/** * com.sekati.crypt.Rijndael * @version 1.0.5 * @author jason m horwitz | sekati.com * Copyright (C) 2007 jason m horwitz, Sekat LLC. All Rights Reserved. * Released under the MIT License: http://www.opensource.org/licenses/mit-license.php * * Sourced from ascrypt for dependencies only - version 2.0, author Mika Pamu * Original Javascript implementation:Fritz Schneider, University of California * Algorithm: Joan Daemen and Vincent Rijmen * @see http://www.cs.ucsd.edu/~fritz/rijndael.html */ import com.sekati.crypt.ICipher; /** * Encrypts and decrypts text with the Rijndael algorithm. */ class com.sekati.crypt.Rijndael implements ICipher { private var roundsArray:Array; private var shiftOffsets:Array; private var Nr:Number, Nk:Number, Nb:Number; private var Rcon:Array = [ 0x01, 0x02, 0x04, 0x08, 0x10, 0x20,0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8,0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc,0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4,0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91 ]; private var SBox:Array = [ 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118, 202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192, 183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21, 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117, 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132, 83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207, 208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168, 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210, 205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115, 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219, 224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121, 231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8, 186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138, 112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158, 225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223, 140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22 ]; private var SBoxInverse:Array = [ 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243, 215, 251, 124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68, 196, 222, 233, 203, 84, 123, 148, 50, 166, 194, 35, 61, 238, 76, 149, 11, 66, 250, 195, 78, 8, 46, 161, 102, 40, 217, 36, 178, 118, 91, 162, 73, 109, 139, 209, 37, 114, 248, 246, 100, 134, 104, 152, 22, 212, 164, 92, 204, 93, 101, 182, 146, 108, 112, 72, 80, 253, 237, 185, 218, 94, 21, 70, 87, 167, 141, 157, 132, 144, 216, 171, 0, 140, 188, 211, 10, 247, 228, 88, 5, 184, 179, 69, 6, 208, 44, 30, 143, 202, 63, 15, 2, 193, 175, 189, 3, 1, 19, 138, 107, 58, 145, 17, 65, 79, 103,220, 234, 151, 242, 207, 206, 240, 180, 230, 115, 150, 172, 116, 34, 231, 173, 53, 133, 226, 249, 55, 232, 28, 117, 223, 110, 71, 241, 26, 113, 29, 41, 197, 137, 111, 183, 98, 14, 170, 24, 190, 27, 252, 86, 62, 75, 198, 210, 121, 32, 154, 219, 192, 254, 120, 205, 90, 244, 31, 221, 168, 51, 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95, 96, 81, 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239, 160, 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83, 153, 97, 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99, 85, 33, 12, 125 ]; public var blockSize:Number = 128; public var keySize:Number = 128; /** * Constructor */ public function Rijndael(keySize:Number, blockSize:Number) { if (keySize != null) this.keySize = keySize; if (blockSize != null) this.blockSize = blockSize; this.roundsArray = [ 0,0,0,0,[ 0,0,0,0,10,0,12,0,14 ],0,[ 0,0,0,0,12,0,12,0,14 ],0,[ 0,0,0,0,14,0,14,0,14 ] ]; this.shiftOffsets = [ 0,0,0,0,[ 0,1,2,3 ],0,[ 0,1,2,3 ],0,[ 0,1,3,4 ] ]; this.Nb = blockSize / 32; this.Nk = keySize / 32; this.Nr = this.roundsArray[this.Nk][this.Nb]; } /** * Encrypts a string with the specified key and mode. */ public function encrypt(src:String, key:String, mode:String):String { var ct:Array = new Array( ); var aBlock:Array = new Array( ); var bpb:Number = this.blockSize / 8; if (mode == "CBC") ct = this.getRandomBytes( bpb ); var chars:Array = this.formatPlaintext( strToChars( src ) ); var expandedKey:Array = this.keyExpansion( strToChars( key ) ); for (var block:Number = 0; block < chars.length / bpb ; block++) { aBlock = chars.slice( block * bpb, (block + 1) * bpb ); if (mode == "CBC") { for (var i:Number = 0; i < bpb ; i++) { aBlock[i] ^= ct[block * bpb + i]; } } ct = ct.concat( this.encryption( aBlock, expandedKey ) ); } return charsToHex( ct ); } /** * Decrypts a string with the specified key and mode. */ public function decrypt(src:String, key:String, mode:String):String { var pt:Array = new Array( ); var aBlock:Array = new Array( ); var chars:Array = hexToChars( src ); var bpb:Number = this.blockSize / 8; var expandedKey:Array = this.keyExpansion( strToChars( key ) ); for (var block:Number = (chars.length / bpb) - 1; block > 0 ; block--) { aBlock = decryption( chars.slice( block * bpb, (block + 1) * bpb ), expandedKey ); if(mode == "CBC") { for (var i:Number = 0; i < bpb ; i++) { pt[(block - 1) * bpb + i] = aBlock[i] ^ chars[(block - 1) * bpb + i]; } } else pt = aBlock.concat( pt ); } if (mode == "ECB") { pt = this.decryption( chars.slice( 0, bpb ), expandedKey ).concat( pt ); } return charsToStr( pt ); } private function cyclicShiftLeft(src:Array, pos:Number):Array { var temp:Array = src.slice( 0, pos ); src = src.slice( pos ).concat( temp ); return src; } private function xtime(poly:Number):Number { poly <<= 1; return ((poly & 0x100) ? (poly ^ 0x11B) : (poly)); } private function mult_GF256(x:Number, y:Number):Number { var result:Number = 0; for (var bit:Number = 1; bit < 256 ; bit *= 2, y = xtime( y )) { if(x & bit) result ^= y; } return result; } private function byteSub(state:Array, dir:String):Void { var S:Array; if(dir == "encrypt") S = this.SBox; else S = this.SBoxInverse; for (var i:Number = 0; i < 4 ; i++) { for (var j:Number = 0; j < this.Nb ; j++) state[i][j] = S[state[i][j]]; } } private function shiftRow(state:Array, dir:String):Void { for (var i:Number = 1; i < 4 ; i++) { if (dir == "encrypt") state[i] = this.cyclicShiftLeft( state[i], this.shiftOffsets[Nb][i] ); else state[i] = this.cyclicShiftLeft( state[i], this.Nb - this.shiftOffsets[Nb][i] ); } } private function mixColumn(state:Array, dir:String):Void { var b:Array = new Array( ); var i:Number; for (var j:Number = 0; j < this.Nb ; j++) { for(i = 0; i < 4 ; i++) { if (dir == "encrypt") b[i] = this.mult_GF256( state[i][j], 2 ) ^ this.mult_GF256( state[(i + 1) % 4][j], 3 ) ^ state[(i + 2) % 4][j] ^ state[(i + 3) % 4][j]; else b[i] = this.mult_GF256( state[i][j], 0xE ) ^ this.mult_GF256( state[(i + 1) % 4][j], 0xB ) ^ this.mult_GF256( state[(i + 2) % 4][j], 0xD ) ^ this.mult_GF256( state[(i + 3) % 4][j], 9 ); } for (i = 0; i < 4 ; i++) { state[i][j] = b[i]; } } } private function addRoundKey(state:Array, roundKey:Array):Void { for (var j:Number = 0; j < this.Nb ; j++) { state[0][j] ^= (roundKey[j] & 0xFF); state[1][j] ^= ((roundKey[j] >> 8) & 0xFF); state[2][j] ^= ((roundKey[j] >> 16) & 0xFF); state[3][j] ^= ((roundKey[j] >> 24) & 0xFF); } } private function keyExpansion(key:Array):Array { var temp:Number = 0; var j:Number; this.Nk = this.keySize / 32; this.Nb = this.blockSize / 32; var expandedKey:Array = new Array( ); this.Nr = this.roundsArray[this.Nk][this.Nb]; for (j = 0; j < this.Nk ; j++) expandedKey[j] = (key[4 * j]) | (key[4 * j + 1] << 8) | (key[4 * j + 2] << 16) | (key[4 * j + 3] << 24); for (j = this.Nk; j < this.Nb * (this.Nr + 1) ; j++) { temp = expandedKey[j - 1]; if (j % this.Nk == 0) temp = ( (this.SBox[(temp >> 8) & 0xFF]) | (this.SBox[(temp >> 16) & 0xFF] << 8) | (this.SBox[(temp >> 24) & 0xFF] << 16) | (this.SBox[temp & 0xFF] << 24) ) ^ this.Rcon[Math.floor( j / this.Nk ) - 1]; else if (this.Nk > 6 && j % this.Nk == 4) temp = (this.SBox[(temp >> 24) & 0xFF] << 24) | (this.SBox[(temp >> 16) & 0xFF] << 16) | (this.SBox[(temp >> 8) & 0xFF] << 8) | (this.SBox[temp & 0xFF]); expandedKey[j] = expandedKey[j - this.Nk] ^ temp; } return expandedKey; } private function Round(state:Array, roundKey:Array):Void { this.byteSub( state, "encrypt" ); this.shiftRow( state, "encrypt" ); this.mixColumn( state, "encrypt" ); this.addRoundKey( state, roundKey ); } private function InverseRound(state:Array, roundKey:Array):Void { this.addRoundKey( state, roundKey ); this.mixColumn( state, "decrypt" ); this.shiftRow( state, "decrypt" ); this.byteSub( state, "decrypt" ); } private function FinalRound(state:Array, roundKey:Array):Void { this.byteSub( state, "encrypt" ); this.shiftRow( state, "encrypt" ); this.addRoundKey( state, roundKey ); } private function InverseFinalRound(state:Array, roundKey:Array):Void { this.addRoundKey( state, roundKey ); this.shiftRow( state, "decrypt" ); this.byteSub( state, "decrypt" ); } private function encryption(block:Array, expandedKey:Array):Array { block = this.packBytes( block ); this.addRoundKey( block, expandedKey ); for (var i:Number = 1; i < Nr ; i++) { this.Round( block, expandedKey.slice( this.Nb * i, this.Nb * (i + 1) ) ); } this.FinalRound( block, expandedKey.slice( this.Nb * this.Nr ) ); return this.unpackBytes( block ); } private function decryption(block:Array, expandedKey:Array):Array { block = this.packBytes( block ); this.InverseFinalRound( block, expandedKey.slice( this.Nb * this.Nr ) ); for (var i:Number = Nr - 1; i > 0 ; i--) { this.InverseRound( block, expandedKey.slice( this.Nb * i, this.Nb * (i + 1) ) ); } this.addRoundKey( block, expandedKey ); return this.unpackBytes( block ); } private function packBytes(octets:Array):Array { var state:Array = new Array( ); state[0] = new Array( ); state[1] = new Array( ); state[2] = new Array( ); state[3] = new Array( ); for (var j:Number = 0; j < octets.length ; j += 4) { state[0][j / 4] = octets[j]; state[1][j / 4] = octets[j + 1]; state[2][j / 4] = octets[j + 2]; state[3][j / 4] = octets[j + 3]; } return state; } private function unpackBytes(packed:Array):Array { var result:Array = new Array( ); for (var j:Number = 0; j < packed[0].length ; j++) { result[result.length] = packed[0][j]; result[result.length] = packed[1][j]; result[result.length] = packed[2][j]; result[result.length] = packed[3][j]; } return result; } private function formatPlaintext(plaintext:Array):Array { var bpb:Number = blockSize / 8; for (var i:Number = bpb - (plaintext.length % bpb); i > 0 && i < bpb ; i--) { plaintext[plaintext.length] = 0; } return plaintext; } private function getRandomBytes(howMany:Number):Array { var bytes:Array = new Array( ); for (var i:Number = 0; i < howMany ; i++) { bytes[i] = Math.round( Math.random( ) * 255 ); } return bytes; } private function hexToChars(hex:String):Array { var codes:Array = new Array( ); for (var i:Number = (hex.substr( 0, 2 ) == "0x") ? 2 : 0; i < hex.length ; i += 2) { codes.push( parseInt( hex.substr( i, 2 ), 16 ) ); } return codes; } private function charsToHex(chars:Array):String { var result:String = new String( "" ); var hexes:Array = new Array( "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "a", "b", "c", "d", "e", "f" ); for (var i:Number = 0; i < chars.length ; i++) { result += hexes[chars[i] >> 4] + hexes[chars[i] & 0xf]; } return result; } private function charsToStr(chars:Array):String { var result:String = new String( "" ); for (var i:Number = 0; i < chars.length ; i++) { result += String.fromCharCode( chars[i] ); } return result; } private function strToChars(str:String):Array { var codes:Array = new Array( ); for (var i:Number = 0; i < str.length ; i++) { codes.push( str.charCodeAt( i ) ); } return codes; } }