Commit 2a6018df authored by Joel Martin's avatar Joel Martin

web-socket-js: 9e7663771 build and remove source.

web-socket-js now has all the functionality and fixes needed for noVNC
so remove the include/as3crypto_patched directory and the
include/web-socket-js/flash-src directory (i.e. the sources for
web-socket-js). This cleans up almost 3K from the include/ directory.

Update to web-socket-js build based on upstream (gimite/web-socket-js)
9e766377188.
parent b5087acc
noVNC is licensed under the LGPL version 3 (see docs/LICENSE.GPL-3 and
docs/LICENSE.LGPL-3) with the following exceptions:
include/as3crypto_patched/ : various BSD style licenses
include/base64.js : Dual GPL-2 or LGPL-2.1
incluee/des.js : Various BSD style licenses
include/web-socket.js/ : New BSD license
include/web-socket-js/ : New BSD license
This software is covered under the following copyright:
/*
* Copyright (c) 2007 Henri Torgemane
* All Rights Reserved.
*
* BigInteger, RSA, Random and ARC4 are derivative works of the jsbn library
* (http://www-cs-students.stanford.edu/~tjw/jsbn/)
* The jsbn library is Copyright (c) 2003-2005 Tom Wu (tjw@cs.Stanford.EDU)
*
* MD5, SHA1, and SHA256 are derivative works (http://pajhome.org.uk/crypt/md5/)
* Those are Copyright (c) 1998-2002 Paul Johnston & Contributors (paj@pajhome.org.uk)
*
* SHA256 is a derivative work of jsSHA2 (http://anmar.eu.org/projects/jssha2/)
* jsSHA2 is Copyright (c) 2003-2004 Angel Marin (anmar@gmx.net)
*
* AESKey is a derivative work of aestable.c (http://www.geocities.com/malbrain/aestable_c.html)
* aestable.c is Copyright (c) Karl Malbrain (malbrain@yahoo.com)
*
* BlowFishKey, DESKey and TripeDESKey are derivative works of the Bouncy Castle Crypto Package (http://www.bouncycastle.org)
* Those are Copyright (c) 2000-2004 The Legion Of The Bouncy Castle
*
* Base64 is copyright (c) 2006 Steve Webster (http://dynamicflash.com/goodies/base64)
*
* Redistribution and use in source and binary forms, with or without modification,
* are permitted provided that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this list
* of conditions and the following disclaimer. Redistributions in binary form must
* reproduce the above copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided with the distribution.
*
* Neither the name of the author nor the names of its contributors may be used to endorse
* or promote products derived from this software without specific prior written permission.
*
* THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
* EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
* WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
*
* IN NO EVENT SHALL TOM WU BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
* INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
* RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
* THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
* OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*
*/
Address all questions regarding this license to:
Henri Torgemane
henri_torgemane@yahoo.com
Additionally, the MD5 algorithm is covered by the following notice:
/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All rights reserved.
*
* License to copy and use this software is granted provided that it
* is identified as the "RSA Data Security, Inc. MD5 Message-Digest
* Algorithm" in all material mentioning or referencing this software
* or this function.
*
* License is also granted to make and use derivative works provided
* that such works are identified as "derived from the RSA Data
* Security, Inc. MD5 Message-Digest Algorithm" in all material
* mentioning or referencing the derived work.
*
* RSA Data Security, Inc. makes no representations concerning either
* the merchantability of this software or the suitability of this
* software for any particular purpose. It is provided "as is"
* without express or implied warranty of any kind.
*
* These notices must be retained in any copies of any part of this
* documentation and/or software.
*/
= DESCRIPTION
as3crypto 1.3 has some bugs, at r28(latest version of original svn-repository),
many of them are fixed, but there are another bugs around a new ASN1 parser.
so I copied some features from r28 to 1.3
version, and fixed them to be built without error.
and added build-swc.xml
= LICENSE
See LICENCE.txt,
require 'rubygems'
require 'airake'
ENV["AIRAKE_ROOT"] = File.dirname(__FILE__)
ENV["AIRAKE_ENV"] = "development"
# Aliases
task :test => [ "air:test" ] do; end
task :compile => [ "air:compile" ] do; end
task :package => [ "air:package" ] do; end
task :certificate => [ "air:certificate" ] do; end
task :adl => [ "air:adl" ] do; end
task :docs => [ "air:docs" ] do; end
task :clean => [ "air:clean" ] do; end
task :acompc => [ "air:acompc" ] do; end
\ No newline at end of file
---
mxml_path: src/As3crypto.mxml
appxml_path: src/As3crypto-app.xml
src_dirs: [ 'src' ]
lib_dir: lib
air_path: bin/As3crypto.air
swf_path: bin/As3crypto.swf
assets: src/assets
certificate: cert.pfx
development:
debug: true
test:
swf_path: bin/Test.swf
mxml_path: test/Test.mxml
appxml_path: test/Test-app.xml
src_dirs: [ 'src', 'test' ]
debug: true
\ No newline at end of file
<!--
To build as3crypto.swc, use
compc -load-config=build-swc.xml
If you need Flash Player 9 support, change the path below to something more
appropriate for your SDK and/or Player version
-->
<flex-config>
<benchmark>true</benchmark>
<compiler>
<external-library-path>
<path-element>${flexlib}/libs/player/10.0/playerglobal.swc</path-element>
</external-library-path>
<source-path>
<path-element>./src</path-element>
</source-path>
</compiler>
<include-classes>
<class>com.hurlant.crypto.Crypto</class>
<class>com.hurlant.crypto.cert.MozillaRootCertificates</class>
<class>com.hurlant.crypto.cert.X509Certificate</class>
<class>com.hurlant.crypto.cert.X509CertificateCollection</class>
<class>com.hurlant.crypto.hash.HMAC</class>
<class>com.hurlant.crypto.hash.IHMAC</class>
<class>com.hurlant.crypto.hash.IHash</class>
<class>com.hurlant.crypto.hash.MAC</class>
<class>com.hurlant.crypto.hash.MD2</class>
<class>com.hurlant.crypto.hash.MD5</class>
<class>com.hurlant.crypto.hash.SHA1</class>
<class>com.hurlant.crypto.hash.SHA224</class>
<class>com.hurlant.crypto.hash.SHA256</class>
<class>com.hurlant.crypto.hash.SHABase</class>
<class>com.hurlant.crypto.prng.ARC4</class>
<class>com.hurlant.crypto.prng.IPRNG</class>
<class>com.hurlant.crypto.prng.Random</class>
<class>com.hurlant.crypto.prng.TLSPRF</class>
<class>com.hurlant.crypto.rsa.RSAKey</class>
<class>com.hurlant.crypto.symmetric.AESKey</class>
<class>com.hurlant.crypto.symmetric.BlowFishKey</class>
<class>com.hurlant.crypto.symmetric.CBCMode</class>
<class>com.hurlant.crypto.symmetric.CFB8Mode</class>
<class>com.hurlant.crypto.symmetric.CFBMode</class>
<class>com.hurlant.crypto.symmetric.CTRMode</class>
<class>com.hurlant.crypto.symmetric.DESKey</class>
<class>com.hurlant.crypto.symmetric.ECBMode</class>
<class>com.hurlant.crypto.symmetric.ICipher</class>
<class>com.hurlant.crypto.symmetric.IMode</class>
<class>com.hurlant.crypto.symmetric.IPad</class>
<class>com.hurlant.crypto.symmetric.IStreamCipher</class>
<class>com.hurlant.crypto.symmetric.ISymmetricKey</class>
<class>com.hurlant.crypto.symmetric.IVMode</class>
<class>com.hurlant.crypto.symmetric.NullPad</class>
<class>com.hurlant.crypto.symmetric.OFBMode</class>
<class>com.hurlant.crypto.symmetric.PKCS5</class>
<class>com.hurlant.crypto.symmetric.SimpleIVMode</class>
<class>com.hurlant.crypto.symmetric.TLSPad</class>
<class>com.hurlant.crypto.symmetric.SSLPad</class>
<class>com.hurlant.crypto.symmetric.TripleDESKey</class>
<class>com.hurlant.crypto.symmetric.XTeaKey</class>
<class>com.hurlant.crypto.tls.BulkCiphers</class>
<class>com.hurlant.crypto.tls.CipherSuites</class>
<class>com.hurlant.crypto.tls.KeyExchanges</class>
<class>com.hurlant.crypto.tls.MACs</class>
<class>com.hurlant.crypto.tls.TLSConfig</class>
<class>com.hurlant.crypto.tls.IConnectionState</class>
<class>com.hurlant.crypto.tls.TLSConnectionState</class>
<class>com.hurlant.crypto.tls.SSLConnectionState</class>
<class>com.hurlant.crypto.tls.TLSEngine</class>
<class>com.hurlant.crypto.tls.TLSError</class>
<class>com.hurlant.crypto.tls.TLSSocketEvent</class>
<class>com.hurlant.crypto.tls.TLSEvent</class>
<class>com.hurlant.crypto.tls.SSLEvent</class>
<class>com.hurlant.crypto.tls.ISecurityParameters</class>
<class>com.hurlant.crypto.tls.TLSSecurityParameters</class>
<class>com.hurlant.crypto.tls.SSLSecurityParameters</class>
<class>com.hurlant.crypto.tls.TLSSocket</class>
<class>com.hurlant.util.ArrayUtil</class>
<class>com.hurlant.util.Base64</class>
<class>com.hurlant.util.Hex</class>
<class>com.hurlant.util.Memory</class>
<class>com.hurlant.util.der.ByteString</class>
<class>com.hurlant.util.der.DER</class>
<class>com.hurlant.util.der.IAsn1Type</class>
<class>com.hurlant.util.der.Integer</class>
<class>com.hurlant.util.der.OID</class>
<class>com.hurlant.util.der.ObjectIdentifier</class>
<class>com.hurlant.util.der.PEM</class>
<class>com.hurlant.util.der.PrintableString</class>
<class>com.hurlant.util.der.Sequence</class>
<class>com.hurlant.util.der.Set</class>
<class>com.hurlant.util.der.Type</class>
<class>com.hurlant.util.der.UTCTime</class>
<class>com.hurlant.math.BarrettReduction</class>
<class>com.hurlant.math.BigInteger</class>
<class>com.hurlant.math.ClassicReduction</class>
<class>com.hurlant.math.IReduction</class>
<class>com.hurlant.math.MontgomeryReduction</class>
<class>com.hurlant.math.NullReduction</class>
<class>com.hurlant.math.bi_internal</class>
</include-classes>
<metadata>
<creator>Henri Torgemane</creator>
<description>http://crypto.hurlant.com/</description>
<language>EN</language>
<title>AS3 Cryptography Library</title>
</metadata>
<output>bin/as3crypto_patched.swc</output>
</flex-config>
#!/usr/bin/env ruby
APP_ROOT = File.expand_path(File.join(File.dirname(__FILE__), '..'))
begin
require 'rubigen'
rescue LoadError
require 'rubygems'
require 'rubigen'
end
require 'rubigen/scripts/destroy'
ARGV.shift if ['--help', '-h'].include?(ARGV[0])
RubiGen::Base.use_component_sources! [:air, :airake, :test_unit]
RubiGen::Scripts::Destroy.new.run(ARGV)
#!/usr/bin/env ruby
APP_ROOT = File.expand_path(File.join(File.dirname(__FILE__), '..'))
begin
require 'rubigen'
rescue LoadError
require 'rubygems'
require 'rubigen'
end
require 'rubigen/scripts/generate'
ARGV.shift if ['--help', '-h'].include?(ARGV[0])
RubiGen::Base.use_component_sources! [:air, :airake, :test_unit]
RubiGen::Scripts::Generate.new.run(ARGV)
/**
* Crypto
*
* An abstraction layer to instanciate our crypto algorithms
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto
{
import com.hurlant.crypto.hash.HMAC;
import com.hurlant.crypto.hash.MAC;
import com.hurlant.crypto.hash.IHash;
import com.hurlant.crypto.hash.MD2;
import com.hurlant.crypto.hash.MD5;
import com.hurlant.crypto.hash.SHA1;
import com.hurlant.crypto.hash.SHA224;
import com.hurlant.crypto.hash.SHA256;
import com.hurlant.crypto.prng.ARC4;
import com.hurlant.crypto.rsa.RSAKey;
import com.hurlant.crypto.symmetric.AESKey;
import com.hurlant.crypto.symmetric.BlowFishKey;
import com.hurlant.crypto.symmetric.CBCMode;
import com.hurlant.crypto.symmetric.CFB8Mode;
import com.hurlant.crypto.symmetric.CFBMode;
import com.hurlant.crypto.symmetric.CTRMode;
import com.hurlant.crypto.symmetric.DESKey;
import com.hurlant.crypto.symmetric.ECBMode;
import com.hurlant.crypto.symmetric.ICipher;
import com.hurlant.crypto.symmetric.IMode;
import com.hurlant.crypto.symmetric.IPad;
import com.hurlant.crypto.symmetric.ISymmetricKey;
import com.hurlant.crypto.symmetric.IVMode;
import com.hurlant.crypto.symmetric.NullPad;
import com.hurlant.crypto.symmetric.OFBMode;
import com.hurlant.crypto.symmetric.PKCS5;
import com.hurlant.crypto.symmetric.SimpleIVMode;
import com.hurlant.crypto.symmetric.TripleDESKey;
import com.hurlant.crypto.symmetric.XTeaKey;
import com.hurlant.util.Base64;
import flash.utils.ByteArray;
/**
* A class to make it easy to use the rest of the framework.
* As a side-effect, using this class will cause most of the framework
* to be linked into your application, which is not always what you want.
*
* If you want to optimize your download size, don't use this class.
* (But feel free to read it to get ideas on how to get the algorithm you want.)
*/
public class Crypto
{
private var b64:Base64; // we don't use it, but we want the swc to include it, so cheap trick.
public function Crypto(){
}
/**
* Things that should work, among others:
* "aes"
* "aes-128-ecb"
* "aes-128-cbc"
* "aes-128-cfb"
* "aes-128-cfb8"
* "aes-128-ofb"
* "aes-192-cfb"
* "aes-256-ofb"
* "blowfish-cbc"
* "des-ecb"
* "xtea"
* "xtea-ecb"
* "xtea-cbc"
* "xtea-cfb"
* "xtea-cfb8"
* "xtea-ofb"
* "rc4"
* "simple-aes-cbc"
*/
public static function getCipher(name:String, key:ByteArray, pad:IPad=null):ICipher {
// split name into an array.
var keys:Array = name.split("-");
switch (keys[0]) {
/**
* "simple" is a special case. It means:
* "If using an IV mode, prepend the IV to the ciphertext"
*/
case "simple":
keys.shift();
name = keys.join("-");
var cipher:ICipher = getCipher(name, key, pad);
if (cipher is IVMode) {
return new SimpleIVMode(cipher as IVMode);
} else {
return cipher;
}
/**
* we support both "aes-128" and "aes128"
* Technically, you could use "aes192-128", but you'd
* only be hurting yourself.
*/
case "aes":
case "aes128":
case "aes192":
case "aes256":
keys.shift();
if (key.length*8==keys[0]) {
// support for "aes-128-..." and such.
keys.shift();
}
return getMode(keys[0], new AESKey(key), pad);
break;
case "bf":
case "blowfish":
keys.shift();
return getMode(keys[0], new BlowFishKey(key), pad);
/**
* des-ede and des-ede3 are both equivalent to des3.
* the choice between 2tdes and 3tdes is made based
* on the length of the key provided.
*/
case "des":
keys.shift();
if (keys[0]!="ede" && keys[0]!="ede3") {
return getMode(keys[0], new DESKey(key), pad);
}
if (keys.length==1) {
keys.push("ecb"); // default mode for 2tdes and 3tdes with openssl enc
}
// fall-through to triple des
case "3des":
case "des3":
keys.shift();
return getMode(keys[0], new TripleDESKey(key), pad);
case "xtea":
keys.shift();
return getMode(keys[0], new XTeaKey(key), pad);
break;
/**
* Technically, you could say "rc4-128" or whatever,
* but really, the length of the key is what counts here.
*/
case "rc4":
keys.shift();
return new ARC4(key);
break;
}
return null;
}
/**
* Returns the size of a key for a given cipher identifier.
*/
public static function getKeySize(name:String):uint {
var keys:Array = name.split("-");
switch (keys[0]) {
case "simple":
keys.shift();
return getKeySize(keys.join("-"));
case "aes128":
return 16;
case "aes192":
return 24;
case "aes256":
return 32;
case "aes":
keys.shift();
return parseInt(keys[0])/8;
case "bf":
case "blowfish":
return 16;
case "des":
keys.shift();
switch (keys[0]) {
case "ede":
return 16;
case "ede3":
return 24;
default:
return 8;
}
case "3des":
case "des3":
return 24;
case "xtea":
return 8;
case "rc4":
if (parseInt(keys[1])>0) {
return parseInt(keys[1])/8;
}
return 16; // why not.
}
return 0; // unknown;
}
private static function getMode(name:String, alg:ISymmetricKey, padding:IPad=null):IMode {
switch (name) {
case "ecb":
return new ECBMode(alg, padding);
case "cfb":
return new CFBMode(alg, padding);
case "cfb8":
return new CFB8Mode(alg, padding);
case "ofb":
return new OFBMode(alg, padding);
case "ctr":
return new CTRMode(alg, padding);
case "cbc":
default:
return new CBCMode(alg, padding);
}
}
/**
* Things that should work:
* "md5"
* "sha"
* "sha1"
* "sha224"
* "sha256"
*/
public static function getHash(name:String):IHash {
switch(name) {
case "md2":
return new MD2;
case "md5":
return new MD5;
case "sha": // let's hope you didn't mean sha-0
case "sha1":
return new SHA1;
case "sha224":
return new SHA224;
case "sha256":
return new SHA256;
}
return null;
}
/**
* Things that should work:
* "sha1"
* "md5-64"
* "hmac-md5-96"
* "hmac-sha1-128"
* "hmac-sha256-192"
* etc.
*/
public static function getHMAC(name:String):HMAC {
var keys:Array = name.split("-");
if (keys[0]=="hmac") keys.shift();
var bits:uint = 0;
if (keys.length>1) {
bits = parseInt(keys[1]);
}
return new HMAC(getHash(keys[0]), bits);
}
public static function getMAC(name:String):MAC {
var keys:Array = name.split("-");
if (keys[0]=="mac") keys.shift();
var bits:uint = 0;
if (keys.length > 1) {
bits = parseInt(keys[1]);
}
return new MAC(getHash(keys[0]), bits);
}
public static function getPad(name:String):IPad {
switch(name) {
case "null":
return new NullPad;
case "pkcs5":
default:
return new PKCS5;
}
}
/** mostly useless.
*/
public static function getRSA(E:String, M:String):RSAKey {
return RSAKey.parsePublicKey(M,E);
}
}
}
\ No newline at end of file
This source diff could not be displayed because it is too large. You can view the blob instead.
/**
* X509Certificate
*
* A representation for a X509 Certificate, with
* methods to parse, verify and sign it.
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.cert {
import com.hurlant.crypto.hash.IHash;
import com.hurlant.crypto.hash.MD2;
import com.hurlant.crypto.hash.MD5;
import com.hurlant.crypto.hash.SHA1;
import com.hurlant.crypto.rsa.RSAKey;
import com.hurlant.util.ArrayUtil;
import com.hurlant.util.Base64;
import com.hurlant.util.der.ByteString;
import com.hurlant.util.der.DER;
import com.hurlant.util.der.OID;
import com.hurlant.util.der.ObjectIdentifier;
import com.hurlant.util.der.PEM;
import com.hurlant.util.der.PrintableString;
import com.hurlant.util.der.Sequence;
import com.hurlant.util.der.Type;
import flash.utils.ByteArray;
public class X509Certificate {
private var _loaded:Boolean;
private var _param:*;
private var _obj:Object;
public function X509Certificate(p:*) {
_loaded = false;
_param = p;
// lazy initialization, to avoid unnecessary parsing of every builtin CA at start-up.
}
private function load():void {
if (_loaded) return;
var p:* = _param;
var b:ByteArray;
if (p is String) {
b = PEM.readCertIntoArray(p as String);
} else if (p is ByteArray) {
b = p;
}
if (b!=null) {
_obj = DER.parse(b, Type.TLS_CERT);
_loaded = true;
} else {
throw new Error("Invalid x509 Certificate parameter: "+p);
}
}
public function isSigned(store:X509CertificateCollection, CAs:X509CertificateCollection, time:Date=null):Boolean {
load();
// check timestamps first. cheapest.
if (time==null) {
time = new Date;
}
var notBefore:Date = getNotBefore();
var notAfter:Date = getNotAfter();
if (time.getTime()<notBefore.getTime()) return false; // cert isn't born yet.
if (time.getTime()>notAfter.getTime()) return false; // cert died of old age.
// check signature.
var subject:String = getIssuerPrincipal();
// try from CA first, since they're treated better.
var parent:X509Certificate = CAs.getCertificate(subject);
var parentIsAuthoritative:Boolean = false;
if (parent == null) {
parent = store.getCertificate(subject);
if (parent == null) {
return false; // issuer not found
}
} else {
parentIsAuthoritative = true;
}
if (parent == this) { // pathological case. avoid infinite loop
return false; // isSigned() returns false if we're self-signed.
}
if (!(parentIsAuthoritative&&parent.isSelfSigned(time)) &&
!parent.isSigned(store, CAs, time)) {
return false;
}
var key:RSAKey = parent.getPublicKey();
return verifyCertificate(key);
}
public function isSelfSigned(time:Date):Boolean {
load();
var key:RSAKey = getPublicKey();
return verifyCertificate(key);
}
private function verifyCertificate(key:RSAKey):Boolean {
var algo:String = getAlgorithmIdentifier();
var hash:IHash;
var oid:String;
switch (algo) {
case OID.SHA1_WITH_RSA_ENCRYPTION:
hash = new SHA1;
oid = OID.SHA1_ALGORITHM;
break;
case OID.MD2_WITH_RSA_ENCRYPTION:
hash = new MD2;
oid = OID.MD2_ALGORITHM;
break;
case OID.MD5_WITH_RSA_ENCRYPTION:
hash = new MD5;
oid = OID.MD5_ALGORITHM;
break;
default:
return false;
}
var data:ByteArray = _obj.signedCertificate_bin;
var buf:ByteArray = new ByteArray;
key.verify(_obj.encrypted, buf, _obj.encrypted.length);
buf.position=0;
data = hash.hash(data);
var obj:Object = DER.parse(buf, Type.RSA_SIGNATURE);
if (obj.algorithm.algorithmId.toString() != oid) {
return false; // wrong algorithm
}
if (!ArrayUtil.equals(obj.hash, data)) {
return false; // hashes don't match
}
return true;
}
/**
* This isn't used anywhere so far.
* It would become useful if we started to offer facilities
* to generate and sign X509 certificates.
*
* @param key
* @param algo
* @return
*
*/
private function signCertificate(key:RSAKey, algo:String):ByteArray {
var hash:IHash;
var oid:String;
switch (algo) {
case OID.SHA1_WITH_RSA_ENCRYPTION:
hash = new SHA1;
oid = OID.SHA1_ALGORITHM;
break;
case OID.MD2_WITH_RSA_ENCRYPTION:
hash = new MD2;
oid = OID.MD2_ALGORITHM;
break;
case OID.MD5_WITH_RSA_ENCRYPTION:
hash = new MD5;
oid = OID.MD5_ALGORITHM;
break;
default:
return null
}
var data:ByteArray = _obj.signedCertificate_bin;
data = hash.hash(data);
var seq1:Sequence = new Sequence;
seq1[0] = new Sequence;
seq1[0][0] = new ObjectIdentifier(0,0, oid);
seq1[0][1] = null;
seq1[1] = new ByteString;
seq1[1].writeBytes(data);
data = seq1.toDER();
var buf:ByteArray = new ByteArray;
key.sign(data, buf, data.length);
return buf;
}
public function getPublicKey():RSAKey {
load();
var pk:ByteArray = _obj.signedCertificate.subjectPublicKeyInfo.subjectPublicKey as ByteArray;
pk.position = 0;
var rsaKey:Object = DER.parse(pk, [{name:"N"},{name:"E"}]);
return new RSAKey(rsaKey.N, rsaKey.E.valueOf());
}
/**
* Returns a subject principal, as an opaque base64 string.
* This is only used as a hash key for known certificates.
*
* Note that this assumes X509 DER-encoded certificates are uniquely encoded,
* as we look for exact matches between Issuer and Subject fields.
*
*/
public function getSubjectPrincipal():String {
load();
return Base64.encodeByteArray(_obj.signedCertificate.subject_bin);
}
/**
* Returns an issuer principal, as an opaque base64 string.
* This is only used to quickly find matching parent certificates.
*
* Note that this assumes X509 DER-encoded certificates are uniquely encoded,
* as we look for exact matches between Issuer and Subject fields.
*
*/
public function getIssuerPrincipal():String {
load();
return Base64.encodeByteArray(_obj.signedCertificate.issuer_bin);
}
public function getAlgorithmIdentifier():String {
return _obj.algorithmIdentifier.algorithmId.toString();
}
public function getNotBefore():Date {
return _obj.signedCertificate.validity.notBefore.date;
}
public function getNotAfter():Date {
return _obj.signedCertificate.validity.notAfter.date;
}
public function getCommonName():String {
var subject:Sequence = _obj.signedCertificate.subject;
return (subject.findAttributeValue(OID.COMMON_NAME) as PrintableString).getString();
}
}
}
\ No newline at end of file
/**
* X509CertificateCollection
*
* A class to store and index X509 Certificates by Subject.
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.cert {
public class X509CertificateCollection {
private var _map:Object;
public function X509CertificateCollection() {
_map = {};
}
/**
* Mostly meant for built-in CA loading.
* This entry-point allows to index CAs without parsing them.
*
* @param name A friendly name. not currently used
* @param subject base64 DER encoded Subject principal for the Cert
* @param pem PEM encoded certificate data
*
*/
public function addPEMCertificate(name:String, subject:String, pem:String):void {
_map[subject] = new X509Certificate(pem);
}
/**
* Adds a X509 certificate to the collection.
* This call will force the certificate to be parsed.
*
* @param cert A X509 certificate
*
*/
public function addCertificate(cert:X509Certificate):void {
var subject:String = cert.getSubjectPrincipal();
_map[subject] = cert;
}
/**
* Returns a X509 Certificate present in the collection, given
* a base64 DER encoded X500 Subject principal
*
* @param subject A Base64 DER-encoded Subject principal
* @return A matching certificate, or null.
*
*/
public function getCertificate(subject:String):X509Certificate {
return _map[subject];
}
}
}
\ No newline at end of file
K 25
svn:wc:ra_dav:version-url
V 60
/svn/!svn/ver/28/trunk/as3crypto/src/com/hurlant/crypto/hash
END
MAC.as
K 25
svn:wc:ra_dav:version-url
V 67
/svn/!svn/ver/28/trunk/as3crypto/src/com/hurlant/crypto/hash/MAC.as
END
IHMAC.as
K 25
svn:wc:ra_dav:version-url
V 69
/svn/!svn/ver/28/trunk/as3crypto/src/com/hurlant/crypto/hash/IHMAC.as
END
MD2.as
K 25
svn:wc:ra_dav:version-url
V 67
/svn/!svn/ver/28/trunk/as3crypto/src/com/hurlant/crypto/hash/MD2.as
END
SHA224.as
K 25
svn:wc:ra_dav:version-url
V 69
/svn/!svn/ver/3/trunk/as3crypto/src/com/hurlant/crypto/hash/SHA224.as
END
MD5.as
K 25
svn:wc:ra_dav:version-url
V 67
/svn/!svn/ver/28/trunk/as3crypto/src/com/hurlant/crypto/hash/MD5.as
END
SHABase.as
K 25
svn:wc:ra_dav:version-url
V 71
/svn/!svn/ver/28/trunk/as3crypto/src/com/hurlant/crypto/hash/SHABase.as
END
SHA256.as
K 25
svn:wc:ra_dav:version-url
V 70
/svn/!svn/ver/28/trunk/as3crypto/src/com/hurlant/crypto/hash/SHA256.as
END
HMAC.as
K 25
svn:wc:ra_dav:version-url
V 68
/svn/!svn/ver/28/trunk/as3crypto/src/com/hurlant/crypto/hash/HMAC.as
END
IHash.as
K 25
svn:wc:ra_dav:version-url
V 69
/svn/!svn/ver/28/trunk/as3crypto/src/com/hurlant/crypto/hash/IHash.as
END
SHA1.as
K 25
svn:wc:ra_dav:version-url
V 68
/svn/!svn/ver/28/trunk/as3crypto/src/com/hurlant/crypto/hash/SHA1.as
END
10
dir
28
http://as3crypto.googlecode.com/svn/trunk/as3crypto/src/com/hurlant/crypto/hash
http://as3crypto.googlecode.com/svn
2009-06-04T23:35:21.192697Z
28
sh0rtwave
395c722c-794e-0410-9327-f1aa524df581
MAC.as
file
2009-11-07T06:59:45.000000Z
0bedba9be73ae40adeb26ca35c8237f4
2009-06-04T23:35:21.192697Z
28
sh0rtwave
has-props
3559
IHMAC.as
file
2009-11-07T06:59:45.000000Z
dac8b7d8c849fe11f90ec290aa5dedf0
2009-06-04T23:35:21.192697Z
28
sh0rtwave
has-props
599
MD2.as
file
2009-11-07T06:59:45.000000Z
73bf759d445a65186512066a103dbb45
2009-06-04T23:35:21.192697Z
28
sh0rtwave
3811
SHA224.as
file
2009-11-07T06:59:45.000000Z
026d3e96099de7100c1d49012720d6f9
2008-06-22T05:51:59.360556Z
3
henrit
604
MD5.as
file
2009-11-07T06:59:45.000000Z
60211f6583ee826e2a17ad03605aa7b4
2009-06-04T23:35:21.192697Z
28
sh0rtwave
6965
SHABase.as
file
2009-11-07T06:59:45.000000Z
aa1101bf874f26cd364cf16fb7dff6c7
2009-06-04T23:35:21.192697Z
28
sh0rtwave
1495
SHA256.as
file
2009-11-07T06:59:45.000000Z
c14bc0555970db81a87f5d2b60e4288c
2009-06-04T23:35:21.192697Z
28
sh0rtwave
3459
HMAC.as
file
2009-11-07T06:59:45.000000Z
c96c9bc0e0b64eed7e2d8c27dc29c561
2009-06-04T23:35:21.192697Z
28
sh0rtwave
2132
IHash.as
file
2009-11-07T06:59:45.000000Z
71f45750c456debd7ef1f74e6db9dc23
2009-06-04T23:35:21.192697Z
28
sh0rtwave
445
SHA1.as
file
2009-11-07T06:59:45.000000Z
ba97b95bebda5bdd3fe2063e9c7e21cd
2009-06-04T23:35:21.192697Z
28
sh0rtwave
2642
/**
* HMAC
*
* An ActionScript 3 implementation of HMAC, Keyed-Hashing for Message
* Authentication, as defined by RFC-2104
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
import flash.utils.ByteArray;
import com.hurlant.util.Hex;
public class HMAC implements IHMAC
{
private var hash:IHash;
private var bits:uint;
/**
* Create a HMAC object, using a Hash function, and
* optionally a number of bits to return.
* The HMAC will be truncated to that size if needed.
*/
public function HMAC(hash:IHash, bits:uint=0) {
this.hash = hash;
this.bits = bits;
}
public function getHashSize():uint {
if (bits!=0) {
return bits/8;
} else {
return hash.getHashSize();
}
}
/**
* Compute a HMAC using a key and some data.
* It doesn't modify either, and returns a new ByteArray with the HMAC value.
*/
public function compute(key:ByteArray, data:ByteArray):ByteArray {
var hashKey:ByteArray;
if (key.length>hash.getInputSize()) {
hashKey = hash.hash(key);
} else {
hashKey = new ByteArray;
hashKey.writeBytes(key);
}
while (hashKey.length<hash.getInputSize()) {
hashKey[hashKey.length]=0;
}
var innerKey:ByteArray = new ByteArray;
var outerKey:ByteArray = new ByteArray;
for (var i:uint=0;i<hashKey.length;i++) {
innerKey[i] = hashKey[i] ^ 0x36;
outerKey[i] = hashKey[i] ^ 0x5c;
}
// inner + data
innerKey.position = hashKey.length;
innerKey.writeBytes(data);
var innerHash:ByteArray = hash.hash(innerKey);
// outer + innerHash
outerKey.position = hashKey.length;
outerKey.writeBytes(innerHash);
var outerHash:ByteArray = hash.hash(outerKey);
if (bits>0 && bits<8*outerHash.length) {
outerHash.length = bits/8;
}
return outerHash;
}
public function dispose():void {
hash = null;
bits = 0;
}
public function toString():String {
return "hmac-"+(bits>0?bits+"-":"")+hash.toString();
}
}
}
\ No newline at end of file
/**
* HMAC
*
* An ActionScript 3 interface for HMAC & MAC
* implementations.
*
* Loosely copyrighted by Bobby Parker
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
import flash.utils.ByteArray;
public interface IHMAC
{
function getHashSize():uint;
/**
* Compute a HMAC using a key and some data.
* It doesn't modify either, and returns a new ByteArray with the HMAC value.
*/
function compute(key:ByteArray, data:ByteArray):ByteArray;
function dispose():void;
function toString():String;
}
}
\ No newline at end of file
/**
* IHash
*
* An interface for each hash function to implement
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
import flash.utils.ByteArray;
public interface IHash
{
function getInputSize():uint;
function getHashSize():uint;
function hash(src:ByteArray):ByteArray;
function toString():String;
function getPadSize():int;
}
}
\ No newline at end of file
/**
* MAC
*
* An ActionScript 3 implementation of MAC, Message Authentication Code
* for use with SSL 3.0.
* Loosely copyrighted by Bobby Parker.
* As3crypto copyrighted by Henri Torgemane.
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
import flash.utils.ByteArray;
import com.hurlant.util.Hex;
public class MAC implements IHMAC
{
private var hash:IHash;
private var bits:uint;
private var pad_1:ByteArray;
private var pad_2:ByteArray;
private var innerHash:ByteArray;
private var outerHash:ByteArray;
private var outerKey:ByteArray;
private var innerKey:ByteArray;
/**
* Create a MAC object (for SSL 3.0 ) and
* optionally a number of bits to return.
* The MAC will be truncated to that size if needed.
*/
public function MAC(hash:IHash, bits:uint=0) {
this.hash = hash;
this.bits = bits;
innerHash = new ByteArray();
outerHash = new ByteArray();
innerKey = new ByteArray();
outerKey = new ByteArray();
if (hash != null) {
var pad_size:int = hash.getPadSize();
pad_1 = new ByteArray();
pad_2 = new ByteArray();
for (var x:int = 0; x < pad_size; x++) {
pad_1.writeByte(0x36);
pad_2.writeByte(0x5c);
}
}
}
public function setPadSize(pad_size:int) : void { }
public function getHashSize():uint {
if (bits!=0) {
return bits/8;
} else {
return hash.getHashSize();
}
}
/**
* Compute a MAC using a key and some data.
*
*/
public function compute(key:ByteArray, data:ByteArray):ByteArray {
// take that incoming key and do hash(key + pad_2 + hash(key + pad_1 + sequence + length + record)
// note that data = (sequence + type + length + record)
if (pad_1 == null) {
var pad_size:int = hash.getPadSize();
pad_1 = new ByteArray();
pad_2 = new ByteArray();
for (var x:int = 0; x < pad_size; x++) {
pad_1.writeByte(0x36);
pad_2.writeByte(0x5c);
}
}
// Do some preliminary checking on stuff
/*
if (key.length > hash.getInputSize()) {
hashKey = hash.hash(key);
} else {
hashKey = new ByteArray;
hashKey.writeBytes(key);
}
while (hashKey.length < hash.getInputSize() ) {
hashKey[hashKey.length] = 0;
} */
// Henri's conventions work just fine here..
innerKey.length = 0;
outerKey.length = 0;
// trace("MAC Key: " + Hex.fromArray(key));
// trace("Key Length: " + key.length);
// trace("Pad_1 : " + Hex.fromArray(pad_1));
// inner hash calc
innerKey.writeBytes(key);
innerKey.writeBytes(pad_1);
innerKey.writeBytes(data);
// trace("MAC Inner Key: " + Hex.fromArray(innerKey));
innerHash = hash.hash(innerKey);
// trace("MAC Inner Hash: " + Hex.fromArray(innerHash));
// outer hash calc
outerKey.writeBytes(key);
outerKey.writeBytes(pad_2);
outerKey.writeBytes(innerHash);
// trace("MAC Outer Key: " + Hex.fromArray(outerKey));
outerHash = hash.hash(outerKey);
if (bits > 0 && bits < 8*outerHash.length) {
outerHash.length = bits/8;
}
// trace("MAC for record: " + Hex.fromArray(outerHash));
return outerHash;
}
public function dispose():void {
hash = null;
bits = 0;
}
public function toString():String {
return "mac-"+(bits>0?bits+"-":"")+hash.toString();
}
}
}
\ No newline at end of file
/**
* MD2
*
* An ActionScript 3 implementation of the RSA Data Security, Inc MD2 Message
* Digest Algorithm, as defined in RFC 1319
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*
* Excerpt from http://en.wikipedia.org/wiki/MD2:
* >
* > Rogier and Chauvaud (1997) described collisions of MD2's compression function,
* > although they were unable to extend the attack to the full MD2.
* >
* > In 2004, MD2 was shown to be vulnerable to a preimage attack with time
* > complexity equivalent to 2104 applications of the compression function
* > (Muller, 2004).
* > The author concludes, "MD2 can no longer be considered a secure one-way
* > hash function".
*
* also, this implementaton is quite slow.
*/
package com.hurlant.crypto.hash
{
import flash.utils.ByteArray;
public class MD2 implements IHash
{
public static const HASH_SIZE:int = 16;
public var pad_size:int = 48; // probably will never get used, only here for SSL 3.0 support
private static const S:Array = [ // PI Digits
41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6, 19,
98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188, 76, 130, 202,
30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24, 138, 23, 229, 18,
190, 78, 196, 214, 218, 158, 222, 73, 160, 251, 245, 142, 187, 47, 238, 122,
169, 104, 121, 145, 21, 178, 7, 63, 148, 194, 16, 137, 11, 34, 95, 33,
128, 127, 93, 154, 90, 144, 50, 39, 53, 62, 204, 231, 191, 247, 151, 3,
255, 25, 48, 179, 72, 165, 181, 209, 215, 94, 146, 42, 172, 86, 170, 198,
79, 184, 56, 210, 150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241,
69, 157, 112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2,
27, 96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15,
85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197, 234, 38,
44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65, 129, 77, 82,
106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123, 8, 12, 189, 177, 74,
120, 136, 149, 139, 227, 99, 232, 109, 233, 203, 213, 254, 59, 0, 29, 57,
242, 239, 183, 14, 102, 88, 208, 228, 166, 119, 114, 248, 235, 117, 75, 10,
49, 68, 80, 180, 143, 237, 31, 26, 219, 153, 141, 51, 159, 17, 131, 20 ];
public function getInputSize():uint
{
return 16;
}
public function getPadSize():int {
return pad_size;
}
public function getHashSize():uint
{
return HASH_SIZE;
}
public function hash(src:ByteArray):ByteArray
{
var savedLength:uint = src.length;
// 3.1 Step 1. Padding
var i:uint = (16-src.length%16) || 16;
do {
src[src.length]=i;
} while (src.length%16!=0);
// 3.2 Step 2. Checksum
var len:uint = src.length;
var checksum:ByteArray = new ByteArray;
var L:uint = 0;
for (i = 0;i<len;i+=16) {
for (var j:uint=0;j<16;j++) {
L = checksum[j] ^= S[src[i+j] ^ L];
}
}
src.position = src.length;
src.writeBytes(checksum);
len += 16;
// 3.3 Step 3. MD Buffer
var X:ByteArray = new ByteArray;
// 3.4 Process Message
for (i=0;i<len;i+=16) {
/* Copy block i into X */
for (j=0;j<16;j++) {
X[32+j] = (X[16+j] = src[i+j])^X[j];
}
var t:uint=0;
/* Do 18 rounds */
for (j=0;j<18;j++) {
/* Round j. */
for (var k:uint=0;k<48;k++) {
X[k] = t = X[k]^S[t];
}
t = (t+j)&0xff;
}
}
// 3.5 Step 5. Output
X.length = 16;
// restore original length;
src.length = savedLength;
return X;
}
public function toString():String
{
return "md2";
}
}
}
\ No newline at end of file
/**
* MD5
*
* An ActionScript 3 implementation of the RSA Data Security, Inc. MD5 Message
* Digest Algorithm, as defined in RFC 1321.
* Copyright (c) 2007 Henri Torgemane
*
* Derived from
* A JavaScript implementation of the same.
* Version 2.1 Copyright (C) Paul Johnston 1999 - 2002.
* Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
*
* Note:
* This algorithm should not be your first choice for new developements, but is
* included to allow interoperability with existing codes and protocols.
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
import flash.utils.ByteArray;
import flash.utils.Endian;
public class MD5 implements IHash
{
public static const HASH_SIZE:int = 16;
public var pad_size:int = 48;
public function getInputSize():uint
{
return 64;
}
public function getHashSize():uint
{
return HASH_SIZE;
}
public function getPadSize():int
{
return pad_size;
}
public function hash(src:ByteArray):ByteArray
{
var len:uint = src.length *8;
var savedEndian:String = src.endian;
// pad to nearest int.
while (src.length%4!=0) {
src[src.length]=0;
}
// convert ByteArray to an array of uint
src.position=0;
var a:Array = [];
src.endian=Endian.LITTLE_ENDIAN
for (var i:uint=0;i<src.length;i+=4) {
a.push(src.readUnsignedInt());
}
var h:Array = core_md5(a, len);
var out:ByteArray = new ByteArray;
out.endian=Endian.LITTLE_ENDIAN;
for (i=0;i<4;i++) {
out.writeUnsignedInt(h[i]);
}
// restore length!
src.length = len/8;
src.endian = savedEndian;
return out;
}
private function core_md5(x:Array, len:uint):Array {
/* append padding */
x[len >> 5] |= 0x80 << ((len) % 32);
x[(((len + 64) >>> 9) << 4) + 14] = len;
var a:uint = 0x67452301; // 1732584193;
var b:uint = 0xEFCDAB89; //-271733879;
var c:uint = 0x98BADCFE; //-1732584194;
var d:uint = 0x10325476; // 271733878;
for(var i:uint = 0; i < x.length; i += 16)
{
x[i]||=0; x[i+1]||=0; x[i+2]||=0; x[i+3]||=0;
x[i+4]||=0; x[i+5]||=0; x[i+6]||=0; x[i+7]||=0;
x[i+8]||=0; x[i+9]||=0; x[i+10]||=0; x[i+11]||=0;
x[i+12]||=0; x[i+13]||=0; x[i+14]||=0; x[i+15]||=0;
var olda:uint = a;
var oldb:uint = b;
var oldc:uint = c;
var oldd:uint = d;
a = ff(a, b, c, d, x[i+ 0], 7 , 0xD76AA478);
d = ff(d, a, b, c, x[i+ 1], 12, 0xE8C7B756);
c = ff(c, d, a, b, x[i+ 2], 17, 0x242070DB);
b = ff(b, c, d, a, x[i+ 3], 22, 0xC1BDCEEE);
a = ff(a, b, c, d, x[i+ 4], 7 , 0xF57C0FAF);
d = ff(d, a, b, c, x[i+ 5], 12, 0x4787C62A);
c = ff(c, d, a, b, x[i+ 6], 17, 0xA8304613);
b = ff(b, c, d, a, x[i+ 7], 22, 0xFD469501);
a = ff(a, b, c, d, x[i+ 8], 7 , 0x698098D8);
d = ff(d, a, b, c, x[i+ 9], 12, 0x8B44F7AF);
c = ff(c, d, a, b, x[i+10], 17, 0xFFFF5BB1);
b = ff(b, c, d, a, x[i+11], 22, 0x895CD7BE);
a = ff(a, b, c, d, x[i+12], 7 , 0x6B901122);
d = ff(d, a, b, c, x[i+13], 12, 0xFD987193);
c = ff(c, d, a, b, x[i+14], 17, 0xA679438E);
b = ff(b, c, d, a, x[i+15], 22, 0x49B40821);
a = gg(a, b, c, d, x[i+ 1], 5 , 0xf61e2562);
d = gg(d, a, b, c, x[i+ 6], 9 , 0xc040b340);
c = gg(c, d, a, b, x[i+11], 14, 0x265e5a51);
b = gg(b, c, d, a, x[i+ 0], 20, 0xe9b6c7aa);
a = gg(a, b, c, d, x[i+ 5], 5 , 0xd62f105d);
d = gg(d, a, b, c, x[i+10], 9 , 0x2441453);
c = gg(c, d, a, b, x[i+15], 14, 0xd8a1e681);
b = gg(b, c, d, a, x[i+ 4], 20, 0xe7d3fbc8);
a = gg(a, b, c, d, x[i+ 9], 5 , 0x21e1cde6);
d = gg(d, a, b, c, x[i+14], 9 , 0xc33707d6);
c = gg(c, d, a, b, x[i+ 3], 14, 0xf4d50d87);
b = gg(b, c, d, a, x[i+ 8], 20, 0x455a14ed);
a = gg(a, b, c, d, x[i+13], 5 , 0xa9e3e905);
d = gg(d, a, b, c, x[i+ 2], 9 , 0xfcefa3f8);
c = gg(c, d, a, b, x[i+ 7], 14, 0x676f02d9);
b = gg(b, c, d, a, x[i+12], 20, 0x8d2a4c8a);
a = hh(a, b, c, d, x[i+ 5], 4 , 0xfffa3942);
d = hh(d, a, b, c, x[i+ 8], 11, 0x8771f681);
c = hh(c, d, a, b, x[i+11], 16, 0x6d9d6122);
b = hh(b, c, d, a, x[i+14], 23, 0xfde5380c);
a = hh(a, b, c, d, x[i+ 1], 4 , 0xa4beea44);
d = hh(d, a, b, c, x[i+ 4], 11, 0x4bdecfa9);
c = hh(c, d, a, b, x[i+ 7], 16, 0xf6bb4b60);
b = hh(b, c, d, a, x[i+10], 23, 0xbebfbc70);
a = hh(a, b, c, d, x[i+13], 4 , 0x289b7ec6);
d = hh(d, a, b, c, x[i+ 0], 11, 0xeaa127fa);
c = hh(c, d, a, b, x[i+ 3], 16, 0xd4ef3085);
b = hh(b, c, d, a, x[i+ 6], 23, 0x4881d05);
a = hh(a, b, c, d, x[i+ 9], 4 , 0xd9d4d039);
d = hh(d, a, b, c, x[i+12], 11, 0xe6db99e5);
c = hh(c, d, a, b, x[i+15], 16, 0x1fa27cf8);
b = hh(b, c, d, a, x[i+ 2], 23, 0xc4ac5665);
a = ii(a, b, c, d, x[i+ 0], 6 , 0xf4292244);
d = ii(d, a, b, c, x[i+ 7], 10, 0x432aff97);
c = ii(c, d, a, b, x[i+14], 15, 0xab9423a7);
b = ii(b, c, d, a, x[i+ 5], 21, 0xfc93a039);
a = ii(a, b, c, d, x[i+12], 6 , 0x655b59c3);
d = ii(d, a, b, c, x[i+ 3], 10, 0x8f0ccc92);
c = ii(c, d, a, b, x[i+10], 15, 0xffeff47d);
b = ii(b, c, d, a, x[i+ 1], 21, 0x85845dd1);
a = ii(a, b, c, d, x[i+ 8], 6 , 0x6fa87e4f);
d = ii(d, a, b, c, x[i+15], 10, 0xfe2ce6e0);
c = ii(c, d, a, b, x[i+ 6], 15, 0xa3014314);
b = ii(b, c, d, a, x[i+13], 21, 0x4e0811a1);
a = ii(a, b, c, d, x[i+ 4], 6 , 0xf7537e82);
d = ii(d, a, b, c, x[i+11], 10, 0xbd3af235);
c = ii(c, d, a, b, x[i+ 2], 15, 0x2ad7d2bb);
b = ii(b, c, d, a, x[i+ 9], 21, 0xeb86d391);
a += olda;
b += oldb;
c += oldc;
d += oldd;
}
return [ a, b, c, d ];
}
/*
* Bitwise rotate a 32-bit number to the left.
*/
private function rol(num:uint, cnt:uint):uint
{
return (num << cnt) | (num >>> (32 - cnt));
}
/*
* These functions implement the four basic operations the algorithm uses.
*/
private function cmn(q:uint, a:uint, b:uint, x:uint, s:uint, t:uint):uint {
return rol(a + q + x + t, s) + b;
}
private function ff(a:uint, b:uint, c:uint, d:uint, x:uint, s:uint, t:uint):uint {
return cmn((b & c) | ((~b) & d), a, b, x, s, t);
}
private function gg(a:uint, b:uint, c:uint, d:uint, x:uint, s:uint, t:uint):uint {
return cmn((b & d) | (c & (~d)), a, b, x, s, t);
}
private function hh(a:uint, b:uint, c:uint, d:uint, x:uint, s:uint, t:uint):uint {
return cmn(b ^ c ^ d, a, b, x, s, t);
}
private function ii(a:uint, b:uint, c:uint, d:uint, x:uint, s:uint, t:uint):uint {
return cmn(c ^ (b | (~d)), a, b, x, s, t);
}
public function toString():String {
return "md5";
}
}
}
\ No newline at end of file
/**
* SHA1
*
* An ActionScript 3 implementation of Secure Hash Algorithm, SHA-1, as defined
* in FIPS PUB 180-1
* Copyright (c) 2007 Henri Torgemane
*
* Derived from:
* A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined
* in FIPS PUB 180-1
* Version 2.1a Copyright Paul Johnston 2000 - 2002.
* Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
public class SHA1 extends SHABase implements IHash
{
public static const HASH_SIZE:int = 20;
public override function getHashSize():uint {
return HASH_SIZE;
}
protected override function core(x:Array, len:uint):Array
{
/* append padding */
x[len >> 5] |= 0x80 << (24 - len % 32);
x[((len + 64 >> 9) << 4) + 15] = len;
var w:Array = [];
var a:uint = 0x67452301; //1732584193;
var b:uint = 0xEFCDAB89; //-271733879;
var c:uint = 0x98BADCFE; //-1732584194;
var d:uint = 0x10325476; //271733878;
var e:uint = 0xC3D2E1F0; //-1009589776;
for(var i:uint = 0; i < x.length; i += 16)
{
var olda:uint = a;
var oldb:uint = b;
var oldc:uint = c;
var oldd:uint = d;
var olde:uint = e;
for(var j:uint = 0; j < 80; j++)
{
if (j < 16) {
w[j] = x[i + j] || 0;
} else {
w[j] = rol(w[j-3] ^ w[j-8] ^ w[j-14] ^ w[j-16], 1);
}
var t:uint = rol(a,5) + ft(j,b,c,d) + e + w[j] + kt(j);
e = d;
d = c;
c = rol(b, 30);
b = a;
a = t;
}
a += olda;
b += oldb;
c += oldc;
d += oldd;
e += olde;
}
return [ a, b, c, d, e ];
}
/*
* Bitwise rotate a 32-bit number to the left.
*/
private function rol(num:uint, cnt:uint):uint
{
return (num << cnt) | (num >>> (32 - cnt));
}
/*
* Perform the appropriate triplet combination function for the current
* iteration
*/
private function ft(t:uint, b:uint, c:uint, d:uint):uint
{
if(t < 20) return (b & c) | ((~b) & d);
if(t < 40) return b ^ c ^ d;
if(t < 60) return (b & c) | (b & d) | (c & d);
return b ^ c ^ d;
}
/*
* Determine the appropriate additive constant for the current iteration
*/
private function kt(t:uint):uint
{
return (t < 20) ? 0x5A827999 : (t < 40) ? 0x6ED9EBA1 :
(t < 60) ? 0x8F1BBCDC : 0xCA62C1D6;
}
public override function toString():String {
return "sha1";
}
}
}
/**
* SHA224
*
* An ActionScript 3 implementation of Secure Hash Algorithm, SHA-224, as defined
* in FIPS PUB 180-2
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
public class SHA224 extends SHA256
{
function SHA224() {
h = [
0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939,
0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4
];
}
public override function getHashSize():uint {
return 28;
}
public override function toString():String {
return "sha224";
}
}
}
\ No newline at end of file
/**
* SHA256
*
* An ActionScript 3 implementation of Secure Hash Algorithm, SHA-256, as defined
* in FIPS PUB 180-2
* Copyright (c) 2007 Henri Torgemane
*
* Derived from:
* A JavaScript implementation of the Secure Hash Standard
* Version 0.3 Copyright Angel Marin 2003-2004 - http://anmar.eu.org/
* Derived from:
* A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined
* in FIPS PUB 180-1
* Version 2.1a Copyright Paul Johnston 2000 - 2002.
* Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
public class SHA256 extends SHABase implements IHash
{
protected static const k:Array = [
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2];
protected var h:Array = [
0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
];
public function SHA256(){
}
public override function getHashSize():uint
{
return 32;
}
protected override function core(x:Array, len:uint):Array {
/* append padding */
x[len >> 5] |= 0x80 << (24 - len % 32);
x[((len + 64 >> 9) << 4) + 15] = len;
var w:Array = [];
var a:uint = h[0];
var b:uint = h[1];
var c:uint = h[2];
var d:uint = h[3];
var e:uint = h[4];
var f:uint = h[5];
var g:uint = h[6];
var h:uint = h[7];
for (var i:uint=0; i<x.length; i+=16) {
var olda:uint = a;
var oldb:uint = b;
var oldc:uint = c;
var oldd:uint = d;
var olde:uint = e;
var oldf:uint = f;
var oldg:uint = g;
var oldh:uint = h;
for (var j:uint=0; j<64; j++) {
if (j<16) {
w[j] = x[i+j] || 0;
} else {
var s0:uint = rrol(w[j-15],7)^rrol(w[j-15],18)^(w[j-15]>>>3);
var s1:uint = rrol(w[j-2], 17)^rrol(w[j-2],19)^(w[j-2]>>>10);
w[j] = w[j-16] + s0 + w[j-7] + s1;
}
var t2:uint = (rrol(a,2) ^ rrol(a,13) ^ rrol(a,22)) + ((a&b) ^ (a&c) ^ (b&c));
var t1:uint = h + (rrol(e,6) ^ rrol(e,11) ^ rrol(e,25)) + ((e&f)^(g&~e)) + k[j] + w[j]
h = g;
g = f;
f = e;
e = d + t1;
d = c;
c = b;
b = a;
a = t1 + t2;
}
a += olda;
b += oldb;
c += oldc;
d += oldd;
e += olde;
f += oldf;
g += oldg;
h += oldh;
}
return [ a,b,c,d,e,f,g,h ];
}
/*
* Bitwise rotate a 32-bit number to the right.
*/
protected function rrol(num:uint, cnt:uint):uint {
return (num << (32-cnt)) | (num >>> cnt);
}
public override function toString():String {
return "sha256";
}
}
}
\ No newline at end of file
/**
* SHABase
*
* An ActionScript 3 abstract class for the SHA family of hash functions
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
import flash.utils.ByteArray;
import flash.utils.Endian;
public class SHABase implements IHash
{
public var pad_size:int = 40;
public function getInputSize():uint
{
return 64;
}
public function getHashSize():uint
{
return 0;
}
public function getPadSize():int
{
return pad_size;
}
public function hash(src:ByteArray):ByteArray
{
var savedLength:uint = src.length;
var savedEndian:String = src.endian;
src.endian = Endian.BIG_ENDIAN;
var len:uint = savedLength *8;
// pad to nearest int.
while (src.length%4!=0) {
src[src.length]=0;
}
// convert ByteArray to an array of uint
src.position=0;
var a:Array = [];
for (var i:uint=0;i<src.length;i+=4) {
a.push(src.readUnsignedInt());
}
var h:Array = core(a, len);
var out:ByteArray = new ByteArray;
var words:uint = getHashSize()/4;
for (i=0;i<words;i++) {
out.writeUnsignedInt(h[i]);
}
// unpad, to leave the source untouched.
src.length = savedLength;
src.endian = savedEndian;
return out;
}
protected function core(x:Array, len:uint):Array {
return null;
}
public function toString():String {
return "sha";
}
}
}
\ No newline at end of file
/**
* HMAC
*
* An ActionScript 3 implementation of HMAC, Keyed-Hashing for Message
* Authentication, as defined by RFC-2104
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
import flash.utils.ByteArray;
import com.hurlant.util.Hex;
public class HMAC implements IHMAC
{
private var hash:IHash;
private var bits:uint;
/**
* Create a HMAC object, using a Hash function, and
* optionally a number of bits to return.
* The HMAC will be truncated to that size if needed.
*/
public function HMAC(hash:IHash, bits:uint=0) {
this.hash = hash;
this.bits = bits;
}
public function getHashSize():uint {
if (bits!=0) {
return bits/8;
} else {
return hash.getHashSize();
}
}
/**
* Compute a HMAC using a key and some data.
* It doesn't modify either, and returns a new ByteArray with the HMAC value.
*/
public function compute(key:ByteArray, data:ByteArray):ByteArray {
var hashKey:ByteArray;
if (key.length>hash.getInputSize()) {
hashKey = hash.hash(key);
} else {
hashKey = new ByteArray;
hashKey.writeBytes(key);
}
while (hashKey.length<hash.getInputSize()) {
hashKey[hashKey.length]=0;
}
var innerKey:ByteArray = new ByteArray;
var outerKey:ByteArray = new ByteArray;
for (var i:uint=0;i<hashKey.length;i++) {
innerKey[i] = hashKey[i] ^ 0x36;
outerKey[i] = hashKey[i] ^ 0x5c;
}
// inner + data
innerKey.position = hashKey.length;
innerKey.writeBytes(data);
var innerHash:ByteArray = hash.hash(innerKey);
// outer + innerHash
outerKey.position = hashKey.length;
outerKey.writeBytes(innerHash);
var outerHash:ByteArray = hash.hash(outerKey);
if (bits>0 && bits<8*outerHash.length) {
outerHash.length = bits/8;
}
return outerHash;
}
public function dispose():void {
hash = null;
bits = 0;
}
public function toString():String {
return "hmac-"+(bits>0?bits+"-":"")+hash.toString();
}
}
}
\ No newline at end of file
/**
* HMAC
*
* An ActionScript 3 interface for HMAC & MAC
* implementations.
*
* Loosely copyrighted by Bobby Parker
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
import flash.utils.ByteArray;
public interface IHMAC
{
function getHashSize():uint;
/**
* Compute a HMAC using a key and some data.
* It doesn't modify either, and returns a new ByteArray with the HMAC value.
*/
function compute(key:ByteArray, data:ByteArray):ByteArray;
function dispose():void;
function toString():String;
}
}
\ No newline at end of file
/**
* IHash
*
* An interface for each hash function to implement
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
import flash.utils.ByteArray;
public interface IHash
{
function getInputSize():uint;
function getHashSize():uint;
function hash(src:ByteArray):ByteArray;
function toString():String;
function getPadSize():int;
}
}
\ No newline at end of file
/**
* MAC
*
* An ActionScript 3 implementation of MAC, Message Authentication Code
* for use with SSL 3.0.
* Loosely copyrighted by Bobby Parker.
* As3crypto copyrighted by Henri Torgemane.
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
import flash.utils.ByteArray;
import com.hurlant.util.Hex;
public class MAC implements IHMAC
{
private var hash:IHash;
private var bits:uint;
private var pad_1:ByteArray;
private var pad_2:ByteArray;
private var innerHash:ByteArray;
private var outerHash:ByteArray;
private var outerKey:ByteArray;
private var innerKey:ByteArray;
/**
* Create a MAC object (for SSL 3.0 ) and
* optionally a number of bits to return.
* The MAC will be truncated to that size if needed.
*/
public function MAC(hash:IHash, bits:uint=0) {
this.hash = hash;
this.bits = bits;
innerHash = new ByteArray();
outerHash = new ByteArray();
innerKey = new ByteArray();
outerKey = new ByteArray();
if (hash != null) {
var pad_size:int = hash.getPadSize();
pad_1 = new ByteArray();
pad_2 = new ByteArray();
for (var x:int = 0; x < pad_size; x++) {
pad_1.writeByte(0x36);
pad_2.writeByte(0x5c);
}
}
}
public function setPadSize(pad_size:int) : void { }
public function getHashSize():uint {
if (bits!=0) {
return bits/8;
} else {
return hash.getHashSize();
}
}
/**
* Compute a MAC using a key and some data.
*
*/
public function compute(key:ByteArray, data:ByteArray):ByteArray {
// take that incoming key and do hash(key + pad_2 + hash(key + pad_1 + sequence + length + record)
// note that data = (sequence + type + length + record)
if (pad_1 == null) {
var pad_size:int = hash.getPadSize();
pad_1 = new ByteArray();
pad_2 = new ByteArray();
for (var x:int = 0; x < pad_size; x++) {
pad_1.writeByte(0x36);
pad_2.writeByte(0x5c);
}
}
// Do some preliminary checking on stuff
/*
if (key.length > hash.getInputSize()) {
hashKey = hash.hash(key);
} else {
hashKey = new ByteArray;
hashKey.writeBytes(key);
}
while (hashKey.length < hash.getInputSize() ) {
hashKey[hashKey.length] = 0;
} */
// Henri's conventions work just fine here..
innerKey.length = 0;
outerKey.length = 0;
// trace("MAC Key: " + Hex.fromArray(key));
// trace("Key Length: " + key.length);
// trace("Pad_1 : " + Hex.fromArray(pad_1));
// inner hash calc
innerKey.writeBytes(key);
innerKey.writeBytes(pad_1);
innerKey.writeBytes(data);
// trace("MAC Inner Key: " + Hex.fromArray(innerKey));
innerHash = hash.hash(innerKey);
// trace("MAC Inner Hash: " + Hex.fromArray(innerHash));
// outer hash calc
outerKey.writeBytes(key);
outerKey.writeBytes(pad_2);
outerKey.writeBytes(innerHash);
// trace("MAC Outer Key: " + Hex.fromArray(outerKey));
outerHash = hash.hash(outerKey);
if (bits > 0 && bits < 8*outerHash.length) {
outerHash.length = bits/8;
}
// trace("MAC for record: " + Hex.fromArray(outerHash));
return outerHash;
}
public function dispose():void {
hash = null;
bits = 0;
}
public function toString():String {
return "mac-"+(bits>0?bits+"-":"")+hash.toString();
}
}
}
\ No newline at end of file
/**
* MD2
*
* An ActionScript 3 implementation of the RSA Data Security, Inc MD2 Message
* Digest Algorithm, as defined in RFC 1319
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*
* Excerpt from http://en.wikipedia.org/wiki/MD2:
* >
* > Rogier and Chauvaud (1997) described collisions of MD2's compression function,
* > although they were unable to extend the attack to the full MD2.
* >
* > In 2004, MD2 was shown to be vulnerable to a preimage attack with time
* > complexity equivalent to 2104 applications of the compression function
* > (Muller, 2004).
* > The author concludes, "MD2 can no longer be considered a secure one-way
* > hash function".
*
* also, this implementaton is quite slow.
*/
package com.hurlant.crypto.hash
{
import flash.utils.ByteArray;
public class MD2 implements IHash
{
public static const HASH_SIZE:int = 16;
public var pad_size:int = 48; // probably will never get used, only here for SSL 3.0 support
private static const S:Array = [ // PI Digits
41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6, 19,
98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188, 76, 130, 202,
30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24, 138, 23, 229, 18,
190, 78, 196, 214, 218, 158, 222, 73, 160, 251, 245, 142, 187, 47, 238, 122,
169, 104, 121, 145, 21, 178, 7, 63, 148, 194, 16, 137, 11, 34, 95, 33,
128, 127, 93, 154, 90, 144, 50, 39, 53, 62, 204, 231, 191, 247, 151, 3,
255, 25, 48, 179, 72, 165, 181, 209, 215, 94, 146, 42, 172, 86, 170, 198,
79, 184, 56, 210, 150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241,
69, 157, 112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2,
27, 96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15,
85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197, 234, 38,
44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65, 129, 77, 82,
106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123, 8, 12, 189, 177, 74,
120, 136, 149, 139, 227, 99, 232, 109, 233, 203, 213, 254, 59, 0, 29, 57,
242, 239, 183, 14, 102, 88, 208, 228, 166, 119, 114, 248, 235, 117, 75, 10,
49, 68, 80, 180, 143, 237, 31, 26, 219, 153, 141, 51, 159, 17, 131, 20 ];
public function MD2() { }
public function getInputSize():uint
{
return 16;
}
public function getPadSize():int {
return pad_size;
}
public function getHashSize():uint
{
return HASH_SIZE;
}
public function hash(src:ByteArray):ByteArray
{
var savedLength:uint = src.length;
// 3.1 Step 1. Padding
var i:uint = (16-src.length%16) || 16;
do {
src[src.length]=i;
} while (src.length%16!=0);
// 3.2 Step 2. Checksum
var len:uint = src.length;
var checksum:ByteArray = new ByteArray;
var L:uint = 0;
for (i = 0;i<len;i+=16) {
for (var j:uint=0;j<16;j++) {
L = checksum[j] ^= S[src[i+j] ^ L];
}
}
src.position = src.length;
src.writeBytes(checksum);
len += 16;
// 3.3 Step 3. MD Buffer
var X:ByteArray = new ByteArray;
// 3.4 Process Message
for (i=0;i<len;i+=16) {
/* Copy block i into X */
for (j=0;j<16;j++) {
X[32+j] = (X[16+j] = src[i+j])^X[j];
}
var t:uint=0;
/* Do 18 rounds */
for (j=0;j<18;j++) {
/* Round j. */
for (var k:uint=0;k<48;k++) {
X[k] = t = X[k]^S[t];
}
t = (t+j)&0xff;
}
}
// 3.5 Step 5. Output
X.length = 16;
// restore original length;
src.length = savedLength;
return X;
}
public function toString():String
{
return "md2";
}
}
}
/**
* MD5
*
* An ActionScript 3 implementation of the RSA Data Security, Inc. MD5 Message
* Digest Algorithm, as defined in RFC 1321.
* Copyright (c) 2007 Henri Torgemane
*
* Derived from
* A JavaScript implementation of the same.
* Version 2.1 Copyright (C) Paul Johnston 1999 - 2002.
* Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
*
* Note:
* This algorithm should not be your first choice for new developements, but is
* included to allow interoperability with existing codes and protocols.
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
import flash.utils.ByteArray;
import flash.utils.Endian;
public class MD5 implements IHash
{
public static const HASH_SIZE:int = 16;
public var pad_size:int = 48;
public function MD5() { }
public function getInputSize():uint
{
return 64;
}
public function getHashSize():uint
{
return HASH_SIZE;
}
public function getPadSize():int
{
return pad_size;
}
public function hash(src:ByteArray):ByteArray
{
var len:uint = src.length *8;
var savedEndian:String = src.endian;
// pad to nearest int.
while (src.length%4!=0) {
src[src.length]=0;
}
// convert ByteArray to an array of uint
src.position=0;
var a:Array = [];
src.endian=Endian.LITTLE_ENDIAN
for (var i:uint=0;i<src.length;i+=4) {
a.push(src.readUnsignedInt());
}
var h:Array = core_md5(a, len);
var out:ByteArray = new ByteArray;
out.endian=Endian.LITTLE_ENDIAN;
for (i=0;i<4;i++) {
out.writeUnsignedInt(h[i]);
}
// restore length!
src.length = len/8;
src.endian = savedEndian;
return out;
}
private function core_md5(x:Array, len:uint):Array {
/* append padding */
x[len >> 5] |= 0x80 << ((len) % 32);
x[(((len + 64) >>> 9) << 4) + 14] = len;
var a:uint = 0x67452301; // 1732584193;
var b:uint = 0xEFCDAB89; //-271733879;
var c:uint = 0x98BADCFE; //-1732584194;
var d:uint = 0x10325476; // 271733878;
for(var i:uint = 0; i < x.length; i += 16)
{
x[i]||=0; x[i+1]||=0; x[i+2]||=0; x[i+3]||=0;
x[i+4]||=0; x[i+5]||=0; x[i+6]||=0; x[i+7]||=0;
x[i+8]||=0; x[i+9]||=0; x[i+10]||=0; x[i+11]||=0;
x[i+12]||=0; x[i+13]||=0; x[i+14]||=0; x[i+15]||=0;
var olda:uint = a;
var oldb:uint = b;
var oldc:uint = c;
var oldd:uint = d;
a = ff(a, b, c, d, x[i+ 0], 7 , 0xD76AA478);
d = ff(d, a, b, c, x[i+ 1], 12, 0xE8C7B756);
c = ff(c, d, a, b, x[i+ 2], 17, 0x242070DB);
b = ff(b, c, d, a, x[i+ 3], 22, 0xC1BDCEEE);
a = ff(a, b, c, d, x[i+ 4], 7 , 0xF57C0FAF);
d = ff(d, a, b, c, x[i+ 5], 12, 0x4787C62A);
c = ff(c, d, a, b, x[i+ 6], 17, 0xA8304613);
b = ff(b, c, d, a, x[i+ 7], 22, 0xFD469501);
a = ff(a, b, c, d, x[i+ 8], 7 , 0x698098D8);
d = ff(d, a, b, c, x[i+ 9], 12, 0x8B44F7AF);
c = ff(c, d, a, b, x[i+10], 17, 0xFFFF5BB1);
b = ff(b, c, d, a, x[i+11], 22, 0x895CD7BE);
a = ff(a, b, c, d, x[i+12], 7 , 0x6B901122);
d = ff(d, a, b, c, x[i+13], 12, 0xFD987193);
c = ff(c, d, a, b, x[i+14], 17, 0xA679438E);
b = ff(b, c, d, a, x[i+15], 22, 0x49B40821);
a = gg(a, b, c, d, x[i+ 1], 5 , 0xf61e2562);
d = gg(d, a, b, c, x[i+ 6], 9 , 0xc040b340);
c = gg(c, d, a, b, x[i+11], 14, 0x265e5a51);
b = gg(b, c, d, a, x[i+ 0], 20, 0xe9b6c7aa);
a = gg(a, b, c, d, x[i+ 5], 5 , 0xd62f105d);
d = gg(d, a, b, c, x[i+10], 9 , 0x2441453);
c = gg(c, d, a, b, x[i+15], 14, 0xd8a1e681);
b = gg(b, c, d, a, x[i+ 4], 20, 0xe7d3fbc8);
a = gg(a, b, c, d, x[i+ 9], 5 , 0x21e1cde6);
d = gg(d, a, b, c, x[i+14], 9 , 0xc33707d6);
c = gg(c, d, a, b, x[i+ 3], 14, 0xf4d50d87);
b = gg(b, c, d, a, x[i+ 8], 20, 0x455a14ed);
a = gg(a, b, c, d, x[i+13], 5 , 0xa9e3e905);
d = gg(d, a, b, c, x[i+ 2], 9 , 0xfcefa3f8);
c = gg(c, d, a, b, x[i+ 7], 14, 0x676f02d9);
b = gg(b, c, d, a, x[i+12], 20, 0x8d2a4c8a);
a = hh(a, b, c, d, x[i+ 5], 4 , 0xfffa3942);
d = hh(d, a, b, c, x[i+ 8], 11, 0x8771f681);
c = hh(c, d, a, b, x[i+11], 16, 0x6d9d6122);
b = hh(b, c, d, a, x[i+14], 23, 0xfde5380c);
a = hh(a, b, c, d, x[i+ 1], 4 , 0xa4beea44);
d = hh(d, a, b, c, x[i+ 4], 11, 0x4bdecfa9);
c = hh(c, d, a, b, x[i+ 7], 16, 0xf6bb4b60);
b = hh(b, c, d, a, x[i+10], 23, 0xbebfbc70);
a = hh(a, b, c, d, x[i+13], 4 , 0x289b7ec6);
d = hh(d, a, b, c, x[i+ 0], 11, 0xeaa127fa);
c = hh(c, d, a, b, x[i+ 3], 16, 0xd4ef3085);
b = hh(b, c, d, a, x[i+ 6], 23, 0x4881d05);
a = hh(a, b, c, d, x[i+ 9], 4 , 0xd9d4d039);
d = hh(d, a, b, c, x[i+12], 11, 0xe6db99e5);
c = hh(c, d, a, b, x[i+15], 16, 0x1fa27cf8);
b = hh(b, c, d, a, x[i+ 2], 23, 0xc4ac5665);
a = ii(a, b, c, d, x[i+ 0], 6 , 0xf4292244);
d = ii(d, a, b, c, x[i+ 7], 10, 0x432aff97);
c = ii(c, d, a, b, x[i+14], 15, 0xab9423a7);
b = ii(b, c, d, a, x[i+ 5], 21, 0xfc93a039);
a = ii(a, b, c, d, x[i+12], 6 , 0x655b59c3);
d = ii(d, a, b, c, x[i+ 3], 10, 0x8f0ccc92);
c = ii(c, d, a, b, x[i+10], 15, 0xffeff47d);
b = ii(b, c, d, a, x[i+ 1], 21, 0x85845dd1);
a = ii(a, b, c, d, x[i+ 8], 6 , 0x6fa87e4f);
d = ii(d, a, b, c, x[i+15], 10, 0xfe2ce6e0);
c = ii(c, d, a, b, x[i+ 6], 15, 0xa3014314);
b = ii(b, c, d, a, x[i+13], 21, 0x4e0811a1);
a = ii(a, b, c, d, x[i+ 4], 6 , 0xf7537e82);
d = ii(d, a, b, c, x[i+11], 10, 0xbd3af235);
c = ii(c, d, a, b, x[i+ 2], 15, 0x2ad7d2bb);
b = ii(b, c, d, a, x[i+ 9], 21, 0xeb86d391);
a += olda;
b += oldb;
c += oldc;
d += oldd;
}
return [ a, b, c, d ];
}
/*
* Bitwise rotate a 32-bit number to the left.
*/
private function rol(num:uint, cnt:uint):uint
{
return (num << cnt) | (num >>> (32 - cnt));
}
/*
* These functions implement the four basic operations the algorithm uses.
*/
private function cmn(q:uint, a:uint, b:uint, x:uint, s:uint, t:uint):uint {
return rol(a + q + x + t, s) + b;
}
private function ff(a:uint, b:uint, c:uint, d:uint, x:uint, s:uint, t:uint):uint {
return cmn((b & c) | ((~b) & d), a, b, x, s, t);
}
private function gg(a:uint, b:uint, c:uint, d:uint, x:uint, s:uint, t:uint):uint {
return cmn((b & d) | (c & (~d)), a, b, x, s, t);
}
private function hh(a:uint, b:uint, c:uint, d:uint, x:uint, s:uint, t:uint):uint {
return cmn(b ^ c ^ d, a, b, x, s, t);
}
private function ii(a:uint, b:uint, c:uint, d:uint, x:uint, s:uint, t:uint):uint {
return cmn(c ^ (b | (~d)), a, b, x, s, t);
}
public function toString():String {
return "md5";
}
}
}
/**
* SHA1
*
* An ActionScript 3 implementation of Secure Hash Algorithm, SHA-1, as defined
* in FIPS PUB 180-1
* Copyright (c) 2007 Henri Torgemane
*
* Derived from:
* A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined
* in FIPS PUB 180-1
* Version 2.1a Copyright Paul Johnston 2000 - 2002.
* Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
public class SHA1 extends SHABase implements IHash
{
public static const HASH_SIZE:int = 20;
public override function getHashSize():uint {
return HASH_SIZE;
}
protected override function core(x:Array, len:uint):Array
{
/* append padding */
x[len >> 5] |= 0x80 << (24 - len % 32);
x[((len + 64 >> 9) << 4) + 15] = len;
var w:Array = [];
var a:uint = 0x67452301; //1732584193;
var b:uint = 0xEFCDAB89; //-271733879;
var c:uint = 0x98BADCFE; //-1732584194;
var d:uint = 0x10325476; //271733878;
var e:uint = 0xC3D2E1F0; //-1009589776;
for(var i:uint = 0; i < x.length; i += 16)
{
var olda:uint = a;
var oldb:uint = b;
var oldc:uint = c;
var oldd:uint = d;
var olde:uint = e;
for(var j:uint = 0; j < 80; j++)
{
if (j < 16) {
w[j] = x[i + j] || 0;
} else {
w[j] = rol(w[j-3] ^ w[j-8] ^ w[j-14] ^ w[j-16], 1);
}
var t:uint = rol(a,5) + ft(j,b,c,d) + e + w[j] + kt(j);
e = d;
d = c;
c = rol(b, 30);
b = a;
a = t;
}
a += olda;
b += oldb;
c += oldc;
d += oldd;
e += olde;
}
return [ a, b, c, d, e ];
}
/*
* Bitwise rotate a 32-bit number to the left.
*/
private function rol(num:uint, cnt:uint):uint
{
return (num << cnt) | (num >>> (32 - cnt));
}
/*
* Perform the appropriate triplet combination function for the current
* iteration
*/
private function ft(t:uint, b:uint, c:uint, d:uint):uint
{
if(t < 20) return (b & c) | ((~b) & d);
if(t < 40) return b ^ c ^ d;
if(t < 60) return (b & c) | (b & d) | (c & d);
return b ^ c ^ d;
}
/*
* Determine the appropriate additive constant for the current iteration
*/
private function kt(t:uint):uint
{
return (t < 20) ? 0x5A827999 : (t < 40) ? 0x6ED9EBA1 :
(t < 60) ? 0x8F1BBCDC : 0xCA62C1D6;
}
public override function toString():String {
return "sha1";
}
}
}
/**
* SHA224
*
* An ActionScript 3 implementation of Secure Hash Algorithm, SHA-224, as defined
* in FIPS PUB 180-2
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
public class SHA224 extends SHA256
{
function SHA224() {
h = [
0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939,
0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4
];
}
public override function getHashSize():uint {
return 28;
}
public override function toString():String {
return "sha224";
}
}
}
\ No newline at end of file
/**
* SHA256
*
* An ActionScript 3 implementation of Secure Hash Algorithm, SHA-256, as defined
* in FIPS PUB 180-2
* Copyright (c) 2007 Henri Torgemane
*
* Derived from:
* A JavaScript implementation of the Secure Hash Standard
* Version 0.3 Copyright Angel Marin 2003-2004 - http://anmar.eu.org/
* Derived from:
* A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined
* in FIPS PUB 180-1
* Version 2.1a Copyright Paul Johnston 2000 - 2002.
* Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
public class SHA256 extends SHABase implements IHash
{
protected static const k:Array = [
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2];
protected var h:Array = [
0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
];
public function SHA256(){
}
public override function getHashSize():uint
{
return 32;
}
protected override function core(x:Array, len:uint):Array {
/* append padding */
x[len >> 5] |= 0x80 << (24 - len % 32);
x[((len + 64 >> 9) << 4) + 15] = len;
var w:Array = [];
var a:uint = h[0];
var b:uint = h[1];
var c:uint = h[2];
var d:uint = h[3];
var e:uint = h[4];
var f:uint = h[5];
var g:uint = h[6];
var h:uint = h[7];
for (var i:uint=0; i<x.length; i+=16) {
var olda:uint = a;
var oldb:uint = b;
var oldc:uint = c;
var oldd:uint = d;
var olde:uint = e;
var oldf:uint = f;
var oldg:uint = g;
var oldh:uint = h;
for (var j:uint=0; j<64; j++) {
if (j<16) {
w[j] = x[i+j] || 0;
} else {
var s0:uint = rrol(w[j-15],7)^rrol(w[j-15],18)^(w[j-15]>>>3);
var s1:uint = rrol(w[j-2], 17)^rrol(w[j-2],19)^(w[j-2]>>>10);
w[j] = w[j-16] + s0 + w[j-7] + s1;
}
var t2:uint = (rrol(a,2) ^ rrol(a,13) ^ rrol(a,22)) + ((a&b) ^ (a&c) ^ (b&c));
var t1:uint = h + (rrol(e,6) ^ rrol(e,11) ^ rrol(e,25)) + ((e&f)^(g&~e)) + k[j] + w[j]
h = g;
g = f;
f = e;
e = d + t1;
d = c;
c = b;
b = a;
a = t1 + t2;
}
a += olda;
b += oldb;
c += oldc;
d += oldd;
e += olde;
f += oldf;
g += oldg;
h += oldh;
}
return [ a,b,c,d,e,f,g,h ];
}
/*
* Bitwise rotate a 32-bit number to the right.
*/
protected function rrol(num:uint, cnt:uint):uint {
return (num << (32-cnt)) | (num >>> cnt);
}
public override function toString():String {
return "sha256";
}
}
}
\ No newline at end of file
/**
* SHABase
*
* An ActionScript 3 abstract class for the SHA family of hash functions
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.hash
{
import flash.utils.ByteArray;
import flash.utils.Endian;
public class SHABase implements IHash
{
public function SHABase() { }
public var pad_size:int = 40;
public function getInputSize():uint
{
return 64;
}
public function getHashSize():uint
{
return 0;
}
public function getPadSize():int
{
return pad_size;
}
public function hash(src:ByteArray):ByteArray
{
var savedLength:uint = src.length;
var savedEndian:String = src.endian;
src.endian = Endian.BIG_ENDIAN;
var len:uint = savedLength *8;
// pad to nearest int.
while (src.length%4!=0) {
src[src.length]=0;
}
// convert ByteArray to an array of uint
src.position=0;
var a:Array = [];
for (var i:uint=0;i<src.length;i+=4) {
a.push(src.readUnsignedInt());
}
var h:Array = core(a, len);
var out:ByteArray = new ByteArray;
var words:uint = getHashSize()/4;
for (i=0;i<words;i++) {
out.writeUnsignedInt(h[i]);
}
// unpad, to leave the source untouched.
src.length = savedLength;
src.endian = savedEndian;
return out;
}
protected function core(x:Array, len:uint):Array {
return null;
}
public function toString():String {
return "sha";
}
}
}
/**
* ARC4
*
* An ActionScript 3 implementation of RC4
* Copyright (c) 2007 Henri Torgemane
*
* Derived from:
* The jsbn library, Copyright (c) 2003-2005 Tom Wu
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.prng
{
import com.hurlant.crypto.symmetric.IStreamCipher;
import com.hurlant.util.Memory;
import flash.utils.ByteArray;
public class ARC4 implements IPRNG, IStreamCipher {
private var i:int = 0;
private var j:int = 0;
private var S:ByteArray;
private const psize:uint = 256;
public function ARC4(key:ByteArray = null){
S = new ByteArray;
if (key) {
init(key);
}
}
public function getPoolSize():uint {
return psize;
}
public function init(key:ByteArray):void {
var i:int;
var j:int;
var t:int;
for (i=0; i<256; ++i) {
S[i] = i;
}
j=0;
for (i=0; i<256; ++i) {
j = (j + S[i] + key[i%key.length]) & 255;
t = S[i];
S[i] = S[j];
S[j] = t;
}
this.i=0;
this.j=0;
}
public function next():uint {
var t:int;
i = (i+1)&255;
j = (j+S[i])&255;
t = S[i];
S[i] = S[j];
S[j] = t;
return S[(t+S[i])&255];
}
public function getBlockSize():uint {
return 1;
}
public function encrypt(block:ByteArray):void {
var i:uint = 0;
while (i<block.length) {
block[i++] ^= next();
}
}
public function decrypt(block:ByteArray):void {
encrypt(block); // the beauty of XOR.
}
public function dispose():void {
var i:uint = 0;
if (S!=null) {
for (i=0;i<S.length;i++) {
S[i] = Math.random()*256;
}
S.length=0;
S = null;
}
this.i = 0;
this.j = 0;
Memory.gc();
}
public function toString():String {
return "rc4";
}
}
}
\ No newline at end of file
/**
* IPRNG
*
* An interface for classes that can be used a pseudo-random number generators
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.prng
{
import flash.utils.ByteArray;
public interface IPRNG {
function getPoolSize():uint;
function init(key:ByteArray):void;
function next():uint;
function dispose():void;
function toString():String;
}
}
\ No newline at end of file
/**
* Random
*
* An ActionScript 3 implementation of a Random Number Generator
* Copyright (c) 2007 Henri Torgemane
*
* Derived from:
* The jsbn library, Copyright (c) 2003-2005 Tom Wu
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.prng
{
import flash.utils.ByteArray;
import com.hurlant.util.Memory;
import flash.system.System;
import flash.system.Capabilities;
import flash.accessibility.AccessibilityProperties;
import flash.display.SWFVersion;
import flash.display.Stage;
import flash.utils.getTimer;
import flash.text.Font;
public class Random
{
private var state:IPRNG;
private var ready:Boolean = false;
private var pool:ByteArray;
private var psize:int;
private var pptr:int;
private var seeded:Boolean = false;
public function Random(prng:Class = null) {
if (prng==null) prng = ARC4;
state = new prng as IPRNG;
psize= state.getPoolSize();
pool = new ByteArray;
pptr = 0;
while (pptr <psize) {
var t:uint = 65536*Math.random();
pool[pptr++] = t >>> 8;
pool[pptr++] = t&255;
}
pptr=0;
seed();
}
public function seed(x:int = 0):void {
if (x==0) {
x = new Date().getTime();
}
pool[pptr++] ^= x & 255;
pool[pptr++] ^= (x>>8)&255;
pool[pptr++] ^= (x>>16)&255;
pool[pptr++] ^= (x>>24)&255;
pptr %= psize;
seeded = true;
}
/**
* Gather anything we have that isn't entirely predictable:
* - memory used
* - system capabilities
* - timing stuff
* - installed fonts
*/
public function autoSeed():void {
var b:ByteArray = new ByteArray;
b.writeUnsignedInt(System.totalMemory);
b.writeUTF(Capabilities.serverString);
b.writeUnsignedInt(getTimer());
b.writeUnsignedInt((new Date).getTime());
var a:Array = Font.enumerateFonts(true);
for each (var f:Font in a) {
b.writeUTF(f.fontName);
b.writeUTF(f.fontStyle);
b.writeUTF(f.fontType);
}
b.position=0;
while (b.bytesAvailable>=4) {
seed(b.readUnsignedInt());
}
}
public function nextBytes(buffer:ByteArray, length:int):void {
while (length--) {
buffer.writeByte(nextByte());
}
}
public function nextByte():int {
if (!ready) {
if (!seeded) {
autoSeed();
}
state.init(pool);
pool.length = 0;
pptr = 0;
ready = true;
}
return state.next();
}
public function dispose():void {
for (var i:uint=0;i<pool.length;i++) {
pool[i] = Math.random()*256;
}
pool.length=0;
pool = null;
state.dispose();
state = null;
psize = 0;
pptr = 0;
Memory.gc();
}
public function toString():String {
return "random-"+state.toString();
}
}
}
/**
* TLSPRF
*
* An ActionScript 3 implementation of a pseudo-random generator
* that follows the TLS specification
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.prng
{
import flash.utils.ByteArray;
import com.hurlant.crypto.hash.HMAC;
import com.hurlant.crypto.hash.MD5;
import com.hurlant.crypto.hash.SHA1;
import com.hurlant.util.Memory;
import com.hurlant.util.Hex;
import flash.utils.IDataOutput;
/**
* There's "Random", and then there's TLS Random.
* .
* Still Pseudo-random, though.
*/
public class TLSPRF
{
// XXX WAY TOO MANY STRUCTURES HERE
// seed
private var seed:ByteArray;
// P_MD5's secret
private var s1:ByteArray;
// P_SHA-1's secret
private var s2:ByteArray;
// HMAC_MD5's A
private var a1:ByteArray;
// HMAC_SHA1's A
private var a2:ByteArray;
// Pool for P_MD5
private var p1:ByteArray;
// Pool for P_SHA1
private var p2:ByteArray;
// Data for HMAC_MD5
private var d1:ByteArray;
// Data for HMAC_SHA1
private var d2:ByteArray;
private var hmac_md5:HMAC;
private var hmac_sha1:HMAC;
public function TLSPRF(secret:ByteArray, label:String, seed:ByteArray) {
var l:int = Math.ceil(secret.length/2);
var s1:ByteArray = new ByteArray;
var s2:ByteArray = new ByteArray;
s1.writeBytes(secret, 0, l);
s2.writeBytes(secret, secret.length-l, l);
var s:ByteArray = new ByteArray;
s.writeUTFBytes(label);
s.writeBytes(seed);
this.seed = s;
this.s1 = s1;
this.s2 = s2;
hmac_md5 = new HMAC(new MD5);
hmac_sha1 = new HMAC(new SHA1);
this.a1 = hmac_md5.compute(s1, this.seed);
this.a2 = hmac_sha1.compute(s2, this.seed);
p1 = new ByteArray;
p2 = new ByteArray;
d1 = new ByteArray;
d2 = new ByteArray;
d1.position = MD5.HASH_SIZE;
d1.writeBytes(this.seed);
d2.position = SHA1.HASH_SIZE;
d2.writeBytes(this.seed);
}
// XXX HORRIBLY SLOW. REWRITE.
public function nextBytes(buffer:IDataOutput, length:int):void {
while (length--) {
buffer.writeByte(nextByte());
}
}
public function nextByte():int {
if (p1.bytesAvailable==0) {
more_md5();
}
if (p2.bytesAvailable==0) {
more_sha1();
}
return p1.readUnsignedByte()^p2.readUnsignedByte();
}
public function dispose():void {
seed = dba(seed);
s1 = dba(s1);
s2 = dba(s2);
a1 = dba(a1);
a2 = dba(a2);
p1 = dba(p1);
p2 = dba(p2);
d1 = dba(d1);
d2 = dba(d2);
hmac_md5.dispose();
hmac_md5 = null;
hmac_sha1.dispose();
hmac_sha1 = null;
Memory.gc();
}
public function toString():String {
return "tls-prf";
}
private function dba(ba:ByteArray):ByteArray {
for (var i:uint=0;i<ba.length;i++) {
ba[i]=0;
}
ba.length=0;
return null;
}
private function more_md5():void {
d1.position=0;
d1.writeBytes(a1);
var p:int = p1.position;
var more:ByteArray = hmac_md5.compute(s1, d1);
a1 = hmac_md5.compute(s1, a1);
p1.writeBytes(more);
p1.position=p;
}
private function more_sha1():void {
d2.position=0;
d2.writeBytes(a2);
var p:int = p2.position;
var more:ByteArray = hmac_sha1.compute(s2, d2);
a2 = hmac_sha1.compute(s2, a2);
p2.writeBytes(more);
p2.position=p;
}
}
}
\ No newline at end of file
/**
* RSAKey
*
* An ActionScript 3 implementation of RSA + PKCS#1 (light version)
* Copyright (c) 2007 Henri Torgemane
*
* Derived from:
* The jsbn library, Copyright (c) 2003-2005 Tom Wu
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.rsa
{
import com.hurlant.crypto.prng.Random;
import com.hurlant.math.BigInteger;
import com.hurlant.util.Memory;
import flash.utils.ByteArray;
import com.hurlant.crypto.hash.IHash;
import com.hurlant.util.Hex;
import com.hurlant.util.der.DER;
import com.hurlant.util.der.OID;
import com.hurlant.util.ArrayUtil;
import com.hurlant.util.der.Type;
import com.hurlant.util.der.Sequence;
import com.hurlant.util.der.ObjectIdentifier;
import com.hurlant.util.der.ByteString;
import com.hurlant.crypto.tls.TLSError;
/**
* Current limitations:
* exponent must be smaller than 2^31.
*/
public class RSAKey
{
// public key
public var e:int; // public exponent. must be <2^31
public var n:BigInteger; // modulus
// private key
public var d:BigInteger;
// extended private key
public var p:BigInteger;
public var q:BigInteger;
public var dmp1:BigInteger
public var dmq1:BigInteger;
public var coeff:BigInteger;
// flags. flags are cool.
protected var canDecrypt:Boolean;
protected var canEncrypt:Boolean;
public function RSAKey(N:BigInteger, E:int,
D:BigInteger=null,
P:BigInteger = null, Q:BigInteger=null,
DP:BigInteger=null, DQ:BigInteger=null,
C:BigInteger=null) {
this.n = N;
this.e = E;
this.d = D;
this.p = P;
this.q = Q;
this.dmp1 = DP;
this.dmq1 = DQ;
this.coeff = C;
// adjust a few flags.
canEncrypt = (n!=null&&e!=0);
canDecrypt = (canEncrypt&&d!=null);
}
public static function parsePublicKey(N:String, E:String):RSAKey {
return new RSAKey(new BigInteger(N, 16, true), parseInt(E,16));
}
public static function parsePrivateKey(N:String, E:String, D:String,
P:String=null,Q:String=null, DMP1:String=null, DMQ1:String=null, IQMP:String=null):RSAKey {
if (P==null) {
return new RSAKey(new BigInteger(N,16, true), parseInt(E,16), new BigInteger(D,16, true));
} else {
return new RSAKey(new BigInteger(N,16, true), parseInt(E,16), new BigInteger(D,16, true),
new BigInteger(P,16, true), new BigInteger(Q,16, true),
new BigInteger(DMP1,16, true), new BigInteger(DMQ1, 16, true),
new BigInteger(IQMP, 16, true));
}
}
public function getBlockSize():uint {
return (n.bitLength()+7)/8;
}
public function dispose():void {
e = 0;
n.dispose();
n = null;
Memory.gc();
}
public function encrypt(src:ByteArray, dst:ByteArray, length:uint, pad:Function=null):void {
_encrypt(doPublic, src, dst, length, pad, 0x02);
}
public function decrypt(src:ByteArray, dst:ByteArray, length:uint, pad:Function=null):void {
_decrypt(doPrivate2, src, dst, length, pad, 0x02);
}
public function sign(src:ByteArray, dst:ByteArray, length:uint, pad:Function = null):void {
_encrypt(doPrivate2, src, dst, length, pad, 0x01);
}
public function verify(src:ByteArray, dst:ByteArray, length:uint, pad:Function = null):void {
_decrypt(doPublic, src, dst, length, pad, 0x01);
}
private function _encrypt(op:Function, src:ByteArray, dst:ByteArray, length:uint, pad:Function, padType:int):void {
// adjust pad if needed
if (pad==null) pad = pkcs1pad;
// convert src to BigInteger
if (src.position >= src.length) {
src.position = 0;
}
var bl:uint = getBlockSize();
var end:int = src.position + length;
while (src.position<end) {
var block:BigInteger = new BigInteger(pad(src, end, bl, padType), bl, true);
var chunk:BigInteger = op(block);
chunk.toArray(dst);
}
}
private function _decrypt(op:Function, src:ByteArray, dst:ByteArray, length:uint, pad:Function, padType:int):void {
// adjust pad if needed
if (pad==null) pad = pkcs1unpad;
// convert src to BigInteger
if (src.position >= src.length) {
src.position = 0;
}
var bl:uint = getBlockSize();
var end:int = src.position + length;
while (src.position<end) {
var block:BigInteger = new BigInteger(src, bl, true);
var chunk:BigInteger = op(block);
var b:ByteArray = pad(chunk, bl, padType);
if (b == null)
throw new TLSError( "Decrypt error - padding function returned null!", TLSError.decode_error );
// if (b != null)
dst.writeBytes(b);
}
}
/**
* PKCS#1 pad. type 1 (0xff) or 2, random.
* puts as much data from src into it, leaves what doesn't fit alone.
*/
private function pkcs1pad(src:ByteArray, end:int, n:uint, type:uint = 0x02):ByteArray {
var out:ByteArray = new ByteArray;
var p:uint = src.position;
end = Math.min(end, src.length, p+n-11);
src.position = end;
var i:int = end-1;
while (i>=p && n>11) {
out[--n] = src[i--];
}
out[--n] = 0;
if (type==0x02) { // type 2
var rng:Random = new Random;
var x:int = 0;
while (n>2) {
do {
x = rng.nextByte();
} while (x==0);
out[--n] = x;
}
} else { // type 1
while (n>2) {
out[--n] = 0xFF;
}
}
out[--n] = type;
out[--n] = 0;
return out;
}
/**
*
* @param src
* @param n
* @param type Not used.
* @return
*
*/
private function pkcs1unpad(src:BigInteger, n:uint, type:uint = 0x02):ByteArray {
var b:ByteArray = src.toByteArray();
var out:ByteArray = new ByteArray;
b.position = 0;
var i:int = 0;
while (i<b.length && b[i]==0) ++i;
if (b.length-i != n-1 || b[i]!=type) {
trace("PKCS#1 unpad: i="+i+", expected b[i]=="+type+", got b[i]="+b[i].toString(16));
return null;
}
++i;
while (b[i]!=0) {
if (++i>=b.length) {
trace("PKCS#1 unpad: i="+i+", b[i-1]!=0 (="+b[i-1].toString(16)+")");
return null;
}
}
while (++i < b.length) {
out.writeByte(b[i]);
}
out.position = 0;
return out;
}
/**
* Raw pad.
*/
public function rawpad(src:ByteArray, end:int, n:uint, type:uint = 0):ByteArray {
return src;
}
public function rawunpad(src:BigInteger, n:uint, type:uint = 0):ByteArray {
return src.toByteArray();
}
public function toString():String {
return "rsa";
}
public function dump():String {
var s:String= "N="+n.toString(16)+"\n"+
"E="+e.toString(16)+"\n";
if (canDecrypt) {
s+="D="+d.toString(16)+"\n";
if (p!=null && q!=null) {
s+="P="+p.toString(16)+"\n";
s+="Q="+q.toString(16)+"\n";
s+="DMP1="+dmp1.toString(16)+"\n";
s+="DMQ1="+dmq1.toString(16)+"\n";
s+="IQMP="+coeff.toString(16)+"\n";
}
}
return s;
}
/**
*
* note: We should have a "nice" variant of this function that takes a callback,
* and perform the computation is small fragments, to keep the web browser
* usable.
*
* @param B
* @param E
* @return a new random private key B bits long, using public expt E
*
*/
public static function generate(B:uint, E:String):RSAKey {
var rng:Random = new Random;
var qs:uint = B>>1;
var key:RSAKey = new RSAKey(null,0,null);
key.e = parseInt(E, 16);
var ee:BigInteger = new BigInteger(E,16, true);
for (;;) {
for (;;) {
key.p = bigRandom(B-qs, rng);
if (key.p.subtract(BigInteger.ONE).gcd(ee).compareTo(BigInteger.ONE)==0 &&
key.p.isProbablePrime(10)) break;
}
for (;;) {
key.q = bigRandom(qs, rng);
if (key.q.subtract(BigInteger.ONE).gcd(ee).compareTo(BigInteger.ONE)==0 &&
key.q.isProbablePrime(10)) break;
}
if (key.p.compareTo(key.q)<=0) {
var t:BigInteger = key.p;
key.p = key.q;
key.q = t;
}
var p1:BigInteger = key.p.subtract(BigInteger.ONE);
var q1:BigInteger = key.q.subtract(BigInteger.ONE);
var phi:BigInteger = p1.multiply(q1);
if (phi.gcd(ee).compareTo(BigInteger.ONE)==0) {
key.n = key.p.multiply(key.q);
key.d = ee.modInverse(phi);
key.dmp1 = key.d.mod(p1);
key.dmq1 = key.d.mod(q1);
key.coeff = key.q.modInverse(key.p);
break;
}
}
return key;
}
protected static function bigRandom(bits:int, rnd:Random):BigInteger {
if (bits<2) return BigInteger.nbv(1);
var x:ByteArray = new ByteArray;
rnd.nextBytes(x, (bits>>3));
x.position = 0;
var b:BigInteger = new BigInteger(x,0,true);
b.primify(bits, 1);
return b;
}
protected function doPublic(x:BigInteger):BigInteger {
return x.modPowInt(e, n);
}
protected function doPrivate2(x:BigInteger):BigInteger {
if (p==null && q==null) {
return x.modPow(d,n);
}
var xp:BigInteger = x.mod(p).modPow(dmp1, p);
var xq:BigInteger = x.mod(q).modPow(dmq1, q);
while (xp.compareTo(xq)<0) {
xp = xp.add(p);
}
var r:BigInteger = xp.subtract(xq).multiply(coeff).mod(p).multiply(q).add(xq);
return r;
}
protected function doPrivate(x:BigInteger):BigInteger {
if (p==null || q==null) {
return x.modPow(d, n);
}
// TODO: re-calculate any missing CRT params
var xp:BigInteger = x.mod(p).modPow(dmp1, p);
var xq:BigInteger = x.mod(q).modPow(dmq1, q);
while (xp.compareTo(xq)<0) {
xp = xp.add(p);
}
return xp.subtract(xq).multiply(coeff).mod(p).multiply(q).add(xq);
}
}
}
\ No newline at end of file
/**
* CBCMode
*
* An ActionScript 3 implementation of the CBC confidentiality mode
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.symmetric
{
import flash.utils.ByteArray;
/**
* CBC confidentiality mode. why not.
*/
public class CBCMode extends IVMode implements IMode
{
public function CBCMode(key:ISymmetricKey, padding:IPad = null) {
super(key, padding);
}
public function encrypt(src:ByteArray):void {
padding.pad(src);
var vector:ByteArray = getIV4e();
for (var i:uint=0;i<src.length;i+=blockSize) {
for (var j:uint=0;j<blockSize;j++) {
src[i+j] ^= vector[j];
}
key.encrypt(src, i);
vector.position=0;
vector.writeBytes(src, i, blockSize);
}
}
public function decrypt(src:ByteArray):void {
var vector:ByteArray = getIV4d();
var tmp:ByteArray = new ByteArray;
for (var i:uint=0;i<src.length;i+=blockSize) {
tmp.position=0;
tmp.writeBytes(src, i, blockSize);
key.decrypt(src, i);
for (var j:uint=0;j<blockSize;j++) {
src[i+j] ^= vector[j];
}
vector.position=0;
vector.writeBytes(tmp, 0, blockSize);
}
padding.unpad(src);
}
public function toString():String {
return key.toString()+"-cbc";
}
}
}
/**
* CFB8Mode
*
* An ActionScript 3 implementation of the CFB-8 confidentiality mode
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.symmetric
{
import com.hurlant.crypto.tests.TestCase;
import flash.utils.ByteArray;
/**
*
* Note: The constructor accepts an optional padding argument, but ignores it otherwise.
*/
public class CFB8Mode extends IVMode implements IMode
{
public function CFB8Mode(key:ISymmetricKey, padding:IPad = null) {
super(key, null);
}
public function encrypt(src:ByteArray):void {
var vector:ByteArray = getIV4e();
var tmp:ByteArray = new ByteArray;
for (var i:uint=0;i<src.length;i++) {
tmp.position = 0;
tmp.writeBytes(vector);
key.encrypt(vector);
src[i] ^= vector[0];
// rotate
for (var j:uint=0;j<blockSize-1;j++) {
vector[j] = tmp[j+1];
}
vector[blockSize-1] = src[i];
}
}
public function decrypt(src:ByteArray):void {
var vector:ByteArray = getIV4d();
var tmp:ByteArray = new ByteArray;
for (var i:uint=0;i<src.length;i++) {
var c:uint = src[i];
tmp.position = 0;
tmp.writeBytes(vector); // I <- tmp
key.encrypt(vector); // O <- vector
src[i] ^= vector[0];
// rotate
for (var j:uint=0;j<blockSize-1;j++) {
vector[j] = tmp[j+1];
}
vector[blockSize-1] = c;
}
}
public function toString():String {
return key.toString()+"-cfb8";
}
}
}
\ No newline at end of file
/**
* CFBMode
*
* An ActionScript 3 implementation of the CFB confidentiality mode
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.symmetric
{
import flash.utils.ByteArray;
/**
* This is the "full" CFB.
* CFB1 and CFB8 are hiding somewhere else.
*
* Note: The constructor accepts an optional padding argument, but ignores it otherwise.
*/
public class CFBMode extends IVMode implements IMode
{
public function CFBMode(key:ISymmetricKey, padding:IPad = null) {
super(key,null);
}
public function encrypt(src:ByteArray):void
{
var l:uint = src.length;
var vector:ByteArray = getIV4e();
for (var i:uint=0;i<src.length;i+=blockSize) {
key.encrypt(vector);
var chunk:uint = (i+blockSize<l)?blockSize:l-i;
for (var j:uint=0;j<chunk;j++) {
src[i+j] ^= vector[j];
}
vector.position=0;
vector.writeBytes(src, i, chunk);
}
}
public function decrypt(src:ByteArray):void
{
var l:uint = src.length;
var vector:ByteArray = getIV4d();
var tmp:ByteArray = new ByteArray;
for (var i:uint=0;i<src.length;i+=blockSize) {
key.encrypt(vector);
var chunk:uint = (i+blockSize<l)?blockSize:l-i;
tmp.position=0;
tmp.writeBytes(src, i, chunk);
for (var j:uint=0;j<chunk;j++) {
src[i+j] ^= vector[j];
}
vector.position=0;
vector.writeBytes(tmp);
}
}
public function toString():String {
return key.toString()+"-cfb";
}
}
}
\ No newline at end of file
/**
* CTRMode
*
* An ActionScript 3 implementation of the counter confidentiality mode
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.symmetric
{
import flash.utils.ByteArray;
public class CTRMode extends IVMode implements IMode
{
public function CTRMode(key:ISymmetricKey, padding:IPad = null) {
super(key, padding);
}
public function encrypt(src:ByteArray):void
{
padding.pad(src);
var vector:ByteArray = getIV4e();
core(src, vector);
}
public function decrypt(src:ByteArray):void
{
var vector:ByteArray = getIV4d();
core(src, vector);
padding.unpad(src);
}
private function core(src:ByteArray, iv:ByteArray):void {
var X:ByteArray = new ByteArray;
var Xenc:ByteArray = new ByteArray;
X.writeBytes(iv);
for (var i:uint=0;i<src.length;i+=blockSize) {
Xenc.position=0;
Xenc.writeBytes(X);
key.encrypt(Xenc);
for (var j:uint=0;j<blockSize;j++) {
src[i+j] ^= Xenc[j];
}
for (j=blockSize-1;j>=0;--j) {
X[j]++;
if (X[j]!=0)
break;
}
}
}
public function toString():String {
return key.toString()+"-ctr";
}
}
}
\ No newline at end of file
/**
* ECBMode
*
* An ActionScript 3 implementation of the ECB confidentiality mode
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.symmetric
{
import flash.utils.ByteArray;
import com.hurlant.util.Memory;
import com.hurlant.util.Hex;
/**
* ECB mode.
* This uses a padding and a symmetric key.
* If no padding is given, PKCS#5 is used.
*/
public class ECBMode implements IMode, ICipher
{
private var key:ISymmetricKey;
private var padding:IPad;
public function ECBMode(key:ISymmetricKey, padding:IPad = null) {
this.key = key;
if (padding == null) {
padding = new PKCS5(key.getBlockSize());
} else {
padding.setBlockSize(key.getBlockSize());
}
this.padding = padding;
}
public function getBlockSize():uint {
return key.getBlockSize();
}
public function encrypt(src:ByteArray):void {
padding.pad(src);
src.position = 0;
var blockSize:uint = key.getBlockSize();
var tmp:ByteArray = new ByteArray;
var dst:ByteArray = new ByteArray;
for (var i:uint=0;i<src.length;i+=blockSize) {
tmp.length=0;
src.readBytes(tmp, 0, blockSize);
key.encrypt(tmp);
dst.writeBytes(tmp);
}
src.length=0;
src.writeBytes(dst);
}
public function decrypt(src:ByteArray):void {
src.position = 0;
var blockSize:uint = key.getBlockSize();
// sanity check.
if (src.length%blockSize!=0) {
throw new Error("ECB mode cipher length must be a multiple of blocksize "+blockSize);
}
var tmp:ByteArray = new ByteArray;
var dst:ByteArray = new ByteArray;
for (var i:uint=0;i<src.length;i+=blockSize) {
tmp.length=0;
src.readBytes(tmp, 0, blockSize);
key.decrypt(tmp);
dst.writeBytes(tmp);
}
padding.unpad(dst);
src.length=0;
src.writeBytes(dst);
}
public function dispose():void {
key.dispose();
key = null;
padding = null;
Memory.gc();
}
public function toString():String {
return key.toString()+"-ecb";
}
}
}
\ No newline at end of file
/**
* ICipher
*
* A generic interface to use symmetric ciphers
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.symmetric
{
import flash.utils.ByteArray;
public interface ICipher
{
function getBlockSize():uint;
function encrypt(src:ByteArray):void;
function decrypt(src:ByteArray):void;
function dispose():void;
function toString():String;
}
}
\ No newline at end of file
/**
* IMode
*
* An interface for confidentiality modes to implement
* This could become deprecated at some point.
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.symmetric
{
public interface IMode extends ICipher
{
}
}
\ No newline at end of file
/**
* IPad
*
* An interface for padding mechanisms to implement.
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.symmetric
{
import flash.utils.ByteArray;
/**
* Tiny interface that represents a padding mechanism.
*/
public interface IPad
{
/**
* Add padding to the array
*/
function pad(a:ByteArray):void;
/**
* Remove padding from the array.
* @throws Error if the padding is invalid.
*/
function unpad(a:ByteArray):void;
/**
* Set the blockSize to work on
*/
function setBlockSize(bs:uint):void;
}
}
\ No newline at end of file
/**
* IStreamCipher
*
* A "marker" interface for stream ciphers.
* Copyright (c) 2007 Henri Torgemane
*
* See LICENSE.txt for full license information.
*/
package com.hurlant.crypto.symmetric {
/**
* A marker to indicate how this cipher works.
* A stream cipher:
* - does not use initialization vector
* - keeps some internal state between calls to encrypt() and decrypt()
*
*/
public interface IStreamCipher extends ICipher {
}
}
\ No newline at end of file
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment