|
|
var MODES = require('./modes') var AuthCipher = require('./authCipher') var Buffer = require('safe-buffer').Buffer var StreamCipher = require('./streamCipher') var Transform = require('cipher-base') var aes = require('./aes') var ebtk = require('evp_bytestokey') var inherits = require('inherits')
function Cipher (mode, key, iv) { Transform.call(this)
this._cache = new Splitter() this._cipher = new aes.AES(key) this._prev = Buffer.from(iv) this._mode = mode this._autopadding = true }
inherits(Cipher, Transform)
Cipher.prototype._update = function (data) { this._cache.add(data) var chunk var thing var out = []
while ((chunk = this._cache.get())) { thing = this._mode.encrypt(this, chunk) out.push(thing) }
return Buffer.concat(out) }
var PADDING = Buffer.alloc(16, 0x10)
Cipher.prototype._final = function () { var chunk = this._cache.flush() if (this._autopadding) { chunk = this._mode.encrypt(this, chunk) this._cipher.scrub() return chunk }
if (!chunk.equals(PADDING)) { this._cipher.scrub() throw new Error('data not multiple of block length') } }
Cipher.prototype.setAutoPadding = function (setTo) { this._autopadding = !!setTo return this }
function Splitter () { this.cache = Buffer.allocUnsafe(0) }
Splitter.prototype.add = function (data) { this.cache = Buffer.concat([this.cache, data]) }
Splitter.prototype.get = function () { if (this.cache.length > 15) { var out = this.cache.slice(0, 16) this.cache = this.cache.slice(16) return out } return null }
Splitter.prototype.flush = function () { var len = 16 - this.cache.length var padBuff = Buffer.allocUnsafe(len)
var i = -1 while (++i < len) { padBuff.writeUInt8(len, i) }
return Buffer.concat([this.cache, padBuff]) }
function createCipheriv (suite, password, iv) { var config = MODES[suite.toLowerCase()] if (!config) throw new TypeError('invalid suite type')
if (typeof password === 'string') password = Buffer.from(password) if (password.length !== config.key / 8) throw new TypeError('invalid key length ' + password.length)
if (typeof iv === 'string') iv = Buffer.from(iv) if (config.mode !== 'GCM' && iv.length !== config.iv) throw new TypeError('invalid iv length ' + iv.length)
if (config.type === 'stream') { return new StreamCipher(config.module, password, iv) } else if (config.type === 'auth') { return new AuthCipher(config.module, password, iv) }
return new Cipher(config.module, password, iv) }
function createCipher (suite, password) { var config = MODES[suite.toLowerCase()] if (!config) throw new TypeError('invalid suite type')
var keys = ebtk(password, false, config.key, config.iv) return createCipheriv(suite, keys.key, keys.iv) }
exports.createCipheriv = createCipheriv exports.createCipher = createCipher
|