Skip to content

Feature: Throw Warning against invalid Hex input for XOR #2032

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 20 commits into
base: master
Choose a base branch
from
Open

Feature: Throw Warning against invalid Hex input for XOR #2032

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
01edeb2
Wrapped XOR run function in try catch block to handle key errors
RyanChernoff Apr 21, 2025
d3f943b
Removed input extraction from try catch block to seperate input error…
RyanChernoff Apr 21, 2025
1a6d238
For the sake of backwards compatibility, a boolean is passed to tell …
RyanChernoff Apr 21, 2025
e231d1b
Changed delimitor to None so non-hex characters can be detected.
RyanChernoff Apr 21, 2025
23bfe87
Made warning optional since test cases involved non-hex characters
RyanChernoff Apr 22, 2025
0a4fd20
added delim parameter to utils.mjs
kmakarska Apr 24, 2025
6c046f4
added throw error parameter to convertToByteArray in Utils.mjs
kmakarska Apr 24, 2025
49a80b4
added new params in the header comment of convertToByteArray
kmakarska Apr 24, 2025
278c221
extracted substr and added check for throwError in Hex.mjs
rmurugan58 Apr 26, 2025
78b4a1f
Fixed lint errors in src/core/operations/XOR.mjs
RyanChernoff Apr 27, 2025
34fe96d
added new param descriptor and fixed lint errors in Hex.mjs
rmurugan58 Apr 27, 2025
2e710c7
fixed lint errors in XOR.mjs
rmurugan58 Apr 27, 2025
3ac78b6
Merge remote-tracking branch 'origin/xorKeyValidation' into xorKeyVal…
RyanChernoff Apr 27, 2025
8589e06
created a test for the new error that should be thrown if an invalid …
jonassoh Apr 30, 2025
605e7b1
Fixed error where xor filter key value was default false instead of true
RyanChernoff May 1, 2025
b824268
fix: revert previous commit wrong file staged, added file with new te…
jonassoh May 1, 2025
42f6daa
Merge branch 'xorKeyValidation' of https://github.com/RyanChernoff/Cy…
jonassoh May 1, 2025
765d5ee
changed filterKey to false for testing XOR invalid characters error
jonassoh May 1, 2025
70be54e
added test to check that the error isn't raised on valid keys with fi…
jonassoh May 1, 2025
9a193af
Fixed error where test for XOR operation with valid key had an invali…
RyanChernoff May 1, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions src/core/Utils.mjs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -327,6 +327,8 @@ class Utils {
*
* @param {string} str
* @param {string} type - One of "Binary", "Hex", "Decimal", "Base64", "UTF8" or "Latin1"
* @param {string} [delim="Auto"] - (Hex only) Delimiter used to split the input string. Set to "Auto" by default.
* @param {boolean} [throwError=false] - (Hex only) Whether to throw an error on invalid input. Defaults to false.
* @returns {byteArray}
*
* @example
Expand All @@ -339,12 +341,12 @@ class Utils {
* // returns [208, 159, 209, 128, 208, 184, 208, 178, 208, 181, 209, 130]
* Utils.convertToByteArray("0JfQtNGA0LDQstGB0YLQstGD0LnRgtC1", "base64");
*/
static convertToByteArray(str, type) {
static convertToByteArray(str, type, delim = "Auto", throwError = false) {
switch (type.toLowerCase()) {
case "binary":
return fromBinary(str);
case "hex":
return fromHex(str);
return fromHex(str, delim, 2, throwError);
case "decimal":
return fromDecimal(str);
case "base64":
Expand Down
9 changes: 7 additions & 2 deletions src/core/lib/Hex.mjs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,7 @@ export function toHexFast(data) {
* @param {string} data
* @param {string} [delim]
* @param {number} [byteLen=2]
* @param {boolean} [throwError=false]
* @returns {byteArray}
*
* @example
Expand All @@ -100,7 +101,7 @@ export function toHexFast(data) {
* // returns [10,20,30]
* fromHex("0a:14:1e", "Colon");
*/
export function fromHex(data, delim="Auto", byteLen=2) {
export function fromHex(data, delim="Auto", byteLen=2, throwError=false) {
if (byteLen < 1 || Math.round(byteLen) !== byteLen)
throw new OperationError("Byte length must be a positive integer");

Expand All @@ -114,7 +115,11 @@ export function fromHex(data, delim="Auto", byteLen=2) {
const output = [];
for (let i = 0; i < data.length; i++) {
for (let j = 0; j < data[i].length; j += byteLen) {
output.push(parseInt(data[i].substr(j, byteLen), 16));
const chunk = data[i].substr(j, byteLen);
if (throwError && /[^a-f\d]/i.test(chunk)) {
throw new OperationError(`Invalid hex character in chunk "${chunk}"`);
}
output.push(parseInt(chunk, 16));
}
}
return output;
Expand Down
16 changes: 13 additions & 3 deletions src/core/operations/XOR.mjs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
*/

import Operation from "../Operation.mjs";
import OperationError from "../errors/OperationError.mjs";
import Utils from "../Utils.mjs";
import { bitOp, xor, BITWISE_OP_DELIMS } from "../lib/BitwiseOp.mjs";

Expand Down Expand Up @@ -41,6 +42,11 @@ class XOR extends Operation {
"name": "Null preserving",
"type": "boolean",
"value": false
},
{
"name": "Filter Key",
"type": "boolean",
"value": true
}
];
}
Expand All @@ -52,10 +58,14 @@ class XOR extends Operation {
*/
run(input, args) {
input = new Uint8Array(input);
const key = Utils.convertToByteArray(args[0].string || "", args[0].option),
[, scheme, nullPreserving] = args;
try {
const key = Utils.convertToByteArray(args[0].string || "", args[0].option, args[3] ? "Auto" : "None", true),
[, scheme, nullPreserving] = args;

return bitOp(input, key, xor, nullPreserving, scheme);
return bitOp(input, key, xor, nullPreserving, scheme);
} catch (error) {
throw new OperationError("Invalid Characters in key");
}
}

/**
Expand Down
21 changes: 21 additions & 0 deletions tests/node/tests/operations.mjs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -974,6 +974,27 @@ smothering ampersand abreast`;
"QV\u0010\u0004UDWQ");
}),

it("XOR: should throw 'Invalid Characters in key' error when key contains invalid characters", () => {
const invalidKeys = [
{ string: "zz 00 11", option: "Hex" },

{ string: "4~ 00 11", option: "Hex" }
];
invalidKeys.forEach(invalidKey => {
assert.throws(() => {
chef.XOR("fe023da5", { key: invalidKey, filterKey: false });
}, /Invalid Characters in key/);
});
}),

it("XOR: should not throw 'Invalid Characters in key' error when key contains only valid characters", () => {
assert.strictEqual(chef.XOR("fe023da5", {
key: "736f6d65",
filterKey: false
}).toString(),
"\u0015\n]W@\u000b\fP");
}),

it("XPath expression", () => {
assert.strictEqual(
chef.XPathExpression("<contact-info><company>abc</company></contact-info>", {xPath: "contact-info/company"}).toString(),
Expand Down
Loading