js-confuser icon indicating copy to clipboard operation
js-confuser copied to clipboard

Published 20 hours ago verified publisher icon MichaelXF

SAFE Functions for integrity checks and for encryption

Open doctor8296 opened this issue 11 months ago • 2 comments

I collected/writed safe functions (based on literals), which are unpatchable and non-redefinable, and can safely be used for integrety checks or for "easy" encryption.

The only problem with those methods is that they have to use String.fromCharCode and String.prototype.charCodeAt (which are patchable). It can be solved by predefined literal dictionaries with symbols and charcodes. But it is not convenient to have whole unicode dictionary in code, because it is very large. However as far as we know all the characters used in code (and it is very unlikely that it will have all the characters, I'd say even more than 2% of it). Or we can use limited predefined set, like only ASCII chars.

const charCodeAt = (string, index) => {
  /** NO SAFE IMPLEMENTATION EXCEPT PREDEFINED DICTIONARIES */

  return string.charCodeAt(index);  
};

const fromCharCode = (code) => {
  /** NO SAFE IMPLEMENTATION EXCEPT PREDEFINED DICTIONARIES */

  return String.fromCharCode(code);
};

// safe Math.imul polyfill
const imul = (a, b) => {
  return (
    ((a & 0xffff) * (b & 0xffff) +
      ((((a >>> 16) * (b & 0xffff) + (a & 0xffff) * (b >>> 16)) << 16) >>> 0)) |
    0
  );
};

// hash function
const cyrb53 = (key, seed = 0) => {
  const A = 2654435761;
  const B = 1597334677;
  const C = 2246822507;
  const D = 3266489909;
  const E = 4294967296;
  const F = 2097151;

  let h1 = 0xdeadbeef ^ seed;
  let h2 = 0x41c6ce57 ^ seed;

  for (let index = 0, char; index < key.length; index++) {
    char = charCodeAt(key, index);

    h1 = imul(h1 ^ char, A);
    h2 = imul(h2 ^ char, B);
  }

  h1 = imul(h1 ^ (h1 >>> 16), C) ^ imul(h2 ^ (h2 >>> 13), D);
  h2 = imul(h2 ^ (h2 >>> 16), C) ^ imul(h1 ^ (h1 >>> 13), D);

  return E * (F & h2) + (h1 >>> 0);
};

// seeded random
const splitmix32 = (a) => {
  return () => {
    a |= 0;
    a = (a + 0x9e3779b9) | 0;
    let t = a ^ (a >>> 16);
    t = imul(t, 0x21f0aaad);
    t = t ^ (t >>> 15);
    t = imul(t, 0x735a2d97);
    return ((t = t ^ (t >>> 15)) >>> 0) / 4294967296;
  };
};

const ENCRYPTION_SEED = 90837146782

// symmetrical encryption
const easyEncrypt = (input, password) => {
  const random = splitmix32(cyrb53(password, ENCRYPTION_SEED));
  let output = "";
  for (let i = 0; i < input.length; i++) {
    output += fromCharCode(
      charCodeAt(input[i], 0) ^
        charCodeAt(password, i % input.length) ^
        charCodeAt(password, (input.length * random()) | 0) ^
        ((65536 * random()) | 0)
    );
  }
  return output;
};

image

doctor8296 avatar Nov 11 '24 09:11 doctor8296