Modified formatPlaintext in aes.js to fill plaintext buffers that aren't an even number of 32 byte AES blocks with pseudorandom bytes from getRandomBytes rather than zeroes.
Added mark-up to index.html to denote those parts to be dropped when assembling the lean version.
For some reason, on Mozilla 1.3/Linux, the "Key" edit line displayed in a larger Courier font in the lean version (but not the full version, which has no changes whatsoever which should affect the style of this box). I removed "Courier" from the font-family and left it as "monospace", which appears to work everywhere. No other browser had any problem with Courier as an alternative to monospace.
Added the three ECB test cases from the NIST standard test set to the test.html testbed. Each button plugs the key, plaintext, and ciphertext for the test in the corresponding boxes; you may then encrypt and decrypt to verify nothing changes. Key size and block size are now sensed automatically based on the length of the hexadecimal value in the field.
Integrated the pass_phrase.html and stego.html pages along with their supporting wordtab.js and stegodict.js files. Added these files to the appropriate places in the Makefile.
Added the ability to suppress the generation of headers and trailers in Base64 armour by setting base64addsent to false before calling armour_base64 in armour.js. This permits Stego to optionally suppress headers when it's being used to steganify a Base64 file belonging to another application.
Added user-defined seed specification to pass_phrase.html. If a pseudorandom seed is requested, its value is displayed in the user-defined seed field so it may be saved for subsequent use.
Extracted the entropy collection logic from javascrypt.html and pass_phrase.html into a new entropy.js module. Added a new mouseMotionEntropy function which captures mouse motion events and collects a specified number of subsequent triples of screen X and Y co-ordinates (we use the absolute screen position as it is more entropic than position within the client window), and the time of the mouse movement. This primes the entropy array with reasonably high quality data before most operations which require it.
Modified jscrypt.js to use AESprng in aesprng.js to generate the initial vector for CBC encryption and pad to an even number of blocks (if required). The AES-based pseudorandom generator is primed with a seed computed from the entropy vector.
Updated aesprng_test.html to conform with the changes to initial vector generation.
Increased the maximum length of the key in javascrypt.html and the seed in pass_phrase.html to 1024 characters,
Replaced "./" link targets in references to the JavaScrypt home page with "index.html" so these links work correctly when referencing the pages from a file: URL on a machine to which the user has downloaded the pages.
Further cleaned up aesprng_test.html so it's comprehensible without reading the source code. It now lets you specify the number of bytes to be generated and whether they're generated with the next or nextInt methods with HTML controls, shows the number of bytes when generated if the script is paused by an "unresponsive" warning, and lets you generate seeds just like pass_phrase.html does. I also cleaned up the format of the output it generates so it look just like an "XD" output and no longer requires the "-s" option when converting to binary with XD. The aesprng_test.html being sufficiently civilised now, I included it in the source distribution.
Added comments to the methods in aesprng.js.
Added missing example.html description to distribution.html.
Modified all Fourmilab links outside the JavaScrypt document tree to include an explicit "http://www.fourmilab.ch/". This permits them to function even when the pages are accessed from a local copy via a file: URL.
Modified the nextInt methods in aesprng.js and lecuyer.js to avoid the bias which results from using a modulus to obtain a pseudorandom value with a range which isn't a power of two. As explained in section 10.8 of Ferguson and Schneier's Practical Cryptography, to avoid a bias toward smaller values, one must generate pseudorandom values between 0 and the next higher power of two minus one, then discard results which are out of range in order to preserve a uniform distribution within the requested range. In aesprng.js, this fix has two additional salutary effects. First of all, it reduces the number of raw bytes generated to the minimum required to produce the desired result range and, if the requested range is 0-255, produces identical results to those obtained by calling the next() method directly.
As reported by Steven Wittens, jscrypt.js failed to handle plaintexts which contained Unicode characters greater than 0xFF. The conversion of the plaintext string to the AES plaintext byte array simply truncated characters to 8 bits. I added a new utf-8.js module which handles transformation between Unicode strings and UTF-8 encoded byte streams. Canonical transformation is implemented in the functions unicode_to_utf8 and utf8_to_unicode, which take a string argument and return the encoded or decoded string.
Both jscrypt.js and pass_phrase.html now apply encode_utf8 to text keys and seeds. This avoids the loss of information in upper bytes of characters greater than 0x7F. Since encode_utf8 is an identity for strings without such characters, this change is upward compatible with any key or seed consisting entirely of ASCII and Latin-1 graphic characters.
Added this development log to the Web directory, and provided a link from the main page.
The link for verifying the distribution signing key on KeyServer was broken due to a change in their domain name; fixed.
Added content-type declarations of charset=iso-8859-1 to all HTML documents and fixed most validation errors reported by the W3C HTML validator for 4.01 Transitional. A few remain, however, so we're not claiming full compliance. The problem is that without the wrap="off" attribute in a number of textarea fields, undesired line wrapping will occur. You're supposed to be able to control this with the CSS white-space: pre statement, but it doesn't seem to do anything inside a textarea, even in Firefox 1.5. So, there's no option but to leave the wrap in place, even though the validator complains about it.
The HTML 4.01 compatibility fixes broke the Perl program which creates the "lean" version of the encryption/decryption page; fixed.
Upgraded the following files for XHTML 1.0 syntax and validated them for compliance: aesprng_test.html, distribution.html, example.html, index.html, and log.html.
Upgraded the following files for XHTML 1.0 syntax and validated them for compliance: javascrypt.html, pass_phrase.html, and stego.html.
Removed wrap="off" attributes in <textarea> fields, as this is not an XHTML 1.0 (or HTML 4.01) supported mode. The CSS mode which is supposed to provide an equivalent doesn't work in current browsers, but in any case this is purely an aesthetic and presentation issue: wrapping of text within a textarea does not affect its processing.