corrade-nucleus-nucleons – Blame information for rev 20
?pathlinks?
Rev | Author | Line No. | Line |
---|---|---|---|
20 | office | 1 | /**
|
2 | * Definition of Data Encryption Standard (DES) taken from:
|
||
3 | * http://www.itl.nist.gov/fipspubs/fip46-2.htm
|
||
4 | */ |
||
5 | |||
6 | (function() { |
||
7 | |||
8 | var C = (typeof window === 'undefined') ? require('./Crypto').Crypto : window.Crypto; |
||
9 | |||
10 | // Shortcuts
|
||
11 | var util = C.util, charenc = C.charenc, UTF8 = charenc.UTF8; |
||
12 | |||
13 | /***************************************************************************
|
||
14 | *
|
||
15 | * DES Key Schedule.
|
||
16 | *
|
||
17 | * The Key consists of 16 sub-keys of 48 bits each. As each sub-key is
|
||
18 | * applied to an expanded 32-bit value where each 4 bits of input is
|
||
19 | * expanded into 6 bits of output the sub-key can be broken down into 8
|
||
20 | * 32-bit values which allows the key to be used without expansion.
|
||
21 | *
|
||
22 | * To create the 16 sub-keys, 56 bits are selected from the input 64 bit key
|
||
23 | * according to <i>PC1</i>. Each sub-key is generated by left rotating the
|
||
24 | * bits a different amount and then selecting 48 bits according to <i>PC2</i>.
|
||
25 | *
|
||
26 | **************************************************************************/ |
||
27 | |||
28 | var KeySchedule; |
||
29 | |||
30 | /**
|
||
31 | * Representation of a DES key schedule.
|
||
32 | *
|
||
33 | * @param {Array
|
||
34 | * of 8 bytes} key The cipher key
|
||
35 | *
|
||
36 | * @constructor
|
||
37 | */ |
||
38 | KeySchedule = function(key) { |
||
39 | /**
|
||
40 | * The schedule of 16 keys
|
||
41 | */ |
||
42 | this.keys = new Array(16); |
||
43 | this._initialiseKeys(key); |
||
44 | }; |
||
45 | |||
46 | /**
|
||
47 | * Permuted Choice 1 (PC1) byte offsets into the key. Each of the 56 entries
|
||
48 | * selects one bit of DES's 56 bit key.
|
||
49 | * <p>
|
||
50 | *
|
||
51 | * <pre>
|
||
52 | * The PC1 is defined as:
|
||
53 | *
|
||
54 | * 57, 49, 41, 33, 25, 17, 9,
|
||
55 | * 1, 58, 50, 42, 34, 26, 18,
|
||
56 | * 10, 2, 59, 51, 43, 35, 27,
|
||
57 | * 19, 11, 3, 60, 52, 44, 36,
|
||
58 | * 63, 55, 47, 39, 31, 23, 15,
|
||
59 | * 7, 62, 54, 46, 38, 30, 22,
|
||
60 | * 14, 6, 61, 53, 45, 37, 29,
|
||
61 | * 21, 13, 5, 28, 20, 12, 4
|
||
62 | * </pre>
|
||
63 | *
|
||
64 | * We represent this as an offset into an 8-byte array and a bit mask upon
|
||
65 | * that byte. For example 57=(7*8)+1 so is the first (MSB) of the 7th byte.
|
||
66 | *
|
||
67 | * @constant
|
||
68 | */ |
||
69 | KeySchedule.PC1_offsets = [ 7, 6, 5, 4, 3, 2, 1, 0, 7, 6, 5, 4, 3, 2, 1, 0, |
||
70 | 7, 6, 5, 4, 3, 2, 1, 0, 7, 6, 5, 4, 7, 6, 5, 4, 3, 2, 1, 0, 7, 6, |
||
71 | 5, 4, 3, 2, 1, 0, 7, 6, 5, 4, 3, 2, 1, 0, 3, 2, 1, 0 ]; |
||
72 | |||
73 | /**
|
||
74 | * Permuted Choice 1 (PC1) bit masks. Each of the 56 entries selects one bit
|
||
75 | * of DES's 56 bit key.
|
||
76 | *
|
||
77 | * @constant
|
||
78 | */ |
||
79 | KeySchedule.PC1_masks = [ 128, 128, 128, 128, 128, 128, 128, 128, 64, 64, |
||
80 | 64, 64, 64, 64, 64, 64, 32, 32, 32, 32, 32, 32, 32, 32, 16, 16, 16, |
||
81 | 16, 2, 2, 2, 2, 2, 2, 2, 2, 4, 4, 4, 4, 4, 4, 4, 4, 8, 8, 8, 8, 8, |
||
82 | 8, 8, 8, 16, 16, 16, 16 ]; |
||
83 | |||
84 | /**
|
||
85 | * Permuted Choice 2 (PC2) selects the active 48 bits from the 56 bits of
|
||
86 | * the key.
|
||
87 | * <p>
|
||
88 | *
|
||
89 | * <pre>
|
||
90 | * The PC2 is defined as:
|
||
91 | *
|
||
92 | * 14, 17, 11, 24, 1, 5,
|
||
93 | * 3, 28, 15, 6, 21, 10,
|
||
94 | * 23, 19, 12, 4, 26, 8,
|
||
95 | * 16, 7, 27, 20, 13, 2,
|
||
96 | * 41, 52, 31, 37, 47, 55,
|
||
97 | * 30, 40, 51, 45, 33, 48,
|
||
98 | * 44, 49, 39, 56, 34, 53,
|
||
99 | * 46, 42, 50, 36, 29, 32
|
||
100 | * </pre>
|
||
101 | *
|
||
102 | * We invert the choice to specify what each bit adds to each 6-bit value of
|
||
103 | * the key. For example, bit 1 is the 5th bit selected so this add 2 to the
|
||
104 | * first 6-bit value.
|
||
105 | *
|
||
106 | * @constant
|
||
107 | */ |
||
108 | KeySchedule.PC2_offsets1 = [ 0, 3, 1, 2, 0, 1, 3, 2, 0, 1, 0, 2, 3, 0, 1, |
||
109 | 3, 0, 0, 2, 3, 1, 0, 2, 0, 0, 2, 3, 1 ]; |
||
110 | |||
111 | /**
|
||
112 | * PC2 offsets for 2nd block.
|
||
113 | *
|
||
114 | * @constant
|
||
115 | */ |
||
116 | KeySchedule.PC2_offsets2 = [ 7, 5, 4, 7, 5, 6, 0, 7, 4, 0, 6, 5, 4, 7, 0, |
||
117 | 6, 5, 7, 4, 5, 6, 7, 5, 4, 6, 0, 4, 6 ]; |
||
118 | |||
119 | /**
|
||
120 | * Permuted Choice 2 (PC2) masks for 1st block.
|
||
121 | *
|
||
122 | * @constant
|
||
123 | */ |
||
124 | KeySchedule.PC2_masks1 = [ 2, 1, 32, 4, 1, 4, 16, 1, 0, 1, 8, 8, 2, 32, 8, |
||
125 | 32, 16, 0, 16, 4, 2, 0, 32, 4, 0, 2, 8, 16 ]; |
||
126 | |||
127 | /**
|
||
128 | * PC2 masks for 2nd block.
|
||
129 | *
|
||
130 | * @constant
|
||
131 | */ |
||
132 | KeySchedule.PC2_masks2 = [ 2, 32, 8, 1, 2, 2, 0, 4, 4, 0, 8, 16, 32, 16, 0, |
||
133 | 32, 4, 32, 2, 1, 16, 8, 8, 16, 1, 0, 1, 4 ]; |
||
134 | |||
135 | /**
|
||
136 | * Cumulative key shifts.
|
||
137 | *
|
||
138 | * @constant
|
||
139 | */ |
||
140 | KeySchedule.keyShifts = [ 1, 2, 4, 6, 8, 10, 12, 14, 15, 17, 19, 21, 23, |
||
141 | 25, 27, 28 ]; |
||
142 | |||
143 | KeySchedule.prototype._initialiseKeys = function(key) { |
||
144 | var i; |
||
145 | |||
146 | // extract 56 key bits in order determined by PC1
|
||
147 | var bits = new Array(56); |
||
148 | for (i = 0; i < 56; i++) { |
||
149 | bits[i] = (key[KeySchedule.PC1_offsets[i]] & KeySchedule.PC1_masks[i]) != 0; |
||
150 | } |
||
151 | |||
152 | // split 56 bits into two 28-bit chunks
|
||
153 | var bits1 = bits.slice(0, 28); |
||
154 | var bits2 = bits.slice(28, 56); |
||
155 | |||
156 | // duplicate each half to allow for easy bit shifts
|
||
157 | bits1 = bits1.concat(bits1); |
||
158 | bits2 = bits2.concat(bits2); |
||
159 | |||
160 | // assemble the 16 keys
|
||
161 | for (i = 0; i < 16; i++) { |
||
162 | var k = [ 0, 0, 0, 0, 0, 0, 0, 0 ]; |
||
163 | |||
164 | // select the bits of the key according to PC2
|
||
165 | var s = KeySchedule.keyShifts[i]; |
||
166 | for ( var j = 0; j < 28; j++) { |
||
167 | if (bits1[j + s]) { |
||
168 | k[KeySchedule.PC2_offsets1[j]] += KeySchedule.PC2_masks1[j]; |
||
169 | } |
||
170 | if (bits2[j + s]) { |
||
171 | k[KeySchedule.PC2_offsets2[j]] += KeySchedule.PC2_masks2[j]; |
||
172 | } |
||
173 | } |
||
174 | |||
175 | // Scale each of the 8 blocks to a 32-bit mask.
|
||
176 | k[0] = ((k[0] & 0x1f) << 27) + ((k[0] & 0x20) >> 5); |
||
177 | for ( var j = 1; j <= 6; j++) { |
||
178 | k[j] = k[j] << (27 - 4 * j); |
||
179 | } |
||
180 | k[7] = ((k[7] & 0x3e) >> 1) + ((k[7] & 0x1) << 31); |
||
181 | this.keys[i] = k; |
||
182 | } |
||
183 | }; |
||
184 | |||
185 | /**
|
||
186 | * Retrieve the key for a specified round
|
||
187 | *
|
||
188 | * @param i
|
||
189 | * the round
|
||
190 | * @returns the key
|
||
191 | */ |
||
192 | KeySchedule.prototype.getKey = function(i) { |
||
193 | return this.keys[i]; |
||
194 | }; |
||
195 | |||
196 | /***************************************************************************
|
||
197 | *
|
||
198 | * DES Engine State
|
||
199 | *
|
||
200 | **************************************************************************/ |
||
201 | |||
202 | var State; |
||
203 | |||
204 | /**
|
||
205 | * The algorithm's state. DES operates on two sets of 32-bits, with each
|
||
206 | * block of 32-bits treated as a single number.
|
||
207 | *
|
||
208 | * @class
|
||
209 | */ |
||
210 | State = function() { |
||
211 | /** The LHS of the Feistel scheme */ |
||
212 | this.lhs = 0; |
||
213 | /** The RHS of the Feistel scheme */ |
||
214 | this.rhs = 0; |
||
215 | }; |
||
216 | |||
217 | /**
|
||
218 | * The masks that select the SBOX input. Each SBOX accepts 6 bits from the
|
||
219 | * input.
|
||
220 | *
|
||
221 | * @constant
|
||
222 | */ |
||
223 | State.SBOX_MASK = [ 0xf8000001, 0x1f800000, 0x01f80000, 0x001f8000, |
||
224 | 0x0001f800, 0x00001f80, 0x000001f8, 0x8000001f ]; |
||
225 | |||
226 | /**
|
||
227 | * The SBOXes. The 8 SBOXes each map 6 bit masked bit of the input to 4 bits
|
||
228 | * of output. These SBOXes include the post SBOX permutation and benefit
|
||
229 | * from JavaScript's sparse arrays to make specifying the input match
|
||
230 | * simple.
|
||
231 | *
|
||
232 | * @constant
|
||
233 | */ |
||
234 | State.SBOX = new Array(8); |
||
235 | |||
236 | var SBOX = State.SBOX; |
||
237 | |||
238 | SBOX[0] = new Array(); |
||
239 | SBOX[0][0] = 0x808200; // 0 (0, 0) = 14
|
||
240 | SBOX[0][268435456] = 0x8000; // 10000000 (0, 1) = 4
|
||
241 | SBOX[0][536870912] = 0x808002; // 20000000 (0, 2) = 13
|
||
242 | SBOX[0][805306368] = 0x2; // 30000000 (0, 3) = 1
|
||
243 | SBOX[0][1073741824] = 0x200; // 40000000 (0, 4) = 2
|
||
244 | SBOX[0][1342177280] = 0x808202; // 50000000 (0, 5) = 15
|
||
245 | SBOX[0][1610612736] = 0x800202; // 60000000 (0, 6) = 11
|
||
246 | SBOX[0][1879048192] = 0x800000; // 70000000 (0, 7) = 8
|
||
247 | SBOX[0][-2147483648] = 0x202; // 80000000 (0, 8) = 3
|
||
248 | SBOX[0][-1879048192] = 0x800200; // 90000000 (0, 9) = 10
|
||
249 | SBOX[0][-1610612736] = 0x8200; // a0000000 (0, 10) = 6
|
||
250 | SBOX[0][-1342177280] = 0x808000; // b0000000 (0, 11) = 12
|
||
251 | SBOX[0][-1073741824] = 0x8002; // c0000000 (0, 12) = 5
|
||
252 | SBOX[0][-805306368] = 0x800002; // d0000000 (0, 13) = 9
|
||
253 | SBOX[0][-536870912] = 0x0; // e0000000 (0, 14) = 0
|
||
254 | SBOX[0][-268435456] = 0x8202; // f0000000 (0, 15) = 7
|
||
255 | SBOX[0][134217728] = 0x0; // 8000000 (1, 0) = 0
|
||
256 | SBOX[0][402653184] = 0x808202; // 18000000 (1, 1) = 15
|
||
257 | SBOX[0][671088640] = 0x8202; // 28000000 (1, 2) = 7
|
||
258 | SBOX[0][939524096] = 0x8000; // 38000000 (1, 3) = 4
|
||
259 | SBOX[0][1207959552] = 0x808200; // 48000000 (1, 4) = 14
|
||
260 | SBOX[0][1476395008] = 0x200; // 58000000 (1, 5) = 2
|
||
261 | SBOX[0][1744830464] = 0x808002; // 68000000 (1, 6) = 13
|
||
262 | SBOX[0][2013265920] = 0x2; // 78000000 (1, 7) = 1
|
||
263 | SBOX[0][-2013265920] = 0x800200; // 88000000 (1, 8) = 10
|
||
264 | SBOX[0][-1744830464] = 0x8200; // 98000000 (1, 9) = 6
|
||
265 | SBOX[0][-1476395008] = 0x808000; // a8000000 (1, 10) = 12
|
||
266 | SBOX[0][-1207959552] = 0x800202; // b8000000 (1, 11) = 11
|
||
267 | SBOX[0][-939524096] = 0x800002; // c8000000 (1, 12) = 9
|
||
268 | SBOX[0][-671088640] = 0x8002; // d8000000 (1, 13) = 5
|
||
269 | SBOX[0][-402653184] = 0x202; // e8000000 (1, 14) = 3
|
||
270 | SBOX[0][-134217728] = 0x800000; // f8000000 (1, 15) = 8
|
||
271 | SBOX[0][1] = 0x8000; // 1 (2, 0) = 4
|
||
272 | SBOX[0][268435457] = 0x2; // 10000001 (2, 1) = 1
|
||
273 | SBOX[0][536870913] = 0x808200; // 20000001 (2, 2) = 14
|
||
274 | SBOX[0][805306369] = 0x800000; // 30000001 (2, 3) = 8
|
||
275 | SBOX[0][1073741825] = 0x808002; // 40000001 (2, 4) = 13
|
||
276 | SBOX[0][1342177281] = 0x8200; // 50000001 (2, 5) = 6
|
||
277 | SBOX[0][1610612737] = 0x200; // 60000001 (2, 6) = 2
|
||
278 | SBOX[0][1879048193] = 0x800202; // 70000001 (2, 7) = 11
|
||
279 | SBOX[0][-2147483647] = 0x808202; // 80000001 (2, 8) = 15
|
||
280 | SBOX[0][-1879048191] = 0x808000; // 90000001 (2, 9) = 12
|
||
281 | SBOX[0][-1610612735] = 0x800002; // a0000001 (2, 10) = 9
|
||
282 | SBOX[0][-1342177279] = 0x8202; // b0000001 (2, 11) = 7
|
||
283 | SBOX[0][-1073741823] = 0x202; // c0000001 (2, 12) = 3
|
||
284 | SBOX[0][-805306367] = 0x800200; // d0000001 (2, 13) = 10
|
||
285 | SBOX[0][-536870911] = 0x8002; // e0000001 (2, 14) = 5
|
||
286 | SBOX[0][-268435455] = 0x0; // f0000001 (2, 15) = 0
|
||
287 | SBOX[0][134217729] = 0x808202; // 8000001 (3, 0) = 15
|
||
288 | SBOX[0][402653185] = 0x808000; // 18000001 (3, 1) = 12
|
||
289 | SBOX[0][671088641] = 0x800000; // 28000001 (3, 2) = 8
|
||
290 | SBOX[0][939524097] = 0x200; // 38000001 (3, 3) = 2
|
||
291 | SBOX[0][1207959553] = 0x8000; // 48000001 (3, 4) = 4
|
||
292 | SBOX[0][1476395009] = 0x800002; // 58000001 (3, 5) = 9
|
||
293 | SBOX[0][1744830465] = 0x2; // 68000001 (3, 6) = 1
|
||
294 | SBOX[0][2013265921] = 0x8202; // 78000001 (3, 7) = 7
|
||
295 | SBOX[0][-2013265919] = 0x8002; // 88000001 (3, 8) = 5
|
||
296 | SBOX[0][-1744830463] = 0x800202; // 98000001 (3, 9) = 11
|
||
297 | SBOX[0][-1476395007] = 0x202; // a8000001 (3, 10) = 3
|
||
298 | SBOX[0][-1207959551] = 0x808200; // b8000001 (3, 11) = 14
|
||
299 | SBOX[0][-939524095] = 0x800200; // c8000001 (3, 12) = 10
|
||
300 | SBOX[0][-671088639] = 0x0; // d8000001 (3, 13) = 0
|
||
301 | SBOX[0][-402653183] = 0x8200; // e8000001 (3, 14) = 6
|
||
302 | SBOX[0][-134217727] = 0x808002; // f8000001 (3, 15) = 13
|
||
303 | |||
304 | SBOX[1] = new Array(); |
||
305 | SBOX[1][0] = 0x40084010; // 0 (0, 0) = 15
|
||
306 | SBOX[1][16777216] = 0x4000; // 1000000 (0, 1) = 1
|
||
307 | SBOX[1][33554432] = 0x80000; // 2000000 (0, 2) = 8
|
||
308 | SBOX[1][50331648] = 0x40080010; // 3000000 (0, 3) = 14
|
||
309 | SBOX[1][67108864] = 0x40000010; // 4000000 (0, 4) = 6
|
||
310 | SBOX[1][83886080] = 0x40084000; // 5000000 (0, 5) = 11
|
||
311 | SBOX[1][100663296] = 0x40004000; // 6000000 (0, 6) = 3
|
||
312 | SBOX[1][117440512] = 0x10; // 7000000 (0, 7) = 4
|
||
313 | SBOX[1][134217728] = 0x84000; // 8000000 (0, 8) = 9
|
||
314 | SBOX[1][150994944] = 0x40004010; // 9000000 (0, 9) = 7
|
||
315 | SBOX[1][167772160] = 0x40000000; // a000000 (0, 10) = 2
|
||
316 | SBOX[1][184549376] = 0x84010; // b000000 (0, 11) = 13
|
||
317 | SBOX[1][201326592] = 0x80010; // c000000 (0, 12) = 12
|
||
318 | SBOX[1][218103808] = 0x0; // d000000 (0, 13) = 0
|
||
319 | SBOX[1][234881024] = 0x4010; // e000000 (0, 14) = 5
|
||
320 | SBOX[1][251658240] = 0x40080000; // f000000 (0, 15) = 10
|
||
321 | SBOX[1][8388608] = 0x40004000; // 800000 (1, 0) = 3
|
||
322 | SBOX[1][25165824] = 0x84010; // 1800000 (1, 1) = 13
|
||
323 | SBOX[1][41943040] = 0x10; // 2800000 (1, 2) = 4
|
||
324 | SBOX[1][58720256] = 0x40004010; // 3800000 (1, 3) = 7
|
||
325 | SBOX[1][75497472] = 0x40084010; // 4800000 (1, 4) = 15
|
||
326 | SBOX[1][92274688] = 0x40000000; // 5800000 (1, 5) = 2
|
||
327 | SBOX[1][109051904] = 0x80000; // 6800000 (1, 6) = 8
|
||
328 | SBOX[1][125829120] = 0x40080010; // 7800000 (1, 7) = 14
|
||
329 | SBOX[1][142606336] = 0x80010; // 8800000 (1, 8) = 12
|
||
330 | SBOX[1][159383552] = 0x0; // 9800000 (1, 9) = 0
|
||
331 | SBOX[1][176160768] = 0x4000; // a800000 (1, 10) = 1
|
||
332 | SBOX[1][192937984] = 0x40080000; // b800000 (1, 11) = 10
|
||
333 | SBOX[1][209715200] = 0x40000010; // c800000 (1, 12) = 6
|
||
334 | SBOX[1][226492416] = 0x84000; // d800000 (1, 13) = 9
|
||
335 | SBOX[1][243269632] = 0x40084000; // e800000 (1, 14) = 11
|
||
336 | SBOX[1][260046848] = 0x4010; // f800000 (1, 15) = 5
|
||
337 | SBOX[1][268435456] = 0x0; // 10000000 (2, 0) = 0
|
||
338 | SBOX[1][285212672] = 0x40080010; // 11000000 (2, 1) = 14
|
||
339 | SBOX[1][301989888] = 0x40004010; // 12000000 (2, 2) = 7
|
||
340 | SBOX[1][318767104] = 0x40084000; // 13000000 (2, 3) = 11
|
||
341 | SBOX[1][335544320] = 0x40080000; // 14000000 (2, 4) = 10
|
||
342 | SBOX[1][352321536] = 0x10; // 15000000 (2, 5) = 4
|
||
343 | SBOX[1][369098752] = 0x84010; // 16000000 (2, 6) = 13
|
||
344 | SBOX[1][385875968] = 0x4000; // 17000000 (2, 7) = 1
|
||
345 | SBOX[1][402653184] = 0x4010; // 18000000 (2, 8) = 5
|
||
346 | SBOX[1][419430400] = 0x80000; // 19000000 (2, 9) = 8
|
||
347 | SBOX[1][436207616] = 0x80010; // 1a000000 (2, 10) = 12
|
||
348 | SBOX[1][452984832] = 0x40000010; // 1b000000 (2, 11) = 6
|
||
349 | SBOX[1][469762048] = 0x84000; // 1c000000 (2, 12) = 9
|
||
350 | SBOX[1][486539264] = 0x40004000; // 1d000000 (2, 13) = 3
|
||
351 | SBOX[1][503316480] = 0x40000000; // 1e000000 (2, 14) = 2
|
||
352 | SBOX[1][520093696] = 0x40084010; // 1f000000 (2, 15) = 15
|
||
353 | SBOX[1][276824064] = 0x84010; // 10800000 (3, 0) = 13
|
||
354 | SBOX[1][293601280] = 0x80000; // 11800000 (3, 1) = 8
|
||
355 | SBOX[1][310378496] = 0x40080000; // 12800000 (3, 2) = 10
|
||
356 | SBOX[1][327155712] = 0x4000; // 13800000 (3, 3) = 1
|
||
357 | SBOX[1][343932928] = 0x40004000; // 14800000 (3, 4) = 3
|
||
358 | SBOX[1][360710144] = 0x40084010; // 15800000 (3, 5) = 15
|
||
359 | SBOX[1][377487360] = 0x10; // 16800000 (3, 6) = 4
|
||
360 | SBOX[1][394264576] = 0x40000000; // 17800000 (3, 7) = 2
|
||
361 | SBOX[1][411041792] = 0x40084000; // 18800000 (3, 8) = 11
|
||
362 | SBOX[1][427819008] = 0x40000010; // 19800000 (3, 9) = 6
|
||
363 | SBOX[1][444596224] = 0x40004010; // 1a800000 (3, 10) = 7
|
||
364 | SBOX[1][461373440] = 0x80010; // 1b800000 (3, 11) = 12
|
||
365 | SBOX[1][478150656] = 0x0; // 1c800000 (3, 12) = 0
|
||
366 | SBOX[1][494927872] = 0x4010; // 1d800000 (3, 13) = 5
|
||
367 | SBOX[1][511705088] = 0x40080010; // 1e800000 (3, 14) = 14
|
||
368 | SBOX[1][528482304] = 0x84000; // 1f800000 (3, 15) = 9
|
||
369 | |||
370 | SBOX[2] = new Array(); |
||
371 | SBOX[2][0] = 0x104; // 0 (0, 0) = 10
|
||
372 | SBOX[2][1048576] = 0x0; // 100000 (0, 1) = 0
|
||
373 | SBOX[2][2097152] = 0x4000100; // 200000 (0, 2) = 9
|
||
374 | SBOX[2][3145728] = 0x10104; // 300000 (0, 3) = 14
|
||
375 | SBOX[2][4194304] = 0x10004; // 400000 (0, 4) = 6
|
||
376 | SBOX[2][5242880] = 0x4000004; // 500000 (0, 5) = 3
|
||
377 | SBOX[2][6291456] = 0x4010104; // 600000 (0, 6) = 15
|
||
378 | SBOX[2][7340032] = 0x4010000; // 700000 (0, 7) = 5
|
||
379 | SBOX[2][8388608] = 0x4000000; // 800000 (0, 8) = 1
|
||
380 | SBOX[2][9437184] = 0x4010100; // 900000 (0, 9) = 13
|
||
381 | SBOX[2][10485760] = 0x10100; // a00000 (0, 10) = 12
|
||
382 | SBOX[2][11534336] = 0x4010004; // b00000 (0, 11) = 7
|
||
383 | SBOX[2][12582912] = 0x4000104; // c00000 (0, 12) = 11
|
||
384 | SBOX[2][13631488] = 0x10000; // d00000 (0, 13) = 4
|
||
385 | SBOX[2][14680064] = 0x4; // e00000 (0, 14) = 2
|
||
386 | SBOX[2][15728640] = 0x100; // f00000 (0, 15) = 8
|
||
387 | SBOX[2][524288] = 0x4010100; // 80000 (1, 0) = 13
|
||
388 | SBOX[2][1572864] = 0x4010004; // 180000 (1, 1) = 7
|
||
389 | SBOX[2][2621440] = 0x0; // 280000 (1, 2) = 0
|
||
390 | SBOX[2][3670016] = 0x4000100; // 380000 (1, 3) = 9
|
||
391 | SBOX[2][4718592] = 0x4000004; // 480000 (1, 4) = 3
|
||
392 | SBOX[2][5767168] = 0x10000; // 580000 (1, 5) = 4
|
||
393 | SBOX[2][6815744] = 0x10004; // 680000 (1, 6) = 6
|
||
394 | SBOX[2][7864320] = 0x104; // 780000 (1, 7) = 10
|
||
395 | SBOX[2][8912896] = 0x4; // 880000 (1, 8) = 2
|
||
396 | SBOX[2][9961472] = 0x100; // 980000 (1, 9) = 8
|
||
397 | SBOX[2][11010048] = 0x4010000; // a80000 (1, 10) = 5
|
||
398 | SBOX[2][12058624] = 0x10104; // b80000 (1, 11) = 14
|
||
399 | SBOX[2][13107200] = 0x10100; // c80000 (1, 12) = 12
|
||
400 | SBOX[2][14155776] = 0x4000104; // d80000 (1, 13) = 11
|
||
401 | SBOX[2][15204352] = 0x4010104; // e80000 (1, 14) = 15
|
||
402 | SBOX[2][16252928] = 0x4000000; // f80000 (1, 15) = 1
|
||
403 | SBOX[2][16777216] = 0x4010100; // 1000000 (2, 0) = 13
|
||
404 | SBOX[2][17825792] = 0x10004; // 1100000 (2, 1) = 6
|
||
405 | SBOX[2][18874368] = 0x10000; // 1200000 (2, 2) = 4
|
||
406 | SBOX[2][19922944] = 0x4000100; // 1300000 (2, 3) = 9
|
||
407 | SBOX[2][20971520] = 0x100; // 1400000 (2, 4) = 8
|
||
408 | SBOX[2][22020096] = 0x4010104; // 1500000 (2, 5) = 15
|
||
409 | SBOX[2][23068672] = 0x4000004; // 1600000 (2, 6) = 3
|
||
410 | SBOX[2][24117248] = 0x0; // 1700000 (2, 7) = 0
|
||
411 | SBOX[2][25165824] = 0x4000104; // 1800000 (2, 8) = 11
|
||
412 | SBOX[2][26214400] = 0x4000000; // 1900000 (2, 9) = 1
|
||
413 | SBOX[2][27262976] = 0x4; // 1a00000 (2, 10) = 2
|
||
414 | SBOX[2][28311552] = 0x10100; // 1b00000 (2, 11) = 12
|
||
415 | SBOX[2][29360128] = 0x4010000; // 1c00000 (2, 12) = 5
|
||
416 | SBOX[2][30408704] = 0x104; // 1d00000 (2, 13) = 10
|
||
417 | SBOX[2][31457280] = 0x10104; // 1e00000 (2, 14) = 14
|
||
418 | SBOX[2][32505856] = 0x4010004; // 1f00000 (2, 15) = 7
|
||
419 | SBOX[2][17301504] = 0x4000000; // 1080000 (3, 0) = 1
|
||
420 | SBOX[2][18350080] = 0x104; // 1180000 (3, 1) = 10
|
||
421 | SBOX[2][19398656] = 0x4010100; // 1280000 (3, 2) = 13
|
||
422 | SBOX[2][20447232] = 0x0; // 1380000 (3, 3) = 0
|
||
423 | SBOX[2][21495808] = 0x10004; // 1480000 (3, 4) = 6
|
||
424 | SBOX[2][22544384] = 0x4000100; // 1580000 (3, 5) = 9
|
||
425 | SBOX[2][23592960] = 0x100; // 1680000 (3, 6) = 8
|
||
426 | SBOX[2][24641536] = 0x4010004; // 1780000 (3, 7) = 7
|
||
427 | SBOX[2][25690112] = 0x10000; // 1880000 (3, 8) = 4
|
||
428 | SBOX[2][26738688] = 0x4010104; // 1980000 (3, 9) = 15
|
||
429 | SBOX[2][27787264] = 0x10104; // 1a80000 (3, 10) = 14
|
||
430 | SBOX[2][28835840] = 0x4000004; // 1b80000 (3, 11) = 3
|
||
431 | SBOX[2][29884416] = 0x4000104; // 1c80000 (3, 12) = 11
|
||
432 | SBOX[2][30932992] = 0x4010000; // 1d80000 (3, 13) = 5
|
||
433 | SBOX[2][31981568] = 0x4; // 1e80000 (3, 14) = 2
|
||
434 | SBOX[2][33030144] = 0x10100; // 1f80000 (3, 15) = 12
|
||
435 | |||
436 | SBOX[3] = new Array(); |
||
437 | SBOX[3][0] = 0x80401000; // 0 (0, 0) = 7
|
||
438 | SBOX[3][65536] = 0x80001040; // 10000 (0, 1) = 13
|
||
439 | SBOX[3][131072] = 0x401040; // 20000 (0, 2) = 14
|
||
440 | SBOX[3][196608] = 0x80400000; // 30000 (0, 3) = 3
|
||
441 | SBOX[3][262144] = 0x0; // 40000 (0, 4) = 0
|
||
442 | SBOX[3][327680] = 0x401000; // 50000 (0, 5) = 6
|
||
443 | SBOX[3][393216] = 0x80000040; // 60000 (0, 6) = 9
|
||
444 | SBOX[3][458752] = 0x400040; // 70000 (0, 7) = 10
|
||
445 | SBOX[3][524288] = 0x80000000; // 80000 (0, 8) = 1
|
||
446 | SBOX[3][589824] = 0x400000; // 90000 (0, 9) = 2
|
||
447 | SBOX[3][655360] = 0x40; // a0000 (0, 10) = 8
|
||
448 | SBOX[3][720896] = 0x80001000; // b0000 (0, 11) = 5
|
||
449 | SBOX[3][786432] = 0x80400040; // c0000 (0, 12) = 11
|
||
450 | SBOX[3][851968] = 0x1040; // d0000 (0, 13) = 12
|
||
451 | SBOX[3][917504] = 0x1000; // e0000 (0, 14) = 4
|
||
452 | SBOX[3][983040] = 0x80401040; // f0000 (0, 15) = 15
|
||
453 | SBOX[3][32768] = 0x80001040; // 8000 (1, 0) = 13
|
||
454 | SBOX[3][98304] = 0x40; // 18000 (1, 1) = 8
|
||
455 | SBOX[3][163840] = 0x80400040; // 28000 (1, 2) = 11
|
||
456 | SBOX[3][229376] = 0x80001000; // 38000 (1, 3) = 5
|
||
457 | SBOX[3][294912] = 0x401000; // 48000 (1, 4) = 6
|
||
458 | SBOX[3][360448] = 0x80401040; // 58000 (1, 5) = 15
|
||
459 | SBOX[3][425984] = 0x0; // 68000 (1, 6) = 0
|
||
460 | SBOX[3][491520] = 0x80400000; // 78000 (1, 7) = 3
|
||
461 | SBOX[3][557056] = 0x1000; // 88000 (1, 8) = 4
|
||
462 | SBOX[3][622592] = 0x80401000; // 98000 (1, 9) = 7
|
||
463 | SBOX[3][688128] = 0x400000; // a8000 (1, 10) = 2
|
||
464 | SBOX[3][753664] = 0x1040; // b8000 (1, 11) = 12
|
||
465 | SBOX[3][819200] = 0x80000000; // c8000 (1, 12) = 1
|
||
466 | SBOX[3][884736] = 0x400040; // d8000 (1, 13) = 10
|
||
467 | SBOX[3][950272] = 0x401040; // e8000 (1, 14) = 14
|
||
468 | SBOX[3][1015808] = 0x80000040; // f8000 (1, 15) = 9
|
||
469 | SBOX[3][1048576] = 0x400040; // 100000 (2, 0) = 10
|
||
470 | SBOX[3][1114112] = 0x401000; // 110000 (2, 1) = 6
|
||
471 | SBOX[3][1179648] = 0x80000040; // 120000 (2, 2) = 9
|
||
472 | SBOX[3][1245184] = 0x0; // 130000 (2, 3) = 0
|
||
473 | SBOX[3][1310720] = 0x1040; // 140000 (2, 4) = 12
|
||
474 | SBOX[3][1376256] = 0x80400040; // 150000 (2, 5) = 11
|
||
475 | SBOX[3][1441792] = 0x80401000; // 160000 (2, 6) = 7
|
||
476 | SBOX[3][1507328] = 0x80001040; // 170000 (2, 7) = 13
|
||
477 | SBOX[3][1572864] = 0x80401040; // 180000 (2, 8) = 15
|
||
478 | SBOX[3][1638400] = 0x80000000; // 190000 (2, 9) = 1
|
||
479 | SBOX[3][1703936] = 0x80400000; // 1a0000 (2, 10) = 3
|
||
480 | SBOX[3][1769472] = 0x401040; // 1b0000 (2, 11) = 14
|
||
481 | SBOX[3][1835008] = 0x80001000; // 1c0000 (2, 12) = 5
|
||
482 | SBOX[3][1900544] = 0x400000; // 1d0000 (2, 13) = 2
|
||
483 | SBOX[3][1966080] = 0x40; // 1e0000 (2, 14) = 8
|
||
484 | SBOX[3][2031616] = 0x1000; // 1f0000 (2, 15) = 4
|
||
485 | SBOX[3][1081344] = 0x80400000; // 108000 (3, 0) = 3
|
||
486 | SBOX[3][1146880] = 0x80401040; // 118000 (3, 1) = 15
|
||
487 | SBOX[3][1212416] = 0x0; // 128000 (3, 2) = 0
|
||
488 | SBOX[3][1277952] = 0x401000; // 138000 (3, 3) = 6
|
||
489 | SBOX[3][1343488] = 0x400040; // 148000 (3, 4) = 10
|
||
490 | SBOX[3][1409024] = 0x80000000; // 158000 (3, 5) = 1
|
||
491 | SBOX[3][1474560] = 0x80001040; // 168000 (3, 6) = 13
|
||
492 | SBOX[3][1540096] = 0x40; // 178000 (3, 7) = 8
|
||
493 | SBOX[3][1605632] = 0x80000040; // 188000 (3, 8) = 9
|
||
494 | SBOX[3][1671168] = 0x1000; // 198000 (3, 9) = 4
|
||
495 | SBOX[3][1736704] = 0x80001000; // 1a8000 (3, 10) = 5
|
||
496 | SBOX[3][1802240] = 0x80400040; // 1b8000 (3, 11) = 11
|
||
497 | SBOX[3][1867776] = 0x1040; // 1c8000 (3, 12) = 12
|
||
498 | SBOX[3][1933312] = 0x80401000; // 1d8000 (3, 13) = 7
|
||
499 | SBOX[3][1998848] = 0x400000; // 1e8000 (3, 14) = 2
|
||
500 | SBOX[3][2064384] = 0x401040; // 1f8000 (3, 15) = 14
|
||
501 | |||
502 | SBOX[4] = new Array(); |
||
503 | SBOX[4][0] = 0x80; // 0 (0, 0) = 2
|
||
504 | SBOX[4][4096] = 0x1040000; // 1000 (0, 1) = 12
|
||
505 | SBOX[4][8192] = 0x40000; // 2000 (0, 2) = 4
|
||
506 | SBOX[4][12288] = 0x20000000; // 3000 (0, 3) = 1
|
||
507 | SBOX[4][16384] = 0x20040080; // 4000 (0, 4) = 7
|
||
508 | SBOX[4][20480] = 0x1000080; // 5000 (0, 5) = 10
|
||
509 | SBOX[4][24576] = 0x21000080; // 6000 (0, 6) = 11
|
||
510 | SBOX[4][28672] = 0x40080; // 7000 (0, 7) = 6
|
||
511 | SBOX[4][32768] = 0x1000000; // 8000 (0, 8) = 8
|
||
512 | SBOX[4][36864] = 0x20040000; // 9000 (0, 9) = 5
|
||
513 | SBOX[4][40960] = 0x20000080; // a000 (0, 10) = 3
|
||
514 | SBOX[4][45056] = 0x21040080; // b000 (0, 11) = 15
|
||
515 | SBOX[4][49152] = 0x21040000; // c000 (0, 12) = 13
|
||
516 | SBOX[4][53248] = 0x0; // d000 (0, 13) = 0
|
||
517 | SBOX[4][57344] = 0x1040080; // e000 (0, 14) = 14
|
||
518 | SBOX[4][61440] = 0x21000000; // f000 (0, 15) = 9
|
||
519 | SBOX[4][2048] = 0x1040080; // 800 (1, 0) = 14
|
||
520 | SBOX[4][6144] = 0x21000080; // 1800 (1, 1) = 11
|
||
521 | SBOX[4][10240] = 0x80; // 2800 (1, 2) = 2
|
||
522 | SBOX[4][14336] = 0x1040000; // 3800 (1, 3) = 12
|
||
523 | SBOX[4][18432] = 0x40000; // 4800 (1, 4) = 4
|
||
524 | SBOX[4][22528] = 0x20040080; // 5800 (1, 5) = 7
|
||
525 | SBOX[4][26624] = 0x21040000; // 6800 (1, 6) = 13
|
||
526 | SBOX[4][30720] = 0x20000000; // 7800 (1, 7) = 1
|
||
527 | SBOX[4][34816] = 0x20040000; // 8800 (1, 8) = 5
|
||
528 | SBOX[4][38912] = 0x0; // 9800 (1, 9) = 0
|
||
529 | SBOX[4][43008] = 0x21040080; // a800 (1, 10) = 15
|
||
530 | SBOX[4][47104] = 0x1000080; // b800 (1, 11) = 10
|
||
531 | SBOX[4][51200] = 0x20000080; // c800 (1, 12) = 3
|
||
532 | SBOX[4][55296] = 0x21000000; // d800 (1, 13) = 9
|
||
533 | SBOX[4][59392] = 0x1000000; // e800 (1, 14) = 8
|
||
534 | SBOX[4][63488] = 0x40080; // f800 (1, 15) = 6
|
||
535 | SBOX[4][65536] = 0x40000; // 10000 (2, 0) = 4
|
||
536 | SBOX[4][69632] = 0x80; // 11000 (2, 1) = 2
|
||
537 | SBOX[4][73728] = 0x20000000; // 12000 (2, 2) = 1
|
||
538 | SBOX[4][77824] = 0x21000080; // 13000 (2, 3) = 11
|
||
539 | SBOX[4][81920] = 0x1000080; // 14000 (2, 4) = 10
|
||
540 | SBOX[4][86016] = 0x21040000; // 15000 (2, 5) = 13
|
||
541 | SBOX[4][90112] = 0x20040080; // 16000 (2, 6) = 7
|
||
542 | SBOX[4][94208] = 0x1000000; // 17000 (2, 7) = 8
|
||
543 | SBOX[4][98304] = 0x21040080; // 18000 (2, 8) = 15
|
||
544 | SBOX[4][102400] = 0x21000000; // 19000 (2, 9) = 9
|
||
545 | SBOX[4][106496] = 0x1040000; // 1a000 (2, 10) = 12
|
||
546 | SBOX[4][110592] = 0x20040000; // 1b000 (2, 11) = 5
|
||
547 | SBOX[4][114688] = 0x40080; // 1c000 (2, 12) = 6
|
||
548 | SBOX[4][118784] = 0x20000080; // 1d000 (2, 13) = 3
|
||
549 | SBOX[4][122880] = 0x0; // 1e000 (2, 14) = 0
|
||
550 | SBOX[4][126976] = 0x1040080; // 1f000 (2, 15) = 14
|
||
551 | SBOX[4][67584] = 0x21000080; // 10800 (3, 0) = 11
|
||
552 | SBOX[4][71680] = 0x1000000; // 11800 (3, 1) = 8
|
||
553 | SBOX[4][75776] = 0x1040000; // 12800 (3, 2) = 12
|
||
554 | SBOX[4][79872] = 0x20040080; // 13800 (3, 3) = 7
|
||
555 | SBOX[4][83968] = 0x20000000; // 14800 (3, 4) = 1
|
||
556 | SBOX[4][88064] = 0x1040080; // 15800 (3, 5) = 14
|
||
557 | SBOX[4][92160] = 0x80; // 16800 (3, 6) = 2
|
||
558 | SBOX[4][96256] = 0x21040000; // 17800 (3, 7) = 13
|
||
559 | SBOX[4][100352] = 0x40080; // 18800 (3, 8) = 6
|
||
560 | SBOX[4][104448] = 0x21040080; // 19800 (3, 9) = 15
|
||
561 | SBOX[4][108544] = 0x0; // 1a800 (3, 10) = 0
|
||
562 | SBOX[4][112640] = 0x21000000; // 1b800 (3, 11) = 9
|
||
563 | SBOX[4][116736] = 0x1000080; // 1c800 (3, 12) = 10
|
||
564 | SBOX[4][120832] = 0x40000; // 1d800 (3, 13) = 4
|
||
565 | SBOX[4][124928] = 0x20040000; // 1e800 (3, 14) = 5
|
||
566 | SBOX[4][129024] = 0x20000080; // 1f800 (3, 15) = 3
|
||
567 | |||
568 | SBOX[5] = new Array(); |
||
569 | SBOX[5][0] = 0x10000008; // 0 (0, 0) = 12
|
||
570 | SBOX[5][256] = 0x2000; // 100 (0, 1) = 1
|
||
571 | SBOX[5][512] = 0x10200000; // 200 (0, 2) = 10
|
||
572 | SBOX[5][768] = 0x10202008; // 300 (0, 3) = 15
|
||
573 | SBOX[5][1024] = 0x10002000; // 400 (0, 4) = 9
|
||
574 | SBOX[5][1280] = 0x200000; // 500 (0, 5) = 2
|
||
575 | SBOX[5][1536] = 0x200008; // 600 (0, 6) = 6
|
||
576 | SBOX[5][1792] = 0x10000000; // 700 (0, 7) = 8
|
||
577 | SBOX[5][2048] = 0x0; // 800 (0, 8) = 0
|
||
578 | SBOX[5][2304] = 0x10002008; // 900 (0, 9) = 13
|
||
579 | SBOX[5][2560] = 0x202000; // a00 (0, 10) = 3
|
||
580 | SBOX[5][2816] = 0x8; // b00 (0, 11) = 4
|
||
581 | SBOX[5][3072] = 0x10200008; // c00 (0, 12) = 14
|
||
582 | SBOX[5][3328] = 0x202008; // d00 (0, 13) = 7
|
||
583 | SBOX[5][3584] = 0x2008; // e00 (0, 14) = 5
|
||
584 | SBOX[5][3840] = 0x10202000; // f00 (0, 15) = 11
|
||
585 | SBOX[5][128] = 0x10200000; // 80 (1, 0) = 10
|
||
586 | SBOX[5][384] = 0x10202008; // 180 (1, 1) = 15
|
||
587 | SBOX[5][640] = 0x8; // 280 (1, 2) = 4
|
||
588 | SBOX[5][896] = 0x200000; // 380 (1, 3) = 2
|
||
589 | SBOX[5][1152] = 0x202008; // 480 (1, 4) = 7
|
||
590 | SBOX[5][1408] = 0x10000008; // 580 (1, 5) = 12
|
||
591 | SBOX[5][1664] = 0x10002000; // 680 (1, 6) = 9
|
||
592 | SBOX[5][1920] = 0x2008; // 780 (1, 7) = 5
|
||
593 | SBOX[5][2176] = 0x200008; // 880 (1, 8) = 6
|
||
594 | SBOX[5][2432] = 0x2000; // 980 (1, 9) = 1
|
||
595 | SBOX[5][2688] = 0x10002008; // a80 (1, 10) = 13
|
||
596 | SBOX[5][2944] = 0x10200008; // b80 (1, 11) = 14
|
||
597 | SBOX[5][3200] = 0x0; // c80 (1, 12) = 0
|
||
598 | SBOX[5][3456] = 0x10202000; // d80 (1, 13) = 11
|
||
599 | SBOX[5][3712] = 0x202000; // e80 (1, 14) = 3
|
||
600 | SBOX[5][3968] = 0x10000000; // f80 (1, 15) = 8
|
||
601 | SBOX[5][4096] = 0x10002000; // 1000 (2, 0) = 9
|
||
602 | SBOX[5][4352] = 0x10200008; // 1100 (2, 1) = 14
|
||
603 | SBOX[5][4608] = 0x10202008; // 1200 (2, 2) = 15
|
||
604 | SBOX[5][4864] = 0x2008; // 1300 (2, 3) = 5
|
||
605 | SBOX[5][5120] = 0x200000; // 1400 (2, 4) = 2
|
||
606 | SBOX[5][5376] = 0x10000000; // 1500 (2, 5) = 8
|
||
607 | SBOX[5][5632] = 0x10000008; // 1600 (2, 6) = 12
|
||
608 | SBOX[5][5888] = 0x202000; // 1700 (2, 7) = 3
|
||
609 | SBOX[5][6144] = 0x202008; // 1800 (2, 8) = 7
|
||
610 | SBOX[5][6400] = 0x0; // 1900 (2, 9) = 0
|
||
611 | SBOX[5][6656] = 0x8; // 1a00 (2, 10) = 4
|
||
612 | SBOX[5][6912] = 0x10200000; // 1b00 (2, 11) = 10
|
||
613 | SBOX[5][7168] = 0x2000; // 1c00 (2, 12) = 1
|
||
614 | SBOX[5][7424] = 0x10002008; // 1d00 (2, 13) = 13
|
||
615 | SBOX[5][7680] = 0x10202000; // 1e00 (2, 14) = 11
|
||
616 | SBOX[5][7936] = 0x200008; // 1f00 (2, 15) = 6
|
||
617 | SBOX[5][4224] = 0x8; // 1080 (3, 0) = 4
|
||
618 | SBOX[5][4480] = 0x202000; // 1180 (3, 1) = 3
|
||
619 | SBOX[5][4736] = 0x200000; // 1280 (3, 2) = 2
|
||
620 | SBOX[5][4992] = 0x10000008; // 1380 (3, 3) = 12
|
||
621 | SBOX[5][5248] = 0x10002000; // 1480 (3, 4) = 9
|
||
622 | SBOX[5][5504] = 0x2008; // 1580 (3, 5) = 5
|
||
623 | SBOX[5][5760] = 0x10202008; // 1680 (3, 6) = 15
|
||
624 | SBOX[5][6016] = 0x10200000; // 1780 (3, 7) = 10
|
||
625 | SBOX[5][6272] = 0x10202000; // 1880 (3, 8) = 11
|
||
626 | SBOX[5][6528] = 0x10200008; // 1980 (3, 9) = 14
|
||
627 | SBOX[5][6784] = 0x2000; // 1a80 (3, 10) = 1
|
||
628 | SBOX[5][7040] = 0x202008; // 1b80 (3, 11) = 7
|
||
629 | SBOX[5][7296] = 0x200008; // 1c80 (3, 12) = 6
|
||
630 | SBOX[5][7552] = 0x0; // 1d80 (3, 13) = 0
|
||
631 | SBOX[5][7808] = 0x10000000; // 1e80 (3, 14) = 8
|
||
632 | SBOX[5][8064] = 0x10002008; // 1f80 (3, 15) = 13
|
||
633 | |||
634 | SBOX[6] = new Array(); |
||
635 | SBOX[6][0] = 0x100000; // 0 (0, 0) = 4
|
||
636 | SBOX[6][16] = 0x2000401; // 10 (0, 1) = 11
|
||
637 | SBOX[6][32] = 0x400; // 20 (0, 2) = 2
|
||
638 | SBOX[6][48] = 0x100401; // 30 (0, 3) = 14
|
||
639 | SBOX[6][64] = 0x2100401; // 40 (0, 4) = 15
|
||
640 | SBOX[6][80] = 0x0; // 50 (0, 5) = 0
|
||
641 | SBOX[6][96] = 0x1; // 60 (0, 6) = 8
|
||
642 | SBOX[6][112] = 0x2100001; // 70 (0, 7) = 13
|
||
643 | SBOX[6][128] = 0x2000400; // 80 (0, 8) = 3
|
||
644 | SBOX[6][144] = 0x100001; // 90 (0, 9) = 12
|
||
645 | SBOX[6][160] = 0x2000001; // a0 (0, 10) = 9
|
||
646 | SBOX[6][176] = 0x2100400; // b0 (0, 11) = 7
|
||
647 | SBOX[6][192] = 0x2100000; // c0 (0, 12) = 5
|
||
648 | SBOX[6][208] = 0x401; // d0 (0, 13) = 10
|
||
649 | SBOX[6][224] = 0x100400; // e0 (0, 14) = 6
|
||
650 | SBOX[6][240] = 0x2000000; // f0 (0, 15) = 1
|
||
651 | SBOX[6][8] = 0x2100001; // 8 (1, 0) = 13
|
||
652 | SBOX[6][24] = 0x0; // 18 (1, 1) = 0
|
||
653 | SBOX[6][40] = 0x2000401; // 28 (1, 2) = 11
|
||
654 | SBOX[6][56] = 0x2100400; // 38 (1, 3) = 7
|
||
655 | SBOX[6][72] = 0x100000; // 48 (1, 4) = 4
|
||
656 | SBOX[6][88] = 0x2000001; // 58 (1, 5) = 9
|
||
657 | SBOX[6][104] = 0x2000000; // 68 (1, 6) = 1
|
||
658 | SBOX[6][120] = 0x401; // 78 (1, 7) = 10
|
||
659 | SBOX[6][136] = 0x100401; // 88 (1, 8) = 14
|
||
660 | SBOX[6][152] = 0x2000400; // 98 (1, 9) = 3
|
||
661 | SBOX[6][168] = 0x2100000; // a8 (1, 10) = 5
|
||
662 | SBOX[6][184] = 0x100001; // b8 (1, 11) = 12
|
||
663 | SBOX[6][200] = 0x400; // c8 (1, 12) = 2
|
||
664 | SBOX[6][216] = 0x2100401; // d8 (1, 13) = 15
|
||
665 | SBOX[6][232] = 0x1; // e8 (1, 14) = 8
|
||
666 | SBOX[6][248] = 0x100400; // f8 (1, 15) = 6
|
||
667 | SBOX[6][256] = 0x2000000; // 100 (2, 0) = 1
|
||
668 | SBOX[6][272] = 0x100000; // 110 (2, 1) = 4
|
||
669 | SBOX[6][288] = 0x2000401; // 120 (2, 2) = 11
|
||
670 | SBOX[6][304] = 0x2100001; // 130 (2, 3) = 13
|
||
671 | SBOX[6][320] = 0x100001; // 140 (2, 4) = 12
|
||
672 | SBOX[6][336] = 0x2000400; // 150 (2, 5) = 3
|
||
673 | SBOX[6][352] = 0x2100400; // 160 (2, 6) = 7
|
||
674 | SBOX[6][368] = 0x100401; // 170 (2, 7) = 14
|
||
675 | SBOX[6][384] = 0x401; // 180 (2, 8) = 10
|
||
676 | SBOX[6][400] = 0x2100401; // 190 (2, 9) = 15
|
||
677 | SBOX[6][416] = 0x100400; // 1a0 (2, 10) = 6
|
||
678 | SBOX[6][432] = 0x1; // 1b0 (2, 11) = 8
|
||
679 | SBOX[6][448] = 0x0; // 1c0 (2, 12) = 0
|
||
680 | SBOX[6][464] = 0x2100000; // 1d0 (2, 13) = 5
|
||
681 | SBOX[6][480] = 0x2000001; // 1e0 (2, 14) = 9
|
||
682 | SBOX[6][496] = 0x400; // 1f0 (2, 15) = 2
|
||
683 | SBOX[6][264] = 0x100400; // 108 (3, 0) = 6
|
||
684 | SBOX[6][280] = 0x2000401; // 118 (3, 1) = 11
|
||
685 | SBOX[6][296] = 0x2100001; // 128 (3, 2) = 13
|
||
686 | SBOX[6][312] = 0x1; // 138 (3, 3) = 8
|
||
687 | SBOX[6][328] = 0x2000000; // 148 (3, 4) = 1
|
||
688 | SBOX[6][344] = 0x100000; // 158 (3, 5) = 4
|
||
689 | SBOX[6][360] = 0x401; // 168 (3, 6) = 10
|
||
690 | SBOX[6][376] = 0x2100400; // 178 (3, 7) = 7
|
||
691 | SBOX[6][392] = 0x2000001; // 188 (3, 8) = 9
|
||
692 | SBOX[6][408] = 0x2100000; // 198 (3, 9) = 5
|
||
693 | SBOX[6][424] = 0x0; // 1a8 (3, 10) = 0
|
||
694 | SBOX[6][440] = 0x2100401; // 1b8 (3, 11) = 15
|
||
695 | SBOX[6][456] = 0x100401; // 1c8 (3, 12) = 14
|
||
696 | SBOX[6][472] = 0x400; // 1d8 (3, 13) = 2
|
||
697 | SBOX[6][488] = 0x2000400; // 1e8 (3, 14) = 3
|
||
698 | SBOX[6][504] = 0x100001; // 1f8 (3, 15) = 12
|
||
699 | |||
700 | SBOX[7] = new Array(); |
||
701 | SBOX[7][0] = 0x8000820; // 0 (0, 0) = 13
|
||
702 | SBOX[7][1] = 0x20000; // 1 (0, 1) = 2
|
||
703 | SBOX[7][2] = 0x8000000; // 2 (0, 2) = 8
|
||
704 | SBOX[7][3] = 0x20; // 3 (0, 3) = 4
|
||
705 | SBOX[7][4] = 0x20020; // 4 (0, 4) = 6
|
||
706 | SBOX[7][5] = 0x8020820; // 5 (0, 5) = 15
|
||
707 | SBOX[7][6] = 0x8020800; // 6 (0, 6) = 11
|
||
708 | SBOX[7][7] = 0x800; // 7 (0, 7) = 1
|
||
709 | SBOX[7][8] = 0x8020000; // 8 (0, 8) = 10
|
||
710 | SBOX[7][9] = 0x8000800; // 9 (0, 9) = 9
|
||
711 | SBOX[7][10] = 0x20800; // a (0, 10) = 3
|
||
712 | SBOX[7][11] = 0x8020020; // b (0, 11) = 14
|
||
713 | SBOX[7][12] = 0x820; // c (0, 12) = 5
|
||
714 | SBOX[7][13] = 0x0; // d (0, 13) = 0
|
||
715 | SBOX[7][14] = 0x8000020; // e (0, 14) = 12
|
||
716 | SBOX[7][15] = 0x20820; // f (0, 15) = 7
|
||
717 | SBOX[7][-2147483648] = 0x800; // 80000000 (1, 0) = 1
|
||
718 | SBOX[7][-2147483647] = 0x8020820; // 80000001 (1, 1) = 15
|
||
719 | SBOX[7][-2147483646] = 0x8000820; // 80000002 (1, 2) = 13
|
||
720 | SBOX[7][-2147483645] = 0x8000000; // 80000003 (1, 3) = 8
|
||
721 | SBOX[7][-2147483644] = 0x8020000; // 80000004 (1, 4) = 10
|
||
722 | SBOX[7][-2147483643] = 0x20800; // 80000005 (1, 5) = 3
|
||
723 | SBOX[7][-2147483642] = 0x20820; // 80000006 (1, 6) = 7
|
||
724 | SBOX[7][-2147483641] = 0x20; // 80000007 (1, 7) = 4
|
||
725 | SBOX[7][-2147483640] = 0x8000020; // 80000008 (1, 8) = 12
|
||
726 | SBOX[7][-2147483639] = 0x820; // 80000009 (1, 9) = 5
|
||
727 | SBOX[7][-2147483638] = 0x20020; // 8000000a (1, 10) = 6
|
||
728 | SBOX[7][-2147483637] = 0x8020800; // 8000000b (1, 11) = 11
|
||
729 | SBOX[7][-2147483636] = 0x0; // 8000000c (1, 12) = 0
|
||
730 | SBOX[7][-2147483635] = 0x8020020; // 8000000d (1, 13) = 14
|
||
731 | SBOX[7][-2147483634] = 0x8000800; // 8000000e (1, 14) = 9
|
||
732 | SBOX[7][-2147483633] = 0x20000; // 8000000f (1, 15) = 2
|
||
733 | SBOX[7][16] = 0x20820; // 10 (2, 0) = 7
|
||
734 | SBOX[7][17] = 0x8020800; // 11 (2, 1) = 11
|
||
735 | SBOX[7][18] = 0x20; // 12 (2, 2) = 4
|
||
736 | SBOX[7][19] = 0x800; // 13 (2, 3) = 1
|
||
737 | SBOX[7][20] = 0x8000800; // 14 (2, 4) = 9
|
||
738 | SBOX[7][21] = 0x8000020; // 15 (2, 5) = 12
|
||
739 | SBOX[7][22] = 0x8020020; // 16 (2, 6) = 14
|
||
740 | SBOX[7][23] = 0x20000; // 17 (2, 7) = 2
|
||
741 | SBOX[7][24] = 0x0; // 18 (2, 8) = 0
|
||
742 | SBOX[7][25] = 0x20020; // 19 (2, 9) = 6
|
||
743 | SBOX[7][26] = 0x8020000; // 1a (2, 10) = 10
|
||
744 | SBOX[7][27] = 0x8000820; // 1b (2, 11) = 13
|
||
745 | SBOX[7][28] = 0x8020820; // 1c (2, 12) = 15
|
||
746 | SBOX[7][29] = 0x20800; // 1d (2, 13) = 3
|
||
747 | SBOX[7][30] = 0x820; // 1e (2, 14) = 5
|
||
748 | SBOX[7][31] = 0x8000000; // 1f (2, 15) = 8
|
||
749 | SBOX[7][-2147483632] = 0x20000; // 80000010 (3, 0) = 2
|
||
750 | SBOX[7][-2147483631] = 0x800; // 80000011 (3, 1) = 1
|
||
751 | SBOX[7][-2147483630] = 0x8020020; // 80000012 (3, 2) = 14
|
||
752 | SBOX[7][-2147483629] = 0x20820; // 80000013 (3, 3) = 7
|
||
753 | SBOX[7][-2147483628] = 0x20; // 80000014 (3, 4) = 4
|
||
754 | SBOX[7][-2147483627] = 0x8020000; // 80000015 (3, 5) = 10
|
||
755 | SBOX[7][-2147483626] = 0x8000000; // 80000016 (3, 6) = 8
|
||
756 | SBOX[7][-2147483625] = 0x8000820; // 80000017 (3, 7) = 13
|
||
757 | SBOX[7][-2147483624] = 0x8020820; // 80000018 (3, 8) = 15
|
||
758 | SBOX[7][-2147483623] = 0x8000020; // 80000019 (3, 9) = 12
|
||
759 | SBOX[7][-2147483622] = 0x8000800; // 8000001a (3, 10) = 9
|
||
760 | SBOX[7][-2147483621] = 0x0; // 8000001b (3, 11) = 0
|
||
761 | SBOX[7][-2147483620] = 0x20800; // 8000001c (3, 12) = 3
|
||
762 | SBOX[7][-2147483619] = 0x820; // 8000001d (3, 13) = 5
|
||
763 | SBOX[7][-2147483618] = 0x20020; // 8000001e (3, 14) = 6
|
||
764 | SBOX[7][-2147483617] = 0x8020800; // 8000001f (3, 15) = 11
|
||
765 | |||
766 | State.prototype._exchangeLR = function(v, m) { |
||
767 | var t = ((this.lhs >> v) ^ this.rhs) & m; |
||
768 | this.rhs ^= t; |
||
769 | this.lhs ^= (t << v); |
||
770 | }; |
||
771 | |||
772 | State.prototype._exchangeRL = function(v, m) { |
||
773 | var t = ((this.rhs >> v) ^ this.lhs) & m; |
||
774 | this.lhs ^= t; |
||
775 | this.rhs ^= (t << v); |
||
776 | }; |
||
777 | |||
778 | /**
|
||
779 | * Perform the initial permutation of the input to create the starting state
|
||
780 | * of the algorithm. The initial permutation maps each consecutive bit of
|
||
781 | * the input into a different byte of the state.
|
||
782 | *
|
||
783 | * <pre>
|
||
784 | * The initial permutation is defined to be:
|
||
785 | *
|
||
786 | * 58 50 42 34 26 18 10 2
|
||
787 | * 60 52 44 36 28 20 12 4
|
||
788 | * 62 54 46 38 30 22 14 6
|
||
789 | * 64 56 48 40 32 24 16 8
|
||
790 | * 57 49 41 33 25 17 9 1
|
||
791 | * 59 51 43 35 27 19 11 3
|
||
792 | * 61 53 45 37 29 21 13 5
|
||
793 | * 63 55 47 39 31 23 15 7
|
||
794 | * </pre>
|
||
795 | *
|
||
796 | *
|
||
797 | * @param message
|
||
798 | * The message as an array of unsigned bytes.
|
||
799 | * @param offset
|
||
800 | * The offset into the message that the current 64-bit block
|
||
801 | * begins.
|
||
802 | * @returns the initial engine state
|
||
803 | */ |
||
804 | State.prototype.initialPerm = function(message, offset) { |
||
805 | var input = message.slice(offset, offset + 8); |
||
806 | |||
807 | this.lhs = (input[0] << 24) + (input[1] << 16) + (input[2] << 8) |
||
808 | + input[3]; |
||
809 | this.rhs = (input[4] << 24) + (input[5] << 16) + (input[6] << 8) |
||
810 | + input[7]; |
||
811 | |||
812 | this._exchangeLR(4, 0x0f0f0f0f); |
||
813 | this._exchangeLR(16, 0x0000ffff); |
||
814 | this._exchangeRL(2, 0x33333333); |
||
815 | this._exchangeRL(8, 0x00ff00ff); |
||
816 | this._exchangeLR(1, 0x55555555); |
||
817 | }; |
||
818 | |||
819 | /**
|
||
820 | * Perform one round of the DES algorithm using the given key. A round is
|
||
821 | * defined as:
|
||
822 | *
|
||
823 | * <pre>
|
||
824 | * L&rsquo = R
|
||
825 | * R&rsquo = L ˆ f(R, k)
|
||
826 | * </pre>
|
||
827 | *
|
||
828 | * where f consists of expanding, XORing with the key and contracting back
|
||
829 | * with the SBOXes.
|
||
830 | *
|
||
831 | * Note that the final round is defined slightly differently as:
|
||
832 | *
|
||
833 | * <pre>
|
||
834 | * L&rsquo = L ˆ f(R, k)
|
||
835 | * R&rsquo = R
|
||
836 | * </pre>
|
||
837 | *
|
||
838 | * Therefore in the final round this function produces LHS and RHS the wrong
|
||
839 | * way around.
|
||
840 | *
|
||
841 | * @param k
|
||
842 | * the key
|
||
843 | */ |
||
844 | State.prototype.round = function(k) { |
||
845 | var r = this.rhs, l = this.lhs; |
||
846 | var f = 0; |
||
847 | for ( var i = 0; i < 8; i++) { |
||
848 | var v = (r ^ k[i]) & State.SBOX_MASK[i]; |
||
849 | f += State.SBOX[i][v]; |
||
850 | } |
||
851 | |||
852 | this.lhs = r; |
||
853 | this.rhs = l ^ f; |
||
854 | }; |
||
855 | |||
856 | /**
|
||
857 | * Apply the inverse of the initial permutation.
|
||
858 | *
|
||
859 | * <pre>
|
||
860 | * The inverse is defined to be:
|
||
861 | *
|
||
862 | * 40 8 48 16 56 24 64 32
|
||
863 | * 39 7 47 15 55 23 63 31
|
||
864 | * 38 6 46 14 54 22 62 30
|
||
865 | * 37 5 45 13 53 21 61 29
|
||
866 | * 36 4 44 12 52 20 60 28
|
||
867 | * 35 3 43 11 51 19 59 27
|
||
868 | * 34 2 42 10 50 18 58 26
|
||
869 | * 33 1 41 9 49 17 57 25
|
||
870 | * </pre>
|
||
871 | *
|
||
872 | * @param cipherText
|
||
873 | * @param offset
|
||
874 | */ |
||
875 | State.prototype.finalPerm = function(cipherText, offset) { |
||
876 | var t = this.lhs; |
||
877 | this.lhs = this.rhs; |
||
878 | this.rhs = t; |
||
879 | |||
880 | this._exchangeLR(1, 0x55555555); |
||
881 | this._exchangeRL(8, 0x00ff00ff); |
||
882 | this._exchangeRL(2, 0x33333333); |
||
883 | this._exchangeLR(16, 0x0000ffff); |
||
884 | this._exchangeLR(4, 0x0f0f0f0f); |
||
885 | |||
886 | cipherText[offset] = (this.lhs >> 24) & 0xff; |
||
887 | cipherText[offset + 1] = (this.lhs >> 16) & 0xff; |
||
888 | cipherText[offset + 2] = (this.lhs >> 8) & 0xff; |
||
889 | cipherText[offset + 3] = (this.lhs) & 0xff; |
||
890 | cipherText[offset + 4] = (this.rhs >> 24) & 0xff; |
||
891 | cipherText[offset + 5] = (this.rhs >> 16) & 0xff; |
||
892 | cipherText[offset + 6] = (this.rhs >> 8) & 0xff; |
||
893 | cipherText[offset + 7] = (this.rhs) & 0xff; |
||
894 | }; |
||
895 | |||
896 | /**
|
||
897 | * DES cipher
|
||
898 | */ |
||
899 | var DES = C.DES = { |
||
900 | _blocksize : 2, |
||
901 | |||
902 | _keyschedule : null, |
||
903 | |||
904 | _state : new State(), |
||
905 | |||
906 | _init : function(k) { |
||
907 | this._keyschedule = new KeySchedule(k); |
||
908 | }, |
||
909 | |||
910 | encrypt : function(message, password, options) { |
||
911 | |||
912 | options = options || {}; |
||
913 | |||
914 | // Determine mode
|
||
915 | var mode = options.mode || new C.mode.OFB; |
||
916 | |||
917 | // Allow mode to override options
|
||
918 | if (mode.fixOptions) |
||
919 | mode.fixOptions(options); |
||
920 | |||
921 | var |
||
922 | // Convert to bytes if message is a string
|
||
923 | m = (message.constructor == String ? UTF8.stringToBytes(message) |
||
924 | : message), |
||
925 | |||
926 | // Generate random IV
|
||
927 | iv = options.iv || util.randomBytes(8), |
||
928 | |||
929 | // Generate key
|
||
930 | k = (password.constructor == String ? |
||
931 | // Derive key from passphrase
|
||
932 | C.PBKDF2(password, iv, 8, { |
||
933 | asBytes : true |
||
934 | }) : |
||
935 | // else, assume byte array representing cryptographic key
|
||
936 | password); |
||
937 | |||
938 | // Create key schedule
|
||
939 | this._keyschedule = new KeySchedule(k); |
||
940 | |||
941 | // Encrypt
|
||
942 | mode.encrypt(DES, m, iv); |
||
943 | |||
944 | // Return ciphertext
|
||
945 | m = options.iv ? m : iv.concat(m); |
||
946 | return (options && options.asBytes) ? m : util.bytesToBase64(m); |
||
947 | }, |
||
948 | |||
949 | _encryptblock : function(message, offset) { |
||
950 | this._state.initialPerm(message, offset); |
||
951 | for ( var i = 0; i <= 15; i++) { |
||
952 | this._state.round(this._keyschedule.getKey(i)); |
||
953 | } |
||
954 | this._state.finalPerm(message, offset); |
||
955 | }, |
||
956 | |||
957 | decrypt : function(ciphertext, password, options) { |
||
958 | options = options || {}; |
||
959 | |||
960 | // Determine mode
|
||
961 | var mode = options.mode || new C.mode.OFB; |
||
962 | |||
963 | // Allow mode to override options
|
||
964 | if (mode.fixOptions) |
||
965 | mode.fixOptions(options); |
||
966 | |||
967 | var |
||
968 | |||
969 | // Convert to bytes if ciphertext is a string
|
||
970 | c = (ciphertext.constructor == String ? util |
||
971 | .base64ToBytes(ciphertext) : ciphertext), |
||
972 | |||
973 | // Separate IV and message
|
||
974 | iv = options.iv || c.splice(0, 8), |
||
975 | |||
976 | // Generate key
|
||
977 | k = (password.constructor == String ? |
||
978 | // Derive key from passphrase
|
||
979 | C.PBKDF2(password, iv, 32, { |
||
980 | asBytes : true |
||
981 | }) : |
||
982 | // else, assume byte array representing cryptographic key
|
||
983 | password); |
||
984 | |||
985 | // Create key schedule
|
||
986 | this._keyschedule = new KeySchedule(k); |
||
987 | |||
988 | mode.decrypt(DES, c, iv); |
||
989 | |||
990 | // Return plaintext
|
||
991 | return (options && options.asBytes) ? c : UTF8.bytesToString(c); |
||
992 | }, |
||
993 | |||
994 | _decryptblock : function(message, offset) { |
||
995 | this._state.initialPerm(message, offset); |
||
996 | for ( var i = 15; i >= 0; i--) { |
||
997 | this._state.round(this._keyschedule.getKey(i)); |
||
998 | } |
||
999 | this._state.finalPerm(message, offset); |
||
1000 | } |
||
1001 | |||
1002 | }; |
||
1003 | })(); |