From 09ee2ab282176f235f26d6a2d4e039cbd6eb3494 Mon Sep 17 00:00:00 2001 From: Alanscut Date: Fri, 3 Sep 2021 17:51:45 +0800 Subject: [PATCH] feat: custom KDF hasher --- src/cipher-core.js | 13 +++++++++---- test/config-test.js | 25 +++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 4 deletions(-) diff --git a/src/cipher-core.js b/src/cipher-core.js index 5086638..125632c 100644 --- a/src/cipher-core.js +++ b/src/cipher-core.js @@ -765,14 +765,19 @@ CryptoJS.lib.Cipher || (function (undefined) { * var derivedParams = CryptoJS.kdf.OpenSSL.execute('Password', 256/32, 128/32); * var derivedParams = CryptoJS.kdf.OpenSSL.execute('Password', 256/32, 128/32, 'saltsalt'); */ - execute: function (password, keySize, ivSize, salt) { + execute: function (password, keySize, ivSize, salt, hasher) { // Generate random salt if (!salt) { salt = WordArray.random(64/8); } // Derive key and IV - var key = EvpKDF.create({ keySize: keySize + ivSize }).compute(password, salt); + if (!hasher) { + var key = EvpKDF.create({ keySize: keySize + ivSize }).compute(password, salt); + } else { + var key = EvpKDF.create({ keySize: keySize + ivSize, hasher: hasher }).compute(password, salt); + } + // Separate key and IV var iv = WordArray.create(key.words.slice(keySize), ivSize * 4); @@ -819,7 +824,7 @@ CryptoJS.lib.Cipher || (function (undefined) { cfg = this.cfg.extend(cfg); // Derive key and other params - var derivedParams = cfg.kdf.execute(password, cipher.keySize, cipher.ivSize, cfg.salt); + var derivedParams = cfg.kdf.execute(password, cipher.keySize, cipher.ivSize, cfg.salt, cfg.hasher); // Add IV to config cfg.iv = derivedParams.iv; @@ -858,7 +863,7 @@ CryptoJS.lib.Cipher || (function (undefined) { ciphertext = this._parse(ciphertext, cfg.format); // Derive key and other params - var derivedParams = cfg.kdf.execute(password, cipher.keySize, cipher.ivSize, ciphertext.salt); + var derivedParams = cfg.kdf.execute(password, cipher.keySize, cipher.ivSize, ciphertext.salt, cfg.hasher); // Add IV to config cfg.iv = derivedParams.iv; diff --git a/test/config-test.js b/test/config-test.js index 090e9fd..c09e425 100644 --- a/test/config-test.js +++ b/test/config-test.js @@ -21,6 +21,31 @@ YUI.add('config-test', function (Y) { var encryptedB = C.AES.encrypt('Test', 'Pass', { salt: this.data.saltB }); Y.Assert.areEqual('Test', C.AES.decrypt(encryptedA, 'Pass').toString(C.enc.Utf8)); Y.Assert.areEqual('Test', C.AES.decrypt(encryptedB, 'Pass').toString(C.enc.Utf8)); + }, + + testCustomKDFHasher: function () { + //SHA1 + let encryptedSHA1 = C.AES.encrypt('Test', 'Pass', { salt: this.data.saltA, hasher: C.algo.SHA1}).toString(); + Y.Assert.areEqual('Test', C.AES.decrypt(encryptedSHA1, 'Pass', { hasher: C.algo.SHA1}).toString(C.enc.Utf8)); + + //SHA256 + let encryptedSHA256 = C.AES.encrypt('Test', 'Pass', { salt: this.data.saltA, hasher: C.algo.SHA256}).toString(); + Y.Assert.areEqual('Test', C.AES.decrypt(encryptedSHA256, 'Pass', { hasher: C.algo.SHA256}).toString(C.enc.Utf8)); + + //SHA512 + let encryptedSHA512 = C.AES.encrypt('Test', 'Pass', { salt: this.data.saltA, hasher: C.algo.SHA512}).toString(); + Y.Assert.areEqual('Test', C.AES.decrypt(encryptedSHA512, 'Pass', { hasher: C.algo.SHA512}).toString(C.enc.Utf8)); + + //Default: MD5 + let encryptedDefault = C.AES.encrypt('Test', 'Pass', { salt: this.data.saltA }).toString(); + let encryptedMD5 = C.AES.encrypt('Test', 'Pass', { salt: this.data.saltA, hasher: C.algo.MD5}).toString(); + Y.Assert.areEqual('Test', C.AES.decrypt(encryptedMD5, 'Pass', { hasher: C.algo.MD5}).toString(C.enc.Utf8)); + Y.Assert.areEqual(encryptedDefault, encryptedMD5); + + //Different KDFHasher + Y.Assert.areNotEqual(encryptedDefault, encryptedSHA1); + Y.Assert.areNotEqual(encryptedDefault, encryptedSHA256); + Y.Assert.areNotEqual(encryptedDefault, encryptedSHA512); } })); }, '$Rev$'); \ No newline at end of file