Diffstat (limited to 'frontend/gamma/js/Clipperz/Crypto/Base.js') (more/less context) (ignore whitespace changes)
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/Base.js | 15 |
1 files changed, 6 insertions, 9 deletions
diff --git a/frontend/gamma/js/Clipperz/Crypto/Base.js b/frontend/gamma/js/Clipperz/Crypto/Base.js index b69dcc8..d3a8e36 100644 --- a/frontend/gamma/js/Clipperz/Crypto/Base.js +++ b/frontend/gamma/js/Clipperz/Crypto/Base.js | |||
@@ -1,408 +1,405 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2011 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz's Javascript Crypto Library. | 5 | This file is part of Clipperz Community Edition. |
6 | Javascript Crypto Library provides web developers with an extensive | 6 | Clipperz Community Edition is an online password manager. |
7 | and efficient set of cryptographic functions. The library aims to | ||
8 | obtain maximum execution speed while preserving modularity and | ||
9 | reusability. | ||
10 | For further information about its features and functionalities please | 7 | For further information about its features and functionalities please |
11 | refer to http://www.clipperz.com | 8 | refer to http://www.clipperz.com. |
12 | 9 | ||
13 | * Javascript Crypto Library is free software: you can redistribute | 10 | * Clipperz Community Edition is free software: you can redistribute |
14 | it and/or modify it under the terms of the GNU Affero General Public | 11 | it and/or modify it under the terms of the GNU Affero General Public |
15 | License as published by the Free Software Foundation, either version | 12 | License as published by the Free Software Foundation, either version |
16 | 3 of the License, or (at your option) any later version. | 13 | 3 of the License, or (at your option) any later version. |
17 | 14 | ||
18 | * Javascript Crypto Library is distributed in the hope that it will | 15 | * Clipperz Community Edition is distributed in the hope that it will |
19 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 16 | be useful, but WITHOUT ANY WARRANTY; without even the implied |
20 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
21 | See the GNU Affero General Public License for more details. | 18 | See the GNU Affero General Public License for more details. |
22 | 19 | ||
23 | * You should have received a copy of the GNU Affero General Public | 20 | * You should have received a copy of the GNU Affero General Public |
24 | License along with Javascript Crypto Library. If not, see | 21 | License along with Clipperz Community Edition. If not, see |
25 | <http://www.gnu.org/licenses/>. | 22 | <http://www.gnu.org/licenses/>. |
26 | 23 | ||
27 | */ | 24 | */ |
28 | 25 | ||
29 | try { if (typeof(Clipperz.Base) == 'undefined') { throw ""; }} catch (e) { | 26 | try { if (typeof(Clipperz.Base) == 'undefined') { throw ""; }} catch (e) { |
30 | throw "Clipperz.Crypto.Base depends on Clipperz.Base!"; | 27 | throw "Clipperz.Crypto.Base depends on Clipperz.Base!"; |
31 | } | 28 | } |
32 | 29 | ||
33 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } | 30 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } |
34 | if (typeof(Clipperz.Crypto.Base) == 'undefined') { Clipperz.Crypto.Base = {}; } | 31 | if (typeof(Clipperz.Crypto.Base) == 'undefined') { Clipperz.Crypto.Base = {}; } |
35 | 32 | ||
36 | Clipperz.Crypto.Base.VERSION = "0.1"; | 33 | Clipperz.Crypto.Base.VERSION = "0.1"; |
37 | Clipperz.Crypto.Base.NAME = "Clipperz.Crypto.Base"; | 34 | Clipperz.Crypto.Base.NAME = "Clipperz.Crypto.Base"; |
38 | 35 | ||
39 | //############################################################################# | 36 | //############################################################################# |
40 | //Downloaded on March 30, 2006 from http://anmar.eu.org/projects/jssha2/files/jssha2-0.3.zip (jsSha2/sha256.js) | 37 | //Downloaded on March 30, 2006 from http://anmar.eu.org/projects/jssha2/files/jssha2-0.3.zip (jsSha2/sha256.js) |
41 | //############################################################################# | 38 | //############################################################################# |
42 | 39 | ||
43 | /* A JavaScript implementation of the Secure Hash Algorithm, SHA-256 | 40 | /* A JavaScript implementation of the Secure Hash Algorithm, SHA-256 |
44 | * Version 0.3 Copyright Angel Marin 2003-2004 - http://anmar.eu.org/ | 41 | * Version 0.3 Copyright Angel Marin 2003-2004 - http://anmar.eu.org/ |
45 | * Distributed under the BSD License | 42 | * Distributed under the BSD License |
46 | * Some bits taken from Paul Johnston's SHA-1 implementation | 43 | * Some bits taken from Paul Johnston's SHA-1 implementation |
47 | */ | 44 | */ |
48 | var chrsz = 8; /* bits per input character. 8 - ASCII; 16 - Unicode */ | 45 | var chrsz = 8; /* bits per input character. 8 - ASCII; 16 - Unicode */ |
49 | function safe_add (x, y) { | 46 | function safe_add (x, y) { |
50 | var lsw = (x & 0xFFFF) + (y & 0xFFFF); | 47 | var lsw = (x & 0xFFFF) + (y & 0xFFFF); |
51 | var msw = (x >> 16) + (y >> 16) + (lsw >> 16); | 48 | var msw = (x >> 16) + (y >> 16) + (lsw >> 16); |
52 | return (msw << 16) | (lsw & 0xFFFF); | 49 | return (msw << 16) | (lsw & 0xFFFF); |
53 | } | 50 | } |
54 | function S (X, n) {return ( X >>> n ) | (X << (32 - n));} | 51 | function S (X, n) {return ( X >>> n ) | (X << (32 - n));} |
55 | function R (X, n) {return ( X >>> n );} | 52 | function R (X, n) {return ( X >>> n );} |
56 | function Ch(x, y, z) {return ((x & y) ^ ((~x) & z));} | 53 | function Ch(x, y, z) {return ((x & y) ^ ((~x) & z));} |
57 | function Maj(x, y, z) {return ((x & y) ^ (x & z) ^ (y & z));} | 54 | function Maj(x, y, z) {return ((x & y) ^ (x & z) ^ (y & z));} |
58 | function Sigma0256(x) {return (S(x, 2) ^ S(x, 13) ^ S(x, 22));} | 55 | function Sigma0256(x) {return (S(x, 2) ^ S(x, 13) ^ S(x, 22));} |
59 | function Sigma1256(x) {return (S(x, 6) ^ S(x, 11) ^ S(x, 25));} | 56 | function Sigma1256(x) {return (S(x, 6) ^ S(x, 11) ^ S(x, 25));} |
60 | function Gamma0256(x) {return (S(x, 7) ^ S(x, 18) ^ R(x, 3));} | 57 | function Gamma0256(x) {return (S(x, 7) ^ S(x, 18) ^ R(x, 3));} |
61 | function Gamma1256(x) {return (S(x, 17) ^ S(x, 19) ^ R(x, 10));} | 58 | function Gamma1256(x) {return (S(x, 17) ^ S(x, 19) ^ R(x, 10));} |
62 | function core_sha256 (m, l) { | 59 | function core_sha256 (m, l) { |
63 | var K = new Array(0x428A2F98,0x71374491,0xB5C0FBCF,0xE9B5DBA5,0x3956C25B,0x59F111F1,0x923F82A4,0xAB1C5ED5,0xD807AA98,0x12835B01,0x243185BE,0x550C7DC3,0x72BE5D74,0x80DEB1FE,0x9BDC06A7,0xC19BF174,0xE49B69C1,0xEFBE4786,0xFC19DC6,0x240CA1CC,0x2DE92C6F,0x4A7484AA,0x5CB0A9DC,0x76F988DA,0x983E5152,0xA831C66D,0xB00327C8,0xBF597FC7,0xC6E00BF3,0xD5A79147,0x6CA6351,0x14292967,0x27B70A85,0x2E1B2138,0x4D2C6DFC,0x53380D13,0x650A7354,0x766A0ABB,0x81C2C92E,0x92722C85,0xA2BFE8A1,0xA81A664B,0xC24B8B70,0xC76C51A3,0xD192E819,0xD6990624,0xF40E3585,0x106AA070,0x19A4C116,0x1E376C08,0x2748774C,0x34B0BCB5,0x391C0CB3,0x4ED8AA4A,0x5B9CCA4F,0x682E6FF3,0x748F82EE,0x78A5636F,0x84C87814,0x8CC70208,0x90BEFFFA,0xA4506CEB,0xBEF9A3F7,0xC67178F2); | 60 | var K = new Array(0x428A2F98,0x71374491,0xB5C0FBCF,0xE9B5DBA5,0x3956C25B,0x59F111F1,0x923F82A4,0xAB1C5ED5,0xD807AA98,0x12835B01,0x243185BE,0x550C7DC3,0x72BE5D74,0x80DEB1FE,0x9BDC06A7,0xC19BF174,0xE49B69C1,0xEFBE4786,0xFC19DC6,0x240CA1CC,0x2DE92C6F,0x4A7484AA,0x5CB0A9DC,0x76F988DA,0x983E5152,0xA831C66D,0xB00327C8,0xBF597FC7,0xC6E00BF3,0xD5A79147,0x6CA6351,0x14292967,0x27B70A85,0x2E1B2138,0x4D2C6DFC,0x53380D13,0x650A7354,0x766A0ABB,0x81C2C92E,0x92722C85,0xA2BFE8A1,0xA81A664B,0xC24B8B70,0xC76C51A3,0xD192E819,0xD6990624,0xF40E3585,0x106AA070,0x19A4C116,0x1E376C08,0x2748774C,0x34B0BCB5,0x391C0CB3,0x4ED8AA4A,0x5B9CCA4F,0x682E6FF3,0x748F82EE,0x78A5636F,0x84C87814,0x8CC70208,0x90BEFFFA,0xA4506CEB,0xBEF9A3F7,0xC67178F2); |
64 | var HASH = new Array(0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A, 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19); | 61 | var HASH = new Array(0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A, 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19); |
65 | var W = new Array(64); | 62 | var W = new Array(64); |
66 | var a, b, c, d, e, f, g, h, i, j; | 63 | var a, b, c, d, e, f, g, h, i, j; |
67 | var T1, T2; | 64 | var T1, T2; |
68 | /* append padding */ | 65 | /* append padding */ |
69 | m[l >> 5] |= 0x80 << (24 - l % 32); | 66 | m[l >> 5] |= 0x80 << (24 - l % 32); |
70 | m[((l + 64 >> 9) << 4) + 15] = l; | 67 | m[((l + 64 >> 9) << 4) + 15] = l; |
71 | for ( var i = 0; i<m.length; i+=16 ) { | 68 | for ( var i = 0; i<m.length; i+=16 ) { |
72 | a = HASH[0]; b = HASH[1]; c = HASH[2]; d = HASH[3]; e = HASH[4]; f = HASH[5]; g = HASH[6]; h = HASH[7]; | 69 | a = HASH[0]; b = HASH[1]; c = HASH[2]; d = HASH[3]; e = HASH[4]; f = HASH[5]; g = HASH[6]; h = HASH[7]; |
73 | for ( var j = 0; j<64; j++) { | 70 | for ( var j = 0; j<64; j++) { |
74 | if (j < 16) W[j] = m[j + i]; | 71 | if (j < 16) W[j] = m[j + i]; |
75 | else W[j] = safe_add(safe_add(safe_add(Gamma1256(W[j - 2]), W[j - 7]), Gamma0256(W[j - 15])), W[j - 16]); | 72 | else W[j] = safe_add(safe_add(safe_add(Gamma1256(W[j - 2]), W[j - 7]), Gamma0256(W[j - 15])), W[j - 16]); |
76 | T1 = safe_add(safe_add(safe_add(safe_add(h, Sigma1256(e)), Ch(e, f, g)), K[j]), W[j]); | 73 | T1 = safe_add(safe_add(safe_add(safe_add(h, Sigma1256(e)), Ch(e, f, g)), K[j]), W[j]); |
77 | T2 = safe_add(Sigma0256(a), Maj(a, b, c)); | 74 | T2 = safe_add(Sigma0256(a), Maj(a, b, c)); |
78 | h = g; g = f; f = e; e = safe_add(d, T1); d = c; c = b; b = a; a = safe_add(T1, T2); | 75 | h = g; g = f; f = e; e = safe_add(d, T1); d = c; c = b; b = a; a = safe_add(T1, T2); |
79 | } | 76 | } |
80 | HASH[0] = safe_add(a, HASH[0]); HASH[1] = safe_add(b, HASH[1]); HASH[2] = safe_add(c, HASH[2]); HASH[3] = safe_add(d, HASH[3]); HASH[4] = safe_add(e, HASH[4]); HASH[5] = safe_add(f, HASH[5]); HASH[6] = safe_add(g, HASH[6]); HASH[7] = safe_add(h, HASH[7]); | 77 | HASH[0] = safe_add(a, HASH[0]); HASH[1] = safe_add(b, HASH[1]); HASH[2] = safe_add(c, HASH[2]); HASH[3] = safe_add(d, HASH[3]); HASH[4] = safe_add(e, HASH[4]); HASH[5] = safe_add(f, HASH[5]); HASH[6] = safe_add(g, HASH[6]); HASH[7] = safe_add(h, HASH[7]); |
81 | } | 78 | } |
82 | return HASH; | 79 | return HASH; |
83 | } | 80 | } |
84 | function str2binb (str) { | 81 | function str2binb (str) { |
85 | var bin = Array(); | 82 | var bin = Array(); |
86 | var mask = (1 << chrsz) - 1; | 83 | var mask = (1 << chrsz) - 1; |
87 | for(var i = 0; i < str.length * chrsz; i += chrsz) | 84 | for(var i = 0; i < str.length * chrsz; i += chrsz) |
88 | bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (24 - i%32); | 85 | bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (24 - i%32); |
89 | return bin; | 86 | return bin; |
90 | } | 87 | } |
91 | function binb2hex (binarray) { | 88 | function binb2hex (binarray) { |
92 | var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */ | 89 | var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */ |
93 | var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef"; | 90 | var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef"; |
94 | var str = ""; | 91 | var str = ""; |
95 | for (var i = 0; i < binarray.length * 4; i++) { | 92 | for (var i = 0; i < binarray.length * 4; i++) { |
96 | str += hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8+4)) & 0xF) + hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8 )) & 0xF); | 93 | str += hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8+4)) & 0xF) + hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8 )) & 0xF); |
97 | } | 94 | } |
98 | return str; | 95 | return str; |
99 | } | 96 | } |
100 | function hex_sha256(s){return binb2hex(core_sha256(str2binb(s),s.length * chrsz));} | 97 | function hex_sha256(s){return binb2hex(core_sha256(str2binb(s),s.length * chrsz));} |
101 | 98 | ||
102 | 99 | ||
103 | 100 | ||
104 | //############################################################################# | 101 | //############################################################################# |
105 | //Downloaded on March 30, 2006 from http://www.fourmilab.ch/javascrypt/javascrypt.zip (entropy.js) | 102 | //Downloaded on March 30, 2006 from http://www.fourmilab.ch/javascrypt/javascrypt.zip (entropy.js) |
106 | //############################################################################# | 103 | //############################################################################# |
107 | 104 | ||
108 | // Entropy collection utilities | 105 | // Entropy collection utilities |
109 | 106 | ||
110 | /*Start by declaring static storage and initialise | 107 | /*Start by declaring static storage and initialise |
111 | the entropy vector from the time we come through | 108 | the entropy vector from the time we come through |
112 | here. */ | 109 | here. */ |
113 | 110 | ||
114 | var entropyData = new Array(); // Collected entropy data | 111 | var entropyData = new Array(); // Collected entropy data |
115 | var edlen = 0; // Keyboard array data length | 112 | var edlen = 0; // Keyboard array data length |
116 | 113 | ||
117 | addEntropyTime(); // Start entropy collection with page load time | 114 | addEntropyTime(); // Start entropy collection with page load time |
118 | ce(); // Roll milliseconds into initial entropy | 115 | ce(); // Roll milliseconds into initial entropy |
119 | 116 | ||
120 | //Add a byte to the entropy vector | 117 | //Add a byte to the entropy vector |
121 | 118 | ||
122 | function addEntropyByte(b) { | 119 | function addEntropyByte(b) { |
123 | entropyData[edlen++] = b; | 120 | entropyData[edlen++] = b; |
124 | } | 121 | } |
125 | 122 | ||
126 | /*Capture entropy. When the user presses a key or performs | 123 | /*Capture entropy. When the user presses a key or performs |
127 | various other events for which we can request | 124 | various other events for which we can request |
128 | notification, add the time in 255ths of a second to the | 125 | notification, add the time in 255ths of a second to the |
129 | entropyData array. The name of the function is short | 126 | entropyData array. The name of the function is short |
130 | so it doesn't bloat the form object declarations in | 127 | so it doesn't bloat the form object declarations in |
131 | which it appears in various "onXXX" events. */ | 128 | which it appears in various "onXXX" events. */ |
132 | 129 | ||
133 | function ce() { | 130 | function ce() { |
134 | addEntropyByte(Math.floor((((new Date).getMilliseconds()) * 255) / 999)); | 131 | addEntropyByte(Math.floor((((new Date).getMilliseconds()) * 255) / 999)); |
135 | } | 132 | } |
136 | 133 | ||
137 | //Add a 32 bit quantity to the entropy vector | 134 | //Add a 32 bit quantity to the entropy vector |
138 | 135 | ||
139 | function addEntropy32(w) { | 136 | function addEntropy32(w) { |
140 | var i; | 137 | var i; |
141 | 138 | ||
142 | for (i = 0; i < 4; i++) { | 139 | for (i = 0; i < 4; i++) { |
143 | addEntropyByte(w & 0xFF); | 140 | addEntropyByte(w & 0xFF); |
144 | w >>= 8; | 141 | w >>= 8; |
145 | } | 142 | } |
146 | } | 143 | } |
147 | 144 | ||
148 | /*Add the current time and date (milliseconds since the epoch, | 145 | /*Add the current time and date (milliseconds since the epoch, |
149 | truncated to 32 bits) to the entropy vector. */ | 146 | truncated to 32 bits) to the entropy vector. */ |
150 | 147 | ||
151 | function addEntropyTime() { | 148 | function addEntropyTime() { |
152 | addEntropy32((new Date()).getTime()); | 149 | addEntropy32((new Date()).getTime()); |
153 | } | 150 | } |
154 | 151 | ||
155 | /* Start collection of entropy from mouse movements. The | 152 | /* Start collection of entropy from mouse movements. The |
156 | argument specifies the number of entropy items to be | 153 | argument specifies the number of entropy items to be |
157 | obtained from mouse motion, after which mouse motion | 154 | obtained from mouse motion, after which mouse motion |
158 | will be ignored. Note that you can re-enable mouse | 155 | will be ignored. Note that you can re-enable mouse |
159 | motion collection at any time if not already underway. */ | 156 | motion collection at any time if not already underway. */ |
160 | 157 | ||
161 | var mouseMotionCollect = 0; | 158 | var mouseMotionCollect = 0; |
162 | var oldMoveHandler; // For saving and restoring mouse move handler in IE4 | 159 | var oldMoveHandler; // For saving and restoring mouse move handler in IE4 |
163 | 160 | ||
164 | function mouseMotionEntropy(maxsamp) { | 161 | function mouseMotionEntropy(maxsamp) { |
165 | if (mouseMotionCollect <= 0) { | 162 | if (mouseMotionCollect <= 0) { |
166 | mouseMotionCollect = maxsamp; | 163 | mouseMotionCollect = maxsamp; |
167 | if ((document.implementation.hasFeature("Events", "2.0")) && | 164 | if ((document.implementation.hasFeature("Events", "2.0")) && |
168 | document.addEventListener) { | 165 | document.addEventListener) { |
169 | // Browser supports Document Object Model (DOM) 2 events | 166 | // Browser supports Document Object Model (DOM) 2 events |
170 | document.addEventListener("mousemove", mouseMoveEntropy, false); | 167 | document.addEventListener("mousemove", mouseMoveEntropy, false); |
171 | } else { | 168 | } else { |
172 | if (document.attachEvent) { | 169 | if (document.attachEvent) { |
173 | // Internet Explorer 5 and above event model | 170 | // Internet Explorer 5 and above event model |
174 | document.attachEvent("onmousemove", mouseMoveEntropy); | 171 | document.attachEvent("onmousemove", mouseMoveEntropy); |
175 | } else { | 172 | } else { |
176 | //Internet Explorer 4 event model | 173 | //Internet Explorer 4 event model |
177 | oldMoveHandler = document.onmousemove; | 174 | oldMoveHandler = document.onmousemove; |
178 | document.onmousemove = mouseMoveEntropy; | 175 | document.onmousemove = mouseMoveEntropy; |
179 | } | 176 | } |
180 | } | 177 | } |
181 | //dump("Mouse enable", mouseMotionCollect); | 178 | //dump("Mouse enable", mouseMotionCollect); |
182 | } | 179 | } |
183 | } | 180 | } |
184 | 181 | ||
185 | /*Collect entropy from mouse motion events. Note that | 182 | /*Collect entropy from mouse motion events. Note that |
186 | this is craftily coded to work with either DOM2 or Internet | 183 | this is craftily coded to work with either DOM2 or Internet |
187 | Explorer style events. Note that we don't use every successive | 184 | Explorer style events. Note that we don't use every successive |
188 | mouse movement event. Instead, we XOR the three bytes collected | 185 | mouse movement event. Instead, we XOR the three bytes collected |
189 | from the mouse and use that to determine how many subsequent | 186 | from the mouse and use that to determine how many subsequent |
190 | mouse movements we ignore before capturing the next one. */ | 187 | mouse movements we ignore before capturing the next one. */ |
191 | 188 | ||
192 | var mouseEntropyTime = 0; // Delay counter for mouse entropy collection | 189 | var mouseEntropyTime = 0; // Delay counter for mouse entropy collection |
193 | 190 | ||
194 | function mouseMoveEntropy(e) { | 191 | function mouseMoveEntropy(e) { |
195 | if (!e) { | 192 | if (!e) { |
196 | e = window.event; // Internet Explorer event model | 193 | e = window.event; // Internet Explorer event model |
197 | } | 194 | } |
198 | if (mouseMotionCollect > 0) { | 195 | if (mouseMotionCollect > 0) { |
199 | if (mouseEntropyTime-- <= 0) { | 196 | if (mouseEntropyTime-- <= 0) { |
200 | addEntropyByte(e.screenX & 0xFF); | 197 | addEntropyByte(e.screenX & 0xFF); |
201 | addEntropyByte(e.screenY & 0xFF); | 198 | addEntropyByte(e.screenY & 0xFF); |
202 | ce(); | 199 | ce(); |
203 | mouseMotionCollect--; | 200 | mouseMotionCollect--; |
204 | mouseEntropyTime = (entropyData[edlen - 3] ^ entropyData[edlen - 2] ^ | 201 | mouseEntropyTime = (entropyData[edlen - 3] ^ entropyData[edlen - 2] ^ |
205 | entropyData[edlen - 1]) % 19; | 202 | entropyData[edlen - 1]) % 19; |
206 | //dump("Mouse Move", byteArrayToHex(entropyData.slice(-3))); | 203 | //dump("Mouse Move", byteArrayToHex(entropyData.slice(-3))); |
207 | } | 204 | } |
208 | if (mouseMotionCollect <= 0) { | 205 | if (mouseMotionCollect <= 0) { |
209 | if (document.removeEventListener) { | 206 | if (document.removeEventListener) { |
210 | document.removeEventListener("mousemove", mouseMoveEntropy, false); | 207 | document.removeEventListener("mousemove", mouseMoveEntropy, false); |
211 | } else if (document.detachEvent) { | 208 | } else if (document.detachEvent) { |
212 | document.detachEvent("onmousemove", mouseMoveEntropy); | 209 | document.detachEvent("onmousemove", mouseMoveEntropy); |
213 | } else { | 210 | } else { |
214 | document.onmousemove = oldMoveHandler; | 211 | document.onmousemove = oldMoveHandler; |
215 | } | 212 | } |
216 | //dump("Spung!", 0); | 213 | //dump("Spung!", 0); |
217 | } | 214 | } |
218 | } | 215 | } |
219 | } | 216 | } |
220 | 217 | ||
221 | /*Compute a 32 byte key value from the entropy vector. | 218 | /*Compute a 32 byte key value from the entropy vector. |
222 | We compute the value by taking the MD5 sum of the even | 219 | We compute the value by taking the MD5 sum of the even |
223 | and odd bytes respectively of the entropy vector, then | 220 | and odd bytes respectively of the entropy vector, then |
224 | concatenating the two MD5 sums. */ | 221 | concatenating the two MD5 sums. */ |
225 | 222 | ||
226 | function keyFromEntropy() { | 223 | function keyFromEntropy() { |
227 | var i, k = new Array(32); | 224 | var i, k = new Array(32); |
228 | 225 | ||
229 | if (edlen == 0) { | 226 | if (edlen == 0) { |
230 | alert("Blooie! Entropy vector void at call to keyFromEntropy."); | 227 | alert("Blooie! Entropy vector void at call to keyFromEntropy."); |
231 | } | 228 | } |
232 | //dump("Entropy bytes", edlen); | 229 | //dump("Entropy bytes", edlen); |
233 | 230 | ||
234 | md5_init(); | 231 | md5_init(); |
235 | for (i = 0; i < edlen; i += 2) { | 232 | for (i = 0; i < edlen; i += 2) { |
236 | md5_update(entropyData[i]); | 233 | md5_update(entropyData[i]); |
237 | } | 234 | } |
238 | md5_finish(); | 235 | md5_finish(); |
239 | for (i = 0; i < 16; i++) { | 236 | for (i = 0; i < 16; i++) { |
240 | k[i] = digestBits[i]; | 237 | k[i] = digestBits[i]; |
241 | } | 238 | } |
242 | 239 | ||
243 | md5_init(); | 240 | md5_init(); |
244 | for (i = 1; i < edlen; i += 2) { | 241 | for (i = 1; i < edlen; i += 2) { |
245 | md5_update(entropyData[i]); | 242 | md5_update(entropyData[i]); |
246 | } | 243 | } |
247 | md5_finish(); | 244 | md5_finish(); |
248 | for (i = 0; i < 16; i++) { | 245 | for (i = 0; i < 16; i++) { |
249 | k[i + 16] = digestBits[i]; | 246 | k[i + 16] = digestBits[i]; |
250 | } | 247 | } |
251 | 248 | ||
252 | //dump("keyFromEntropy", byteArrayToHex(k)); | 249 | //dump("keyFromEntropy", byteArrayToHex(k)); |
253 | return k; | 250 | return k; |
254 | } | 251 | } |
255 | 252 | ||
256 | //############################################################################# | 253 | //############################################################################# |
257 | //Downloaded on March 30, 2006 from http://www.fourmilab.ch/javascrypt/javascrypt.zip (aesprng.js) | 254 | //Downloaded on March 30, 2006 from http://www.fourmilab.ch/javascrypt/javascrypt.zip (aesprng.js) |
258 | //############################################################################# | 255 | //############################################################################# |
259 | 256 | ||
260 | 257 | ||
261 | // AES based pseudorandom number generator | 258 | // AES based pseudorandom number generator |
262 | 259 | ||
263 | /* Constructor. Called with an array of 32 byte (0-255) values | 260 | /* Constructor. Called with an array of 32 byte (0-255) values |
264 | containing the initial seed. */ | 261 | containing the initial seed. */ |
265 | 262 | ||
266 | function AESprng(seed) { | 263 | function AESprng(seed) { |
267 | this.key = new Array(); | 264 | this.key = new Array(); |
268 | this.key = seed; | 265 | this.key = seed; |
269 | this.itext = hexToByteArray("9F489613248148F9C27945C6AE62EECA3E3367BB14064E4E6DC67A9F28AB3BD1"); | 266 | this.itext = hexToByteArray("9F489613248148F9C27945C6AE62EECA3E3367BB14064E4E6DC67A9F28AB3BD1"); |
270 | this.nbytes = 0; // Bytes left in buffer | 267 | this.nbytes = 0; // Bytes left in buffer |
271 | 268 | ||
272 | this.next = AESprng_next; | 269 | this.next = AESprng_next; |
273 | this.nextbits = AESprng_nextbits; | 270 | this.nextbits = AESprng_nextbits; |
274 | this.nextInt = AESprng_nextInt; | 271 | this.nextInt = AESprng_nextInt; |
275 | this.round = AESprng_round; | 272 | this.round = AESprng_round; |
276 | 273 | ||
277 | /* Encrypt the initial text with the seed key | 274 | /* Encrypt the initial text with the seed key |
278 | three times, feeding the output of the encryption | 275 | three times, feeding the output of the encryption |
279 | back into the key for the next round. */ | 276 | back into the key for the next round. */ |
280 | 277 | ||
281 | bsb = blockSizeInBits; | 278 | bsb = blockSizeInBits; |
282 | blockSizeInBits = 256; | 279 | blockSizeInBits = 256; |
283 | var i, ct; | 280 | var i, ct; |
284 | for (i = 0; i < 3; i++) { | 281 | for (i = 0; i < 3; i++) { |
285 | this.key = rijndaelEncrypt(this.itext, this.key, "ECB"); | 282 | this.key = rijndaelEncrypt(this.itext, this.key, "ECB"); |
286 | } | 283 | } |
287 | 284 | ||
288 | /* Now make between one and four additional | 285 | /* Now make between one and four additional |
289 | key-feedback rounds, with the number determined | 286 | key-feedback rounds, with the number determined |
290 | by bits from the result of the first three | 287 | by bits from the result of the first three |
291 | rounds. */ | 288 | rounds. */ |
292 | 289 | ||
293 | var n = 1 + (this.key[3] & 2) + (this.key[9] & 1); | 290 | var n = 1 + (this.key[3] & 2) + (this.key[9] & 1); |
294 | for (i = 0; i < n; i++) { | 291 | for (i = 0; i < n; i++) { |
295 | this.key = rijndaelEncrypt(this.itext, this.key, "ECB"); | 292 | this.key = rijndaelEncrypt(this.itext, this.key, "ECB"); |
296 | } | 293 | } |
297 | blockSizeInBits = bsb; | 294 | blockSizeInBits = bsb; |
298 | } | 295 | } |
299 | 296 | ||
300 | function AESprng_round() { | 297 | function AESprng_round() { |
301 | bsb = blockSizeInBits; | 298 | bsb = blockSizeInBits; |
302 | blockSizeInBits = 256; | 299 | blockSizeInBits = 256; |
303 | this.key = rijndaelEncrypt(this.itext, this.key, "ECB"); | 300 | this.key = rijndaelEncrypt(this.itext, this.key, "ECB"); |
304 | this.nbytes = 32; | 301 | this.nbytes = 32; |
305 | blockSizeInBits = bsb; | 302 | blockSizeInBits = bsb; |
306 | } | 303 | } |
307 | 304 | ||
308 | //Return next byte from the generator | 305 | //Return next byte from the generator |
309 | 306 | ||
310 | function AESprng_next() { | 307 | function AESprng_next() { |
311 | if (this.nbytes <= 0) { | 308 | if (this.nbytes <= 0) { |
312 | this.round(); | 309 | this.round(); |
313 | } | 310 | } |
314 | return(this.key[--this.nbytes]); | 311 | return(this.key[--this.nbytes]); |
315 | } | 312 | } |
316 | 313 | ||
317 | //Return n bit integer value (up to maximum integer size) | 314 | //Return n bit integer value (up to maximum integer size) |
318 | 315 | ||
319 | function AESprng_nextbits(n) { | 316 | function AESprng_nextbits(n) { |
320 | var i, w = 0, nbytes = Math.floor((n + 7) / 8); | 317 | var i, w = 0, nbytes = Math.floor((n + 7) / 8); |
321 | 318 | ||
322 | for (i = 0; i < nbytes; i++) { | 319 | for (i = 0; i < nbytes; i++) { |
323 | w = (w << 8) | this.next(); | 320 | w = (w << 8) | this.next(); |
324 | } | 321 | } |
325 | return w & ((1 << n) - 1); | 322 | return w & ((1 << n) - 1); |
326 | } | 323 | } |
327 | 324 | ||
328 | // Return integer between 0 and n inclusive | 325 | // Return integer between 0 and n inclusive |
329 | 326 | ||
330 | function AESprng_nextInt(n) { | 327 | function AESprng_nextInt(n) { |
331 | var p = 1, nb = 0; | 328 | var p = 1, nb = 0; |
332 | 329 | ||
333 | // Determine smallest p, 2^p > n | 330 | // Determine smallest p, 2^p > n |
334 | // nb = log_2 p | 331 | // nb = log_2 p |
335 | 332 | ||
336 | while (n >= p) { | 333 | while (n >= p) { |
337 | p <<= 1; | 334 | p <<= 1; |
338 | nb++; | 335 | nb++; |
339 | } | 336 | } |
340 | p--; | 337 | p--; |
341 | 338 | ||
342 | /* Generate values from 0 through n by first generating | 339 | /* Generate values from 0 through n by first generating |
343 | values v from 0 to (2^p)-1, then discarding any results v > n. | 340 | values v from 0 to (2^p)-1, then discarding any results v > n. |
344 | For the rationale behind this (and why taking | 341 | For the rationale behind this (and why taking |
345 | values mod (n + 1) is biased toward smaller values, see | 342 | values mod (n + 1) is biased toward smaller values, see |
346 | Ferguson and Schneier, "Practical Cryptography", | 343 | Ferguson and Schneier, "Practical Cryptography", |
347 | ISBN 0-471-22357-3, section 10.8). */ | 344 | ISBN 0-471-22357-3, section 10.8). */ |
348 | 345 | ||
349 | while (true) { | 346 | while (true) { |
350 | var v = this.nextbits(nb) & p; | 347 | var v = this.nextbits(nb) & p; |
351 | 348 | ||
352 | if (v <= n) { | 349 | if (v <= n) { |
353 | return v; | 350 | return v; |
354 | } | 351 | } |
355 | } | 352 | } |
356 | } | 353 | } |
357 | 354 | ||
358 | //############################################################################# | 355 | //############################################################################# |
359 | //Downloaded on March 30, 2006 from http://www.fourmilab.ch/javascrypt/javascrypt.zip (md5.js) | 356 | //Downloaded on March 30, 2006 from http://www.fourmilab.ch/javascrypt/javascrypt.zip (md5.js) |
360 | //############################################################################# | 357 | //############################################################################# |
361 | 358 | ||
362 | /* | 359 | /* |
363 | * md5.jvs 1.0b 27/06/96 | 360 | * md5.jvs 1.0b 27/06/96 |
364 | * | 361 | * |
365 | * Javascript implementation of the RSA Data Security, Inc. MD5 | 362 | * Javascript implementation of the RSA Data Security, Inc. MD5 |
366 | * Message-Digest Algorithm. | 363 | * Message-Digest Algorithm. |
367 | * | 364 | * |
368 | * Copyright (c) 1996 Henri Torgemane. All Rights Reserved. | 365 | * Copyright (c) 1996 Henri Torgemane. All Rights Reserved. |
369 | * | 366 | * |
370 | * Permission to use, copy, modify, and distribute this software | 367 | * Permission to use, copy, modify, and distribute this software |
371 | * and its documentation for any purposes and without | 368 | * and its documentation for any purposes and without |
372 | * fee is hereby granted provided that this copyright notice | 369 | * fee is hereby granted provided that this copyright notice |
373 | * appears in all copies. | 370 | * appears in all copies. |
374 | * | 371 | * |
375 | * Of course, this soft is provided "as is" without express or implied | 372 | * Of course, this soft is provided "as is" without express or implied |
376 | * warranty of any kind. | 373 | * warranty of any kind. |
377 | 374 | ||
378 | This version contains some trivial reformatting modifications | 375 | This version contains some trivial reformatting modifications |
379 | by John Walker. | 376 | by John Walker. |
380 | 377 | ||
381 | */ | 378 | */ |
382 | 379 | ||
383 | function array(n) { | 380 | function array(n) { |
384 | for (i = 0; i < n; i++) { | 381 | for (i = 0; i < n; i++) { |
385 | this[i] = 0; | 382 | this[i] = 0; |
386 | } | 383 | } |
387 | this.length = n; | 384 | this.length = n; |
388 | } | 385 | } |
389 | 386 | ||
390 | /* Some basic logical functions had to be rewritten because of a bug in | 387 | /* Some basic logical functions had to be rewritten because of a bug in |
391 | * Javascript.. Just try to compute 0xffffffff >> 4 with it.. | 388 | * Javascript.. Just try to compute 0xffffffff >> 4 with it.. |
392 | * Of course, these functions are slower than the original would be, but | 389 | * Of course, these functions are slower than the original would be, but |
393 | * at least, they work! | 390 | * at least, they work! |
394 | */ | 391 | */ |
395 | 392 | ||
396 | function integer(n) { | 393 | function integer(n) { |
397 | return n % (0xffffffff + 1); | 394 | return n % (0xffffffff + 1); |
398 | } | 395 | } |
399 | 396 | ||
400 | function shr(a, b) { | 397 | function shr(a, b) { |
401 | a = integer(a); | 398 | a = integer(a); |
402 | b = integer(b); | 399 | b = integer(b); |
403 | if (a - 0x80000000 >= 0) { | 400 | if (a - 0x80000000 >= 0) { |
404 | a = a % 0x80000000; | 401 | a = a % 0x80000000; |
405 | a >>= b; | 402 | a >>= b; |
406 | a += 0x40000000 >> (b - 1); | 403 | a += 0x40000000 >> (b - 1); |
407 | } else { | 404 | } else { |
408 | a >>= b; | 405 | a >>= b; |