1 files changed, 6 insertions, 9 deletions

diff --git a/frontend/gamma/js/Clipperz/Crypto/BigInt.js b/frontend/gamma/js/Clipperz/Crypto/BigInt.js
index d4d05d2..41483a3 100644
--- a/frontend/gamma/js/Clipperz/Crypto/BigInt.js
+++ b/frontend/gamma/js/Clipperz/Crypto/BigInt.js
@@ -1,216 +1,213 @@
 /*
 
 Copyright 2008-2011 Clipperz Srl
 
-This file is part of Clipperz's Javascript Crypto Library.
-Javascript Crypto Library provides web developers with an extensive
-and efficient set of cryptographic functions. The library aims to
-obtain maximum execution speed while preserving modularity and
-reusability.
+This file is part of Clipperz Community Edition.
+Clipperz Community Edition is an online password manager.
 For further information about its features and functionalities please
-refer to http://www.clipperz.com
+refer to http://www.clipperz.com.
 
-* Javascript Crypto Library is free software: you can redistribute
+* Clipperz Community Edition is free software: you can redistribute
   it and/or modify it under the terms of the GNU Affero General Public
   License as published by the Free Software Foundation, either version
   3 of the License, or (at your option) any later version.
 
-* Javascript Crypto Library is distributed in the hope that it will
+* Clipperz Community Edition is distributed in the hope that it will
   be useful, but WITHOUT ANY WARRANTY; without even the implied
   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
   See the GNU Affero General Public License for more details.
 
 * You should have received a copy of the GNU Affero General Public
-  License along with Javascript Crypto Library.  If not, see
+  License along with Clipperz Community Edition.  If not, see
   <http://www.gnu.org/licenses/>.
 
 */
 
 if (typeof(Clipperz) == 'undefined') { Clipperz = {}; }
 if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; }
 
 //#############################################################################
         //Downloaded on March 05, 2007 from http://www.leemon.com/crypto/BigInt.js
 //#############################################################################
 
 
 ////////////////////////////////////////////////////////////////////////////////////////
 // Big Integer Library v. 5.0
 // Created 2000, last modified 2006
 // Leemon Baird
 // www.leemon.com
 //
 // This file is public domain.   You can use it for any purpose without restriction.
 // I do not guarantee that it is correct, so use it at your own risk.  If you use 
 // it for something interesting, I'd appreciate hearing about it.  If you find 
 // any bugs or make any improvements, I'd appreciate hearing about those too.
 // It would also be nice if my name and address were left in the comments.
 // But none of that is required.
 //
 // This code defines a bigInt library for arbitrary-precision integers.
 // A bigInt is an array of integers storing the value in chunks of bpe bits, 
 // little endian (buff[0] is the least significant word).
 // Negative bigInts are stored two's complement.
 // Some functions assume their parameters have at least one leading zero element.
 // Functions with an underscore at the end of the name have unpredictable behavior in case of overflow, 
 // so the caller must make sure overflow won't happen.
 // For each function where a parameter is modified, that same 
 // variable must not be used as another argument too.
 // So, you cannot square x by doing multMod_(x,x,n).  
 // You must use squareMod_(x,n) instead, or do y=dup(x); multMod_(x,y,n).
 //
 // These functions are designed to avoid frequent dynamic memory allocation in the inner loop.
 // For most functions, if it needs a BigInt as a local variable it will actually use
 // a global, and will only allocate to it when it's not the right size.  This ensures
 // that when a function is called repeatedly with same-sized parameters, it only allocates
 // memory on the first call.
 //
 // Note that for cryptographic purposes, the calls to Math.random() must 
 // be replaced with calls to a better pseudorandom number generator.
 //
 // In the following, "bigInt" means a bigInt with at least one leading zero element,
 // and "integer" means a nonnegative integer less than radix.  In some cases, integer 
 // can be negative.  Negative bigInts are 2s complement.
 // 
 // The following functions do not modify their inputs, but dynamically allocate memory every time they are called:
 // 
 // function bigInt2str(x,base)     //convert a bigInt into a string in a given base, from base 2 up to base 95
 // function dup(x)                 //returns a copy of bigInt x
 // function findPrimes(n)          //return array of all primes less than integer n
 // function int2bigInt(t,n,m)      //convert integer t to a bigInt with at least n bits and m array elements
 // function int2bigInt(s,b,n,m)    //convert string s in base b to a bigInt with at least n bits and m array elements
 // function trim(x,k)              //return a copy of x with exactly k leading zero elements
 //
 // The following functions do not modify their inputs, so there is never a problem with the result being too big:
 //
 // function bitSize(x)             //returns how many bits long the bigInt x is, not counting leading zeros
 // function equals(x,y)            //is the bigInt x equal to the bigint y?
 // function equalsInt(x,y)         //is bigint x equal to integer y?
 // function greater(x,y)           //is x>y?  (x and y are nonnegative bigInts)
 // function greaterShift(x,y,shift)//is (x <<(shift*bpe)) > y?
 // function isZero(x)              //is the bigInt x equal to zero?
 // function millerRabin(x,b)       //does one round of Miller-Rabin base integer b say that bigInt x is possibly prime (as opposed to definitely composite)?
 // function modInt(x,n)            //return x mod n for bigInt x and integer n.
 // function negative(x)            //is bigInt x negative?
 //
 // The following functions do not modify their inputs, but allocate memory and call functions with underscores
 //
 // function add(x,y)                //return (x+y) for bigInts x and y.  
 // function addInt(x,n)             //return (x+n) where x is a bigInt and n is an integer.
 // function expand(x,n)             //return a copy of x with at least n elements, adding leading zeros if needed
 // function inverseMod(x,n)         //return (x**(-1) mod n) for bigInts x and n.  If no inverse exists, it returns null
 // function mod(x,n)                //return a new bigInt equal to (x mod n) for bigInts x and n.
 // function mult(x,y)               //return x*y for bigInts x and y. This is faster when y<x.
 // function multMod(x,y,n)          //return (x*y mod n) for bigInts x,y,n.  For greater speed, let y<x.
 // function powMod(x,y,n)           //return (x**y mod n) where x,y,n are bigInts and ** is exponentiation.  0**0=1. Faster for odd n.
 // function randTruePrime(k)        //return a new, random, k-bit, true prime using Maurer's algorithm.
 // function sub(x,y)                //return (x-y) for bigInts x and y.  Negative answers will be 2s complement
 //
 // The following functions write a bigInt result to one of the parameters, but
 // the result is never bigger than the original, so there can't be overflow problems:
 //
 // function divInt_(x,n)            //do x=floor(x/n) for bigInt x and integer n, and return the remainder
 // function GCD_(x,y)               //set x to the greatest common divisor of bigInts x and y, (y is destroyed).
 // function halve_(x)               //do x=floor(|x|/2)*sgn(x) for bigInt x in 2's complement
 // function mod_(x,n)               //do x=x mod n for bigInts x and n.
 // function rightShift_(x,n)        //right shift bigInt x by n bits.  0 <= n < bpe.
 //
 // The following functions write a bigInt result to one of the parameters.  The caller is responsible for
 // ensuring it is large enough to hold the result.
 // 
 // function addInt_(x,n)            //do x=x+n where x is a bigInt and n is an integer
 // function add_(x,y)               //do x=x+y for bigInts x and y
 // function addShift_(x,y,ys)       //do x=x+(y<<(ys*bpe))
 // function copy_(x,y)              //do x=y on bigInts x and y
 // function copyInt_(x,n)           //do x=n on bigInt x and integer n
 // function carry_(x)               //do carries and borrows so each element of the bigInt x fits in bpe bits.
 // function divide_(x,y,q,r)        //divide_ x by y giving quotient q and remainder r
 // function eGCD_(x,y,d,a,b)        //sets a,b,d to positive big integers such that d = GCD_(x,y) = a*x-b*y
 // function inverseMod_(x,n)        //do x=x**(-1) mod n, for bigInts x and n. Returns 1 (0) if inverse does (doesn't) exist
 // function inverseModInt_(x,n)     //return x**(-1) mod n, for integers x and n.  Return 0 if there is no inverse
 // function leftShift_(x,n)         //left shift bigInt x by n bits.  n<bpe.
 // function linComb_(x,y,a,b)       //do x=a*x+b*y for bigInts x and y and integers a and b
 // function linCombShift_(x,y,b,ys) //do x=x+b*(y<<(ys*bpe)) for bigInts x and y, and integers b and ys
 // function mont_(x,y,n,np)         //Montgomery multiplication (see comments where the function is defined)
 // function mult_(x,y)              //do x=x*y for bigInts x and y.
 // function multInt_(x,n)           //do x=x*n where x is a bigInt and n is an integer.
 // function multMod_(x,y,n)         //do x=x*y  mod n for bigInts x,y,n.
 // function powMod_(x,y,n)          //do x=x**y mod n, where x,y,n are bigInts (n is odd) and ** is exponentiation.  0**0=1.
 // function randBigInt_(b,n,s)      //do b = an n-bit random BigInt. if s=1, then nth bit (most significant bit) is set to 1. n>=1.
 // function randTruePrime_(ans,k)   //do ans = a random k-bit true random prime (not just probable prime) with 1 in the msb.
 // function squareMod_(x,n)         //do x=x*x  mod n for bigInts x,n
 // function sub_(x,y)               //do x=x-y for bigInts x and y. Negative answers will be 2s complement.
 // function subShift_(x,y,ys)       //do x=x-(y<<(ys*bpe)). Negative answers will be 2s complement.
 //
 // The following functions are based on algorithms from the _Handbook of Applied Cryptography_
 //    powMod_()           = algorithm 14.94, Montgomery exponentiation
 //    eGCD_,inverseMod_() = algorithm 14.61, Binary extended GCD_
 //    GCD_()              = algorothm 14.57, Lehmer's algorithm
 //    mont_()             = algorithm 14.36, Montgomery multiplication
 //    divide_()           = algorithm 14.20  Multiple-precision division
 //    squareMod_()        = algorithm 14.16  Multiple-precision squaring
 //    randTruePrime_()    = algorithm  4.62, Maurer's algorithm
 //    millerRabin()       = algorithm  4.24, Miller-Rabin algorithm
 //
 // Profiling shows:
 //     randTruePrime_() spends:
 //         10% of its time in calls to powMod_()
 //         85% of its time in calls to millerRabin()
 //     millerRabin() spends:
 //         99% of its time in calls to powMod_()   (always with a base of 2)
 //     powMod_() spends:
 //         94% of its time in calls to mont_()  (almost always with x==y)
 //
 // This suggests there are several ways to speed up this library slightly:
 //     - convert powMod_ to use a Montgomery form of k-ary window (or maybe a Montgomery form of sliding window)
 //         -- this should especially focus on being fast when raising 2 to a power mod n
 //     - convert randTruePrime_() to use a minimum r of 1/3 instead of 1/2 with the appropriate change to the test
 //     - tune the parameters in randTruePrime_(), including c, m, and recLimit
 //     - speed up the single loop in mont_() that takes 95% of the runtime, perhaps by reducing checking
 //       within the loop when all the parameters are the same length.
 //
 // There are several ideas that look like they wouldn't help much at all:
 //     - replacing trial division in randTruePrime_() with a sieve (that speeds up something taking almost no time anyway)
 //     - increase bpe from 15 to 30 (that would help if we had a 32*32->64 multiplier, but not with JavaScript's 32*32->32)
 //     - speeding up mont_(x,y,n,np) when x==y by doing a non-modular, non-Montgomery square
 //       followed by a Montgomery reduction.  The intermediate answer will be twice as long as x, so that
 //       method would be slower.  This is unfortunate because the code currently spends almost all of its time
 //       doing mont_(x,x,...), both for randTruePrime_() and powMod_().  A faster method for Montgomery squaring
 //       would have a large impact on the speed of randTruePrime_() and powMod_().  HAC has a couple of poorly-worded
 //       sentences that seem to imply it's faster to do a non-modular square followed by a single
 //       Montgomery reduction, but that's obviously wrong.
 ////////////////////////////////////////////////////////////////////////////////////////
 
 //globals
 bpe=0;         //bits stored per array element
 mask=0;        //AND this with an array element to chop it down to bpe bits
 radix=mask+1;  //equals 2^bpe.  A single 1 bit to the left of the last bit of mask.
 
 //the digits for converting to different bases
 digitsStr='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_=!@#$%^&*()[]{}|;:,.<>/?`~ \\\'\"+-';
 
 //initialize the global variables
 for (bpe=0; (1<<(bpe+1)) > (1<<bpe); bpe++);  //bpe=number of bits in the mantissa on this platform
 bpe>>=1;                   //bpe=number of bits in one element of the array representing the bigInt
 mask=(1<<bpe)-1;           //AND the mask with an integer to get its bpe least significant bits
 radix=mask+1;              //2^bpe.  a single 1 bit to the left of the first bit of mask
 one=int2bigInt(1,1,1);     //constant used in powMod_()
 
 //the following global variables are scratchpad memory to 
 //reduce dynamic memory allocation in the inner loop
 t=new Array(0);
 ss=t;       //used in mult_()
 s0=t;       //used in multMod_(), squareMod_() 
 s1=t;       //used in powMod_(), multMod_(), squareMod_() 
 s2=t;       //used in powMod_(), multMod_()
 s3=t;       //used in powMod_()
 s4=t; s5=t; //used in mod_()
 s6=t;       //used in bigInt2str()
 s7=t;       //used in powMod_()
 T=t;        //used in GCD_()
 sa=t;       //used in mont_()
 mr_x1=t; mr_r=t; mr_a=t;                                      //used in millerRabin()
 eg_v=t; eg_u=t; eg_A=t; eg_B=t; eg_C=t; eg_D=t;               //used in eGCD_(), inverseMod_()
 md_q1=t; md_q2=t; md_q3=t; md_r=t; md_r1=t; md_r2=t; md_tt=t; //used in mod_()
 
 primes=t; pows=t; s_i=t; s_i2=t; s_R=t; s_rm=t; s_q=t; s_n1=t;