]>
git.proxmox.com Git - mirror_novnc.git/blob - core/des.js
2 * Ported from Flashlight VNC ActionScript implementation:
3 * http://www.wizhelp.com/flashlight-vnc/
5 * Full attribution follows:
7 * -------------------------------------------------------------------------
9 * This DES class has been extracted from package Acme.Crypto for use in VNC.
10 * The unnecessary odd parity code has been removed.
13 * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved.
15 * This software is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
20 * DesCipher - the DES encryption method
22 * The meat of this code is by Dave Zimmerman <dzimm@widget.com>, and is:
24 * Copyright (c) 1996 Widget Workshop, Inc. All Rights Reserved.
26 * Permission to use, copy, modify, and distribute this software
27 * and its documentation for NON-COMMERCIAL or COMMERCIAL purposes and
28 * without fee is hereby granted, provided that this copyright notice is kept
31 * WIDGET WORKSHOP MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY
32 * OF THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
33 * TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
34 * PARTICULAR PURPOSE, OR NON-INFRINGEMENT. WIDGET WORKSHOP SHALL NOT BE LIABLE
35 * FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING OR
36 * DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES.
38 * THIS SOFTWARE IS NOT DESIGNED OR INTENDED FOR USE OR RESALE AS ON-LINE
39 * CONTROL EQUIPMENT IN HAZARDOUS ENVIRONMENTS REQUIRING FAIL-SAFE
40 * PERFORMANCE, SUCH AS IN THE OPERATION OF NUCLEAR FACILITIES, AIRCRAFT
41 * NAVIGATION OR COMMUNICATION SYSTEMS, AIR TRAFFIC CONTROL, DIRECT LIFE
42 * SUPPORT MACHINES, OR WEAPONS SYSTEMS, IN WHICH THE FAILURE OF THE
43 * SOFTWARE COULD LEAD DIRECTLY TO DEATH, PERSONAL INJURY, OR SEVERE
44 * PHYSICAL OR ENVIRONMENTAL DAMAGE ("HIGH RISK ACTIVITIES"). WIDGET WORKSHOP
45 * SPECIFICALLY DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY OF FITNESS FOR
46 * HIGH RISK ACTIVITIES.
51 * Copyright (C) 1996 by Jef Poskanzer <jef@acme.com>. All rights reserved.
53 * Redistribution and use in source and binary forms, with or without
54 * modification, are permitted provided that the following conditions
56 * 1. Redistributions of source code must retain the above copyright
57 * notice, this list of conditions and the following disclaimer.
58 * 2. Redistributions in binary form must reproduce the above copyright
59 * notice, this list of conditions and the following disclaimer in the
60 * documentation and/or other materials provided with the distribution.
62 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
63 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
64 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
65 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
66 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
67 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
68 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
69 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
70 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
71 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
74 * Visit the ACME Labs Java page for up-to-date versions of this and other
75 * fine Java utilities: http://www.acme.com/java/
78 /* jslint white: false */
80 /* [module] export default */ function DES(passwd
) {
83 // Tables, permutations, S-boxes, etc.
85 var PC2
= [13,16,10,23, 0, 4, 2,27,14, 5,20, 9,22,18,11, 3,
86 25, 7,15, 6,26,19,12, 1,40,51,30,36,46,54,29,39,
87 50,44,32,47,43,48,38,55,33,52,45,41,49,35,28,31 ],
88 totrot
= [ 1, 2, 4, 6, 8,10,12,14,15,17,19,21,23,25,27,28],
89 z
= 0x0, a
,b
,c
,d
,e
,f
, SP1
,SP2
,SP3
,SP4
,SP5
,SP6
,SP7
,SP8
,
93 a
=1<<16; b
=1<<24; c
=a
|b
; d
=1<<2; e
=1<<10; f
=d
|e
;
94 SP1
= [c
|e
,z
|z
,a
|z
,c
|f
,c
|d
,a
|f
,z
|d
,a
|z
,z
|e
,c
|e
,c
|f
,z
|e
,b
|f
,c
|d
,b
|z
,z
|d
,
95 z
|f
,b
|e
,b
|e
,a
|e
,a
|e
,c
|z
,c
|z
,b
|f
,a
|d
,b
|d
,b
|d
,a
|d
,z
|z
,z
|f
,a
|f
,b
|z
,
96 a
|z
,c
|f
,z
|d
,c
|z
,c
|e
,b
|z
,b
|z
,z
|e
,c
|d
,a
|z
,a
|e
,b
|d
,z
|e
,z
|d
,b
|f
,a
|f
,
97 c
|f
,a
|d
,c
|z
,b
|f
,b
|d
,z
|f
,a
|f
,c
|e
,z
|f
,b
|e
,b
|e
,z
|z
,a
|d
,a
|e
,z
|z
,c
|d
];
98 a
=1<<20; b
=1<<31; c
=a
|b
; d
=1<<5; e
=1<<15; f
=d
|e
;
99 SP2
= [c
|f
,b
|e
,z
|e
,a
|f
,a
|z
,z
|d
,c
|d
,b
|f
,b
|d
,c
|f
,c
|e
,b
|z
,b
|e
,a
|z
,z
|d
,c
|d
,
100 a
|e
,a
|d
,b
|f
,z
|z
,b
|z
,z
|e
,a
|f
,c
|z
,a
|d
,b
|d
,z
|z
,a
|e
,z
|f
,c
|e
,c
|z
,z
|f
,
101 z
|z
,a
|f
,c
|d
,a
|z
,b
|f
,c
|z
,c
|e
,z
|e
,c
|z
,b
|e
,z
|d
,c
|f
,a
|f
,z
|d
,z
|e
,b
|z
,
102 z
|f
,c
|e
,a
|z
,b
|d
,a
|d
,b
|f
,b
|d
,a
|d
,a
|e
,z
|z
,b
|e
,z
|f
,b
|z
,c
|d
,c
|f
,a
|e
];
103 a
=1<<17; b
=1<<27; c
=a
|b
; d
=1<<3; e
=1<<9; f
=d
|e
;
104 SP3
= [z
|f
,c
|e
,z
|z
,c
|d
,b
|e
,z
|z
,a
|f
,b
|e
,a
|d
,b
|d
,b
|d
,a
|z
,c
|f
,a
|d
,c
|z
,z
|f
,
105 b
|z
,z
|d
,c
|e
,z
|e
,a
|e
,c
|z
,c
|d
,a
|f
,b
|f
,a
|e
,a
|z
,b
|f
,z
|d
,c
|f
,z
|e
,b
|z
,
106 c
|e
,b
|z
,a
|d
,z
|f
,a
|z
,c
|e
,b
|e
,z
|z
,z
|e
,a
|d
,c
|f
,b
|e
,b
|d
,z
|e
,z
|z
,c
|d
,
107 b
|f
,a
|z
,b
|z
,c
|f
,z
|d
,a
|f
,a
|e
,b
|d
,c
|z
,b
|f
,z
|f
,c
|z
,a
|f
,z
|d
,c
|d
,a
|e
];
108 a
=1<<13; b
=1<<23; c
=a
|b
; d
=1<<0; e
=1<<7; f
=d
|e
;
109 SP4
= [c
|d
,a
|f
,a
|f
,z
|e
,c
|e
,b
|f
,b
|d
,a
|d
,z
|z
,c
|z
,c
|z
,c
|f
,z
|f
,z
|z
,b
|e
,b
|d
,
110 z
|d
,a
|z
,b
|z
,c
|d
,z
|e
,b
|z
,a
|d
,a
|e
,b
|f
,z
|d
,a
|e
,b
|e
,a
|z
,c
|e
,c
|f
,z
|f
,
111 b
|e
,b
|d
,c
|z
,c
|f
,z
|f
,z
|z
,z
|z
,c
|z
,a
|e
,b
|e
,b
|f
,z
|d
,c
|d
,a
|f
,a
|f
,z
|e
,
112 c
|f
,z
|f
,z
|d
,a
|z
,b
|d
,a
|d
,c
|e
,b
|f
,a
|d
,a
|e
,b
|z
,c
|d
,z
|e
,b
|z
,a
|z
,c
|e
];
113 a
=1<<25; b
=1<<30; c
=a
|b
; d
=1<<8; e
=1<<19; f
=d
|e
;
114 SP5
= [z
|d
,a
|f
,a
|e
,c
|d
,z
|e
,z
|d
,b
|z
,a
|e
,b
|f
,z
|e
,a
|d
,b
|f
,c
|d
,c
|e
,z
|f
,b
|z
,
115 a
|z
,b
|e
,b
|e
,z
|z
,b
|d
,c
|f
,c
|f
,a
|d
,c
|e
,b
|d
,z
|z
,c
|z
,a
|f
,a
|z
,c
|z
,z
|f
,
116 z
|e
,c
|d
,z
|d
,a
|z
,b
|z
,a
|e
,c
|d
,b
|f
,a
|d
,b
|z
,c
|e
,a
|f
,b
|f
,z
|d
,a
|z
,c
|e
,
117 c
|f
,z
|f
,c
|z
,c
|f
,a
|e
,z
|z
,b
|e
,c
|z
,z
|f
,a
|d
,b
|d
,z
|e
,z
|z
,b
|e
,a
|f
,b
|d
];
118 a
=1<<22; b
=1<<29; c
=a
|b
; d
=1<<4; e
=1<<14; f
=d
|e
;
119 SP6
= [b
|d
,c
|z
,z
|e
,c
|f
,c
|z
,z
|d
,c
|f
,a
|z
,b
|e
,a
|f
,a
|z
,b
|d
,a
|d
,b
|e
,b
|z
,z
|f
,
120 z
|z
,a
|d
,b
|f
,z
|e
,a
|e
,b
|f
,z
|d
,c
|d
,c
|d
,z
|z
,a
|f
,c
|e
,z
|f
,a
|e
,c
|e
,b
|z
,
121 b
|e
,z
|d
,c
|d
,a
|e
,c
|f
,a
|z
,z
|f
,b
|d
,a
|z
,b
|e
,b
|z
,z
|f
,b
|d
,c
|f
,a
|e
,c
|z
,
122 a
|f
,c
|e
,z
|z
,c
|d
,z
|d
,z
|e
,c
|z
,a
|f
,z
|e
,a
|d
,b
|f
,z
|z
,c
|e
,b
|z
,a
|d
,b
|f
];
123 a
=1<<21; b
=1<<26; c
=a
|b
; d
=1<<1; e
=1<<11; f
=d
|e
;
124 SP7
= [a
|z
,c
|d
,b
|f
,z
|z
,z
|e
,b
|f
,a
|f
,c
|e
,c
|f
,a
|z
,z
|z
,b
|d
,z
|d
,b
|z
,c
|d
,z
|f
,
125 b
|e
,a
|f
,a
|d
,b
|e
,b
|d
,c
|z
,c
|e
,a
|d
,c
|z
,z
|e
,z
|f
,c
|f
,a
|e
,z
|d
,b
|z
,a
|e
,
126 b
|z
,a
|e
,a
|z
,b
|f
,b
|f
,c
|d
,c
|d
,z
|d
,a
|d
,b
|z
,b
|e
,a
|z
,c
|e
,z
|f
,a
|f
,c
|e
,
127 z
|f
,b
|d
,c
|f
,c
|z
,a
|e
,z
|z
,z
|d
,c
|f
,z
|z
,a
|f
,c
|z
,z
|e
,b
|d
,b
|e
,z
|e
,a
|d
];
128 a
=1<<18; b
=1<<28; c
=a
|b
; d
=1<<6; e
=1<<12; f
=d
|e
;
129 SP8
= [b
|f
,z
|e
,a
|z
,c
|f
,b
|z
,b
|f
,z
|d
,b
|z
,a
|d
,c
|z
,c
|f
,a
|e
,c
|e
,a
|f
,z
|e
,z
|d
,
130 c
|z
,b
|d
,b
|e
,z
|f
,a
|e
,a
|d
,c
|d
,c
|e
,z
|f
,z
|z
,z
|z
,c
|d
,b
|d
,b
|e
,a
|f
,a
|z
,
131 a
|f
,a
|z
,c
|e
,z
|e
,z
|d
,c
|d
,z
|e
,a
|f
,b
|e
,z
|d
,b
|d
,c
|z
,c
|d
,b
|z
,a
|z
,b
|f
,
132 z
|z
,c
|f
,a
|d
,b
|d
,c
|z
,b
|e
,b
|f
,z
|z
,c
|f
,a
|e
,a
|e
,z
|f
,z
|f
,a
|d
,b
|z
,c
|e
];
133 // jshint +W013,+W015
136 function setKeys(keyBlock
) {
137 var i
, j
, l
, m
, n
, o
, pc1m
= [], pcr
= [], kn
= [],
138 raw0
, raw1
, rawi
, KnLi
;
140 for (j
= 0, l
= 56; j
< 56; ++j
, l
-= 8) {
141 l
+= l
< -5 ? 65 : l
< -3 ? 31 : l
< -1 ? 63 : l
=== 27 ? 35 : 0; // PC1
143 pc1m
[j
] = ((keyBlock
[l
>>> 3] & (1<<m
)) !== 0) ? 1: 0;
146 for (i
= 0; i
< 16; ++i
) {
150 for (o
= 28; o
< 59; o
+= 28) {
151 for (j
= o
- 28; j
< o
; ++j
) {
156 pcr
[j
] = pc1m
[l
- 28];
160 for (j
= 0; j
< 24; ++j
) {
161 if (pcr
[PC2
[j
]] !== 0) {
162 kn
[m
] |= 1 << (23 - j
);
164 if (pcr
[PC2
[j
+ 24]] !== 0) {
165 kn
[n
] |= 1 << (23 - j
);
171 for (i
= 0, rawi
= 0, KnLi
= 0; i
< 16; ++i
) {
174 keys
[KnLi
] = (raw0
& 0x00fc0000) << 6;
175 keys
[KnLi
] |= (raw0
& 0x00000fc0) << 10;
176 keys
[KnLi
] |= (raw1
& 0x00fc0000) >>> 10;
177 keys
[KnLi
] |= (raw1
& 0x00000fc0) >>> 6;
179 keys
[KnLi
] = (raw0
& 0x0003f000) << 12;
180 keys
[KnLi
] |= (raw0
& 0x0000003f) << 16;
181 keys
[KnLi
] |= (raw1
& 0x0003f000) >>> 4;
182 keys
[KnLi
] |= (raw1
& 0x0000003f);
187 // Encrypt 8 bytes of text
188 function enc8(text
) {
189 var i
= 0, b
= text
.slice(), fval
, keysi
= 0,
190 l
, r
, x
; // left, right, accumulator
192 // Squash 8 bytes to 2 ints
193 l
= b
[i
++]<<24 | b
[i
++]<<16 | b
[i
++]<<8 | b
[i
++];
194 r
= b
[i
++]<<24 | b
[i
++]<<16 | b
[i
++]<<8 | b
[i
++];
196 x
= ((l
>>> 4) ^ r
) & 0x0f0f0f0f;
199 x
= ((l
>>> 16) ^ r
) & 0x0000ffff;
202 x
= ((r
>>> 2) ^ l
) & 0x33333333;
205 x
= ((r
>>> 8) ^ l
) & 0x00ff00ff;
208 r
= (r
<< 1) | ((r
>>> 31) & 1);
209 x
= (l
^ r
) & 0xaaaaaaaa;
212 l
= (l
<< 1) | ((l
>>> 31) & 1);
214 for (i
= 0; i
< 8; ++i
) {
215 x
= (r
<< 28) | (r
>>> 4);
217 fval
= SP7
[x
& 0x3f];
218 fval
|= SP5
[(x
>>> 8) & 0x3f];
219 fval
|= SP3
[(x
>>> 16) & 0x3f];
220 fval
|= SP1
[(x
>>> 24) & 0x3f];
221 x
= r
^ keys
[keysi
++];
222 fval
|= SP8
[x
& 0x3f];
223 fval
|= SP6
[(x
>>> 8) & 0x3f];
224 fval
|= SP4
[(x
>>> 16) & 0x3f];
225 fval
|= SP2
[(x
>>> 24) & 0x3f];
227 x
= (l
<< 28) | (l
>>> 4);
229 fval
= SP7
[x
& 0x3f];
230 fval
|= SP5
[(x
>>> 8) & 0x3f];
231 fval
|= SP3
[(x
>>> 16) & 0x3f];
232 fval
|= SP1
[(x
>>> 24) & 0x3f];
233 x
= l
^ keys
[keysi
++];
234 fval
|= SP8
[x
& 0x0000003f];
235 fval
|= SP6
[(x
>>> 8) & 0x3f];
236 fval
|= SP4
[(x
>>> 16) & 0x3f];
237 fval
|= SP2
[(x
>>> 24) & 0x3f];
241 r
= (r
<< 31) | (r
>>> 1);
242 x
= (l
^ r
) & 0xaaaaaaaa;
245 l
= (l
<< 31) | (l
>>> 1);
246 x
= ((l
>>> 8) ^ r
) & 0x00ff00ff;
249 x
= ((l
>>> 2) ^ r
) & 0x33333333;
252 x
= ((r
>>> 16) ^ l
) & 0x0000ffff;
255 x
= ((r
>>> 4) ^ l
) & 0x0f0f0f0f;
259 // Spread ints to bytes
261 for (i
= 0; i
< 8; i
++) {
262 b
[i
] = (x
[i
>>>2] >>> (8 * (3 - (i
% 4)))) % 256;
263 if (b
[i
] < 0) { b
[i
] += 256; } // unsigned
268 // Encrypt 16 bytes of text using passwd as key
269 function encrypt(t
) {
270 return enc8(t
.slice(0, 8)).concat(enc8(t
.slice(8, 16)));
273 setKeys(passwd
); // Setup keys
274 return {'encrypt': encrypt
}; // Public interface