340 lines
12 KiB
HTML
340 lines
12 KiB
HTML
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="utf-8">
|
|
<title>JSDoc: Source: openpgp.cfb.js</title>
|
|
|
|
<script src="scripts/prettify/prettify.js"> </script>
|
|
<script src="scripts/prettify/lang-css.js"> </script>
|
|
<!--[if lt IE 9]>
|
|
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
|
|
<![endif]-->
|
|
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
|
|
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
|
|
</head>
|
|
|
|
<body>
|
|
|
|
<div id="main">
|
|
|
|
<h1 class="page-title">Source: openpgp.cfb.js</h1>
|
|
|
|
|
|
|
|
|
|
|
|
<section>
|
|
<article>
|
|
<pre class="prettyprint source"><code>// Modified by Recurity Labs GmbH
|
|
|
|
// modified version of http://www.hanewin.net/encrypt/PGdecode.js:
|
|
|
|
/* OpenPGP encryption using RSA/AES
|
|
* Copyright 2005-2006 Herbert Hanewinkel, www.haneWIN.de
|
|
* version 2.0, check www.haneWIN.de for the latest version
|
|
|
|
* This software is provided as-is, without express or implied warranty.
|
|
* Permission to use, copy, modify, distribute or sell this software, with or
|
|
* without fee, for any purpose and by any individual or organization, is hereby
|
|
* granted, provided that the above copyright notice and this paragraph appear
|
|
* in all copies. Distribution as a part of an application or binary must
|
|
* include the above copyright notice in the documentation and/or other
|
|
* materials provided with the application or distribution.
|
|
*/
|
|
|
|
/**
|
|
* An array of bytes, that is integers with values from 0 to 255
|
|
* @typedef {(Array|Uint8Array)} openpgp_byte_array
|
|
*/
|
|
|
|
/**
|
|
* Block cipher function
|
|
* @callback openpgp_cipher_block_fn
|
|
* @param {openpgp_byte_array} block A block to perform operations on
|
|
* @param {openpgp_byte_array} key to use in encryption/decryption
|
|
* @return {openpgp_byte_array} Encrypted/decrypted block
|
|
*/
|
|
|
|
|
|
// --------------------------------------
|
|
/**
|
|
* This function encrypts a given with the specified prefixrandom
|
|
* using the specified blockcipher to encrypt a message
|
|
* @param {String[]} prefixrandom random bytes of block_size length provided
|
|
* as a string to be used in prefixing the data
|
|
* @param {openpgp_cipher_block_fn} blockcipherfn the algorithm encrypt function to encrypt
|
|
* data in one block_size encryption.
|
|
* @param {Integer} block_size the block size in bytes of the algorithm used
|
|
* @param {String} plaintext data to be encrypted provided as a string
|
|
* @param {openpgp_byte_array} key key to be used to encrypt the data. This will be passed to the
|
|
* blockcipherfn
|
|
* @param {Boolean} resync a boolean value specifying if a resync of the
|
|
* IV should be used or not. The encrypteddatapacket uses the
|
|
* "old" style with a resync. Encryption within an
|
|
* encryptedintegrityprotecteddata packet is not resyncing the IV.
|
|
* @return {String} a string with the encrypted data
|
|
*/
|
|
function openpgp_cfb_encrypt(prefixrandom, blockcipherencryptfn, plaintext, block_size, key, resync) {
|
|
var FR = new Array(block_size);
|
|
var FRE = new Array(block_size);
|
|
|
|
prefixrandom = prefixrandom + prefixrandom.charAt(block_size-2) +prefixrandom.charAt(block_size-1);
|
|
util.print_debug("prefixrandom:"+util.hexstrdump(prefixrandom));
|
|
var ciphertext = "";
|
|
// 1. The feedback register (FR) is set to the IV, which is all zeros.
|
|
for (var i = 0; i < block_size; i++) FR[i] = 0;
|
|
|
|
// 2. FR is encrypted to produce FRE (FR Encrypted). This is the
|
|
// encryption of an all-zero value.
|
|
FRE = blockcipherencryptfn(FR, key);
|
|
// 3. FRE is xored with the first BS octets of random data prefixed to
|
|
// the plaintext to produce C[1] through C[BS], the first BS octets
|
|
// of ciphertext.
|
|
for (var i = 0; i < block_size; i++) ciphertext += String.fromCharCode(FRE[i] ^ prefixrandom.charCodeAt(i));
|
|
|
|
// 4. FR is loaded with C[1] through C[BS].
|
|
for (var i = 0; i < block_size; i++) FR[i] = ciphertext.charCodeAt(i);
|
|
|
|
// 5. FR is encrypted to produce FRE, the encryption of the first BS
|
|
// octets of ciphertext.
|
|
FRE = blockcipherencryptfn(FR, key);
|
|
|
|
// 6. The left two octets of FRE get xored with the next two octets of
|
|
// data that were prefixed to the plaintext. This produces C[BS+1]
|
|
// and C[BS+2], the next two octets of ciphertext.
|
|
ciphertext += String.fromCharCode(FRE[0] ^ prefixrandom.charCodeAt(block_size));
|
|
ciphertext += String.fromCharCode(FRE[1] ^ prefixrandom.charCodeAt(block_size+1));
|
|
|
|
if (resync) {
|
|
// 7. (The resync step) FR is loaded with C3-C10.
|
|
for (var i = 0; i < block_size; i++) FR[i] = ciphertext.charCodeAt(i+2);
|
|
} else {
|
|
for (var i = 0; i < block_size; i++) FR[i] = ciphertext.charCodeAt(i);
|
|
}
|
|
// 8. FR is encrypted to produce FRE.
|
|
FRE = blockcipherencryptfn(FR, key);
|
|
|
|
if (resync) {
|
|
// 9. FRE is xored with the first 8 octets of the given plaintext, now
|
|
// that we have finished encrypting the 10 octets of prefixed data.
|
|
// This produces C11-C18, the next 8 octets of ciphertext.
|
|
for (var i = 0; i < block_size; i++)
|
|
ciphertext += String.fromCharCode(FRE[i] ^ plaintext.charCodeAt(i));
|
|
for(n=block_size+2; n < plaintext.length; n+=block_size) {
|
|
// 10. FR is loaded with C11-C18
|
|
for (var i = 0; i < block_size; i++) FR[i] = ciphertext.charCodeAt(n+i);
|
|
|
|
// 11. FR is encrypted to produce FRE.
|
|
FRE = blockcipherencryptfn(FR, key);
|
|
|
|
// 12. FRE is xored with the next 8 octets of plaintext, to produce the
|
|
// next 8 octets of ciphertext. These are loaded into FR and the
|
|
// process is repeated until the plaintext is used up.
|
|
for (var i = 0; i < block_size; i++) ciphertext += String.fromCharCode(FRE[i] ^ plaintext.charCodeAt((n-2)+i));
|
|
}
|
|
}
|
|
else {
|
|
plaintext = " "+plaintext;
|
|
// 9. FRE is xored with the first 8 octets of the given plaintext, now
|
|
// that we have finished encrypting the 10 octets of prefixed data.
|
|
// This produces C11-C18, the next 8 octets of ciphertext.
|
|
for (var i = 2; i < block_size; i++) ciphertext += String.fromCharCode(FRE[i] ^ plaintext.charCodeAt(i));
|
|
var tempCiphertext = ciphertext.substring(0,2*block_size).split('');
|
|
var tempCiphertextString = ciphertext.substring(block_size);
|
|
for(n=block_size; n<plaintext.length; n+=block_size) {
|
|
// 10. FR is loaded with C11-C18
|
|
for (var i = 0; i < block_size; i++) FR[i] = tempCiphertextString.charCodeAt(i);
|
|
tempCiphertextString='';
|
|
|
|
// 11. FR is encrypted to produce FRE.
|
|
FRE = blockcipherencryptfn(FR, key);
|
|
|
|
// 12. FRE is xored with the next 8 octets of plaintext, to produce the
|
|
// next 8 octets of ciphertext. These are loaded into FR and the
|
|
// process is repeated until the plaintext is used up.
|
|
for (var i = 0; i < block_size; i++){ tempCiphertext.push(String.fromCharCode(FRE[i] ^ plaintext.charCodeAt(n+i)));
|
|
tempCiphertextString += String.fromCharCode(FRE[i] ^ plaintext.charCodeAt(n+i));
|
|
}
|
|
}
|
|
ciphertext = tempCiphertext.join('');
|
|
|
|
}
|
|
return ciphertext;
|
|
}
|
|
|
|
/**
|
|
* Decrypts the prefixed data for the Modification Detection Code (MDC) computation
|
|
* @param {openpgp_block_cipher_fn} blockcipherencryptfn Cipher function to use
|
|
* @param {Integer} block_size Blocksize of the algorithm
|
|
* @param {openpgp_byte_array} key The key for encryption
|
|
* @param {String} ciphertext The encrypted data
|
|
* @return {String} plaintext Data of D(ciphertext) with blocksize length +2
|
|
*/
|
|
function openpgp_cfb_mdc(blockcipherencryptfn, block_size, key, ciphertext) {
|
|
var iblock = new Array(block_size);
|
|
var ablock = new Array(block_size);
|
|
var i;
|
|
|
|
// initialisation vector
|
|
for(i=0; i < block_size; i++) iblock[i] = 0;
|
|
|
|
iblock = blockcipherencryptfn(iblock, key);
|
|
for(i = 0; i < block_size; i++)
|
|
{
|
|
ablock[i] = ciphertext.charCodeAt(i);
|
|
iblock[i] ^= ablock[i];
|
|
}
|
|
|
|
ablock = blockcipherencryptfn(ablock, key);
|
|
|
|
return util.bin2str(iblock)+
|
|
String.fromCharCode(ablock[0]^ciphertext.charCodeAt(block_size))+
|
|
String.fromCharCode(ablock[1]^ciphertext.charCodeAt(block_size+1));
|
|
}
|
|
/**
|
|
* This function decrypts a given plaintext using the specified
|
|
* blockcipher to decrypt a message
|
|
* @param {openpgp_cipher_block_fn} blockcipherfn The algorithm _encrypt_ function to encrypt
|
|
* data in one block_size encryption.
|
|
* @param {Integer} block_size the block size in bytes of the algorithm used
|
|
* @param {String} plaintext ciphertext to be decrypted provided as a string
|
|
* @param {openpgp_byte_array} key key to be used to decrypt the ciphertext. This will be passed to the
|
|
* blockcipherfn
|
|
* @param {Boolean} resync a boolean value specifying if a resync of the
|
|
* IV should be used or not. The encrypteddatapacket uses the
|
|
* "old" style with a resync. Decryption within an
|
|
* encryptedintegrityprotecteddata packet is not resyncing the IV.
|
|
* @return {String} a string with the plaintext data
|
|
*/
|
|
|
|
function openpgp_cfb_decrypt(blockcipherencryptfn, block_size, key, ciphertext, resync)
|
|
{
|
|
util.print_debug("resync:"+resync);
|
|
var iblock = new Array(block_size);
|
|
var ablock = new Array(block_size);
|
|
var i, n = '';
|
|
var text = [];
|
|
|
|
// initialisation vector
|
|
for(i=0; i < block_size; i++) iblock[i] = 0;
|
|
|
|
iblock = blockcipherencryptfn(iblock, key);
|
|
for(i = 0; i < block_size; i++)
|
|
{
|
|
ablock[i] = ciphertext.charCodeAt(i);
|
|
iblock[i] ^= ablock[i];
|
|
}
|
|
|
|
ablock = blockcipherencryptfn(ablock, key);
|
|
|
|
util.print_debug("openpgp_cfb_decrypt:\niblock:"+util.hexidump(iblock)+"\nablock:"+util.hexidump(ablock)+"\n");
|
|
util.print_debug((ablock[0]^ciphertext.charCodeAt(block_size)).toString(16)+(ablock[1]^ciphertext.charCodeAt(block_size+1)).toString(16));
|
|
|
|
// test check octets
|
|
if(iblock[block_size-2]!=(ablock[0]^ciphertext.charCodeAt(block_size))
|
|
|| iblock[block_size-1]!=(ablock[1]^ciphertext.charCodeAt(block_size+1)))
|
|
{
|
|
util.print_eror("error duding decryption. Symmectric encrypted data not valid.");
|
|
return text.join('');
|
|
}
|
|
|
|
/* RFC4880: Tag 18 and Resync:
|
|
* [...] Unlike the Symmetrically Encrypted Data Packet, no
|
|
* special CFB resynchronization is done after encrypting this prefix
|
|
* data. See "OpenPGP CFB Mode" below for more details.
|
|
|
|
*/
|
|
|
|
if (resync) {
|
|
for(i=0; i<block_size; i++) iblock[i] = ciphertext.charCodeAt(i+2);
|
|
for(n=block_size+2; n<ciphertext.length; n+=block_size)
|
|
{
|
|
ablock = blockcipherencryptfn(iblock, key);
|
|
|
|
for(i = 0; i<block_size && i+n < ciphertext.length; i++)
|
|
{
|
|
iblock[i] = ciphertext.charCodeAt(n+i);
|
|
text.push(String.fromCharCode(ablock[i]^iblock[i]));
|
|
}
|
|
}
|
|
} else {
|
|
for(i=0; i<block_size; i++) iblock[i] = ciphertext.charCodeAt(i);
|
|
for(n=block_size; n<ciphertext.length; n+=block_size)
|
|
{
|
|
ablock = blockcipherencryptfn(iblock, key);
|
|
for(i = 0; i<block_size && i+n < ciphertext.length; i++)
|
|
{
|
|
iblock[i] = ciphertext.charCodeAt(n+i);
|
|
text.push(String.fromCharCode(ablock[i]^iblock[i]));
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
return text.join('');
|
|
}
|
|
|
|
|
|
function normal_cfb_encrypt(blockcipherencryptfn, block_size, key, plaintext, iv) {
|
|
var blocki ="";
|
|
var blockc = "";
|
|
var pos = 0;
|
|
var cyphertext = [];
|
|
var tempBlock = [];
|
|
blockc = iv.substring(0,block_size);
|
|
while (plaintext.length > block_size*pos) {
|
|
var encblock = blockcipherencryptfn(blockc, key);
|
|
blocki = plaintext.substring((pos*block_size),(pos*block_size)+block_size);
|
|
for (var i=0; i < blocki.length; i++)
|
|
tempBlock.push(String.fromCharCode(blocki.charCodeAt(i) ^ encblock[i]));
|
|
blockc = tempBlock.join('');
|
|
tempBlock = [];
|
|
cyphertext.push(blockc);
|
|
pos++;
|
|
}
|
|
return cyphertext.join('');
|
|
}
|
|
|
|
function normal_cfb_decrypt(blockcipherencryptfn, block_size, key, ciphertext, iv) {
|
|
var blockp ="";
|
|
var pos = 0;
|
|
var plaintext = [];
|
|
var offset = 0;
|
|
if (iv == null)
|
|
for (var i = 0; i < block_size; i++) blockp += String.fromCharCode(0);
|
|
else
|
|
blockp = iv.substring(0,block_size);
|
|
while (ciphertext.length > (block_size*pos)) {
|
|
var decblock = blockcipherencryptfn(blockp, key);
|
|
blockp = ciphertext.substring((pos*(block_size))+offset,(pos*(block_size))+(block_size)+offset);
|
|
for (var i=0; i < blockp.length; i++) {
|
|
plaintext.push(String.fromCharCode(blockp.charCodeAt(i) ^ decblock[i]));
|
|
}
|
|
pos++;
|
|
}
|
|
|
|
return plaintext.join('');
|
|
}
|
|
</code></pre>
|
|
</article>
|
|
</section>
|
|
|
|
|
|
|
|
|
|
</div>
|
|
|
|
<nav>
|
|
<h2><a href="index.html">Index</a></h2><h3>Global</h3><ul><li><a href="global.html#openpgp_cfb_decrypt">openpgp_cfb_decrypt</a></li><li><a href="global.html#openpgp_cfb_encrypt">openpgp_cfb_encrypt</a></li><li><a href="global.html#openpgp_cfb_mdc">openpgp_cfb_mdc</a></li></ul>
|
|
</nav>
|
|
|
|
<br clear="both">
|
|
|
|
<footer>
|
|
Documentation generated by <a href="https://github.com/jsdoc3/jsdoc">JSDoc 3.2.0-dev</a> on Fri Apr 12 2013 12:38:54 GMT+0200 (CEST)
|
|
</footer>
|
|
|
|
<script> prettyPrint(); </script>
|
|
</body>
|
|
</html>
|