50,

src/core/operations/SharpenImage.mjs

@@ -81,7 +81,7 @@ class SharpenImage extends Operation {
 
             if (isWorkerEnvironment())
                 self.sendStatusMessage("Sharpening image... (Blurring cloned image)");
-            const blurImage = gaussianBlur(image.clone(), radius, 3);
+            const blurImage = gaussianBlur(image.clone(), radius);
 
 
             if (isWorkerEnvironment())

src/core/operations/Snefru.mjs

@@ -26,14 +26,17 @@ class Snefru extends Operation {
         this.outputType = "string";
         this.args = [
             {
-                "name": "Rounds",
-                "type": "option",
-                "value": ["8", "4", "2"]
+                name: "Size",
+                type: "number",
+                value: 128,
+                min: 32,
+                max: 480,
+                step: 32
             },
             {
-                "name": "Size",
-                "type": "option",
-                "value": ["256", "128"]
+                name: "Rounds",
+                type: "option",
+                value: ["8", "4", "2"]
             }
         ];
     }
@@ -45,8 +48,8 @@ class Snefru extends Operation {
      */
     run(input, args) {
         return runHash("snefru", input, {
-            rounds: args[0],
-            length: args[1]
+            length: args[0],
+            rounds: args[1]
         });
     }
 

src/core/operations/Sort.mjs

@@ -125,7 +125,7 @@ class Sort extends Operation {
                 const ret = a_[i].localeCompare(b_[i]); // Compare strings
                 if (ret !== 0) return ret;
             }
-            if (!isNaN(a_[i]) && !isNaN(a_[i])) { // Compare numbers
+            if (!isNaN(a_[i]) && !isNaN(b_[i])) { // Compare numbers
                 if (a_[i] - b_[i] !== 0) return a_[i] - b_[i];
             }
         }
@@ -163,7 +163,7 @@ class Sort extends Operation {
                 const ret = a_[i].localeCompare(b_[i]); // Compare strings
                 if (ret !== 0) return ret;
             }
-            if (!isNaN(a_[i]) && !isNaN(a_[i])) { // Compare numbers
+            if (!isNaN(a_[i]) && !isNaN(b_[i])) { // Compare numbers
                 if (a_[i] - b_[i] !== 0) return a_[i] - b_[i];
             }
         }

src/core/operations/ToBase45.mjs

@@ -0,0 +1,78 @@
+/**
+ * @author Thomas Weißschuh [thomas@t-8ch.de]
+ * @copyright Crown Copyright 2021
+ * @license Apache-2.0
+ */
+
+import {ALPHABET, highlightToBase45, highlightFromBase45} from "../lib/Base45.mjs";
+import Operation from "../Operation.mjs";
+import Utils from "../Utils.mjs";
+
+/**
+ * To Base45 operation
+ */
+class ToBase45 extends Operation {
+
+    /**
+     * ToBase45 constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "To Base45";
+        this.module = "Default";
+        this.description = "Base45 is a notation for encoding arbitrary byte data using a restricted set of symbols that can be conveniently used by humans and processed by computers. The high number base results in shorter strings than with the decimal or hexadecimal system. Base45 is optimized for usage with QR codes.";
+        this.infoURL = "https://wikipedia.org/wiki/List_of_numeral_systems";
+        this.inputType = "ArrayBuffer";
+        this.outputType = "string";
+        this.args = [
+            {
+                name: "Alphabet",
+                type: "string",
+                value: ALPHABET
+            }
+        ];
+
+        this.highlight = highlightToBase45;
+        this.highlightReverse = highlightFromBase45;
+    }
+
+    /**
+     * @param {ArrayBuffer} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    run(input, args) {
+        input = new Uint8Array(input);
+        const alphabet = Utils.expandAlphRange(args[0]);
+        if (!input) return "";
+
+        const res = [];
+
+        for (const pair of Utils.chunked(input, 2)) {
+            let b = 0;
+            for (const e of pair) {
+                b *= 256;
+                b += e;
+            }
+
+            let chars = 0;
+            do {
+                res.push(alphabet[b % 45]);
+                chars++;
+                b = Math.floor(b / 45);
+            } while (b > 0);
+
+            if (chars < 2) {
+                res.push("0");
+            }
+        }
+
+
+        return res.join("");
+
+    }
+
+}
+
+export default ToBase45;

src/core/operations/ToCharcode.mjs

@@ -52,7 +52,7 @@ class ToCharcode extends Operation {
         const delim = Utils.charRep(args[0] || "Space"),
             base = args[1];
         let output = "",
-            padding = 2,
+            padding,
             ordinal;
 
         if (base < 2 || base > 36) {

src/core/operations/ToHexdump.mjs

@@ -6,6 +6,7 @@
 
 import Operation from "../Operation.mjs";
 import Utils from "../Utils.mjs";
+import OperationError from "../errors/OperationError.mjs";
 
 /**
  * To Hexdump operation
@@ -20,7 +21,7 @@ class ToHexdump extends Operation {
 
         this.name = "To Hexdump";
         this.module = "Default";
-        this.description = "Creates a hexdump of the input data, displaying both the hexadecimal values of each byte and an ASCII representation alongside.";
+        this.description = "Creates a hexdump of the input data, displaying both the hexadecimal values of each byte and an ASCII representation alongside.<br><br>The 'UNIX format' argument defines which subset of printable characters are displayed in the preview column.";
         this.infoURL = "https://wikipedia.org/wiki/Hex_dump";
         this.inputType = "ArrayBuffer";
         this.outputType = "string";
@@ -28,7 +29,8 @@ class ToHexdump extends Operation {
             {
                 "name": "Width",
                 "type": "number",
-                "value": 16
+                "value": 16,
+                "min": 1
             },
             {
                 "name": "Upper case hex",
@@ -39,6 +41,11 @@ class ToHexdump extends Operation {
                 "name": "Include final length",
                 "type": "boolean",
                 "value": false
+            },
+            {
+                "name": "UNIX format",
+                "type": "boolean",
+                "value": false
             }
         ];
     }
@@ -50,9 +57,12 @@ class ToHexdump extends Operation {
      */
     run(input, args) {
         const data = new Uint8Array(input);
-        const [length, upperCase, includeFinalLength] = args;
+        const [length, upperCase, includeFinalLength, unixFormat] = args;
         const padding = 2;
 
+        if (length < 1 || Math.round(length) !== length)
+            throw new OperationError("Width must be a positive integer");
+
         let output = "";
         for (let i = 0; i < data.length; i += length) {
             const buff = data.slice(i, i+length);
@@ -70,7 +80,9 @@ class ToHexdump extends Operation {
 
             output += lineNo + "  " +
                 hexa.padEnd(length*(padding+1), " ") +
-                " |" + Utils.printable(Utils.byteArrayToChars(buff)).padEnd(buff.length, " ") + "|\n";
+                " |" +
+                Utils.printable(Utils.byteArrayToChars(buff), false, unixFormat).padEnd(buff.length, " ") +
+                "|\n";
 
             if (includeFinalLength && i+buff.length === data.length) {
                 output += Utils.hex(i+buff.length, 8) + "\n";

src/core/operations/Typex.mjs

@@ -1,6 +1,9 @@
 /**
  * Emulation of the Typex machine.
  *
+ * Tested against a genuine Typex machine using a variety of inputs
+ * and settings to confirm correctness.
+ *
  * @author s2224834
  * @copyright Crown Copyright 2019
  * @license Apache-2.0

src/core/operations/UnescapeUnicodeCharacters.mjs

@@ -47,7 +47,6 @@ class UnescapeUnicodeCharacters extends Operation {
         while ((m = regex.exec(input))) {
             // Add up to match
             output += input.slice(i, m.index);
-            i = m.index;
 
             // Add match
             output += Utils.chr(parseInt(m[1], 16));

src/core/operations/Whirlpool.mjs

@@ -26,9 +26,16 @@ class Whirlpool extends Operation {
         this.outputType = "string";
         this.args = [
             {
-                "name": "Variant",
-                "type": "option",
-                "value": ["Whirlpool", "Whirlpool-T", "Whirlpool-0"]
+                name: "Variant",
+                type: "option",
+                value: ["Whirlpool", "Whirlpool-T", "Whirlpool-0"]
+            },
+            {
+                name: "Rounds",
+                type: "number",
+                value: 10,
+                min: 1,
+                max: 10
             }
         ];
     }
@@ -40,7 +47,7 @@ class Whirlpool extends Operation {
      */
     run(input, args) {
         const variant = args[0].toLowerCase();
-        return runHash(variant, input);
+        return runHash(variant, input, {rounds: args[1]});
     }
 
 }

src/node/api.mjs

@@ -10,7 +10,7 @@
 
 import NodeDish from "./NodeDish.mjs";
 import NodeRecipe from "./NodeRecipe.mjs";
-import OperationConfig from "../core/config/OperationConfig.json";
+import OperationConfig from "../core/config/OperationConfig.json" assert {type: "json"};
 import { sanitise, removeSubheadingsFromArray, sentenceToCamelCase } from "./apiUtils.mjs";
 import ExcludedOperationError from "../core/errors/ExcludedOperationError.mjs";
 

src/node/cjs.js

@@ -1,13 +0,0 @@
-/**
- * Export the main ESM module as CommonJS
- *
- *
- * @author d98762656 [d98762625@gmail.com]
- * @copyright Crown Copyright 2019
- * @license Apache-2.0
- */
-
-/* eslint no-global-assign: ["off"] */
-require = require("esm")(module);
-module.exports = require("./index.mjs");
-module.exports.File = require("./File.mjs");

src/node/config/scripts/generateNodeIndex.mjs

@@ -41,7 +41,7 @@ let code = `/**
 import NodeDish from "./NodeDish.mjs";
 import { _wrap, help, bake, _explainExcludedFunction } from "./api.mjs";
 import File from "./File.mjs";
-import { OperationError, DishError, ExcludedOperationError } from "../core/errors/index";
+import { OperationError, DishError, ExcludedOperationError } from "../core/errors/index.mjs";
 import {
     // import as core_ to avoid name clashes after wrap.
 `;
@@ -52,7 +52,7 @@ includedOperations.forEach((op) => {
 });
 
 code +=`
-} from "../core/operations/index";
+} from "../core/operations/index.mjs";
 
 global.File = File;
 

src/node/repl.mjs

@@ -7,8 +7,8 @@
  * @license Apache-2.0
  */
 
-const chef = require("./cjs.js");
-const repl = require("repl");
+import chef from "./index.mjs";
+import repl from "repl";
 
 
 /* eslint no-console: ["off"] */