// Depends on jsbn.js, UTF8, aesprng.js, entropy.js, aes.js
// 17-08-08 VM UTF8 encryption added
// convert a (hex) string to a bignum object
var prng;
function parseBigInt(str, r) {
    return new BigInteger(str, r);
}
function linebrk(s, n) {
    var ret = "";
    var i = 0;
    while (i + n < s.length) {
        ret += s.substring(i, i + n) + "\n";
        i += n;
    }
    return ret + s.substring(i, s.length);
}
function byte2Hex(b) {
    if (b < 0x10)
        return "0" + b.toString(16);
    else
        return b.toString(16);
}
// "empty" RSA key constructor
function RSAKey() {
    this.n = null;
    this.e = 0;
    this.d = null;
    this.p = null;
    this.q = null;
    this.dmp1 = null;
    this.dmq1 = null;
    this.coeff = null;
}
// Set the public key fields N and e from hex strings
function RSASetPublic(N, E) {
    if (N != null && E != null && N.length > 0 && E.length > 0) {
        this.n = parseBigInt(N, 16);
        this.e = parseInt(E, 16);
    }
    else
        alert("Invalid RSA public key");
}
// Perform raw public operation on "x": return x^e (mod n)
function RSADoPublic(x) {
    return x.modPowInt(this.e, this.n);
}
function BytesToString(a) {
    var s = new String();
    for (var i = 0; i < a.length; i++) { s += String.fromCharCode(a[i]); }
    return s;
}
function StringToBytes(s) {
    var a = new Array();
    for (var i = 0; i < s.length; i++) a[i] = s.charCodeAt(i);
    return a;
}
function RSApadString(s) {
    var i = ((this.n.bitLength() + 7) >> 3) - s.length;
    if (i > 0) return s + BytesToString(getRandomBytes(i));
    return null;
}
function complexRSAEncrypt(text) {
    var plaintext = UTF8encode(text);
    md5_init();
    for (var i = 0; i < plaintext.length; i++) {
        md5_update(plaintext.charCodeAt(i));
    }
    md5_finish();
    var header = String.fromCharCode(1);
    header += String.fromCharCode(plaintext.length >>> 24);
    header += String.fromCharCode(plaintext.length >>> 16);
    header += String.fromCharCode(plaintext.length >>> 8);
    header += String.fromCharCode(plaintext.length & 0xFF);
    header += BytesToString(digestBits);
    /* The format of the actual message is:
    Bytes Content
    0 Byte 1 (to prevent number padding)
    1-4 Length of plaintext, big-endian order
    5-20 MD5 signature of plaintext
    21-end Plaintext
    Note that this message will be padded with random bytes
    either to this.n size for short messages or
    to an integral number of AES blocks (blockSizeInBits / 8).
    This does not include the initial vector for CBC
    encryption, which is added internally by rijndaelEncrypt.
    */
    addEntropyTime(); prng = new AESprng(keyFromEntropy());
    var RSAtext = this.padString(header + plaintext);
    var Aes = (RSAtext == null);
    if (Aes) {
        var key = getRandomBytes(32);
        RSAtext = this.padString(header + BytesToString(key));
    }
    RSAa = this.doPublic(new BigInteger(StringToBytes(RSAtext)));
    RSAh = RSAa.toString(16); if (RSAh.length & 1) RSAh = "0" + RSAh;
    if (Aes) {
        var ct = rijndaelEncrypt(header + plaintext, key, "CBC");
        return RSAh + '/' + byteArrayToHex(ct);
    }
    return RSAh;
}
// protected
RSAKey.prototype.doPublic = RSADoPublic;
RSAKey.prototype.padString = RSApadString;
// public
RSAKey.prototype.setPublic = RSASetPublic;
RSAKey.prototype.encrypt = complexRSAEncrypt;
function RSACPZsetPublic() {
    this.setPublic("b842718e025d5d9b5fb68c14cb01e584f6187152376a53bd012b793f246a3284\nf998780b3649927e1f8a758cf2dc46c1d8e2c588f2e7b4c74cdb47aa3afef1d0\nbcb4ea4b8f360b88b7d7fb58b8125c2302a556aba8b331297c3602490fc652b1\nbc89f3addaf37848229f8d2a2d1ea43db8788e37be1b5e3f627955af04e293c1", "10001");
}
RSAKey.prototype.CPZsetPublic = RSACPZsetPublic;