feat(AES): add CFB block mode

aykxt · Mar 13, 2021 · 39bb513 · 39bb513
1 parent 5db6174
commit 39bb513
Show file tree

Hide file tree

Showing 6 changed files with 101 additions and 16 deletions.
diff --git a/aes.ts b/aes.ts
@@ -1,2 +1,2 @@
-export { AesCbc, AesEcb } from "./src/aes/mod.ts";
+export { AesCbc, AesCfb, AesEcb } from "./src/aes/mod.ts";
 export { Padding } from "./src/utils/padding.ts";
diff --git a/mod.ts b/mod.ts
@@ -1,3 +1,3 @@
 export { BlowfishCbc, BlowfishEcb } from "./blowfish.ts";
-export { AesCbc, AesEcb } from "./aes.ts";
+export { AesCbc, AesCfb, AesEcb } from "./aes.ts";
 export { Padding } from "./src/utils/padding.ts";
diff --git a/src/aes/aes.ts b/src/aes/aes.ts
@@ -9,7 +9,7 @@ export class AES {
 
   constructor(key: Uint8Array) {
     if (![16, 24, 32].includes(key.length)) {
-      throw new Error("Key must be 16, 24 or 32 bytes long");
+      throw new Error("Invalid key size (must be either 16, 24 or 32 bytes)");
     }
 
     const nk = key.length / 4;

diff --git a/src/aes/cipher.ts b/src/aes/cipher.ts
@@ -2,6 +2,18 @@ import { AES } from "./aes.ts";
 import { pad, Padding, unpad } from "../utils/padding.ts";
 import { BlockCipher } from "../common/blockcipher.ts";
 
+function checkBlockSize(size: number) {
+  if (size % AES.BLOCK_SIZE !== 0) {
+    throw new Error("Invalid data size (must be multiple of 16 bytes)");
+  }
+}
+
+function checkIvSize(size: number) {
+  if (size != AES.BLOCK_SIZE) {
+    throw new Error("Invalid initialization vector size (must be 16 bytes)");
+  }
+}
+
 export class AesEcb implements BlockCipher {
   #aes: AES;
 
@@ -25,9 +37,7 @@ export class AesEcb implements BlockCipher {
   }
 
   decrypt(data: Uint8Array): Uint8Array {
-    if ((data.length % AES.BLOCK_SIZE) !== 0) {
-      throw new Error("invalid data size (must be multiple of 16 bytes)");
-    }
+    checkBlockSize(data.length);
 
     const decrypted = data.slice();
 
@@ -48,11 +58,9 @@ export class AesCbc implements BlockCipher {
     iv: Uint8Array,
     private padding: Padding = Padding.NONE,
   ) {
-    if (iv.length != AES.BLOCK_SIZE) {
-      throw new Error("invalid initialation vector size (must be 16 bytes)");
-    }
+    checkIvSize(iv.length);
 
-    this.#prev = iv;
+    this.#prev = iv.slice();
     this.#aes = new AES(key);
   }
 
@@ -72,13 +80,12 @@ export class AesCbc implements BlockCipher {
       this.#prev = block;
     }
 
+    this.#prev = this.#prev.slice();
     return encrypted;
   }
 
   decrypt(data: Uint8Array): Uint8Array {
-    if ((data.length % 16) !== 0) {
-      throw new Error("invalid data size (must be multiple of 16 bytes)");
-    }
+    checkBlockSize(data.length);
 
     const decrypted = data.slice();
 
@@ -93,6 +100,60 @@ export class AesCbc implements BlockCipher {
       this.#prev = data.subarray(i, i + AES.BLOCK_SIZE);
     }
 
+    this.#prev = this.#prev.slice();
+    return unpad(decrypted, this.padding, AES.BLOCK_SIZE);
+  }
+}
+
+export class AesCfb implements BlockCipher {
+  #aes: AES;
+  #prev: Uint8Array;
+
+  constructor(
+    key: Uint8Array,
+    iv: Uint8Array,
+    private padding: Padding = Padding.NONE,
+  ) {
+    checkIvSize(iv.length);
+
+    this.#prev = iv.slice();
+    this.#aes = new AES(key);
+  }
+
+  encrypt(data: Uint8Array): Uint8Array {
+    data = pad(data, this.padding, AES.BLOCK_SIZE);
+
+    const encrypted = new Uint8Array(data.length);
+
+    for (let i = 0; i < data.length; i += AES.BLOCK_SIZE) {
+      this.#aes.encrypt(this.#prev);
+
+      for (let j = 0; j < AES.BLOCK_SIZE; j++) {
+        encrypted[i + j] = this.#prev[j] ^ data[i + j];
+      }
+
+      this.#prev = encrypted.slice(i, i + AES.BLOCK_SIZE);
+    }
+
+    return encrypted;
+  }
+
+  decrypt(data: Uint8Array): Uint8Array {
+    checkBlockSize(data.length);
+
+    const decrypted = new Uint8Array(data.length);
+
+    for (let i = 0; i < data.length; i += 16) {
+      this.#aes.encrypt(this.#prev);
+
+      for (let j = 0; j < 16; j++) {
+        decrypted[i + j] = this.#prev[j] ^ data[i + j];
+      }
+
+      this.#prev = data.subarray(i, i + 16);
+    }
+
+    this.#prev = this.#prev.slice();
     return unpad(decrypted, this.padding, AES.BLOCK_SIZE);
   }
 }
diff --git a/src/aes/mod.ts b/src/aes/mod.ts
@@ -1 +1 @@
-export { AesCbc, AesEcb } from "./cipher.ts";
+export { AesCbc, AesCfb, AesEcb } from "./cipher.ts";
diff --git a/tests/aes.test.ts b/tests/aes.test.ts
@@ -1,5 +1,5 @@
-import { assertEquals } from "../dev_deps.ts";
-import { AesCbc, AesEcb } from "../aes.ts";
+import { assertEquals, assertThrows } from "../dev_deps.ts";
+import { AesCbc, AesCfb, AesEcb } from "../aes.ts";
 
 // deno-fmt-ignore
 const iv = new Uint8Array([1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16]);
@@ -19,6 +19,14 @@ Deno.test("AES-128-ECB ", () => {
 
   const dec = cipher.decrypt(enc);
   assertEquals(dec, original);
+
+  assertThrows(
+    () => {
+      new AesEcb(new Uint8Array(17));
+    },
+    Error,
+    "Invalid key size (must be either 16, 24 or 32 bytes)",
+  );
 });
 
 Deno.test("AES-192-ECB", () => {
@@ -54,3 +62,19 @@ Deno.test("AES-128-CBC", () => {
 
   assertEquals(dec, original);
 });
+
+Deno.test("AES-128-CFB ", () => {
+  // deno-fmt-ignore
+  const key = new Uint8Array([1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16]);
+  const iv = new Uint8Array(16);
+
+  const original = new Uint8Array(32);
+
+  const cipher = new AesCfb(key, iv);
+  const decipher = new AesCfb(key, iv);
+
+  const enc = cipher.encrypt(original);
+  const dec = decipher.decrypt(enc);
+
+  assertEquals(dec, original);
+});