File: sjcl.js

"use strict";var sjcl={cipher:{},hash:{},mode:{},misc:{},codec:{},exception:{corrupt:function(a){this.toString=function(){return"CORRUPT: "+this.message};this.message=a},invalid:function(a){this.toString=function(){return"INVALID: "+this.message};this.message=a},bug:function(a){this.toString=function(){return"BUG: "+this.message};this.message=a}}};
sjcl.cipher.aes=function(a){this.a[0][0][0]||this.h();var b,c,d,e,g=this.a[0][4],f=this.a[1];b=a.length;var h=1;if(b!==4&&b!==6&&b!==8)throw new sjcl.exception.invalid("invalid aes key size");this.g=[d=a.slice(0),e=[]];for(a=b;a<4*b+28;a++){c=d[a-1];if(a%b===0||b===8&&a%b===4){c=g[c>>>24]<<24^g[c>>16&255]<<16^g[c>>8&255]<<8^g[c&255];if(a%b===0){c=c<<8^c>>>24^h<<24;h=h<<1^(h>>7)*283}}d[a]=d[a-b]^c}for(b=0;a;b++,a--){c=d[b&3?a:a-4];e[b]=a<=4||b<4?c:f[0][g[c>>>24]]^f[1][g[c>>16&255]]^f[2][g[c>>8&255]]^
f[3][g[c&255]]}};
sjcl.cipher.aes.prototype={encrypt:function(a){return this.e(a,0)},decrypt:function(a){return this.e(a,1)},a:[[[],[],[],[],[]],[[],[],[],[],[]]],h:function(){var a=this.a[0],b=this.a[1],c=a[4],d=b[4],e,g,f,h=[],l=[],k,j,i,m;for(e=0;e<0x100;e++)l[(h[e]=e<<1^(e>>7)*283)^e]=e;for(g=f=0;!c[g];g^=k||1,f=l[f]||1){i=f^f<<1^f<<2^f<<3^f<<4;i=i>>8^i&255^99;c[g]=i;d[i]=g;j=h[e=h[k=h[g]]];m=j*0x1010101^e*0x10001^k*0x101^g*0x1010100;j=h[i]*0x101^i*0x1010100;for(e=0;e<4;e++){a[e][g]=j=j<<24^j>>>8;b[e][i]=m=m<<24^m>>>8}}for(e=
0;e<5;e++){a[e]=a[e].slice(0);b[e]=b[e].slice(0)}},e:function(a,b){if(a.length!==4)throw new sjcl.exception.invalid("invalid aes block size");var c=this.g[b],d=a[0]^c[0],e=a[b?3:1]^c[1],g=a[2]^c[2];a=a[b?1:3]^c[3];var f,h,l,k=c.length/4-2,j,i=4,m=[0,0,0,0];f=this.a[b];var n=f[0],o=f[1],p=f[2],q=f[3],r=f[4];for(j=0;j<k;j++){f=n[d>>>24]^o[e>>16&255]^p[g>>8&255]^q[a&255]^c[i];h=n[e>>>24]^o[g>>16&255]^p[a>>8&255]^q[d&255]^c[i+1];l=n[g>>>24]^o[a>>16&255]^p[d>>8&255]^q[e&255]^c[i+2];a=n[a>>>24]^o[d>>16&
255]^p[e>>8&255]^q[g&255]^c[i+3];i+=4;d=f;e=h;g=l}for(j=0;j<4;j++){m[b?3&-j:j]=r[d>>>24]<<24^r[e>>16&255]<<16^r[g>>8&255]<<8^r[a&255]^c[i++];f=d;d=e;e=g;g=a;a=f}return m}};
sjcl.bitArray={bitSlice:function(a,b,c){a=sjcl.bitArray.f(a.slice(b/32),32-(b&31)).slice(1);return c===undefined?a:sjcl.bitArray.clamp(a,c-b)},concat:function(a,b){if(a.length===0||b.length===0)return a.concat(b);var c=a[a.length-1],d=sjcl.bitArray.getPartial(c);return d===32?a.concat(b):sjcl.bitArray.f(b,d,c|0,a.slice(0,a.length-1))},bitLength:function(a){var b=a.length;if(b===0)return 0;return(b-1)*32+sjcl.bitArray.getPartial(a[b-1])},clamp:function(a,b){if(a.length*32<b)return a;a=a.slice(0,Math.ceil(b/
32));var c=a.length;b&=31;if(c>0&&b)a[c-1]=sjcl.bitArray.partial(b,a[c-1]&2147483648>>b-1,1);return a},partial:function(a,b,c){if(a===32)return b;return(c?b|0:b<<32-a)+a*0x10000000000},getPartial:function(a){return Math.round(a/0x10000000000)||32},equal:function(a,b){if(sjcl.bitArray.bitLength(a)!==sjcl.bitArray.bitLength(b))return false;var c=0,d;for(d=0;d<a.length;d++)c|=a[d]^b[d];return c===0},f:function(a,b,c,d){var e;e=0;if(d===undefined)d=[];for(;b>=32;b-=32){d.push(c);c=0}if(b===0)return d.concat(a);
for(e=0;e<a.length;e++){d.push(c|a[e]>>>b);c=a[e]<<32-b}e=a.length?a[a.length-1]:0;a=sjcl.bitArray.getPartial(e);d.push(sjcl.bitArray.partial(b+a&31,b+a>32?c:d.pop(),1));return d},c:function(a,b){return[a[0]^b[0],a[1]^b[1],a[2]^b[2],a[3]^b[3]]}};
sjcl.codec.utf8String={fromBits:function(a){var b="",c=sjcl.bitArray.bitLength(a),d,e;for(d=0;d<c/8;d++){if((d&3)===0)e=a[d/4];b+=String.fromCharCode(e>>>24);e<<=8}return decodeURIComponent(escape(b))},toBits:function(a){a=unescape(encodeURIComponent(a));var b=[],c,d=0;for(c=0;c<a.length;c++){d=d<<8|a.charCodeAt(c);if((c&3)===3){b.push(d);d=0}}c&3&&b.push(sjcl.bitArray.partial(8*(c&3),d));return b}};
sjcl.codec.base64={d:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",fromBits:function(a,b){var c="",d,e=0,g=sjcl.codec.base64.d,f=0,h=sjcl.bitArray.bitLength(a);for(d=0;c.length*6<h;){c+=g.charAt((f^a[d]>>>e)>>>26);if(e<6){f=a[d]<<6-e;e+=26;d++}else{f<<=6;e-=6}}for(;c.length&3&&!b;)c+="=";return c},toBits:function(a){a=a.replace(/\s|=/g,"");var b=[],c,d=0,e=sjcl.codec.base64.d,g=0,f;for(c=0;c<a.length;c++){f=e.indexOf(a.charAt(c));if(f<0)throw new sjcl.exception.invalid("this isn't base64!");
if(d>26){d-=26;b.push(g^f>>>d);g=f<<32-d}else{d+=6;g^=f<<32-d}}d&56&&b.push(sjcl.bitArray.partial(d&56,g,1));return b}};
sjcl.mode.ocb2={name:"ocb2",encrypt:function(a,b,c,d,e,g){if(sjcl.bitArray.bitLength(c)!==128)throw new sjcl.exception.invalid("ocb iv must be 128 bits");var f,h=sjcl.mode.ocb2.b,l=sjcl.bitArray,k=l.c,j=[0,0,0,0];c=h(a.encrypt(c));var i,m=[];d=d||[];e=e||64;for(f=0;f+4<b.length;f+=4){i=b.slice(f,f+4);j=k(j,i);m=m.concat(k(c,a.encrypt(k(c,i))));c=h(c)}i=b.slice(f);b=l.bitLength(i);f=a.encrypt(k(c,[0,0,0,b]));i=l.clamp(k(i,f),b);j=k(j,k(i,f));j=a.encrypt(k(j,k(c,h(c))));if(d.length)j=k(j,g?d:sjcl.mode.ocb2.pmac(a,
d));return m.concat(l.concat(i,l.clamp(j,e)))},decrypt:function(a,b,c,d,e,g){if(sjcl.bitArray.bitLength(c)!==128)throw new sjcl.exception.invalid("ocb iv must be 128 bits");e=e||64;var f=sjcl.mode.ocb2.b,h=sjcl.bitArray,l=h.c,k=[0,0,0,0],j=f(a.encrypt(c)),i,m,n=sjcl.bitArray.bitLength(b)-e,o=[];d=d||[];for(c=0;c+4<n/32;c+=4){i=l(j,a.decrypt(l(j,b.slice(c,c+4))));k=l(k,i);o=o.concat(i);j=f(j)}m=n-c*32;i=a.encrypt(l(j,[0,0,0,m]));i=l(i,h.clamp(b.slice(c),m));k=l(k,i);k=a.encrypt(l(k,l(j,f(j))));if(d.length)k=
l(k,g?d:sjcl.mode.ocb2.pmac(a,d));h.equal(h.clamp(k,e),h.bitSlice(b,n))||alert("bad tag");return o.concat(h.clamp(i,m))},pmac:function(a,b){var c,d=sjcl.mode.ocb2.b,e=sjcl.bitArray,g=e.c,f=[0,0,0,0],h=a.encrypt([0,0,0,0]);h=g(h,d(d(h)));for(c=0;c+4<b.length;c+=4){h=d(h);f=g(f,a.encrypt(g(h,b.slice(c,c+4))))}b=b.slice(c);if(e.bitLength(b)<128){h=g(h,d(h));b=e.concat(b,[2147483648|0])}f=g(f,b);return a.encrypt(g(d(g(h,d(h))),f))},b:function(a){return[a[0]<<1^a[1]>>>31,a[1]<<1^a[2]>>>31,a[2]<<1^a[3]>>>
31,a[3]<<1^(a[0]>>>31)*135]}};