summaryrefslogtreecommitdiff
path: root/frontend/beta/js/Clipperz/Crypto/ECC
authorGiulio Cesare Solaroli <giulio.cesare@clipperz.com>2011-10-02 23:56:18 (UTC)
committer Giulio Cesare Solaroli <giulio.cesare@clipperz.com>2011-10-02 23:56:18 (UTC)
commitef68436ac04da078ffdcacd7e1f785473a303d45 (patch) (unidiff)
treec403752d66a2c4775f00affd4fa8431b29c5b68c /frontend/beta/js/Clipperz/Crypto/ECC
parent597ecfbc0249d83e1b856cbd558340c01237a360 (diff)
downloadclipperz-ef68436ac04da078ffdcacd7e1f785473a303d45.zip
clipperz-ef68436ac04da078ffdcacd7e1f785473a303d45.tar.gz
clipperz-ef68436ac04da078ffdcacd7e1f785473a303d45.tar.bz2
First version of the newly restructured repository
Diffstat (limited to 'frontend/beta/js/Clipperz/Crypto/ECC') (more/less context) (ignore whitespace changes)
-rw-r--r--frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Curve.js461
-rw-r--r--frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js526
-rw-r--r--frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Point.js67
-rw-r--r--frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Value.js377
4 files changed, 1431 insertions, 0 deletions
diff --git a/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Curve.js b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Curve.js
new file mode 100644
index 0000000..042ca6c
--- a/dev/null
+++ b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Curve.js
@@ -0,0 +1,461 @@
1/*
2
3Copyright 2008-2011 Clipperz Srl
4
5This file is part of Clipperz's Javascript Crypto Library.
6Javascript Crypto Library provides web developers with an extensive
7and efficient set of cryptographic functions. The library aims to
8obtain maximum execution speed while preserving modularity and
9reusability.
10For further information about its features and functionalities please
11refer to http://www.clipperz.com
12
13* Javascript Crypto Library is free software: you can redistribute
14 it and/or modify it under the terms of the GNU Affero General Public
15 License as published by the Free Software Foundation, either version
16 3 of the License, or (at your option) any later version.
17
18* Javascript Crypto Library is distributed in the hope that it will
19 be useful, but WITHOUT ANY WARRANTY; without even the implied
20 warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
21 See the GNU Affero General Public License for more details.
22
23* You should have received a copy of the GNU Affero General Public
24 License along with Javascript Crypto Library. If not, see
25 <http://www.gnu.org/licenses/>.
26
27*/
28
29try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
30 throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
31}
32if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
33if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
34
35Clipperz.Crypto.ECC.BinaryField.Curve = function(args) {
36 args = args || {};
37
38 this._modulus = args.modulus;
39
40 this._a = args.a;
41 this._b = args.b;
42 this._G = args.G;
43 this._r = args.r;
44 this._h = args.h;
45
46 this._finiteField = null;
47
48 return this;
49}
50
51Clipperz.Crypto.ECC.BinaryField.Curve.prototype = MochiKit.Base.update(null, {
52
53 'asString': function() {
54 return "Clipperz.Crypto.ECC.BinaryField.Curve";
55 },
56
57 //-----------------------------------------------------------------------------
58
59 'modulus': function() {
60 return this._modulus;
61 },
62
63 'a': function() {
64 return this._a;
65 },
66
67 'b': function() {
68 return this._b;
69 },
70
71 'G': function() {
72 return this._G;
73 },
74
75 'r': function() {
76 return this._r;
77 },
78
79 'h': function() {
80 return this._h;
81 },
82
83 //-----------------------------------------------------------------------------
84
85 'finiteField': function() {
86 if (this._finiteField == null) {
87 this._finiteField = new Clipperz.Crypto.ECC.BinaryField.FiniteField({modulus:this.modulus()})
88 }
89
90 return this._finiteField;
91 },
92
93 //-----------------------------------------------------------------------------
94
95 'negate': function(aPointA) {
96 var result;
97
98 result = new Clipperz.Crypto.ECC.Point({x:aPointA.x(), y:this.finiteField().add(aPointA.y(), aPointA.x())})
99
100 return result;
101 },
102
103 //-----------------------------------------------------------------------------
104
105 'add': function(aPointA, aPointB) {
106 var result;
107
108//console.log(">>> ECC.BinaryField.Curve.add");
109 if (aPointA.isZero()) {
110//console.log("--- pointA == zero");
111 result = aPointB;
112 } else if (aPointB.isZero()) {
113//console.log("--- pointB == zero");
114 result = aPointA;
115 } else if ((aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) {
116//console.log("compare A.x - B.x: ", aPointA.x().compare(aPointB.x()));
117//console.log("compare A.y - B.y: ", (aPointA.y().compare(aPointB.y()) != 0));
118//console.log("compare B.x.isZero(): ", aPointB.x().isZero());
119
120//console.log("--- result = zero");
121 result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
122 } else {
123//console.log("--- result = ELSE");
124 varf2m;
125 var x, y;
126 var lambda;
127 var aX, aY, bX, bY;
128
129 aX = aPointA.x()._value;
130 aY = aPointA.y()._value;
131 bX = aPointB.x()._value;
132 bY = aPointB.y()._value;
133
134 f2m = this.finiteField();
135
136 if (aPointA.x().compare(aPointB.x()) != 0) {
137//console.log(" a.x != b.x");
138 lambda =f2m._fastMultiply(
139 f2m._add(aY, bY),
140 f2m._inverse(f2m._add(aX, bX))
141 );
142 x = f2m._add(this.a()._value, f2m._square(lambda));
143 f2m._overwriteAdd(x, lambda);
144 f2m._overwriteAdd(x, aX);
145 f2m._overwriteAdd(x, bX);
146 } else {
147//console.log(" a.x == b.x");
148 lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX)));
149//console.log(" lambda: " + lambda.asString(16));
150 x = f2m._add(this.a()._value, f2m._square(lambda));
151//console.log(" x (step 1): " + x.asString(16));
152 f2m._overwriteAdd(x, lambda);
153//console.log(" x (step 2): " + x.asString(16));
154 }
155
156 y = f2m._fastMultiply(f2m._add(bX, x), lambda);
157//console.log(" y (step 1): " + y.asString(16));
158 f2m._overwriteAdd(y, x);
159//console.log(" y (step 2): " + y.asString(16));
160 f2m._overwriteAdd(y, bY);
161//console.log(" y (step 3): " + y.asString(16));
162
163 result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)})
164 }
165//console.log("<<< ECC.BinaryField.Curve.add");
166
167 return result;
168 },
169
170 //-----------------------------------------------------------------------------
171
172 'overwriteAdd': function(aPointA, aPointB) {
173 if (aPointA.isZero()) {
174 // result = aPointB;
175 aPointA._x._value = aPointB._x._value;
176 aPointA._y._value = aPointB._y._value;
177 } else if (aPointB.isZero()) {
178 // result = aPointA;
179 } else if ((aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) {
180 // result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
181 aPointA._x = Clipperz.Crypto.ECC.BinaryField.Value.O;
182 aPointA._y = Clipperz.Crypto.ECC.BinaryField.Value.O;
183 } else {
184 varf2m;
185 var x, y;
186 var lambda;
187 var aX, aY, bX, bY;
188
189 aX = aPointA.x()._value;
190 aY = aPointA.y()._value;
191 bX = aPointB.x()._value;
192 bY = aPointB.y()._value;
193
194 f2m = this.finiteField();
195
196 if (aPointA.x().compare(aPointB.x()) != 0) {
197//console.log(" a.x != b.x");
198 lambda =f2m._fastMultiply(
199 f2m._add(aY, bY),
200 f2m._inverse(f2m._add(aX, bX))
201 );
202 x = f2m._add(this.a()._value, f2m._square(lambda));
203 f2m._overwriteAdd(x, lambda);
204 f2m._overwriteAdd(x, aX);
205 f2m._overwriteAdd(x, bX);
206 } else {
207//console.log(" a.x == b.x");
208 lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX)));
209//console.log(" lambda: " + lambda.asString(16));
210 x = f2m._add(this.a()._value, f2m._square(lambda));
211//console.log(" x (step 1): " + x.asString(16));
212 f2m._overwriteAdd(x, lambda);
213//console.log(" x (step 2): " + x.asString(16));
214 }
215
216 y = f2m._fastMultiply(f2m._add(bX, x), lambda);
217//console.log(" y (step 1): " + y.asString(16));
218 f2m._overwriteAdd(y, x);
219//console.log(" y (step 2): " + y.asString(16));
220 f2m._overwriteAdd(y, bY);
221//console.log(" y (step 3): " + y.asString(16));
222
223 // result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)})
224 aPointA._x._value = x;
225 aPointA._y._value = y;
226
227 }
228//console.log("<<< ECC.BinaryField.Curve.add");
229
230 return result;
231 },
232
233 //-----------------------------------------------------------------------------
234
235 'multiply': function(aValue, aPoint) {
236 var result;
237
238//console.profile();
239 result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
240
241 if (aValue.isZero() == false) {
242 var k, Q;
243 var i;
244 var countIndex; countIndex = 0;
245
246 if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) {
247 k = aValue;
248 Q = aPoint;
249 } else {
250MochiKit.Logging.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!");
251 k = aValue.negate();
252 Q = this.negate(aPoint);
253 }
254
255//console.log("k: " + k.toString(16));
256//console.log("k.bitSize: " + k.bitSize());
257 for (i=k.bitSize()-1; i>=0; i--) {
258 result = this.add(result, result);
259 // this.overwriteAdd(result, result);
260 if (k.isBitSet(i)) {
261 result = this.add(result, Q);
262 // this.overwriteAdd(result, Q);
263 }
264
265 // if (countIndex==100) {console.log("multiply.break"); break;} else countIndex++;
266 }
267 }
268//console.profileEnd();
269
270 return result;
271 },
272
273 //-----------------------------------------------------------------------------
274 __syntaxFix__: "syntax fix"
275});
276
277
278//#############################################################################
279
280Clipperz.Crypto.ECC.StandardCurves = {};
281
282MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, {
283/*
284 '_K571': null,
285 'K571': function() {
286 if (Clipperz.Crypto.ECC.StandardCurves._K571 == null) {
287 Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.Curve.Koblitz({
288 exadecimalForm: '80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425',
289 a: new Clipperz.Crypto.BigInt(0),
290 G: new Clipperz.Crypto.ECC.Point({
291 x: new Clipperz.Crypto.BigInt('26eb7a859923fbc82189631f8103fe4ac9ca2970012d5d46024804801841ca44370958493b205e647da304db4ceb08cbbd1ba39494776fb988b47174dca88c7e2945283a01c8972', 16),
292 y: new Clipperz.Crypto.BigInt('349dc807f4fbf374f4aeade3bca95314dd58cec9f307a54ffc61efc006d8a2c9d4979c0ac44aea74fbebbb9f772aedcb620b01a7ba7af1b320430c8591984f601cd4c143ef1c7a3', 16)
293 }),
294 n: new Clipperz.Crypto.BigInt('1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276673', 16),
295 h: new Clipperz.Crypto.BigInt(4)
296 });
297 }
298
299 return Clipperz.Crypto.ECC.StandardCurves._K571;
300 },
301*/
302 //-----------------------------------------------------------------------------
303
304 '_B571': null,
305 'B571': function() { //f(z) = z^571 + z^10 + z^5 + z^2 + 1
306 if (Clipperz.Crypto.ECC.StandardCurves._B571 == null) {
307 Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({
308 modulus: new Clipperz.Crypto.ECC.BinaryField.Value('80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425', 16),
309 a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
310 b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a', 16),
311 G: new Clipperz.Crypto.ECC.BinaryField.Point({
312 x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16),
313 y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16)
314 }),
315 r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16),
316 h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
317
318 // S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
319 // n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16),
320 });
321
322 //-----------------------------------------------------------------------------
323 //
324 //Guide to Elliptic Curve Cryptography
325 //Darrel Hankerson, Alfred Menezes, Scott Vanstone
326 //- Pag: 56, Alorithm 2.45 (with a typo!!!)
327 //
328 //-----------------------------------------------------------------------------
329 //
330 // http://www.milw0rm.com/papers/136
331 //
332 // -------------------------------------------------------------------------
333 // Polynomial Reduction Algorithm Modulo f571
334 // -------------------------------------------------------------------------
335 //
336 // Input: Polynomial p(x) of degree 1140 or less, stored as
337 // an array of 2T machinewords.
338 // Output: p(x) mod f571(x)
339 //
340 // FOR i = T-1, ..., 0 DO
341 // SET X := P[i+T]
342 // P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15)
343 // P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27)
344 //
345 // SET X := P[T-1] >> 27
346 // P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10)
347 // P[T-1] := P[T-1] & 0x07ffffff
348 //
349 // RETURN P[T-1],...,P[0]
350 //
351 // -------------------------------------------------------------------------
352 //
353 Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module;
354 Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) {
355 varresult;
356
357 if (aValue.bitSize() > 1140) {
358 MochiKit.Logging.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation");
359 result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue);
360 } else {
361 varC, T;
362 var i;
363
364//console.log(">>> binaryField.finiteField.(improved)module");
365 // C = aValue.value().slice(0);
366 C = aValue._value.slice(0);
367 for (i=35; i>=18; i--) {
368 T = C[i];
369 C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0);
370 C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0);
371 }
372 T = (C[17] >>> 27);
373 C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0);
374 C[17] = (C[17] & 0x07ffffff);
375
376 for(i=18; i<=35; i++) {
377 C[i] = 0;
378 }
379
380 result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
381//console.log("<<< binaryField.finiteField.(improved)module");
382 }
383
384 return result;
385 };
386 }
387
388 return Clipperz.Crypto.ECC.StandardCurves._B571;
389 },
390
391 //-----------------------------------------------------------------------------
392
393 '_B283': null,
394 'B283': function() { //f(z) = z^283 + z^12 + z^7 + z^5 + 1
395 if (Clipperz.Crypto.ECC.StandardCurves._B283 == null) {
396 Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({
397 // modulus: new Clipperz.Crypto.ECC.BinaryField.Value('10000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
398 modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
399 a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
400 b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16),
401 G: new Clipperz.Crypto.ECC.BinaryField.Point({
402 x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16),
403 y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16)
404 }),
405 r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16),
406 h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
407
408 // S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
409 // n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16),
410 });
411
412 //-----------------------------------------------------------------------------
413 //
414 //Guide to Elliptic Curve Cryptography
415 //Darrel Hankerson, Alfred Menezes, Scott Vanstone
416 //- Pag: 56, Alorithm 2.43
417 //
418 //-----------------------------------------------------------------------------
419 Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module;
420 Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) {
421 varresult;
422
423 if (aValue.bitSize() > 564) {
424 MochiKit.Logging.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation");
425 result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue);
426 } else {
427 varC, T;
428 var i;
429
430//console.log(">>> binaryField.finiteField.(improved)module");
431 C = aValue._value.slice(0);
432 for (i=17; i>=9; i--) {
433 T = C[i];
434 C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0);
435 C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0);
436 }
437 T = (C[8] >>> 27);
438 C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0);
439 C[8] = (C[8] & 0x07ffffff);
440
441 for(i=9; i<=17; i++) {
442 C[i] = 0;
443 }
444
445 result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
446//console.log("<<< binaryField.finiteField.(improved)module");
447 }
448
449 return result;
450 };
451 }
452
453 return Clipperz.Crypto.ECC.StandardCurves._B283;
454 },
455
456 //-----------------------------------------------------------------------------
457 __syntaxFix__: "syntax fix"
458});
459
460//#############################################################################
461
diff --git a/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js
new file mode 100644
index 0000000..3ddf2ec
--- a/dev/null
+++ b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js
@@ -0,0 +1,526 @@
1/*
2
3Copyright 2008-2011 Clipperz Srl
4
5This file is part of Clipperz's Javascript Crypto Library.
6Javascript Crypto Library provides web developers with an extensive
7and efficient set of cryptographic functions. The library aims to
8obtain maximum execution speed while preserving modularity and
9reusability.
10For further information about its features and functionalities please
11refer to http://www.clipperz.com
12
13* Javascript Crypto Library is free software: you can redistribute
14 it and/or modify it under the terms of the GNU Affero General Public
15 License as published by the Free Software Foundation, either version
16 3 of the License, or (at your option) any later version.
17
18* Javascript Crypto Library is distributed in the hope that it will
19 be useful, but WITHOUT ANY WARRANTY; without even the implied
20 warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
21 See the GNU Affero General Public License for more details.
22
23* You should have received a copy of the GNU Affero General Public
24 License along with Javascript Crypto Library. If not, see
25 <http://www.gnu.org/licenses/>.
26
27*/
28
29try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
30 throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
31}
32if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
33if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
34
35Clipperz.Crypto.ECC.BinaryField.FiniteField = function(args) {
36 args = args || {};
37 this._modulus = args.modulus;
38
39 return this;
40}
41
42Clipperz.Crypto.ECC.BinaryField.FiniteField.prototype = MochiKit.Base.update(null, {
43
44 'asString': function() {
45 return "Clipperz.Crypto.ECC.BinaryField.FiniteField (" + this.modulus().asString() + ")";
46 },
47
48 //-----------------------------------------------------------------------------
49
50 'modulus': function() {
51 return this._modulus;
52 },
53
54 //-----------------------------------------------------------------------------
55
56 '_module': function(aValue) {
57 varresult;
58 var modulusComparison;
59//console.log(">>> binaryField.finiteField.(standard)module");
60
61 modulusComparison = Clipperz.Crypto.ECC.BinaryField.Value._compare(aValue, this.modulus()._value);
62
63 if (modulusComparison < 0) {
64 result = aValue;
65 } else if (modulusComparison == 0) {
66 result = [0];
67 } else {
68 var modulusBitSize;
69 var resultBitSize;
70
71 result = aValue;
72
73 modulusBitSize = this.modulus().bitSize();
74 resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result);
75 while (resultBitSize >= modulusBitSize) {
76 Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this.modulus()._value, resultBitSize - modulusBitSize));
77 resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result);
78 }
79 }
80//console.log("<<< binaryField.finiteField.(standard)module");
81
82 return result;
83 },
84
85 'module': function(aValue) {
86 return new Clipperz.Crypto.ECC.BinaryField.Value(this._module(aValue._value.slice(0)));
87 },
88
89 //-----------------------------------------------------------------------------
90
91 '_add': function(a, b) {
92 return Clipperz.Crypto.ECC.BinaryField.Value._xor(a, b);
93 },
94
95 '_overwriteAdd': function(a, b) {
96 Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(a, b);
97 },
98
99 'add': function(a, b) {
100 return new Clipperz.Crypto.ECC.BinaryField.Value(this._add(a._value, b._value));
101 },
102
103 //-----------------------------------------------------------------------------
104
105 'negate': function(aValue) {
106 return aValue.clone();
107 },
108
109 //-----------------------------------------------------------------------------
110
111 '_multiply': function(a, b) {
112 var result;
113 var valueToXor;
114 var i,c;
115
116 result = [0];
117 valueToXor = b;
118 c = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(a);
119 for (i=0; i<c; i++) {
120 if (Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(a, i) === true) {
121 Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, valueToXor);
122 }
123 valueToXor = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(valueToXor, 1);
124 }
125 result = this._module(result);
126
127 return result;
128 },
129
130 'multiply': function(a, b) {
131 return new Clipperz.Crypto.ECC.BinaryField.Value(this._multiply(a._value, b._value));
132 },
133
134 //-----------------------------------------------------------------------------
135
136 '_fastMultiply': function(a, b) {
137 var result;
138 var B;
139 var i,c;
140
141 result = [0];
142 B = b.slice(0); //Is this array copy avoidable?
143 c = 32;
144 for (i=0; i<c; i++) {
145 var ii, cc;
146
147 cc = a.length;
148 for (ii=0; ii<cc; ii++) {
149 if (((a[ii] >>> i) & 0x01) == 1) {
150 Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, B, ii);
151 }
152 }
153
154 if (i < (c-1)) {
155 B = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(B, 1);
156 }
157 }
158 result = this._module(result);
159
160 return result;
161 },
162
163 'fastMultiply': function(a, b) {
164 return new Clipperz.Crypto.ECC.BinaryField.Value(this._fastMultiply(a._value, b._value));
165 },
166
167 //-----------------------------------------------------------------------------
168 //
169 //Guide to Elliptic Curve Cryptography
170 //Darrel Hankerson, Alfred Menezes, Scott Vanstone
171 //- Pag: 49, Alorithm 2.34
172 //
173 //-----------------------------------------------------------------------------
174
175 '_square': function(aValue) {
176 var result;
177 var value;
178 var c,i;
179 var precomputedValues;
180
181 value = aValue;
182 result = new Array(value.length * 2);
183 precomputedValues = Clipperz.Crypto.ECC.BinaryField.FiniteField.squarePrecomputedBytes;
184
185 c = value.length;
186 for (i=0; i<c; i++) {
187 result[i*2] = precomputedValues[(value[i] & 0x000000ff)];
188 result[i*2] |= ((precomputedValues[(value[i] & 0x0000ff00) >>> 8]) << 16);
189
190 result[i*2 + 1] = precomputedValues[(value[i] & 0x00ff0000) >>> 16];
191 result[i*2 + 1] |= ((precomputedValues[(value[i] & 0xff000000) >>> 24]) << 16);
192 }
193
194 return this._module(result);
195 },
196
197 'square': function(aValue) {
198 return new Clipperz.Crypto.ECC.BinaryField.Value(this._square(aValue._value));
199 },
200
201 //-----------------------------------------------------------------------------
202
203 '_inverse': function(aValue) {
204 varresult;
205 var b, c;
206 var u, v;
207
208 // b = Clipperz.Crypto.ECC.BinaryField.Value.I._value;
209 b = [1];
210 // c = Clipperz.Crypto.ECC.BinaryField.Value.O._value;
211 c = [0];
212 u = this._module(aValue);
213 v = this.modulus()._value.slice(0);
214
215 while (Clipperz.Crypto.ECC.BinaryField.Value._bitSize(u) > 1) {
216 varbitDifferenceSize;
217
218 bitDifferenceSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(u) - Clipperz.Crypto.ECC.BinaryField.Value._bitSize(v);
219 if (bitDifferenceSize < 0) {
220 var swap;
221
222 swap = u;
223 u = v;
224 v = swap;
225
226 swap = c;
227 c = b;
228 b = swap;
229
230 bitDifferenceSize = -bitDifferenceSize;
231 }
232
233 u = this._add(u, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(v, bitDifferenceSize));
234 b = this._add(b, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(c, bitDifferenceSize));
235 // this._overwriteAdd(u, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(v, bitDifferenceSize));
236 // this._overwriteAdd(b, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(c, bitDifferenceSize));
237 }
238
239 result = this._module(b);
240
241 return result;
242 },
243
244 'inverse': function(aValue) {
245 return new Clipperz.Crypto.ECC.BinaryField.Value(this._inverse(aValue._value));
246 },
247
248 //-----------------------------------------------------------------------------
249 __syntaxFix__: "syntax fix"
250});
251
252
253Clipperz.Crypto.ECC.BinaryField.FiniteField.squarePrecomputedBytes = [
254 0x0000, // 0 = 0000 0000 -> 0000 0000 0000 0000
255 0x0001, // 1 = 0000 0001 -> 0000 0000 0000 0001
256 0x0004, // 2 = 0000 0010 -> 0000 0000 0000 0100
257 0x0005, // 3 = 0000 0011 -> 0000 0000 0000 0101
258 0x0010, // 4 = 0000 0100 -> 0000 0000 0001 0000
259 0x0011, // 5 = 0000 0101 -> 0000 0000 0001 0001
260 0x0014, // 6 = 0000 0110 -> 0000 0000 0001 0100
261 0x0015, // 7 = 0000 0111 -> 0000 0000 0001 0101
262 0x0040, // 8 = 0000 1000 -> 0000 0000 0100 0000
263 0x0041, // 9 = 0000 1001 -> 0000 0000 0100 0001
264 0x0044, // 10 = 0000 1010 -> 0000 0000 0100 0100
265 0x0045, // 11 = 0000 1011 -> 0000 0000 0100 0101
266 0x0050, // 12 = 0000 1100 -> 0000 0000 0101 0000
267 0x0051, // 13 = 0000 1101 -> 0000 0000 0101 0001
268 0x0054, // 14 = 0000 1110 -> 0000 0000 0101 0100
269 0x0055, // 15 = 0000 1111 -> 0000 0000 0101 0101
270
271 0x0100, // 16 = 0001 0000 -> 0000 0001 0000 0000
272 0x0101, // 17 = 0001 0001 -> 0000 0001 0000 0001
273 0x0104, // 18 = 0001 0010 -> 0000 0001 0000 0100
274 0x0105, // 19 = 0001 0011 -> 0000 0001 0000 0101
275 0x0110, // 20 = 0001 0100 -> 0000 0001 0001 0000
276 0x0111, // 21 = 0001 0101 -> 0000 0001 0001 0001
277 0x0114, // 22 = 0001 0110 -> 0000 0001 0001 0100
278 0x0115, // 23 = 0001 0111 -> 0000 0001 0001 0101
279 0x0140, // 24 = 0001 1000 -> 0000 0001 0100 0000
280 0x0141, // 25 = 0001 1001 -> 0000 0001 0100 0001
281 0x0144, // 26 = 0001 1010 -> 0000 0001 0100 0100
282 0x0145, // 27 = 0001 1011 -> 0000 0001 0100 0101
283 0x0150, // 28 = 0001 1100 -> 0000 0001 0101 0000
284 0x0151, // 28 = 0001 1101 -> 0000 0001 0101 0001
285 0x0154, // 30 = 0001 1110 -> 0000 0001 0101 0100
286 0x0155, // 31 = 0001 1111 -> 0000 0001 0101 0101
287
288 0x0400, // 32 = 0010 0000 -> 0000 0100 0000 0000
289 0x0401, // 33 = 0010 0001 -> 0000 0100 0000 0001
290 0x0404, // 34 = 0010 0010 -> 0000 0100 0000 0100
291 0x0405, // 35 = 0010 0011 -> 0000 0100 0000 0101
292 0x0410, // 36 = 0010 0100 -> 0000 0100 0001 0000
293 0x0411, // 37 = 0010 0101 -> 0000 0100 0001 0001
294 0x0414, // 38 = 0010 0110 -> 0000 0100 0001 0100
295 0x0415, // 39 = 0010 0111 -> 0000 0100 0001 0101
296 0x0440, // 40 = 0010 1000 -> 0000 0100 0100 0000
297 0x0441, // 41 = 0010 1001 -> 0000 0100 0100 0001
298 0x0444, // 42 = 0010 1010 -> 0000 0100 0100 0100
299 0x0445, // 43 = 0010 1011 -> 0000 0100 0100 0101
300 0x0450, // 44 = 0010 1100 -> 0000 0100 0101 0000
301 0x0451, // 45 = 0010 1101 -> 0000 0100 0101 0001
302 0x0454, // 46 = 0010 1110 -> 0000 0100 0101 0100
303 0x0455, // 47 = 0010 1111 -> 0000 0100 0101 0101
304
305 0x0500, // 48 = 0011 0000 -> 0000 0101 0000 0000
306 0x0501, // 49 = 0011 0001 -> 0000 0101 0000 0001
307 0x0504, // 50 = 0011 0010 -> 0000 0101 0000 0100
308 0x0505, // 51 = 0011 0011 -> 0000 0101 0000 0101
309 0x0510, // 52 = 0011 0100 -> 0000 0101 0001 0000
310 0x0511, // 53 = 0011 0101 -> 0000 0101 0001 0001
311 0x0514, // 54 = 0011 0110 -> 0000 0101 0001 0100
312 0x0515, // 55 = 0011 0111 -> 0000 0101 0001 0101
313 0x0540, // 56 = 0011 1000 -> 0000 0101 0100 0000
314 0x0541, // 57 = 0011 1001 -> 0000 0101 0100 0001
315 0x0544, // 58 = 0011 1010 -> 0000 0101 0100 0100
316 0x0545, // 59 = 0011 1011 -> 0000 0101 0100 0101
317 0x0550, // 60 = 0011 1100 -> 0000 0101 0101 0000
318 0x0551, // 61 = 0011 1101 -> 0000 0101 0101 0001
319 0x0554, // 62 = 0011 1110 -> 0000 0101 0101 0100
320 0x0555, // 63 = 0011 1111 -> 0000 0101 0101 0101
321
322 0x1000, // 64 = 0100 0000 -> 0001 0000 0000 0000
323 0x1001, // 65 = 0100 0001 -> 0001 0000 0000 0001
324 0x1004, // 66 = 0100 0010 -> 0001 0000 0000 0100
325 0x1005, // 67 = 0100 0011 -> 0001 0000 0000 0101
326 0x1010, // 68 = 0100 0100 -> 0001 0000 0001 0000
327 0x1011, // 69 = 0100 0101 -> 0001 0000 0001 0001
328 0x1014, // 70 = 0100 0110 -> 0001 0000 0001 0100
329 0x1015, // 71 = 0100 0111 -> 0001 0000 0001 0101
330 0x1040, // 72 = 0100 1000 -> 0001 0000 0100 0000
331 0x1041, // 73 = 0100 1001 -> 0001 0000 0100 0001
332 0x1044, // 74 = 0100 1010 -> 0001 0000 0100 0100
333 0x1045, // 75 = 0100 1011 -> 0001 0000 0100 0101
334 0x1050, // 76 = 0100 1100 -> 0001 0000 0101 0000
335 0x1051, // 77 = 0100 1101 -> 0001 0000 0101 0001
336 0x1054, // 78 = 0100 1110 -> 0001 0000 0101 0100
337 0x1055, // 79 = 0100 1111 -> 0001 0000 0101 0101
338
339 0x1100, // 80 = 0101 0000 -> 0001 0001 0000 0000
340 0x1101, // 81 = 0101 0001 -> 0001 0001 0000 0001
341 0x1104, // 82 = 0101 0010 -> 0001 0001 0000 0100
342 0x1105, // 83 = 0101 0011 -> 0001 0001 0000 0101
343 0x1110, // 84 = 0101 0100 -> 0001 0001 0001 0000
344 0x1111, // 85 = 0101 0101 -> 0001 0001 0001 0001
345 0x1114, // 86 = 0101 0110 -> 0001 0001 0001 0100
346 0x1115, // 87 = 0101 0111 -> 0001 0001 0001 0101
347 0x1140, // 88 = 0101 1000 -> 0001 0001 0100 0000
348 0x1141, // 89 = 0101 1001 -> 0001 0001 0100 0001
349 0x1144, // 90 = 0101 1010 -> 0001 0001 0100 0100
350 0x1145, // 91 = 0101 1011 -> 0001 0001 0100 0101
351 0x1150, // 92 = 0101 1100 -> 0001 0001 0101 0000
352 0x1151, // 93 = 0101 1101 -> 0001 0001 0101 0001
353 0x1154, // 94 = 0101 1110 -> 0001 0001 0101 0100
354 0x1155, // 95 = 0101 1111 -> 0001 0001 0101 0101
355
356 0x1400, // 96 = 0110 0000 -> 0001 0100 0000 0000
357 0x1401, // 97 = 0110 0001 -> 0001 0100 0000 0001
358 0x1404, // 98 = 0110 0010 -> 0001 0100 0000 0100
359 0x1405, // 99 = 0110 0011 -> 0001 0100 0000 0101
360 0x1410, //100 = 0110 0100 -> 0001 0100 0001 0000
361 0x1411, //101 = 0110 0101 -> 0001 0100 0001 0001
362 0x1414, //102 = 0110 0110 -> 0001 0100 0001 0100
363 0x1415, //103 = 0110 0111 -> 0001 0100 0001 0101
364 0x1440, //104 = 0110 1000 -> 0001 0100 0100 0000
365 0x1441, //105 = 0110 1001 -> 0001 0100 0100 0001
366 0x1444, //106 = 0110 1010 -> 0001 0100 0100 0100
367 0x1445, //107 = 0110 1011 -> 0001 0100 0100 0101
368 0x1450, //108 = 0110 1100 -> 0001 0100 0101 0000
369 0x1451, //109 = 0110 1101 -> 0001 0100 0101 0001
370 0x1454, //110 = 0110 1110 -> 0001 0100 0101 0100
371 0x1455, //111 = 0110 1111 -> 0001 0100 0101 0101
372
373 0x1500, //112 = 0111 0000 -> 0001 0101 0000 0000
374 0x1501, //113 = 0111 0001 -> 0001 0101 0000 0001
375 0x1504, //114 = 0111 0010 -> 0001 0101 0000 0100
376 0x1505, //115 = 0111 0011 -> 0001 0101 0000 0101
377 0x1510, //116 = 0111 0100 -> 0001 0101 0001 0000
378 0x1511, //117 = 0111 0101 -> 0001 0101 0001 0001
379 0x1514, //118 = 0111 0110 -> 0001 0101 0001 0100
380 0x1515, //119 = 0111 0111 -> 0001 0101 0001 0101
381 0x1540, //120 = 0111 1000 -> 0001 0101 0100 0000
382 0x1541, //121 = 0111 1001 -> 0001 0101 0100 0001
383 0x1544, //122 = 0111 1010 -> 0001 0101 0100 0100
384 0x1545, //123 = 0111 1011 -> 0001 0101 0100 0101
385 0x1550, //124 = 0111 1100 -> 0001 0101 0101 0000
386 0x1551, //125 = 0111 1101 -> 0001 0101 0101 0001
387 0x1554, //126 = 0111 1110 -> 0001 0101 0101 0100
388 0x1555, //127 = 0111 1111 -> 0001 0101 0101 0101
389
390 0x4000, //128 = 1000 0000 -> 0100 0000 0000 0000
391 0x4001, //129 = 1000 0001 -> 0100 0000 0000 0001
392 0x4004, //130 = 1000 0010 -> 0100 0000 0000 0100
393 0x4005, //131 = 1000 0011 -> 0100 0000 0000 0101
394 0x4010, //132 = 1000 0100 -> 0100 0000 0001 0000
395 0x4011, //133 = 1000 0101 -> 0100 0000 0001 0001
396 0x4014, //134 = 1000 0110 -> 0100 0000 0001 0100
397 0x4015, //135 = 1000 0111 -> 0100 0000 0001 0101
398 0x4040, //136 = 1000 1000 -> 0100 0000 0100 0000
399 0x4041, //137 = 1000 1001 -> 0100 0000 0100 0001
400 0x4044, //138 = 1000 1010 -> 0100 0000 0100 0100
401 0x4045, //139 = 1000 1011 -> 0100 0000 0100 0101
402 0x4050, //140 = 1000 1100 -> 0100 0000 0101 0000
403 0x4051, //141 = 1000 1101 -> 0100 0000 0101 0001
404 0x4054, //142 = 1000 1110 -> 0100 0000 0101 0100
405 0x4055, //143 = 1000 1111 -> 0100 0000 0101 0101
406
407 0x4100, //144 = 1001 0000 -> 0100 0001 0000 0000
408 0x4101, //145 = 1001 0001 -> 0100 0001 0000 0001
409 0x4104, //146 = 1001 0010 -> 0100 0001 0000 0100
410 0x4105, //147 = 1001 0011 -> 0100 0001 0000 0101
411 0x4110, //148 = 1001 0100 -> 0100 0001 0001 0000
412 0x4111, //149 = 1001 0101 -> 0100 0001 0001 0001
413 0x4114, //150 = 1001 0110 -> 0100 0001 0001 0100
414 0x4115, //151 = 1001 0111 -> 0100 0001 0001 0101
415 0x4140, //152 = 1001 1000 -> 0100 0001 0100 0000
416 0x4141, //153 = 1001 1001 -> 0100 0001 0100 0001
417 0x4144, //154 = 1001 1010 -> 0100 0001 0100 0100
418 0x4145, //155 = 1001 1011 -> 0100 0001 0100 0101
419 0x4150, //156 = 1001 1100 -> 0100 0001 0101 0000
420 0x4151, //157 = 1001 1101 -> 0100 0001 0101 0001
421 0x4154, //158 = 1001 1110 -> 0100 0001 0101 0100
422 0x4155, //159 = 1001 1111 -> 0100 0001 0101 0101
423
424 0x4400, //160 = 1010 0000 -> 0100 0100 0000 0000
425 0x4401, //161 = 1010 0001 -> 0100 0100 0000 0001
426 0x4404, //162 = 1010 0010 -> 0100 0100 0000 0100
427 0x4405, //163 = 1010 0011 -> 0100 0100 0000 0101
428 0x4410, //164 = 1010 0100 -> 0100 0100 0001 0000
429 0x4411, //165 = 1010 0101 -> 0100 0100 0001 0001
430 0x4414, //166 = 1010 0110 -> 0100 0100 0001 0100
431 0x4415, //167 = 1010 0111 -> 0100 0100 0001 0101
432 0x4440, //168 = 1010 1000 -> 0100 0100 0100 0000
433 0x4441, //169 = 1010 1001 -> 0100 0100 0100 0001
434 0x4444, //170 = 1010 1010 -> 0100 0100 0100 0100
435 0x4445, //171 = 1010 1011 -> 0100 0100 0100 0101
436 0x4450, //172 = 1010 1100 -> 0100 0100 0101 0000
437 0x4451, //173 = 1010 1101 -> 0100 0100 0101 0001
438 0x4454, //174 = 1010 1110 -> 0100 0100 0101 0100
439 0x4455, //175 = 1010 1111 -> 0100 0100 0101 0101
440
441 0x4500, //176 = 1011 0000 -> 0100 0101 0000 0000
442 0x4501, //177 = 1011 0001 -> 0100 0101 0000 0001
443 0x4504, //178 = 1011 0010 -> 0100 0101 0000 0100
444 0x4505, //179 = 1011 0011 -> 0100 0101 0000 0101
445 0x4510, //180 = 1011 0100 -> 0100 0101 0001 0000
446 0x4511, //181 = 1011 0101 -> 0100 0101 0001 0001
447 0x4514, //182 = 1011 0110 -> 0100 0101 0001 0100
448 0x4515, //183 = 1011 0111 -> 0100 0101 0001 0101
449 0x4540, //184 = 1011 1000 -> 0100 0101 0100 0000
450 0x4541, //185 = 1011 1001 -> 0100 0101 0100 0001
451 0x4544, //186 = 1011 1010 -> 0100 0101 0100 0100
452 0x4545, //187 = 1011 1011 -> 0100 0101 0100 0101
453 0x4550, //188 = 1011 1100 -> 0100 0101 0101 0000
454 0x4551, //189 = 1011 1101 -> 0100 0101 0101 0001
455 0x4554, //190 = 1011 1110 -> 0100 0101 0101 0100
456 0x4555, //191 = 1011 1111 -> 0100 0101 0101 0101
457
458 0x5000, //192 = 1100 0000 -> 0101 0000 0000 0000
459 0x5001, //193 = 1100 0001 -> 0101 0000 0000 0001
460 0x5004, //194 = 1100 0010 -> 0101 0000 0000 0100
461 0x5005, //195 = 1100 0011 -> 0101 0000 0000 0101
462 0x5010, //196 = 1100 0100 -> 0101 0000 0001 0000
463 0x5011, //197 = 1100 0101 -> 0101 0000 0001 0001
464 0x5014, //198 = 1100 0110 -> 0101 0000 0001 0100
465 0x5015, //199 = 1100 0111 -> 0101 0000 0001 0101
466 0x5040, //200 = 1100 1000 -> 0101 0000 0100 0000
467 0x5041, //201 = 1100 1001 -> 0101 0000 0100 0001
468 0x5044, //202 = 1100 1010 -> 0101 0000 0100 0100
469 0x5045, //203 = 1100 1011 -> 0101 0000 0100 0101
470 0x5050, //204 = 1100 1100 -> 0101 0000 0101 0000
471 0x5051, //205 = 1100 1101 -> 0101 0000 0101 0001
472 0x5054, //206 = 1100 1110 -> 0101 0000 0101 0100
473 0x5055, //207 = 1100 1111 -> 0101 0000 0101 0101
474
475 0x5100, //208 = 1101 0000 -> 0101 0001 0000 0000
476 0x5101, //209 = 1101 0001 -> 0101 0001 0000 0001
477 0x5104, //210 = 1101 0010 -> 0101 0001 0000 0100
478 0x5105, //211 = 1101 0011 -> 0101 0001 0000 0101
479 0x5110, //212 = 1101 0100 -> 0101 0001 0001 0000
480 0x5111, //213 = 1101 0101 -> 0101 0001 0001 0001
481 0x5114, //214 = 1101 0110 -> 0101 0001 0001 0100
482 0x5115, //215 = 1101 0111 -> 0101 0001 0001 0101
483 0x5140, //216 = 1101 1000 -> 0101 0001 0100 0000
484 0x5141, //217 = 1101 1001 -> 0101 0001 0100 0001
485 0x5144, //218 = 1101 1010 -> 0101 0001 0100 0100
486 0x5145, //219 = 1101 1011 -> 0101 0001 0100 0101
487 0x5150, //220 = 1101 1100 -> 0101 0001 0101 0000
488 0x5151, //221 = 1101 1101 -> 0101 0001 0101 0001
489 0x5154, //222 = 1101 1110 -> 0101 0001 0101 0100
490 0x5155, //223 = 1101 1111 -> 0101 0001 0101 0101
491
492 0x5400, //224 = 1110 0000 -> 0101 0100 0000 0000
493 0x5401, //225 = 1110 0001 -> 0101 0100 0000 0001
494 0x5404, //226 = 1110 0010 -> 0101 0100 0000 0100
495 0x5405, //227 = 1110 0011 -> 0101 0100 0000 0101
496 0x5410, //228 = 1110 0100 -> 0101 0100 0001 0000
497 0x5411, //229 = 1110 0101 -> 0101 0100 0001 0001
498 0x5414, //230 = 1110 0110 -> 0101 0100 0001 0100
499 0x5415, //231 = 1110 0111 -> 0101 0100 0001 0101
500 0x5440, //232 = 1110 1000 -> 0101 0100 0100 0000
501 0x5441, //233 = 1110 1001 -> 0101 0100 0100 0001
502 0x5444, //234 = 1110 1010 -> 0101 0100 0100 0100
503 0x5445, //235 = 1110 1011 -> 0101 0100 0100 0101
504 0x5450, //236 = 1110 1100 -> 0101 0100 0101 0000
505 0x5451, //237 = 1110 1101 -> 0101 0100 0101 0001
506 0x5454, //238 = 1110 1110 -> 0101 0100 0101 0100
507 0x5455, //239 = 1110 1111 -> 0101 0100 0101 0101
508
509 0x5500, //240 = 1111 0000 -> 0101 0101 0000 0000
510 0x5501, //241 = 1111 0001 -> 0101 0101 0000 0001
511 0x5504, //242 = 1111 0010 -> 0101 0101 0000 0100
512 0x5505, //243 = 1111 0011 -> 0101 0101 0000 0101
513 0x5510, //244 = 1111 0100 -> 0101 0101 0001 0000
514 0x5511, //245 = 1111 0101 -> 0101 0101 0001 0001
515 0x5514, //246 = 1111 0110 -> 0101 0101 0001 0100
516 0x5515, //247 = 1111 0111 -> 0101 0101 0001 0101
517 0x5540, //248 = 1111 1000 -> 0101 0101 0100 0000
518 0x5541, //249 = 1111 1001 -> 0101 0101 0100 0001
519 0x5544, //250 = 1111 1010 -> 0101 0101 0100 0100
520 0x5545, //251 = 1111 1011 -> 0101 0101 0100 0101
521 0x5550, //252 = 1111 1100 -> 0101 0101 0101 0000
522 0x5551, //253 = 1111 1101 -> 0101 0101 0101 0001
523 0x5554, //254 = 1111 1110 -> 0101 0101 0101 0100
524 0x5555 //255 = 1111 1111 -> 0101 0101 0101 0101
525
526]
diff --git a/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Point.js b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Point.js
new file mode 100644
index 0000000..f0739bc
--- a/dev/null
+++ b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Point.js
@@ -0,0 +1,67 @@
1/*
2
3Copyright 2008-2011 Clipperz Srl
4
5This file is part of Clipperz's Javascript Crypto Library.
6Javascript Crypto Library provides web developers with an extensive
7and efficient set of cryptographic functions. The library aims to
8obtain maximum execution speed while preserving modularity and
9reusability.
10For further information about its features and functionalities please
11refer to http://www.clipperz.com
12
13* Javascript Crypto Library is free software: you can redistribute
14 it and/or modify it under the terms of the GNU Affero General Public
15 License as published by the Free Software Foundation, either version
16 3 of the License, or (at your option) any later version.
17
18* Javascript Crypto Library is distributed in the hope that it will
19 be useful, but WITHOUT ANY WARRANTY; without even the implied
20 warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
21 See the GNU Affero General Public License for more details.
22
23* You should have received a copy of the GNU Affero General Public
24 License along with Javascript Crypto Library. If not, see
25 <http://www.gnu.org/licenses/>.
26
27*/
28
29try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
30 throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
31}
32if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
33if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
34
35Clipperz.Crypto.ECC.BinaryField.Point = function(args) {
36 args = args || {};
37 this._x = args.x;
38 this._y = args.y;
39
40 return this;
41}
42
43Clipperz.Crypto.ECC.BinaryField.Point.prototype = MochiKit.Base.update(null, {
44
45 'asString': function() {
46 return "Clipperz.Crypto.ECC.BinaryField.Point (" + this.x() + ", " + this.y() + ")";
47 },
48
49 //-----------------------------------------------------------------------------
50
51 'x': function() {
52 return this._x;
53 },
54
55 'y': function() {
56 return this._y;
57 },
58
59 //-----------------------------------------------------------------------------
60
61 'isZero': function() {
62 return (this.x().isZero() && this.y().isZero())
63 },
64
65 //-----------------------------------------------------------------------------
66 __syntaxFix__: "syntax fix"
67});
diff --git a/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Value.js b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Value.js
new file mode 100644
index 0000000..10d055e
--- a/dev/null
+++ b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Value.js
@@ -0,0 +1,377 @@
1/*
2
3Copyright 2008-2011 Clipperz Srl
4
5This file is part of Clipperz's Javascript Crypto Library.
6Javascript Crypto Library provides web developers with an extensive
7and efficient set of cryptographic functions. The library aims to
8obtain maximum execution speed while preserving modularity and
9reusability.
10For further information about its features and functionalities please
11refer to http://www.clipperz.com
12
13* Javascript Crypto Library is free software: you can redistribute
14 it and/or modify it under the terms of the GNU Affero General Public
15 License as published by the Free Software Foundation, either version
16 3 of the License, or (at your option) any later version.
17
18* Javascript Crypto Library is distributed in the hope that it will
19 be useful, but WITHOUT ANY WARRANTY; without even the implied
20 warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
21 See the GNU Affero General Public License for more details.
22
23* You should have received a copy of the GNU Affero General Public
24 License along with Javascript Crypto Library. If not, see
25 <http://www.gnu.org/licenses/>.
26
27*/
28
29try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
30 throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
31}
32if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
33if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
34
35Clipperz.Crypto.ECC.BinaryField.Value = function(aValue, aBase) {
36 if (aValue.constructor == String) {
37 varvalue;
38 varstringLength;
39 var numberOfWords;
40 vari,c;
41
42 if (aBase != 16) {
43 throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase;
44 }
45
46 value = aValue.replace(/ /g, '');
47 stringLength = value.length;
48 numberOfWords = Math.ceil(stringLength / 8);
49 this._value = new Array(numberOfWords);
50
51 c = numberOfWords;
52 for (i=0; i<c; i++) {
53 varword;
54
55 if (i < (c-1)) {
56 word = parseInt(value.substr(stringLength-((i+1)*8), 8), 16);
57 } else {
58 word = parseInt(value.substr(0, stringLength-(i*8)), 16);
59 }
60
61 this._value[i] = word;
62 }
63 } else if (aValue.constructor == Array) {
64 var itemsToCopy;
65
66 itemsToCopy = aValue.length;
67 while (aValue[itemsToCopy - 1] == 0) {
68 itemsToCopy --;
69 }
70
71 this._value = aValue.slice(0, itemsToCopy);
72 } else if (aValue.constructor == Number) {
73 this._value = [aValue];
74 } else {
75 // throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType;
76 }
77
78 return this;
79}
80
81Clipperz.Crypto.ECC.BinaryField.Value.prototype = MochiKit.Base.update(null, {
82
83 'value': function() {
84 return this._value;
85 },
86
87 //-----------------------------------------------------------------------------
88
89 'wordSize': function() {
90 return this._value.length
91 },
92
93 //-----------------------------------------------------------------------------
94
95 'clone': function() {
96 return new Clipperz.Crypto.ECC.BinaryField.Value(this._value.slice(0));
97 },
98
99 //-----------------------------------------------------------------------------
100
101 'isZero': function() {
102 return (this.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) == 0);
103 },
104
105 //-----------------------------------------------------------------------------
106
107 'asString': function(aBase) {
108 varresult;
109 var i,c;
110
111 if (aBase != 16) {
112 throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase;
113 }
114
115 result = "";
116 c = this.wordSize();
117 for (i=0; i<c; i++) {
118 varwordAsString;
119
120 // wordAsString = ("00000000" + this.value()[i].toString(16));
121 wordAsString = ("00000000" + this._value[i].toString(16));
122 wordAsString = wordAsString.substring(wordAsString.length - 8);
123 result = wordAsString + result;
124 }
125
126 result = result.replace(/^(00)*/, "");
127
128 if (result == "") {
129 result = "0";
130 }
131
132 return result;
133 },
134
135 //-----------------------------------------------------------------------------
136
137 'shiftLeft': function(aNumberOfBitsToShift) {
138 return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this._value, aNumberOfBitsToShift));
139 },
140
141 //-----------------------------------------------------------------------------
142
143 'bitSize': function() {
144 return Clipperz.Crypto.ECC.BinaryField.Value._bitSize(this._value);
145 },
146
147 //-----------------------------------------------------------------------------
148
149 'isBitSet': function(aBitPosition) {
150 return Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(this._value, aBitPosition);
151 },
152
153 //-----------------------------------------------------------------------------
154
155 'xor': function(aValue) {
156 return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._xor(this._value, aValue._value));
157 },
158
159 //-----------------------------------------------------------------------------
160
161 'compare': function(aValue) {
162 return Clipperz.Crypto.ECC.BinaryField.Value._compare(this._value, aValue._value);
163 },
164
165 //-----------------------------------------------------------------------------
166 __syntaxFix__: "syntax fix"
167});
168
169Clipperz.Crypto.ECC.BinaryField.Value.O = new Clipperz.Crypto.ECC.BinaryField.Value('0', 16);
170Clipperz.Crypto.ECC.BinaryField.Value.I = new Clipperz.Crypto.ECC.BinaryField.Value('1', 16);
171
172Clipperz.Crypto.ECC.BinaryField.Value._xor = function(a, b, aFirstItemOffset) {
173 var result;
174 var resultSize;
175 var i,c;
176 var firstItemOffset;
177
178 firstItemOffset = aFirstItemOffset || 0;
179 resultSize = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset;
180
181 result = new Array(resultSize);
182
183 c = firstItemOffset;
184 for (i=0; i<c; i++) {
185 result[i] = a[i];
186 }
187
188 c = resultSize;
189 for (i=firstItemOffset; i<c; i++) {
190 result[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0);
191 }
192
193 return result;
194};
195
196Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor = function(a, b, aFirstItemOffset) {
197 var i,c;
198 var firstItemOffset;
199
200 firstItemOffset = aFirstItemOffset || 0;
201
202 c = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset;
203 for (i=firstItemOffset; i<c; i++) {
204 a[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0);
205 }
206};
207
208Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft = function(aWordArray, aNumberOfBitsToShift) {
209 var numberOfWordsToShift;
210 varnumberOfBitsToShift;
211 var result;
212 varoverflowValue;
213 vari,c;
214
215 numberOfWordsToShift = Math.floor(aNumberOfBitsToShift / 32);
216 numberOfBitsToShift = aNumberOfBitsToShift % 32;
217
218 result = new Array(aWordArray.length + numberOfWordsToShift);
219
220 c = numberOfWordsToShift;
221 for (i=0; i<c; i++) {
222 result[i] = 0;
223 }
224
225 overflowValue = 0;
226 nextOverflowValue = 0;
227
228 c = aWordArray.length;
229 for (i=0; i<c; i++) {
230 varvalue;
231 varresultWord;
232
233 // value = this.value()[i];
234 value = aWordArray[i];
235
236 if (numberOfBitsToShift > 0) {
237 var nextOverflowValue;
238
239 nextOverflowValue = (value >>> (32 - numberOfBitsToShift));
240 value = value & (0xffffffff >>> numberOfBitsToShift);
241 resultWord = (((value << numberOfBitsToShift) | overflowValue) >>> 0);
242 } else {
243 resultWord = value;
244 }
245
246 result[i+numberOfWordsToShift] = resultWord;
247 overflowValue = nextOverflowValue;
248 }
249
250 if (overflowValue != 0) {
251 result[aWordArray.length + numberOfWordsToShift] = overflowValue;
252 }
253
254 return result;
255};
256
257Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft = function(aWordArray, aNumberOfBitsToShift) {
258 var numberOfWordsToShift;
259 varnumberOfBitsToShift;
260 var result;
261 varoverflowValue;
262 vari,c;
263
264 numberOfWordsToShift = Math.floor(aNumberOfBitsToShift / 32);
265 numberOfBitsToShift = aNumberOfBitsToShift % 32;
266
267 result = new Array(aWordArray.length + numberOfWordsToShift);
268
269 c = numberOfWordsToShift;
270 for (i=0; i<c; i++) {
271 result[i] = 0;
272 }
273
274 overflowValue = 0;
275 nextOverflowValue = 0;
276
277 c = aWordArray.length;
278 for (i=0; i<c; i++) {
279 varvalue;
280 varresultWord;
281
282 // value = this.value()[i];
283 value = aWordArray[i];
284
285 if (numberOfBitsToShift > 0) {
286 var nextOverflowValue;
287
288 nextOverflowValue = (value >>> (32 - numberOfBitsToShift));
289 value = value & (0xffffffff >>> numberOfBitsToShift);
290 resultWord = (((value << numberOfBitsToShift) | overflowValue) >>> 0);
291 } else {
292 resultWord = value;
293 }
294
295 result[i+numberOfWordsToShift] = resultWord;
296 overflowValue = nextOverflowValue;
297 }
298
299 if (overflowValue != 0) {
300 result[aWordArray.length + numberOfWordsToShift] = overflowValue;
301 }
302
303 return result;
304};
305
306Clipperz.Crypto.ECC.BinaryField.Value._bitSize = function(aWordArray) {
307 varresult;
308 varnotNullElements;
309 var mostValuableWord;
310 var matchingBitsInMostImportantWord;
311 var mask;
312 var i,c;
313
314 notNullElements = aWordArray.length;
315
316 if ((aWordArray.length == 1) && (aWordArray[0] == 0)) {
317 result = 0;
318 } else {
319 while((aWordArray[notNullElements - 1] == 0) && (notNullElements > 0)) {
320 notNullElements --;
321 }
322
323 result = (notNullElements - 1) * 32;
324 mostValuableWord = aWordArray[notNullElements - 1];
325
326 matchingBits = 32;
327 mask = 0x80000000;
328
329 while ((matchingBits > 0) && ((mostValuableWord & mask) == 0)) {
330 matchingBits --;
331 mask >>>= 1;
332 }
333
334 result += matchingBits;
335 }
336
337 return result;
338};
339
340Clipperz.Crypto.ECC.BinaryField.Value._isBitSet = function(aWordArray, aBitPosition) {
341 var result;
342 varbyteIndex;
343 var bitIndexInSelectedByte;
344
345 byteIndex = Math.floor(aBitPosition / 32);
346 bitIndexInSelectedByte = aBitPosition % 32;
347
348 if (byteIndex <= aWordArray.length) {
349 result = ((aWordArray[byteIndex] & (1 << bitIndexInSelectedByte)) != 0);
350 } else {
351 result = false;
352 }
353
354 return result;
355};
356
357Clipperz.Crypto.ECC.BinaryField.Value._compare = function(a,b) {
358 varresult;
359 var i,c;
360
361 result = MochiKit.Base.compare(a.length, b.length);
362
363 c = a.length;
364 for (i=0; (i<c) && (result==0); i++) {
365//console.log("compare[" + c + " - " + i + " - 1] " + this.value()[c-i-1] + ", " + aValue.value()[c-i-1]);
366 // result = MochiKit.Base.compare(this.value()[c-i-1], aValue.value()[c-i-1]);
367 result = MochiKit.Base.compare(a[c-i-1], b[c-i-1]);
368 }
369
370 return result;
371};
372
373
374Clipperz.Crypto.ECC.BinaryField.Value['exception']= {
375 'UnsupportedBase': new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase"),
376 'UnsupportedConstructorValueType':new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType")
377};