]>
git.proxmox.com Git - mirror_novnc.git/blob - core/des.js
2 * Ported from Flashlight VNC ActionScript implementation:
3 * http://www.wizhelp.com/flashlight-vnc/
5 * Full attribution follows:
7 * -------------------------------------------------------------------------
9 * This DES class has been extracted from package Acme.Crypto for use in VNC.
10 * The unnecessary odd parity code has been removed.
13 * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved.
15 * This software is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
20 * DesCipher - the DES encryption method
22 * The meat of this code is by Dave Zimmerman <dzimm@widget.com>, and is:
24 * Copyright (c) 1996 Widget Workshop, Inc. All Rights Reserved.
26 * Permission to use, copy, modify, and distribute this software
27 * and its documentation for NON-COMMERCIAL or COMMERCIAL purposes and
28 * without fee is hereby granted, provided that this copyright notice is kept
31 * WIDGET WORKSHOP MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY
32 * OF THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
33 * TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
34 * PARTICULAR PURPOSE, OR NON-INFRINGEMENT. WIDGET WORKSHOP SHALL NOT BE LIABLE
35 * FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING OR
36 * DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES.
38 * THIS SOFTWARE IS NOT DESIGNED OR INTENDED FOR USE OR RESALE AS ON-LINE
39 * CONTROL EQUIPMENT IN HAZARDOUS ENVIRONMENTS REQUIRING FAIL-SAFE
40 * PERFORMANCE, SUCH AS IN THE OPERATION OF NUCLEAR FACILITIES, AIRCRAFT
41 * NAVIGATION OR COMMUNICATION SYSTEMS, AIR TRAFFIC CONTROL, DIRECT LIFE
42 * SUPPORT MACHINES, OR WEAPONS SYSTEMS, IN WHICH THE FAILURE OF THE
43 * SOFTWARE COULD LEAD DIRECTLY TO DEATH, PERSONAL INJURY, OR SEVERE
44 * PHYSICAL OR ENVIRONMENTAL DAMAGE ("HIGH RISK ACTIVITIES"). WIDGET WORKSHOP
45 * SPECIFICALLY DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY OF FITNESS FOR
46 * HIGH RISK ACTIVITIES.
51 * Copyright (C) 1996 by Jef Poskanzer <jef@acme.com>. All rights reserved.
53 * Redistribution and use in source and binary forms, with or without
54 * modification, are permitted provided that the following conditions
56 * 1. Redistributions of source code must retain the above copyright
57 * notice, this list of conditions and the following disclaimer.
58 * 2. Redistributions in binary form must reproduce the above copyright
59 * notice, this list of conditions and the following disclaimer in the
60 * documentation and/or other materials provided with the distribution.
62 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
63 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
64 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
65 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
66 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
67 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
68 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
69 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
70 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
71 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
74 * Visit the ACME Labs Java page for up-to-date versions of this and other
75 * fine Java utilities: http://www.acme.com/java/
78 /* eslint-disable comma-spacing */
80 // Tables, permutations, S-boxes, etc.
81 const PC2
= [13,16,10,23, 0, 4, 2,27,14, 5,20, 9,22,18,11, 3,
82 25, 7,15, 6,26,19,12, 1,40,51,30,36,46,54,29,39,
83 50,44,32,47,43,48,38,55,33,52,45,41,49,35,28,31 ],
84 totrot
= [ 1, 2, 4, 6, 8,10,12,14,15,17,19,21,23,25,27,28];
88 a
=1<<16; b
=1<<24; c
=a
|b
; d
=1<<2; e
=1<<10; f
=d
|e
;
89 const SP1
= [c
|e
,z
|z
,a
|z
,c
|f
,c
|d
,a
|f
,z
|d
,a
|z
,z
|e
,c
|e
,c
|f
,z
|e
,b
|f
,c
|d
,b
|z
,z
|d
,
90 z
|f
,b
|e
,b
|e
,a
|e
,a
|e
,c
|z
,c
|z
,b
|f
,a
|d
,b
|d
,b
|d
,a
|d
,z
|z
,z
|f
,a
|f
,b
|z
,
91 a
|z
,c
|f
,z
|d
,c
|z
,c
|e
,b
|z
,b
|z
,z
|e
,c
|d
,a
|z
,a
|e
,b
|d
,z
|e
,z
|d
,b
|f
,a
|f
,
92 c
|f
,a
|d
,c
|z
,b
|f
,b
|d
,z
|f
,a
|f
,c
|e
,z
|f
,b
|e
,b
|e
,z
|z
,a
|d
,a
|e
,z
|z
,c
|d
];
93 a
=1<<20; b
=1<<31; c
=a
|b
; d
=1<<5; e
=1<<15; f
=d
|e
;
94 const SP2
= [c
|f
,b
|e
,z
|e
,a
|f
,a
|z
,z
|d
,c
|d
,b
|f
,b
|d
,c
|f
,c
|e
,b
|z
,b
|e
,a
|z
,z
|d
,c
|d
,
95 a
|e
,a
|d
,b
|f
,z
|z
,b
|z
,z
|e
,a
|f
,c
|z
,a
|d
,b
|d
,z
|z
,a
|e
,z
|f
,c
|e
,c
|z
,z
|f
,
96 z
|z
,a
|f
,c
|d
,a
|z
,b
|f
,c
|z
,c
|e
,z
|e
,c
|z
,b
|e
,z
|d
,c
|f
,a
|f
,z
|d
,z
|e
,b
|z
,
97 z
|f
,c
|e
,a
|z
,b
|d
,a
|d
,b
|f
,b
|d
,a
|d
,a
|e
,z
|z
,b
|e
,z
|f
,b
|z
,c
|d
,c
|f
,a
|e
];
98 a
=1<<17; b
=1<<27; c
=a
|b
; d
=1<<3; e
=1<<9; f
=d
|e
;
99 const SP3
= [z
|f
,c
|e
,z
|z
,c
|d
,b
|e
,z
|z
,a
|f
,b
|e
,a
|d
,b
|d
,b
|d
,a
|z
,c
|f
,a
|d
,c
|z
,z
|f
,
100 b
|z
,z
|d
,c
|e
,z
|e
,a
|e
,c
|z
,c
|d
,a
|f
,b
|f
,a
|e
,a
|z
,b
|f
,z
|d
,c
|f
,z
|e
,b
|z
,
101 c
|e
,b
|z
,a
|d
,z
|f
,a
|z
,c
|e
,b
|e
,z
|z
,z
|e
,a
|d
,c
|f
,b
|e
,b
|d
,z
|e
,z
|z
,c
|d
,
102 b
|f
,a
|z
,b
|z
,c
|f
,z
|d
,a
|f
,a
|e
,b
|d
,c
|z
,b
|f
,z
|f
,c
|z
,a
|f
,z
|d
,c
|d
,a
|e
];
103 a
=1<<13; b
=1<<23; c
=a
|b
; d
=1<<0; e
=1<<7; f
=d
|e
;
104 const SP4
= [c
|d
,a
|f
,a
|f
,z
|e
,c
|e
,b
|f
,b
|d
,a
|d
,z
|z
,c
|z
,c
|z
,c
|f
,z
|f
,z
|z
,b
|e
,b
|d
,
105 z
|d
,a
|z
,b
|z
,c
|d
,z
|e
,b
|z
,a
|d
,a
|e
,b
|f
,z
|d
,a
|e
,b
|e
,a
|z
,c
|e
,c
|f
,z
|f
,
106 b
|e
,b
|d
,c
|z
,c
|f
,z
|f
,z
|z
,z
|z
,c
|z
,a
|e
,b
|e
,b
|f
,z
|d
,c
|d
,a
|f
,a
|f
,z
|e
,
107 c
|f
,z
|f
,z
|d
,a
|z
,b
|d
,a
|d
,c
|e
,b
|f
,a
|d
,a
|e
,b
|z
,c
|d
,z
|e
,b
|z
,a
|z
,c
|e
];
108 a
=1<<25; b
=1<<30; c
=a
|b
; d
=1<<8; e
=1<<19; f
=d
|e
;
109 const SP5
= [z
|d
,a
|f
,a
|e
,c
|d
,z
|e
,z
|d
,b
|z
,a
|e
,b
|f
,z
|e
,a
|d
,b
|f
,c
|d
,c
|e
,z
|f
,b
|z
,
110 a
|z
,b
|e
,b
|e
,z
|z
,b
|d
,c
|f
,c
|f
,a
|d
,c
|e
,b
|d
,z
|z
,c
|z
,a
|f
,a
|z
,c
|z
,z
|f
,
111 z
|e
,c
|d
,z
|d
,a
|z
,b
|z
,a
|e
,c
|d
,b
|f
,a
|d
,b
|z
,c
|e
,a
|f
,b
|f
,z
|d
,a
|z
,c
|e
,
112 c
|f
,z
|f
,c
|z
,c
|f
,a
|e
,z
|z
,b
|e
,c
|z
,z
|f
,a
|d
,b
|d
,z
|e
,z
|z
,b
|e
,a
|f
,b
|d
];
113 a
=1<<22; b
=1<<29; c
=a
|b
; d
=1<<4; e
=1<<14; f
=d
|e
;
114 const SP6
= [b
|d
,c
|z
,z
|e
,c
|f
,c
|z
,z
|d
,c
|f
,a
|z
,b
|e
,a
|f
,a
|z
,b
|d
,a
|d
,b
|e
,b
|z
,z
|f
,
115 z
|z
,a
|d
,b
|f
,z
|e
,a
|e
,b
|f
,z
|d
,c
|d
,c
|d
,z
|z
,a
|f
,c
|e
,z
|f
,a
|e
,c
|e
,b
|z
,
116 b
|e
,z
|d
,c
|d
,a
|e
,c
|f
,a
|z
,z
|f
,b
|d
,a
|z
,b
|e
,b
|z
,z
|f
,b
|d
,c
|f
,a
|e
,c
|z
,
117 a
|f
,c
|e
,z
|z
,c
|d
,z
|d
,z
|e
,c
|z
,a
|f
,z
|e
,a
|d
,b
|f
,z
|z
,c
|e
,b
|z
,a
|d
,b
|f
];
118 a
=1<<21; b
=1<<26; c
=a
|b
; d
=1<<1; e
=1<<11; f
=d
|e
;
119 const SP7
= [a
|z
,c
|d
,b
|f
,z
|z
,z
|e
,b
|f
,a
|f
,c
|e
,c
|f
,a
|z
,z
|z
,b
|d
,z
|d
,b
|z
,c
|d
,z
|f
,
120 b
|e
,a
|f
,a
|d
,b
|e
,b
|d
,c
|z
,c
|e
,a
|d
,c
|z
,z
|e
,z
|f
,c
|f
,a
|e
,z
|d
,b
|z
,a
|e
,
121 b
|z
,a
|e
,a
|z
,b
|f
,b
|f
,c
|d
,c
|d
,z
|d
,a
|d
,b
|z
,b
|e
,a
|z
,c
|e
,z
|f
,a
|f
,c
|e
,
122 z
|f
,b
|d
,c
|f
,c
|z
,a
|e
,z
|z
,z
|d
,c
|f
,z
|z
,a
|f
,c
|z
,z
|e
,b
|d
,b
|e
,z
|e
,a
|d
];
123 a
=1<<18; b
=1<<28; c
=a
|b
; d
=1<<6; e
=1<<12; f
=d
|e
;
124 const SP8
= [b
|f
,z
|e
,a
|z
,c
|f
,b
|z
,b
|f
,z
|d
,b
|z
,a
|d
,c
|z
,c
|f
,a
|e
,c
|e
,a
|f
,z
|e
,z
|d
,
125 c
|z
,b
|d
,b
|e
,z
|f
,a
|e
,a
|d
,c
|d
,c
|e
,z
|f
,z
|z
,z
|z
,c
|d
,b
|d
,b
|e
,a
|f
,a
|z
,
126 a
|f
,a
|z
,c
|e
,z
|e
,z
|d
,c
|d
,z
|e
,a
|f
,b
|e
,z
|d
,b
|d
,c
|z
,c
|d
,b
|z
,a
|z
,b
|f
,
127 z
|z
,c
|f
,a
|d
,b
|d
,c
|z
,b
|e
,b
|f
,z
|z
,c
|f
,a
|e
,a
|e
,z
|f
,z
|f
,a
|d
,b
|z
,c
|e
];
129 /* eslint-enable comma-spacing */
131 export default class DES
{
132 constructor(password
) {
136 const pc1m
= [], pcr
= [], kn
= [];
138 for (let j
= 0, l
= 56; j
< 56; ++j
, l
-= 8) {
139 l
+= l
< -5 ? 65 : l
< -3 ? 31 : l
< -1 ? 63 : l
=== 27 ? 35 : 0; // PC1
141 pc1m
[j
] = ((password
[l
>>> 3] & (1<<m
)) !== 0) ? 1: 0;
144 for (let i
= 0; i
< 16; ++i
) {
148 for (let o
= 28; o
< 59; o
+= 28) {
149 for (let j
= o
- 28; j
< o
; ++j
) {
150 const l
= j
+ totrot
[i
];
151 pcr
[j
] = l
< o
? pc1m
[l
] : pc1m
[l
- 28];
154 for (let j
= 0; j
< 24; ++j
) {
155 if (pcr
[PC2
[j
]] !== 0) {
156 kn
[m
] |= 1 << (23 - j
);
158 if (pcr
[PC2
[j
+ 24]] !== 0) {
159 kn
[n
] |= 1 << (23 - j
);
165 for (let i
= 0, rawi
= 0, KnLi
= 0; i
< 16; ++i
) {
166 const raw0
= kn
[rawi
++];
167 const raw1
= kn
[rawi
++];
168 this.keys
[KnLi
] = (raw0
& 0x00fc0000) << 6;
169 this.keys
[KnLi
] |= (raw0
& 0x00000fc0) << 10;
170 this.keys
[KnLi
] |= (raw1
& 0x00fc0000) >>> 10;
171 this.keys
[KnLi
] |= (raw1
& 0x00000fc0) >>> 6;
173 this.keys
[KnLi
] = (raw0
& 0x0003f000) << 12;
174 this.keys
[KnLi
] |= (raw0
& 0x0000003f) << 16;
175 this.keys
[KnLi
] |= (raw1
& 0x0003f000) >>> 4;
176 this.keys
[KnLi
] |= (raw1
& 0x0000003f);
181 // Encrypt 8 bytes of text
183 const b
= text
.slice();
184 let i
= 0, l
, r
, x
; // left, right, accumulator
186 // Squash 8 bytes to 2 ints
187 l
= b
[i
++]<<24 | b
[i
++]<<16 | b
[i
++]<<8 | b
[i
++];
188 r
= b
[i
++]<<24 | b
[i
++]<<16 | b
[i
++]<<8 | b
[i
++];
190 x
= ((l
>>> 4) ^ r
) & 0x0f0f0f0f;
193 x
= ((l
>>> 16) ^ r
) & 0x0000ffff;
196 x
= ((r
>>> 2) ^ l
) & 0x33333333;
199 x
= ((r
>>> 8) ^ l
) & 0x00ff00ff;
202 r
= (r
<< 1) | ((r
>>> 31) & 1);
203 x
= (l
^ r
) & 0xaaaaaaaa;
206 l
= (l
<< 1) | ((l
>>> 31) & 1);
208 for (let i
= 0, keysi
= 0; i
< 8; ++i
) {
209 x
= (r
<< 28) | (r
>>> 4);
210 x
^= this.keys
[keysi
++];
211 let fval
= SP7
[x
& 0x3f];
212 fval
|= SP5
[(x
>>> 8) & 0x3f];
213 fval
|= SP3
[(x
>>> 16) & 0x3f];
214 fval
|= SP1
[(x
>>> 24) & 0x3f];
215 x
= r
^ this.keys
[keysi
++];
216 fval
|= SP8
[x
& 0x3f];
217 fval
|= SP6
[(x
>>> 8) & 0x3f];
218 fval
|= SP4
[(x
>>> 16) & 0x3f];
219 fval
|= SP2
[(x
>>> 24) & 0x3f];
221 x
= (l
<< 28) | (l
>>> 4);
222 x
^= this.keys
[keysi
++];
223 fval
= SP7
[x
& 0x3f];
224 fval
|= SP5
[(x
>>> 8) & 0x3f];
225 fval
|= SP3
[(x
>>> 16) & 0x3f];
226 fval
|= SP1
[(x
>>> 24) & 0x3f];
227 x
= l
^ this.keys
[keysi
++];
228 fval
|= SP8
[x
& 0x0000003f];
229 fval
|= SP6
[(x
>>> 8) & 0x3f];
230 fval
|= SP4
[(x
>>> 16) & 0x3f];
231 fval
|= SP2
[(x
>>> 24) & 0x3f];
235 r
= (r
<< 31) | (r
>>> 1);
236 x
= (l
^ r
) & 0xaaaaaaaa;
239 l
= (l
<< 31) | (l
>>> 1);
240 x
= ((l
>>> 8) ^ r
) & 0x00ff00ff;
243 x
= ((l
>>> 2) ^ r
) & 0x33333333;
246 x
= ((r
>>> 16) ^ l
) & 0x0000ffff;
249 x
= ((r
>>> 4) ^ l
) & 0x0f0f0f0f;
253 // Spread ints to bytes
255 for (i
= 0; i
< 8; i
++) {
256 b
[i
] = (x
[i
>>>2] >>> (8 * (3 - (i
% 4)))) % 256;
257 if (b
[i
] < 0) { b
[i
] += 256; } // unsigned
262 // Encrypt 16 bytes of text using passwd as key
264 return this.enc8(t
.slice(0, 8)).concat(this.enc8(t
.slice(8, 16)));