summaryrefslogtreecommitdiff
authorGiulio Cesare Solaroli <giulio.cesare@clipperz.com>2014-05-30 14:10:13 (UTC)
committer Giulio Cesare Solaroli <giulio.cesare@clipperz.com>2014-05-30 14:15:51 (UTC)
commit7fdb41fa2b1f621636882ad9059c1f3ecfb74083 (patch) (unidiff)
tree33c05ee7329d9b8e5eff79942f254d6c680ad661
parented6b4edc82b0f65c77980713cd525053fcbc1dd2 (diff)
downloadclipperz-7fdb41fa2b1f621636882ad9059c1f3ecfb74083.zip
clipperz-7fdb41fa2b1f621636882ad9059c1f3ecfb74083.tar.gz
clipperz-7fdb41fa2b1f621636882ad9059c1f3ecfb74083.tar.bz2
Fixed vulnerability CLP-01-016
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--frontend/beta/js/Clipperz/Crypto/SRP.js67
-rw-r--r--frontend/delta/js/Clipperz/Crypto/SRP.js53
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/SRP.js53
3 files changed, 125 insertions, 48 deletions
diff --git a/frontend/beta/js/Clipperz/Crypto/SRP.js b/frontend/beta/js/Clipperz/Crypto/SRP.js
index 8cc80ba..8c522ad 100644
--- a/frontend/beta/js/Clipperz/Crypto/SRP.js
+++ b/frontend/beta/js/Clipperz/Crypto/SRP.js
@@ -41,12 +41,14 @@ Clipperz.Crypto.SRP.NAME = "Clipperz.Crypto.SRP";
41//############################################################################# 41//#############################################################################
42 42
43MochiKit.Base.update(Clipperz.Crypto.SRP, { 43MochiKit.Base.update(Clipperz.Crypto.SRP, {
44 44
45 '_n': null, 45 '_n': null,
46 '_g': null, 46 '_g': null,
47 '_k': null,
48
47 //------------------------------------------------------------------------- 49 //-------------------------------------------------------------------------
48 50
49 'n': function() { 51 'n': function() {
50 if (Clipperz.Crypto.SRP._n == null) { 52 if (Clipperz.Crypto.SRP._n == null) {
51 Clipperz.Crypto.SRP._n = new Clipperz.Crypto.BigInt("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); 53 Clipperz.Crypto.SRP._n = new Clipperz.Crypto.BigInt("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16);
52 } 54 }
@@ -61,12 +63,21 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, {
61 Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2); //eventually 5 (as suggested on the Diffi-Helmann documentation) 63 Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2); //eventually 5 (as suggested on the Diffi-Helmann documentation)
62 } 64 }
63 65
64 return Clipperz.Crypto.SRP._g; 66 return Clipperz.Crypto.SRP._g;
65 }, 67 },
66 68
69 'k': function() {
70 if (Clipperz.Crypto.SRP._k == null) {
71 // Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt(this.stringHash(this.n().asString() + this.g().asString()), 16);
72 Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt("64398bff522814e306a97cb9bfc4364b7eed16a8c17c5208a40a2bad2933c8e", 16);
73 }
74
75 return Clipperz.Crypto.SRP._k;
76 },
77
67 //----------------------------------------------------------------------------- 78 //-----------------------------------------------------------------------------
68 79
69 'exception': { 80 'exception': {
70 'InvalidValue': new MochiKit.Base.NamedError("Clipperz.Crypto.SRP.exception.InvalidValue") 81 'InvalidValue': new MochiKit.Base.NamedError("Clipperz.Crypto.SRP.exception.InvalidValue")
71 }, 82 },
72 83
@@ -126,40 +137,36 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
126 //------------------------------------------------------------------------- 137 //-------------------------------------------------------------------------
127 138
128 'a': function () { 139 'a': function () {
129 if (this._a == null) { 140 if (this._a == null) {
130 this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16); 141 this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16);
131 // this._a = new Clipperz.Crypto.BigInt("37532428169486597638072888476611365392249575518156687476805936694442691012367", 10); 142 // this._a = new Clipperz.Crypto.BigInt("37532428169486597638072888476611365392249575518156687476805936694442691012367", 10);
132//MochiKit.Logging.logDebug("SRP a: " + this._a);
133 } 143 }
134 144
135 return this._a; 145 return this._a;
136 }, 146 },
137 147
138 //------------------------------------------------------------------------- 148 //-------------------------------------------------------------------------
139 149
140 'A': function () { 150 'A': function () {
141 if (this._A == null) { 151 if (this._A == null) {
142 //Warning: this value should be strictly greater than zero: how should we perform this check? 152 //Warning: this value should be strictly greater than zero
143 this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n()); 153 this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n());
144 154 if (this._A.equals(0) || negative(this._A)) {
145 if (this._A.equals(0)) { 155 MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0.");
146MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0.");
147 throw Clipperz.Crypto.SRP.exception.InvalidValue; 156 throw Clipperz.Crypto.SRP.exception.InvalidValue;
148 } 157 }
149//MochiKit.Logging.logDebug("SRP A: " + this._A);
150 } 158 }
151 159
152 return this._A; 160 return this._A;
153 }, 161 },
154 162
155 //------------------------------------------------------------------------- 163 //-------------------------------------------------------------------------
156 164
157 's': function () { 165 's': function () {
158 return this._s; 166 return this._s;
159//MochiKit.Logging.logDebug("SRP s: " + this._S);
160 }, 167 },
161 168
162 'set_s': function(aValue) { 169 'set_s': function(aValue) {
163 this._s = aValue; 170 this._s = aValue;
164 }, 171 },
165 172
@@ -167,39 +174,35 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to
167 174
168 'B': function () { 175 'B': function () {
169 return this._B; 176 return this._B;
170 }, 177 },
171 178
172 'set_B': function(aValue) { 179 'set_B': function(aValue) {
173 //Warning: this value should be strictly greater than zero: how should we perform this check? 180 //Warning: this value should be strictly greater than zero
174 if (! aValue.equals(0)) { 181 this._B = aValue;
175 this._B = aValue; 182 if (this._B.equals(0) || negative(this._B)) {
176//MochiKit.Logging.logDebug("SRP B: " + this._B); 183 MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0.");
177 } else {
178MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0.");
179 throw Clipperz.Crypto.SRP.exception.InvalidValue; 184 throw Clipperz.Crypto.SRP.exception.InvalidValue;
180 } 185 }
181 }, 186 },
182 187
183 //------------------------------------------------------------------------- 188 //-------------------------------------------------------------------------
184 189
185 'x': function () { 190 'x': function () {
186 if (this._x == null) { 191 if (this._x == null) {
187 this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s().asString(16, 64) + this.P()), 16); 192 this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s().asString(16, 64) + this.P()), 16);
188//MochiKit.Logging.logDebug("SRP x: " + this._x);
189 } 193 }
190 194
191 return this._x; 195 return this._x;
192 }, 196 },
193 197
194 //------------------------------------------------------------------------- 198 //-------------------------------------------------------------------------
195 199
196 'u': function () { 200 'u': function () {
197 if (this._u == null) { 201 if (this._u == null) {
198 this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16); 202 this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.A().asString() + this.B().asString()), 16);
199//MochiKit.Logging.logDebug("SRP u: " + this._u);
200 } 203 }
201 204
202 return this._u; 205 return this._u;
203 }, 206 },
204 207
205 //------------------------------------------------------------------------- 208 //-------------------------------------------------------------------------
@@ -210,50 +213,66 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to
210 varsrp; 213 varsrp;
211 214
212 bigint = Clipperz.Crypto.BigInt; 215 bigint = Clipperz.Crypto.BigInt;
213 srp = Clipperz.Crypto.SRP; 216 srp = Clipperz.Crypto.SRP;
214 217
215 this._S =bigint.powerModule( 218 this._S =bigint.powerModule(
216 bigint.subtract(this.B(), bigint.powerModule(srp.g(), this.x(), srp.n())), 219 bigint.subtract(
217 bigint.add(this.a(), bigint.multiply(this.u(), this.x())), 220 this.B(),
218 srp.n() 221 bigint.multiply(
222 Clipperz.Crypto.SRP.k(),
223 bigint.powerModule(srp.g(), this.x(), srp.n())
224 )
225 ),
226 bigint.add(this.a(), bigint.multiply(this.u(), this.x())),
227 srp.n()
219 ) 228 )
220//MochiKit.Logging.logDebug("SRP S: " + this._S);
221 } 229 }
222 230
223 return this._S; 231 return this._S;
224 }, 232 },
225 233
226 //------------------------------------------------------------------------- 234 //-------------------------------------------------------------------------
227 235
228 'K': function () { 236 'K': function () {
229 if (this._K == null) { 237 if (this._K == null) {
230 this._K = this.stringHash(this.S().asString()); 238 this._K = this.stringHash(this.S().asString());
231//MochiKit.Logging.logDebug("SRP K: " + this._K);
232 } 239 }
233 240
234 return this._K; 241 return this._K;
235 }, 242 },
236 243
237 //------------------------------------------------------------------------- 244 //-------------------------------------------------------------------------
238 245
239 'M1': function () { 246 'M1': function () {
240 if (this._M1 == null) { 247 if (this._M1 == null) {
241 this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K()); 248 // this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K());
242//MochiKit.Logging.logDebug("SRP M1: " + this._M1); 249
250 //http://srp.stanford.edu/design.html
251 //User -> Host: M = H(H(N) xor H(g), H(I), s, A, B, K)
252
253 this._M1 = this.stringHash(
254 "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
255 this.stringHash(this.C()) +
256 this.s().asString() +
257 this.A().asString() +
258 this.B().asString() +
259 this.K()
260 );
261//console.log("M1", this._M1);
243 } 262 }
244 263
245 return this._M1; 264 return this._M1;
246 }, 265 },
247 266
248 //------------------------------------------------------------------------- 267 //-------------------------------------------------------------------------
249 268
250 'M2': function () { 269 'M2': function () {
251 if (this._M2 == null) { 270 if (this._M2 == null) {
252 this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K()); 271 this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K());
253//MochiKit.Logging.logDebug("SRP M2: " + this._M2); 272//console.log("M2", this._M2);
254 } 273 }
255 274
256 return this._M2; 275 return this._M2;
257 }, 276 },
258 277
259 //========================================================================= 278 //=========================================================================
diff --git a/frontend/delta/js/Clipperz/Crypto/SRP.js b/frontend/delta/js/Clipperz/Crypto/SRP.js
index 597e72d..6898dfb 100644
--- a/frontend/delta/js/Clipperz/Crypto/SRP.js
+++ b/frontend/delta/js/Clipperz/Crypto/SRP.js
@@ -41,12 +41,14 @@ Clipperz.Crypto.SRP.NAME = "Clipperz.Crypto.SRP";
41//############################################################################# 41//#############################################################################
42 42
43MochiKit.Base.update(Clipperz.Crypto.SRP, { 43MochiKit.Base.update(Clipperz.Crypto.SRP, {
44 44
45 '_n': null, 45 '_n': null,
46 '_g': null, 46 '_g': null,
47 '_k': null,
48
47 //------------------------------------------------------------------------- 49 //-------------------------------------------------------------------------
48 50
49 'n': function() { 51 'n': function() {
50 if (Clipperz.Crypto.SRP._n == null) { 52 if (Clipperz.Crypto.SRP._n == null) {
51 Clipperz.Crypto.SRP._n = new Clipperz.Crypto.BigInt("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); 53 Clipperz.Crypto.SRP._n = new Clipperz.Crypto.BigInt("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16);
52 } 54 }
@@ -61,12 +63,21 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, {
61 Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2); //eventually 5 (as suggested on the Diffi-Helmann documentation) 63 Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2); //eventually 5 (as suggested on the Diffi-Helmann documentation)
62 } 64 }
63 65
64 return Clipperz.Crypto.SRP._g; 66 return Clipperz.Crypto.SRP._g;
65 }, 67 },
66 68
69 'k': function() {
70 if (Clipperz.Crypto.SRP._k == null) {
71 // Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt(this.stringHash(this.n().asString() + this.g().asString()), 16);
72 Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt("64398bff522814e306a97cb9bfc4364b7eed16a8c17c5208a40a2bad2933c8e", 16);
73 }
74
75 return Clipperz.Crypto.SRP._k;
76 },
77
67 //----------------------------------------------------------------------------- 78 //-----------------------------------------------------------------------------
68 79
69 'exception': { 80 'exception': {
70 'InvalidValue': new MochiKit.Base.NamedError("Clipperz.Crypto.SRP.exception.InvalidValue") 81 'InvalidValue': new MochiKit.Base.NamedError("Clipperz.Crypto.SRP.exception.InvalidValue")
71 }, 82 },
72 83
@@ -135,16 +146,15 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
135 }, 146 },
136 147
137 //------------------------------------------------------------------------- 148 //-------------------------------------------------------------------------
138 149
139 'A': function () { 150 'A': function () {
140 if (this._A == null) { 151 if (this._A == null) {
141 //Warning: this value should be strictly greater than zero: how should we perform this check? 152 //Warning: this value should be strictly greater than zero
142 this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n()); 153 this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n());
143 154 if (this._A.equals(0) || negative(this._A)) {
144 if (this._A.equals(0)) {
145 Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0."); 155 Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0.");
146 throw Clipperz.Crypto.SRP.exception.InvalidValue; 156 throw Clipperz.Crypto.SRP.exception.InvalidValue;
147 } 157 }
148 } 158 }
149 159
150 return this._A; 160 return this._A;
@@ -164,16 +174,15 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
164 174
165 'B': function () { 175 'B': function () {
166 return this._B; 176 return this._B;
167 }, 177 },
168 178
169 'set_B': function(aValue) { 179 'set_B': function(aValue) {
170 //Warning: this value should be strictly greater than zero: how should we perform this check? 180 //Warning: this value should be strictly greater than zero
171 if (! aValue.equals(0)) { 181 this._B = aValue;
172 this._B = aValue; 182 if (this._B.equals(0) || negative(this._B)) {
173 } else {
174 Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0."); 183 Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0.");
175 throw Clipperz.Crypto.SRP.exception.InvalidValue; 184 throw Clipperz.Crypto.SRP.exception.InvalidValue;
176 } 185 }
177 }, 186 },
178 187
179 //------------------------------------------------------------------------- 188 //-------------------------------------------------------------------------
@@ -187,13 +196,13 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
187 }, 196 },
188 197
189 //------------------------------------------------------------------------- 198 //-------------------------------------------------------------------------
190 199
191 'u': function () { 200 'u': function () {
192 if (this._u == null) { 201 if (this._u == null) {
193 this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16); 202 this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.A().asString() + this.B().asString()), 16);
194 } 203 }
195 204
196 return this._u; 205 return this._u;
197 }, 206 },
198 207
199 //------------------------------------------------------------------------- 208 //-------------------------------------------------------------------------
@@ -204,15 +213,21 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
204 varsrp; 213 varsrp;
205 214
206 bigint = Clipperz.Crypto.BigInt; 215 bigint = Clipperz.Crypto.BigInt;
207 srp = Clipperz.Crypto.SRP; 216 srp = Clipperz.Crypto.SRP;
208 217
209 this._S =bigint.powerModule( 218 this._S =bigint.powerModule(
210 bigint.subtract(this.B(), bigint.powerModule(srp.g(), this.x(), srp.n())), 219 bigint.subtract(
211 bigint.add(this.a(), bigint.multiply(this.u(), this.x())), 220 this.B(),
212 srp.n() 221 bigint.multiply(
222 Clipperz.Crypto.SRP.k(),
223 bigint.powerModule(srp.g(), this.x(), srp.n())
224 )
225 ),
226 bigint.add(this.a(), bigint.multiply(this.u(), this.x())),
227 srp.n()
213 ) 228 )
214 } 229 }
215 230
216 return this._S; 231 return this._S;
217 }, 232 },
218 233
@@ -227,23 +242,37 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
227 }, 242 },
228 243
229 //------------------------------------------------------------------------- 244 //-------------------------------------------------------------------------
230 245
231 'M1': function () { 246 'M1': function () {
232 if (this._M1 == null) { 247 if (this._M1 == null) {
233 this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K()); 248 // this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K());
249
250 //http://srp.stanford.edu/design.html
251 //User -> Host: M = H(H(N) xor H(g), H(I), s, A, B, K)
252
253 this._M1 = this.stringHash(
254 "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
255 this.stringHash(this.C()) +
256 this.s().asString() +
257 this.A().asString() +
258 this.B().asString() +
259 this.K()
260 );
261//console.log("M1", this._M1);
234 } 262 }
235 263
236 return this._M1; 264 return this._M1;
237 }, 265 },
238 266
239 //------------------------------------------------------------------------- 267 //-------------------------------------------------------------------------
240 268
241 'M2': function () { 269 'M2': function () {
242 if (this._M2 == null) { 270 if (this._M2 == null) {
243 this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K()); 271 this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K());
272//console.log("M2", this._M2);
244 } 273 }
245 274
246 return this._M2; 275 return this._M2;
247 }, 276 },
248 277
249 //========================================================================= 278 //=========================================================================
diff --git a/frontend/gamma/js/Clipperz/Crypto/SRP.js b/frontend/gamma/js/Clipperz/Crypto/SRP.js
index 597e72d..6898dfb 100644
--- a/frontend/gamma/js/Clipperz/Crypto/SRP.js
+++ b/frontend/gamma/js/Clipperz/Crypto/SRP.js
@@ -41,12 +41,14 @@ Clipperz.Crypto.SRP.NAME = "Clipperz.Crypto.SRP";
41//############################################################################# 41//#############################################################################
42 42
43MochiKit.Base.update(Clipperz.Crypto.SRP, { 43MochiKit.Base.update(Clipperz.Crypto.SRP, {
44 44
45 '_n': null, 45 '_n': null,
46 '_g': null, 46 '_g': null,
47 '_k': null,
48
47 //------------------------------------------------------------------------- 49 //-------------------------------------------------------------------------
48 50
49 'n': function() { 51 'n': function() {
50 if (Clipperz.Crypto.SRP._n == null) { 52 if (Clipperz.Crypto.SRP._n == null) {
51 Clipperz.Crypto.SRP._n = new Clipperz.Crypto.BigInt("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); 53 Clipperz.Crypto.SRP._n = new Clipperz.Crypto.BigInt("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16);
52 } 54 }
@@ -61,12 +63,21 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, {
61 Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2); //eventually 5 (as suggested on the Diffi-Helmann documentation) 63 Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2); //eventually 5 (as suggested on the Diffi-Helmann documentation)
62 } 64 }
63 65
64 return Clipperz.Crypto.SRP._g; 66 return Clipperz.Crypto.SRP._g;
65 }, 67 },
66 68
69 'k': function() {
70 if (Clipperz.Crypto.SRP._k == null) {
71 // Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt(this.stringHash(this.n().asString() + this.g().asString()), 16);
72 Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt("64398bff522814e306a97cb9bfc4364b7eed16a8c17c5208a40a2bad2933c8e", 16);
73 }
74
75 return Clipperz.Crypto.SRP._k;
76 },
77
67 //----------------------------------------------------------------------------- 78 //-----------------------------------------------------------------------------
68 79
69 'exception': { 80 'exception': {
70 'InvalidValue': new MochiKit.Base.NamedError("Clipperz.Crypto.SRP.exception.InvalidValue") 81 'InvalidValue': new MochiKit.Base.NamedError("Clipperz.Crypto.SRP.exception.InvalidValue")
71 }, 82 },
72 83
@@ -135,16 +146,15 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
135 }, 146 },
136 147
137 //------------------------------------------------------------------------- 148 //-------------------------------------------------------------------------
138 149
139 'A': function () { 150 'A': function () {
140 if (this._A == null) { 151 if (this._A == null) {
141 //Warning: this value should be strictly greater than zero: how should we perform this check? 152 //Warning: this value should be strictly greater than zero
142 this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n()); 153 this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n());
143 154 if (this._A.equals(0) || negative(this._A)) {
144 if (this._A.equals(0)) {
145 Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0."); 155 Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0.");
146 throw Clipperz.Crypto.SRP.exception.InvalidValue; 156 throw Clipperz.Crypto.SRP.exception.InvalidValue;
147 } 157 }
148 } 158 }
149 159
150 return this._A; 160 return this._A;
@@ -164,16 +174,15 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
164 174
165 'B': function () { 175 'B': function () {
166 return this._B; 176 return this._B;
167 }, 177 },
168 178
169 'set_B': function(aValue) { 179 'set_B': function(aValue) {
170 //Warning: this value should be strictly greater than zero: how should we perform this check? 180 //Warning: this value should be strictly greater than zero
171 if (! aValue.equals(0)) { 181 this._B = aValue;
172 this._B = aValue; 182 if (this._B.equals(0) || negative(this._B)) {
173 } else {
174 Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0."); 183 Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0.");
175 throw Clipperz.Crypto.SRP.exception.InvalidValue; 184 throw Clipperz.Crypto.SRP.exception.InvalidValue;
176 } 185 }
177 }, 186 },
178 187
179 //------------------------------------------------------------------------- 188 //-------------------------------------------------------------------------
@@ -187,13 +196,13 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
187 }, 196 },
188 197
189 //------------------------------------------------------------------------- 198 //-------------------------------------------------------------------------
190 199
191 'u': function () { 200 'u': function () {
192 if (this._u == null) { 201 if (this._u == null) {
193 this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16); 202 this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.A().asString() + this.B().asString()), 16);
194 } 203 }
195 204
196 return this._u; 205 return this._u;
197 }, 206 },
198 207
199 //------------------------------------------------------------------------- 208 //-------------------------------------------------------------------------
@@ -204,15 +213,21 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
204 varsrp; 213 varsrp;
205 214
206 bigint = Clipperz.Crypto.BigInt; 215 bigint = Clipperz.Crypto.BigInt;
207 srp = Clipperz.Crypto.SRP; 216 srp = Clipperz.Crypto.SRP;
208 217
209 this._S =bigint.powerModule( 218 this._S =bigint.powerModule(
210 bigint.subtract(this.B(), bigint.powerModule(srp.g(), this.x(), srp.n())), 219 bigint.subtract(
211 bigint.add(this.a(), bigint.multiply(this.u(), this.x())), 220 this.B(),
212 srp.n() 221 bigint.multiply(
222 Clipperz.Crypto.SRP.k(),
223 bigint.powerModule(srp.g(), this.x(), srp.n())
224 )
225 ),
226 bigint.add(this.a(), bigint.multiply(this.u(), this.x())),
227 srp.n()
213 ) 228 )
214 } 229 }
215 230
216 return this._S; 231 return this._S;
217 }, 232 },
218 233
@@ -227,23 +242,37 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
227 }, 242 },
228 243
229 //------------------------------------------------------------------------- 244 //-------------------------------------------------------------------------
230 245
231 'M1': function () { 246 'M1': function () {
232 if (this._M1 == null) { 247 if (this._M1 == null) {
233 this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K()); 248 // this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K());
249
250 //http://srp.stanford.edu/design.html
251 //User -> Host: M = H(H(N) xor H(g), H(I), s, A, B, K)
252
253 this._M1 = this.stringHash(
254 "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
255 this.stringHash(this.C()) +
256 this.s().asString() +
257 this.A().asString() +
258 this.B().asString() +
259 this.K()
260 );
261//console.log("M1", this._M1);
234 } 262 }
235 263
236 return this._M1; 264 return this._M1;
237 }, 265 },
238 266
239 //------------------------------------------------------------------------- 267 //-------------------------------------------------------------------------
240 268
241 'M2': function () { 269 'M2': function () {
242 if (this._M2 == null) { 270 if (this._M2 == null) {
243 this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K()); 271 this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K());
272//console.log("M2", this._M2);
244 } 273 }
245 274
246 return this._M2; 275 return this._M2;
247 }, 276 },
248 277
249 //========================================================================= 278 //=========================================================================