Merge pull request #2013 from plvie/master

a3957273 · web-flow · commit e849569b10d2 · 2025-04-05T19:04:08.000+01:00
Add ECB/NoPadding and CBC/NoPadding support to AES encryption
diff --git a/src/core/operations/AESDecrypt.mjs b/src/core/operations/AESDecrypt.mjs
@@ -112,7 +112,7 @@ class AESDecrypt extends Operation {
     run(input, args) {
         const key = Utils.convertToByteString(args[0].string, args[0].option),
             iv = Utils.convertToByteString(args[1].string, args[1].option),
-            mode = args[2].substring(0, 3),
+            mode = args[2].split("/")[0],
             noPadding = args[2].endsWith("NoPadding"),
             inputType = args[3],
             outputType = args[4],
diff --git a/src/core/operations/AESEncrypt.mjs b/src/core/operations/AESEncrypt.mjs
@@ -66,6 +66,14 @@ class AESEncrypt extends Operation {
                     {
                         name: "ECB",
                         off: [5]
+                    },
+                    {
+                        name: "CBC/NoPadding",
+                        off: [5]
+                    },
+                    {
+                        name: "ECB/NoPadding",
+                        off: [5]
                     }
                 ]
             },
@@ -98,7 +106,8 @@ class AESEncrypt extends Operation {
     run(input, args) {
         const key = Utils.convertToByteString(args[0].string, args[0].option),
             iv = Utils.convertToByteString(args[1].string, args[1].option),
-            mode = args[2],
+            mode = args[2].split("/")[0],
+            noPadding =  args[2].endsWith("NoPadding"),
             inputType = args[3],
             outputType = args[4],
             aad = Utils.convertToByteString(args[5].string, args[5].option);
@@ -114,11 +123,20 @@ The following algorithms will be used based on the size of the key:
 
         input = Utils.convertToByteString(input, inputType);
 
+        // Handle NoPadding modes
+        if (noPadding && input.length % 16 !== 0) {
+            throw new OperationError("Input length must be a multiple of 16 bytes for NoPadding modes.");
+        }
         const cipher = forge.cipher.createCipher("AES-" + mode, key);
         cipher.start({
             iv: iv,
             additionalData: mode === "GCM" ? aad : undefined
         });
+        if (noPadding) {
+            cipher.mode.pad = function(output, options) {
+                return true;
+            };
+        }
         cipher.update(forge.util.createBuffer(input));
         cipher.finish();
 
