xhacker-zzz
2 years ago
10 changed files with 7 additions and 784 deletions
@ -1,29 +0,0 @@ |
|||
import fs from 'fs'; |
|||
import { QmcDecoder } from '@/decrypt/qmc'; |
|||
import { BytesEqual } from '@/decrypt/utils'; |
|||
|
|||
function loadTestDataDecoder(name: string): { |
|||
cipherText: Uint8Array; |
|||
clearText: Uint8Array; |
|||
} { |
|||
const cipherBody = fs.readFileSync(`./testdata/${name}_raw.bin`); |
|||
const cipherSuffix = fs.readFileSync(`./testdata/${name}_suffix.bin`); |
|||
const cipherText = new Uint8Array(cipherBody.length + cipherSuffix.length); |
|||
cipherText.set(cipherBody); |
|||
cipherText.set(cipherSuffix, cipherBody.length); |
|||
return { |
|||
cipherText, |
|||
clearText: fs.readFileSync(`testdata/${name}_target.bin`), |
|||
}; |
|||
} |
|||
|
|||
test('qmc: real file', async () => { |
|||
const cases = ['mflac0_rc4', 'mflac_rc4', 'mflac_map', 'mgg_map', 'qmc0_static']; |
|||
for (const name of cases) { |
|||
const { clearText, cipherText } = loadTestDataDecoder(name); |
|||
const c = new QmcDecoder(cipherText); |
|||
const buf = c.decrypt(); |
|||
|
|||
expect(BytesEqual(buf, clearText)).toBeTruthy(); |
|||
} |
|||
}); |
@ -1,117 +0,0 @@ |
|||
import { QmcMapCipher, QmcRC4Cipher, QmcStaticCipher } from '@/decrypt/qmc_cipher'; |
|||
import fs from 'fs'; |
|||
|
|||
test('static cipher [0x7ff8,0x8000) ', () => { |
|||
//prettier-ignore
|
|||
const expected = new Uint8Array([ |
|||
0xD8, 0x52, 0xF7, 0x67, 0x90, 0xCA, 0xD6, 0x4A, |
|||
0x4A, 0xD6, 0xCA, 0x90, 0x67, 0xF7, 0x52, 0xD8, |
|||
]) |
|||
|
|||
const c = new QmcStaticCipher(); |
|||
const buf = new Uint8Array(16); |
|||
c.decrypt(buf, 0x7ff8); |
|||
|
|||
expect(buf).toStrictEqual(expected); |
|||
}); |
|||
|
|||
test('static cipher [0,0x10) ', () => { |
|||
//prettier-ignore
|
|||
const expected = new Uint8Array([ |
|||
0xC3, 0x4A, 0xD6, 0xCA, 0x90, 0x67, 0xF7, 0x52, |
|||
0xD8, 0xA1, 0x66, 0x62, 0x9F, 0x5B, 0x09, 0x00, |
|||
]) |
|||
|
|||
const c = new QmcStaticCipher(); |
|||
const buf = new Uint8Array(16); |
|||
c.decrypt(buf, 0); |
|||
|
|||
expect(buf).toStrictEqual(expected); |
|||
}); |
|||
|
|||
test('map cipher: get mask', () => { |
|||
//prettier-ignore
|
|||
const expected = new Uint8Array([ |
|||
0xBB, 0x7D, 0x80, 0xBE, 0xFF, 0x38, 0x81, 0xFB, |
|||
0xBB, 0xFF, 0x82, 0x3C, 0xFF, 0xBA, 0x83, 0x79, |
|||
]) |
|||
const key = new Uint8Array(256); |
|||
for (let i = 0; i < 256; i++) key[i] = i; |
|||
const buf = new Uint8Array(16); |
|||
|
|||
const c = new QmcMapCipher(key); |
|||
c.decrypt(buf, 0); |
|||
expect(buf).toStrictEqual(expected); |
|||
}); |
|||
|
|||
function loadTestDataCipher(name: string): { |
|||
key: Uint8Array; |
|||
cipherText: Uint8Array; |
|||
clearText: Uint8Array; |
|||
} { |
|||
return { |
|||
key: fs.readFileSync(`testdata/${name}_key.bin`), |
|||
cipherText: fs.readFileSync(`testdata/${name}_raw.bin`), |
|||
clearText: fs.readFileSync(`testdata/${name}_target.bin`), |
|||
}; |
|||
} |
|||
|
|||
test('map cipher: real file', async () => { |
|||
const cases = ['mflac_map', 'mgg_map']; |
|||
for (const name of cases) { |
|||
const { key, clearText, cipherText } = loadTestDataCipher(name); |
|||
const c = new QmcMapCipher(key); |
|||
|
|||
c.decrypt(cipherText, 0); |
|||
|
|||
expect(cipherText).toStrictEqual(clearText); |
|||
} |
|||
}); |
|||
|
|||
test('rc4 cipher: real file', async () => { |
|||
const cases = ['mflac0_rc4', 'mflac_rc4']; |
|||
for (const name of cases) { |
|||
const { key, clearText, cipherText } = loadTestDataCipher(name); |
|||
const c = new QmcRC4Cipher(key); |
|||
|
|||
c.decrypt(cipherText, 0); |
|||
|
|||
expect(cipherText).toStrictEqual(clearText); |
|||
} |
|||
}); |
|||
|
|||
test('rc4 cipher: first segment', async () => { |
|||
const cases = ['mflac0_rc4', 'mflac_rc4']; |
|||
for (const name of cases) { |
|||
const { key, clearText, cipherText } = loadTestDataCipher(name); |
|||
const c = new QmcRC4Cipher(key); |
|||
|
|||
const buf = cipherText.slice(0, 128); |
|||
c.decrypt(buf, 0); |
|||
expect(buf).toStrictEqual(clearText.slice(0, 128)); |
|||
} |
|||
}); |
|||
|
|||
test('rc4 cipher: align block (128~5120)', async () => { |
|||
const cases = ['mflac0_rc4', 'mflac_rc4']; |
|||
for (const name of cases) { |
|||
const { key, clearText, cipherText } = loadTestDataCipher(name); |
|||
const c = new QmcRC4Cipher(key); |
|||
|
|||
const buf = cipherText.slice(128, 5120); |
|||
c.decrypt(buf, 128); |
|||
expect(buf).toStrictEqual(clearText.slice(128, 5120)); |
|||
} |
|||
}); |
|||
|
|||
test('rc4 cipher: simple block (5120~10240)', async () => { |
|||
const cases = ['mflac0_rc4', 'mflac_rc4']; |
|||
for (const name of cases) { |
|||
const { key, clearText, cipherText } = loadTestDataCipher(name); |
|||
const c = new QmcRC4Cipher(key); |
|||
|
|||
const buf = cipherText.slice(5120, 10240); |
|||
c.decrypt(buf, 5120); |
|||
expect(buf).toStrictEqual(clearText.slice(5120, 10240)); |
|||
} |
|||
}); |
@ -1,199 +0,0 @@ |
|||
export interface QmcStreamCipher { |
|||
decrypt(buf: Uint8Array, offset: number): void; |
|||
} |
|||
|
|||
export class QmcStaticCipher implements QmcStreamCipher { |
|||
//prettier-ignore
|
|||
private static readonly staticCipherBox: Uint8Array = new Uint8Array([ |
|||
0x77, 0x48, 0x32, 0x73, 0xDE, 0xF2, 0xC0, 0xC8, //0x00
|
|||
0x95, 0xEC, 0x30, 0xB2, 0x51, 0xC3, 0xE1, 0xA0, //0x08
|
|||
0x9E, 0xE6, 0x9D, 0xCF, 0xFA, 0x7F, 0x14, 0xD1, //0x10
|
|||
0xCE, 0xB8, 0xDC, 0xC3, 0x4A, 0x67, 0x93, 0xD6, //0x18
|
|||
0x28, 0xC2, 0x91, 0x70, 0xCA, 0x8D, 0xA2, 0xA4, //0x20
|
|||
0xF0, 0x08, 0x61, 0x90, 0x7E, 0x6F, 0xA2, 0xE0, //0x28
|
|||
0xEB, 0xAE, 0x3E, 0xB6, 0x67, 0xC7, 0x92, 0xF4, //0x30
|
|||
0x91, 0xB5, 0xF6, 0x6C, 0x5E, 0x84, 0x40, 0xF7, //0x38
|
|||
0xF3, 0x1B, 0x02, 0x7F, 0xD5, 0xAB, 0x41, 0x89, //0x40
|
|||
0x28, 0xF4, 0x25, 0xCC, 0x52, 0x11, 0xAD, 0x43, //0x48
|
|||
0x68, 0xA6, 0x41, 0x8B, 0x84, 0xB5, 0xFF, 0x2C, //0x50
|
|||
0x92, 0x4A, 0x26, 0xD8, 0x47, 0x6A, 0x7C, 0x95, //0x58
|
|||
0x61, 0xCC, 0xE6, 0xCB, 0xBB, 0x3F, 0x47, 0x58, //0x60
|
|||
0x89, 0x75, 0xC3, 0x75, 0xA1, 0xD9, 0xAF, 0xCC, //0x68
|
|||
0x08, 0x73, 0x17, 0xDC, 0xAA, 0x9A, 0xA2, 0x16, //0x70
|
|||
0x41, 0xD8, 0xA2, 0x06, 0xC6, 0x8B, 0xFC, 0x66, //0x78
|
|||
0x34, 0x9F, 0xCF, 0x18, 0x23, 0xA0, 0x0A, 0x74, //0x80
|
|||
0xE7, 0x2B, 0x27, 0x70, 0x92, 0xE9, 0xAF, 0x37, //0x88
|
|||
0xE6, 0x8C, 0xA7, 0xBC, 0x62, 0x65, 0x9C, 0xC2, //0x90
|
|||
0x08, 0xC9, 0x88, 0xB3, 0xF3, 0x43, 0xAC, 0x74, //0x98
|
|||
0x2C, 0x0F, 0xD4, 0xAF, 0xA1, 0xC3, 0x01, 0x64, //0xA0
|
|||
0x95, 0x4E, 0x48, 0x9F, 0xF4, 0x35, 0x78, 0x95, //0xA8
|
|||
0x7A, 0x39, 0xD6, 0x6A, 0xA0, 0x6D, 0x40, 0xE8, //0xB0
|
|||
0x4F, 0xA8, 0xEF, 0x11, 0x1D, 0xF3, 0x1B, 0x3F, //0xB8
|
|||
0x3F, 0x07, 0xDD, 0x6F, 0x5B, 0x19, 0x30, 0x19, //0xC0
|
|||
0xFB, 0xEF, 0x0E, 0x37, 0xF0, 0x0E, 0xCD, 0x16, //0xC8
|
|||
0x49, 0xFE, 0x53, 0x47, 0x13, 0x1A, 0xBD, 0xA4, //0xD0
|
|||
0xF1, 0x40, 0x19, 0x60, 0x0E, 0xED, 0x68, 0x09, //0xD8
|
|||
0x06, 0x5F, 0x4D, 0xCF, 0x3D, 0x1A, 0xFE, 0x20, //0xE0
|
|||
0x77, 0xE4, 0xD9, 0xDA, 0xF9, 0xA4, 0x2B, 0x76, //0xE8
|
|||
0x1C, 0x71, 0xDB, 0x00, 0xBC, 0xFD, 0x0C, 0x6C, //0xF0
|
|||
0xA5, 0x47, 0xF7, 0xF6, 0x00, 0x79, 0x4A, 0x11, //0xF8
|
|||
]) |
|||
|
|||
public getMask(offset: number) { |
|||
if (offset > 0x7fff) offset %= 0x7fff; |
|||
return QmcStaticCipher.staticCipherBox[(offset * offset + 27) & 0xff]; |
|||
} |
|||
|
|||
public decrypt(buf: Uint8Array, offset: number) { |
|||
for (let i = 0; i < buf.length; i++) { |
|||
buf[i] ^= this.getMask(offset + i); |
|||
} |
|||
} |
|||
} |
|||
|
|||
export class QmcMapCipher implements QmcStreamCipher { |
|||
key: Uint8Array; |
|||
n: number; |
|||
|
|||
constructor(key: Uint8Array) { |
|||
if (key.length == 0) throw Error('qmc/cipher_map: invalid key size'); |
|||
|
|||
this.key = key; |
|||
this.n = key.length; |
|||
} |
|||
|
|||
private static rotate(value: number, bits: number) { |
|||
let rotate = (bits + 4) % 8; |
|||
let left = value << rotate; |
|||
let right = value >> rotate; |
|||
return (left | right) & 0xff; |
|||
} |
|||
|
|||
decrypt(buf: Uint8Array, offset: number): void { |
|||
for (let i = 0; i < buf.length; i++) { |
|||
buf[i] ^= this.getMask(offset + i); |
|||
} |
|||
} |
|||
|
|||
private getMask(offset: number) { |
|||
if (offset > 0x7fff) offset %= 0x7fff; |
|||
|
|||
const idx = (offset * offset + 71214) % this.n; |
|||
return QmcMapCipher.rotate(this.key[idx], idx & 0x7); |
|||
} |
|||
} |
|||
|
|||
export class QmcRC4Cipher implements QmcStreamCipher { |
|||
private static readonly FIRST_SEGMENT_SIZE = 0x80; |
|||
private static readonly SEGMENT_SIZE = 5120; |
|||
|
|||
S: Uint8Array; |
|||
N: number; |
|||
key: Uint8Array; |
|||
hash: number; |
|||
|
|||
constructor(key: Uint8Array) { |
|||
if (key.length == 0) { |
|||
throw Error('invalid key size'); |
|||
} |
|||
|
|||
this.key = key; |
|||
this.N = key.length; |
|||
|
|||
// init seed box
|
|||
this.S = new Uint8Array(this.N); |
|||
for (let i = 0; i < this.N; ++i) { |
|||
this.S[i] = i & 0xff; |
|||
} |
|||
let j = 0; |
|||
for (let i = 0; i < this.N; ++i) { |
|||
j = (this.S[i] + j + this.key[i % this.N]) % this.N; |
|||
[this.S[i], this.S[j]] = [this.S[j], this.S[i]]; |
|||
} |
|||
|
|||
// init hash base
|
|||
this.hash = 1; |
|||
for (let i = 0; i < this.N; i++) { |
|||
let value = this.key[i]; |
|||
|
|||
// ignore if key char is '\x00'
|
|||
if (!value) continue; |
|||
|
|||
const next_hash = (this.hash * value) >>> 0; |
|||
if (next_hash == 0 || next_hash <= this.hash) break; |
|||
|
|||
this.hash = next_hash; |
|||
} |
|||
} |
|||
|
|||
decrypt(buf: Uint8Array, offset: number): void { |
|||
let toProcess = buf.length; |
|||
let processed = 0; |
|||
const postProcess = (len: number): boolean => { |
|||
toProcess -= len; |
|||
processed += len; |
|||
offset += len; |
|||
return toProcess == 0; |
|||
}; |
|||
|
|||
// Initial segment
|
|||
if (offset < QmcRC4Cipher.FIRST_SEGMENT_SIZE) { |
|||
const len_segment = Math.min(buf.length, QmcRC4Cipher.FIRST_SEGMENT_SIZE - offset); |
|||
this.encFirstSegment(buf.subarray(0, len_segment), offset); |
|||
if (postProcess(len_segment)) return; |
|||
} |
|||
|
|||
// align segment
|
|||
if (offset % QmcRC4Cipher.SEGMENT_SIZE != 0) { |
|||
const len_segment = Math.min(QmcRC4Cipher.SEGMENT_SIZE - (offset % QmcRC4Cipher.SEGMENT_SIZE), toProcess); |
|||
this.encASegment(buf.subarray(processed, processed + len_segment), offset); |
|||
if (postProcess(len_segment)) return; |
|||
} |
|||
|
|||
// Batch process segments
|
|||
while (toProcess > QmcRC4Cipher.SEGMENT_SIZE) { |
|||
this.encASegment(buf.subarray(processed, processed + QmcRC4Cipher.SEGMENT_SIZE), offset); |
|||
postProcess(QmcRC4Cipher.SEGMENT_SIZE); |
|||
} |
|||
|
|||
// Last segment (incomplete segment)
|
|||
if (toProcess > 0) { |
|||
this.encASegment(buf.subarray(processed), offset); |
|||
} |
|||
} |
|||
|
|||
private encFirstSegment(buf: Uint8Array, offset: number) { |
|||
for (let i = 0; i < buf.length; i++) { |
|||
buf[i] ^= this.key[this.getSegmentKey(offset + i)]; |
|||
} |
|||
} |
|||
|
|||
private encASegment(buf: Uint8Array, offset: number) { |
|||
// Initialise a new seed box
|
|||
const S = this.S.slice(0); |
|||
|
|||
// Calculate the number of bytes to skip.
|
|||
// The initial "key" derived from segment id, plus the current offset.
|
|||
const skipLen = |
|||
(offset % QmcRC4Cipher.SEGMENT_SIZE) + this.getSegmentKey(Math.floor(offset / QmcRC4Cipher.SEGMENT_SIZE)); |
|||
|
|||
// decrypt the block
|
|||
let j = 0; |
|||
let k = 0; |
|||
for (let i = -skipLen; i < buf.length; i++) { |
|||
j = (j + 1) % this.N; |
|||
k = (S[j] + k) % this.N; |
|||
[S[k], S[j]] = [S[j], S[k]]; |
|||
|
|||
if (i >= 0) { |
|||
buf[i] ^= S[(S[j] + S[k]) % this.N]; |
|||
} |
|||
} |
|||
} |
|||
|
|||
private getSegmentKey(id: number): number { |
|||
const seed = this.key[id % this.N]; |
|||
const idx = Math.floor((this.hash / ((id + 1) * seed)) * 100.0); |
|||
return idx % this.N; |
|||
} |
|||
} |
@ -1,26 +0,0 @@ |
|||
import { QmcDeriveKey, simpleMakeKey } from '@/decrypt/qmc_key'; |
|||
import fs from 'fs'; |
|||
|
|||
test('key dec: make simple key', () => { |
|||
expect(simpleMakeKey(106, 8)).toStrictEqual([0x69, 0x56, 0x46, 0x38, 0x2b, 0x20, 0x15, 0x0b]); |
|||
}); |
|||
|
|||
function loadTestDataKeyDecrypt(name: string): { |
|||
cipherText: Uint8Array; |
|||
clearText: Uint8Array; |
|||
} { |
|||
return { |
|||
cipherText: fs.readFileSync(`testdata/${name}_key_raw.bin`), |
|||
clearText: fs.readFileSync(`testdata/${name}_key.bin`), |
|||
}; |
|||
} |
|||
|
|||
test('key dec: real file', async () => { |
|||
const cases = ['mflac_map', 'mgg_map', 'mflac0_rc4', 'mflac_rc4']; |
|||
for (const name of cases) { |
|||
const { clearText, cipherText } = loadTestDataKeyDecrypt(name); |
|||
const buf = QmcDeriveKey(cipherText); |
|||
|
|||
expect(buf).toStrictEqual(clearText); |
|||
} |
|||
}); |
@ -1,127 +0,0 @@ |
|||
import { TeaCipher } from '@/utils/tea'; |
|||
|
|||
const SALT_LEN = 2; |
|||
const ZERO_LEN = 7; |
|||
|
|||
export function QmcDeriveKey(raw: Uint8Array): Uint8Array { |
|||
const textDec = new TextDecoder(); |
|||
let rawDec = Buffer.from(textDec.decode(raw), 'base64'); |
|||
let n = rawDec.length; |
|||
if (n < 16) { |
|||
throw Error('key length is too short'); |
|||
} |
|||
|
|||
rawDec = decryptV2Key(rawDec); |
|||
|
|||
const simpleKey = simpleMakeKey(106, 8); |
|||
let teaKey = new Uint8Array(16); |
|||
for (let i = 0; i < 8; i++) { |
|||
teaKey[i << 1] = simpleKey[i]; |
|||
teaKey[(i << 1) + 1] = rawDec[i]; |
|||
} |
|||
const sub = decryptTencentTea(rawDec.subarray(8), teaKey); |
|||
rawDec.set(sub, 8); |
|||
return rawDec.subarray(0, 8 + sub.length); |
|||
} |
|||
|
|||
// simpleMakeKey exported only for unit test
|
|||
export function simpleMakeKey(salt: number, length: number): number[] { |
|||
const keyBuf: number[] = []; |
|||
for (let i = 0; i < length; i++) { |
|||
const tmp = Math.tan(salt + i * 0.1); |
|||
keyBuf[i] = 0xff & (Math.abs(tmp) * 100.0); |
|||
} |
|||
return keyBuf; |
|||
} |
|||
|
|||
const mixKey1: Uint8Array = new Uint8Array([ 0x33, 0x38, 0x36, 0x5A, 0x4A, 0x59, 0x21, 0x40, 0x23, 0x2A, 0x24, 0x25, 0x5E, 0x26, 0x29, 0x28 ]) |
|||
const mixKey2: Uint8Array = new Uint8Array([ 0x2A, 0x2A, 0x23, 0x21, 0x28, 0x23, 0x24, 0x25, 0x26, 0x5E, 0x61, 0x31, 0x63, 0x5A, 0x2C, 0x54 ]) |
|||
|
|||
function decryptV2Key(key: Buffer): Buffer |
|||
{ |
|||
const textEnc = new TextDecoder(); |
|||
if (key.length < 18 || textEnc.decode(key.slice(0, 18)) !== 'QQMusic EncV2,Key:') { |
|||
return key; |
|||
} |
|||
|
|||
let out = decryptTencentTea(key.slice(18), mixKey1); |
|||
out = decryptTencentTea(out, mixKey2); |
|||
const textDec = new TextDecoder(); |
|||
const keyDec = Buffer.from(textDec.decode(out), 'base64'); |
|||
let n = keyDec.length; |
|||
if (n < 16) { |
|||
throw Error('EncV2 key decode failed'); |
|||
} |
|||
|
|||
return keyDec; |
|||
} |
|||
|
|||
function decryptTencentTea(inBuf: Uint8Array, key: Uint8Array): Uint8Array { |
|||
if (inBuf.length % 8 != 0) { |
|||
throw Error('inBuf size not a multiple of the block size'); |
|||
} |
|||
if (inBuf.length < 16) { |
|||
throw Error('inBuf size too small'); |
|||
} |
|||
|
|||
const blk = new TeaCipher(key, 32); |
|||
|
|||
const tmpBuf = new Uint8Array(8); |
|||
const tmpView = new DataView(tmpBuf.buffer); |
|||
|
|||
blk.decrypt(tmpView, new DataView(inBuf.buffer, inBuf.byteOffset, 8)); |
|||
|
|||
const nPadLen = tmpBuf[0] & 0x7; //只要最低三位
|
|||
/*密文格式:PadLen(1byte)+Padding(var,0-7byte)+Salt(2byte)+Body(var byte)+Zero(7byte)*/ |
|||
const outLen = inBuf.length - 1 /*PadLen*/ - nPadLen - SALT_LEN - ZERO_LEN; |
|||
const outBuf = new Uint8Array(outLen); |
|||
|
|||
let ivPrev = new Uint8Array(8); |
|||
let ivCur = inBuf.slice(0, 8); // init iv
|
|||
let inBufPos = 8; |
|||
|
|||
// 跳过 Padding Len 和 Padding
|
|||
let tmpIdx = 1 + nPadLen; |
|||
|
|||
// CBC IV 处理
|
|||
const cryptBlock = () => { |
|||
ivPrev = ivCur; |
|||
ivCur = inBuf.slice(inBufPos, inBufPos + 8); |
|||
for (let j = 0; j < 8; j++) { |
|||
tmpBuf[j] ^= ivCur[j]; |
|||
} |
|||
blk.decrypt(tmpView, tmpView); |
|||
inBufPos += 8; |
|||
tmpIdx = 0; |
|||
}; |
|||
|
|||
// 跳过 Salt
|
|||
for (let i = 1; i <= SALT_LEN; ) { |
|||
if (tmpIdx < 8) { |
|||
tmpIdx++; |
|||
i++; |
|||
} else { |
|||
cryptBlock(); |
|||
} |
|||
} |
|||
|
|||
// 还原明文
|
|||
let outBufPos = 0; |
|||
while (outBufPos < outLen) { |
|||
if (tmpIdx < 8) { |
|||
outBuf[outBufPos] = tmpBuf[tmpIdx] ^ ivPrev[tmpIdx]; |
|||
outBufPos++; |
|||
tmpIdx++; |
|||
} else { |
|||
cryptBlock(); |
|||
} |
|||
} |
|||
|
|||
// 校验Zero
|
|||
for (let i = 1; i <= ZERO_LEN; i++) { |
|||
if (tmpBuf[tmpIdx] != ivPrev[tmpIdx]) { |
|||
throw Error('zero check failed'); |
|||
} |
|||
} |
|||
return outBuf; |
|||
} |
@ -1,73 +0,0 @@ |
|||
// Copyright 2021 MengYX. All rights reserved.
|
|||
//
|
|||
// Copyright 2015 The Go Authors. All rights reserved.
|
|||
// Use of this source code is governed by a BSD-style
|
|||
// license that can be found in https://go.dev/LICENSE.
|
|||
|
|||
import { TeaCipher } from '@/utils/tea'; |
|||
|
|||
test('key size', () => { |
|||
// prettier-ignore
|
|||
const testKey = new Uint8Array([ |
|||
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, |
|||
0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, |
|||
0x00, |
|||
]) |
|||
expect(() => new TeaCipher(testKey.slice(0, 16))).not.toThrow(); |
|||
|
|||
expect(() => new TeaCipher(testKey)).toThrow(); |
|||
|
|||
expect(() => new TeaCipher(testKey.slice(0, 15))).toThrow(); |
|||
}); |
|||
|
|||
// prettier-ignore
|
|||
const teaTests = [ |
|||
// These were sourced from https://github.com/froydnj/ironclad/blob/master/testing/test-vectors/tea.testvec
|
|||
{ |
|||
rounds: TeaCipher.numRounds, |
|||
key: new Uint8Array([ |
|||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|||
]), |
|||
plainText: new Uint8Array([0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]), |
|||
cipherText: new Uint8Array([0x41, 0xea, 0x3a, 0x0a, 0x94, 0xba, 0xa9, 0x40]), |
|||
}, |
|||
{ |
|||
rounds: TeaCipher.numRounds, |
|||
key: new Uint8Array([ |
|||
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|||
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|||
]), |
|||
plainText: new Uint8Array([0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff]), |
|||
cipherText: new Uint8Array([0x31, 0x9b, 0xbe, 0xfb, 0x01, 0x6a, 0xbd, 0xb2]), |
|||
}, |
|||
{ |
|||
rounds: 16, |
|||
key: new Uint8Array([ |
|||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|||
]), |
|||
plainText: new Uint8Array([0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]), |
|||
cipherText: new Uint8Array([0xed, 0x28, 0x5d, 0xa1, 0x45, 0x5b, 0x33, 0xc1]), |
|||
}, |
|||
]; |
|||
|
|||
test('rounds', () => { |
|||
const tt = teaTests[0]; |
|||
expect(() => new TeaCipher(tt.key, tt.rounds - 1)).toThrow(); |
|||
}); |
|||
|
|||
test('encrypt & decrypt', () => { |
|||
for (const tt of teaTests) { |
|||
const c = new TeaCipher(tt.key, tt.rounds); |
|||
|
|||
const buf = new Uint8Array(8); |
|||
const bufView = new DataView(buf.buffer); |
|||
|
|||
c.encrypt(bufView, new DataView(tt.plainText.buffer)); |
|||
expect(buf).toStrictEqual(tt.cipherText); |
|||
|
|||
c.decrypt(bufView, new DataView(tt.cipherText.buffer)); |
|||
expect(buf).toStrictEqual(tt.plainText); |
|||
} |
|||
}); |
@ -1,80 +0,0 @@ |
|||
// Copyright 2021 MengYX. All rights reserved.
|
|||
//
|
|||
// Copyright 2015 The Go Authors. All rights reserved.
|
|||
// Use of this source code is governed by a BSD-style
|
|||
// license that can be found in https://go.dev/LICENSE.
|
|||
|
|||
// TeaCipher is a typescript port to golang.org/x/crypto/tea
|
|||
|
|||
// Package tea implements the TEA algorithm, as defined in Needham and
|
|||
// Wheeler's 1994 technical report, “TEA, a Tiny Encryption Algorithm”. See
|
|||
// http://www.cix.co.uk/~klockstone/tea.pdf for details.
|
|||
//
|
|||
// TEA is a legacy cipher and its short block size makes it vulnerable to
|
|||
// birthday bound attacks (see https://sweet32.info). It should only be used
|
|||
// where compatibility with legacy systems, not security, is the goal.
|
|||
|
|||
export class TeaCipher { |
|||
// BlockSize is the size of a TEA block, in bytes.
|
|||
static readonly BlockSize = 8; |
|||
|
|||
// KeySize is the size of a TEA key, in bytes.
|
|||
static readonly KeySize = 16; |
|||
|
|||
// delta is the TEA key schedule constant.
|
|||
static readonly delta = 0x9e3779b9; |
|||
|
|||
// numRounds 64 is the standard number of rounds in TEA.
|
|||
static readonly numRounds = 64; |
|||
|
|||
k0: number; |
|||
k1: number; |
|||
k2: number; |
|||
k3: number; |
|||
rounds: number; |
|||
|
|||
constructor(key: Uint8Array, rounds: number = TeaCipher.numRounds) { |
|||
if (key.length != 16) { |
|||
throw Error('incorrect key size'); |
|||
} |
|||
if ((rounds & 1) != 0) { |
|||
throw Error('odd number of rounds specified'); |
|||
} |
|||
|
|||
const k = new DataView(key.buffer); |
|||
this.k0 = k.getUint32(0, false); |
|||
this.k1 = k.getUint32(4, false); |
|||
this.k2 = k.getUint32(8, false); |
|||
this.k3 = k.getUint32(12, false); |
|||
this.rounds = rounds; |
|||
} |
|||
|
|||
encrypt(dst: DataView, src: DataView) { |
|||
let v0 = src.getUint32(0, false); |
|||
let v1 = src.getUint32(4, false); |
|||
|
|||
let sum = 0; |
|||
for (let i = 0; i < this.rounds / 2; i++) { |
|||
sum = sum + TeaCipher.delta; |
|||
v0 += ((v1 << 4) + this.k0) ^ (v1 + sum) ^ ((v1 >>> 5) + this.k1); |
|||
v1 += ((v0 << 4) + this.k2) ^ (v0 + sum) ^ ((v0 >>> 5) + this.k3); |
|||
} |
|||
|
|||
dst.setUint32(0, v0, false); |
|||
dst.setUint32(4, v1, false); |
|||
} |
|||
|
|||
decrypt(dst: DataView, src: DataView) { |
|||
let v0 = src.getUint32(0, false); |
|||
let v1 = src.getUint32(4, false); |
|||
|
|||
let sum = (TeaCipher.delta * this.rounds) / 2; |
|||
for (let i = 0; i < this.rounds / 2; i++) { |
|||
v1 -= ((v0 << 4) + this.k2) ^ (v0 + sum) ^ ((v0 >>> 5) + this.k3); |
|||
v0 -= ((v1 << 4) + this.k0) ^ (v1 + sum) ^ ((v1 >>> 5) + this.k1); |
|||
sum -= TeaCipher.delta; |
|||
} |
|||
dst.setUint32(0, v0, false); |
|||
dst.setUint32(4, v1, false); |
|||
} |
|||
} |
Loading…
Reference in new issue