Merge pull request #20 from xdmnl/master

siacomuzzi · web-flow · commit 1df27747afba · 2017-03-17T16:20:34.000-03:00
Fix autopadding issue with for 3DES algorithm
diff --git a/lib/xmlenc.js b/lib/xmlenc.js
@@ -10,13 +10,13 @@ function encryptKeyInfoWithScheme(symmetricKey, options, scheme, callback) {
     var rsa_pub = pki.publicKeyFromPem(options.rsa_pub);
     var encrypted = rsa_pub.encrypt(symmetricKey.toString('binary'), scheme);
     var base64EncodedEncryptedKey = new Buffer(encrypted, 'binary').toString('base64');
-    
+
     var params = {
       encryptedKey:  base64EncodedEncryptedKey,
       encryptionPublicCert: '<X509Data><X509Certificate>' + utils.pemToCert(options.pem.toString()) + '</X509Certificate></X509Data>',
       keyEncryptionMethod: options.keyEncryptionAlgorighm
     };
-    
+
     var result = utils.renderTemplate('keyinfo', params);
     callback(null, result);
   } catch (e) {
@@ -31,7 +31,7 @@ function encryptKeyInfo(symmetricKey, options, callback) {
     return callback(new Error('must provide options.rsa_pub with public key RSA'));
   if (!options.pem)
     return callback(new Error('must provide options.pem with certificate'));
-  
+
   if (!options.keyEncryptionAlgorighm)
     return callback(new Error('encryption without encrypted key is not supported yet'));
 
@@ -122,8 +122,6 @@ function decrypt(xml, options, callback) {
     return callback(new Error('must provide XML to encrypt'));
   if (!options.key)
     return callback(new Error('key option is mandatory and you should provide a valid RSA private key'));
-  
-  var decrypted;
 
   try {
     var doc = typeof xml === 'string' ? new xmldom.DOMParser().parseFromString(xml) : xml;
@@ -132,59 +130,23 @@ function decrypt(xml, options, callback) {
     var encryptionMethod = xpath.select("//*[local-name(.)='EncryptedData']/*[local-name(.)='EncryptionMethod']", doc)[0];
     var encryptionAlgorithm = encryptionMethod.getAttribute('Algorithm');
 
-    var decipher;
-    var padding;
     var encryptedContent = xpath.select("//*[local-name(.)='EncryptedData']/*[local-name(.)='CipherData']/*[local-name(.)='CipherValue']", doc)[0];
-    
+
     var encrypted = new Buffer(encryptedContent.textContent, 'base64');
-    
+
     switch (encryptionAlgorithm) {
       case 'http://www.w3.org/2001/04/xmlenc#aes128-cbc':
-        decipher = crypto.createDecipheriv('aes-128-cbc', symmetricKey, encrypted.slice(0, 16));
-
-        decipher.setAutoPadding(false);
-        decrypted = decipher.update(encrypted.slice(16), null, 'binary') + decipher.final('binary');
-
-        // Remove padding bytes equal to the value of the last byte of the returned data.
-        padding = decrypted.charCodeAt(decrypted.length - 1);
-        if (1 <= padding && padding <= 16) {
-          decrypted = decrypted.substr(0, decrypted.length - padding);
-        } else {
-          callback(new Error('padding length invalid'));
-          return;
-        }
-        
-        decrypted = new Buffer(decrypted, 'binary').toString('utf8');
-        break;
+        return callback(null, decryptWithAlgorithm('aes-128-cbc', symmetricKey, 16, encrypted));
       case 'http://www.w3.org/2001/04/xmlenc#aes256-cbc':
-        decipher = crypto.createDecipheriv('aes-256-cbc', symmetricKey, encrypted.slice(0, 16));
-
-        decipher.setAutoPadding(false);
-        decrypted = decipher.update(encrypted.slice(16), null, 'binary') + decipher.final('binary');
-
-        // Remove padding bytes equal to the value of the last byte of the returned data.
-        padding = decrypted.charCodeAt(decrypted.length - 1);
-        if (1 <= padding && padding <= 16) {
-          decrypted = decrypted.substr(0, decrypted.length - padding);
-        } else {
-          callback(new Error('padding length invalid'));
-          return;
-        }
-        decrypted = new Buffer(decrypted, 'binary').toString('utf8');
-        break;
+        return callback(null, decryptWithAlgorithm('aes-256-cbc', symmetricKey, 16, encrypted));
       case 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc':
-        decipher = crypto.createDecipheriv('des-ede3-cbc', symmetricKey, encrypted.slice(0,8));
-        decrypted = decipher.update(encrypted.slice(8), null, 'binary') + decipher.final('binary');
-        decrypted = new Buffer(decrypted, 'binary').toString('utf8');
-        break;
+        return callback(null, decryptWithAlgorithm('des-ede3-cbc', symmetricKey, 8, encrypted));
       default:
         return callback(new Error('encryption algorithm ' + encryptionAlgorithm + ' not supported'));
     }
   } catch (e) {
     return callback(e);
   }
-  
-  callback(null, decrypted);
 }
 
 function decryptKeyInfo(doc, options) {
@@ -193,7 +155,7 @@ function decryptKeyInfo(doc, options) {
   var keyRetrievalMethodUri;
   var keyInfo = xpath.select("//*[local-name(.)='KeyInfo' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']", doc)[0];
   var keyEncryptionMethod = xpath.select("//*[local-name(.)='KeyInfo']/*[local-name(.)='EncryptedKey']/*[local-name(.)='EncryptionMethod']", doc)[0];
-  
+
   if (!keyEncryptionMethod) { // try with EncryptedData->KeyInfo->RetrievalMethod
     var keyRetrievalMethod = xpath.select("//*[local-name(.)='EncryptedData']/*[local-name(.)='KeyInfo']/*[local-name(.)='RetrievalMethod']", doc)[0];
     keyRetrievalMethodUri = keyRetrievalMethod ? keyRetrievalMethod.getAttribute('URI') : null;
@@ -235,14 +197,32 @@ function encryptWithAlgorithm(algorithm, symmetricKey, ivLength, content, encodi
   // create a random iv for algorithm
   crypto.randomBytes(ivLength, function(err, iv) {
     if (err) return callback(err);
-    
+
     var cipher = crypto.createCipheriv(algorithm, symmetricKey, iv);
     // encrypted content
     var encrypted = cipher.update(content, encoding, 'binary') + cipher.final('binary');
     return callback(null, Buffer.concat([iv, new Buffer(encrypted, 'binary')]));
   });
 }
 
+function decryptWithAlgorithm(algorithm, symmetricKey, ivLength, content) {
+  var decipher = crypto.createDecipheriv(algorithm, symmetricKey, content.slice(0,ivLength));
+  decipher.setAutoPadding(false);
+
+  var decrypted = decipher.update(content.slice(ivLength), null, 'binary') + decipher.final('binary');
+
+  // Remove padding bytes equal to the value of the last byte of the returned data.
+  var padding = decrypted.charCodeAt(decrypted.length - 1);
+  if (1 <= padding && padding <= ivLength) {
+    decrypted = decrypted.substr(0, decrypted.length - padding);
+  } else {
+    callback(new Error('padding length invalid'));
+    return;
+  }
+
+  return new Buffer(decrypted, 'binary').toString('utf8');
+}
+
 exports = module.exports = {
   decrypt: decrypt,
   encrypt: encrypt,
diff --git a/test/xmlenc.encryptedkey.js b/test/xmlenc.encryptedkey.js
@@ -8,110 +8,55 @@ var xpath = require('xpath');
 
 describe('encrypt', function() {
 
-  it('should encrypt and decrypt xml (aes256-cbc)', function (done) {
-    // cert created with:
-    // openssl req -x509 -new -newkey rsa:2048 -nodes -subj '/CN=auth0.auth0.com/O=Auth0 LLC/C=US/ST=Washington/L=Redmond' -keyout auth0.key -out auth0.pem
-    // pub key extracted from (only the RSA public key between BEGIN PUBLIC KEY and END PUBLIC KEY)
-    // openssl x509 -in "test-auth0.pem" -pubkey 
-
-    var options = {
-      rsa_pub: fs.readFileSync(__dirname + '/test-auth0_rsa.pub'),
-      pem: fs.readFileSync(__dirname + '/test-auth0.pem'),
-      key: fs.readFileSync(__dirname + '/test-auth0.key'),
+  var algorithms = [{
+    name: 'aes-256-cbc',
+    encryptionOptions: {
       encryptionAlgorithm: 'http://www.w3.org/2001/04/xmlenc#aes256-cbc',
       keyEncryptionAlgorighm: 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'
-    };
-
-    xmlenc.encrypt('content to encrypt', options, function(err, result) {  
-      xmlenc.decrypt(result, { key: fs.readFileSync(__dirname + '/test-auth0.key')}, function(err, decrypted) {
-        assert.equal(decrypted, 'content to encrypt');
-        done();
-      });
-    });
-  });
-
-  it('should encrypt and decrypt xml (aes256-cbc with utf8 chars)', function (done) {
-    // cert created with:
-    // openssl req -x509 -new -newkey rsa:2048 -nodes -subj '/CN=auth0.auth0.com/O=Auth0 LLC/C=US/ST=Washington/L=Redmond' -keyout auth0.key -out auth0.pem
-    // pub key extracted from (only the RSA public key between BEGIN PUBLIC KEY and END PUBLIC KEY)
-    // openssl x509 -in "test-auth0.pem" -pubkey 
-
-    var options = {
-      rsa_pub: fs.readFileSync(__dirname + '/test-auth0_rsa.pub'),
-      pem: fs.readFileSync(__dirname + '/test-auth0.pem'),
-      key: fs.readFileSync(__dirname + '/test-auth0.key'),
-      encryptionAlgorithm: 'http://www.w3.org/2001/04/xmlenc#aes256-cbc',
-      keyEncryptionAlgorighm: 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'
-    };
-
-    xmlenc.encrypt('Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge', options, function(err, result) {  
-      xmlenc.decrypt(result, { key: fs.readFileSync(__dirname + '/test-auth0.key')}, function(err, decrypted) {
-        assert.equal(decrypted, 'Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge');
-        done();
-      });
-    });
-  });
-
-  it('should encrypt and decrypt xml (aes128-cbc) with utf8 chars', function (done) {
-    // cert created with:
-    // openssl req -x509 -new -newkey rsa:2048 -nodes -subj '/CN=auth0.auth0.com/O=Auth0 LLC/C=US/ST=Washington/L=Redmond' -keyout auth0.key -out auth0.pem
-    // pub key extracted from (only the RSA public key between BEGIN PUBLIC KEY and END PUBLIC KEY)
-    // openssl x509 -in "test-auth0.pem" -pubkey 
-
-    var options = {
-      rsa_pub: fs.readFileSync(__dirname + '/test-auth0_rsa.pub'),
-      pem: fs.readFileSync(__dirname + '/test-auth0.pem'),
-      key: fs.readFileSync(__dirname + '/test-auth0.key'),
+    }
+  }, {
+    name: 'aes-128-cbc',
+    encryptionOptions: {
       encryptionAlgorithm: 'http://www.w3.org/2001/04/xmlenc#aes128-cbc',
       keyEncryptionAlgorighm: 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'
-    };
+    }
+  }, {
+    name: 'des-ede3-cbc',
+    encryptionOptions: {
+      encryptionAlgorithm: 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc',
+      keyEncryptionAlgorighm: 'http://www.w3.org/2001/04/xmlenc#rsa-1_5'
+    }
+  }];
 
-    xmlenc.encrypt('Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge', options, function (err, result) {
-      xmlenc.decrypt(result, { key: fs.readFileSync(__dirname + '/test-auth0.key')}, function (err, decrypted) {
-        assert.equal(decrypted, 'Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge');
-        done();
+  algorithms.forEach(function (algorithm) {
+    describe(algorithm.name, function () {
+      it('should encrypt and decrypt xml', function (done) {
+        _shouldEncryptAndDecrypt('content to encrypt', algorithm.encryptionOptions, done);
       });
-    });
-  });
-
-  it('should encrypt and decrypt xml (aes128-cbc)', function (done) {
-    var options = {
-      rsa_pub: fs.readFileSync(__dirname + '/test-auth0_rsa.pub'),
-      pem: fs.readFileSync(__dirname + '/test-auth0.pem'),
-      key: fs.readFileSync(__dirname + '/test-auth0.key'),
-      encryptionAlgorithm: 'http://www.w3.org/2001/04/xmlenc#aes128-cbc',
-      keyEncryptionAlgorighm: 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'
-    };
 
-    xmlenc.encrypt('content to encrypt', options, function (err, result) {
-      xmlenc.decrypt(result, { key: fs.readFileSync(__dirname + '/test-auth0.key')}, function (err, decrypted) {
-        assert.equal(decrypted, 'content to encrypt');
-        done();
+      it('should encrypt and decrypt xml with utf8 chars', function (done) {
+        _shouldEncryptAndDecrypt('Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge Gnügge', algorithm.encryptionOptions, done);
       });
     });
   });
 
-  it('should encrypt and decrypt xml (encryption: http://www.w3.org/2001/04/xmlenc#tripledes-cbc, keyEncryption: http://www.w3.org/2001/04/xmlenc#rsa-1_5)', function (done) {
+  function _shouldEncryptAndDecrypt(content, options, done) {
     // cert created with:
     // openssl req -x509 -new -newkey rsa:2048 -nodes -subj '/CN=auth0.auth0.com/O=Auth0 LLC/C=US/ST=Washington/L=Redmond' -keyout auth0.key -out auth0.pem
     // pub key extracted from (only the RSA public key between BEGIN PUBLIC KEY and END PUBLIC KEY)
-    // openssl x509 -in "test-auth0.pem" -pubkey 
+    // openssl x509 -in "test-auth0.pem" -pubkey
 
-    var options = {
-      rsa_pub: fs.readFileSync(__dirname + '/test-auth0_rsa.pub'),
-      pem: fs.readFileSync(__dirname + '/test-auth0.pem'),
-      key: fs.readFileSync(__dirname + '/test-auth0.key'),
-      encryptionAlgorithm: 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc',
-      keyEncryptionAlgorighm: 'http://www.w3.org/2001/04/xmlenc#rsa-1_5'
-    };
+    options.rsa_pub = fs.readFileSync(__dirname + '/test-auth0_rsa.pub'),
+    options.pem = fs.readFileSync(__dirname + '/test-auth0.pem'),
+    options.key = fs.readFileSync(__dirname + '/test-auth0.key'),
 
-    xmlenc.encrypt('content to encrypt', options, function(err, result) {  
-      xmlenc.decrypt(result, { key: fs.readFileSync(__dirname + '/test-auth0.key')}, function(err, decrypted) {
-        assert.equal(decrypted, 'content to encrypt');
+    xmlenc.encrypt(content, options, function(err, result) {
+      xmlenc.decrypt(result, { key: fs.readFileSync(__dirname + '/test-auth0.key')}, function (err, decrypted) {
+        assert.equal(decrypted, content);
         done();
       });
     });
-  });
+  }
 
   it('should encrypt and decrypt keyinfo', function (done) {
     var options = {
@@ -122,7 +67,7 @@ describe('encrypt', function() {
 
     crypto.randomBytes(32, function(err, randomBytes) {
       if (err) return done(err);
-      xmlenc.encryptKeyInfo(randomBytes, options, function(err, result) { 
+      xmlenc.encryptKeyInfo(randomBytes, options, function(err, result) {
         if (err) return done(err);
         var decryptedRandomBytes = xmlenc.decryptKeyInfo(result, { key: fs.readFileSync(__dirname + '/test-auth0.key')});
 
