UNPKG

jcrypto

Version:

JavaScript white-box cryptography tools.

github.com/tsu-iscd/jcrypto

tsu-iscd/jcrypto

110 lines (84 loc) 2.95 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
# jCrypto These are an experimental white-box cryptography tools for JavaScript obfuscation. ## Algorithms - white-box AES128-CTR - white-box HMAC-SHA256 ## Installation ```bash npm install jcrypto ``` or ```bash git clone https://github.com/tsu-iscd/jcrypto.git cd jcrypto npm install ``` ## API ### Code generation ```node var key = '0123456789abcdef'; var jcrypto = require('jcrypto'); var options = { encoding: 'hex', wrapper: 'UMD', mangle: { names: true, properties: true }, file: 'path/to/aes.js' }; // btw you can call it without options argument, default options described below jcrypto.generateAes(key, options); options.file = 'path/to/hmac.js'; jcrypto.generateHmac(key, options); ``` Code generation options: * `encoding` -- key characters encoding; posible values: `hex` or `str` (default) * `wrapper` -- code wrapping; posible values: `UMD`, `IIFE` or nothing (default) * `mangle` -- mangle names/properties option, properties cache file `./aes-cache.json` for aes and `./hmac-cache.json` for hmac; possible values: `{names: true, properties: true}` (default both false) * `file` -- output file option; path to file or return value (default) ### Encryption ```node var aes = require('path/to/aes.js'); var plaintext = 'Hello, world!'; var options = { counter: '1826e4111826e4111826e4111826e411', encoding: 'str' }; var ciphertext = aes.encrypt(plaintext, options); var output = aes.decrypt(ciphertext, options); // Hello, world! ``` Encryption options: * `counter` -- counter for CTR AES mode; string 32 symbols (default 0) * `encoding` -- plain text or encrypt text encoding; posible values are `hex` or `str`(default) ### Hashing ```node var hash = require('path/to/hmac.js'); var text = 'Hello, world!'; var options = { encoding: 'str' } var output = hash(text, options); // 8dcb6767c395b28b46ea0f0216cb3aa25b6ff46f0181ab035f3cf7fd3914c45e ``` Hashing options: * `encoding` -- text encoding; posible values are `hex` or `str`(default) ## Command line interface The `bin/jcrypto` utility can be used to generate code of white-box crypto algorithm. It accepts as arguments its secret key, output file and the following options: * `-a, --algorithm` - crypto algorithms: aes, hmac. * `-h, --help` - display help. * `-k, --key` - secret key. * `-e, --encoding` - key characters encoding; posible values: hex. * `-o, --output` - output file. Example: ```bash $ bin/jcrypto -a aes -k 1234567891234567 -o wbaes.js ``` ## Contributors - Denis Kolegov - Oleg Broslavsky - Nikita Oleksov ## References 1. [En] [Oleg Broslavsky, Denis Kolegov, Nikita Oleksov. White-Box HMAC.] (http://www.slideshare.net/yalegko/whitebox-hmac-make-your-cipher-secure-to-whitebox-attacks) 2. [Ru] [Oleg Broslavsky, Denis Kolegov, Nikita Oleksov. HMAC Obfuscation Method for Implementation in Untrusted Systems. ](http://www.mathnet.ru/links/31303c3ca85d02fecff4f980a844ddc1/pdma275.pdf)