-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathonetimepad.js
301 lines (293 loc) · 10.3 KB
/
onetimepad.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
/* OneTimePad.js
* Version 1.0.1
*
* A JavaScript library implementation for the one-time pad cipher.
* Based on the method described at http://krako.chez.com/nouveau/spy/cs013.htm
*
*
* There are three functions:
*
* 1. encode(text)
* Input: A text string.
* Output: Uses the codebook to output a number-encoded "code" string.
* Example: encode("Hello world") returns "3304111114".
* Notes: Any input character that is not in the codebook will be filtered out.
* This is not encryption, the characters are merely substituted with numbers.
*
* 2. decode(code)
* Input: A number-encoded "code" string, such as the output of encode().
* Output: Uses the codebook to output a text string.
* Example decode("3304111114") returns "Hello world".
* Notes: This is not decryption, the output is merely the reverse of encode().
*
* 3. otp(message, key, mode, keyRepetition)
* Input: message: Either a plaintext string or an encrypted message string.
* key: The encryption key.
* mode: Either "encrypt" or "decrypt".
* keyRepetition: true or false. If the key is shorter than the message,
* this sets whether the script should repeat the key to make it long enough.
* This is NOT secure. For serious usage, the keyRepetition flag should
* never be set to true and the key should always be long enough.
* Output: Depending on whether the mode is set to "encrypt" or "decrypt",
* either an encrypted ciphertext string or a decrypted plaintext string.
* Example: If message is "Hello" and key is "m6R*N":
* otp("Hello", "m6R*N", "encrypt", false) returns "4552548243"
* otp("4552548243", "m6R*N", "decrypt", false) returns "Hello"
* Notes: This function performs the actual one-time pad encryption or decryption.
* For the greatest security, the key should be as random as possible.
* Both the inputs codeMessage and codeKey need to be encoded with encode().
* Decrypted output is still number-encoded, so use decode() to get the plaintext.
*
*
* Examples for implementing this library:
*
* Encryption:
* Input plaintext message "My secret message".
* Input plaintext key "jE1&;bWi3f+w7TI8k".
* return otp("My secret message", "jE1&;bWi3f+w7TI8k", "encrypt", false);
* This returns encrypted ciphertext "3754478888035502649989266753346614".
*
* Decryption:
* Input encrypted message "3754478888035502649989266753346614".
* Input plaintext key "jE1&;bWi3f+w7TI8k".
* return otp("3754478888035502649989266753346614", "jE1&;bWi3f+w7TI8k", "decrypt", false);
* This returns decrypted plaintext "My secret message".
*/
/**
*
* @licstart The following is the entire license notice for the
* JavaScript code in this page.
*
* Copyright (C) 2016 Lucas Bleackley Petter
*
* The JavaScript code in this page is free software: you can
* redistribute it and/or modify it under the terms of the GNU
* General Public License (GNU GPL) as published by the Free Software
* Foundation, either version 3 of the License, or (at your option)
* any later version. The code is distributed WITHOUT ANY WARRANTY;
* without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU GPL for more details.
*
* As additional permission under GNU GPL version 3 section 7, you
* may distribute non-source (e.g., minimized or compacted) forms of
* that code without the copy of the GNU GPL normally required by
* section 4, provided you include this license notice and a URL
* through which recipients can access the Corresponding Source.
*
* @licend The above is the entire license notice
* for the JavaScript code in this page.
*
*/
"use strict";
// Codebook for converting between characters and code numbers.
var codebook = [];
codebook[0] = "a";
codebook[1] = "b";
codebook[2] = "c";
codebook[3] = "d";
codebook[4] = "e";
codebook[5] = "f";
codebook[6] = "g";
codebook[7] = "h";
codebook[8] = "i";
codebook[9] = "j";
codebook[10] = "k";
codebook[11] = "l";
codebook[12] = "m";
codebook[13] = "n";
codebook[14] = "o";
codebook[15] = "p";
codebook[16] = "q";
codebook[17] = "r";
codebook[18] = "s";
codebook[19] = "t";
codebook[20] = "u";
codebook[21] = "v";
codebook[22] = "w";
codebook[23] = "x";
codebook[24] = "y";
codebook[25] = "z";
codebook[26] = "A";
codebook[27] = "B";
codebook[28] = "C";
codebook[29] = "D";
codebook[30] = "E";
codebook[31] = "F";
codebook[32] = "G";
codebook[33] = "H";
codebook[34] = "I";
codebook[35] = "J";
codebook[36] = "K";
codebook[37] = "L";
codebook[38] = "M";
codebook[39] = "N";
codebook[40] = "O";
codebook[41] = "P";
codebook[42] = "Q";
codebook[43] = "R";
codebook[44] = "S";
codebook[45] = "T";
codebook[46] = "U";
codebook[47] = "V";
codebook[48] = "W";
codebook[49] = "X";
codebook[50] = "Y";
codebook[51] = "Z";
codebook[52] = "0";
codebook[53] = "1";
codebook[54] = "2";
codebook[55] = "3";
codebook[56] = "4";
codebook[57] = "5";
codebook[58] = "6";
codebook[59] = "7";
codebook[60] = "8";
codebook[61] = "9";
codebook[62] = "`";
codebook[63] = "~";
codebook[64] = "!";
codebook[65] = "@";
codebook[66] = "#";
codebook[67] = "$";
codebook[68] = "%";
codebook[69] = "^";
codebook[70] = "&";
codebook[71] = "*";
codebook[72] = "(";
codebook[73] = ")";
codebook[74] = "-";
codebook[75] = "=";
codebook[76] = "_";
codebook[77] = "+";
codebook[78] = "[";
codebook[79] = "]";
codebook[80] = "{";
codebook[81] = "}";
codebook[82] = "|";
codebook[83] = "\\";
codebook[84] = ";";
codebook[85] = ":";
codebook[86] = "'";
codebook[87] = "\"";
codebook[88] = ",";
codebook[89] = ".";
codebook[90] = "<";
codebook[91] = ">";
codebook[92] = "/";
codebook[93] = "?";
codebook[94] = " ";
codebook[95] = "\n";
codebook[96] = "\r";
codebook[97] = "\t";
codebook[98] = "–";
codebook[99] = "—";
// Convert input text characters to code numbers using the codebook.
function encode(text) {
// Loop through each text character.
var code = [];
for (var i=0; i<text.length; i++) {
// Check if the character is in the codebook, filter it out if it's not.
if (codebook.indexOf(text[i]) !== -1) {
// Get the character's code number from the code book.
code[i] = codebook.indexOf(text[i]).toString();
// Prepend a leading zero if code number is in range 0-9.
if (code[i].length === 1) {
code[i] = "0" + code[i];
}
}
}
return code.join("");
}
// Convert input code numbers to text characters using the codebook.
function decode(code) {
// Split the code number string into an array where each item is 2 digits long.
var codeLength = code.length / 2;
code = code.match(/.{1,2}/g);
// Loop through each two-digit code number.
var text = [];
for (var i=0; i<codeLength; i++) {
// Convert the code from string to number format by multiplying by 1.
code[i] *= 1;
// Get the code number's character from the codebook.
text[i] = codebook[code[i]];
}
return text.join("");
}
// Encrypt or decrypt a message with a key.
function otp(message, key, mode, keyRepetition) {
var codeMessage, error;
// The message and key must not be empty.
if (message === "" || key === "") {
error = "Error: The message and key must not be be empty.";
console.log("[OneTimePad.js] " + error);
return error;
}
// Convert the message and key to number-encoded strings using the codebook.
var codeKey = encode(key);
// Only number-encode the message if using encrypt mode. In decrypt mode, the message should already be number-encoded.
if (mode == "encrypt") {
codeMessage = encode(message);
} else if (mode == "decrypt") {
if (!isNaN(message)) {
codeMessage = message;
} else {
error = "Error: When decrypting, the message must only contain numbers.";
console.log("[OneTimePad.js] " + error);
return error;
}
}
// The key should be at least the same length as the message.
if (codeKey.length < codeMessage.length) {
// If the key is shorter than the message and the keyRepetition flag is true, then repeat the key until it's long enough.
// This is NOT secure. For serious usage, the keyRepetition flag should never be set to true and the key should always be long enough.
if (keyRepetition === true) {
if (mode == "encrypt") {
console.log("[OneTimePad.js] WARNING: The key is shorter than the message.\nThe keyRepetition flag has been set, so OneTimePad.js will now repeat the key until it's long enough, but this is not secure. Repetition of the key will cause statistical patterns in the ciphertext that will make it easier for a third party to decrypt it without the key. You really should use a key at that's least the same length as the message.");
}
while (codeKey.length < codeMessage.length) {
codeKey += codeKey;
}
// Otherwise, if the key is too short, fail with an error.
} else {
error = "Error: The key is shorter than the message.";
console.log("[OneTimePad.js] " + error);
return error;
}
}
// Split both the code strings into arrays where each array item is 1 digit long.
codeMessage = codeMessage.split("");
codeKey = codeKey.split("");
// Loop through each one-digit code number.
var codeOutput = [];
for (var i=0; i<codeMessage.length; i++) {
// Convert the codes from string to number format by multiplying by 1.
codeMessage[i] *= 1;
codeKey[i] *= 1;
// Perform the OTP encryption by adding the message code number and key code number together.
if (mode == "encrypt") {
codeOutput[i] = (codeMessage[i] + codeKey[i]);
// Number must be a single digit in range 0-9.
// Use modular addition, modulo 10 - allow no carrying during addition.
if (codeOutput[i] > 9) {
codeOutput[i] -= 10;
}
}
// Perform the OTP decryption by subtracting the key code number from the message code number.
if (mode == "decrypt") {
codeOutput[i] = (codeMessage[i] - codeKey[i]);
// Number must be a single digit in range 0-9.
// Use modular subtraction, modulo 10 - allow no carrying during subtraction.
// Allow no negative numbers. If number is negative, make it positive.
if (codeOutput[i] < 0) {
codeOutput[i] += 10;
}
}
}
// If encrypting, return a number-encoded string. If decrypting, decode the number-encoded string to return the plaintext.
var outputString = codeOutput.join("");
if (mode == "decrypt") {
return decode(outputString);
} else {
return outputString;
}
}