Partial fix for #45

README.md

@@ -1,3 +1,5 @@
+FORKED FROM - https://github.com/travist/jsencrypt
+
 Website
 ======================
 http://travistidwell.com/jsencrypt

bin/jsencrypt.js

@@ -600,7 +600,7 @@ var Stream = /** @class */ (function () {
             var v = this.get(i);
             n.mulAdd(128, v & 0x7F);
             bits += 7;
-            if (!(v & 0x80)) {
+            if (!(v & 0x80)) { // finished
                 if (s === "") {
                     n = n.simplify();
                     if (n instanceof Int10) {
@@ -642,7 +642,7 @@ var ASN1 = /** @class */ (function () {
     }
     ASN1.prototype.typeName = function () {
         switch (this.tag.tagClass) {
-            case 0:// universal
+            case 0: // universal
                 switch (this.tag.tagNumber) {
                     case 0x00:
                         return "EOC";
@@ -724,48 +724,48 @@ var ASN1 = /** @class */ (function () {
             return this.stream.parseOctetString(content, content + len, maxLength);
         }
         switch (this.tag.tagNumber) {
-            case 0x01:// BOOLEAN
+            case 0x01: // BOOLEAN
                 return (this.stream.get(content) === 0) ? "false" : "true";
-            case 0x02:// INTEGER
+            case 0x02: // INTEGER
                 return this.stream.parseInteger(content, content + len);
-            case 0x03:// BIT_STRING
+            case 0x03: // BIT_STRING
                 return this.sub ? "(" + this.sub.length + " elem)" :
                     this.stream.parseBitString(content, content + len, maxLength);
-            case 0x04:// OCTET_STRING
+            case 0x04: // OCTET_STRING
                 return this.sub ? "(" + this.sub.length + " elem)" :
                     this.stream.parseOctetString(content, content + len, maxLength);
             // case 0x05: // NULL
-            case 0x06:// OBJECT_IDENTIFIER
+            case 0x06: // OBJECT_IDENTIFIER
                 return this.stream.parseOID(content, content + len, maxLength);
             // case 0x07: // ObjectDescriptor
             // case 0x08: // EXTERNAL
             // case 0x09: // REAL
             // case 0x0A: // ENUMERATED
             // case 0x0B: // EMBEDDED_PDV
             case 0x10: // SEQUENCE
-            case 0x11:// SET
+            case 0x11: // SET
                 if (this.sub !== null) {
                     return "(" + this.sub.length + " elem)";
                 }
                 else {
                     return "(no elem)";
                 }
-            case 0x0C:// UTF8String
+            case 0x0C: // UTF8String
                 return stringCut(this.stream.parseStringUTF(content, content + len), maxLength);
             case 0x12: // NumericString
             case 0x13: // PrintableString
             case 0x14: // TeletexString
             case 0x15: // VideotexString
             case 0x16: // IA5String
             // case 0x19: // GraphicString
-            case 0x1A:// VisibleString
+            case 0x1A: // VisibleString
                 // case 0x1B: // GeneralString
                 // case 0x1C: // UniversalString
                 return stringCut(this.stream.parseStringISO(content, content + len), maxLength);
-            case 0x1E:// BMPString
+            case 0x1E: // BMPString
                 return stringCut(this.stream.parseStringBMP(content, content + len), maxLength);
             case 0x17: // UTCTime
-            case 0x18:// GeneralizedTime
+            case 0x18: // GeneralizedTime
                 return this.stream.parseTime(content, content + len, (this.tag.tagNumber == 0x17));
         }
         return null;
@@ -923,7 +923,7 @@ var ASN1Tag = /** @class */ (function () {
         this.tagClass = buf >> 6;
         this.tagConstructed = ((buf & 0x20) !== 0);
         this.tagNumber = buf & 0x1F;
-        if (this.tagNumber == 0x1F) {
+        if (this.tagNumber == 0x1F) { // long tag
             var n = new Int10();
             do {
                 buf = stream.get();
@@ -1409,7 +1409,7 @@ var BigInteger = /** @class */ (function () {
                 i += this.DB;
                 --j;
             }
-            if (is1) {
+            if (is1) { // ret == 1, don't bother squaring or multiplying it
                 g[w].copyTo(r);
                 is1 = false;
             }
@@ -1902,7 +1902,7 @@ var BigInteger = /** @class */ (function () {
         while (--j >= 0) {
             // Estimate quotient digit
             var qd = (r[--i] == y0) ? this.DM : Math.floor(r[i] * d1 + (r[i - 1] + e) * d2);
-            if ((r[i] += y.am(0, qd, r, j, 0, ys)) < qd) {
+            if ((r[i] += y.am(0, qd, r, j, 0, ys)) < qd) { // Try it out
                 y.dlShiftTo(j, t);
                 r.subTo(t, r);
                 while (r[i] < --qd) {
@@ -2626,7 +2626,7 @@ else if (j_lm && (navigator.appName != "Netscape")) {
     BigInteger.prototype.am = am1;
     dbits = 26;
 }
-else {
+else { // Mozilla/Netscape seems to prefer am3
     BigInteger.prototype.am = am3;
     dbits = 28;
 }
@@ -2831,15 +2831,15 @@ var SecureRandom = /** @class */ (function () {
 // }
 // PKCS#1 (type 2, random) pad input string s to n bytes, and return a bigint
 function pkcs1pad2(s, n) {
-    if (n < s.length + 11) {
+    if (n < s.length + 11) { // TODO: fix for utf-8
         console.error("Message too long for RSA");
         return null;
     }
     var ba = [];
     var i = s.length - 1;
     while (i >= 0 && n > 0) {
         var c = s.charCodeAt(i--);
-        if (c < 128) {
+        if (c < 128) { // encode using utf-8
             ba[--n] = c;
         }
         else if ((c > 127) && (c < 2048)) {
@@ -2855,7 +2855,7 @@ function pkcs1pad2(s, n) {
     ba[--n] = 0;
     var rng = new SecureRandom();
     var x = [];
-    while (n > 2) {
+    while (n > 2) { // random non-zero pad
         x[0] = 0;
         while (x[0] == 0) {
             rng.nextBytes(x);
@@ -3001,13 +3001,19 @@ var RSAKey = /** @class */ (function () {
     // RSAKey.prototype.decrypt = RSADecrypt;
     // Return the PKCS#1 RSA decryption of "ctext".
     // "ctext" is an even-length hex string and the output is a plain string.
-    RSAKey.prototype.decrypt = function (ctext) {
+    RSAKey.prototype.decrypt = function (ctext, isByteEncoded) {
+        if (isByteEncoded === void 0) { isByteEncoded = false; }
         var c = parseBigInt(ctext, 16);
         var m = this.doPrivate(c);
         if (m == null) {
             return null;
         }
-        return pkcs1unpad2(m, (this.n.bitLength() + 7) >> 3);
+        if (isByteEncoded) {
+            return pkcs1unpad2ForBytes(m, (this.n.bitLength() + 7) >> 3);
+        }
+        else {
+            return pkcs1unpad2(m, (this.n.bitLength() + 7) >> 3);
+        }
     };
     // Generate a new random private key B bits long, using public expt E
     RSAKey.prototype.generateAsync = function (B, E, callback) {
@@ -3091,7 +3097,7 @@ function pkcs1unpad2(d, n) {
     var ret = "";
     while (++i < b.length) {
         var c = b[i] & 255;
-        if (c < 128) {
+        if (c < 128) { // utf-8 decode
             ret += String.fromCharCode(c);
         }
         else if ((c > 191) && (c < 224)) {
@@ -3105,6 +3111,29 @@ function pkcs1unpad2(d, n) {
     }
     return ret;
 }
+// Undo PKCS#1 (type 2, random) padding and, if valid, return the bytes
+function pkcs1unpad2ForBytes(d, n) {
+    var b = d.toByteArray();
+    var i = 0;
+    while (i < b.length && b[i] == 0) {
+        ++i;
+    }
+    if (b.length - i != n - 1 || b[i] != 2) {
+        return null;
+    }
+    ++i;
+    while (b[i] != 0) {
+        if (++i >= b.length) {
+            return null;
+        }
+    }
+    var ret = "";
+    while (++i < b.length) {
+        var c = b[i] & 255;
+        ret += String.fromCharCode(c);
+    }
+    return ret;
+}
 // Return the PKCS#1 RSA encryption of "text" as a Base64-encoded string
 // function RSAEncryptB64(text) {
 //  var h = this.encrypt(text);
@@ -5163,10 +5192,11 @@ var JSEncrypt = /** @class */ (function () {
      * @return {string} the decrypted string
      * @public
      */
-    JSEncrypt.prototype.decrypt = function (str) {
+    JSEncrypt.prototype.decrypt = function (str, isByteEncoded) {
+        if (isByteEncoded === void 0) { isByteEncoded = false; }
         // Return the decrypted string.
         try {
-            return this.getKey().decrypt(b64tohex(str));
+            return this.getKey().decrypt(b64tohex(str), isByteEncoded);
         }
         catch (ex) {
             return false;

lib/jsbn/rsa.ts

@@ -64,7 +64,7 @@ function pkcs1pad2(s:string, n:number) {
 
 // "empty" RSA key constructor
 export class RSAKey {
-  constructor() {
+    constructor() {
         this.n = null;
         this.e = 0;
         this.d = null;
@@ -207,11 +207,15 @@ export class RSAKey {
     // RSAKey.prototype.decrypt = RSADecrypt;
     // Return the PKCS#1 RSA decryption of "ctext".
     // "ctext" is an even-length hex string and the output is a plain string.
-    public decrypt(ctext:string) {
+    public decrypt(ctext:string, isByteEncoded:boolean = false) {
         const c = parseBigInt(ctext, 16);
         const m = this.doPrivate(c);
         if (m == null) { return null; }
-        return pkcs1unpad2(m, (this.n.bitLength() + 7) >> 3);
+        if (isByteEncoded) {
+            return pkcs1unpad2ForBytes(m, (this.n.bitLength() + 7) >> 3);
+        } else {
+            return pkcs1unpad2(m, (this.n.bitLength() + 7) >> 3);
+        }
     }
 
     // Generate a new random private key B bits long, using public expt E
@@ -316,6 +320,26 @@ function pkcs1unpad2(d:BigInteger, n:number):string {
 }
 
 
+// Undo PKCS#1 (type 2, random) padding and, if valid, return the bytes
+function pkcs1unpad2ForBytes(d:BigInteger, n:number):string {
+    const b = d.toByteArray();
+    let i = 0;
+    while (i < b.length && b[i] == 0) { ++i; }
+    if (b.length - i != n - 1 || b[i] != 2) {
+        return null;
+    }
+    ++i;
+    while (b[i] != 0) {
+        if (++i >= b.length) { return null; }
+    }
+    let ret = "";
+    while (++i < b.length) {
+        const c = b[i] & 255;
+        ret += String.fromCharCode(c);
+    }
+    return ret;
+}
+
 // Return the PKCS#1 RSA encryption of "text" as a Base64-encoded string
 // function RSAEncryptB64(text) {
 //  var h = this.encrypt(text);

src/JSEncrypt.ts

@@ -78,10 +78,10 @@ export default class JSEncrypt {
      * @return {string} the decrypted string
      * @public
      */
-    public decrypt(str:string) {
+    public decrypt(str:string, isByteEncoded:boolean = false) {
         // Return the decrypted string.
         try {
-            return this.getKey().decrypt(b64tohex(str));
+            return this.getKey().decrypt(b64tohex(str), isByteEncoded);
         } catch (ex) {
             return false;
         }