탐색 도움말
가입하기 로그인
100ZONE
/
SmartCommunity
2
0
포크 0
파일 이슈 0 풀 리퀘스트 0 위키
트리: 9ea635a2dc
브랜치 태그
SmartCommunity
/
videoSurveillance
/
node_modules
/
aes-decrypter
/
es5
/
aes.js

aes.js 8.5 KB
히스토리 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245 
  1. /**
    2. 

  2.  * @file aes.js
    3. 

  3.  *
    4. 

  4.  * This file contains an adaptation of the AES decryption algorithm
    5. 

  5.  * from the Standford Javascript Cryptography Library. That work is
    6. 

  6.  * covered by the following copyright and permissions notice:
    7. 

  7.  *
    8. 

  8.  * Copyright 2009-2010 Emily Stark, Mike Hamburg, Dan Boneh.
    9. 

  9.  * All rights reserved.
    10. 

  10.  *
    11. 

  11.  * Redistribution and use in source and binary forms, with or without
    12. 

  12.  * modification, are permitted provided that the following conditions are
    13. 

  13.  * met:
    14. 

  14.  *
    15. 

  15.  * 1. Redistributions of source code must retain the above copyright
    16. 

  16.  *    notice, this list of conditions and the following disclaimer.
    17. 

  17.  *
    18. 

  18.  * 2. Redistributions in binary form must reproduce the above
    19. 

  19.  *    copyright notice, this list of conditions and the following
    20. 

  20.  *    disclaimer in the documentation and/or other materials provided
    21. 

  21.  *    with the distribution.
    22. 

  22.  *
    23. 

  23.  * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
    24. 

  24.  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
    25. 

  25.  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
    26. 

  26.  * DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> OR CONTRIBUTORS BE
    27. 

  27.  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
    28. 

  28.  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
    29. 

  29.  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
    30. 

  30.  * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
    31. 

  31.  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
    32. 

  32.  * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
    33. 

  33.  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    34. 

  34.  *
    35. 

  35.  * The views and conclusions contained in the software and documentation
    36. 

  36.  * are those of the authors and should not be interpreted as representing
    37. 

  37.  * official policies, either expressed or implied, of the authors.
    38. 

  38.  */
    39. 

  39. 

  40. /**
    41. 

  41.  * Expand the S-box tables.
    42. 

  42.  *
    43. 

  43.  * @private
    44. 

  44.  */
    45. 

  45. 'use strict';
    46. 

  46. 

  47. Object.defineProperty(exports, '__esModule', {
    48. 

  48.   value: true
    49. 

  49. });
    50. 

  50. 

  51. var _createClass = (function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ('value' in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; })();
    52. 

  52. 

  53. function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError('Cannot call a class as a function'); } }
    54. 

  54. 

  55. var precompute = function precompute() {
    56. 

  56.   var tables = [[[], [], [], [], []], [[], [], [], [], []]];
    57. 

  57.   var encTable = tables[0];
    58. 

  58.   var decTable = tables[1];
    59. 

  59.   var sbox = encTable[4];
    60. 

  60.   var sboxInv = decTable[4];
    61. 

  61.   var i = undefined;
    62. 

  62.   var x = undefined;
    63. 

  63.   var xInv = undefined;
    64. 

  64.   var d = [];
    65. 

  65.   var th = [];
    66. 

  66.   var x2 = undefined;
    67. 

  67.   var x4 = undefined;
    68. 

  68.   var x8 = undefined;
    69. 

  69.   var s = undefined;
    70. 

  70.   var tEnc = undefined;
    71. 

  71.   var tDec = undefined;
    72. 

  72. 

  73.   // Compute double and third tables
    74. 

  74.   for (i = 0; i < 256; i++) {
    75. 

  75.     th[(d[i] = i << 1 ^ (i >> 7) * 283) ^ i] = i;
    76. 

  76.   }
    77. 

  77. 

  78.   for (x = xInv = 0; !sbox[x]; x ^= x2 || 1, xInv = th[xInv] || 1) {
    79. 

  79.     // Compute sbox
    80. 

  80.     s = xInv ^ xInv << 1 ^ xInv << 2 ^ xInv << 3 ^ xInv << 4;
    81. 

  81.     s = s >> 8 ^ s & 255 ^ 99;
    82. 

  82.     sbox[x] = s;
    83. 

  83.     sboxInv[s] = x;
    84. 

  84. 

  85.     // Compute MixColumns
    86. 

  86.     x8 = d[x4 = d[x2 = d[x]]];
    87. 

  87.     tDec = x8 * 0x1010101 ^ x4 * 0x10001 ^ x2 * 0x101 ^ x * 0x1010100;
    88. 

  88.     tEnc = d[s] * 0x101 ^ s * 0x1010100;
    89. 

  89. 

  90.     for (i = 0; i < 4; i++) {
    91. 

  91.       encTable[i][x] = tEnc = tEnc << 24 ^ tEnc >>> 8;
    92. 

  92.       decTable[i][s] = tDec = tDec << 24 ^ tDec >>> 8;
    93. 

  93.     }
    94. 

  94.   }
    95. 

  95. 

  96.   // Compactify. Considerable speedup on Firefox.
    97. 

  97.   for (i = 0; i < 5; i++) {
    98. 

  98.     encTable[i] = encTable[i].slice(0);
    99. 

  99.     decTable[i] = decTable[i].slice(0);
    100. 

  100.   }
    101. 

  101.   return tables;
    102. 

  102. };
    103. 

  103. var aesTables = null;
    104. 

  104. 

  105. /**
    106. 

  106.  * Schedule out an AES key for both encryption and decryption. This
    107. 

  107.  * is a low-level class. Use a cipher mode to do bulk encryption.
    108. 

  108.  *
    109. 

  109.  * @class AES
    110. 

  110.  * @param key {Array} The key as an array of 4, 6 or 8 words.
    111. 

  111.  */
    112. 

  112. 

  113. var AES = (function () {
    114. 

  114.   function AES(key) {
    115. 

  115.     _classCallCheck(this, AES);
    116. 

  116. 

  117.     /**
    118. 

  118.      * The expanded S-box and inverse S-box tables. These will be computed
    119. 

  119.      * on the client so that we don't have to send them down the wire.
    120. 

  120.      *
    121. 

  121.      * There are two tables, _tables[0] is for encryption and
    122. 

  122.      * _tables[1] is for decryption.
    123. 

  123.      *
    124. 

  124.      * The first 4 sub-tables are the expanded S-box with MixColumns. The
    125. 

  125.      * last (_tables[01][4]) is the S-box itself.
    126. 

  126.      *
    127. 

  127.      * @private
    128. 

  128.      */
    129. 

  129.     // if we have yet to precompute the S-box tables
    130. 

  130.     // do so now
    131. 

  131.     if (!aesTables) {
    132. 

  132.       aesTables = precompute();
    133. 

  133.     }
    134. 

  134.     // then make a copy of that object for use
    135. 

  135.     this._tables = [[aesTables[0][0].slice(), aesTables[0][1].slice(), aesTables[0][2].slice(), aesTables[0][3].slice(), aesTables[0][4].slice()], [aesTables[1][0].slice(), aesTables[1][1].slice(), aesTables[1][2].slice(), aesTables[1][3].slice(), aesTables[1][4].slice()]];
    136. 

  136.     var i = undefined;
    137. 

  137.     var j = undefined;
    138. 

  138.     var tmp = undefined;
    139. 

  139.     var encKey = undefined;
    140. 

  140.     var decKey = undefined;
    141. 

  141.     var sbox = this._tables[0][4];
    142. 

  142.     var decTable = this._tables[1];
    143. 

  143.     var keyLen = key.length;
    144. 

  144.     var rcon = 1;
    145. 

  145. 

  146.     if (keyLen !== 4 && keyLen !== 6 && keyLen !== 8) {
    147. 

  147.       throw new Error('Invalid aes key size');
    148. 

  148.     }
    149. 

  149. 

  150.     encKey = key.slice(0);
    151. 

  151.     decKey = [];
    152. 

  152.     this._key = [encKey, decKey];
    153. 

  153. 

  154.     // schedule encryption keys
    155. 

  155.     for (i = keyLen; i < 4 * keyLen + 28; i++) {
    156. 

  156.       tmp = encKey[i - 1];
    157. 

  157. 

  158.       // apply sbox
    159. 

  159.       if (i % keyLen === 0 || keyLen === 8 && i % keyLen === 4) {
    160. 

  160.         tmp = sbox[tmp >>> 24] << 24 ^ sbox[tmp >> 16 & 255] << 16 ^ sbox[tmp >> 8 & 255] << 8 ^ sbox[tmp & 255];
    161. 

  161. 

  162.         // shift rows and add rcon
    163. 

  163.         if (i % keyLen === 0) {
    164. 

  164.           tmp = tmp << 8 ^ tmp >>> 24 ^ rcon << 24;
    165. 

  165.           rcon = rcon << 1 ^ (rcon >> 7) * 283;
    166. 

  166.         }
    167. 

  167.       }
    168. 

  168. 

  169.       encKey[i] = encKey[i - keyLen] ^ tmp;
    170. 

  170.     }
    171. 

  171. 

  172.     // schedule decryption keys
    173. 

  173.     for (j = 0; i; j++, i--) {
    174. 

  174.       tmp = encKey[j & 3 ? i : i - 4];
    175. 

  175.       if (i <= 4 || j < 4) {
    176. 

  176.         decKey[j] = tmp;
    177. 

  177.       } else {
    178. 

  178.         decKey[j] = decTable[0][sbox[tmp >>> 24]] ^ decTable[1][sbox[tmp >> 16 & 255]] ^ decTable[2][sbox[tmp >> 8 & 255]] ^ decTable[3][sbox[tmp & 255]];
    179. 

  179.       }
    180. 

  180.     }
    181. 

  181.   }
    182. 

  182. 

  183.   /**
    184. 

  184.    * Decrypt 16 bytes, specified as four 32-bit words.
    185. 

  185.    *
    186. 

  186.    * @param {Number} encrypted0 the first word to decrypt
    187. 

  187.    * @param {Number} encrypted1 the second word to decrypt
    188. 

  188.    * @param {Number} encrypted2 the third word to decrypt
    189. 

  189.    * @param {Number} encrypted3 the fourth word to decrypt
    190. 

  190.    * @param {Int32Array} out the array to write the decrypted words
    191. 

  191.    * into
    192. 

  192.    * @param {Number} offset the offset into the output array to start
    193. 

  193.    * writing results
    194. 

  194.    * @return {Array} The plaintext.
    195. 

  195.    */
    196. 

  196. 

  197.   _createClass(AES, [{
    198. 

  198.     key: 'decrypt',
    199. 

  199.     value: function decrypt(encrypted0, encrypted1, encrypted2, encrypted3, out, offset) {
    200. 

  200.       var key = this._key[1];
    201. 

  201.       // state variables a,b,c,d are loaded with pre-whitened data
    202. 

  202.       var a = encrypted0 ^ key[0];
    203. 

  203.       var b = encrypted3 ^ key[1];
    204. 

  204.       var c = encrypted2 ^ key[2];
    205. 

  205.       var d = encrypted1 ^ key[3];
    206. 

  206.       var a2 = undefined;
    207. 

  207.       var b2 = undefined;
    208. 

  208.       var c2 = undefined;
    209. 

  209. 

  210.       // key.length === 2 ?
    211. 

  211.       var nInnerRounds = key.length / 4 - 2;
    212. 

  212.       var i = undefined;
    213. 

  213.       var kIndex = 4;
    214. 

  214.       var table = this._tables[1];
    215. 

  215. 

  216.       // load up the tables
    217. 

  217.       var table0 = table[0];
    218. 

  218.       var table1 = table[1];
    219. 

  219.       var table2 = table[2];
    220. 

  220.       var table3 = table[3];
    221. 

  221.       var sbox = table[4];
    222. 

  222. 

  223.       // Inner rounds. Cribbed from OpenSSL.
    224. 

  224.       for (i = 0; i < nInnerRounds; i++) {
    225. 

  225.         a2 = table0[a >>> 24] ^ table1[b >> 16 & 255] ^ table2[c >> 8 & 255] ^ table3[d & 255] ^ key[kIndex];
    226. 

  226.         b2 = table0[b >>> 24] ^ table1[c >> 16 & 255] ^ table2[d >> 8 & 255] ^ table3[a & 255] ^ key[kIndex + 1];
    227. 

  227.         c2 = table0[c >>> 24] ^ table1[d >> 16 & 255] ^ table2[a >> 8 & 255] ^ table3[b & 255] ^ key[kIndex + 2];
    228. 

  228.         d = table0[d >>> 24] ^ table1[a >> 16 & 255] ^ table2[b >> 8 & 255] ^ table3[c & 255] ^ key[kIndex + 3];
    229. 

  229.         kIndex += 4;
    230. 

  230.         a = a2;b = b2;c = c2;
    231. 

  231.       }
    232. 

  232. 

  233.       // Last round.
    234. 

  234.       for (i = 0; i < 4; i++) {
    235. 

  235.         out[(3 & -i) + offset] = sbox[a >>> 24] << 24 ^ sbox[b >> 16 & 255] << 16 ^ sbox[c >> 8 & 255] << 8 ^ sbox[d & 255] ^ key[kIndex++];
    236. 

  236.         a2 = a;a = b;b = c;c = d;d = a2;
    237. 

  237.       }
    238. 

  238.     }
    239. 

  239.   }]);
    240. 

  240. 

  241.   return AES;
    242. 

  242. })();
    243. 

  243. 

  244. exports['default'] = AES;
    245. 

  245. module.exports = exports['default'];
    246.