rocket-js 0.0.1 → 0.0.2

data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tests/XTeaKeyTest.as

@@ -0,0 +1,66 @@
+/**
+ * XTeaKeyTest
+ * 
+ * A test class for XTeaKey
+ * Copyright (c) 2007 Henri Torgemane
+ * 
+ * See LICENSE.txt for full license information.
+ */
+package com.hurlant.crypto.tests
+{
+	import com.hurlant.crypto.prng.Random;
+	import com.hurlant.crypto.symmetric.ECBMode;
+	import com.hurlant.crypto.symmetric.XTeaKey;
+	import com.hurlant.util.Hex;
+	
+	import flash.utils.ByteArray;
+	import flash.utils.getTimer;
+	
+	public class XTeaKeyTest extends TestCase
+	{
+		public function XTeaKeyTest(h:ITestHarness) {
+			super(h, "XTeaKey Test");
+			runTest(testGetBlockSize, "XTea Block Size");
+			runTest(testVectors, "XTea Test Vectors");
+			
+			h.endTestCase();
+		}
+		
+		public function testGetBlockSize():void {
+			var tea:XTeaKey = new XTeaKey(Hex.toArray("deadbabecafebeefdeadbabecafebeef"));
+			assert("tea blocksize", tea.getBlockSize()==8);
+		}
+		
+		public function testVectors():void {
+			// blah.
+			// can't find working test vectors.
+			// algorithms should not get published without vectors :(
+			var keys:Array=[
+			"00000000000000000000000000000000",
+			"2b02056806144976775d0e266c287843"];
+			var pts:Array=[
+			"0000000000000000",
+			"74657374206d652e"];
+			var cts:Array=[
+			"2dc7e8d3695b0538",
+			"7909582138198783"];
+			// self-fullfilling vectors.
+			// oh well, at least I can decrypt what I produce. :(
+			
+			for (var i:uint=0;i<keys.length;i++) {
+				var key:ByteArray = Hex.toArray(keys[i]);
+				var pt:ByteArray = Hex.toArray(pts[i]);
+				var tea:XTeaKey = new XTeaKey(key);
+				tea.encrypt(pt);
+				var out:String = Hex.fromArray(pt);
+				assert("comparing "+cts[i]+" to "+out, cts[i]==out);
+				// now go back to plaintext.
+				pt.position=0;
+				tea.decrypt(pt);
+				out = Hex.fromArray(pt);
+				assert("comparing "+pts[i]+" to "+out, pts[i]==out);
+			}
+		}
+
+	}
+}

data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/BulkCiphers.as

@@ -0,0 +1,102 @@
+/**
+ * BulkCiphers
+ * 
+ * An enumeration of bulk ciphers available for TLS, along with their properties,
+ * with a few convenience methods to go with it.
+ * Copyright (c) 2007 Henri Torgemane
+ * 
+ * See LICENSE.txt for full license information.
+ */
+package com.hurlant.crypto.tls {
+	import com.hurlant.crypto.Crypto;
+	import flash.utils.ByteArray;
+	import com.hurlant.crypto.symmetric.ICipher;
+	import com.hurlant.crypto.symmetric.TLSPad;
+	import com.hurlant.crypto.symmetric.SSLPad;
+	
+	public class BulkCiphers {
+		public static const STREAM_CIPHER:uint = 0;
+		public static const BLOCK_CIPHER:uint = 1;
+
+		public static const NULL:uint = 0;
+		public static const RC4_40:uint = 1;
+		public static const RC4_128:uint = 2
+		public static const RC2_CBC_40:uint = 3; // XXX I don't have that one.
+		public static const DES_CBC:uint = 4;
+		public static const DES3_EDE_CBC:uint = 5;
+		public static const DES40_CBC:uint = 6;
+		public static const IDEA_CBC:uint = 7; // XXX I don't have that one.
+		public static const AES_128:uint = 8;
+		public static const AES_256:uint = 9;
+		
+		private static const algos:Array =
+		['', 'rc4', 'rc4', '', 'des-cbc', '3des-cbc', 'des-cbc', '', 'aes', 'aes'];
+		
+		private static var _props:Array;
+		
+		init();
+		private static function init():void {
+			_props = [];
+			_props[NULL] 			= new BulkCiphers(STREAM_CIPHER,  0,  0,   0,  0,  0);
+			_props[RC4_40] 			= new BulkCiphers(STREAM_CIPHER,  5, 16,  40,  0,  0);
+			_props[RC4_128]			= new BulkCiphers(STREAM_CIPHER, 16, 16, 128,  0,  0);
+			_props[RC2_CBC_40]		= new BulkCiphers( BLOCK_CIPHER,  5, 16,  40,  8,  8);
+			_props[DES_CBC]			= new BulkCiphers( BLOCK_CIPHER,  8,  8,  56,  8,  8);
+			_props[DES3_EDE_CBC]	= new BulkCiphers( BLOCK_CIPHER, 24, 24, 168,  8,  8);
+			_props[DES40_CBC]		= new BulkCiphers( BLOCK_CIPHER,  5,  8,  40,  8,  8);
+			_props[IDEA_CBC]		= new BulkCiphers( BLOCK_CIPHER, 16, 16, 128,  8,  8);
+			_props[AES_128]			= new BulkCiphers( BLOCK_CIPHER, 16, 16, 128, 16, 16);
+			_props[AES_256]			= new BulkCiphers( BLOCK_CIPHER, 32, 32, 256, 16, 16);
+		}
+	
+		private static function getProp(cipher:uint):BulkCiphers {
+			var p:BulkCiphers = _props[cipher];
+			if (p==null) {
+				throw new Error("Unknown bulk cipher "+cipher.toString(16));
+			}
+			return p;
+		}
+		public static function getType(cipher:uint):uint {
+			return getProp(cipher).type;
+		}
+		public static function getKeyBytes(cipher:uint):uint {
+			return getProp(cipher).keyBytes;
+		}
+		public static function getExpandedKeyBytes(cipher:uint):uint {
+			return getProp(cipher).expandedKeyBytes;
+		}
+		public static function getEffectiveKeyBits(cipher:uint):uint {
+			return getProp(cipher).effectiveKeyBits;
+		}
+		public static function getIVSize(cipher:uint):uint {
+			return getProp(cipher).IVSize;
+		}
+		public static function getBlockSize(cipher:uint):uint {
+			return getProp(cipher).blockSize;
+		}
+		public static function getCipher(cipher:uint, key:ByteArray, proto:uint):ICipher {
+			if (proto == TLSSecurityParameters.PROTOCOL_VERSION) {
+				return Crypto.getCipher(algos[cipher], key, new TLSPad);
+			} else {
+				return Crypto.getCipher(algos[cipher], key, new SSLPad);
+			}
+		}
+
+	
+		private var type:uint;
+		private var keyBytes:uint;
+		private var expandedKeyBytes:uint;
+		private var effectiveKeyBits:uint;
+		private var IVSize:uint;
+		private var blockSize:uint;
+		
+		public function BulkCiphers(t:uint, kb:uint, ekb:uint, fkb:uint, ivs:uint, bs:uint) {
+			type = t;
+			keyBytes = kb;
+			expandedKeyBytes = ekb;
+			effectiveKeyBits = fkb;
+			IVSize = ivs;
+			blockSize = bs;
+		}
+	}
+}

data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/CipherSuites.as

@@ -0,0 +1,117 @@
+/**
+ * CipherSuites
+ * 
+ * An enumeration of cipher-suites available for TLS to use, along with
+ * their properties, and some convenience methods
+ * Copyright (c) 2007 Henri Torgemane
+ * 
+ * See LICENSE.txt for full license information.
+ */
+package com.hurlant.crypto.tls {
+	import com.hurlant.crypto.hash.MD5;
+	import com.hurlant.crypto.hash.SHA1;
+	
+	public class CipherSuites {
+		
+		
+		// only the lines marked "ok" are currently implemented.
+		
+		// rfc 2246
+		
+		public static const TLS_NULL_WITH_NULL_NULL:uint				= 0x0000; // ok
+		public static const TLS_RSA_WITH_NULL_MD5:uint					= 0x0001; // ok
+		public static const TLS_RSA_WITH_NULL_SHA:uint					= 0x0002; // ok
+		public static const TLS_RSA_WITH_RC4_128_MD5:uint				= 0x0004; // ok
+		public static const TLS_RSA_WITH_RC4_128_SHA:uint				= 0x0005; // ok
+		public static const TLS_RSA_WITH_IDEA_CBC_SHA:uint				= 0x0007;
+		public static const TLS_RSA_WITH_DES_CBC_SHA:uint				= 0x0009; // ok
+		public static const TLS_RSA_WITH_3DES_EDE_CBC_SHA:uint			= 0x000A; // ok
+		
+		public static const TLS_DH_DSS_WITH_DES_CBC_SHA:uint			= 0x000C;
+		public static const TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:uint		= 0x000D;
+		public static const TLS_DH_RSA_WITH_DES_CBC_SHA:uint			= 0x000F;
+		public static const TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA:uint		= 0x0010;
+		public static const TLS_DHE_DSS_WITH_DES_CBC_SHA:uint			= 0x0012;
+		public static const TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:uint		= 0x0013;
+		public static const TLS_DHE_RSA_WITH_DES_CBC_SHA:uint			= 0x0015;
+		public static const TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:uint		= 0x0016;
+		
+		public static const TLS_DH_anon_WITH_RC4_128_MD5:uint			= 0x0018;
+		public static const TLS_DH_anon_WITH_DES_CBC_SHA:uint			= 0x001A;
+		public static const TLS_DH_anon_WITH_3DES_EDE_CBC_SHA:uint		= 0x001B;
+		
+		// rfc3268
+		
+		public static const TLS_RSA_WITH_AES_128_CBC_SHA:uint			= 0x002F; // ok
+		public static const TLS_DH_DSS_WITH_AES_128_CBC_SHA:uint		= 0x0030;
+		public static const TLS_DH_RSA_WITH_AES_128_CBC_SHA:uint		= 0x0031;
+		public static const TLS_DHE_DSS_WITH_AES_128_CBC_SHA:uint		= 0x0032;
+		public static const TLS_DHE_RSA_WITH_AES_128_CBC_SHA:uint		= 0x0033;
+		public static const TLS_DH_anon_WITH_AES_128_CBC_SHA:uint		= 0x0034;
+		
+		public static const TLS_RSA_WITH_AES_256_CBC_SHA:uint			= 0x0035; // ok
+		public static const TLS_DH_DSS_WITH_AES_256_CBC_SHA:uint		= 0x0036;
+		public static const TLS_DH_RSA_WITH_AES_256_CBC_SHA:uint		= 0x0037;
+		public static const TLS_DHE_DSS_WITH_AES_256_CBC_SHA:uint		= 0x0038;
+		public static const TLS_DHE_RSA_WITH_AES_256_CBC_SHA:uint		= 0x0039;
+		public static const TLS_DH_anon_WITH_AES_256_CBC_SHA:uint		= 0x003A;
+		
+		private static var _props:Array;
+		
+		init();
+		private static function init():void {
+			_props = [];
+			_props[TLS_NULL_WITH_NULL_NULL]			= new CipherSuites(BulkCiphers.NULL, MACs.NULL, KeyExchanges.NULL);
+			_props[TLS_RSA_WITH_NULL_MD5]			= new CipherSuites(BulkCiphers.NULL, MACs.MD5, KeyExchanges.RSA);
+			_props[TLS_RSA_WITH_NULL_SHA]			= new CipherSuites(BulkCiphers.NULL, MACs.SHA1, KeyExchanges.RSA);
+			_props[TLS_RSA_WITH_RC4_128_MD5]		= new CipherSuites(BulkCiphers.RC4_128, MACs.MD5, KeyExchanges.RSA);
+			_props[TLS_RSA_WITH_RC4_128_SHA]		= new CipherSuites(BulkCiphers.RC4_128, MACs.SHA1, KeyExchanges.RSA);
+			_props[TLS_RSA_WITH_DES_CBC_SHA]		= new CipherSuites(BulkCiphers.DES_CBC, MACs.SHA1, KeyExchanges.RSA);
+			_props[TLS_RSA_WITH_3DES_EDE_CBC_SHA]	= new CipherSuites(BulkCiphers.DES3_EDE_CBC, MACs.SHA1, KeyExchanges.RSA);
+			_props[TLS_RSA_WITH_AES_128_CBC_SHA]	= new CipherSuites(BulkCiphers.AES_128, MACs.SHA1, KeyExchanges.RSA);
+			_props[TLS_RSA_WITH_AES_256_CBC_SHA]	= new CipherSuites(BulkCiphers.AES_256, MACs.SHA1, KeyExchanges.RSA);
+			
+			// ...
+			// more later
+		}
+		
+		private static function getProp(cipher:uint):CipherSuites {
+			var p:CipherSuites = _props[cipher];
+			if (p==null) {
+				throw new Error("Unknown cipher "+cipher.toString(16));
+			}
+			return p;
+		}
+		public static function getBulkCipher(cipher:uint):uint {
+			return getProp(cipher).cipher;
+		}
+		public static function getMac(cipher:uint):uint {
+			return getProp(cipher).hash;
+		}
+		public static function getKeyExchange(cipher:uint):uint {
+			return getProp(cipher).key;
+		}
+		
+		public static function getDefaultSuites():Array {
+			// a list of acceptable ciphers, sorted by preference.
+			return [
+				TLS_RSA_WITH_AES_256_CBC_SHA,
+				TLS_RSA_WITH_3DES_EDE_CBC_SHA,
+				TLS_RSA_WITH_AES_128_CBC_SHA,
+				TLS_RSA_WITH_RC4_128_SHA,
+				TLS_RSA_WITH_RC4_128_MD5,
+				TLS_RSA_WITH_DES_CBC_SHA
+			];
+		}
+		
+		public var cipher:uint;
+		public var hash:uint;
+		public var key:uint;
+		
+		public function CipherSuites(cipher:uint, hash:uint, key:uint) {
+			this.cipher = cipher;
+			this.hash = hash;
+			this.key = key;
+		}
+	}
+}

data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/IConnectionState.as

@@ -0,0 +1,14 @@
+/**
+ * IConnectionState
+ * 
+ * Interface for TLS/SSL Connection states.
+ * 
+ * See LICENSE.txt for full license information.
+ */
+package com.hurlant.crypto.tls {
+	import flash.utils.ByteArray;
+	public interface IConnectionState {
+		function decrypt(type:uint, length:uint, p:ByteArray) : ByteArray; 
+		function encrypt(type:uint, p:ByteArray) : ByteArray; 
+	}
+}

data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/ISecurityParameters.as

@@ -0,0 +1,29 @@
+/**
+ * ISecurityParameters
+ * 
+ * This class encapsulates all the security parameters that get negotiated
+ * during the TLS handshake. It also holds all the key derivation methods.
+ * Copyright (c) 2007 Henri Torgemane
+ * 
+ * See LICENSE.txt for full license information.
+ */
+package com.hurlant.crypto.tls {
+	import flash.utils.ByteArray;
+	
+	public interface ISecurityParameters {
+		function get version() : uint;
+		function reset():void;
+		function getBulkCipher():uint;
+		function getCipherType():uint;
+		function getMacAlgorithm():uint;
+		function setCipher(cipher:uint):void;
+		function setCompression(algo:uint):void;
+		function setPreMasterSecret(secret:ByteArray):void;
+		function setClientRandom(secret:ByteArray):void;
+		function setServerRandom(secret:ByteArray):void;
+		function get useRSA():Boolean;
+		function computeVerifyData(side:uint, handshakeMessages:ByteArray):ByteArray;
+		function computeCertificateVerify( side:uint, handshakeRecords:ByteArray):ByteArray;
+		function getConnectionStates():Object;
+	}
+}

data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/KeyExchanges.as

@@ -0,0 +1,24 @@
+/**
+ * KeyExchanges
+ * 
+ * An enumeration of key exchange methods defined by TLS
+ * ( right now, only RSA is actually implemented )
+ * Copyright (c) 2007 Henri Torgemane
+ * 
+ * See LICENSE.txt for full license information.
+ */
+package com.hurlant.crypto.tls {
+	public class KeyExchanges {
+		public static const NULL:uint = 0;
+		public static const RSA:uint = 1;
+		public static const DH_DSS:uint = 2;
+		public static const DH_RSA:uint = 3;
+		public static const DHE_DSS:uint = 4;
+		public static const DHE_RSA:uint = 5;
+		public static const DH_anon:uint = 6;
+		
+		public static function useRSA(p:uint):Boolean {
+			return (p==RSA);
+		}
+	}
+}

data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/MACs.as

@@ -0,0 +1,38 @@
+/**
+ * MACs
+ * 
+ * An enumeration of MACs implemented for TLS 1.0/SSL 3.0
+ * Copyright (c) 2007 Henri Torgemane
+ * 
+ * See LICENSE.txt for full license information.
+ */
+package com.hurlant.crypto.tls {
+	import com.hurlant.crypto.Crypto;
+	import com.hurlant.crypto.hash.HMAC;
+	import com.hurlant.crypto.hash.MAC;
+	
+	public class MACs {
+		public static const NULL:uint = 0;
+		public static const MD5:uint = 1;
+		public static const SHA1:uint = 2;
+		
+		public static function getHashSize(hash:uint):uint {
+			return [0,16,20][hash];
+		}	
+		
+		public static function getPadSize(hash:uint):int {
+			return [0, 48, 40][hash];
+		}	
+		
+		public static function getHMAC(hash:uint):HMAC {
+			if (hash==NULL) return null;
+			return Crypto.getHMAC(['',"md5","sha1"][hash]);
+		}
+	
+		public static function getMAC(hash:uint):MAC {
+			return Crypto.getMAC(['', "md5", "sha1"][hash]);
+		} 
+		
+		
+	}
+}

data/src/vendor/web-socket-js/flash-src/com/hurlant/crypto/tls/SSLConnectionState.as

@@ -0,0 +1,171 @@
+/**
+ * TLSConnectionState
+ * 
+ * This class encapsulates the read or write state of a TLS connection,
+ * and implementes the encrypting and hashing of packets. 
+ * Copyright (c) 2007 Henri Torgemane
+ * 
+ * See LICENSE.txt for full license information.
+ */
+package com.hurlant.crypto.tls {
+	import flash.utils.IDataInput;
+	import flash.utils.ByteArray;
+	import com.hurlant.crypto.hash.MD5;
+	import com.hurlant.crypto.hash.MAC;
+	import com.hurlant.crypto.hash.IHash;
+	import com.hurlant.crypto.symmetric.ICipher;
+	import com.hurlant.crypto.symmetric.IVMode;
+	import com.hurlant.util.Hex;
+	import com.hurlant.util.ArrayUtil;
+	
+	public class SSLConnectionState implements IConnectionState {
+
+		// compression state
+		
+		// cipher state
+		private var bulkCipher:uint;
+		private var cipherType:uint;
+		private var CIPHER_key:ByteArray;
+		private var CIPHER_IV:ByteArray;
+		private var cipher:ICipher;
+		private var ivmode:IVMode;
+		
+		// mac secret
+		private var macAlgorithm:uint;
+		private var MAC_write_secret:ByteArray;
+		private var mac:MAC;
+		
+		// sequence number. uint64
+		
+		private var seq_lo:uint = 0x0;
+		private var seq_hi:uint = 0x0;
+
+		public function SSLConnectionState(
+				bulkCipher:uint=0, cipherType:uint=0, macAlgorithm:uint=0,
+				mac_enc:ByteArray=null, key:ByteArray=null, IV:ByteArray=null) {
+			this.bulkCipher = bulkCipher;
+			this.cipherType = cipherType;
+			this.macAlgorithm = macAlgorithm;
+			MAC_write_secret = mac_enc;
+			mac = MACs.getMAC(macAlgorithm);
+			
+			CIPHER_key = key;
+			CIPHER_IV = IV;
+			cipher = BulkCiphers.getCipher(bulkCipher, key, 0x0300);
+			if (cipher is IVMode) {
+				ivmode = cipher as IVMode;
+				ivmode.IV = IV;
+			}
+
+		}
+		
+		public function decrypt(type:uint, length:uint, p:ByteArray):ByteArray {
+			// decompression is a nop.
+			
+			if (cipherType == BulkCiphers.STREAM_CIPHER) {
+				if (bulkCipher == BulkCiphers.NULL) {
+					// no-op
+				} else {
+					cipher.decrypt(p);
+				}
+			} else {
+				p.position = 0;
+				// block cipher
+				if (bulkCipher == BulkCiphers.NULL) {
+				
+				} else {
+					var nextIV:ByteArray = new ByteArray;
+					nextIV.writeBytes(p, p.length-CIPHER_IV.length, CIPHER_IV.length);
+					p.position = 0;
+					cipher.decrypt(p);
+
+					CIPHER_IV = nextIV;
+					ivmode.IV = nextIV;
+				}
+			}
+	
+			if (macAlgorithm!=MACs.NULL) {
+				// there will be CTX delay here as well, 
+				// I should probably optmize the hell out of it
+				var data:ByteArray = new ByteArray;
+				var len:uint = p.length - mac.getHashSize();
+				data.writeUnsignedInt(seq_hi);
+				data.writeUnsignedInt(seq_lo);
+				
+				data.writeByte(type);
+				data.writeShort(len);
+				if (len!=0) {
+					data.writeBytes(p, 0, len);
+				}
+				var mac_enc:ByteArray = mac.compute(MAC_write_secret, data);
+				// compare "mac" with the last X bytes of p.
+				var mac_received:ByteArray = new ByteArray;
+				mac_received.writeBytes(p, len, mac.getHashSize());
+				if (ArrayUtil.equals(mac_enc, mac_received)) {
+					// happy happy joy joy
+				} else {
+					throw new TLSError("Bad Mac Data", TLSError.bad_record_mac);
+				}
+				p.length = len;
+				p.position = 0;
+			}
+			// increment seq
+			seq_lo++;
+			if (seq_lo==0) seq_hi++;
+			return p;
+		}
+		public function encrypt(type:uint, p:ByteArray):ByteArray {
+			var mac_enc:ByteArray = null;
+			if (macAlgorithm!=MACs.NULL) {
+				var data:ByteArray = new ByteArray;
+				// data.writeUnsignedInt(seq);
+				
+				// Sequence
+				data.writeUnsignedInt(seq_hi);
+				data.writeUnsignedInt(seq_lo);
+				
+				// Type
+				data.writeByte(type);
+				
+				// Length
+				data.writeShort(p.length);
+				
+				// The data
+				if (p.length!=0) {
+					data.writeBytes(p);
+				}
+			
+				// trace("data for the MAC: " + Hex.fromArray(data));
+				mac_enc = mac.compute(MAC_write_secret, data);
+				// trace("MAC: " + Hex.fromArray( mac_enc ));
+				p.position = p.length;
+				p.writeBytes(mac_enc);
+			}
+			
+			// trace("Record to encrypt: " + Hex.fromArray(p));
+			
+			p.position = 0;
+			if (cipherType == BulkCiphers.STREAM_CIPHER) {
+				// stream cipher
+				if (bulkCipher == BulkCiphers.NULL) {
+					// no-op
+				} else {
+					cipher.encrypt(p);
+				}
+			} else {
+				// block cipher
+				cipher.encrypt(p);
+				// adjust IV
+				var nextIV:ByteArray = new ByteArray;
+				nextIV.writeBytes(p, p.length-CIPHER_IV.length, CIPHER_IV.length);
+				CIPHER_IV = nextIV;
+				ivmode.IV = nextIV;
+			}
+			// increment seq
+			seq_lo++;
+			if (seq_lo==0) seq_hi++;
+			return p;
+		}
+		
+	}
+}