/*

Copyright 2008-2015 Clipperz Srl

This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.

* Clipperz is free software: you can redistribute it and/or modify it
  under the terms of the GNU Affero General Public License as published
  by the Free Software Foundation, either version 3 of the License, or 
  (at your option) any later version.

* Clipperz is distributed in the hope that it will be useful, but 
  WITHOUT ANY WARRANTY; without even the implied warranty of 
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  See the GNU Affero General Public License for more details.

* You should have received a copy of the GNU Affero General Public
  License along with Clipperz. If not, see http://www.gnu.org/licenses/.

*/

"use strict";

try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
	throw "Clipperz.Crypto.AES depends on Clipperz.ByteArray!";
}

//	Dependency commented to avoid a circular reference
//try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) {
//	throw "Clipperz.Crypto.AES depends on Clipperz.Crypto.PRNG!";
//}  

if (typeof(Clipperz.Crypto.AES) == 'undefined') { Clipperz.Crypto.AES = {}; }

//#############################################################################

Clipperz.Crypto.AES.DeferredExecutionContext = function(args) {
	args = args || {};

	this._key = args.key;
	this._message = args.message;
	this._result = args.message.clone();
	this._nonce = args.nonce;
	this._messageLength = this._message.length();
	
	this._messageArray = this._message.arrayValues();
	this._resultArray = this._result.arrayValues();
	this._nonceArray = this._nonce.arrayValues();
	
	this._executionStep = 0;
	
//	this._elaborationChunkSize = 1024;	//	4096;	//	16384;	//	4096;
	this._elaborationChunks = 10;
	this._pauseTime = 0.02;				//	0.02	//	0.2;

	return this;
}

Clipperz.Crypto.AES.DeferredExecutionContext.prototype = MochiKit.Base.update(null, {

	'key': function() {
		return this._key;
	},
	
	'message': function() {
		return this._message;
	},
	
	'messageLength': function() {
		return this._messageLength;
	},
	
	'result': function() {
		return new Clipperz.ByteArray(this.resultArray());
	},
	
	'nonce': function() {
		return this._nonce;
	},

	'messageArray': function() {
		return this._messageArray;
	},
	
	'resultArray': function() {
		return this._resultArray;
	},
	
	'nonceArray': function() {
		return this._nonceArray;
	},

	'elaborationChunkSize': function() {
//		return Clipperz.Crypto.AES.DeferredExecution.chunkSize;
//		return this._elaborationChunkSize;
		return (this._elaborationChunks * 1024);
	},
	
	'executionStep': function() {
		return this._executionStep;
	},
	
	'setExecutionStep': function(aValue) {
		this._executionStep = aValue;
	},
	
	'tuneExecutionParameters': function (anElapsedTime) {
//var originalChunks = this._elaborationChunks;
		if (anElapsedTime > 0) {
			this._elaborationChunks = Math.round(this._elaborationChunks * ((anElapsedTime + 1000)/(anElapsedTime * 2)));
		}
//Clipperz.log("tuneExecutionParameters - elapsedTime: " +  anElapsedTime + /*originalChunks,*/ " chunks # " + this._elaborationChunks + " [" + this._executionStep + " / " + this._messageLength + "]");
	},
	
	'pause': function(aValue) {
//		return MochiKit.Async.wait(Clipperz.Crypto.AES.DeferredExecution.pauseTime, aValue);
		return MochiKit.Async.wait(this._pauseTime, aValue);
	},
	
	'isDone': function () {
		return (this._executionStep >= this._messageLength);
	},

	//-----------------------------------------------------------------------------
	__syntaxFix__: "syntax fix"

});

//#############################################################################

Clipperz.Crypto.AES.Key = function(args) {
	args = args || {};

	this._key = args.key;
	this._keySize = args.keySize || this.key().length();
	
	if (this.keySize() == 128/8) {
		this._b = 176;
		this._numberOfRounds = 10;
 	} else if (this.keySize() == 256/8) {
		this._b = 240;
		this._numberOfRounds = 14;
	} else {
		Clipperz.logError("AES unsupported key size: " + (this.keySize() * 8) + " bits");
		throw Clipperz.Crypto.AES.exception.UnsupportedKeySize;
	}
	
	this._stretchedKey = null;
	
	return this;
}

Clipperz.Crypto.AES.Key.prototype = MochiKit.Base.update(null, {

	'asString': function() {
		return "Clipperz.Crypto.AES.Key (" + this.key().toHexString() + ")";
	},
	
	//-----------------------------------------------------------------------------

	'key': function() {
		return this._key;
	},

	'keySize': function() {
		return this._keySize;
	},
	
	'b': function() {
		return this._b;
	},
	
	'numberOfRounds': function() {
		return this._numberOfRounds;
	},
	//=========================================================================

	'keyScheduleCore': function(aWord, aRoundConstantsIndex) {
		var	result;
		var sbox;

		sbox = Clipperz.Crypto.AES.sbox();

		result = [	sbox[aWord[1]] ^ Clipperz.Crypto.AES.roundConstants()[aRoundConstantsIndex],
					sbox[aWord[2]],
					sbox[aWord[3]],
					sbox[aWord[0]]	];

		return result;
	},

	//-----------------------------------------------------------------------------

	'xorWithPreviousStretchValues': function(aKey, aWord, aPreviousWordIndex) {
		var	result;
		var i,c;
		
		result = [];
		c = 4;
		for (i=0; i<c; i++) {
			result[i] = aWord[i] ^ aKey.byteAtIndex(aPreviousWordIndex + i);
		}
		
		return result;
	},

	//-----------------------------------------------------------------------------

	'sboxShakeup': function(aWord) {
		var result;
		var sbox;
		var i,c;
		
		result = [];
		sbox = Clipperz.Crypto.AES.sbox();
		c =4;
		for (i=0; i<c; i++) {
			result[i] = sbox[aWord[i]];
		}
		
		return result;
	},

	//-----------------------------------------------------------------------------

	'stretchKey': function(aKey) {
		var	currentWord;
		var	keyLength;
		var	previousStretchIndex;
		var i,c;
		
		keyLength = aKey.length();
		previousStretchIndex = keyLength - this.keySize();

		currentWord = [	aKey.byteAtIndex(keyLength - 4),
						aKey.byteAtIndex(keyLength - 3),
						aKey.byteAtIndex(keyLength - 2),
						aKey.byteAtIndex(keyLength - 1)	];
		currentWord = this.keyScheduleCore(currentWord, keyLength / this.keySize());

		if (this.keySize() == 256/8) {
			c = 8;
		} else if (this.keySize() == 128/8){
			c = 4;
		}
		
		for (i=0; i<c; i++) {
			if (i == 4) {
				//	fifth streatch word
				currentWord = this.sboxShakeup(currentWord);
			}

			currentWord = this.xorWithPreviousStretchValues(aKey, currentWord, previousStretchIndex + (i*4));
			aKey.appendBytes(currentWord);
		}

		return aKey;
	},

	//-----------------------------------------------------------------------------

	'stretchedKey': function() {
		if (this._stretchedKey == null) {
			var stretchedKey;
			
			stretchedKey = this.key().clone();

			while (stretchedKey.length() < this.keySize()) {
				stretchedKey.appendByte(0);
			}

			while (stretchedKey.length() < this.b()) {
				stretchedKey = this.stretchKey(stretchedKey);
			}
			
			this._stretchedKey = stretchedKey.split(0, this.b());
		}
		
		return this._stretchedKey;
	},

	//=========================================================================
	__syntaxFix__: "syntax fix"
});

//#############################################################################

Clipperz.Crypto.AES.State = function(args) {
	args = args || {};

	this._data = args.block;
	this._key = args.key;
	
	return this;
}

Clipperz.Crypto.AES.State.prototype = MochiKit.Base.update(null, {

	'key': function() {
		return this._key;
	},
	
	//-----------------------------------------------------------------------------

	'data': function() {
		return this._data;
	},

	'setData': function(aValue) {
		this._data = aValue;
	},

	//=========================================================================

	'addRoundKey': function(aRoundNumber) {
	 	//	each byte of the state is combined with the round key; each round key is derived from the cipher key using a key schedule.
		var	data;
		var	stretchedKey;
		var	firstStretchedKeyIndex;
		var i,c;

		data = this.data();
		stretchedKey = this.key().stretchedKey();
		firstStretchedKeyIndex = aRoundNumber * (128/8);
		c = 128/8;
		for (i=0; i<c; i++) {
			data[i] = data[i] ^ stretchedKey.byteAtIndex(firstStretchedKeyIndex + i);
		}
	},
	
	//-----------------------------------------------------------------------------

	'subBytes': function() {
		//	 a non-linear substitution step where each byte is replaced with another according to a lookup table.
		var i,c;
		var	data;
		var sbox;
		
		data = this.data();
		sbox = Clipperz.Crypto.AES.sbox();
		
		c = 16;
		for (i=0; i<c; i++) {
			data[i] = sbox[data[i]];
		}
	},

	//-----------------------------------------------------------------------------

	'shiftRows': function() {
		//	a transposition step where each row of the state is shifted cyclically a certain number of steps.
		var	newValue;
		var	data;
		var	shiftMapping;
		var	i,c;
		
		newValue = new Array(16);
		data = this.data();
		shiftMapping = Clipperz.Crypto.AES.shiftRowMapping();
//		[0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 1, 6, 11];
		c = 16;
		for (i=0; i<c; i++) {
			newValue[i] = data[shiftMapping[i]];
		}
		for (i=0; i<c; i++) {
			data[i] = newValue[i];
		}
	},

	//-----------------------------------------------------------------------------
/*
	'mixColumnsWithValues': function(someValues) {
		var	result;
		var	a;
		var i,c;
		
		c = 4;
		result = [];
		a = [];
		for (i=0; i<c; i++) {
			a[i] = [];
			a[i][1] = someValues[i]
			if ((a[i][1] & 0x80) == 0x80) {
				a[i][2] = (a[i][1] << 1) ^ 0x11b;
			} else {
				a[i][2] = a[i][1] << 1;
			}
			
			a[i][3] = a[i][2] ^ a[i][1];
		}
	
		for (i=0; i<c; i++) {
			var	x;

			x = Clipperz.Crypto.AES.mixColumnsMatrix()[i];
			result[i] = a[0][x[0]] ^ a[1][x[1]] ^ a[2][x[2]] ^ a[3][x[3]];
		}

		return result;
	},
	
	'mixColumns': function() {
		//	a mixing operation which operates on the columns of the state, combining the four bytes in each column using a linear transformation.
		var data;
		var i, c;
		
		data = this.data();
		c = 4;
		for(i=0; i<c; i++) {
			var	blockIndex;
			var mixedValues;
			
			blockIndex = i * 4;
			mixedValues = this.mixColumnsWithValues([	data[blockIndex + 0],
														data[blockIndex + 1],
														data[blockIndex + 2],
														data[blockIndex + 3]]);
			data[blockIndex + 0] = mixedValues[0];
			data[blockIndex + 1] = mixedValues[1];
			data[blockIndex + 2] = mixedValues[2];
			data[blockIndex + 3] = mixedValues[3];
		}
	},
*/

	'mixColumns': function() {
		//	a mixing operation which operates on the columns of the state, combining the four bytes in each column using a linear transformation.
		var data;
		var i, c;
		var a_1;
		var a_2;

		a_1 = new Array(4);
		a_2 = new Array(4);
		
		data = this.data();
		c = 4;
		for(i=0; i<c; i++) {
			var	blockIndex;
			var ii, cc;
			
			blockIndex = i * 4;

			cc = 4;
			for (ii=0; ii<cc; ii++) {
				var value;
				
				value = data[blockIndex + ii];
				a_1[ii] = value;
				a_2[ii] = (value & 0x80) ? ((value << 1) ^ 0x011b) : (value << 1);
			}

			data[blockIndex + 0] = a_2[0] ^ a_1[1] ^ a_2[1] ^ a_1[2] ^ a_1[3];
			data[blockIndex + 1] = a_1[0] ^ a_2[1] ^ a_1[2] ^ a_2[2] ^ a_1[3];
			data[blockIndex + 2] = a_1[0] ^ a_1[1] ^ a_2[2] ^ a_1[3] ^ a_2[3];
			data[blockIndex + 3] = a_1[0] ^ a_2[0] ^ a_1[1] ^ a_1[2] ^ a_2[3];
		}
	},

	//=========================================================================
	
	'spinRound': function(aRoundNumber) {
		this.addRoundKey(aRoundNumber);
		this.subBytes();
		this.shiftRows();
		this.mixColumns();
	},

	'spinLastRound': function() {
		this.addRoundKey(this.key().numberOfRounds() - 1);
		this.subBytes();
		this.shiftRows();
		this.addRoundKey(this.key().numberOfRounds());
	},

	//=========================================================================

	'encrypt': function() {
		var	i,c;

		c = this.key().numberOfRounds() - 1;
		for (i=0; i<c; i++) {
			this.spinRound(i);
		}

		this.spinLastRound();
	},
	
	//=========================================================================
	__syntaxFix__: "syntax fix"
});

//#############################################################################

Clipperz.Crypto.AES.VERSION = "0.1";
Clipperz.Crypto.AES.NAME = "Clipperz.Crypto.AES";

MochiKit.Base.update(Clipperz.Crypto.AES, {

//	http://www.cs.eku.edu/faculty/styer/460/Encrypt/JS-AES.html
//	http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
//	http://en.wikipedia.org/wiki/Rijndael_key_schedule 
//	http://en.wikipedia.org/wiki/Rijndael_S-box
		
	'__repr__': function () {
		return "[" + this.NAME + " " + this.VERSION + "]";
	},

	'toString': function () {
		return this.__repr__();
	},

	//=============================================================================
	
	'_sbox': null,
	'sbox': function() {
		if (Clipperz.Crypto.AES._sbox == null) {
			Clipperz.Crypto.AES._sbox = [
0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
			];
		}
		
		return Clipperz.Crypto.AES._sbox;
	},

	//-----------------------------------------------------------------------------
	//
	//		0	4	8	12				0	4	8	12
	//		1	5	9	13		=>		5	9	13	1
	//		2	6	10	14				10	14	2	6
	//		3	7	11	15				15	3	7	11
	//
	'_shiftRowMapping': null,
	'shiftRowMapping': function() {
		if (Clipperz.Crypto.AES._shiftRowMapping == null) {
			Clipperz.Crypto.AES._shiftRowMapping = [0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 1, 6, 11];
		}
		
		return Clipperz.Crypto.AES._shiftRowMapping;
	},

	//-----------------------------------------------------------------------------

	'_mixColumnsMatrix': null,
	'mixColumnsMatrix': function() {
		if (Clipperz.Crypto.AES._mixColumnsMatrix == null) {
			Clipperz.Crypto.AES._mixColumnsMatrix = [	[2, 3, 1 ,1],
														[1, 2, 3, 1],
														[1, 1, 2, 3],
														[3, 1, 1, 2]   ];
		}
		
		return Clipperz.Crypto.AES._mixColumnsMatrix;
	},

	'_roundConstants': null,
	'roundConstants': function() {
		if (Clipperz.Crypto.AES._roundConstants == null) {
			Clipperz.Crypto.AES._roundConstants = [ , 1, 2, 4, 8, 16, 32, 64, 128, 27, 54, 108, 216, 171, 77, 154];
//			Clipperz.Crypto.AES._roundConstants = [ , 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a];
		}
		
		return Clipperz.Crypto.AES._roundConstants;
	},
	
	//=============================================================================

	'incrementNonce': function(aNonce) {
//Clipperz.Profile.start("Clipperz.Crypto.AES.incrementNonce");
		var i;
		var done;
		
		done = false;
		i = aNonce.length - 1;
		
		while ((i>=0) && (done == false)) {
			var currentByteValue;
			
			currentByteValue = aNonce[i];
			
			if (currentByteValue == 0xff) {
				aNonce[i] = 0;
				if (i>= 0) {
					i --;
				} else {
					done = true;
				}
			} else {
				aNonce[i] = currentByteValue + 1;
				done = true;
			}
		}
//Clipperz.Profile.stop("Clipperz.Crypto.AES.incrementNonce");
	},
	
	//-----------------------------------------------------------------------------

	'encryptBlock': function(aKey, aBlock) {
		var	result;
		var	state;

		state = new Clipperz.Crypto.AES.State({block:aBlock, key:aKey});
//is(state.data(), 'before');
		state.encrypt();
		result = state.data(); 
		
		return result;
	},

	//-----------------------------------------------------------------------------

	'encryptBlocks': function(aKey, aMessage, aNonce) {
		var	result;
		var nonce;
		var self;
		var	messageIndex;
		var	messageLength;
		var blockSize;		
		
		self = Clipperz.Crypto.AES;
		blockSize = 128/8;
		messageLength = aMessage.length;
		nonce = aNonce;

		result = aMessage;
		messageIndex = 0;
		while (messageIndex < messageLength) {
			var encryptedBlock;
			var i,c;
			
			self.incrementNonce(nonce);
			encryptedBlock = self.encryptBlock(aKey, nonce);
			
			if ((messageLength - messageIndex) > blockSize) {
				c = blockSize;
			} else {
				c = messageLength - messageIndex;
			}
			
			for (i=0; i<c; i++) {
				result[messageIndex + i] = result[messageIndex + i] ^ encryptedBlock[i];
			}
			
			messageIndex += blockSize;
		}
		
		return result;
	},
	
	//-----------------------------------------------------------------------------

	'encrypt': function(aKey, someData, aNonce) {
		var result;
		var nonce;
		var	encryptedData;
		var key;

		key = new Clipperz.Crypto.AES.Key({key:aKey});
		nonce = aNonce ? aNonce.clone() : Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(128/8);

		encryptedData = Clipperz.Crypto.AES.encryptBlocks(key, someData.arrayValues(), nonce.arrayValues());

		result = nonce.appendBytes(encryptedData);
		
		return result;
	},

	//-----------------------------------------------------------------------------

	'decrypt': function(aKey, someData) {
		var result;
		var nonce;
		var encryptedData;
		var decryptedData;
		var	dataIterator;
		var key;

		key = new Clipperz.Crypto.AES.Key({key:aKey});

		encryptedData = someData.arrayValues();
		nonce = encryptedData.slice(0, (128/8));
		encryptedData = encryptedData.slice(128/8);
		decryptedData = Clipperz.Crypto.AES.encryptBlocks(key, encryptedData, nonce);

		result = new Clipperz.ByteArray(decryptedData);
		
		return result;
	},
	
	//=============================================================================

	'deferredEncryptExecutionChunk': function(anExecutionContext) {
		var	result;
		var nonce;
		var self;
		var	messageIndex;
		var	messageLength;
		var blockSize;	
		var executionLimit;
		var startTime, endTime;

		self = Clipperz.Crypto.AES;
		startTime = new Date();
		blockSize = 128/8;
		messageLength = anExecutionContext.messageArray().length;
		nonce = anExecutionContext.nonceArray();
		result = anExecutionContext.resultArray();

		messageIndex = anExecutionContext.executionStep();
		executionLimit = messageIndex + anExecutionContext.elaborationChunkSize();
		executionLimit = Math.min(executionLimit, messageLength);
		
		while (messageIndex < executionLimit) {
			var encryptedBlock;
			var i,c;
			
			self.incrementNonce(nonce);
			encryptedBlock = self.encryptBlock(anExecutionContext.key(), nonce);
			
			if ((executionLimit - messageIndex) > blockSize) {
				c = blockSize;
			} else {
				c = executionLimit - messageIndex;
			}
			
			for (i=0; i<c; i++) {
				result[messageIndex + i] = result[messageIndex + i] ^ encryptedBlock[i];
			}
			
			messageIndex += blockSize;
		}
		anExecutionContext.setExecutionStep(messageIndex);
		endTime = new Date();
		anExecutionContext.tuneExecutionParameters(endTime - startTime);
		
		return anExecutionContext;
	},

	//-----------------------------------------------------------------------------
/*
	'deferredEncryptBlocks': function(anExecutionContext) {
		var	deferredResult;
		var	messageSize;
		var i,c;
		
		messageSize = anExecutionContext.messageLength();		
		
		deferredResult = new Clipperz.Async.Deferred("AES.deferredEncryptBloks");

		c = Math.ceil(messageSize / anExecutionContext.elaborationChunkSize());
		for (i=0; i<c; i++) {
			deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptExecutionChunk);
			deferredResult.addMethod(anExecutionContext, 'pause');
		}
		
		deferredResult.callback(anExecutionContext);
		
		return deferredResult;
	},
*/

	'deferredEncryptBlocks': function(anExecutionContext) {
		var	deferredResult;

		if (! anExecutionContext.isDone()) {
			deferredResult = Clipperz.Async.callbacks("Clipperz.Crypto.AES.deferredEncryptBloks", [
				Clipperz.Crypto.AES.deferredEncryptExecutionChunk,
				MochiKit.Base.method(anExecutionContext, 'pause'),
				Clipperz.Crypto.AES.deferredEncryptBlocks
			], {trace:false}, anExecutionContext);
		} else {
			deferredResult = MochiKit.Async.succeed(anExecutionContext);
		}
		
		return deferredResult;
	},

	//-----------------------------------------------------------------------------
	
	'deferredEncrypt': function(aKey, someData, aNonce) {
		var deferredResult;
		var	executionContext;
		var result;
		var nonce;
		var key;

		key = new Clipperz.Crypto.AES.Key({key:aKey});
		nonce = aNonce ? aNonce.clone() : Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(128/8);

		executionContext = new Clipperz.Crypto.AES.DeferredExecutionContext({key:key, message:someData, nonce:nonce});

		deferredResult = new Clipperz.Async.Deferred("AES.deferredEncrypt");
		deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptBlocks);
		deferredResult.addCallback(function(anExecutionContext) {
			var result;
			
			result = anExecutionContext.nonce().clone();
			result.appendBytes(anExecutionContext.resultArray());

			return result;
		});
		deferredResult.callback(executionContext)

		return deferredResult;
	},

	//-----------------------------------------------------------------------------

	'deferredDecrypt': function(aKey, someData) {
		var deferredResult;
		var executionContext;
		var nonce;
		var message;
		var key;

		key = new Clipperz.Crypto.AES.Key({key:aKey});
		nonce = someData.split(0, (128/8));
		message = someData.split(128/8);
		executionContext = new Clipperz.Crypto.AES.DeferredExecutionContext({key:key, message:message, nonce:nonce});

		deferredResult = new Clipperz.Async.Deferred("AES.deferredDecrypt");
		deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptBlocks);
		deferredResult.addCallback(function(anExecutionContext) {
			return anExecutionContext.result();
		});
		deferredResult.callback(executionContext);

		return deferredResult;
	},
	
	//-----------------------------------------------------------------------------
	__syntaxFix__: "syntax fix"
	
});

//#############################################################################

//Clipperz.Crypto.AES.DeferredExecution = {
//	'chunkSize': 16384,	//	4096,	//	1024	4096	8192	16384	32768;
//	'pauseTime': 0.02	//	0.2
//}

Clipperz.Crypto.AES.exception = {
	'UnsupportedKeySize':    new MochiKit.Base.NamedError("Clipperz.Crypto.AES.exception.UnsupportedKeySize") 
};