2 * A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined
4 * Version 2.1 Copyright Paul Johnston 2000 - 2002.
5 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
6 * Distributed under the BSD License
7 * See http://pajhome.org.uk/crypt/md5 for details.
10 var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */
11 var b64pad = ""; /* base-64 pad character. "=" for strict RFC compliance */
12 var chrsz = 8; /* bits per input character. 8 - ASCII; 16 - Unicode */
15 * These are the functions you'll usually want to call
16 * They take string arguments and return either hex or base-64 encoded strings
18 function hex_sha1(s){return binb2hex(core_sha1(str2binb(s),s.length * chrsz));}
19 function b64_sha1(s){return binb2b64(core_sha1(str2binb(s),s.length * chrsz));}
20 function str_sha1(s){return binb2str(core_sha1(str2binb(s),s.length * chrsz));}
21 function hex_hmac_sha1(key, data){ return binb2hex(core_hmac_sha1(key, data));}
22 function b64_hmac_sha1(key, data){ return binb2b64(core_hmac_sha1(key, data));}
23 function str_hmac_sha1(key, data){ return binb2str(core_hmac_sha1(key, data));}
26 * Perform a simple self-test to see if the VM is working
28 function sha1_vm_test()
30 return hex_sha1("abc") == "a9993e364706816aba3e25717850c26c9cd0d89d";
34 * Calculate the SHA-1 of an array of big-endian words, and a bit length
36 function core_sha1(x, len)
39 x[len >> 5] |= 0x80 << (24 - len % 32);
40 x[((len + 64 >> 9) << 4) + 15] = len;
49 for(var i = 0; i < x.length; i += 16)
57 for(var j = 0; j < 80; j++)
59 if(j < 16) w[j] = x[i + j];
60 else w[j] = rol(w[j-3] ^ w[j-8] ^ w[j-14] ^ w[j-16], 1);
61 var t = safe_add(safe_add(rol(a, 5), sha1_ft(j, b, c, d)),
62 safe_add(safe_add(e, w[j]), sha1_kt(j)));
70 a = safe_add(a, olda);
71 b = safe_add(b, oldb);
72 c = safe_add(c, oldc);
73 d = safe_add(d, oldd);
74 e = safe_add(e, olde);
76 return Array(a, b, c, d, e);
81 * Perform the appropriate triplet combination function for the current
84 function sha1_ft(t, b, c, d)
86 if(t < 20) return (b & c) | ((~b) & d);
87 if(t < 40) return b ^ c ^ d;
88 if(t < 60) return (b & c) | (b & d) | (c & d);
93 * Determine the appropriate additive constant for the current iteration
97 return (t < 20) ? 1518500249 : (t < 40) ? 1859775393 :
98 (t < 60) ? -1894007588 : -899497514;
102 * Calculate the HMAC-SHA1 of a key and some data
104 function core_hmac_sha1(key, data)
106 var bkey = str2binb(key);
107 if(bkey.length > 16) bkey = core_sha1(bkey, key.length * chrsz);
109 var ipad = Array(16), opad = Array(16);
110 for(var i = 0; i < 16; i++)
112 ipad[i] = bkey[i] ^ 0x36363636;
113 opad[i] = bkey[i] ^ 0x5C5C5C5C;
116 var hash = core_sha1(ipad.concat(str2binb(data)), 512 + data.length * chrsz);
117 return core_sha1(opad.concat(hash), 512 + 160);
121 * Add integers, wrapping at 2^32. This uses 16-bit operations internally
122 * to work around bugs in some JS interpreters.
124 function safe_add(x, y)
126 var lsw = (x & 0xFFFF) + (y & 0xFFFF);
127 var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
128 return (msw << 16) | (lsw & 0xFFFF);
132 * Bitwise rotate a 32-bit number to the left.
134 function rol(num, cnt)
136 return (num << cnt) | (num >>> (32 - cnt));
140 * Convert an 8-bit or 16-bit string to an array of big-endian words
141 * In 8-bit function, characters >255 have their hi-byte silently ignored.
143 function str2binb(str)
146 var mask = (1 << chrsz) - 1;
147 for(var i = 0; i < str.length * chrsz; i += chrsz)
148 bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (24 - i%32);
153 * Convert an array of big-endian words to a string
155 function binb2str(bin)
158 var mask = (1 << chrsz) - 1;
159 for(var i = 0; i < bin.length * 32; i += chrsz)
160 str += String.fromCharCode((bin[i>>5] >>> (24 - i%32)) & mask);
165 * Convert an array of big-endian words to a hex string.
167 function binb2hex(binarray)
169 var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
171 for(var i = 0; i < binarray.length * 4; i++)
173 str += hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8+4)) & 0xF) +
174 hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8 )) & 0xF);
180 * Convert an array of big-endian words to a base-64 string
182 function binb2b64(binarray)
184 var tab = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
186 for(var i = 0; i < binarray.length * 4; i += 3)
188 var triplet = (((binarray[i >> 2] >> 8 * (3 - i %4)) & 0xFF) << 16)
189 | (((binarray[i+1 >> 2] >> 8 * (3 - (i+1)%4)) & 0xFF) << 8 )
190 | ((binarray[i+2 >> 2] >> 8 * (3 - (i+2)%4)) & 0xFF);
191 for(var j = 0; j < 4; j++)
193 if(i * 8 + j * 6 > binarray.length * 32) str += b64pad;
194 else str += tab.charAt((triplet >> 6*(3-j)) & 0x3F);
202 * Verify passwords and its confirm
203 * password1: password
204 * password2: confirm password
206 function verify_password(password1, password2)
209 var err = new Array();
211 if (password1 == "" || password2 == "")
213 err[err.length] = "missing_password";
215 if (password1 != password2)
217 err[err.length] = "PASSWORD_MISMATCH";
219 if (password1.length < 8)
221 err[err.length] = "PASSWORD_LENGTH";
223 if (password1.search(/[a-zA-Z]+/) + password1.search(/[0-9]+/) + password1.search(/[_\-\/+!@#%^$*&)(|.]+/) < 0)
225 err[err.length] = "PASSWORD_CHARS";