Diffstat (limited to 'frontend/beta/js/Clipperz/Crypto') (more/less context) (ignore whitespace changes)
-rw-r--r-- | frontend/beta/js/Clipperz/Crypto/AES.js | 22 | ||||
-rw-r--r-- | frontend/beta/js/Clipperz/Crypto/Base.js | 22 | ||||
-rw-r--r-- | frontend/beta/js/Clipperz/Crypto/BigInt.js | 22 | ||||
-rw-r--r-- | frontend/beta/js/Clipperz/Crypto/BigInt_scoped.js | 22 | ||||
-rw-r--r-- | frontend/beta/js/Clipperz/Crypto/ECC.js | 22 | ||||
-rw-r--r-- | frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Curve.js | 22 | ||||
-rw-r--r-- | frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js | 22 | ||||
-rw-r--r-- | frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Point.js | 22 | ||||
-rw-r--r-- | frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Value.js | 22 | ||||
-rw-r--r-- | frontend/beta/js/Clipperz/Crypto/PRNG.js | 22 | ||||
-rw-r--r-- | frontend/beta/js/Clipperz/Crypto/RSA.js | 22 | ||||
-rw-r--r-- | frontend/beta/js/Clipperz/Crypto/SHA.js | 22 | ||||
-rw-r--r-- | frontend/beta/js/Clipperz/Crypto/SRP.js | 22 |
13 files changed, 130 insertions, 156 deletions
diff --git a/frontend/beta/js/Clipperz/Crypto/AES.js b/frontend/beta/js/Clipperz/Crypto/AES.js index 7ddda3e..a5c63fb 100644 --- a/frontend/beta/js/Clipperz/Crypto/AES.js +++ b/frontend/beta/js/Clipperz/Crypto/AES.js | |||
@@ -1,214 +1,212 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.AES depends on Clipperz.ByteArray!"; | 25 | throw "Clipperz.Crypto.AES depends on Clipperz.ByteArray!"; |
28 | } | 26 | } |
29 | 27 | ||
30 | //Dependency commented to avoid a circular reference | 28 | //Dependency commented to avoid a circular reference |
31 | //try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) { | 29 | //try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) { |
32 | //throw "Clipperz.Crypto.AES depends on Clipperz.Crypto.PRNG!"; | 30 | //throw "Clipperz.Crypto.AES depends on Clipperz.Crypto.PRNG!"; |
33 | //} | 31 | //} |
34 | 32 | ||
35 | if (typeof(Clipperz.Crypto.AES) == 'undefined') { Clipperz.Crypto.AES = {}; } | 33 | if (typeof(Clipperz.Crypto.AES) == 'undefined') { Clipperz.Crypto.AES = {}; } |
36 | 34 | ||
37 | //############################################################################# | 35 | //############################################################################# |
38 | 36 | ||
39 | Clipperz.Crypto.AES.DeferredExecutionContext = function(args) { | 37 | Clipperz.Crypto.AES.DeferredExecutionContext = function(args) { |
40 | args = args || {}; | 38 | args = args || {}; |
41 | 39 | ||
42 | this._key = args.key; | 40 | this._key = args.key; |
43 | this._message = args.message; | 41 | this._message = args.message; |
44 | this._result = args.message.clone(); | 42 | this._result = args.message.clone(); |
45 | this._nonce = args.nonce; | 43 | this._nonce = args.nonce; |
46 | this._messageLength = this._message.length(); | 44 | this._messageLength = this._message.length(); |
47 | 45 | ||
48 | this._messageArray = this._message.arrayValues(); | 46 | this._messageArray = this._message.arrayValues(); |
49 | this._resultArray = this._result.arrayValues(); | 47 | this._resultArray = this._result.arrayValues(); |
50 | this._nonceArray = this._nonce.arrayValues(); | 48 | this._nonceArray = this._nonce.arrayValues(); |
51 | 49 | ||
52 | this._executionStep = 0; | 50 | this._executionStep = 0; |
53 | 51 | ||
54 | return this; | 52 | return this; |
55 | } | 53 | } |
56 | 54 | ||
57 | Clipperz.Crypto.AES.DeferredExecutionContext.prototype = MochiKit.Base.update(null, { | 55 | Clipperz.Crypto.AES.DeferredExecutionContext.prototype = MochiKit.Base.update(null, { |
58 | 56 | ||
59 | 'key': function() { | 57 | 'key': function() { |
60 | return this._key; | 58 | return this._key; |
61 | }, | 59 | }, |
62 | 60 | ||
63 | 'message': function() { | 61 | 'message': function() { |
64 | return this._message; | 62 | return this._message; |
65 | }, | 63 | }, |
66 | 64 | ||
67 | 'messageLength': function() { | 65 | 'messageLength': function() { |
68 | return this._messageLength; | 66 | return this._messageLength; |
69 | }, | 67 | }, |
70 | 68 | ||
71 | 'result': function() { | 69 | 'result': function() { |
72 | return new Clipperz.ByteArray(this.resultArray()); | 70 | return new Clipperz.ByteArray(this.resultArray()); |
73 | }, | 71 | }, |
74 | 72 | ||
75 | 'nonce': function() { | 73 | 'nonce': function() { |
76 | return this._nonce; | 74 | return this._nonce; |
77 | }, | 75 | }, |
78 | 76 | ||
79 | 'messageArray': function() { | 77 | 'messageArray': function() { |
80 | return this._messageArray; | 78 | return this._messageArray; |
81 | }, | 79 | }, |
82 | 80 | ||
83 | 'resultArray': function() { | 81 | 'resultArray': function() { |
84 | return this._resultArray; | 82 | return this._resultArray; |
85 | }, | 83 | }, |
86 | 84 | ||
87 | 'nonceArray': function() { | 85 | 'nonceArray': function() { |
88 | return this._nonceArray; | 86 | return this._nonceArray; |
89 | }, | 87 | }, |
90 | 88 | ||
91 | 'elaborationChunkSize': function() { | 89 | 'elaborationChunkSize': function() { |
92 | return Clipperz.Crypto.AES.DeferredExecution.chunkSize; | 90 | return Clipperz.Crypto.AES.DeferredExecution.chunkSize; |
93 | }, | 91 | }, |
94 | 92 | ||
95 | 'executionStep': function() { | 93 | 'executionStep': function() { |
96 | return this._executionStep; | 94 | return this._executionStep; |
97 | }, | 95 | }, |
98 | 96 | ||
99 | 'setExecutionStep': function(aValue) { | 97 | 'setExecutionStep': function(aValue) { |
100 | this._executionStep = aValue; | 98 | this._executionStep = aValue; |
101 | }, | 99 | }, |
102 | 100 | ||
103 | 'pause': function(aValue) { | 101 | 'pause': function(aValue) { |
104 | return MochiKit.Async.wait(Clipperz.Crypto.AES.DeferredExecution.pauseTime, aValue); | 102 | return MochiKit.Async.wait(Clipperz.Crypto.AES.DeferredExecution.pauseTime, aValue); |
105 | }, | 103 | }, |
106 | 104 | ||
107 | //----------------------------------------------------------------------------- | 105 | //----------------------------------------------------------------------------- |
108 | __syntaxFix__: "syntax fix" | 106 | __syntaxFix__: "syntax fix" |
109 | 107 | ||
110 | }); | 108 | }); |
111 | 109 | ||
112 | //############################################################################# | 110 | //############################################################################# |
113 | 111 | ||
114 | Clipperz.Crypto.AES.Key = function(args) { | 112 | Clipperz.Crypto.AES.Key = function(args) { |
115 | args = args || {}; | 113 | args = args || {}; |
116 | 114 | ||
117 | this._key = args.key; | 115 | this._key = args.key; |
118 | this._keySize = args.keySize || this.key().length(); | 116 | this._keySize = args.keySize || this.key().length(); |
119 | 117 | ||
120 | if (this.keySize() == 128/8) { | 118 | if (this.keySize() == 128/8) { |
121 | this._b = 176; | 119 | this._b = 176; |
122 | this._numberOfRounds = 10; | 120 | this._numberOfRounds = 10; |
123 | } else if (this.keySize() == 256/8) { | 121 | } else if (this.keySize() == 256/8) { |
124 | this._b = 240; | 122 | this._b = 240; |
125 | this._numberOfRounds = 14; | 123 | this._numberOfRounds = 14; |
126 | } else { | 124 | } else { |
127 | MochiKit.Logging.logError("AES unsupported key size: " + (this.keySize() * 8) + " bits"); | 125 | MochiKit.Logging.logError("AES unsupported key size: " + (this.keySize() * 8) + " bits"); |
128 | throw Clipperz.Crypto.AES.exception.UnsupportedKeySize; | 126 | throw Clipperz.Crypto.AES.exception.UnsupportedKeySize; |
129 | } | 127 | } |
130 | 128 | ||
131 | this._stretchedKey = null; | 129 | this._stretchedKey = null; |
132 | 130 | ||
133 | return this; | 131 | return this; |
134 | } | 132 | } |
135 | 133 | ||
136 | Clipperz.Crypto.AES.Key.prototype = MochiKit.Base.update(null, { | 134 | Clipperz.Crypto.AES.Key.prototype = MochiKit.Base.update(null, { |
137 | 135 | ||
138 | 'asString': function() { | 136 | 'asString': function() { |
139 | return "Clipperz.Crypto.AES.Key (" + this.key().toHexString() + ")"; | 137 | return "Clipperz.Crypto.AES.Key (" + this.key().toHexString() + ")"; |
140 | }, | 138 | }, |
141 | 139 | ||
142 | //----------------------------------------------------------------------------- | 140 | //----------------------------------------------------------------------------- |
143 | 141 | ||
144 | 'key': function() { | 142 | 'key': function() { |
145 | return this._key; | 143 | return this._key; |
146 | }, | 144 | }, |
147 | 145 | ||
148 | 'keySize': function() { | 146 | 'keySize': function() { |
149 | return this._keySize; | 147 | return this._keySize; |
150 | }, | 148 | }, |
151 | 149 | ||
152 | 'b': function() { | 150 | 'b': function() { |
153 | return this._b; | 151 | return this._b; |
154 | }, | 152 | }, |
155 | 153 | ||
156 | 'numberOfRounds': function() { | 154 | 'numberOfRounds': function() { |
157 | return this._numberOfRounds; | 155 | return this._numberOfRounds; |
158 | }, | 156 | }, |
159 | //========================================================================= | 157 | //========================================================================= |
160 | 158 | ||
161 | 'keyScheduleCore': function(aWord, aRoundConstantsIndex) { | 159 | 'keyScheduleCore': function(aWord, aRoundConstantsIndex) { |
162 | varresult; | 160 | varresult; |
163 | var sbox; | 161 | var sbox; |
164 | 162 | ||
165 | sbox = Clipperz.Crypto.AES.sbox(); | 163 | sbox = Clipperz.Crypto.AES.sbox(); |
166 | 164 | ||
167 | result = [sbox[aWord[1]] ^ Clipperz.Crypto.AES.roundConstants()[aRoundConstantsIndex], | 165 | result = [sbox[aWord[1]] ^ Clipperz.Crypto.AES.roundConstants()[aRoundConstantsIndex], |
168 | sbox[aWord[2]], | 166 | sbox[aWord[2]], |
169 | sbox[aWord[3]], | 167 | sbox[aWord[3]], |
170 | sbox[aWord[0]]]; | 168 | sbox[aWord[0]]]; |
171 | 169 | ||
172 | return result; | 170 | return result; |
173 | }, | 171 | }, |
174 | 172 | ||
175 | //----------------------------------------------------------------------------- | 173 | //----------------------------------------------------------------------------- |
176 | 174 | ||
177 | 'xorWithPreviousStretchValues': function(aKey, aWord, aPreviousWordIndex) { | 175 | 'xorWithPreviousStretchValues': function(aKey, aWord, aPreviousWordIndex) { |
178 | varresult; | 176 | varresult; |
179 | var i,c; | 177 | var i,c; |
180 | 178 | ||
181 | result = []; | 179 | result = []; |
182 | c = 4; | 180 | c = 4; |
183 | for (i=0; i<c; i++) { | 181 | for (i=0; i<c; i++) { |
184 | result[i] = aWord[i] ^ aKey.byteAtIndex(aPreviousWordIndex + i); | 182 | result[i] = aWord[i] ^ aKey.byteAtIndex(aPreviousWordIndex + i); |
185 | } | 183 | } |
186 | 184 | ||
187 | return result; | 185 | return result; |
188 | }, | 186 | }, |
189 | 187 | ||
190 | //----------------------------------------------------------------------------- | 188 | //----------------------------------------------------------------------------- |
191 | 189 | ||
192 | 'sboxShakeup': function(aWord) { | 190 | 'sboxShakeup': function(aWord) { |
193 | var result; | 191 | var result; |
194 | var sbox; | 192 | var sbox; |
195 | var i,c; | 193 | var i,c; |
196 | 194 | ||
197 | result = []; | 195 | result = []; |
198 | sbox = Clipperz.Crypto.AES.sbox(); | 196 | sbox = Clipperz.Crypto.AES.sbox(); |
199 | c =4; | 197 | c =4; |
200 | for (i=0; i<c; i++) { | 198 | for (i=0; i<c; i++) { |
201 | result[i] = sbox[aWord[i]]; | 199 | result[i] = sbox[aWord[i]]; |
202 | } | 200 | } |
203 | 201 | ||
204 | return result; | 202 | return result; |
205 | }, | 203 | }, |
206 | 204 | ||
207 | //----------------------------------------------------------------------------- | 205 | //----------------------------------------------------------------------------- |
208 | 206 | ||
209 | 'stretchKey': function(aKey) { | 207 | 'stretchKey': function(aKey) { |
210 | varcurrentWord; | 208 | varcurrentWord; |
211 | varkeyLength; | 209 | varkeyLength; |
212 | varpreviousStretchIndex; | 210 | varpreviousStretchIndex; |
213 | var i,c; | 211 | var i,c; |
214 | 212 | ||
diff --git a/frontend/beta/js/Clipperz/Crypto/Base.js b/frontend/beta/js/Clipperz/Crypto/Base.js index d3a8e36..9acfc49 100644 --- a/frontend/beta/js/Clipperz/Crypto/Base.js +++ b/frontend/beta/js/Clipperz/Crypto/Base.js | |||
@@ -1,214 +1,212 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.Base) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.Base) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.Base depends on Clipperz.Base!"; | 25 | throw "Clipperz.Crypto.Base depends on Clipperz.Base!"; |
28 | } | 26 | } |
29 | 27 | ||
30 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } | 28 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } |
31 | if (typeof(Clipperz.Crypto.Base) == 'undefined') { Clipperz.Crypto.Base = {}; } | 29 | if (typeof(Clipperz.Crypto.Base) == 'undefined') { Clipperz.Crypto.Base = {}; } |
32 | 30 | ||
33 | Clipperz.Crypto.Base.VERSION = "0.1"; | 31 | Clipperz.Crypto.Base.VERSION = "0.1"; |
34 | Clipperz.Crypto.Base.NAME = "Clipperz.Crypto.Base"; | 32 | Clipperz.Crypto.Base.NAME = "Clipperz.Crypto.Base"; |
35 | 33 | ||
36 | //############################################################################# | 34 | //############################################################################# |
37 | //Downloaded on March 30, 2006 from http://anmar.eu.org/projects/jssha2/files/jssha2-0.3.zip (jsSha2/sha256.js) | 35 | //Downloaded on March 30, 2006 from http://anmar.eu.org/projects/jssha2/files/jssha2-0.3.zip (jsSha2/sha256.js) |
38 | //############################################################################# | 36 | //############################################################################# |
39 | 37 | ||
40 | /* A JavaScript implementation of the Secure Hash Algorithm, SHA-256 | 38 | /* A JavaScript implementation of the Secure Hash Algorithm, SHA-256 |
41 | * Version 0.3 Copyright Angel Marin 2003-2004 - http://anmar.eu.org/ | 39 | * Version 0.3 Copyright Angel Marin 2003-2004 - http://anmar.eu.org/ |
42 | * Distributed under the BSD License | 40 | * Distributed under the BSD License |
43 | * Some bits taken from Paul Johnston's SHA-1 implementation | 41 | * Some bits taken from Paul Johnston's SHA-1 implementation |
44 | */ | 42 | */ |
45 | var chrsz = 8; /* bits per input character. 8 - ASCII; 16 - Unicode */ | 43 | var chrsz = 8; /* bits per input character. 8 - ASCII; 16 - Unicode */ |
46 | function safe_add (x, y) { | 44 | function safe_add (x, y) { |
47 | var lsw = (x & 0xFFFF) + (y & 0xFFFF); | 45 | var lsw = (x & 0xFFFF) + (y & 0xFFFF); |
48 | var msw = (x >> 16) + (y >> 16) + (lsw >> 16); | 46 | var msw = (x >> 16) + (y >> 16) + (lsw >> 16); |
49 | return (msw << 16) | (lsw & 0xFFFF); | 47 | return (msw << 16) | (lsw & 0xFFFF); |
50 | } | 48 | } |
51 | function S (X, n) {return ( X >>> n ) | (X << (32 - n));} | 49 | function S (X, n) {return ( X >>> n ) | (X << (32 - n));} |
52 | function R (X, n) {return ( X >>> n );} | 50 | function R (X, n) {return ( X >>> n );} |
53 | function Ch(x, y, z) {return ((x & y) ^ ((~x) & z));} | 51 | function Ch(x, y, z) {return ((x & y) ^ ((~x) & z));} |
54 | function Maj(x, y, z) {return ((x & y) ^ (x & z) ^ (y & z));} | 52 | function Maj(x, y, z) {return ((x & y) ^ (x & z) ^ (y & z));} |
55 | function Sigma0256(x) {return (S(x, 2) ^ S(x, 13) ^ S(x, 22));} | 53 | function Sigma0256(x) {return (S(x, 2) ^ S(x, 13) ^ S(x, 22));} |
56 | function Sigma1256(x) {return (S(x, 6) ^ S(x, 11) ^ S(x, 25));} | 54 | function Sigma1256(x) {return (S(x, 6) ^ S(x, 11) ^ S(x, 25));} |
57 | function Gamma0256(x) {return (S(x, 7) ^ S(x, 18) ^ R(x, 3));} | 55 | function Gamma0256(x) {return (S(x, 7) ^ S(x, 18) ^ R(x, 3));} |
58 | function Gamma1256(x) {return (S(x, 17) ^ S(x, 19) ^ R(x, 10));} | 56 | function Gamma1256(x) {return (S(x, 17) ^ S(x, 19) ^ R(x, 10));} |
59 | function core_sha256 (m, l) { | 57 | function core_sha256 (m, l) { |
60 | var K = new Array(0x428A2F98,0x71374491,0xB5C0FBCF,0xE9B5DBA5,0x3956C25B,0x59F111F1,0x923F82A4,0xAB1C5ED5,0xD807AA98,0x12835B01,0x243185BE,0x550C7DC3,0x72BE5D74,0x80DEB1FE,0x9BDC06A7,0xC19BF174,0xE49B69C1,0xEFBE4786,0xFC19DC6,0x240CA1CC,0x2DE92C6F,0x4A7484AA,0x5CB0A9DC,0x76F988DA,0x983E5152,0xA831C66D,0xB00327C8,0xBF597FC7,0xC6E00BF3,0xD5A79147,0x6CA6351,0x14292967,0x27B70A85,0x2E1B2138,0x4D2C6DFC,0x53380D13,0x650A7354,0x766A0ABB,0x81C2C92E,0x92722C85,0xA2BFE8A1,0xA81A664B,0xC24B8B70,0xC76C51A3,0xD192E819,0xD6990624,0xF40E3585,0x106AA070,0x19A4C116,0x1E376C08,0x2748774C,0x34B0BCB5,0x391C0CB3,0x4ED8AA4A,0x5B9CCA4F,0x682E6FF3,0x748F82EE,0x78A5636F,0x84C87814,0x8CC70208,0x90BEFFFA,0xA4506CEB,0xBEF9A3F7,0xC67178F2); | 58 | var K = new Array(0x428A2F98,0x71374491,0xB5C0FBCF,0xE9B5DBA5,0x3956C25B,0x59F111F1,0x923F82A4,0xAB1C5ED5,0xD807AA98,0x12835B01,0x243185BE,0x550C7DC3,0x72BE5D74,0x80DEB1FE,0x9BDC06A7,0xC19BF174,0xE49B69C1,0xEFBE4786,0xFC19DC6,0x240CA1CC,0x2DE92C6F,0x4A7484AA,0x5CB0A9DC,0x76F988DA,0x983E5152,0xA831C66D,0xB00327C8,0xBF597FC7,0xC6E00BF3,0xD5A79147,0x6CA6351,0x14292967,0x27B70A85,0x2E1B2138,0x4D2C6DFC,0x53380D13,0x650A7354,0x766A0ABB,0x81C2C92E,0x92722C85,0xA2BFE8A1,0xA81A664B,0xC24B8B70,0xC76C51A3,0xD192E819,0xD6990624,0xF40E3585,0x106AA070,0x19A4C116,0x1E376C08,0x2748774C,0x34B0BCB5,0x391C0CB3,0x4ED8AA4A,0x5B9CCA4F,0x682E6FF3,0x748F82EE,0x78A5636F,0x84C87814,0x8CC70208,0x90BEFFFA,0xA4506CEB,0xBEF9A3F7,0xC67178F2); |
61 | var HASH = new Array(0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A, 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19); | 59 | var HASH = new Array(0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A, 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19); |
62 | var W = new Array(64); | 60 | var W = new Array(64); |
63 | var a, b, c, d, e, f, g, h, i, j; | 61 | var a, b, c, d, e, f, g, h, i, j; |
64 | var T1, T2; | 62 | var T1, T2; |
65 | /* append padding */ | 63 | /* append padding */ |
66 | m[l >> 5] |= 0x80 << (24 - l % 32); | 64 | m[l >> 5] |= 0x80 << (24 - l % 32); |
67 | m[((l + 64 >> 9) << 4) + 15] = l; | 65 | m[((l + 64 >> 9) << 4) + 15] = l; |
68 | for ( var i = 0; i<m.length; i+=16 ) { | 66 | for ( var i = 0; i<m.length; i+=16 ) { |
69 | a = HASH[0]; b = HASH[1]; c = HASH[2]; d = HASH[3]; e = HASH[4]; f = HASH[5]; g = HASH[6]; h = HASH[7]; | 67 | a = HASH[0]; b = HASH[1]; c = HASH[2]; d = HASH[3]; e = HASH[4]; f = HASH[5]; g = HASH[6]; h = HASH[7]; |
70 | for ( var j = 0; j<64; j++) { | 68 | for ( var j = 0; j<64; j++) { |
71 | if (j < 16) W[j] = m[j + i]; | 69 | if (j < 16) W[j] = m[j + i]; |
72 | else W[j] = safe_add(safe_add(safe_add(Gamma1256(W[j - 2]), W[j - 7]), Gamma0256(W[j - 15])), W[j - 16]); | 70 | else W[j] = safe_add(safe_add(safe_add(Gamma1256(W[j - 2]), W[j - 7]), Gamma0256(W[j - 15])), W[j - 16]); |
73 | T1 = safe_add(safe_add(safe_add(safe_add(h, Sigma1256(e)), Ch(e, f, g)), K[j]), W[j]); | 71 | T1 = safe_add(safe_add(safe_add(safe_add(h, Sigma1256(e)), Ch(e, f, g)), K[j]), W[j]); |
74 | T2 = safe_add(Sigma0256(a), Maj(a, b, c)); | 72 | T2 = safe_add(Sigma0256(a), Maj(a, b, c)); |
75 | h = g; g = f; f = e; e = safe_add(d, T1); d = c; c = b; b = a; a = safe_add(T1, T2); | 73 | h = g; g = f; f = e; e = safe_add(d, T1); d = c; c = b; b = a; a = safe_add(T1, T2); |
76 | } | 74 | } |
77 | HASH[0] = safe_add(a, HASH[0]); HASH[1] = safe_add(b, HASH[1]); HASH[2] = safe_add(c, HASH[2]); HASH[3] = safe_add(d, HASH[3]); HASH[4] = safe_add(e, HASH[4]); HASH[5] = safe_add(f, HASH[5]); HASH[6] = safe_add(g, HASH[6]); HASH[7] = safe_add(h, HASH[7]); | 75 | HASH[0] = safe_add(a, HASH[0]); HASH[1] = safe_add(b, HASH[1]); HASH[2] = safe_add(c, HASH[2]); HASH[3] = safe_add(d, HASH[3]); HASH[4] = safe_add(e, HASH[4]); HASH[5] = safe_add(f, HASH[5]); HASH[6] = safe_add(g, HASH[6]); HASH[7] = safe_add(h, HASH[7]); |
78 | } | 76 | } |
79 | return HASH; | 77 | return HASH; |
80 | } | 78 | } |
81 | function str2binb (str) { | 79 | function str2binb (str) { |
82 | var bin = Array(); | 80 | var bin = Array(); |
83 | var mask = (1 << chrsz) - 1; | 81 | var mask = (1 << chrsz) - 1; |
84 | for(var i = 0; i < str.length * chrsz; i += chrsz) | 82 | for(var i = 0; i < str.length * chrsz; i += chrsz) |
85 | bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (24 - i%32); | 83 | bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (24 - i%32); |
86 | return bin; | 84 | return bin; |
87 | } | 85 | } |
88 | function binb2hex (binarray) { | 86 | function binb2hex (binarray) { |
89 | var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */ | 87 | var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */ |
90 | var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef"; | 88 | var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef"; |
91 | var str = ""; | 89 | var str = ""; |
92 | for (var i = 0; i < binarray.length * 4; i++) { | 90 | for (var i = 0; i < binarray.length * 4; i++) { |
93 | str += hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8+4)) & 0xF) + hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8 )) & 0xF); | 91 | str += hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8+4)) & 0xF) + hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8 )) & 0xF); |
94 | } | 92 | } |
95 | return str; | 93 | return str; |
96 | } | 94 | } |
97 | function hex_sha256(s){return binb2hex(core_sha256(str2binb(s),s.length * chrsz));} | 95 | function hex_sha256(s){return binb2hex(core_sha256(str2binb(s),s.length * chrsz));} |
98 | 96 | ||
99 | 97 | ||
100 | 98 | ||
101 | //############################################################################# | 99 | //############################################################################# |
102 | //Downloaded on March 30, 2006 from http://www.fourmilab.ch/javascrypt/javascrypt.zip (entropy.js) | 100 | //Downloaded on March 30, 2006 from http://www.fourmilab.ch/javascrypt/javascrypt.zip (entropy.js) |
103 | //############################################################################# | 101 | //############################################################################# |
104 | 102 | ||
105 | // Entropy collection utilities | 103 | // Entropy collection utilities |
106 | 104 | ||
107 | /*Start by declaring static storage and initialise | 105 | /*Start by declaring static storage and initialise |
108 | the entropy vector from the time we come through | 106 | the entropy vector from the time we come through |
109 | here. */ | 107 | here. */ |
110 | 108 | ||
111 | var entropyData = new Array(); // Collected entropy data | 109 | var entropyData = new Array(); // Collected entropy data |
112 | var edlen = 0; // Keyboard array data length | 110 | var edlen = 0; // Keyboard array data length |
113 | 111 | ||
114 | addEntropyTime(); // Start entropy collection with page load time | 112 | addEntropyTime(); // Start entropy collection with page load time |
115 | ce(); // Roll milliseconds into initial entropy | 113 | ce(); // Roll milliseconds into initial entropy |
116 | 114 | ||
117 | //Add a byte to the entropy vector | 115 | //Add a byte to the entropy vector |
118 | 116 | ||
119 | function addEntropyByte(b) { | 117 | function addEntropyByte(b) { |
120 | entropyData[edlen++] = b; | 118 | entropyData[edlen++] = b; |
121 | } | 119 | } |
122 | 120 | ||
123 | /*Capture entropy. When the user presses a key or performs | 121 | /*Capture entropy. When the user presses a key or performs |
124 | various other events for which we can request | 122 | various other events for which we can request |
125 | notification, add the time in 255ths of a second to the | 123 | notification, add the time in 255ths of a second to the |
126 | entropyData array. The name of the function is short | 124 | entropyData array. The name of the function is short |
127 | so it doesn't bloat the form object declarations in | 125 | so it doesn't bloat the form object declarations in |
128 | which it appears in various "onXXX" events. */ | 126 | which it appears in various "onXXX" events. */ |
129 | 127 | ||
130 | function ce() { | 128 | function ce() { |
131 | addEntropyByte(Math.floor((((new Date).getMilliseconds()) * 255) / 999)); | 129 | addEntropyByte(Math.floor((((new Date).getMilliseconds()) * 255) / 999)); |
132 | } | 130 | } |
133 | 131 | ||
134 | //Add a 32 bit quantity to the entropy vector | 132 | //Add a 32 bit quantity to the entropy vector |
135 | 133 | ||
136 | function addEntropy32(w) { | 134 | function addEntropy32(w) { |
137 | var i; | 135 | var i; |
138 | 136 | ||
139 | for (i = 0; i < 4; i++) { | 137 | for (i = 0; i < 4; i++) { |
140 | addEntropyByte(w & 0xFF); | 138 | addEntropyByte(w & 0xFF); |
141 | w >>= 8; | 139 | w >>= 8; |
142 | } | 140 | } |
143 | } | 141 | } |
144 | 142 | ||
145 | /*Add the current time and date (milliseconds since the epoch, | 143 | /*Add the current time and date (milliseconds since the epoch, |
146 | truncated to 32 bits) to the entropy vector. */ | 144 | truncated to 32 bits) to the entropy vector. */ |
147 | 145 | ||
148 | function addEntropyTime() { | 146 | function addEntropyTime() { |
149 | addEntropy32((new Date()).getTime()); | 147 | addEntropy32((new Date()).getTime()); |
150 | } | 148 | } |
151 | 149 | ||
152 | /* Start collection of entropy from mouse movements. The | 150 | /* Start collection of entropy from mouse movements. The |
153 | argument specifies the number of entropy items to be | 151 | argument specifies the number of entropy items to be |
154 | obtained from mouse motion, after which mouse motion | 152 | obtained from mouse motion, after which mouse motion |
155 | will be ignored. Note that you can re-enable mouse | 153 | will be ignored. Note that you can re-enable mouse |
156 | motion collection at any time if not already underway. */ | 154 | motion collection at any time if not already underway. */ |
157 | 155 | ||
158 | var mouseMotionCollect = 0; | 156 | var mouseMotionCollect = 0; |
159 | var oldMoveHandler; // For saving and restoring mouse move handler in IE4 | 157 | var oldMoveHandler; // For saving and restoring mouse move handler in IE4 |
160 | 158 | ||
161 | function mouseMotionEntropy(maxsamp) { | 159 | function mouseMotionEntropy(maxsamp) { |
162 | if (mouseMotionCollect <= 0) { | 160 | if (mouseMotionCollect <= 0) { |
163 | mouseMotionCollect = maxsamp; | 161 | mouseMotionCollect = maxsamp; |
164 | if ((document.implementation.hasFeature("Events", "2.0")) && | 162 | if ((document.implementation.hasFeature("Events", "2.0")) && |
165 | document.addEventListener) { | 163 | document.addEventListener) { |
166 | // Browser supports Document Object Model (DOM) 2 events | 164 | // Browser supports Document Object Model (DOM) 2 events |
167 | document.addEventListener("mousemove", mouseMoveEntropy, false); | 165 | document.addEventListener("mousemove", mouseMoveEntropy, false); |
168 | } else { | 166 | } else { |
169 | if (document.attachEvent) { | 167 | if (document.attachEvent) { |
170 | // Internet Explorer 5 and above event model | 168 | // Internet Explorer 5 and above event model |
171 | document.attachEvent("onmousemove", mouseMoveEntropy); | 169 | document.attachEvent("onmousemove", mouseMoveEntropy); |
172 | } else { | 170 | } else { |
173 | //Internet Explorer 4 event model | 171 | //Internet Explorer 4 event model |
174 | oldMoveHandler = document.onmousemove; | 172 | oldMoveHandler = document.onmousemove; |
175 | document.onmousemove = mouseMoveEntropy; | 173 | document.onmousemove = mouseMoveEntropy; |
176 | } | 174 | } |
177 | } | 175 | } |
178 | //dump("Mouse enable", mouseMotionCollect); | 176 | //dump("Mouse enable", mouseMotionCollect); |
179 | } | 177 | } |
180 | } | 178 | } |
181 | 179 | ||
182 | /*Collect entropy from mouse motion events. Note that | 180 | /*Collect entropy from mouse motion events. Note that |
183 | this is craftily coded to work with either DOM2 or Internet | 181 | this is craftily coded to work with either DOM2 or Internet |
184 | Explorer style events. Note that we don't use every successive | 182 | Explorer style events. Note that we don't use every successive |
185 | mouse movement event. Instead, we XOR the three bytes collected | 183 | mouse movement event. Instead, we XOR the three bytes collected |
186 | from the mouse and use that to determine how many subsequent | 184 | from the mouse and use that to determine how many subsequent |
187 | mouse movements we ignore before capturing the next one. */ | 185 | mouse movements we ignore before capturing the next one. */ |
188 | 186 | ||
189 | var mouseEntropyTime = 0; // Delay counter for mouse entropy collection | 187 | var mouseEntropyTime = 0; // Delay counter for mouse entropy collection |
190 | 188 | ||
191 | function mouseMoveEntropy(e) { | 189 | function mouseMoveEntropy(e) { |
192 | if (!e) { | 190 | if (!e) { |
193 | e = window.event; // Internet Explorer event model | 191 | e = window.event; // Internet Explorer event model |
194 | } | 192 | } |
195 | if (mouseMotionCollect > 0) { | 193 | if (mouseMotionCollect > 0) { |
196 | if (mouseEntropyTime-- <= 0) { | 194 | if (mouseEntropyTime-- <= 0) { |
197 | addEntropyByte(e.screenX & 0xFF); | 195 | addEntropyByte(e.screenX & 0xFF); |
198 | addEntropyByte(e.screenY & 0xFF); | 196 | addEntropyByte(e.screenY & 0xFF); |
199 | ce(); | 197 | ce(); |
200 | mouseMotionCollect--; | 198 | mouseMotionCollect--; |
201 | mouseEntropyTime = (entropyData[edlen - 3] ^ entropyData[edlen - 2] ^ | 199 | mouseEntropyTime = (entropyData[edlen - 3] ^ entropyData[edlen - 2] ^ |
202 | entropyData[edlen - 1]) % 19; | 200 | entropyData[edlen - 1]) % 19; |
203 | //dump("Mouse Move", byteArrayToHex(entropyData.slice(-3))); | 201 | //dump("Mouse Move", byteArrayToHex(entropyData.slice(-3))); |
204 | } | 202 | } |
205 | if (mouseMotionCollect <= 0) { | 203 | if (mouseMotionCollect <= 0) { |
206 | if (document.removeEventListener) { | 204 | if (document.removeEventListener) { |
207 | document.removeEventListener("mousemove", mouseMoveEntropy, false); | 205 | document.removeEventListener("mousemove", mouseMoveEntropy, false); |
208 | } else if (document.detachEvent) { | 206 | } else if (document.detachEvent) { |
209 | document.detachEvent("onmousemove", mouseMoveEntropy); | 207 | document.detachEvent("onmousemove", mouseMoveEntropy); |
210 | } else { | 208 | } else { |
211 | document.onmousemove = oldMoveHandler; | 209 | document.onmousemove = oldMoveHandler; |
212 | } | 210 | } |
213 | //dump("Spung!", 0); | 211 | //dump("Spung!", 0); |
214 | } | 212 | } |
diff --git a/frontend/beta/js/Clipperz/Crypto/BigInt.js b/frontend/beta/js/Clipperz/Crypto/BigInt.js index 41483a3..197cd9a 100644 --- a/frontend/beta/js/Clipperz/Crypto/BigInt.js +++ b/frontend/beta/js/Clipperz/Crypto/BigInt.js | |||
@@ -1,214 +1,212 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | if (typeof(Clipperz) == 'undefined') { Clipperz = {}; } | 24 | if (typeof(Clipperz) == 'undefined') { Clipperz = {}; } |
27 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } | 25 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } |
28 | 26 | ||
29 | //############################################################################# | 27 | //############################################################################# |
30 | //Downloaded on March 05, 2007 from http://www.leemon.com/crypto/BigInt.js | 28 | //Downloaded on March 05, 2007 from http://www.leemon.com/crypto/BigInt.js |
31 | //############################################################################# | 29 | //############################################################################# |
32 | 30 | ||
33 | 31 | ||
34 | //////////////////////////////////////////////////////////////////////////////////////// | 32 | //////////////////////////////////////////////////////////////////////////////////////// |
35 | // Big Integer Library v. 5.0 | 33 | // Big Integer Library v. 5.0 |
36 | // Created 2000, last modified 2006 | 34 | // Created 2000, last modified 2006 |
37 | // Leemon Baird | 35 | // Leemon Baird |
38 | // www.leemon.com | 36 | // www.leemon.com |
39 | // | 37 | // |
40 | // This file is public domain. You can use it for any purpose without restriction. | 38 | // This file is public domain. You can use it for any purpose without restriction. |
41 | // I do not guarantee that it is correct, so use it at your own risk. If you use | 39 | // I do not guarantee that it is correct, so use it at your own risk. If you use |
42 | // it for something interesting, I'd appreciate hearing about it. If you find | 40 | // it for something interesting, I'd appreciate hearing about it. If you find |
43 | // any bugs or make any improvements, I'd appreciate hearing about those too. | 41 | // any bugs or make any improvements, I'd appreciate hearing about those too. |
44 | // It would also be nice if my name and address were left in the comments. | 42 | // It would also be nice if my name and address were left in the comments. |
45 | // But none of that is required. | 43 | // But none of that is required. |
46 | // | 44 | // |
47 | // This code defines a bigInt library for arbitrary-precision integers. | 45 | // This code defines a bigInt library for arbitrary-precision integers. |
48 | // A bigInt is an array of integers storing the value in chunks of bpe bits, | 46 | // A bigInt is an array of integers storing the value in chunks of bpe bits, |
49 | // little endian (buff[0] is the least significant word). | 47 | // little endian (buff[0] is the least significant word). |
50 | // Negative bigInts are stored two's complement. | 48 | // Negative bigInts are stored two's complement. |
51 | // Some functions assume their parameters have at least one leading zero element. | 49 | // Some functions assume their parameters have at least one leading zero element. |
52 | // Functions with an underscore at the end of the name have unpredictable behavior in case of overflow, | 50 | // Functions with an underscore at the end of the name have unpredictable behavior in case of overflow, |
53 | // so the caller must make sure overflow won't happen. | 51 | // so the caller must make sure overflow won't happen. |
54 | // For each function where a parameter is modified, that same | 52 | // For each function where a parameter is modified, that same |
55 | // variable must not be used as another argument too. | 53 | // variable must not be used as another argument too. |
56 | // So, you cannot square x by doing multMod_(x,x,n). | 54 | // So, you cannot square x by doing multMod_(x,x,n). |
57 | // You must use squareMod_(x,n) instead, or do y=dup(x); multMod_(x,y,n). | 55 | // You must use squareMod_(x,n) instead, or do y=dup(x); multMod_(x,y,n). |
58 | // | 56 | // |
59 | // These functions are designed to avoid frequent dynamic memory allocation in the inner loop. | 57 | // These functions are designed to avoid frequent dynamic memory allocation in the inner loop. |
60 | // For most functions, if it needs a BigInt as a local variable it will actually use | 58 | // For most functions, if it needs a BigInt as a local variable it will actually use |
61 | // a global, and will only allocate to it when it's not the right size. This ensures | 59 | // a global, and will only allocate to it when it's not the right size. This ensures |
62 | // that when a function is called repeatedly with same-sized parameters, it only allocates | 60 | // that when a function is called repeatedly with same-sized parameters, it only allocates |
63 | // memory on the first call. | 61 | // memory on the first call. |
64 | // | 62 | // |
65 | // Note that for cryptographic purposes, the calls to Math.random() must | 63 | // Note that for cryptographic purposes, the calls to Math.random() must |
66 | // be replaced with calls to a better pseudorandom number generator. | 64 | // be replaced with calls to a better pseudorandom number generator. |
67 | // | 65 | // |
68 | // In the following, "bigInt" means a bigInt with at least one leading zero element, | 66 | // In the following, "bigInt" means a bigInt with at least one leading zero element, |
69 | // and "integer" means a nonnegative integer less than radix. In some cases, integer | 67 | // and "integer" means a nonnegative integer less than radix. In some cases, integer |
70 | // can be negative. Negative bigInts are 2s complement. | 68 | // can be negative. Negative bigInts are 2s complement. |
71 | // | 69 | // |
72 | // The following functions do not modify their inputs, but dynamically allocate memory every time they are called: | 70 | // The following functions do not modify their inputs, but dynamically allocate memory every time they are called: |
73 | // | 71 | // |
74 | // function bigInt2str(x,base) //convert a bigInt into a string in a given base, from base 2 up to base 95 | 72 | // function bigInt2str(x,base) //convert a bigInt into a string in a given base, from base 2 up to base 95 |
75 | // function dup(x) //returns a copy of bigInt x | 73 | // function dup(x) //returns a copy of bigInt x |
76 | // function findPrimes(n) //return array of all primes less than integer n | 74 | // function findPrimes(n) //return array of all primes less than integer n |
77 | // function int2bigInt(t,n,m) //convert integer t to a bigInt with at least n bits and m array elements | 75 | // function int2bigInt(t,n,m) //convert integer t to a bigInt with at least n bits and m array elements |
78 | // function int2bigInt(s,b,n,m) //convert string s in base b to a bigInt with at least n bits and m array elements | 76 | // function int2bigInt(s,b,n,m) //convert string s in base b to a bigInt with at least n bits and m array elements |
79 | // function trim(x,k) //return a copy of x with exactly k leading zero elements | 77 | // function trim(x,k) //return a copy of x with exactly k leading zero elements |
80 | // | 78 | // |
81 | // The following functions do not modify their inputs, so there is never a problem with the result being too big: | 79 | // The following functions do not modify their inputs, so there is never a problem with the result being too big: |
82 | // | 80 | // |
83 | // function bitSize(x) //returns how many bits long the bigInt x is, not counting leading zeros | 81 | // function bitSize(x) //returns how many bits long the bigInt x is, not counting leading zeros |
84 | // function equals(x,y) //is the bigInt x equal to the bigint y? | 82 | // function equals(x,y) //is the bigInt x equal to the bigint y? |
85 | // function equalsInt(x,y) //is bigint x equal to integer y? | 83 | // function equalsInt(x,y) //is bigint x equal to integer y? |
86 | // function greater(x,y) //is x>y? (x and y are nonnegative bigInts) | 84 | // function greater(x,y) //is x>y? (x and y are nonnegative bigInts) |
87 | // function greaterShift(x,y,shift)//is (x <<(shift*bpe)) > y? | 85 | // function greaterShift(x,y,shift)//is (x <<(shift*bpe)) > y? |
88 | // function isZero(x) //is the bigInt x equal to zero? | 86 | // function isZero(x) //is the bigInt x equal to zero? |
89 | // function millerRabin(x,b) //does one round of Miller-Rabin base integer b say that bigInt x is possibly prime (as opposed to definitely composite)? | 87 | // function millerRabin(x,b) //does one round of Miller-Rabin base integer b say that bigInt x is possibly prime (as opposed to definitely composite)? |
90 | // function modInt(x,n) //return x mod n for bigInt x and integer n. | 88 | // function modInt(x,n) //return x mod n for bigInt x and integer n. |
91 | // function negative(x) //is bigInt x negative? | 89 | // function negative(x) //is bigInt x negative? |
92 | // | 90 | // |
93 | // The following functions do not modify their inputs, but allocate memory and call functions with underscores | 91 | // The following functions do not modify their inputs, but allocate memory and call functions with underscores |
94 | // | 92 | // |
95 | // function add(x,y) //return (x+y) for bigInts x and y. | 93 | // function add(x,y) //return (x+y) for bigInts x and y. |
96 | // function addInt(x,n) //return (x+n) where x is a bigInt and n is an integer. | 94 | // function addInt(x,n) //return (x+n) where x is a bigInt and n is an integer. |
97 | // function expand(x,n) //return a copy of x with at least n elements, adding leading zeros if needed | 95 | // function expand(x,n) //return a copy of x with at least n elements, adding leading zeros if needed |
98 | // function inverseMod(x,n) //return (x**(-1) mod n) for bigInts x and n. If no inverse exists, it returns null | 96 | // function inverseMod(x,n) //return (x**(-1) mod n) for bigInts x and n. If no inverse exists, it returns null |
99 | // function mod(x,n) //return a new bigInt equal to (x mod n) for bigInts x and n. | 97 | // function mod(x,n) //return a new bigInt equal to (x mod n) for bigInts x and n. |
100 | // function mult(x,y) //return x*y for bigInts x and y. This is faster when y<x. | 98 | // function mult(x,y) //return x*y for bigInts x and y. This is faster when y<x. |
101 | // function multMod(x,y,n) //return (x*y mod n) for bigInts x,y,n. For greater speed, let y<x. | 99 | // function multMod(x,y,n) //return (x*y mod n) for bigInts x,y,n. For greater speed, let y<x. |
102 | // function powMod(x,y,n) //return (x**y mod n) where x,y,n are bigInts and ** is exponentiation. 0**0=1. Faster for odd n. | 100 | // function powMod(x,y,n) //return (x**y mod n) where x,y,n are bigInts and ** is exponentiation. 0**0=1. Faster for odd n. |
103 | // function randTruePrime(k) //return a new, random, k-bit, true prime using Maurer's algorithm. | 101 | // function randTruePrime(k) //return a new, random, k-bit, true prime using Maurer's algorithm. |
104 | // function sub(x,y) //return (x-y) for bigInts x and y. Negative answers will be 2s complement | 102 | // function sub(x,y) //return (x-y) for bigInts x and y. Negative answers will be 2s complement |
105 | // | 103 | // |
106 | // The following functions write a bigInt result to one of the parameters, but | 104 | // The following functions write a bigInt result to one of the parameters, but |
107 | // the result is never bigger than the original, so there can't be overflow problems: | 105 | // the result is never bigger than the original, so there can't be overflow problems: |
108 | // | 106 | // |
109 | // function divInt_(x,n) //do x=floor(x/n) for bigInt x and integer n, and return the remainder | 107 | // function divInt_(x,n) //do x=floor(x/n) for bigInt x and integer n, and return the remainder |
110 | // function GCD_(x,y) //set x to the greatest common divisor of bigInts x and y, (y is destroyed). | 108 | // function GCD_(x,y) //set x to the greatest common divisor of bigInts x and y, (y is destroyed). |
111 | // function halve_(x) //do x=floor(|x|/2)*sgn(x) for bigInt x in 2's complement | 109 | // function halve_(x) //do x=floor(|x|/2)*sgn(x) for bigInt x in 2's complement |
112 | // function mod_(x,n) //do x=x mod n for bigInts x and n. | 110 | // function mod_(x,n) //do x=x mod n for bigInts x and n. |
113 | // function rightShift_(x,n) //right shift bigInt x by n bits. 0 <= n < bpe. | 111 | // function rightShift_(x,n) //right shift bigInt x by n bits. 0 <= n < bpe. |
114 | // | 112 | // |
115 | // The following functions write a bigInt result to one of the parameters. The caller is responsible for | 113 | // The following functions write a bigInt result to one of the parameters. The caller is responsible for |
116 | // ensuring it is large enough to hold the result. | 114 | // ensuring it is large enough to hold the result. |
117 | // | 115 | // |
118 | // function addInt_(x,n) //do x=x+n where x is a bigInt and n is an integer | 116 | // function addInt_(x,n) //do x=x+n where x is a bigInt and n is an integer |
119 | // function add_(x,y) //do x=x+y for bigInts x and y | 117 | // function add_(x,y) //do x=x+y for bigInts x and y |
120 | // function addShift_(x,y,ys) //do x=x+(y<<(ys*bpe)) | 118 | // function addShift_(x,y,ys) //do x=x+(y<<(ys*bpe)) |
121 | // function copy_(x,y) //do x=y on bigInts x and y | 119 | // function copy_(x,y) //do x=y on bigInts x and y |
122 | // function copyInt_(x,n) //do x=n on bigInt x and integer n | 120 | // function copyInt_(x,n) //do x=n on bigInt x and integer n |
123 | // function carry_(x) //do carries and borrows so each element of the bigInt x fits in bpe bits. | 121 | // function carry_(x) //do carries and borrows so each element of the bigInt x fits in bpe bits. |
124 | // function divide_(x,y,q,r) //divide_ x by y giving quotient q and remainder r | 122 | // function divide_(x,y,q,r) //divide_ x by y giving quotient q and remainder r |
125 | // function eGCD_(x,y,d,a,b) //sets a,b,d to positive big integers such that d = GCD_(x,y) = a*x-b*y | 123 | // function eGCD_(x,y,d,a,b) //sets a,b,d to positive big integers such that d = GCD_(x,y) = a*x-b*y |
126 | // function inverseMod_(x,n) //do x=x**(-1) mod n, for bigInts x and n. Returns 1 (0) if inverse does (doesn't) exist | 124 | // function inverseMod_(x,n) //do x=x**(-1) mod n, for bigInts x and n. Returns 1 (0) if inverse does (doesn't) exist |
127 | // function inverseModInt_(x,n) //return x**(-1) mod n, for integers x and n. Return 0 if there is no inverse | 125 | // function inverseModInt_(x,n) //return x**(-1) mod n, for integers x and n. Return 0 if there is no inverse |
128 | // function leftShift_(x,n) //left shift bigInt x by n bits. n<bpe. | 126 | // function leftShift_(x,n) //left shift bigInt x by n bits. n<bpe. |
129 | // function linComb_(x,y,a,b) //do x=a*x+b*y for bigInts x and y and integers a and b | 127 | // function linComb_(x,y,a,b) //do x=a*x+b*y for bigInts x and y and integers a and b |
130 | // function linCombShift_(x,y,b,ys) //do x=x+b*(y<<(ys*bpe)) for bigInts x and y, and integers b and ys | 128 | // function linCombShift_(x,y,b,ys) //do x=x+b*(y<<(ys*bpe)) for bigInts x and y, and integers b and ys |
131 | // function mont_(x,y,n,np) //Montgomery multiplication (see comments where the function is defined) | 129 | // function mont_(x,y,n,np) //Montgomery multiplication (see comments where the function is defined) |
132 | // function mult_(x,y) //do x=x*y for bigInts x and y. | 130 | // function mult_(x,y) //do x=x*y for bigInts x and y. |
133 | // function multInt_(x,n) //do x=x*n where x is a bigInt and n is an integer. | 131 | // function multInt_(x,n) //do x=x*n where x is a bigInt and n is an integer. |
134 | // function multMod_(x,y,n) //do x=x*y mod n for bigInts x,y,n. | 132 | // function multMod_(x,y,n) //do x=x*y mod n for bigInts x,y,n. |
135 | // function powMod_(x,y,n) //do x=x**y mod n, where x,y,n are bigInts (n is odd) and ** is exponentiation. 0**0=1. | 133 | // function powMod_(x,y,n) //do x=x**y mod n, where x,y,n are bigInts (n is odd) and ** is exponentiation. 0**0=1. |
136 | // function randBigInt_(b,n,s) //do b = an n-bit random BigInt. if s=1, then nth bit (most significant bit) is set to 1. n>=1. | 134 | // function randBigInt_(b,n,s) //do b = an n-bit random BigInt. if s=1, then nth bit (most significant bit) is set to 1. n>=1. |
137 | // function randTruePrime_(ans,k) //do ans = a random k-bit true random prime (not just probable prime) with 1 in the msb. | 135 | // function randTruePrime_(ans,k) //do ans = a random k-bit true random prime (not just probable prime) with 1 in the msb. |
138 | // function squareMod_(x,n) //do x=x*x mod n for bigInts x,n | 136 | // function squareMod_(x,n) //do x=x*x mod n for bigInts x,n |
139 | // function sub_(x,y) //do x=x-y for bigInts x and y. Negative answers will be 2s complement. | 137 | // function sub_(x,y) //do x=x-y for bigInts x and y. Negative answers will be 2s complement. |
140 | // function subShift_(x,y,ys) //do x=x-(y<<(ys*bpe)). Negative answers will be 2s complement. | 138 | // function subShift_(x,y,ys) //do x=x-(y<<(ys*bpe)). Negative answers will be 2s complement. |
141 | // | 139 | // |
142 | // The following functions are based on algorithms from the _Handbook of Applied Cryptography_ | 140 | // The following functions are based on algorithms from the _Handbook of Applied Cryptography_ |
143 | // powMod_() = algorithm 14.94, Montgomery exponentiation | 141 | // powMod_() = algorithm 14.94, Montgomery exponentiation |
144 | // eGCD_,inverseMod_() = algorithm 14.61, Binary extended GCD_ | 142 | // eGCD_,inverseMod_() = algorithm 14.61, Binary extended GCD_ |
145 | // GCD_() = algorothm 14.57, Lehmer's algorithm | 143 | // GCD_() = algorothm 14.57, Lehmer's algorithm |
146 | // mont_() = algorithm 14.36, Montgomery multiplication | 144 | // mont_() = algorithm 14.36, Montgomery multiplication |
147 | // divide_() = algorithm 14.20 Multiple-precision division | 145 | // divide_() = algorithm 14.20 Multiple-precision division |
148 | // squareMod_() = algorithm 14.16 Multiple-precision squaring | 146 | // squareMod_() = algorithm 14.16 Multiple-precision squaring |
149 | // randTruePrime_() = algorithm 4.62, Maurer's algorithm | 147 | // randTruePrime_() = algorithm 4.62, Maurer's algorithm |
150 | // millerRabin() = algorithm 4.24, Miller-Rabin algorithm | 148 | // millerRabin() = algorithm 4.24, Miller-Rabin algorithm |
151 | // | 149 | // |
152 | // Profiling shows: | 150 | // Profiling shows: |
153 | // randTruePrime_() spends: | 151 | // randTruePrime_() spends: |
154 | // 10% of its time in calls to powMod_() | 152 | // 10% of its time in calls to powMod_() |
155 | // 85% of its time in calls to millerRabin() | 153 | // 85% of its time in calls to millerRabin() |
156 | // millerRabin() spends: | 154 | // millerRabin() spends: |
157 | // 99% of its time in calls to powMod_() (always with a base of 2) | 155 | // 99% of its time in calls to powMod_() (always with a base of 2) |
158 | // powMod_() spends: | 156 | // powMod_() spends: |
159 | // 94% of its time in calls to mont_() (almost always with x==y) | 157 | // 94% of its time in calls to mont_() (almost always with x==y) |
160 | // | 158 | // |
161 | // This suggests there are several ways to speed up this library slightly: | 159 | // This suggests there are several ways to speed up this library slightly: |
162 | // - convert powMod_ to use a Montgomery form of k-ary window (or maybe a Montgomery form of sliding window) | 160 | // - convert powMod_ to use a Montgomery form of k-ary window (or maybe a Montgomery form of sliding window) |
163 | // -- this should especially focus on being fast when raising 2 to a power mod n | 161 | // -- this should especially focus on being fast when raising 2 to a power mod n |
164 | // - convert randTruePrime_() to use a minimum r of 1/3 instead of 1/2 with the appropriate change to the test | 162 | // - convert randTruePrime_() to use a minimum r of 1/3 instead of 1/2 with the appropriate change to the test |
165 | // - tune the parameters in randTruePrime_(), including c, m, and recLimit | 163 | // - tune the parameters in randTruePrime_(), including c, m, and recLimit |
166 | // - speed up the single loop in mont_() that takes 95% of the runtime, perhaps by reducing checking | 164 | // - speed up the single loop in mont_() that takes 95% of the runtime, perhaps by reducing checking |
167 | // within the loop when all the parameters are the same length. | 165 | // within the loop when all the parameters are the same length. |
168 | // | 166 | // |
169 | // There are several ideas that look like they wouldn't help much at all: | 167 | // There are several ideas that look like they wouldn't help much at all: |
170 | // - replacing trial division in randTruePrime_() with a sieve (that speeds up something taking almost no time anyway) | 168 | // - replacing trial division in randTruePrime_() with a sieve (that speeds up something taking almost no time anyway) |
171 | // - increase bpe from 15 to 30 (that would help if we had a 32*32->64 multiplier, but not with JavaScript's 32*32->32) | 169 | // - increase bpe from 15 to 30 (that would help if we had a 32*32->64 multiplier, but not with JavaScript's 32*32->32) |
172 | // - speeding up mont_(x,y,n,np) when x==y by doing a non-modular, non-Montgomery square | 170 | // - speeding up mont_(x,y,n,np) when x==y by doing a non-modular, non-Montgomery square |
173 | // followed by a Montgomery reduction. The intermediate answer will be twice as long as x, so that | 171 | // followed by a Montgomery reduction. The intermediate answer will be twice as long as x, so that |
174 | // method would be slower. This is unfortunate because the code currently spends almost all of its time | 172 | // method would be slower. This is unfortunate because the code currently spends almost all of its time |
175 | // doing mont_(x,x,...), both for randTruePrime_() and powMod_(). A faster method for Montgomery squaring | 173 | // doing mont_(x,x,...), both for randTruePrime_() and powMod_(). A faster method for Montgomery squaring |
176 | // would have a large impact on the speed of randTruePrime_() and powMod_(). HAC has a couple of poorly-worded | 174 | // would have a large impact on the speed of randTruePrime_() and powMod_(). HAC has a couple of poorly-worded |
177 | // sentences that seem to imply it's faster to do a non-modular square followed by a single | 175 | // sentences that seem to imply it's faster to do a non-modular square followed by a single |
178 | // Montgomery reduction, but that's obviously wrong. | 176 | // Montgomery reduction, but that's obviously wrong. |
179 | //////////////////////////////////////////////////////////////////////////////////////// | 177 | //////////////////////////////////////////////////////////////////////////////////////// |
180 | 178 | ||
181 | //globals | 179 | //globals |
182 | bpe=0; //bits stored per array element | 180 | bpe=0; //bits stored per array element |
183 | mask=0; //AND this with an array element to chop it down to bpe bits | 181 | mask=0; //AND this with an array element to chop it down to bpe bits |
184 | radix=mask+1; //equals 2^bpe. A single 1 bit to the left of the last bit of mask. | 182 | radix=mask+1; //equals 2^bpe. A single 1 bit to the left of the last bit of mask. |
185 | 183 | ||
186 | //the digits for converting to different bases | 184 | //the digits for converting to different bases |
187 | digitsStr='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_=!@#$%^&*()[]{}|;:,.<>/?`~ \\\'\"+-'; | 185 | digitsStr='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_=!@#$%^&*()[]{}|;:,.<>/?`~ \\\'\"+-'; |
188 | 186 | ||
189 | //initialize the global variables | 187 | //initialize the global variables |
190 | for (bpe=0; (1<<(bpe+1)) > (1<<bpe); bpe++); //bpe=number of bits in the mantissa on this platform | 188 | for (bpe=0; (1<<(bpe+1)) > (1<<bpe); bpe++); //bpe=number of bits in the mantissa on this platform |
191 | bpe>>=1; //bpe=number of bits in one element of the array representing the bigInt | 189 | bpe>>=1; //bpe=number of bits in one element of the array representing the bigInt |
192 | mask=(1<<bpe)-1; //AND the mask with an integer to get its bpe least significant bits | 190 | mask=(1<<bpe)-1; //AND the mask with an integer to get its bpe least significant bits |
193 | radix=mask+1; //2^bpe. a single 1 bit to the left of the first bit of mask | 191 | radix=mask+1; //2^bpe. a single 1 bit to the left of the first bit of mask |
194 | one=int2bigInt(1,1,1); //constant used in powMod_() | 192 | one=int2bigInt(1,1,1); //constant used in powMod_() |
195 | 193 | ||
196 | //the following global variables are scratchpad memory to | 194 | //the following global variables are scratchpad memory to |
197 | //reduce dynamic memory allocation in the inner loop | 195 | //reduce dynamic memory allocation in the inner loop |
198 | t=new Array(0); | 196 | t=new Array(0); |
199 | ss=t; //used in mult_() | 197 | ss=t; //used in mult_() |
200 | s0=t; //used in multMod_(), squareMod_() | 198 | s0=t; //used in multMod_(), squareMod_() |
201 | s1=t; //used in powMod_(), multMod_(), squareMod_() | 199 | s1=t; //used in powMod_(), multMod_(), squareMod_() |
202 | s2=t; //used in powMod_(), multMod_() | 200 | s2=t; //used in powMod_(), multMod_() |
203 | s3=t; //used in powMod_() | 201 | s3=t; //used in powMod_() |
204 | s4=t; s5=t; //used in mod_() | 202 | s4=t; s5=t; //used in mod_() |
205 | s6=t; //used in bigInt2str() | 203 | s6=t; //used in bigInt2str() |
206 | s7=t; //used in powMod_() | 204 | s7=t; //used in powMod_() |
207 | T=t; //used in GCD_() | 205 | T=t; //used in GCD_() |
208 | sa=t; //used in mont_() | 206 | sa=t; //used in mont_() |
209 | mr_x1=t; mr_r=t; mr_a=t; //used in millerRabin() | 207 | mr_x1=t; mr_r=t; mr_a=t; //used in millerRabin() |
210 | eg_v=t; eg_u=t; eg_A=t; eg_B=t; eg_C=t; eg_D=t; //used in eGCD_(), inverseMod_() | 208 | eg_v=t; eg_u=t; eg_A=t; eg_B=t; eg_C=t; eg_D=t; //used in eGCD_(), inverseMod_() |
211 | md_q1=t; md_q2=t; md_q3=t; md_r=t; md_r1=t; md_r2=t; md_tt=t; //used in mod_() | 209 | md_q1=t; md_q2=t; md_q3=t; md_r=t; md_r1=t; md_r2=t; md_tt=t; //used in mod_() |
212 | 210 | ||
213 | primes=t; pows=t; s_i=t; s_i2=t; s_R=t; s_rm=t; s_q=t; s_n1=t; | 211 | primes=t; pows=t; s_i=t; s_i2=t; s_R=t; s_rm=t; s_q=t; s_n1=t; |
214 | s_a=t; s_r2=t; s_n=t; s_b=t; s_d=t; s_x1=t; s_x2=t, s_aa=t; //used in randTruePrime_() | 212 | s_a=t; s_r2=t; s_n=t; s_b=t; s_d=t; s_x1=t; s_x2=t, s_aa=t; //used in randTruePrime_() |
diff --git a/frontend/beta/js/Clipperz/Crypto/BigInt_scoped.js b/frontend/beta/js/Clipperz/Crypto/BigInt_scoped.js index f91c7e9..bc60330 100644 --- a/frontend/beta/js/Clipperz/Crypto/BigInt_scoped.js +++ b/frontend/beta/js/Clipperz/Crypto/BigInt_scoped.js | |||
@@ -1,214 +1,212 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | if (typeof(Clipperz) == 'undefined') { Clipperz = {}; } | 24 | if (typeof(Clipperz) == 'undefined') { Clipperz = {}; } |
27 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } | 25 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } |
28 | 26 | ||
29 | if (typeof(Leemon) == 'undefined') { Leemon = {}; } | 27 | if (typeof(Leemon) == 'undefined') { Leemon = {}; } |
30 | if (typeof(Baird.Crypto) == 'undefined') { Baird.Crypto = {}; } | 28 | if (typeof(Baird.Crypto) == 'undefined') { Baird.Crypto = {}; } |
31 | if (typeof(Baird.Crypto.BigInt) == 'undefined') { Baird.Crypto.BigInt = {}; } | 29 | if (typeof(Baird.Crypto.BigInt) == 'undefined') { Baird.Crypto.BigInt = {}; } |
32 | 30 | ||
33 | 31 | ||
34 | //############################################################################# | 32 | //############################################################################# |
35 | //Downloaded on March 05, 2007 from http://www.leemon.com/crypto/BigInt.js | 33 | //Downloaded on March 05, 2007 from http://www.leemon.com/crypto/BigInt.js |
36 | //############################################################################# | 34 | //############################################################################# |
37 | 35 | ||
38 | //////////////////////////////////////////////////////////////////////////////////////// | 36 | //////////////////////////////////////////////////////////////////////////////////////// |
39 | // Big Integer Library v. 5.0 | 37 | // Big Integer Library v. 5.0 |
40 | // Created 2000, last modified 2006 | 38 | // Created 2000, last modified 2006 |
41 | // Leemon Baird | 39 | // Leemon Baird |
42 | // www.leemon.com | 40 | // www.leemon.com |
43 | // | 41 | // |
44 | // This file is public domain. You can use it for any purpose without restriction. | 42 | // This file is public domain. You can use it for any purpose without restriction. |
45 | // I do not guarantee that it is correct, so use it at your own risk. If you use | 43 | // I do not guarantee that it is correct, so use it at your own risk. If you use |
46 | // it for something interesting, I'd appreciate hearing about it. If you find | 44 | // it for something interesting, I'd appreciate hearing about it. If you find |
47 | // any bugs or make any improvements, I'd appreciate hearing about those too. | 45 | // any bugs or make any improvements, I'd appreciate hearing about those too. |
48 | // It would also be nice if my name and address were left in the comments. | 46 | // It would also be nice if my name and address were left in the comments. |
49 | // But none of that is required. | 47 | // But none of that is required. |
50 | // | 48 | // |
51 | // This code defines a bigInt library for arbitrary-precision integers. | 49 | // This code defines a bigInt library for arbitrary-precision integers. |
52 | // A bigInt is an array of integers storing the value in chunks of bpe bits, | 50 | // A bigInt is an array of integers storing the value in chunks of bpe bits, |
53 | // little endian (buff[0] is the least significant word). | 51 | // little endian (buff[0] is the least significant word). |
54 | // Negative bigInts are stored two's complement. | 52 | // Negative bigInts are stored two's complement. |
55 | // Some functions assume their parameters have at least one leading zero element. | 53 | // Some functions assume their parameters have at least one leading zero element. |
56 | // Functions with an underscore at the end of the name have unpredictable behavior in case of overflow, | 54 | // Functions with an underscore at the end of the name have unpredictable behavior in case of overflow, |
57 | // so the caller must make sure overflow won't happen. | 55 | // so the caller must make sure overflow won't happen. |
58 | // For each function where a parameter is modified, that same | 56 | // For each function where a parameter is modified, that same |
59 | // variable must not be used as another argument too. | 57 | // variable must not be used as another argument too. |
60 | // So, you cannot square x by doing multMod_(x,x,n). | 58 | // So, you cannot square x by doing multMod_(x,x,n). |
61 | // You must use squareMod_(x,n) instead, or do y=dup(x); multMod_(x,y,n). | 59 | // You must use squareMod_(x,n) instead, or do y=dup(x); multMod_(x,y,n). |
62 | // | 60 | // |
63 | // These functions are designed to avoid frequent dynamic memory allocation in the inner loop. | 61 | // These functions are designed to avoid frequent dynamic memory allocation in the inner loop. |
64 | // For most functions, if it needs a BigInt as a local variable it will actually use | 62 | // For most functions, if it needs a BigInt as a local variable it will actually use |
65 | // a global, and will only allocate to it when it's not the right size. This ensures | 63 | // a global, and will only allocate to it when it's not the right size. This ensures |
66 | // that when a function is called repeatedly with same-sized parameters, it only allocates | 64 | // that when a function is called repeatedly with same-sized parameters, it only allocates |
67 | // memory on the first call. | 65 | // memory on the first call. |
68 | // | 66 | // |
69 | // Note that for cryptographic purposes, the calls to Math.random() must | 67 | // Note that for cryptographic purposes, the calls to Math.random() must |
70 | // be replaced with calls to a better pseudorandom number generator. | 68 | // be replaced with calls to a better pseudorandom number generator. |
71 | // | 69 | // |
72 | // In the following, "bigInt" means a bigInt with at least one leading zero element, | 70 | // In the following, "bigInt" means a bigInt with at least one leading zero element, |
73 | // and "integer" means a nonnegative integer less than radix. In some cases, integer | 71 | // and "integer" means a nonnegative integer less than radix. In some cases, integer |
74 | // can be negative. Negative bigInts are 2s complement. | 72 | // can be negative. Negative bigInts are 2s complement. |
75 | // | 73 | // |
76 | // The following functions do not modify their inputs, but dynamically allocate memory every time they are called: | 74 | // The following functions do not modify their inputs, but dynamically allocate memory every time they are called: |
77 | // | 75 | // |
78 | // function bigInt2str(x,base) //convert a bigInt into a string in a given base, from base 2 up to base 95 | 76 | // function bigInt2str(x,base) //convert a bigInt into a string in a given base, from base 2 up to base 95 |
79 | // function dup(x) //returns a copy of bigInt x | 77 | // function dup(x) //returns a copy of bigInt x |
80 | // function findPrimes(n) //return array of all primes less than integer n | 78 | // function findPrimes(n) //return array of all primes less than integer n |
81 | // function int2bigInt(t,n,m) //convert integer t to a bigInt with at least n bits and m array elements | 79 | // function int2bigInt(t,n,m) //convert integer t to a bigInt with at least n bits and m array elements |
82 | // function str2bigInt(s,b,n,m) //convert string s in base b to a bigInt with at least n bits and m array elements | 80 | // function str2bigInt(s,b,n,m) //convert string s in base b to a bigInt with at least n bits and m array elements |
83 | // function trim(x,k) //return a copy of x with exactly k leading zero elements | 81 | // function trim(x,k) //return a copy of x with exactly k leading zero elements |
84 | // | 82 | // |
85 | // The following functions do not modify their inputs, so there is never a problem with the result being too big: | 83 | // The following functions do not modify their inputs, so there is never a problem with the result being too big: |
86 | // | 84 | // |
87 | // function bitSize(x) //returns how many bits long the bigInt x is, not counting leading zeros | 85 | // function bitSize(x) //returns how many bits long the bigInt x is, not counting leading zeros |
88 | // function equals(x,y) //is the bigInt x equal to the bigint y? | 86 | // function equals(x,y) //is the bigInt x equal to the bigint y? |
89 | // function equalsInt(x,y) //is bigint x equal to integer y? | 87 | // function equalsInt(x,y) //is bigint x equal to integer y? |
90 | // function greater(x,y) //is x>y? (x and y are nonnegative bigInts) | 88 | // function greater(x,y) //is x>y? (x and y are nonnegative bigInts) |
91 | // function greaterShift(x,y,shift)//is (x <<(shift*bpe)) > y? | 89 | // function greaterShift(x,y,shift)//is (x <<(shift*bpe)) > y? |
92 | // function isZero(x) //is the bigInt x equal to zero? | 90 | // function isZero(x) //is the bigInt x equal to zero? |
93 | // function millerRabin(x,b) //does one round of Miller-Rabin base integer b say that bigInt x is possibly prime (as opposed to definitely composite)? | 91 | // function millerRabin(x,b) //does one round of Miller-Rabin base integer b say that bigInt x is possibly prime (as opposed to definitely composite)? |
94 | // function modInt(x,n) //return x mod n for bigInt x and integer n. | 92 | // function modInt(x,n) //return x mod n for bigInt x and integer n. |
95 | // function negative(x) //is bigInt x negative? | 93 | // function negative(x) //is bigInt x negative? |
96 | // | 94 | // |
97 | // The following functions do not modify their inputs, but allocate memory and call functions with underscores | 95 | // The following functions do not modify their inputs, but allocate memory and call functions with underscores |
98 | // | 96 | // |
99 | // function add(x,y) //return (x+y) for bigInts x and y. | 97 | // function add(x,y) //return (x+y) for bigInts x and y. |
100 | // function addInt(x,n) //return (x+n) where x is a bigInt and n is an integer. | 98 | // function addInt(x,n) //return (x+n) where x is a bigInt and n is an integer. |
101 | // function expand(x,n) //return a copy of x with at least n elements, adding leading zeros if needed | 99 | // function expand(x,n) //return a copy of x with at least n elements, adding leading zeros if needed |
102 | // function inverseMod(x,n) //return (x**(-1) mod n) for bigInts x and n. If no inverse exists, it returns null | 100 | // function inverseMod(x,n) //return (x**(-1) mod n) for bigInts x and n. If no inverse exists, it returns null |
103 | // function mod(x,n) //return a new bigInt equal to (x mod n) for bigInts x and n. | 101 | // function mod(x,n) //return a new bigInt equal to (x mod n) for bigInts x and n. |
104 | // function mult(x,y) //return x*y for bigInts x and y. This is faster when y<x. | 102 | // function mult(x,y) //return x*y for bigInts x and y. This is faster when y<x. |
105 | // function multMod(x,y,n) //return (x*y mod n) for bigInts x,y,n. For greater speed, let y<x. | 103 | // function multMod(x,y,n) //return (x*y mod n) for bigInts x,y,n. For greater speed, let y<x. |
106 | // function powMod(x,y,n) //return (x**y mod n) where x,y,n are bigInts and ** is exponentiation. 0**0=1. Faster for odd n. | 104 | // function powMod(x,y,n) //return (x**y mod n) where x,y,n are bigInts and ** is exponentiation. 0**0=1. Faster for odd n. |
107 | // function randTruePrime(k) //return a new, random, k-bit, true prime using Maurer's algorithm. | 105 | // function randTruePrime(k) //return a new, random, k-bit, true prime using Maurer's algorithm. |
108 | // function sub(x,y) //return (x-y) for bigInts x and y. Negative answers will be 2s complement | 106 | // function sub(x,y) //return (x-y) for bigInts x and y. Negative answers will be 2s complement |
109 | // | 107 | // |
110 | // The following functions write a bigInt result to one of the parameters, but | 108 | // The following functions write a bigInt result to one of the parameters, but |
111 | // the result is never bigger than the original, so there can't be overflow problems: | 109 | // the result is never bigger than the original, so there can't be overflow problems: |
112 | // | 110 | // |
113 | // function divInt_(x,n) //do x=floor(x/n) for bigInt x and integer n, and return the remainder | 111 | // function divInt_(x,n) //do x=floor(x/n) for bigInt x and integer n, and return the remainder |
114 | // function GCD_(x,y) //set x to the greatest common divisor of bigInts x and y, (y is destroyed). | 112 | // function GCD_(x,y) //set x to the greatest common divisor of bigInts x and y, (y is destroyed). |
115 | // function halve_(x) //do x=floor(|x|/2)*sgn(x) for bigInt x in 2's complement | 113 | // function halve_(x) //do x=floor(|x|/2)*sgn(x) for bigInt x in 2's complement |
116 | // function mod_(x,n) //do x=x mod n for bigInts x and n. | 114 | // function mod_(x,n) //do x=x mod n for bigInts x and n. |
117 | // function rightShift_(x,n) //right shift bigInt x by n bits. 0 <= n < bpe. | 115 | // function rightShift_(x,n) //right shift bigInt x by n bits. 0 <= n < bpe. |
118 | // | 116 | // |
119 | // The following functions write a bigInt result to one of the parameters. The caller is responsible for | 117 | // The following functions write a bigInt result to one of the parameters. The caller is responsible for |
120 | // ensuring it is large enough to hold the result. | 118 | // ensuring it is large enough to hold the result. |
121 | // | 119 | // |
122 | // function addInt_(x,n) //do x=x+n where x is a bigInt and n is an integer | 120 | // function addInt_(x,n) //do x=x+n where x is a bigInt and n is an integer |
123 | // function add_(x,y) //do x=x+y for bigInts x and y | 121 | // function add_(x,y) //do x=x+y for bigInts x and y |
124 | // function addShift_(x,y,ys) //do x=x+(y<<(ys*bpe)) | 122 | // function addShift_(x,y,ys) //do x=x+(y<<(ys*bpe)) |
125 | // function copy_(x,y) //do x=y on bigInts x and y | 123 | // function copy_(x,y) //do x=y on bigInts x and y |
126 | // function copyInt_(x,n) //do x=n on bigInt x and integer n | 124 | // function copyInt_(x,n) //do x=n on bigInt x and integer n |
127 | // function carry_(x) //do carries and borrows so each element of the bigInt x fits in bpe bits. | 125 | // function carry_(x) //do carries and borrows so each element of the bigInt x fits in bpe bits. |
128 | // function divide_(x,y,q,r) //divide_ x by y giving quotient q and remainder r | 126 | // function divide_(x,y,q,r) //divide_ x by y giving quotient q and remainder r |
129 | // function eGCD_(x,y,d,a,b) //sets a,b,d to positive big integers such that d = GCD_(x,y) = a*x-b*y | 127 | // function eGCD_(x,y,d,a,b) //sets a,b,d to positive big integers such that d = GCD_(x,y) = a*x-b*y |
130 | // function inverseMod_(x,n) //do x=x**(-1) mod n, for bigInts x and n. Returns 1 (0) if inverse does (doesn't) exist | 128 | // function inverseMod_(x,n) //do x=x**(-1) mod n, for bigInts x and n. Returns 1 (0) if inverse does (doesn't) exist |
131 | // function inverseModInt_(x,n) //return x**(-1) mod n, for integers x and n. Return 0 if there is no inverse | 129 | // function inverseModInt_(x,n) //return x**(-1) mod n, for integers x and n. Return 0 if there is no inverse |
132 | // function leftShift_(x,n) //left shift bigInt x by n bits. n<bpe. | 130 | // function leftShift_(x,n) //left shift bigInt x by n bits. n<bpe. |
133 | // function linComb_(x,y,a,b) //do x=a*x+b*y for bigInts x and y and integers a and b | 131 | // function linComb_(x,y,a,b) //do x=a*x+b*y for bigInts x and y and integers a and b |
134 | // function linCombShift_(x,y,b,ys) //do x=x+b*(y<<(ys*bpe)) for bigInts x and y, and integers b and ys | 132 | // function linCombShift_(x,y,b,ys) //do x=x+b*(y<<(ys*bpe)) for bigInts x and y, and integers b and ys |
135 | // function mont_(x,y,n,np) //Montgomery multiplication (see comments where the function is defined) | 133 | // function mont_(x,y,n,np) //Montgomery multiplication (see comments where the function is defined) |
136 | // function mult_(x,y) //do x=x*y for bigInts x and y. | 134 | // function mult_(x,y) //do x=x*y for bigInts x and y. |
137 | // function multInt_(x,n) //do x=x*n where x is a bigInt and n is an integer. | 135 | // function multInt_(x,n) //do x=x*n where x is a bigInt and n is an integer. |
138 | // function multMod_(x,y,n) //do x=x*y mod n for bigInts x,y,n. | 136 | // function multMod_(x,y,n) //do x=x*y mod n for bigInts x,y,n. |
139 | // function powMod_(x,y,n) //do x=x**y mod n, where x,y,n are bigInts (n is odd) and ** is exponentiation. 0**0=1. | 137 | // function powMod_(x,y,n) //do x=x**y mod n, where x,y,n are bigInts (n is odd) and ** is exponentiation. 0**0=1. |
140 | // function randBigInt_(b,n,s) //do b = an n-bit random BigInt. if s=1, then nth bit (most significant bit) is set to 1. n>=1. | 138 | // function randBigInt_(b,n,s) //do b = an n-bit random BigInt. if s=1, then nth bit (most significant bit) is set to 1. n>=1. |
141 | // function randTruePrime_(ans,k) //do ans = a random k-bit true random prime (not just probable prime) with 1 in the msb. | 139 | // function randTruePrime_(ans,k) //do ans = a random k-bit true random prime (not just probable prime) with 1 in the msb. |
142 | // function squareMod_(x,n) //do x=x*x mod n for bigInts x,n | 140 | // function squareMod_(x,n) //do x=x*x mod n for bigInts x,n |
143 | // function sub_(x,y) //do x=x-y for bigInts x and y. Negative answers will be 2s complement. | 141 | // function sub_(x,y) //do x=x-y for bigInts x and y. Negative answers will be 2s complement. |
144 | // function subShift_(x,y,ys) //do x=x-(y<<(ys*bpe)). Negative answers will be 2s complement. | 142 | // function subShift_(x,y,ys) //do x=x-(y<<(ys*bpe)). Negative answers will be 2s complement. |
145 | // | 143 | // |
146 | // The following functions are based on algorithms from the _Handbook of Applied Cryptography_ | 144 | // The following functions are based on algorithms from the _Handbook of Applied Cryptography_ |
147 | // powMod_() = algorithm 14.94, Montgomery exponentiation | 145 | // powMod_() = algorithm 14.94, Montgomery exponentiation |
148 | // eGCD_,inverseMod_() = algorithm 14.61, Binary extended GCD_ | 146 | // eGCD_,inverseMod_() = algorithm 14.61, Binary extended GCD_ |
149 | // GCD_() = algorothm 14.57, Lehmer's algorithm | 147 | // GCD_() = algorothm 14.57, Lehmer's algorithm |
150 | // mont_() = algorithm 14.36, Montgomery multiplication | 148 | // mont_() = algorithm 14.36, Montgomery multiplication |
151 | // divide_() = algorithm 14.20 Multiple-precision division | 149 | // divide_() = algorithm 14.20 Multiple-precision division |
152 | // squareMod_() = algorithm 14.16 Multiple-precision squaring | 150 | // squareMod_() = algorithm 14.16 Multiple-precision squaring |
153 | // randTruePrime_() = algorithm 4.62, Maurer's algorithm | 151 | // randTruePrime_() = algorithm 4.62, Maurer's algorithm |
154 | // millerRabin() = algorithm 4.24, Miller-Rabin algorithm | 152 | // millerRabin() = algorithm 4.24, Miller-Rabin algorithm |
155 | // | 153 | // |
156 | // Profiling shows: | 154 | // Profiling shows: |
157 | // randTruePrime_() spends: | 155 | // randTruePrime_() spends: |
158 | // 10% of its time in calls to powMod_() | 156 | // 10% of its time in calls to powMod_() |
159 | // 85% of its time in calls to millerRabin() | 157 | // 85% of its time in calls to millerRabin() |
160 | // millerRabin() spends: | 158 | // millerRabin() spends: |
161 | // 99% of its time in calls to powMod_() (always with a base of 2) | 159 | // 99% of its time in calls to powMod_() (always with a base of 2) |
162 | // powMod_() spends: | 160 | // powMod_() spends: |
163 | // 94% of its time in calls to mont_() (almost always with x==y) | 161 | // 94% of its time in calls to mont_() (almost always with x==y) |
164 | // | 162 | // |
165 | // This suggests there are several ways to speed up this library slightly: | 163 | // This suggests there are several ways to speed up this library slightly: |
166 | // - convert powMod_ to use a Montgomery form of k-ary window (or maybe a Montgomery form of sliding window) | 164 | // - convert powMod_ to use a Montgomery form of k-ary window (or maybe a Montgomery form of sliding window) |
167 | // -- this should especially focus on being fast when raising 2 to a power mod n | 165 | // -- this should especially focus on being fast when raising 2 to a power mod n |
168 | // - convert randTruePrime_() to use a minimum r of 1/3 instead of 1/2 with the appropriate change to the test | 166 | // - convert randTruePrime_() to use a minimum r of 1/3 instead of 1/2 with the appropriate change to the test |
169 | // - tune the parameters in randTruePrime_(), including c, m, and recLimit | 167 | // - tune the parameters in randTruePrime_(), including c, m, and recLimit |
170 | // - speed up the single loop in mont_() that takes 95% of the runtime, perhaps by reducing checking | 168 | // - speed up the single loop in mont_() that takes 95% of the runtime, perhaps by reducing checking |
171 | // within the loop when all the parameters are the same length. | 169 | // within the loop when all the parameters are the same length. |
172 | // | 170 | // |
173 | // There are several ideas that look like they wouldn't help much at all: | 171 | // There are several ideas that look like they wouldn't help much at all: |
174 | // - replacing trial division in randTruePrime_() with a sieve (that speeds up something taking almost no time anyway) | 172 | // - replacing trial division in randTruePrime_() with a sieve (that speeds up something taking almost no time anyway) |
175 | // - increase bpe from 15 to 30 (that would help if we had a 32*32->64 multiplier, but not with JavaScript's 32*32->32) | 173 | // - increase bpe from 15 to 30 (that would help if we had a 32*32->64 multiplier, but not with JavaScript's 32*32->32) |
176 | // - speeding up mont_(x,y,n,np) when x==y by doing a non-modular, non-Montgomery square | 174 | // - speeding up mont_(x,y,n,np) when x==y by doing a non-modular, non-Montgomery square |
177 | // followed by a Montgomery reduction. The intermediate answer will be twice as long as x, so that | 175 | // followed by a Montgomery reduction. The intermediate answer will be twice as long as x, so that |
178 | // method would be slower. This is unfortunate because the code currently spends almost all of its time | 176 | // method would be slower. This is unfortunate because the code currently spends almost all of its time |
179 | // doing mont_(x,x,...), both for randTruePrime_() and powMod_(). A faster method for Montgomery squaring | 177 | // doing mont_(x,x,...), both for randTruePrime_() and powMod_(). A faster method for Montgomery squaring |
180 | // would have a large impact on the speed of randTruePrime_() and powMod_(). HAC has a couple of poorly-worded | 178 | // would have a large impact on the speed of randTruePrime_() and powMod_(). HAC has a couple of poorly-worded |
181 | // sentences that seem to imply it's faster to do a non-modular square followed by a single | 179 | // sentences that seem to imply it's faster to do a non-modular square followed by a single |
182 | // Montgomery reduction, but that's obviously wrong. | 180 | // Montgomery reduction, but that's obviously wrong. |
183 | //////////////////////////////////////////////////////////////////////////////////////// | 181 | //////////////////////////////////////////////////////////////////////////////////////// |
184 | 182 | ||
185 | // | 183 | // |
186 | //The whole library has been moved into the Baird.Crypto.BigInt scope by Giulio Cesare Solaroli <giulio.cesare@clipperz.com> | 184 | //The whole library has been moved into the Baird.Crypto.BigInt scope by Giulio Cesare Solaroli <giulio.cesare@clipperz.com> |
187 | // | 185 | // |
188 | Baird.Crypto.BigInt.VERSION = "5.0"; | 186 | Baird.Crypto.BigInt.VERSION = "5.0"; |
189 | Baird.Crypto.BigInt.NAME = "Baird.Crypto.BigInt"; | 187 | Baird.Crypto.BigInt.NAME = "Baird.Crypto.BigInt"; |
190 | 188 | ||
191 | MochiKit.Base.update(Baird.Crypto.BigInt, { | 189 | MochiKit.Base.update(Baird.Crypto.BigInt, { |
192 | //globals | 190 | //globals |
193 | 'bpe': 0, //bits stored per array element | 191 | 'bpe': 0, //bits stored per array element |
194 | 'mask': 0, //AND this with an array element to chop it down to bpe bits | 192 | 'mask': 0, //AND this with an array element to chop it down to bpe bits |
195 | 'radix': Baird.Crypto.BigInt.mask + 1,//equals 2^bpe. A single 1 bit to the left of the last bit of mask. | 193 | 'radix': Baird.Crypto.BigInt.mask + 1,//equals 2^bpe. A single 1 bit to the left of the last bit of mask. |
196 | 194 | ||
197 | //the digits for converting to different bases | 195 | //the digits for converting to different bases |
198 | 'digitsStr': '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_=!@#$%^&*()[]{}|;:,.<>/?`~ \\\'\"+-', | 196 | 'digitsStr': '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_=!@#$%^&*()[]{}|;:,.<>/?`~ \\\'\"+-', |
199 | 197 | ||
200 | //initialize the global variables | 198 | //initialize the global variables |
201 | for (bpe=0; (1<<(bpe+1)) > (1<<bpe); bpe++); //bpe=number of bits in the mantissa on this platform | 199 | for (bpe=0; (1<<(bpe+1)) > (1<<bpe); bpe++); //bpe=number of bits in the mantissa on this platform |
202 | bpe>>=1; //bpe=number of bits in one element of the array representing the bigInt | 200 | bpe>>=1; //bpe=number of bits in one element of the array representing the bigInt |
203 | mask=(1<<bpe)-1; //AND the mask with an integer to get its bpe least significant bits | 201 | mask=(1<<bpe)-1; //AND the mask with an integer to get its bpe least significant bits |
204 | radix=mask+1; //2^bpe. a single 1 bit to the left of the first bit of mask | 202 | radix=mask+1; //2^bpe. a single 1 bit to the left of the first bit of mask |
205 | one=int2bigInt(1,1,1); //constant used in powMod_() | 203 | one=int2bigInt(1,1,1); //constant used in powMod_() |
206 | 204 | ||
207 | //the following global variables are scratchpad memory to | 205 | //the following global variables are scratchpad memory to |
208 | //reduce dynamic memory allocation in the inner loop | 206 | //reduce dynamic memory allocation in the inner loop |
209 | t=new Array(0); | 207 | t=new Array(0); |
210 | ss=t; //used in mult_() | 208 | ss=t; //used in mult_() |
211 | s0=t; //used in multMod_(), squareMod_() | 209 | s0=t; //used in multMod_(), squareMod_() |
212 | s1=t; //used in powMod_(), multMod_(), squareMod_() | 210 | s1=t; //used in powMod_(), multMod_(), squareMod_() |
213 | s2=t; //used in powMod_(), multMod_() | 211 | s2=t; //used in powMod_(), multMod_() |
214 | s3=t; //used in powMod_() | 212 | s3=t; //used in powMod_() |
diff --git a/frontend/beta/js/Clipperz/Crypto/ECC.js b/frontend/beta/js/Clipperz/Crypto/ECC.js index bdfd9be..74eb02f 100644 --- a/frontend/beta/js/Clipperz/Crypto/ECC.js +++ b/frontend/beta/js/Clipperz/Crypto/ECC.js | |||
@@ -1,214 +1,212 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | /* | 24 | /* |
27 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 25 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
28 | throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; | 26 | throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; |
29 | } | 27 | } |
30 | 28 | ||
31 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } | 29 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } |
32 | 30 | ||
33 | 31 | ||
34 | //############################################################################# | 32 | //############################################################################# |
35 | 33 | ||
36 | Clipperz.Crypto.ECC.BinaryField = {}; | 34 | Clipperz.Crypto.ECC.BinaryField = {}; |
37 | 35 | ||
38 | //############################################################################# | 36 | //############################################################################# |
39 | 37 | ||
40 | Clipperz.Crypto.ECC.BinaryField.AbstractValue = function(aValue, aBase) { | 38 | Clipperz.Crypto.ECC.BinaryField.AbstractValue = function(aValue, aBase) { |
41 | return this; | 39 | return this; |
42 | } | 40 | } |
43 | 41 | ||
44 | Clipperz.Crypto.ECC.BinaryField.AbstractValue.prototype = MochiKit.Base.update(null, { | 42 | Clipperz.Crypto.ECC.BinaryField.AbstractValue.prototype = MochiKit.Base.update(null, { |
45 | 43 | ||
46 | 'asString': function(aBase) { | 44 | 'asString': function(aBase) { |
47 | throw Clipperz.Base.exception.AbstractMethod; | 45 | throw Clipperz.Base.exception.AbstractMethod; |
48 | }, | 46 | }, |
49 | 47 | ||
50 | 'isZero': function() { | 48 | 'isZero': function() { |
51 | throw Clipperz.Base.exception.AbstractMethod; | 49 | throw Clipperz.Base.exception.AbstractMethod; |
52 | }, | 50 | }, |
53 | 51 | ||
54 | 'shiftLeft': function(aNumberOfBitsToShift) { | 52 | 'shiftLeft': function(aNumberOfBitsToShift) { |
55 | throw Clipperz.Base.exception.AbstractMethod; | 53 | throw Clipperz.Base.exception.AbstractMethod; |
56 | }, | 54 | }, |
57 | 55 | ||
58 | 'bitSize': function() { | 56 | 'bitSize': function() { |
59 | throw Clipperz.Base.exception.AbstractMethod; | 57 | throw Clipperz.Base.exception.AbstractMethod; |
60 | }, | 58 | }, |
61 | 59 | ||
62 | 'isBitSet': function(aBitPosition) { | 60 | 'isBitSet': function(aBitPosition) { |
63 | throw Clipperz.Base.exception.AbstractMethod; | 61 | throw Clipperz.Base.exception.AbstractMethod; |
64 | }, | 62 | }, |
65 | 63 | ||
66 | 'xor': function(aValue) { | 64 | 'xor': function(aValue) { |
67 | throw Clipperz.Base.exception.AbstractMethod; | 65 | throw Clipperz.Base.exception.AbstractMethod; |
68 | }, | 66 | }, |
69 | 67 | ||
70 | 'compare': function(aValue) { | 68 | 'compare': function(aValue) { |
71 | throw Clipperz.Base.exception.AbstractMethod; | 69 | throw Clipperz.Base.exception.AbstractMethod; |
72 | }, | 70 | }, |
73 | 71 | ||
74 | //----------------------------------------------------------------------------- | 72 | //----------------------------------------------------------------------------- |
75 | __syntaxFix__: "syntax fix" | 73 | __syntaxFix__: "syntax fix" |
76 | }); | 74 | }); |
77 | 75 | ||
78 | //***************************************************************************** | 76 | //***************************************************************************** |
79 | / * | 77 | / * |
80 | Clipperz.Crypto.ECC.BinaryField.BigIntValue = function(aValue, aBase) { | 78 | Clipperz.Crypto.ECC.BinaryField.BigIntValue = function(aValue, aBase) { |
81 | this._value = new Clipperz.Crypto.BigInt(aValue, aBase); | 79 | this._value = new Clipperz.Crypto.BigInt(aValue, aBase); |
82 | return this; | 80 | return this; |
83 | } | 81 | } |
84 | 82 | ||
85 | Clipperz.Crypto.ECC.BinaryField.BigIntValue.prototype = MochiKit.Base.update(new Clipperz.Crypto.ECC.BinaryField.AbstractValue(), { | 83 | Clipperz.Crypto.ECC.BinaryField.BigIntValue.prototype = MochiKit.Base.update(new Clipperz.Crypto.ECC.BinaryField.AbstractValue(), { |
86 | 84 | ||
87 | 'value': function() { | 85 | 'value': function() { |
88 | return this._value; | 86 | return this._value; |
89 | }, | 87 | }, |
90 | 88 | ||
91 | //----------------------------------------------------------------------------- | 89 | //----------------------------------------------------------------------------- |
92 | 90 | ||
93 | 'isZero': function() { | 91 | 'isZero': function() { |
94 | return (this.value().compare(Clipperz.Crypto.ECC.BinaryField.BigIntValue.O) == 0); | 92 | return (this.value().compare(Clipperz.Crypto.ECC.BinaryField.BigIntValue.O) == 0); |
95 | }, | 93 | }, |
96 | 94 | ||
97 | //----------------------------------------------------------------------------- | 95 | //----------------------------------------------------------------------------- |
98 | 96 | ||
99 | 'asString': function(aBase) { | 97 | 'asString': function(aBase) { |
100 | return this.value().asString(aBase); | 98 | return this.value().asString(aBase); |
101 | }, | 99 | }, |
102 | 100 | ||
103 | //----------------------------------------------------------------------------- | 101 | //----------------------------------------------------------------------------- |
104 | 102 | ||
105 | 'shiftLeft': function(aNumberOfBitsToShift) { | 103 | 'shiftLeft': function(aNumberOfBitsToShift) { |
106 | return new Clipperz.Crypto.ECC.BinaryField.BigIntValue(this.value().shiftLeft(aNumberOfBitsToShift)); | 104 | return new Clipperz.Crypto.ECC.BinaryField.BigIntValue(this.value().shiftLeft(aNumberOfBitsToShift)); |
107 | }, | 105 | }, |
108 | 106 | ||
109 | //----------------------------------------------------------------------------- | 107 | //----------------------------------------------------------------------------- |
110 | 108 | ||
111 | 'bitSize': function() { | 109 | 'bitSize': function() { |
112 | return this.value().bitSize(); | 110 | return this.value().bitSize(); |
113 | }, | 111 | }, |
114 | 112 | ||
115 | //----------------------------------------------------------------------------- | 113 | //----------------------------------------------------------------------------- |
116 | 114 | ||
117 | 'isBitSet': function(aBitPosition) { | 115 | 'isBitSet': function(aBitPosition) { |
118 | return this.value().isBitSet(aBitPosition); | 116 | return this.value().isBitSet(aBitPosition); |
119 | }, | 117 | }, |
120 | 118 | ||
121 | //----------------------------------------------------------------------------- | 119 | //----------------------------------------------------------------------------- |
122 | 120 | ||
123 | 'xor': function(aValue) { | 121 | 'xor': function(aValue) { |
124 | return new Clipperz.Crypto.ECC.BinaryField.BigIntValue(this.value().xor(aValue.value())); | 122 | return new Clipperz.Crypto.ECC.BinaryField.BigIntValue(this.value().xor(aValue.value())); |
125 | }, | 123 | }, |
126 | 124 | ||
127 | //----------------------------------------------------------------------------- | 125 | //----------------------------------------------------------------------------- |
128 | 126 | ||
129 | 'compare': function(aValue) { | 127 | 'compare': function(aValue) { |
130 | return this.value().compare(aValue.value()); | 128 | return this.value().compare(aValue.value()); |
131 | }, | 129 | }, |
132 | 130 | ||
133 | //----------------------------------------------------------------------------- | 131 | //----------------------------------------------------------------------------- |
134 | __syntaxFix__: "syntax fix" | 132 | __syntaxFix__: "syntax fix" |
135 | }); | 133 | }); |
136 | 134 | ||
137 | Clipperz.Crypto.ECC.BinaryField.BigIntValue.O = new Clipperz.Crypto.BigInt(0); | 135 | Clipperz.Crypto.ECC.BinaryField.BigIntValue.O = new Clipperz.Crypto.BigInt(0); |
138 | Clipperz.Crypto.ECC.BinaryField.BigIntValue.I = new Clipperz.Crypto.BigInt(1); | 136 | Clipperz.Crypto.ECC.BinaryField.BigIntValue.I = new Clipperz.Crypto.BigInt(1); |
139 | * / | 137 | * / |
140 | //***************************************************************************** | 138 | //***************************************************************************** |
141 | 139 | ||
142 | Clipperz.Crypto.ECC.BinaryField.WordArrayValue = function(aValue, aBase) { | 140 | Clipperz.Crypto.ECC.BinaryField.WordArrayValue = function(aValue, aBase) { |
143 | if (aValue.constructor == String) { | 141 | if (aValue.constructor == String) { |
144 | varvalue; | 142 | varvalue; |
145 | varstringLength; | 143 | varstringLength; |
146 | var numberOfWords; | 144 | var numberOfWords; |
147 | vari,c; | 145 | vari,c; |
148 | 146 | ||
149 | if (aBase != 16) { | 147 | if (aBase != 16) { |
150 | throw Clipperz.Crypto.ECC.BinaryField.WordArrayValue.exception.UnsupportedBase; | 148 | throw Clipperz.Crypto.ECC.BinaryField.WordArrayValue.exception.UnsupportedBase; |
151 | } | 149 | } |
152 | 150 | ||
153 | value = aValue.replace(/ /g, ''); | 151 | value = aValue.replace(/ /g, ''); |
154 | stringLength = value.length; | 152 | stringLength = value.length; |
155 | numberOfWords = Math.ceil(stringLength / 8); | 153 | numberOfWords = Math.ceil(stringLength / 8); |
156 | this._value = new Array(numberOfWords); | 154 | this._value = new Array(numberOfWords); |
157 | 155 | ||
158 | c = numberOfWords; | 156 | c = numberOfWords; |
159 | for (i=0; i<c; i++) { | 157 | for (i=0; i<c; i++) { |
160 | varword; | 158 | varword; |
161 | 159 | ||
162 | if (i < (c-1)) { | 160 | if (i < (c-1)) { |
163 | word = parseInt(value.substr(stringLength-((i+1)*8), 8), 16); | 161 | word = parseInt(value.substr(stringLength-((i+1)*8), 8), 16); |
164 | } else { | 162 | } else { |
165 | word = parseInt(value.substr(0, stringLength-(i*8)), 16); | 163 | word = parseInt(value.substr(0, stringLength-(i*8)), 16); |
166 | } | 164 | } |
167 | 165 | ||
168 | this._value[i] = word; | 166 | this._value[i] = word; |
169 | } | 167 | } |
170 | } else if (aValue.constructor == Array) { | 168 | } else if (aValue.constructor == Array) { |
171 | var itemsToCopy; | 169 | var itemsToCopy; |
172 | 170 | ||
173 | itemsToCopy = aValue.length; | 171 | itemsToCopy = aValue.length; |
174 | while (aValue[itemsToCopy - 1] == 0) { | 172 | while (aValue[itemsToCopy - 1] == 0) { |
175 | itemsToCopy --; | 173 | itemsToCopy --; |
176 | } | 174 | } |
177 | 175 | ||
178 | this._value = aValue.slice(0, itemsToCopy); | 176 | this._value = aValue.slice(0, itemsToCopy); |
179 | } else if (aValue.constructor == Number) { | 177 | } else if (aValue.constructor == Number) { |
180 | this._value = [aValue]; | 178 | this._value = [aValue]; |
181 | } else { | 179 | } else { |
182 | // throw Clipperz.Crypto.ECC.BinaryField.WordArrayValue.exception.UnsupportedConstructorValueType; | 180 | // throw Clipperz.Crypto.ECC.BinaryField.WordArrayValue.exception.UnsupportedConstructorValueType; |
183 | } | 181 | } |
184 | 182 | ||
185 | return this; | 183 | return this; |
186 | } | 184 | } |
187 | 185 | ||
188 | Clipperz.Crypto.ECC.BinaryField.WordArrayValue.prototype = MochiKit.Base.update(new Clipperz.Crypto.ECC.BinaryField.AbstractValue(), { | 186 | Clipperz.Crypto.ECC.BinaryField.WordArrayValue.prototype = MochiKit.Base.update(new Clipperz.Crypto.ECC.BinaryField.AbstractValue(), { |
189 | 187 | ||
190 | 'value': function() { | 188 | 'value': function() { |
191 | return this._value; | 189 | return this._value; |
192 | }, | 190 | }, |
193 | 191 | ||
194 | //----------------------------------------------------------------------------- | 192 | //----------------------------------------------------------------------------- |
195 | 193 | ||
196 | 'wordSize': function() { | 194 | 'wordSize': function() { |
197 | return this._value.length | 195 | return this._value.length |
198 | }, | 196 | }, |
199 | 197 | ||
200 | //----------------------------------------------------------------------------- | 198 | //----------------------------------------------------------------------------- |
201 | 199 | ||
202 | 'clone': function() { | 200 | 'clone': function() { |
203 | return new Clipperz.Crypto.ECC.BinaryField.WordArrayValue(this._value.slice(0)); | 201 | return new Clipperz.Crypto.ECC.BinaryField.WordArrayValue(this._value.slice(0)); |
204 | }, | 202 | }, |
205 | 203 | ||
206 | //----------------------------------------------------------------------------- | 204 | //----------------------------------------------------------------------------- |
207 | 205 | ||
208 | 'isZero': function() { | 206 | 'isZero': function() { |
209 | return (this.compare(Clipperz.Crypto.ECC.BinaryField.WordArrayValue.O) == 0); | 207 | return (this.compare(Clipperz.Crypto.ECC.BinaryField.WordArrayValue.O) == 0); |
210 | }, | 208 | }, |
211 | 209 | ||
212 | //----------------------------------------------------------------------------- | 210 | //----------------------------------------------------------------------------- |
213 | 211 | ||
214 | 'asString': function(aBase) { | 212 | 'asString': function(aBase) { |
diff --git a/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Curve.js b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Curve.js index 01127c3..c39a075 100644 --- a/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Curve.js +++ b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Curve.js | |||
@@ -1,214 +1,212 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; | 25 | throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; |
28 | } | 26 | } |
29 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } | 27 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } |
30 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } | 28 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } |
31 | 29 | ||
32 | Clipperz.Crypto.ECC.BinaryField.Curve = function(args) { | 30 | Clipperz.Crypto.ECC.BinaryField.Curve = function(args) { |
33 | args = args || {}; | 31 | args = args || {}; |
34 | 32 | ||
35 | this._modulus = args.modulus; | 33 | this._modulus = args.modulus; |
36 | 34 | ||
37 | this._a = args.a; | 35 | this._a = args.a; |
38 | this._b = args.b; | 36 | this._b = args.b; |
39 | this._G = args.G; | 37 | this._G = args.G; |
40 | this._r = args.r; | 38 | this._r = args.r; |
41 | this._h = args.h; | 39 | this._h = args.h; |
42 | 40 | ||
43 | this._finiteField = null; | 41 | this._finiteField = null; |
44 | 42 | ||
45 | return this; | 43 | return this; |
46 | } | 44 | } |
47 | 45 | ||
48 | Clipperz.Crypto.ECC.BinaryField.Curve.prototype = MochiKit.Base.update(null, { | 46 | Clipperz.Crypto.ECC.BinaryField.Curve.prototype = MochiKit.Base.update(null, { |
49 | 47 | ||
50 | 'asString': function() { | 48 | 'asString': function() { |
51 | return "Clipperz.Crypto.ECC.BinaryField.Curve"; | 49 | return "Clipperz.Crypto.ECC.BinaryField.Curve"; |
52 | }, | 50 | }, |
53 | 51 | ||
54 | //----------------------------------------------------------------------------- | 52 | //----------------------------------------------------------------------------- |
55 | 53 | ||
56 | 'modulus': function() { | 54 | 'modulus': function() { |
57 | return this._modulus; | 55 | return this._modulus; |
58 | }, | 56 | }, |
59 | 57 | ||
60 | 'a': function() { | 58 | 'a': function() { |
61 | return this._a; | 59 | return this._a; |
62 | }, | 60 | }, |
63 | 61 | ||
64 | 'b': function() { | 62 | 'b': function() { |
65 | return this._b; | 63 | return this._b; |
66 | }, | 64 | }, |
67 | 65 | ||
68 | 'G': function() { | 66 | 'G': function() { |
69 | return this._G; | 67 | return this._G; |
70 | }, | 68 | }, |
71 | 69 | ||
72 | 'r': function() { | 70 | 'r': function() { |
73 | return this._r; | 71 | return this._r; |
74 | }, | 72 | }, |
75 | 73 | ||
76 | 'h': function() { | 74 | 'h': function() { |
77 | return this._h; | 75 | return this._h; |
78 | }, | 76 | }, |
79 | 77 | ||
80 | //----------------------------------------------------------------------------- | 78 | //----------------------------------------------------------------------------- |
81 | 79 | ||
82 | 'finiteField': function() { | 80 | 'finiteField': function() { |
83 | if (this._finiteField == null) { | 81 | if (this._finiteField == null) { |
84 | this._finiteField = new Clipperz.Crypto.ECC.BinaryField.FiniteField({modulus:this.modulus()}) | 82 | this._finiteField = new Clipperz.Crypto.ECC.BinaryField.FiniteField({modulus:this.modulus()}) |
85 | } | 83 | } |
86 | 84 | ||
87 | return this._finiteField; | 85 | return this._finiteField; |
88 | }, | 86 | }, |
89 | 87 | ||
90 | //----------------------------------------------------------------------------- | 88 | //----------------------------------------------------------------------------- |
91 | 89 | ||
92 | 'negate': function(aPointA) { | 90 | 'negate': function(aPointA) { |
93 | var result; | 91 | var result; |
94 | 92 | ||
95 | result = new Clipperz.Crypto.ECC.Point({x:aPointA.x(), y:this.finiteField().add(aPointA.y(), aPointA.x())}) | 93 | result = new Clipperz.Crypto.ECC.Point({x:aPointA.x(), y:this.finiteField().add(aPointA.y(), aPointA.x())}) |
96 | 94 | ||
97 | return result; | 95 | return result; |
98 | }, | 96 | }, |
99 | 97 | ||
100 | //----------------------------------------------------------------------------- | 98 | //----------------------------------------------------------------------------- |
101 | 99 | ||
102 | 'add': function(aPointA, aPointB) { | 100 | 'add': function(aPointA, aPointB) { |
103 | var result; | 101 | var result; |
104 | 102 | ||
105 | //console.log(">>> ECC.BinaryField.Curve.add"); | 103 | //console.log(">>> ECC.BinaryField.Curve.add"); |
106 | if (aPointA.isZero()) { | 104 | if (aPointA.isZero()) { |
107 | //console.log("--- pointA == zero"); | 105 | //console.log("--- pointA == zero"); |
108 | result = aPointB; | 106 | result = aPointB; |
109 | } else if (aPointB.isZero()) { | 107 | } else if (aPointB.isZero()) { |
110 | //console.log("--- pointB == zero"); | 108 | //console.log("--- pointB == zero"); |
111 | result = aPointA; | 109 | result = aPointA; |
112 | } else if ((aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) { | 110 | } else if ((aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) { |
113 | //console.log("compare A.x - B.x: ", aPointA.x().compare(aPointB.x())); | 111 | //console.log("compare A.x - B.x: ", aPointA.x().compare(aPointB.x())); |
114 | //console.log("compare A.y - B.y: ", (aPointA.y().compare(aPointB.y()) != 0)); | 112 | //console.log("compare A.y - B.y: ", (aPointA.y().compare(aPointB.y()) != 0)); |
115 | //console.log("compare B.x.isZero(): ", aPointB.x().isZero()); | 113 | //console.log("compare B.x.isZero(): ", aPointB.x().isZero()); |
116 | 114 | ||
117 | //console.log("--- result = zero"); | 115 | //console.log("--- result = zero"); |
118 | result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); | 116 | result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); |
119 | } else { | 117 | } else { |
120 | //console.log("--- result = ELSE"); | 118 | //console.log("--- result = ELSE"); |
121 | varf2m; | 119 | varf2m; |
122 | var x, y; | 120 | var x, y; |
123 | var lambda; | 121 | var lambda; |
124 | var aX, aY, bX, bY; | 122 | var aX, aY, bX, bY; |
125 | 123 | ||
126 | aX = aPointA.x()._value; | 124 | aX = aPointA.x()._value; |
127 | aY = aPointA.y()._value; | 125 | aY = aPointA.y()._value; |
128 | bX = aPointB.x()._value; | 126 | bX = aPointB.x()._value; |
129 | bY = aPointB.y()._value; | 127 | bY = aPointB.y()._value; |
130 | 128 | ||
131 | f2m = this.finiteField(); | 129 | f2m = this.finiteField(); |
132 | 130 | ||
133 | if (aPointA.x().compare(aPointB.x()) != 0) { | 131 | if (aPointA.x().compare(aPointB.x()) != 0) { |
134 | //console.log(" a.x != b.x"); | 132 | //console.log(" a.x != b.x"); |
135 | lambda =f2m._fastMultiply( | 133 | lambda =f2m._fastMultiply( |
136 | f2m._add(aY, bY), | 134 | f2m._add(aY, bY), |
137 | f2m._inverse(f2m._add(aX, bX)) | 135 | f2m._inverse(f2m._add(aX, bX)) |
138 | ); | 136 | ); |
139 | x = f2m._add(this.a()._value, f2m._square(lambda)); | 137 | x = f2m._add(this.a()._value, f2m._square(lambda)); |
140 | f2m._overwriteAdd(x, lambda); | 138 | f2m._overwriteAdd(x, lambda); |
141 | f2m._overwriteAdd(x, aX); | 139 | f2m._overwriteAdd(x, aX); |
142 | f2m._overwriteAdd(x, bX); | 140 | f2m._overwriteAdd(x, bX); |
143 | } else { | 141 | } else { |
144 | //console.log(" a.x == b.x"); | 142 | //console.log(" a.x == b.x"); |
145 | lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX))); | 143 | lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX))); |
146 | //console.log(" lambda: " + lambda.asString(16)); | 144 | //console.log(" lambda: " + lambda.asString(16)); |
147 | x = f2m._add(this.a()._value, f2m._square(lambda)); | 145 | x = f2m._add(this.a()._value, f2m._square(lambda)); |
148 | //console.log(" x (step 1): " + x.asString(16)); | 146 | //console.log(" x (step 1): " + x.asString(16)); |
149 | f2m._overwriteAdd(x, lambda); | 147 | f2m._overwriteAdd(x, lambda); |
150 | //console.log(" x (step 2): " + x.asString(16)); | 148 | //console.log(" x (step 2): " + x.asString(16)); |
151 | } | 149 | } |
152 | 150 | ||
153 | y = f2m._fastMultiply(f2m._add(bX, x), lambda); | 151 | y = f2m._fastMultiply(f2m._add(bX, x), lambda); |
154 | //console.log(" y (step 1): " + y.asString(16)); | 152 | //console.log(" y (step 1): " + y.asString(16)); |
155 | f2m._overwriteAdd(y, x); | 153 | f2m._overwriteAdd(y, x); |
156 | //console.log(" y (step 2): " + y.asString(16)); | 154 | //console.log(" y (step 2): " + y.asString(16)); |
157 | f2m._overwriteAdd(y, bY); | 155 | f2m._overwriteAdd(y, bY); |
158 | //console.log(" y (step 3): " + y.asString(16)); | 156 | //console.log(" y (step 3): " + y.asString(16)); |
159 | 157 | ||
160 | result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)}) | 158 | result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)}) |
161 | } | 159 | } |
162 | //console.log("<<< ECC.BinaryField.Curve.add"); | 160 | //console.log("<<< ECC.BinaryField.Curve.add"); |
163 | 161 | ||
164 | return result; | 162 | return result; |
165 | }, | 163 | }, |
166 | 164 | ||
167 | //----------------------------------------------------------------------------- | 165 | //----------------------------------------------------------------------------- |
168 | 166 | ||
169 | 'overwriteAdd': function(aPointA, aPointB) { | 167 | 'overwriteAdd': function(aPointA, aPointB) { |
170 | if (aPointA.isZero()) { | 168 | if (aPointA.isZero()) { |
171 | // result = aPointB; | 169 | // result = aPointB; |
172 | aPointA._x._value = aPointB._x._value; | 170 | aPointA._x._value = aPointB._x._value; |
173 | aPointA._y._value = aPointB._y._value; | 171 | aPointA._y._value = aPointB._y._value; |
174 | } else if (aPointB.isZero()) { | 172 | } else if (aPointB.isZero()) { |
175 | // result = aPointA; | 173 | // result = aPointA; |
176 | } else if ((aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) { | 174 | } else if ((aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) { |
177 | // result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); | 175 | // result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); |
178 | aPointA._x = Clipperz.Crypto.ECC.BinaryField.Value.O; | 176 | aPointA._x = Clipperz.Crypto.ECC.BinaryField.Value.O; |
179 | aPointA._y = Clipperz.Crypto.ECC.BinaryField.Value.O; | 177 | aPointA._y = Clipperz.Crypto.ECC.BinaryField.Value.O; |
180 | } else { | 178 | } else { |
181 | varf2m; | 179 | varf2m; |
182 | var x, y; | 180 | var x, y; |
183 | var lambda; | 181 | var lambda; |
184 | var aX, aY, bX, bY; | 182 | var aX, aY, bX, bY; |
185 | 183 | ||
186 | aX = aPointA.x()._value; | 184 | aX = aPointA.x()._value; |
187 | aY = aPointA.y()._value; | 185 | aY = aPointA.y()._value; |
188 | bX = aPointB.x()._value; | 186 | bX = aPointB.x()._value; |
189 | bY = aPointB.y()._value; | 187 | bY = aPointB.y()._value; |
190 | 188 | ||
191 | f2m = this.finiteField(); | 189 | f2m = this.finiteField(); |
192 | 190 | ||
193 | if (aPointA.x().compare(aPointB.x()) != 0) { | 191 | if (aPointA.x().compare(aPointB.x()) != 0) { |
194 | //console.log(" a.x != b.x"); | 192 | //console.log(" a.x != b.x"); |
195 | lambda =f2m._fastMultiply( | 193 | lambda =f2m._fastMultiply( |
196 | f2m._add(aY, bY), | 194 | f2m._add(aY, bY), |
197 | f2m._inverse(f2m._add(aX, bX)) | 195 | f2m._inverse(f2m._add(aX, bX)) |
198 | ); | 196 | ); |
199 | x = f2m._add(this.a()._value, f2m._square(lambda)); | 197 | x = f2m._add(this.a()._value, f2m._square(lambda)); |
200 | f2m._overwriteAdd(x, lambda); | 198 | f2m._overwriteAdd(x, lambda); |
201 | f2m._overwriteAdd(x, aX); | 199 | f2m._overwriteAdd(x, aX); |
202 | f2m._overwriteAdd(x, bX); | 200 | f2m._overwriteAdd(x, bX); |
203 | } else { | 201 | } else { |
204 | //console.log(" a.x == b.x"); | 202 | //console.log(" a.x == b.x"); |
205 | lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX))); | 203 | lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX))); |
206 | //console.log(" lambda: " + lambda.asString(16)); | 204 | //console.log(" lambda: " + lambda.asString(16)); |
207 | x = f2m._add(this.a()._value, f2m._square(lambda)); | 205 | x = f2m._add(this.a()._value, f2m._square(lambda)); |
208 | //console.log(" x (step 1): " + x.asString(16)); | 206 | //console.log(" x (step 1): " + x.asString(16)); |
209 | f2m._overwriteAdd(x, lambda); | 207 | f2m._overwriteAdd(x, lambda); |
210 | //console.log(" x (step 2): " + x.asString(16)); | 208 | //console.log(" x (step 2): " + x.asString(16)); |
211 | } | 209 | } |
212 | 210 | ||
213 | y = f2m._fastMultiply(f2m._add(bX, x), lambda); | 211 | y = f2m._fastMultiply(f2m._add(bX, x), lambda); |
214 | //console.log(" y (step 1): " + y.asString(16)); | 212 | //console.log(" y (step 1): " + y.asString(16)); |
diff --git a/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js index 650b479..de1e6a8 100644 --- a/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js +++ b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js | |||
@@ -1,214 +1,212 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; | 25 | throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; |
28 | } | 26 | } |
29 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } | 27 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } |
30 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } | 28 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } |
31 | 29 | ||
32 | Clipperz.Crypto.ECC.BinaryField.FiniteField = function(args) { | 30 | Clipperz.Crypto.ECC.BinaryField.FiniteField = function(args) { |
33 | args = args || {}; | 31 | args = args || {}; |
34 | this._modulus = args.modulus; | 32 | this._modulus = args.modulus; |
35 | 33 | ||
36 | return this; | 34 | return this; |
37 | } | 35 | } |
38 | 36 | ||
39 | Clipperz.Crypto.ECC.BinaryField.FiniteField.prototype = MochiKit.Base.update(null, { | 37 | Clipperz.Crypto.ECC.BinaryField.FiniteField.prototype = MochiKit.Base.update(null, { |
40 | 38 | ||
41 | 'asString': function() { | 39 | 'asString': function() { |
42 | return "Clipperz.Crypto.ECC.BinaryField.FiniteField (" + this.modulus().asString() + ")"; | 40 | return "Clipperz.Crypto.ECC.BinaryField.FiniteField (" + this.modulus().asString() + ")"; |
43 | }, | 41 | }, |
44 | 42 | ||
45 | //----------------------------------------------------------------------------- | 43 | //----------------------------------------------------------------------------- |
46 | 44 | ||
47 | 'modulus': function() { | 45 | 'modulus': function() { |
48 | return this._modulus; | 46 | return this._modulus; |
49 | }, | 47 | }, |
50 | 48 | ||
51 | //----------------------------------------------------------------------------- | 49 | //----------------------------------------------------------------------------- |
52 | 50 | ||
53 | '_module': function(aValue) { | 51 | '_module': function(aValue) { |
54 | varresult; | 52 | varresult; |
55 | var modulusComparison; | 53 | var modulusComparison; |
56 | //console.log(">>> binaryField.finiteField.(standard)module"); | 54 | //console.log(">>> binaryField.finiteField.(standard)module"); |
57 | 55 | ||
58 | modulusComparison = Clipperz.Crypto.ECC.BinaryField.Value._compare(aValue, this.modulus()._value); | 56 | modulusComparison = Clipperz.Crypto.ECC.BinaryField.Value._compare(aValue, this.modulus()._value); |
59 | 57 | ||
60 | if (modulusComparison < 0) { | 58 | if (modulusComparison < 0) { |
61 | result = aValue; | 59 | result = aValue; |
62 | } else if (modulusComparison == 0) { | 60 | } else if (modulusComparison == 0) { |
63 | result = [0]; | 61 | result = [0]; |
64 | } else { | 62 | } else { |
65 | var modulusBitSize; | 63 | var modulusBitSize; |
66 | var resultBitSize; | 64 | var resultBitSize; |
67 | 65 | ||
68 | result = aValue; | 66 | result = aValue; |
69 | 67 | ||
70 | modulusBitSize = this.modulus().bitSize(); | 68 | modulusBitSize = this.modulus().bitSize(); |
71 | resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result); | 69 | resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result); |
72 | while (resultBitSize >= modulusBitSize) { | 70 | while (resultBitSize >= modulusBitSize) { |
73 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this.modulus()._value, resultBitSize - modulusBitSize)); | 71 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this.modulus()._value, resultBitSize - modulusBitSize)); |
74 | resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result); | 72 | resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result); |
75 | } | 73 | } |
76 | } | 74 | } |
77 | //console.log("<<< binaryField.finiteField.(standard)module"); | 75 | //console.log("<<< binaryField.finiteField.(standard)module"); |
78 | 76 | ||
79 | return result; | 77 | return result; |
80 | }, | 78 | }, |
81 | 79 | ||
82 | 'module': function(aValue) { | 80 | 'module': function(aValue) { |
83 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._module(aValue._value.slice(0))); | 81 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._module(aValue._value.slice(0))); |
84 | }, | 82 | }, |
85 | 83 | ||
86 | //----------------------------------------------------------------------------- | 84 | //----------------------------------------------------------------------------- |
87 | 85 | ||
88 | '_add': function(a, b) { | 86 | '_add': function(a, b) { |
89 | return Clipperz.Crypto.ECC.BinaryField.Value._xor(a, b); | 87 | return Clipperz.Crypto.ECC.BinaryField.Value._xor(a, b); |
90 | }, | 88 | }, |
91 | 89 | ||
92 | '_overwriteAdd': function(a, b) { | 90 | '_overwriteAdd': function(a, b) { |
93 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(a, b); | 91 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(a, b); |
94 | }, | 92 | }, |
95 | 93 | ||
96 | 'add': function(a, b) { | 94 | 'add': function(a, b) { |
97 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._add(a._value, b._value)); | 95 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._add(a._value, b._value)); |
98 | }, | 96 | }, |
99 | 97 | ||
100 | //----------------------------------------------------------------------------- | 98 | //----------------------------------------------------------------------------- |
101 | 99 | ||
102 | 'negate': function(aValue) { | 100 | 'negate': function(aValue) { |
103 | return aValue.clone(); | 101 | return aValue.clone(); |
104 | }, | 102 | }, |
105 | 103 | ||
106 | //----------------------------------------------------------------------------- | 104 | //----------------------------------------------------------------------------- |
107 | 105 | ||
108 | '_multiply': function(a, b) { | 106 | '_multiply': function(a, b) { |
109 | var result; | 107 | var result; |
110 | var valueToXor; | 108 | var valueToXor; |
111 | var i,c; | 109 | var i,c; |
112 | 110 | ||
113 | result = [0]; | 111 | result = [0]; |
114 | valueToXor = b; | 112 | valueToXor = b; |
115 | c = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(a); | 113 | c = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(a); |
116 | for (i=0; i<c; i++) { | 114 | for (i=0; i<c; i++) { |
117 | if (Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(a, i) === true) { | 115 | if (Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(a, i) === true) { |
118 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, valueToXor); | 116 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, valueToXor); |
119 | } | 117 | } |
120 | valueToXor = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(valueToXor, 1); | 118 | valueToXor = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(valueToXor, 1); |
121 | } | 119 | } |
122 | result = this._module(result); | 120 | result = this._module(result); |
123 | 121 | ||
124 | return result; | 122 | return result; |
125 | }, | 123 | }, |
126 | 124 | ||
127 | 'multiply': function(a, b) { | 125 | 'multiply': function(a, b) { |
128 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._multiply(a._value, b._value)); | 126 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._multiply(a._value, b._value)); |
129 | }, | 127 | }, |
130 | 128 | ||
131 | //----------------------------------------------------------------------------- | 129 | //----------------------------------------------------------------------------- |
132 | 130 | ||
133 | '_fastMultiply': function(a, b) { | 131 | '_fastMultiply': function(a, b) { |
134 | var result; | 132 | var result; |
135 | var B; | 133 | var B; |
136 | var i,c; | 134 | var i,c; |
137 | 135 | ||
138 | result = [0]; | 136 | result = [0]; |
139 | B = b.slice(0); //Is this array copy avoidable? | 137 | B = b.slice(0); //Is this array copy avoidable? |
140 | c = 32; | 138 | c = 32; |
141 | for (i=0; i<c; i++) { | 139 | for (i=0; i<c; i++) { |
142 | var ii, cc; | 140 | var ii, cc; |
143 | 141 | ||
144 | cc = a.length; | 142 | cc = a.length; |
145 | for (ii=0; ii<cc; ii++) { | 143 | for (ii=0; ii<cc; ii++) { |
146 | if (((a[ii] >>> i) & 0x01) == 1) { | 144 | if (((a[ii] >>> i) & 0x01) == 1) { |
147 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, B, ii); | 145 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, B, ii); |
148 | } | 146 | } |
149 | } | 147 | } |
150 | 148 | ||
151 | if (i < (c-1)) { | 149 | if (i < (c-1)) { |
152 | B = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(B, 1); | 150 | B = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(B, 1); |
153 | } | 151 | } |
154 | } | 152 | } |
155 | result = this._module(result); | 153 | result = this._module(result); |
156 | 154 | ||
157 | return result; | 155 | return result; |
158 | }, | 156 | }, |
159 | 157 | ||
160 | 'fastMultiply': function(a, b) { | 158 | 'fastMultiply': function(a, b) { |
161 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._fastMultiply(a._value, b._value)); | 159 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._fastMultiply(a._value, b._value)); |
162 | }, | 160 | }, |
163 | 161 | ||
164 | //----------------------------------------------------------------------------- | 162 | //----------------------------------------------------------------------------- |
165 | // | 163 | // |
166 | //Guide to Elliptic Curve Cryptography | 164 | //Guide to Elliptic Curve Cryptography |
167 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone | 165 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone |
168 | //- Pag: 49, Alorithm 2.34 | 166 | //- Pag: 49, Alorithm 2.34 |
169 | // | 167 | // |
170 | //----------------------------------------------------------------------------- | 168 | //----------------------------------------------------------------------------- |
171 | 169 | ||
172 | '_square': function(aValue) { | 170 | '_square': function(aValue) { |
173 | var result; | 171 | var result; |
174 | var value; | 172 | var value; |
175 | var c,i; | 173 | var c,i; |
176 | var precomputedValues; | 174 | var precomputedValues; |
177 | 175 | ||
178 | value = aValue; | 176 | value = aValue; |
179 | result = new Array(value.length * 2); | 177 | result = new Array(value.length * 2); |
180 | precomputedValues = Clipperz.Crypto.ECC.BinaryField.FiniteField.squarePrecomputedBytes; | 178 | precomputedValues = Clipperz.Crypto.ECC.BinaryField.FiniteField.squarePrecomputedBytes; |
181 | 179 | ||
182 | c = value.length; | 180 | c = value.length; |
183 | for (i=0; i<c; i++) { | 181 | for (i=0; i<c; i++) { |
184 | result[i*2] = precomputedValues[(value[i] & 0x000000ff)]; | 182 | result[i*2] = precomputedValues[(value[i] & 0x000000ff)]; |
185 | result[i*2] |= ((precomputedValues[(value[i] & 0x0000ff00) >>> 8]) << 16); | 183 | result[i*2] |= ((precomputedValues[(value[i] & 0x0000ff00) >>> 8]) << 16); |
186 | 184 | ||
187 | result[i*2 + 1] = precomputedValues[(value[i] & 0x00ff0000) >>> 16]; | 185 | result[i*2 + 1] = precomputedValues[(value[i] & 0x00ff0000) >>> 16]; |
188 | result[i*2 + 1] |= ((precomputedValues[(value[i] & 0xff000000) >>> 24]) << 16); | 186 | result[i*2 + 1] |= ((precomputedValues[(value[i] & 0xff000000) >>> 24]) << 16); |
189 | } | 187 | } |
190 | 188 | ||
191 | return this._module(result); | 189 | return this._module(result); |
192 | }, | 190 | }, |
193 | 191 | ||
194 | 'square': function(aValue) { | 192 | 'square': function(aValue) { |
195 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._square(aValue._value)); | 193 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._square(aValue._value)); |
196 | }, | 194 | }, |
197 | 195 | ||
198 | //----------------------------------------------------------------------------- | 196 | //----------------------------------------------------------------------------- |
199 | 197 | ||
200 | '_inverse': function(aValue) { | 198 | '_inverse': function(aValue) { |
201 | varresult; | 199 | varresult; |
202 | var b, c; | 200 | var b, c; |
203 | var u, v; | 201 | var u, v; |
204 | 202 | ||
205 | // b = Clipperz.Crypto.ECC.BinaryField.Value.I._value; | 203 | // b = Clipperz.Crypto.ECC.BinaryField.Value.I._value; |
206 | b = [1]; | 204 | b = [1]; |
207 | // c = Clipperz.Crypto.ECC.BinaryField.Value.O._value; | 205 | // c = Clipperz.Crypto.ECC.BinaryField.Value.O._value; |
208 | c = [0]; | 206 | c = [0]; |
209 | u = this._module(aValue); | 207 | u = this._module(aValue); |
210 | v = this.modulus()._value.slice(0); | 208 | v = this.modulus()._value.slice(0); |
211 | 209 | ||
212 | while (Clipperz.Crypto.ECC.BinaryField.Value._bitSize(u) > 1) { | 210 | while (Clipperz.Crypto.ECC.BinaryField.Value._bitSize(u) > 1) { |
213 | varbitDifferenceSize; | 211 | varbitDifferenceSize; |
214 | 212 | ||
diff --git a/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Point.js b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Point.js index 6661839..c5db6c6 100644 --- a/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Point.js +++ b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Point.js | |||
@@ -1,64 +1,62 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; | 25 | throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; |
28 | } | 26 | } |
29 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } | 27 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } |
30 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } | 28 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } |
31 | 29 | ||
32 | Clipperz.Crypto.ECC.BinaryField.Point = function(args) { | 30 | Clipperz.Crypto.ECC.BinaryField.Point = function(args) { |
33 | args = args || {}; | 31 | args = args || {}; |
34 | this._x = args.x; | 32 | this._x = args.x; |
35 | this._y = args.y; | 33 | this._y = args.y; |
36 | 34 | ||
37 | return this; | 35 | return this; |
38 | } | 36 | } |
39 | 37 | ||
40 | Clipperz.Crypto.ECC.BinaryField.Point.prototype = MochiKit.Base.update(null, { | 38 | Clipperz.Crypto.ECC.BinaryField.Point.prototype = MochiKit.Base.update(null, { |
41 | 39 | ||
42 | 'asString': function() { | 40 | 'asString': function() { |
43 | return "Clipperz.Crypto.ECC.BinaryField.Point (" + this.x() + ", " + this.y() + ")"; | 41 | return "Clipperz.Crypto.ECC.BinaryField.Point (" + this.x() + ", " + this.y() + ")"; |
44 | }, | 42 | }, |
45 | 43 | ||
46 | //----------------------------------------------------------------------------- | 44 | //----------------------------------------------------------------------------- |
47 | 45 | ||
48 | 'x': function() { | 46 | 'x': function() { |
49 | return this._x; | 47 | return this._x; |
50 | }, | 48 | }, |
51 | 49 | ||
52 | 'y': function() { | 50 | 'y': function() { |
53 | return this._y; | 51 | return this._y; |
54 | }, | 52 | }, |
55 | 53 | ||
56 | //----------------------------------------------------------------------------- | 54 | //----------------------------------------------------------------------------- |
57 | 55 | ||
58 | 'isZero': function() { | 56 | 'isZero': function() { |
59 | return (this.x().isZero() && this.y().isZero()) | 57 | return (this.x().isZero() && this.y().isZero()) |
60 | }, | 58 | }, |
61 | 59 | ||
62 | //----------------------------------------------------------------------------- | 60 | //----------------------------------------------------------------------------- |
63 | __syntaxFix__: "syntax fix" | 61 | __syntaxFix__: "syntax fix" |
64 | }); | 62 | }); |
diff --git a/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Value.js b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Value.js index b5beafa..278c299 100644 --- a/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Value.js +++ b/frontend/beta/js/Clipperz/Crypto/ECC/BinaryField/Value.js | |||
@@ -1,214 +1,212 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; | 25 | throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; |
28 | } | 26 | } |
29 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } | 27 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } |
30 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } | 28 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } |
31 | 29 | ||
32 | Clipperz.Crypto.ECC.BinaryField.Value = function(aValue, aBase) { | 30 | Clipperz.Crypto.ECC.BinaryField.Value = function(aValue, aBase) { |
33 | if (aValue.constructor == String) { | 31 | if (aValue.constructor == String) { |
34 | varvalue; | 32 | varvalue; |
35 | varstringLength; | 33 | varstringLength; |
36 | var numberOfWords; | 34 | var numberOfWords; |
37 | vari,c; | 35 | vari,c; |
38 | 36 | ||
39 | if (aBase != 16) { | 37 | if (aBase != 16) { |
40 | throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase; | 38 | throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase; |
41 | } | 39 | } |
42 | 40 | ||
43 | value = aValue.replace(/ /g, ''); | 41 | value = aValue.replace(/ /g, ''); |
44 | stringLength = value.length; | 42 | stringLength = value.length; |
45 | numberOfWords = Math.ceil(stringLength / 8); | 43 | numberOfWords = Math.ceil(stringLength / 8); |
46 | this._value = new Array(numberOfWords); | 44 | this._value = new Array(numberOfWords); |
47 | 45 | ||
48 | c = numberOfWords; | 46 | c = numberOfWords; |
49 | for (i=0; i<c; i++) { | 47 | for (i=0; i<c; i++) { |
50 | varword; | 48 | varword; |
51 | 49 | ||
52 | if (i < (c-1)) { | 50 | if (i < (c-1)) { |
53 | word = parseInt(value.substr(stringLength-((i+1)*8), 8), 16); | 51 | word = parseInt(value.substr(stringLength-((i+1)*8), 8), 16); |
54 | } else { | 52 | } else { |
55 | word = parseInt(value.substr(0, stringLength-(i*8)), 16); | 53 | word = parseInt(value.substr(0, stringLength-(i*8)), 16); |
56 | } | 54 | } |
57 | 55 | ||
58 | this._value[i] = word; | 56 | this._value[i] = word; |
59 | } | 57 | } |
60 | } else if (aValue.constructor == Array) { | 58 | } else if (aValue.constructor == Array) { |
61 | var itemsToCopy; | 59 | var itemsToCopy; |
62 | 60 | ||
63 | itemsToCopy = aValue.length; | 61 | itemsToCopy = aValue.length; |
64 | while (aValue[itemsToCopy - 1] == 0) { | 62 | while (aValue[itemsToCopy - 1] == 0) { |
65 | itemsToCopy --; | 63 | itemsToCopy --; |
66 | } | 64 | } |
67 | 65 | ||
68 | this._value = aValue.slice(0, itemsToCopy); | 66 | this._value = aValue.slice(0, itemsToCopy); |
69 | } else if (aValue.constructor == Number) { | 67 | } else if (aValue.constructor == Number) { |
70 | this._value = [aValue]; | 68 | this._value = [aValue]; |
71 | } else { | 69 | } else { |
72 | // throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType; | 70 | // throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType; |
73 | } | 71 | } |
74 | 72 | ||
75 | return this; | 73 | return this; |
76 | } | 74 | } |
77 | 75 | ||
78 | Clipperz.Crypto.ECC.BinaryField.Value.prototype = MochiKit.Base.update(null, { | 76 | Clipperz.Crypto.ECC.BinaryField.Value.prototype = MochiKit.Base.update(null, { |
79 | 77 | ||
80 | 'value': function() { | 78 | 'value': function() { |
81 | return this._value; | 79 | return this._value; |
82 | }, | 80 | }, |
83 | 81 | ||
84 | //----------------------------------------------------------------------------- | 82 | //----------------------------------------------------------------------------- |
85 | 83 | ||
86 | 'wordSize': function() { | 84 | 'wordSize': function() { |
87 | return this._value.length | 85 | return this._value.length |
88 | }, | 86 | }, |
89 | 87 | ||
90 | //----------------------------------------------------------------------------- | 88 | //----------------------------------------------------------------------------- |
91 | 89 | ||
92 | 'clone': function() { | 90 | 'clone': function() { |
93 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._value.slice(0)); | 91 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._value.slice(0)); |
94 | }, | 92 | }, |
95 | 93 | ||
96 | //----------------------------------------------------------------------------- | 94 | //----------------------------------------------------------------------------- |
97 | 95 | ||
98 | 'isZero': function() { | 96 | 'isZero': function() { |
99 | return (this.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) == 0); | 97 | return (this.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) == 0); |
100 | }, | 98 | }, |
101 | 99 | ||
102 | //----------------------------------------------------------------------------- | 100 | //----------------------------------------------------------------------------- |
103 | 101 | ||
104 | 'asString': function(aBase) { | 102 | 'asString': function(aBase) { |
105 | varresult; | 103 | varresult; |
106 | var i,c; | 104 | var i,c; |
107 | 105 | ||
108 | if (aBase != 16) { | 106 | if (aBase != 16) { |
109 | throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase; | 107 | throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase; |
110 | } | 108 | } |
111 | 109 | ||
112 | result = ""; | 110 | result = ""; |
113 | c = this.wordSize(); | 111 | c = this.wordSize(); |
114 | for (i=0; i<c; i++) { | 112 | for (i=0; i<c; i++) { |
115 | varwordAsString; | 113 | varwordAsString; |
116 | 114 | ||
117 | // wordAsString = ("00000000" + this.value()[i].toString(16)); | 115 | // wordAsString = ("00000000" + this.value()[i].toString(16)); |
118 | wordAsString = ("00000000" + this._value[i].toString(16)); | 116 | wordAsString = ("00000000" + this._value[i].toString(16)); |
119 | wordAsString = wordAsString.substring(wordAsString.length - 8); | 117 | wordAsString = wordAsString.substring(wordAsString.length - 8); |
120 | result = wordAsString + result; | 118 | result = wordAsString + result; |
121 | } | 119 | } |
122 | 120 | ||
123 | result = result.replace(/^(00)*/, ""); | 121 | result = result.replace(/^(00)*/, ""); |
124 | 122 | ||
125 | if (result == "") { | 123 | if (result == "") { |
126 | result = "0"; | 124 | result = "0"; |
127 | } | 125 | } |
128 | 126 | ||
129 | return result; | 127 | return result; |
130 | }, | 128 | }, |
131 | 129 | ||
132 | //----------------------------------------------------------------------------- | 130 | //----------------------------------------------------------------------------- |
133 | 131 | ||
134 | 'shiftLeft': function(aNumberOfBitsToShift) { | 132 | 'shiftLeft': function(aNumberOfBitsToShift) { |
135 | return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this._value, aNumberOfBitsToShift)); | 133 | return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this._value, aNumberOfBitsToShift)); |
136 | }, | 134 | }, |
137 | 135 | ||
138 | //----------------------------------------------------------------------------- | 136 | //----------------------------------------------------------------------------- |
139 | 137 | ||
140 | 'bitSize': function() { | 138 | 'bitSize': function() { |
141 | return Clipperz.Crypto.ECC.BinaryField.Value._bitSize(this._value); | 139 | return Clipperz.Crypto.ECC.BinaryField.Value._bitSize(this._value); |
142 | }, | 140 | }, |
143 | 141 | ||
144 | //----------------------------------------------------------------------------- | 142 | //----------------------------------------------------------------------------- |
145 | 143 | ||
146 | 'isBitSet': function(aBitPosition) { | 144 | 'isBitSet': function(aBitPosition) { |
147 | return Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(this._value, aBitPosition); | 145 | return Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(this._value, aBitPosition); |
148 | }, | 146 | }, |
149 | 147 | ||
150 | //----------------------------------------------------------------------------- | 148 | //----------------------------------------------------------------------------- |
151 | 149 | ||
152 | 'xor': function(aValue) { | 150 | 'xor': function(aValue) { |
153 | return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._xor(this._value, aValue._value)); | 151 | return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._xor(this._value, aValue._value)); |
154 | }, | 152 | }, |
155 | 153 | ||
156 | //----------------------------------------------------------------------------- | 154 | //----------------------------------------------------------------------------- |
157 | 155 | ||
158 | 'compare': function(aValue) { | 156 | 'compare': function(aValue) { |
159 | return Clipperz.Crypto.ECC.BinaryField.Value._compare(this._value, aValue._value); | 157 | return Clipperz.Crypto.ECC.BinaryField.Value._compare(this._value, aValue._value); |
160 | }, | 158 | }, |
161 | 159 | ||
162 | //----------------------------------------------------------------------------- | 160 | //----------------------------------------------------------------------------- |
163 | __syntaxFix__: "syntax fix" | 161 | __syntaxFix__: "syntax fix" |
164 | }); | 162 | }); |
165 | 163 | ||
166 | Clipperz.Crypto.ECC.BinaryField.Value.O = new Clipperz.Crypto.ECC.BinaryField.Value('0', 16); | 164 | Clipperz.Crypto.ECC.BinaryField.Value.O = new Clipperz.Crypto.ECC.BinaryField.Value('0', 16); |
167 | Clipperz.Crypto.ECC.BinaryField.Value.I = new Clipperz.Crypto.ECC.BinaryField.Value('1', 16); | 165 | Clipperz.Crypto.ECC.BinaryField.Value.I = new Clipperz.Crypto.ECC.BinaryField.Value('1', 16); |
168 | 166 | ||
169 | Clipperz.Crypto.ECC.BinaryField.Value._xor = function(a, b, aFirstItemOffset) { | 167 | Clipperz.Crypto.ECC.BinaryField.Value._xor = function(a, b, aFirstItemOffset) { |
170 | var result; | 168 | var result; |
171 | var resultSize; | 169 | var resultSize; |
172 | var i,c; | 170 | var i,c; |
173 | var firstItemOffset; | 171 | var firstItemOffset; |
174 | 172 | ||
175 | firstItemOffset = aFirstItemOffset || 0; | 173 | firstItemOffset = aFirstItemOffset || 0; |
176 | resultSize = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset; | 174 | resultSize = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset; |
177 | 175 | ||
178 | result = new Array(resultSize); | 176 | result = new Array(resultSize); |
179 | 177 | ||
180 | c = firstItemOffset; | 178 | c = firstItemOffset; |
181 | for (i=0; i<c; i++) { | 179 | for (i=0; i<c; i++) { |
182 | result[i] = a[i]; | 180 | result[i] = a[i]; |
183 | } | 181 | } |
184 | 182 | ||
185 | c = resultSize; | 183 | c = resultSize; |
186 | for (i=firstItemOffset; i<c; i++) { | 184 | for (i=firstItemOffset; i<c; i++) { |
187 | result[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0); | 185 | result[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0); |
188 | } | 186 | } |
189 | 187 | ||
190 | return result; | 188 | return result; |
191 | }; | 189 | }; |
192 | 190 | ||
193 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor = function(a, b, aFirstItemOffset) { | 191 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor = function(a, b, aFirstItemOffset) { |
194 | var i,c; | 192 | var i,c; |
195 | var firstItemOffset; | 193 | var firstItemOffset; |
196 | 194 | ||
197 | firstItemOffset = aFirstItemOffset || 0; | 195 | firstItemOffset = aFirstItemOffset || 0; |
198 | 196 | ||
199 | c = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset; | 197 | c = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset; |
200 | for (i=firstItemOffset; i<c; i++) { | 198 | for (i=firstItemOffset; i<c; i++) { |
201 | a[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0); | 199 | a[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0); |
202 | } | 200 | } |
203 | }; | 201 | }; |
204 | 202 | ||
205 | Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft = function(aWordArray, aNumberOfBitsToShift) { | 203 | Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft = function(aWordArray, aNumberOfBitsToShift) { |
206 | var numberOfWordsToShift; | 204 | var numberOfWordsToShift; |
207 | varnumberOfBitsToShift; | 205 | varnumberOfBitsToShift; |
208 | var result; | 206 | var result; |
209 | varoverflowValue; | 207 | varoverflowValue; |
210 | vari,c; | 208 | vari,c; |
211 | 209 | ||
212 | numberOfWordsToShift = Math.floor(aNumberOfBitsToShift / 32); | 210 | numberOfWordsToShift = Math.floor(aNumberOfBitsToShift / 32); |
213 | numberOfBitsToShift = aNumberOfBitsToShift % 32; | 211 | numberOfBitsToShift = aNumberOfBitsToShift % 32; |
214 | 212 | ||
diff --git a/frontend/beta/js/Clipperz/Crypto/PRNG.js b/frontend/beta/js/Clipperz/Crypto/PRNG.js index 39d0045..b5c3f8a 100644 --- a/frontend/beta/js/Clipperz/Crypto/PRNG.js +++ b/frontend/beta/js/Clipperz/Crypto/PRNG.js | |||
@@ -1,214 +1,212 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!"; | 25 | throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!"; |
28 | } | 26 | } |
29 | 27 | ||
30 | try { if (typeof(Clipperz.Crypto.SHA) == 'undefined') { throw ""; }} catch (e) { | 28 | try { if (typeof(Clipperz.Crypto.SHA) == 'undefined') { throw ""; }} catch (e) { |
31 | throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.SHA!"; | 29 | throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.SHA!"; |
32 | } | 30 | } |
33 | 31 | ||
34 | try { if (typeof(Clipperz.Crypto.AES) == 'undefined') { throw ""; }} catch (e) { | 32 | try { if (typeof(Clipperz.Crypto.AES) == 'undefined') { throw ""; }} catch (e) { |
35 | throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.AES!"; | 33 | throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.AES!"; |
36 | } | 34 | } |
37 | 35 | ||
38 | if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { Clipperz.Crypto.PRNG = {}; } | 36 | if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { Clipperz.Crypto.PRNG = {}; } |
39 | 37 | ||
40 | //############################################################################# | 38 | //############################################################################# |
41 | 39 | ||
42 | Clipperz.Crypto.PRNG.EntropyAccumulator = function(args) { | 40 | Clipperz.Crypto.PRNG.EntropyAccumulator = function(args) { |
43 | args = args || {}; | 41 | args = args || {}; |
44 | //MochiKit.Base.bindMethods(this); | 42 | //MochiKit.Base.bindMethods(this); |
45 | 43 | ||
46 | this._stack = new Clipperz.ByteArray(); | 44 | this._stack = new Clipperz.ByteArray(); |
47 | this._maxStackLengthBeforeHashing = args.maxStackLengthBeforeHashing || 256; | 45 | this._maxStackLengthBeforeHashing = args.maxStackLengthBeforeHashing || 256; |
48 | return this; | 46 | return this; |
49 | } | 47 | } |
50 | 48 | ||
51 | Clipperz.Crypto.PRNG.EntropyAccumulator.prototype = MochiKit.Base.update(null, { | 49 | Clipperz.Crypto.PRNG.EntropyAccumulator.prototype = MochiKit.Base.update(null, { |
52 | 50 | ||
53 | 'toString': function() { | 51 | 'toString': function() { |
54 | return "Clipperz.Crypto.PRNG.EntropyAccumulator"; | 52 | return "Clipperz.Crypto.PRNG.EntropyAccumulator"; |
55 | }, | 53 | }, |
56 | 54 | ||
57 | //------------------------------------------------------------------------- | 55 | //------------------------------------------------------------------------- |
58 | 56 | ||
59 | 'stack': function() { | 57 | 'stack': function() { |
60 | return this._stack; | 58 | return this._stack; |
61 | }, | 59 | }, |
62 | 60 | ||
63 | 'setStack': function(aValue) { | 61 | 'setStack': function(aValue) { |
64 | this._stack = aValue; | 62 | this._stack = aValue; |
65 | }, | 63 | }, |
66 | 64 | ||
67 | 'resetStack': function() { | 65 | 'resetStack': function() { |
68 | this.stack().reset(); | 66 | this.stack().reset(); |
69 | }, | 67 | }, |
70 | 68 | ||
71 | 'maxStackLengthBeforeHashing': function() { | 69 | 'maxStackLengthBeforeHashing': function() { |
72 | return this._maxStackLengthBeforeHashing; | 70 | return this._maxStackLengthBeforeHashing; |
73 | }, | 71 | }, |
74 | 72 | ||
75 | //------------------------------------------------------------------------- | 73 | //------------------------------------------------------------------------- |
76 | 74 | ||
77 | 'addRandomByte': function(aValue) { | 75 | 'addRandomByte': function(aValue) { |
78 | this.stack().appendByte(aValue); | 76 | this.stack().appendByte(aValue); |
79 | 77 | ||
80 | if (this.stack().length() > this.maxStackLengthBeforeHashing()) { | 78 | if (this.stack().length() > this.maxStackLengthBeforeHashing()) { |
81 | this.setStack(Clipperz.Crypto.SHA.sha_d256(this.stack())); | 79 | this.setStack(Clipperz.Crypto.SHA.sha_d256(this.stack())); |
82 | } | 80 | } |
83 | }, | 81 | }, |
84 | 82 | ||
85 | //------------------------------------------------------------------------- | 83 | //------------------------------------------------------------------------- |
86 | __syntaxFix__: "syntax fix" | 84 | __syntaxFix__: "syntax fix" |
87 | }); | 85 | }); |
88 | 86 | ||
89 | //############################################################################# | 87 | //############################################################################# |
90 | 88 | ||
91 | Clipperz.Crypto.PRNG.RandomnessSource = function(args) { | 89 | Clipperz.Crypto.PRNG.RandomnessSource = function(args) { |
92 | args = args || {}; | 90 | args = args || {}; |
93 | MochiKit.Base.bindMethods(this); | 91 | MochiKit.Base.bindMethods(this); |
94 | 92 | ||
95 | this._generator = args.generator || null; | 93 | this._generator = args.generator || null; |
96 | this._sourceId = args.sourceId || null; | 94 | this._sourceId = args.sourceId || null; |
97 | this._boostMode = args.boostMode || false; | 95 | this._boostMode = args.boostMode || false; |
98 | 96 | ||
99 | this._nextPoolIndex = 0; | 97 | this._nextPoolIndex = 0; |
100 | 98 | ||
101 | return this; | 99 | return this; |
102 | } | 100 | } |
103 | 101 | ||
104 | Clipperz.Crypto.PRNG.RandomnessSource.prototype = MochiKit.Base.update(null, { | 102 | Clipperz.Crypto.PRNG.RandomnessSource.prototype = MochiKit.Base.update(null, { |
105 | 103 | ||
106 | 'generator': function() { | 104 | 'generator': function() { |
107 | return this._generator; | 105 | return this._generator; |
108 | }, | 106 | }, |
109 | 107 | ||
110 | 'setGenerator': function(aValue) { | 108 | 'setGenerator': function(aValue) { |
111 | this._generator = aValue; | 109 | this._generator = aValue; |
112 | }, | 110 | }, |
113 | 111 | ||
114 | //------------------------------------------------------------------------- | 112 | //------------------------------------------------------------------------- |
115 | 113 | ||
116 | 'boostMode': function() { | 114 | 'boostMode': function() { |
117 | return this._boostMode; | 115 | return this._boostMode; |
118 | }, | 116 | }, |
119 | 117 | ||
120 | 'setBoostMode': function(aValue) { | 118 | 'setBoostMode': function(aValue) { |
121 | this._boostMode = aValue; | 119 | this._boostMode = aValue; |
122 | }, | 120 | }, |
123 | 121 | ||
124 | //------------------------------------------------------------------------- | 122 | //------------------------------------------------------------------------- |
125 | 123 | ||
126 | 'sourceId': function() { | 124 | 'sourceId': function() { |
127 | return this._sourceId; | 125 | return this._sourceId; |
128 | }, | 126 | }, |
129 | 127 | ||
130 | 'setSourceId': function(aValue) { | 128 | 'setSourceId': function(aValue) { |
131 | this._sourceId = aValue; | 129 | this._sourceId = aValue; |
132 | }, | 130 | }, |
133 | 131 | ||
134 | //------------------------------------------------------------------------- | 132 | //------------------------------------------------------------------------- |
135 | 133 | ||
136 | 'nextPoolIndex': function() { | 134 | 'nextPoolIndex': function() { |
137 | return this._nextPoolIndex; | 135 | return this._nextPoolIndex; |
138 | }, | 136 | }, |
139 | 137 | ||
140 | 'incrementNextPoolIndex': function() { | 138 | 'incrementNextPoolIndex': function() { |
141 | this._nextPoolIndex = ((this._nextPoolIndex + 1) % this.generator().numberOfEntropyAccumulators()); | 139 | this._nextPoolIndex = ((this._nextPoolIndex + 1) % this.generator().numberOfEntropyAccumulators()); |
142 | }, | 140 | }, |
143 | 141 | ||
144 | //------------------------------------------------------------------------- | 142 | //------------------------------------------------------------------------- |
145 | 143 | ||
146 | 'updateGeneratorWithValue': function(aRandomValue) { | 144 | 'updateGeneratorWithValue': function(aRandomValue) { |
147 | if (this.generator() != null) { | 145 | if (this.generator() != null) { |
148 | this.generator().addRandomByte(this.sourceId(), this.nextPoolIndex(), aRandomValue); | 146 | this.generator().addRandomByte(this.sourceId(), this.nextPoolIndex(), aRandomValue); |
149 | this.incrementNextPoolIndex(); | 147 | this.incrementNextPoolIndex(); |
150 | } | 148 | } |
151 | }, | 149 | }, |
152 | 150 | ||
153 | //------------------------------------------------------------------------- | 151 | //------------------------------------------------------------------------- |
154 | __syntaxFix__: "syntax fix" | 152 | __syntaxFix__: "syntax fix" |
155 | }); | 153 | }); |
156 | 154 | ||
157 | //############################################################################# | 155 | //############################################################################# |
158 | 156 | ||
159 | Clipperz.Crypto.PRNG.TimeRandomnessSource = function(args) { | 157 | Clipperz.Crypto.PRNG.TimeRandomnessSource = function(args) { |
160 | args = args || {}; | 158 | args = args || {}; |
161 | //MochiKit.Base.bindMethods(this); | 159 | //MochiKit.Base.bindMethods(this); |
162 | 160 | ||
163 | this._intervalTime = args.intervalTime || 1000; | 161 | this._intervalTime = args.intervalTime || 1000; |
164 | 162 | ||
165 | Clipperz.Crypto.PRNG.RandomnessSource.call(this, args); | 163 | Clipperz.Crypto.PRNG.RandomnessSource.call(this, args); |
166 | 164 | ||
167 | this.collectEntropy(); | 165 | this.collectEntropy(); |
168 | return this; | 166 | return this; |
169 | } | 167 | } |
170 | 168 | ||
171 | Clipperz.Crypto.PRNG.TimeRandomnessSource.prototype = MochiKit.Base.update(new Clipperz.Crypto.PRNG.RandomnessSource, { | 169 | Clipperz.Crypto.PRNG.TimeRandomnessSource.prototype = MochiKit.Base.update(new Clipperz.Crypto.PRNG.RandomnessSource, { |
172 | 170 | ||
173 | 'intervalTime': function() { | 171 | 'intervalTime': function() { |
174 | return this._intervalTime; | 172 | return this._intervalTime; |
175 | }, | 173 | }, |
176 | 174 | ||
177 | //------------------------------------------------------------------------- | 175 | //------------------------------------------------------------------------- |
178 | 176 | ||
179 | 'collectEntropy': function() { | 177 | 'collectEntropy': function() { |
180 | varnow; | 178 | varnow; |
181 | varentropyByte; | 179 | varentropyByte; |
182 | var intervalTime; | 180 | var intervalTime; |
183 | now = new Date(); | 181 | now = new Date(); |
184 | entropyByte = (now.getTime() & 0xff); | 182 | entropyByte = (now.getTime() & 0xff); |
185 | 183 | ||
186 | intervalTime = this.intervalTime(); | 184 | intervalTime = this.intervalTime(); |
187 | if (this.boostMode() == true) { | 185 | if (this.boostMode() == true) { |
188 | intervalTime = intervalTime / 9; | 186 | intervalTime = intervalTime / 9; |
189 | } | 187 | } |
190 | 188 | ||
191 | this.updateGeneratorWithValue(entropyByte); | 189 | this.updateGeneratorWithValue(entropyByte); |
192 | setTimeout(this.collectEntropy, intervalTime); | 190 | setTimeout(this.collectEntropy, intervalTime); |
193 | }, | 191 | }, |
194 | 192 | ||
195 | //------------------------------------------------------------------------- | 193 | //------------------------------------------------------------------------- |
196 | 194 | ||
197 | 'numberOfRandomBits': function() { | 195 | 'numberOfRandomBits': function() { |
198 | return 5; | 196 | return 5; |
199 | }, | 197 | }, |
200 | 198 | ||
201 | //------------------------------------------------------------------------- | 199 | //------------------------------------------------------------------------- |
202 | 200 | ||
203 | 'pollingFrequency': function() { | 201 | 'pollingFrequency': function() { |
204 | return 10; | 202 | return 10; |
205 | }, | 203 | }, |
206 | 204 | ||
207 | //------------------------------------------------------------------------- | 205 | //------------------------------------------------------------------------- |
208 | __syntaxFix__: "syntax fix" | 206 | __syntaxFix__: "syntax fix" |
209 | }); | 207 | }); |
210 | 208 | ||
211 | //***************************************************************************** | 209 | //***************************************************************************** |
212 | 210 | ||
213 | Clipperz.Crypto.PRNG.MouseRandomnessSource = function(args) { | 211 | Clipperz.Crypto.PRNG.MouseRandomnessSource = function(args) { |
214 | args = args || {}; | 212 | args = args || {}; |
diff --git a/frontend/beta/js/Clipperz/Crypto/RSA.js b/frontend/beta/js/Clipperz/Crypto/RSA.js index 6844dba..5a480f1 100644 --- a/frontend/beta/js/Clipperz/Crypto/RSA.js +++ b/frontend/beta/js/Clipperz/Crypto/RSA.js | |||
@@ -1,148 +1,146 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.RSA depends on Clipperz.Crypto.BigInt!"; | 25 | throw "Clipperz.Crypto.RSA depends on Clipperz.Crypto.BigInt!"; |
28 | } | 26 | } |
29 | 27 | ||
30 | if (typeof(Clipperz.Crypto.RSA) == 'undefined') { Clipperz.Crypto.RSA = {}; } | 28 | if (typeof(Clipperz.Crypto.RSA) == 'undefined') { Clipperz.Crypto.RSA = {}; } |
31 | 29 | ||
32 | Clipperz.Crypto.RSA.VERSION = "0.1"; | 30 | Clipperz.Crypto.RSA.VERSION = "0.1"; |
33 | Clipperz.Crypto.RSA.NAME = "Clipperz.RSA"; | 31 | Clipperz.Crypto.RSA.NAME = "Clipperz.RSA"; |
34 | 32 | ||
35 | //############################################################################# | 33 | //############################################################################# |
36 | 34 | ||
37 | MochiKit.Base.update(Clipperz.Crypto.RSA, { | 35 | MochiKit.Base.update(Clipperz.Crypto.RSA, { |
38 | 36 | ||
39 | //------------------------------------------------------------------------- | 37 | //------------------------------------------------------------------------- |
40 | 38 | ||
41 | 'publicKeyWithValues': function (e, d, n) { | 39 | 'publicKeyWithValues': function (e, d, n) { |
42 | varresult; | 40 | varresult; |
43 | 41 | ||
44 | result = {}; | 42 | result = {}; |
45 | 43 | ||
46 | if (e.isBigInt) { | 44 | if (e.isBigInt) { |
47 | result.e = e; | 45 | result.e = e; |
48 | } else { | 46 | } else { |
49 | result.e = new Clipperz.Crypto.BigInt(e, 16); | 47 | result.e = new Clipperz.Crypto.BigInt(e, 16); |
50 | } | 48 | } |
51 | 49 | ||
52 | if (d.isBigInt) { | 50 | if (d.isBigInt) { |
53 | result.d = d; | 51 | result.d = d; |
54 | } else { | 52 | } else { |
55 | result.d = new Clipperz.Crypto.BigInt(d, 16); | 53 | result.d = new Clipperz.Crypto.BigInt(d, 16); |
56 | } | 54 | } |
57 | 55 | ||
58 | if (n.isBigInt) { | 56 | if (n.isBigInt) { |
59 | result.n = n; | 57 | result.n = n; |
60 | } else { | 58 | } else { |
61 | result.n = new Clipperz.Crypto.BigInt(n, 16); | 59 | result.n = new Clipperz.Crypto.BigInt(n, 16); |
62 | } | 60 | } |
63 | 61 | ||
64 | return result; | 62 | return result; |
65 | }, | 63 | }, |
66 | 64 | ||
67 | 'privateKeyWithValues': function(e, d, n) { | 65 | 'privateKeyWithValues': function(e, d, n) { |
68 | return Clipperz.Crypto.RSA.publicKeyWithValues(e, d, n); | 66 | return Clipperz.Crypto.RSA.publicKeyWithValues(e, d, n); |
69 | }, | 67 | }, |
70 | 68 | ||
71 | //----------------------------------------------------------------------------- | 69 | //----------------------------------------------------------------------------- |
72 | 70 | ||
73 | 'encryptUsingPublicKey': function (aKey, aMessage) { | 71 | 'encryptUsingPublicKey': function (aKey, aMessage) { |
74 | varmessageValue; | 72 | varmessageValue; |
75 | varresult; | 73 | varresult; |
76 | 74 | ||
77 | messageValue = new Clipperz.Crypto.BigInt(aMessage, 16); | 75 | messageValue = new Clipperz.Crypto.BigInt(aMessage, 16); |
78 | result = messageValue.powerModule(aKey.e, aKey.n); | 76 | result = messageValue.powerModule(aKey.e, aKey.n); |
79 | 77 | ||
80 | return result.asString(16); | 78 | return result.asString(16); |
81 | }, | 79 | }, |
82 | 80 | ||
83 | //............................................................................. | 81 | //............................................................................. |
84 | 82 | ||
85 | 'decryptUsingPublicKey': function (aKey, aMessage) { | 83 | 'decryptUsingPublicKey': function (aKey, aMessage) { |
86 | return Clipperz.Crypto.RSA.encryptUsingPublicKey(aKey, aMessage); | 84 | return Clipperz.Crypto.RSA.encryptUsingPublicKey(aKey, aMessage); |
87 | }, | 85 | }, |
88 | 86 | ||
89 | //----------------------------------------------------------------------------- | 87 | //----------------------------------------------------------------------------- |
90 | 88 | ||
91 | 'encryptUsingPrivateKey': function (aKey, aMessage) { | 89 | 'encryptUsingPrivateKey': function (aKey, aMessage) { |
92 | varmessageValue; | 90 | varmessageValue; |
93 | varresult; | 91 | varresult; |
94 | 92 | ||
95 | messageValue = new Clipperz.Crypto.BigInt(aMessage, 16); | 93 | messageValue = new Clipperz.Crypto.BigInt(aMessage, 16); |
96 | result = messageValue.powerModule(aKey.d, aKey.n); | 94 | result = messageValue.powerModule(aKey.d, aKey.n); |
97 | 95 | ||
98 | return result.asString(16); | 96 | return result.asString(16); |
99 | }, | 97 | }, |
100 | 98 | ||
101 | //............................................................................. | 99 | //............................................................................. |
102 | 100 | ||
103 | 'decryptUsingPrivateKey': function (aKey, aMessage) { | 101 | 'decryptUsingPrivateKey': function (aKey, aMessage) { |
104 | return Clipperz.Crypto.RSA.encryptUsingPrivateKey(aKey, aMessage); | 102 | return Clipperz.Crypto.RSA.encryptUsingPrivateKey(aKey, aMessage); |
105 | }, | 103 | }, |
106 | 104 | ||
107 | //----------------------------------------------------------------------------- | 105 | //----------------------------------------------------------------------------- |
108 | 106 | ||
109 | 'generatePublicKey': function(aNumberOfBits) { | 107 | 'generatePublicKey': function(aNumberOfBits) { |
110 | varresult; | 108 | varresult; |
111 | vare; | 109 | vare; |
112 | vard; | 110 | vard; |
113 | varn; | 111 | varn; |
114 | 112 | ||
115 | e = new Clipperz.Crypto.BigInt("10001", 16); | 113 | e = new Clipperz.Crypto.BigInt("10001", 16); |
116 | 114 | ||
117 | { | 115 | { |
118 | var p, q; | 116 | var p, q; |
119 | varphi; | 117 | varphi; |
120 | 118 | ||
121 | do { | 119 | do { |
122 | p = Clipperz.Crypto.BigInt.randomPrime(aNumberOfBits); | 120 | p = Clipperz.Crypto.BigInt.randomPrime(aNumberOfBits); |
123 | } while (p.module(e).equals(1)); | 121 | } while (p.module(e).equals(1)); |
124 | 122 | ||
125 | do { | 123 | do { |
126 | q = Clipperz.Crypto.BigInt.randomPrime(aNumberOfBits); | 124 | q = Clipperz.Crypto.BigInt.randomPrime(aNumberOfBits); |
127 | } while ((q.equals(p)) || (q.module(e).equals(1))); | 125 | } while ((q.equals(p)) || (q.module(e).equals(1))); |
128 | 126 | ||
129 | n = p.multiply(q); | 127 | n = p.multiply(q); |
130 | phi = (p.subtract(1).multiply(q.subtract(1))); | 128 | phi = (p.subtract(1).multiply(q.subtract(1))); |
131 | d = e.powerModule(-1, phi); | 129 | d = e.powerModule(-1, phi); |
132 | } | 130 | } |
133 | 131 | ||
134 | result = Clipperz.Crypto.RSA.publicKeyWithValues(e, d, n); | 132 | result = Clipperz.Crypto.RSA.publicKeyWithValues(e, d, n); |
135 | 133 | ||
136 | return result; | 134 | return result; |
137 | }, | 135 | }, |
138 | 136 | ||
139 | //------------------------------------------------------------------------- | 137 | //------------------------------------------------------------------------- |
140 | 138 | ||
141 | __syntaxFix__: "syntax fix" | 139 | __syntaxFix__: "syntax fix" |
142 | 140 | ||
143 | //------------------------------------------------------------------------- | 141 | //------------------------------------------------------------------------- |
144 | 142 | ||
145 | }); | 143 | }); |
146 | 144 | ||
147 | //############################################################################# | 145 | //############################################################################# |
148 | 146 | ||
diff --git a/frontend/beta/js/Clipperz/Crypto/SHA.js b/frontend/beta/js/Clipperz/Crypto/SHA.js index 635eb90..9605d1c 100644 --- a/frontend/beta/js/Clipperz/Crypto/SHA.js +++ b/frontend/beta/js/Clipperz/Crypto/SHA.js | |||
@@ -1,214 +1,212 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!"; | 25 | throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!"; |
28 | } | 26 | } |
29 | 27 | ||
30 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } | 28 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } |
31 | if (typeof(Clipperz.Crypto.SHA) == 'undefined') { Clipperz.Crypto.SHA = {}; } | 29 | if (typeof(Clipperz.Crypto.SHA) == 'undefined') { Clipperz.Crypto.SHA = {}; } |
32 | 30 | ||
33 | Clipperz.Crypto.SHA.VERSION = "0.3"; | 31 | Clipperz.Crypto.SHA.VERSION = "0.3"; |
34 | Clipperz.Crypto.SHA.NAME = "Clipperz.Crypto.SHA"; | 32 | Clipperz.Crypto.SHA.NAME = "Clipperz.Crypto.SHA"; |
35 | 33 | ||
36 | MochiKit.Base.update(Clipperz.Crypto.SHA, { | 34 | MochiKit.Base.update(Clipperz.Crypto.SHA, { |
37 | 35 | ||
38 | '__repr__': function () { | 36 | '__repr__': function () { |
39 | return "[" + this.NAME + " " + this.VERSION + "]"; | 37 | return "[" + this.NAME + " " + this.VERSION + "]"; |
40 | }, | 38 | }, |
41 | 39 | ||
42 | 'toString': function () { | 40 | 'toString': function () { |
43 | return this.__repr__(); | 41 | return this.__repr__(); |
44 | }, | 42 | }, |
45 | 43 | ||
46 | //----------------------------------------------------------------------------- | 44 | //----------------------------------------------------------------------------- |
47 | 45 | ||
48 | 'rotateRight': function(aValue, aNumberOfBits) { | 46 | 'rotateRight': function(aValue, aNumberOfBits) { |
49 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.rotateRight"); | 47 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.rotateRight"); |
50 | var result; | 48 | var result; |
51 | 49 | ||
52 | result = (aValue >>> aNumberOfBits) | (aValue << (32 - aNumberOfBits)); | 50 | result = (aValue >>> aNumberOfBits) | (aValue << (32 - aNumberOfBits)); |
53 | 51 | ||
54 | //Clipperz.Profile.stop("Clipperz.Crypto.SHA.rotateRight"); | 52 | //Clipperz.Profile.stop("Clipperz.Crypto.SHA.rotateRight"); |
55 | return result; | 53 | return result; |
56 | }, | 54 | }, |
57 | 55 | ||
58 | 'shiftRight': function(aValue, aNumberOfBits) { | 56 | 'shiftRight': function(aValue, aNumberOfBits) { |
59 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.shiftRight"); | 57 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.shiftRight"); |
60 | var result; | 58 | var result; |
61 | 59 | ||
62 | result = aValue >>> aNumberOfBits; | 60 | result = aValue >>> aNumberOfBits; |
63 | 61 | ||
64 | //Clipperz.Profile.stop("Clipperz.Crypto.SHA.shiftRight"); | 62 | //Clipperz.Profile.stop("Clipperz.Crypto.SHA.shiftRight"); |
65 | return result; | 63 | return result; |
66 | }, | 64 | }, |
67 | 65 | ||
68 | //----------------------------------------------------------------------------- | 66 | //----------------------------------------------------------------------------- |
69 | 67 | ||
70 | 'safeAdd': function() { | 68 | 'safeAdd': function() { |
71 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.safeAdd"); | 69 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.safeAdd"); |
72 | varresult; | 70 | varresult; |
73 | vari, c; | 71 | vari, c; |
74 | 72 | ||
75 | result = arguments[0]; | 73 | result = arguments[0]; |
76 | c = arguments.length; | 74 | c = arguments.length; |
77 | for (i=1; i<c; i++) { | 75 | for (i=1; i<c; i++) { |
78 | varlowerBytesSum; | 76 | varlowerBytesSum; |
79 | 77 | ||
80 | lowerBytesSum = (result & 0xffff) + (arguments[i] & 0xffff); | 78 | lowerBytesSum = (result & 0xffff) + (arguments[i] & 0xffff); |
81 | result = (((result >> 16) + (arguments[i] >> 16) + (lowerBytesSum >> 16)) << 16) | (lowerBytesSum & 0xffff); | 79 | result = (((result >> 16) + (arguments[i] >> 16) + (lowerBytesSum >> 16)) << 16) | (lowerBytesSum & 0xffff); |
82 | } | 80 | } |
83 | 81 | ||
84 | //Clipperz.Profile.stop("Clipperz.Crypto.SHA.safeAdd"); | 82 | //Clipperz.Profile.stop("Clipperz.Crypto.SHA.safeAdd"); |
85 | return result; | 83 | return result; |
86 | }, | 84 | }, |
87 | 85 | ||
88 | //----------------------------------------------------------------------------- | 86 | //----------------------------------------------------------------------------- |
89 | 87 | ||
90 | 'sha256_array': function(aValue) { | 88 | 'sha256_array': function(aValue) { |
91 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.sha256_array"); | 89 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.sha256_array"); |
92 | varresult; | 90 | varresult; |
93 | varmessage; | 91 | varmessage; |
94 | var h0, h1, h2, h3, h4, h5, h6, h7; | 92 | var h0, h1, h2, h3, h4, h5, h6, h7; |
95 | vark; | 93 | vark; |
96 | varmessageLength; | 94 | varmessageLength; |
97 | varmessageLengthInBits; | 95 | varmessageLengthInBits; |
98 | var_i, _c; | 96 | var_i, _c; |
99 | var charBits; | 97 | var charBits; |
100 | var rotateRight; | 98 | var rotateRight; |
101 | var shiftRight; | 99 | var shiftRight; |
102 | var safeAdd; | 100 | var safeAdd; |
103 | varbytesPerBlock; | 101 | varbytesPerBlock; |
104 | var currentMessageIndex; | 102 | var currentMessageIndex; |
105 | 103 | ||
106 | bytesPerBlock = 512/8; | 104 | bytesPerBlock = 512/8; |
107 | rotateRight = Clipperz.Crypto.SHA.rotateRight; | 105 | rotateRight = Clipperz.Crypto.SHA.rotateRight; |
108 | shiftRight = Clipperz.Crypto.SHA.shiftRight; | 106 | shiftRight = Clipperz.Crypto.SHA.shiftRight; |
109 | safeAdd = Clipperz.Crypto.SHA.safeAdd; | 107 | safeAdd = Clipperz.Crypto.SHA.safeAdd; |
110 | 108 | ||
111 | charBits = 8; | 109 | charBits = 8; |
112 | 110 | ||
113 | h0 = 0x6a09e667; | 111 | h0 = 0x6a09e667; |
114 | h1 = 0xbb67ae85; | 112 | h1 = 0xbb67ae85; |
115 | h2 = 0x3c6ef372; | 113 | h2 = 0x3c6ef372; |
116 | h3 = 0xa54ff53a; | 114 | h3 = 0xa54ff53a; |
117 | h4 = 0x510e527f; | 115 | h4 = 0x510e527f; |
118 | h5 = 0x9b05688c; | 116 | h5 = 0x9b05688c; |
119 | h6 = 0x1f83d9ab; | 117 | h6 = 0x1f83d9ab; |
120 | h7 = 0x5be0cd19; | 118 | h7 = 0x5be0cd19; |
121 | 119 | ||
122 | k = [0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, | 120 | k = [0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, |
123 | 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, | 121 | 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, |
124 | 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, | 122 | 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, |
125 | 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, | 123 | 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, |
126 | 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, | 124 | 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, |
127 | 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, | 125 | 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, |
128 | 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, | 126 | 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, |
129 | 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2]; | 127 | 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2]; |
130 | 128 | ||
131 | message = aValue; | 129 | message = aValue; |
132 | messageLength = message.length; | 130 | messageLength = message.length; |
133 | 131 | ||
134 | //Pre-processing: | 132 | //Pre-processing: |
135 | message.push(0x80); //append a single "1" bit to message | 133 | message.push(0x80); //append a single "1" bit to message |
136 | 134 | ||
137 | _c = (512 - (((messageLength + 1) * charBits) % 512) - 64) / charBits; | 135 | _c = (512 - (((messageLength + 1) * charBits) % 512) - 64) / charBits; |
138 | for (_i=0; _i<_c; _i++) { | 136 | for (_i=0; _i<_c; _i++) { |
139 | message.push(0x00); //append "0" bits until message length ≡ 448 ≡ -64 (mod 512) | 137 | message.push(0x00); //append "0" bits until message length ≡ 448 ≡ -64 (mod 512) |
140 | } | 138 | } |
141 | messageLengthInBits = messageLength * charBits; | 139 | messageLengthInBits = messageLength * charBits; |
142 | message.push(0x00); //the 4 most high byte are alway 0 as message length is represented with a 32bit value; | 140 | message.push(0x00); //the 4 most high byte are alway 0 as message length is represented with a 32bit value; |
143 | message.push(0x00); | 141 | message.push(0x00); |
144 | message.push(0x00); | 142 | message.push(0x00); |
145 | message.push(0x00); | 143 | message.push(0x00); |
146 | message.push((messageLengthInBits >> 24)& 0xff); | 144 | message.push((messageLengthInBits >> 24)& 0xff); |
147 | message.push((messageLengthInBits >> 16)& 0xff); | 145 | message.push((messageLengthInBits >> 16)& 0xff); |
148 | message.push((messageLengthInBits >> 8) & 0xff); | 146 | message.push((messageLengthInBits >> 8) & 0xff); |
149 | message.push( messageLengthInBits & 0xff); | 147 | message.push( messageLengthInBits & 0xff); |
150 | 148 | ||
151 | currentMessageIndex = 0; | 149 | currentMessageIndex = 0; |
152 | while(currentMessageIndex < message.length) { | 150 | while(currentMessageIndex < message.length) { |
153 | varw; | 151 | varw; |
154 | vara, b, c, d, e, f, g, h; | 152 | vara, b, c, d, e, f, g, h; |
155 | 153 | ||
156 | w = Array(64); | 154 | w = Array(64); |
157 | 155 | ||
158 | _c = 16; | 156 | _c = 16; |
159 | for (_i=0; _i<_c; _i++) { | 157 | for (_i=0; _i<_c; _i++) { |
160 | var _j; | 158 | var _j; |
161 | 159 | ||
162 | _j = currentMessageIndex + _i*4; | 160 | _j = currentMessageIndex + _i*4; |
163 | w[_i] = (message[_j] << 24) | (message[_j + 1] << 16) | (message[_j + 2] << 8) | (message[_j + 3] << 0); | 161 | w[_i] = (message[_j] << 24) | (message[_j + 1] << 16) | (message[_j + 2] << 8) | (message[_j + 3] << 0); |
164 | } | 162 | } |
165 | 163 | ||
166 | _c = 64; | 164 | _c = 64; |
167 | for (_i=16; _i<_c; _i++) { | 165 | for (_i=16; _i<_c; _i++) { |
168 | vars0, s1; | 166 | vars0, s1; |
169 | 167 | ||
170 | s0 = (rotateRight(w[_i-15], 7)) ^ (rotateRight(w[_i-15], 18)) ^ (shiftRight(w[_i-15], 3)); | 168 | s0 = (rotateRight(w[_i-15], 7)) ^ (rotateRight(w[_i-15], 18)) ^ (shiftRight(w[_i-15], 3)); |
171 | s1 = (rotateRight(w[_i-2], 17)) ^ (rotateRight(w[_i-2], 19)) ^ (shiftRight(w[_i-2], 10)); | 169 | s1 = (rotateRight(w[_i-2], 17)) ^ (rotateRight(w[_i-2], 19)) ^ (shiftRight(w[_i-2], 10)); |
172 | w[_i] = safeAdd(w[_i-16], s0, w[_i-7], s1); | 170 | w[_i] = safeAdd(w[_i-16], s0, w[_i-7], s1); |
173 | } | 171 | } |
174 | 172 | ||
175 | a=h0; b=h1; c=h2; d=h3; e=h4; f=h5; g=h6; h=h7; | 173 | a=h0; b=h1; c=h2; d=h3; e=h4; f=h5; g=h6; h=h7; |
176 | 174 | ||
177 | _c = 64; | 175 | _c = 64; |
178 | for (_i=0; _i<_c; _i++) { | 176 | for (_i=0; _i<_c; _i++) { |
179 | var s0, s1, ch, maj, t1, t2; | 177 | var s0, s1, ch, maj, t1, t2; |
180 | 178 | ||
181 | s0 = (rotateRight(a, 2)) ^ (rotateRight(a, 13)) ^ (rotateRight(a, 22)); | 179 | s0 = (rotateRight(a, 2)) ^ (rotateRight(a, 13)) ^ (rotateRight(a, 22)); |
182 | maj = (a & b) ^ (a & c) ^ (b & c); | 180 | maj = (a & b) ^ (a & c) ^ (b & c); |
183 | t2 = safeAdd(s0, maj); | 181 | t2 = safeAdd(s0, maj); |
184 | s1 = (rotateRight(e, 6)) ^ (rotateRight(e, 11)) ^ (rotateRight(e, 25)); | 182 | s1 = (rotateRight(e, 6)) ^ (rotateRight(e, 11)) ^ (rotateRight(e, 25)); |
185 | ch = (e & f) ^ ((~e) & g); | 183 | ch = (e & f) ^ ((~e) & g); |
186 | t1 = safeAdd(h, s1, ch, k[_i], w[_i]); | 184 | t1 = safeAdd(h, s1, ch, k[_i], w[_i]); |
187 | 185 | ||
188 | h = g; | 186 | h = g; |
189 | g = f; | 187 | g = f; |
190 | f = e; | 188 | f = e; |
191 | e = safeAdd(d, t1); | 189 | e = safeAdd(d, t1); |
192 | d = c; | 190 | d = c; |
193 | c = b; | 191 | c = b; |
194 | b = a; | 192 | b = a; |
195 | a = safeAdd(t1, t2); | 193 | a = safeAdd(t1, t2); |
196 | } | 194 | } |
197 | 195 | ||
198 | h0 = safeAdd(h0, a); | 196 | h0 = safeAdd(h0, a); |
199 | h1 = safeAdd(h1, b); | 197 | h1 = safeAdd(h1, b); |
200 | h2 = safeAdd(h2, c); | 198 | h2 = safeAdd(h2, c); |
201 | h3 = safeAdd(h3, d); | 199 | h3 = safeAdd(h3, d); |
202 | h4 = safeAdd(h4, e); | 200 | h4 = safeAdd(h4, e); |
203 | h5 = safeAdd(h5, f); | 201 | h5 = safeAdd(h5, f); |
204 | h6 = safeAdd(h6, g); | 202 | h6 = safeAdd(h6, g); |
205 | h7 = safeAdd(h7, h); | 203 | h7 = safeAdd(h7, h); |
206 | 204 | ||
207 | currentMessageIndex += bytesPerBlock; | 205 | currentMessageIndex += bytesPerBlock; |
208 | } | 206 | } |
209 | 207 | ||
210 | result = new Array(256/8); | 208 | result = new Array(256/8); |
211 | result[0] = (h0 >> 24)& 0xff; | 209 | result[0] = (h0 >> 24)& 0xff; |
212 | result[1] = (h0 >> 16)& 0xff; | 210 | result[1] = (h0 >> 16)& 0xff; |
213 | result[2] = (h0 >> 8)& 0xff; | 211 | result[2] = (h0 >> 8)& 0xff; |
214 | result[3] = h0 & 0xff; | 212 | result[3] = h0 & 0xff; |
diff --git a/frontend/beta/js/Clipperz/Crypto/SRP.js b/frontend/beta/js/Clipperz/Crypto/SRP.js index 3b25275..8cc80ba 100644 --- a/frontend/beta/js/Clipperz/Crypto/SRP.js +++ b/frontend/beta/js/Clipperz/Crypto/SRP.js | |||
@@ -1,214 +1,212 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!"; | 25 | throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!"; |
28 | } | 26 | } |
29 | 27 | ||
30 | try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) { | 28 | try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) { |
31 | throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.BigInt!"; | 29 | throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.BigInt!"; |
32 | } | 30 | } |
33 | 31 | ||
34 | try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) { | 32 | try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) { |
35 | throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.PRNG!"; | 33 | throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.PRNG!"; |
36 | } | 34 | } |
37 | 35 | ||
38 | if (typeof(Clipperz.Crypto.SRP) == 'undefined') { Clipperz.Crypto.SRP = {}; } | 36 | if (typeof(Clipperz.Crypto.SRP) == 'undefined') { Clipperz.Crypto.SRP = {}; } |
39 | 37 | ||
40 | Clipperz.Crypto.SRP.VERSION = "0.1"; | 38 | Clipperz.Crypto.SRP.VERSION = "0.1"; |
41 | Clipperz.Crypto.SRP.NAME = "Clipperz.Crypto.SRP"; | 39 | Clipperz.Crypto.SRP.NAME = "Clipperz.Crypto.SRP"; |
42 | 40 | ||
43 | //############################################################################# | 41 | //############################################################################# |
44 | 42 | ||
45 | MochiKit.Base.update(Clipperz.Crypto.SRP, { | 43 | MochiKit.Base.update(Clipperz.Crypto.SRP, { |
46 | 44 | ||
47 | '_n': null, | 45 | '_n': null, |
48 | '_g': null, | 46 | '_g': null, |
49 | //------------------------------------------------------------------------- | 47 | //------------------------------------------------------------------------- |
50 | 48 | ||
51 | 'n': function() { | 49 | 'n': function() { |
52 | if (Clipperz.Crypto.SRP._n == null) { | 50 | if (Clipperz.Crypto.SRP._n == null) { |
53 | Clipperz.Crypto.SRP._n = new Clipperz.Crypto.BigInt("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); | 51 | Clipperz.Crypto.SRP._n = new Clipperz.Crypto.BigInt("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); |
54 | } | 52 | } |
55 | 53 | ||
56 | return Clipperz.Crypto.SRP._n; | 54 | return Clipperz.Crypto.SRP._n; |
57 | }, | 55 | }, |
58 | 56 | ||
59 | //------------------------------------------------------------------------- | 57 | //------------------------------------------------------------------------- |
60 | 58 | ||
61 | 'g': function() { | 59 | 'g': function() { |
62 | if (Clipperz.Crypto.SRP._g == null) { | 60 | if (Clipperz.Crypto.SRP._g == null) { |
63 | Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2); //eventually 5 (as suggested on the Diffi-Helmann documentation) | 61 | Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2); //eventually 5 (as suggested on the Diffi-Helmann documentation) |
64 | } | 62 | } |
65 | 63 | ||
66 | return Clipperz.Crypto.SRP._g; | 64 | return Clipperz.Crypto.SRP._g; |
67 | }, | 65 | }, |
68 | 66 | ||
69 | //----------------------------------------------------------------------------- | 67 | //----------------------------------------------------------------------------- |
70 | 68 | ||
71 | 'exception': { | 69 | 'exception': { |
72 | 'InvalidValue': new MochiKit.Base.NamedError("Clipperz.Crypto.SRP.exception.InvalidValue") | 70 | 'InvalidValue': new MochiKit.Base.NamedError("Clipperz.Crypto.SRP.exception.InvalidValue") |
73 | }, | 71 | }, |
74 | 72 | ||
75 | //------------------------------------------------------------------------- | 73 | //------------------------------------------------------------------------- |
76 | __syntaxFix__: "syntax fix" | 74 | __syntaxFix__: "syntax fix" |
77 | 75 | ||
78 | }); | 76 | }); |
79 | 77 | ||
80 | //############################################################################# | 78 | //############################################################################# |
81 | // | 79 | // |
82 | // S R P C o n n e c t i o n version 1.0 | 80 | // S R P C o n n e c t i o n version 1.0 |
83 | // | 81 | // |
84 | //============================================================================= | 82 | //============================================================================= |
85 | Clipperz.Crypto.SRP.Connection = function (args) { | 83 | Clipperz.Crypto.SRP.Connection = function (args) { |
86 | args = args || {}; | 84 | args = args || {}; |
87 | 85 | ||
88 | this._C = args.C; | 86 | this._C = args.C; |
89 | this._P = args.P; | 87 | this._P = args.P; |
90 | this.hash = args.hash; | 88 | this.hash = args.hash; |
91 | 89 | ||
92 | this._a = null; | 90 | this._a = null; |
93 | this._A = null; | 91 | this._A = null; |
94 | 92 | ||
95 | this._s = null; | 93 | this._s = null; |
96 | this._B = null; | 94 | this._B = null; |
97 | 95 | ||
98 | this._x = null; | 96 | this._x = null; |
99 | 97 | ||
100 | this._u = null; | 98 | this._u = null; |
101 | this._K = null; | 99 | this._K = null; |
102 | this._M1 = null; | 100 | this._M1 = null; |
103 | this._M2 = null; | 101 | this._M2 = null; |
104 | 102 | ||
105 | this._sessionKey = null; | 103 | this._sessionKey = null; |
106 | 104 | ||
107 | return this; | 105 | return this; |
108 | } | 106 | } |
109 | 107 | ||
110 | Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { | 108 | Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { |
111 | 109 | ||
112 | 'toString': function () { | 110 | 'toString': function () { |
113 | return "Clipperz.Crypto.SRP.Connection (username: " + this.username() + "). Status: " + this.statusDescription(); | 111 | return "Clipperz.Crypto.SRP.Connection (username: " + this.username() + "). Status: " + this.statusDescription(); |
114 | }, | 112 | }, |
115 | 113 | ||
116 | //------------------------------------------------------------------------- | 114 | //------------------------------------------------------------------------- |
117 | 115 | ||
118 | 'C': function () { | 116 | 'C': function () { |
119 | return this._C; | 117 | return this._C; |
120 | }, | 118 | }, |
121 | 119 | ||
122 | //------------------------------------------------------------------------- | 120 | //------------------------------------------------------------------------- |
123 | 121 | ||
124 | 'P': function () { | 122 | 'P': function () { |
125 | return this._P; | 123 | return this._P; |
126 | }, | 124 | }, |
127 | 125 | ||
128 | //------------------------------------------------------------------------- | 126 | //------------------------------------------------------------------------- |
129 | 127 | ||
130 | 'a': function () { | 128 | 'a': function () { |
131 | if (this._a == null) { | 129 | if (this._a == null) { |
132 | this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16); | 130 | this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16); |
133 | // this._a = new Clipperz.Crypto.BigInt("37532428169486597638072888476611365392249575518156687476805936694442691012367", 10); | 131 | // this._a = new Clipperz.Crypto.BigInt("37532428169486597638072888476611365392249575518156687476805936694442691012367", 10); |
134 | //MochiKit.Logging.logDebug("SRP a: " + this._a); | 132 | //MochiKit.Logging.logDebug("SRP a: " + this._a); |
135 | } | 133 | } |
136 | 134 | ||
137 | return this._a; | 135 | return this._a; |
138 | }, | 136 | }, |
139 | 137 | ||
140 | //------------------------------------------------------------------------- | 138 | //------------------------------------------------------------------------- |
141 | 139 | ||
142 | 'A': function () { | 140 | 'A': function () { |
143 | if (this._A == null) { | 141 | if (this._A == null) { |
144 | //Warning: this value should be strictly greater than zero: how should we perform this check? | 142 | //Warning: this value should be strictly greater than zero: how should we perform this check? |
145 | this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n()); | 143 | this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n()); |
146 | 144 | ||
147 | if (this._A.equals(0)) { | 145 | if (this._A.equals(0)) { |
148 | MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0."); | 146 | MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0."); |
149 | throw Clipperz.Crypto.SRP.exception.InvalidValue; | 147 | throw Clipperz.Crypto.SRP.exception.InvalidValue; |
150 | } | 148 | } |
151 | //MochiKit.Logging.logDebug("SRP A: " + this._A); | 149 | //MochiKit.Logging.logDebug("SRP A: " + this._A); |
152 | } | 150 | } |
153 | 151 | ||
154 | return this._A; | 152 | return this._A; |
155 | }, | 153 | }, |
156 | 154 | ||
157 | //------------------------------------------------------------------------- | 155 | //------------------------------------------------------------------------- |
158 | 156 | ||
159 | 's': function () { | 157 | 's': function () { |
160 | return this._s; | 158 | return this._s; |
161 | //MochiKit.Logging.logDebug("SRP s: " + this._S); | 159 | //MochiKit.Logging.logDebug("SRP s: " + this._S); |
162 | }, | 160 | }, |
163 | 161 | ||
164 | 'set_s': function(aValue) { | 162 | 'set_s': function(aValue) { |
165 | this._s = aValue; | 163 | this._s = aValue; |
166 | }, | 164 | }, |
167 | 165 | ||
168 | //------------------------------------------------------------------------- | 166 | //------------------------------------------------------------------------- |
169 | 167 | ||
170 | 'B': function () { | 168 | 'B': function () { |
171 | return this._B; | 169 | return this._B; |
172 | }, | 170 | }, |
173 | 171 | ||
174 | 'set_B': function(aValue) { | 172 | 'set_B': function(aValue) { |
175 | //Warning: this value should be strictly greater than zero: how should we perform this check? | 173 | //Warning: this value should be strictly greater than zero: how should we perform this check? |
176 | if (! aValue.equals(0)) { | 174 | if (! aValue.equals(0)) { |
177 | this._B = aValue; | 175 | this._B = aValue; |
178 | //MochiKit.Logging.logDebug("SRP B: " + this._B); | 176 | //MochiKit.Logging.logDebug("SRP B: " + this._B); |
179 | } else { | 177 | } else { |
180 | MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0."); | 178 | MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0."); |
181 | throw Clipperz.Crypto.SRP.exception.InvalidValue; | 179 | throw Clipperz.Crypto.SRP.exception.InvalidValue; |
182 | } | 180 | } |
183 | }, | 181 | }, |
184 | 182 | ||
185 | //------------------------------------------------------------------------- | 183 | //------------------------------------------------------------------------- |
186 | 184 | ||
187 | 'x': function () { | 185 | 'x': function () { |
188 | if (this._x == null) { | 186 | if (this._x == null) { |
189 | this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s().asString(16, 64) + this.P()), 16); | 187 | this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s().asString(16, 64) + this.P()), 16); |
190 | //MochiKit.Logging.logDebug("SRP x: " + this._x); | 188 | //MochiKit.Logging.logDebug("SRP x: " + this._x); |
191 | } | 189 | } |
192 | 190 | ||
193 | return this._x; | 191 | return this._x; |
194 | }, | 192 | }, |
195 | 193 | ||
196 | //------------------------------------------------------------------------- | 194 | //------------------------------------------------------------------------- |
197 | 195 | ||
198 | 'u': function () { | 196 | 'u': function () { |
199 | if (this._u == null) { | 197 | if (this._u == null) { |
200 | this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16); | 198 | this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16); |
201 | //MochiKit.Logging.logDebug("SRP u: " + this._u); | 199 | //MochiKit.Logging.logDebug("SRP u: " + this._u); |
202 | } | 200 | } |
203 | 201 | ||
204 | return this._u; | 202 | return this._u; |
205 | }, | 203 | }, |
206 | 204 | ||
207 | //------------------------------------------------------------------------- | 205 | //------------------------------------------------------------------------- |
208 | 206 | ||
209 | 'S': function () { | 207 | 'S': function () { |
210 | if (this._S == null) { | 208 | if (this._S == null) { |
211 | var bigint; | 209 | var bigint; |
212 | varsrp; | 210 | varsrp; |
213 | 211 | ||
214 | bigint = Clipperz.Crypto.BigInt; | 212 | bigint = Clipperz.Crypto.BigInt; |