summaryrefslogtreecommitdiff
path: root/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js
Unidiff
Diffstat (limited to 'frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js') (more/less context) (ignore whitespace changes)
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js550
1 files changed, 550 insertions, 0 deletions
diff --git a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js
new file mode 100644
index 0000000..2033eb4
--- a/dev/null
+++ b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js
@@ -0,0 +1,550 @@
1/*
2
3Copyright 2008-2011 Clipperz Srl
4
5This file is part of Clipperz's Javascript Crypto Library.
6Javascript Crypto Library provides web developers with an extensive
7and efficient set of cryptographic functions. The library aims to
8obtain maximum execution speed while preserving modularity and
9reusability.
10For further information about its features and functionalities please
11refer to http://www.clipperz.com
12
13* Javascript Crypto Library is free software: you can redistribute
14 it and/or modify it under the terms of the GNU Affero General Public
15 License as published by the Free Software Foundation, either version
16 3 of the License, or (at your option) any later version.
17
18* Javascript Crypto Library is distributed in the hope that it will
19 be useful, but WITHOUT ANY WARRANTY; without even the implied
20 warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
21 See the GNU Affero General Public License for more details.
22
23* You should have received a copy of the GNU Affero General Public
24 License along with Javascript Crypto Library. If not, see
25 <http://www.gnu.org/licenses/>.
26
27*/
28
29//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
30 //throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
31//}
32if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
33if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
34
35Clipperz.Crypto.ECC.BinaryField.Curve = function(args) {
36 args = args || {};
37
38 this._modulus = args.modulus;
39
40 this._a = args.a;
41 this._b = args.b;
42 this._G = args.G;
43 this._r = args.r;
44 this._h = args.h;
45
46 this._finiteField = null;
47
48 return this;
49}
50
51Clipperz.Crypto.ECC.BinaryField.Curve.prototype = MochiKit.Base.update(null, {
52
53 'asString': function() {
54 return "Clipperz.Crypto.ECC.BinaryField.Curve";
55 },
56
57 //-----------------------------------------------------------------------------
58
59 'modulus': function() {
60 return this._modulus;
61 },
62
63 'a': function() {
64 return this._a;
65 },
66
67 'b': function() {
68 return this._b;
69 },
70
71 'G': function() {
72 return this._G;
73 },
74
75 'r': function() {
76 return this._r;
77 },
78
79 'h': function() {
80 return this._h;
81 },
82
83 //-----------------------------------------------------------------------------
84
85 'finiteField': function() {
86 if (this._finiteField == null) {
87 this._finiteField = new Clipperz.Crypto.ECC.BinaryField.FiniteField({modulus:this.modulus()})
88 }
89
90 return this._finiteField;
91 },
92
93 //-----------------------------------------------------------------------------
94
95 'negate': function(aPointA) {
96 var result;
97
98 result = new Clipperz.Crypto.ECC.Point({x:aPointA.x(), y:this.finiteField().add(aPointA.y(), aPointA.x())})
99
100 return result;
101 },
102
103 //-----------------------------------------------------------------------------
104
105 'add': function(aPointA, aPointB) {
106 var result;
107
108//console.log(">>> ECC.BinaryField.Curve.add");
109 if (aPointA.isZero()) {
110//console.log("--- pointA == zero");
111 result = aPointB;
112 } else if (aPointB.isZero()) {
113//console.log("--- pointB == zero");
114 result = aPointA;
115 } else if ((aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) {
116//console.log("compare A.x - B.x: ", aPointA.x().compare(aPointB.x()));
117//console.log("compare A.y - B.y: ", (aPointA.y().compare(aPointB.y()) != 0));
118//console.log("compare B.x.isZero(): ", aPointB.x().isZero());
119
120//console.log("--- result = zero");
121 result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
122 } else {
123//console.log("--- result = ELSE");
124 varf2m;
125 var x, y;
126 var lambda;
127 var aX, aY, bX, bY;
128
129 aX = aPointA.x()._value;
130 aY = aPointA.y()._value;
131 bX = aPointB.x()._value;
132 bY = aPointB.y()._value;
133
134 f2m = this.finiteField();
135
136 if (aPointA.x().compare(aPointB.x()) != 0) {
137//console.log(" a.x != b.x");
138 lambda =f2m._fastMultiply(
139 f2m._add(aY, bY),
140 f2m._inverse(f2m._add(aX, bX))
141 );
142 x = f2m._add(this.a()._value, f2m._square(lambda));
143 f2m._overwriteAdd(x, lambda);
144 f2m._overwriteAdd(x, aX);
145 f2m._overwriteAdd(x, bX);
146 } else {
147//console.log(" a.x == b.x");
148 lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX)));
149//console.log(" lambda: " + lambda.asString(16));
150 x = f2m._add(this.a()._value, f2m._square(lambda));
151//console.log(" x (step 1): " + x.asString(16));
152 f2m._overwriteAdd(x, lambda);
153//console.log(" x (step 2): " + x.asString(16));
154 }
155
156 y = f2m._fastMultiply(f2m._add(bX, x), lambda);
157//console.log(" y (step 1): " + y.asString(16));
158 f2m._overwriteAdd(y, x);
159//console.log(" y (step 2): " + y.asString(16));
160 f2m._overwriteAdd(y, bY);
161//console.log(" y (step 3): " + y.asString(16));
162
163 result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)})
164 }
165//console.log("<<< ECC.BinaryField.Curve.add");
166
167 return result;
168 },
169
170 //-----------------------------------------------------------------------------
171
172 'addTwice': function(aPointA) {
173 return this.add(aPointA, aPointA);
174 },
175
176 //-----------------------------------------------------------------------------
177
178 'overwriteAdd': function(aPointA, aPointB) {
179 if (aPointA.isZero()) {
180 // result = aPointB;
181 aPointA._x._value = aPointB._x._value;
182 aPointA._y._value = aPointB._y._value;
183 } else if (aPointB.isZero()) {
184 // result = aPointA;
185 } else if ((aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) {
186 // result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
187 aPointA._x = Clipperz.Crypto.ECC.BinaryField.Value.O;
188 aPointA._y = Clipperz.Crypto.ECC.BinaryField.Value.O;
189 } else {
190 varf2m;
191 var x, y;
192 var lambda;
193 var aX, aY, bX, bY;
194
195 aX = aPointA.x()._value;
196 aY = aPointA.y()._value;
197 bX = aPointB.x()._value;
198 bY = aPointB.y()._value;
199
200 f2m = this.finiteField();
201
202 if (aPointA.x().compare(aPointB.x()) != 0) {
203//console.log(" a.x != b.x");
204 lambda =f2m._fastMultiply(
205 f2m._add(aY, bY),
206 f2m._inverse(f2m._add(aX, bX))
207 );
208 x = f2m._add(this.a()._value, f2m._square(lambda));
209 f2m._overwriteAdd(x, lambda);
210 f2m._overwriteAdd(x, aX);
211 f2m._overwriteAdd(x, bX);
212 } else {
213//console.log(" a.x == b.x");
214 lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX)));
215//console.log(" lambda: " + lambda.asString(16));
216 x = f2m._add(this.a()._value, f2m._square(lambda));
217//console.log(" x (step 1): " + x.asString(16));
218 f2m._overwriteAdd(x, lambda);
219//console.log(" x (step 2): " + x.asString(16));
220 }
221
222 y = f2m._fastMultiply(f2m._add(bX, x), lambda);
223//console.log(" y (step 1): " + y.asString(16));
224 f2m._overwriteAdd(y, x);
225//console.log(" y (step 2): " + y.asString(16));
226 f2m._overwriteAdd(y, bY);
227//console.log(" y (step 3): " + y.asString(16));
228
229 // result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)})
230 aPointA._x._value = x;
231 aPointA._y._value = y;
232
233 }
234//console.log("<<< ECC.BinaryField.Curve.add");
235
236 return result;
237 },
238
239 //-----------------------------------------------------------------------------
240
241 'multiply': function(aValue, aPoint) {
242 var result;
243
244//console.profile();
245 result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
246
247 if (aValue.isZero() == false) {
248 var k, Q;
249 var i;
250 var countIndex; countIndex = 0;
251
252 if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) {
253 k = aValue;
254 Q = aPoint;
255 } else {
256MochiKit.Logging.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!");
257 k = aValue.negate();
258 Q = this.negate(aPoint);
259 }
260
261//console.log("k: " + k.toString(16));
262//console.log("k.bitSize: " + k.bitSize());
263 for (i=k.bitSize()-1; i>=0; i--) {
264 result = this.add(result, result);
265 // this.overwriteAdd(result, result);
266 if (k.isBitSet(i)) {
267 result = this.add(result, Q);
268 // this.overwriteAdd(result, Q);
269 }
270
271 // if (countIndex==100) {console.log("multiply.break"); break;} else countIndex++;
272 }
273 }
274//console.profileEnd();
275
276 return result;
277 },
278
279 //-----------------------------------------------------------------------------
280
281 'deferredMultiply': function(aValue, aPoint) {
282 var deferredResult;
283 var result;
284
285MochiKit.Logging.logDebug(">>> deferredMultiply - value: " + aValue + ", point: " + aPoint);
286//console.profile("ECC.Curve.multiply");
287 deferredResult = new MochiKit.Async.Deferred();
288//deferredResult.addCallback(function(res) {console.profile("ECC.Curve.deferredMultiply"); return res;} );
289//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 1: " + res); return res;});
290
291 result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
292//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 2: " + res); return res;});
293
294 if (aValue.isZero() == false) {
295 var k, Q;
296 var i;
297 var countIndex; countIndex = 0;
298
299 if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) {
300 k = aValue;
301 Q = aPoint;
302 } else {
303MochiKit.Logging.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!");
304 k = aValue.negate();
305 Q = this.negate(aPoint);
306 }
307
308//console.log("k: " + k.toString(16));
309//console.log("k.bitSize: " + k.bitSize());
310
311//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 3: " + res); return res;});
312 for (i=k.bitSize()-1; i>=0; i--) {
313//MochiKit.Logging.logDebug("====> " + i);
314//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4 > i = " + i + ": " + res); return res;});
315 deferredResult.addMethod(this, "addTwice");
316 //# result = this.add(result, result);
317 // this.overwriteAdd(result, result);
318 if (k.isBitSet(i)) {
319 deferredResult.addMethod(this, "add", Q);
320 //# result = this.add(result, Q);
321 // this.overwriteAdd(result, Q);
322 }
323 if (i%20 == 0) {deferredResult.addCallback(MochiKit.Async.wait, 0.1);}
324
325 // if (countIndex==100) {console.log("multiply.break"); break;} else countIndex++;
326//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4 < i = " + i + ": " + res); return res;});
327 }
328//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4: " + res); return res;});
329 }
330//#console.profileEnd();
331//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 5: " + res); return res;});
332//deferredResult.addBoth(function(res) {console.profileEnd(); return res;});
333//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 6: " + res); return res;});
334 deferredResult.callback(result);
335
336 //# return result;
337 return deferredResult;
338 },
339
340 //-----------------------------------------------------------------------------
341 __syntaxFix__: "syntax fix"
342});
343
344
345//#############################################################################
346
347Clipperz.Crypto.ECC.StandardCurves = {};
348
349MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, {
350/*
351 '_K571': null,
352 'K571': function() {
353 if (Clipperz.Crypto.ECC.StandardCurves._K571 == null) {
354 Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.BinaryField.Curve({
355 modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16),
356 a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16),
357 b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
358 G: new Clipperz.Crypto.ECC.BinaryField.Point({
359 x: new Clipperz.Crypto.ECC.BinaryField.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16),
360 y: new Clipperz.Crypto.ECC.BinaryField.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16)
361 }),
362 r: new Clipperz.Crypto.ECC.BinaryField.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16),
363 h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16)
364 });
365 }
366
367 return Clipperz.Crypto.ECC.StandardCurves._K571;
368 },
369
370
371
372 '_K283': null,
373 'K283': function() { //f(z) = z^283 + z^12 + z^7 + z^5 + 1
374 if (Clipperz.Crypto.ECC.StandardCurves._K283 == null) {
375 Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.BinaryField.Curve({
376 modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
377 a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16),
378 b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
379 G: new Clipperz.Crypto.ECC.BinaryField.Point({
380 x: new Clipperz.Crypto.ECC.BinaryField.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16),
381 y: new Clipperz.Crypto.ECC.BinaryField.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16)
382 }),
383 r: new Clipperz.Crypto.ECC.BinaryField.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16),
384 h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16)
385 });
386 }
387
388 return Clipperz.Crypto.ECC.StandardCurves._K283;
389 },
390*/
391 //-----------------------------------------------------------------------------
392
393 '_B571': null,
394 'B571': function() { //f(z) = z^571 + z^10 + z^5 + z^2 + 1
395 if (Clipperz.Crypto.ECC.StandardCurves._B571 == null) {
396 Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({
397 modulus: new Clipperz.Crypto.ECC.BinaryField.Value('80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425', 16),
398 a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
399 b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a', 16),
400 G: new Clipperz.Crypto.ECC.BinaryField.Point({
401 x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16),
402 y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16)
403 }),
404 r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16),
405 h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
406
407 // S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
408 // n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16)
409 });
410
411 //-----------------------------------------------------------------------------
412 //
413 //Guide to Elliptic Curve Cryptography
414 //Darrel Hankerson, Alfred Menezes, Scott Vanstone
415 //- Pag: 56, Alorithm 2.45 (with a typo!!!)
416 //
417 //-----------------------------------------------------------------------------
418 //
419 // http://www.milw0rm.com/papers/136
420 //
421 // -------------------------------------------------------------------------
422 // Polynomial Reduction Algorithm Modulo f571
423 // -------------------------------------------------------------------------
424 //
425 // Input: Polynomial p(x) of degree 1140 or less, stored as
426 // an array of 2T machinewords.
427 // Output: p(x) mod f571(x)
428 //
429 // FOR i = T-1, ..., 0 DO
430 // SET X := P[i+T]
431 // P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15)
432 // P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27)
433 //
434 // SET X := P[T-1] >> 27
435 // P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10)
436 // P[T-1] := P[T-1] & 0x07ffffff
437 //
438 // RETURN P[T-1],...,P[0]
439 //
440 // -------------------------------------------------------------------------
441 //
442 Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module;
443 Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) {
444 varresult;
445
446 if (aValue.bitSize() > 1140) {
447 MochiKit.Logging.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation");
448 result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue);
449 } else {
450 varC, T;
451 var i;
452
453//console.log(">>> binaryField.finiteField.(improved)module");
454 // C = aValue.value().slice(0);
455 C = aValue._value.slice(0);
456 for (i=35; i>=18; i--) {
457 T = C[i];
458 C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0);
459 C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0);
460 }
461 T = (C[17] >>> 27);
462 C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0);
463 C[17] = (C[17] & 0x07ffffff);
464
465 for(i=18; i<=35; i++) {
466 C[i] = 0;
467 }
468
469 result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
470//console.log("<<< binaryField.finiteField.(improved)module");
471 }
472
473 return result;
474 };
475 }
476
477 return Clipperz.Crypto.ECC.StandardCurves._B571;
478 },
479
480 //-----------------------------------------------------------------------------
481
482 '_B283': null,
483 'B283': function() { //f(z) = z^283 + z^12 + z^7 + z^5 + 1
484 if (Clipperz.Crypto.ECC.StandardCurves._B283 == null) {
485 Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({
486 // modulus: new Clipperz.Crypto.ECC.BinaryField.Value('10000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
487 modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
488 a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
489 b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16),
490 G: new Clipperz.Crypto.ECC.BinaryField.Point({
491 x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16),
492 y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16)
493 }),
494 r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16),
495 h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
496
497 // S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
498 // n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16)
499 });
500
501 //-----------------------------------------------------------------------------
502 //
503 //Guide to Elliptic Curve Cryptography
504 //Darrel Hankerson, Alfred Menezes, Scott Vanstone
505 //- Pag: 56, Alorithm 2.43
506 //
507 //-----------------------------------------------------------------------------
508 Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module;
509 Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) {
510 varresult;
511
512 if (aValue.bitSize() > 564) {
513 MochiKit.Logging.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation");
514 result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue);
515 } else {
516 varC, T;
517 var i;
518
519//console.log(">>> binaryField.finiteField.(improved)module");
520 C = aValue._value.slice(0);
521 for (i=17; i>=9; i--) {
522 T = C[i];
523 C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0);
524 C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0);
525 }
526 T = (C[8] >>> 27);
527 C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0);
528 C[8] = (C[8] & 0x07ffffff);
529
530 for(i=9; i<=17; i++) {
531 C[i] = 0;
532 }
533
534 result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
535//console.log("<<< binaryField.finiteField.(improved)module");
536 }
537
538 return result;
539 };
540 }
541
542 return Clipperz.Crypto.ECC.StandardCurves._B283;
543 },
544
545 //-----------------------------------------------------------------------------
546 __syntaxFix__: "syntax fix"
547});
548
549//#############################################################################
550