Diffstat (limited to 'frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js') (more/less context) (ignore whitespace changes)
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js | 31 |
1 files changed, 12 insertions, 19 deletions
diff --git a/frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js b/frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js index be197e3..239e264 100644 --- a/frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js +++ b/frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js | |||
@@ -1,236 +1,229 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | //try { if (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) == 'undefined') { throw ""; }} catch (e) { | 24 | //try { if (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) == 'undefined') { throw ""; }} catch (e) { |
27 | //throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.BinaryField.Curve!"; | 25 | //throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.BinaryField.Curve!"; |
28 | //} | 26 | //} |
29 | //try { if (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) == 'undefined') { throw ""; }} catch (e) { | 27 | //try { if (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) == 'undefined') { throw ""; }} catch (e) { |
30 | //throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.Koblitz.Curve!"; | 28 | //throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.Koblitz.Curve!"; |
31 | //} | 29 | //} |
32 | 30 | ||
33 | Clipperz.Crypto.ECC.StandardCurves = {}; | 31 | Clipperz.Crypto.ECC.StandardCurves = {}; |
34 | 32 | ||
35 | MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, { | 33 | MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, { |
36 | 34 | ||
37 | //============================================================================== | 35 | //============================================================================== |
38 | 36 | ||
39 | '_K571': null, | 37 | '_K571': null, |
40 | 'K571': function() { //f(z) = z^571 + z^10 + z^5 + z^2 + 1 | 38 | 'K571': function() { //f(z) = z^571 + z^10 + z^5 + z^2 + 1 |
41 | if ((Clipperz.Crypto.ECC.StandardCurves._K571 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) { | 39 | if ((Clipperz.Crypto.ECC.StandardCurves._K571 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) { |
42 | Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.Koblitz.Curve({ | 40 | Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.Koblitz.Curve({ |
43 | modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16), | 41 | modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16), |
44 | a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16), | 42 | a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16), |
45 | b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16), | 43 | b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16), |
46 | G: new Clipperz.Crypto.ECC.Koblitz.Point({ | 44 | G: new Clipperz.Crypto.ECC.Koblitz.Point({ |
47 | x: new Clipperz.Crypto.ECC.Koblitz.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16), | 45 | x: new Clipperz.Crypto.ECC.Koblitz.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16), |
48 | y: new Clipperz.Crypto.ECC.Koblitz.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16) | 46 | y: new Clipperz.Crypto.ECC.Koblitz.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16) |
49 | }), | 47 | }), |
50 | r: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16), | 48 | r: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16), |
51 | h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16), | 49 | h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16), |
52 | primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16) | 50 | primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16) |
53 | }); | 51 | }); |
54 | } | 52 | } |
55 | 53 | ||
56 | return Clipperz.Crypto.ECC.StandardCurves._K571; | 54 | return Clipperz.Crypto.ECC.StandardCurves._K571; |
57 | }, | 55 | }, |
58 | 56 | ||
59 | //----------------------------------------------------------------------------- | 57 | //----------------------------------------------------------------------------- |
60 | 58 | ||
61 | '_K283': null, | 59 | '_K283': null, |
62 | 'K283': function() { //f(z) = z^283 + z^12 + z^7 + z^5 + 1 | 60 | 'K283': function() { //f(z) = z^283 + z^12 + z^7 + z^5 + 1 |
63 | if ((Clipperz.Crypto.ECC.StandardCurves._K283 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) { | 61 | if ((Clipperz.Crypto.ECC.StandardCurves._K283 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) { |
64 | Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.Koblitz.Curve({ | 62 | Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.Koblitz.Curve({ |
65 | modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), | 63 | modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), |
66 | a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16), | 64 | a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16), |
67 | b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16), | 65 | b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16), |
68 | G: new Clipperz.Crypto.ECC.Koblitz.Point({ | 66 | G: new Clipperz.Crypto.ECC.Koblitz.Point({ |
69 | x: new Clipperz.Crypto.ECC.Koblitz.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16), | 67 | x: new Clipperz.Crypto.ECC.Koblitz.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16), |
70 | y: new Clipperz.Crypto.ECC.Koblitz.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16) | 68 | y: new Clipperz.Crypto.ECC.Koblitz.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16) |
71 | }), | 69 | }), |
72 | r: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16), | 70 | r: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16), |
73 | h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16), | 71 | h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16), |
74 | primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16) | 72 | primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16) |
75 | }); | 73 | }); |
76 | } | 74 | } |
77 | 75 | ||
78 | return Clipperz.Crypto.ECC.StandardCurves._K283; | 76 | return Clipperz.Crypto.ECC.StandardCurves._K283; |
79 | }, | 77 | }, |
80 | 78 | ||
81 | //============================================================================== | 79 | //============================================================================== |
82 | 80 | ||
83 | '_B571': null, | 81 | '_B571': null, |
84 | 'B571': function() { //f(z) = z^571 + z^10 + z^5 + z^2 + 1 | 82 | 'B571': function() { //f(z) = z^571 + z^10 + z^5 + z^2 + 1 |
85 | if ((Clipperz.Crypto.ECC.StandardCurves._B571 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) { | 83 | if ((Clipperz.Crypto.ECC.StandardCurves._B571 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) { |
86 | Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({ | 84 | Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({ |
87 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16), | 85 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16), |
88 | a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), | 86 | a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), |
89 | b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e 2221f295 de297117 b7f3d62f 5c6a97ff cb8ceff1 cd6ba8ce 4a9a18ad 84ffabbd 8efa5933 2be7ad67 56a66e29 4afd185a 78ff12aa 520e4de7 39baca0c 7ffeff7f 2955727a', 16), | 87 | b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e 2221f295 de297117 b7f3d62f 5c6a97ff cb8ceff1 cd6ba8ce 4a9a18ad 84ffabbd 8efa5933 2be7ad67 56a66e29 4afd185a 78ff12aa 520e4de7 39baca0c 7ffeff7f 2955727a', 16), |
90 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ | 88 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ |
91 | x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16), | 89 | x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16), |
92 | y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16) | 90 | y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16) |
93 | }), | 91 | }), |
94 | r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16), | 92 | r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16), |
95 | h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) | 93 | h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) |
96 | 94 | ||
97 | // S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10), | 95 | // S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10), |
98 | // n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16) | 96 | // n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16) |
99 | }); | 97 | }); |
100 | 98 | ||
101 | //----------------------------------------------------------------------------- | 99 | //----------------------------------------------------------------------------- |
102 | // | 100 | // |
103 | //Guide to Elliptic Curve Cryptography | 101 | //Guide to Elliptic Curve Cryptography |
104 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone | 102 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone |
105 | //- Pag: 56, Alorithm 2.45 (with a typo!!!) | 103 | //- Pag: 56, Alorithm 2.45 (with a typo!!!) |
106 | // | 104 | // |
107 | //----------------------------------------------------------------------------- | 105 | //----------------------------------------------------------------------------- |
108 | // | 106 | // |
109 | // http://www.milw0rm.com/papers/136 | 107 | // http://www.milw0rm.com/papers/136 |
110 | // | 108 | // |
111 | // ------------------------------------------------------------------------- | 109 | // ------------------------------------------------------------------------- |
112 | // Polynomial Reduction Algorithm Modulo f571 | 110 | // Polynomial Reduction Algorithm Modulo f571 |
113 | // ------------------------------------------------------------------------- | 111 | // ------------------------------------------------------------------------- |
114 | // | 112 | // |
115 | // Input: Polynomial p(x) of degree 1140 or less, stored as | 113 | // Input: Polynomial p(x) of degree 1140 or less, stored as |
116 | // an array of 2T machinewords. | 114 | // an array of 2T machinewords. |
117 | // Output: p(x) mod f571(x) | 115 | // Output: p(x) mod f571(x) |
118 | // | 116 | // |
119 | // FOR i = T-1, ..., 0 DO | 117 | // FOR i = T-1, ..., 0 DO |
120 | // SET X := P[i+T] | 118 | // SET X := P[i+T] |
121 | // P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15) | 119 | // P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15) |
122 | // P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27) | 120 | // P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27) |
123 | // | 121 | // |
124 | // SET X := P[T-1] >> 27 | 122 | // SET X := P[T-1] >> 27 |
125 | // P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10) | 123 | // P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10) |
126 | // P[T-1] := P[T-1] & 0x07ffffff | 124 | // P[T-1] := P[T-1] & 0x07ffffff |
127 | // | 125 | // |
128 | // RETURN P[T-1],...,P[0] | 126 | // RETURN P[T-1],...,P[0] |
129 | // | 127 | // |
130 | // ------------------------------------------------------------------------- | 128 | // ------------------------------------------------------------------------- |
131 | // | 129 | // |
132 | Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module; | 130 | Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module; |
133 | Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) { | 131 | Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) { |
134 | varresult; | 132 | varresult; |
135 | 133 | ||
136 | if (aValue.bitSize() > 1140) { | 134 | if (aValue.bitSize() > 1140) { |
137 | MochiKit.Logging.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation"); | 135 | Clipperz.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation"); |
138 | result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue); | 136 | result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue); |
139 | } else { | 137 | } else { |
140 | varC, T; | 138 | varC, T; |
141 | var i; | 139 | var i; |
142 | 140 | ||
143 | //console.log(">>> binaryField.finiteField.(improved)module"); | ||
144 | // C = aValue.value().slice(0); | ||
145 | C = aValue._value.slice(0); | 141 | C = aValue._value.slice(0); |
146 | for (i=35; i>=18; i--) { | 142 | for (i=35; i>=18; i--) { |
147 | T = C[i]; | 143 | T = C[i]; |
148 | C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0); | 144 | C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0); |
149 | C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0); | 145 | C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0); |
150 | } | 146 | } |
151 | T = (C[17] >>> 27); | 147 | T = (C[17] >>> 27); |
152 | C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0); | 148 | C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0); |
153 | C[17] = (C[17] & 0x07ffffff); | 149 | C[17] = (C[17] & 0x07ffffff); |
154 | 150 | ||
155 | for(i=18; i<=35; i++) { | 151 | for(i=18; i<=35; i++) { |
156 | C[i] = 0; | 152 | C[i] = 0; |
157 | } | 153 | } |
158 | 154 | ||
159 | result = new Clipperz.Crypto.ECC.BinaryField.Value(C); | 155 | result = new Clipperz.Crypto.ECC.BinaryField.Value(C); |
160 | //console.log("<<< binaryField.finiteField.(improved)module"); | ||
161 | } | 156 | } |
162 | 157 | ||
163 | return result; | 158 | return result; |
164 | }; | 159 | }; |
165 | } | 160 | } |
166 | 161 | ||
167 | return Clipperz.Crypto.ECC.StandardCurves._B571; | 162 | return Clipperz.Crypto.ECC.StandardCurves._B571; |
168 | }, | 163 | }, |
169 | 164 | ||
170 | //----------------------------------------------------------------------------- | 165 | //----------------------------------------------------------------------------- |
171 | 166 | ||
172 | '_B283': null, | 167 | '_B283': null, |
173 | 'B283': function() { //f(z) = z^283 + z^12 + z^7 + z^5 + 1 | 168 | 'B283': function() { //f(z) = z^283 + z^12 + z^7 + z^5 + 1 |
174 | if ((Clipperz.Crypto.ECC.StandardCurves._B283 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) { | 169 | if ((Clipperz.Crypto.ECC.StandardCurves._B283 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) { |
175 | Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({ | 170 | Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({ |
176 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), | 171 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), |
177 | a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), | 172 | a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), |
178 | b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16), | 173 | b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16), |
179 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ | 174 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ |
180 | x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16), | 175 | x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16), |
181 | y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16) | 176 | y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16) |
182 | }), | 177 | }), |
183 | r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16), | 178 | r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16), |
184 | h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) | 179 | h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) |
185 | }); | 180 | }); |
186 | 181 | ||
187 | //----------------------------------------------------------------------------- | 182 | //----------------------------------------------------------------------------- |
188 | // | 183 | // |
189 | //Guide to Elliptic Curve Cryptography | 184 | //Guide to Elliptic Curve Cryptography |
190 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone | 185 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone |
191 | //- Pag: 56, Alorithm 2.43 | 186 | //- Pag: 56, Alorithm 2.43 |
192 | // | 187 | // |
193 | //----------------------------------------------------------------------------- | 188 | //----------------------------------------------------------------------------- |
194 | Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module; | 189 | Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module; |
195 | Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) { | 190 | Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) { |
196 | varresult; | 191 | varresult; |
197 | 192 | ||
198 | if (aValue.bitSize() > 564) { | 193 | if (aValue.bitSize() > 564) { |
199 | MochiKit.Logging.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation"); | 194 | Clipperz.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation"); |
200 | result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue); | 195 | result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue); |
201 | } else { | 196 | } else { |
202 | varC, T; | 197 | varC, T; |
203 | var i; | 198 | var i; |
204 | 199 | ||
205 | //console.log(">>> binaryField.finiteField.(improved)module"); | ||
206 | C = aValue._value.slice(0); | 200 | C = aValue._value.slice(0); |
207 | for (i=17; i>=9; i--) { | 201 | for (i=17; i>=9; i--) { |
208 | T = C[i]; | 202 | T = C[i]; |
209 | C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0); | 203 | C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0); |
210 | C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0); | 204 | C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0); |
211 | } | 205 | } |
212 | T = (C[8] >>> 27); | 206 | T = (C[8] >>> 27); |
213 | C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0); | 207 | C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0); |
214 | C[8] = (C[8] & 0x07ffffff); | 208 | C[8] = (C[8] & 0x07ffffff); |
215 | 209 | ||
216 | for(i=9; i<=17; i++) { | 210 | for(i=9; i<=17; i++) { |
217 | C[i] = 0; | 211 | C[i] = 0; |
218 | } | 212 | } |
219 | 213 | ||
220 | result = new Clipperz.Crypto.ECC.BinaryField.Value(C); | 214 | result = new Clipperz.Crypto.ECC.BinaryField.Value(C); |
221 | //console.log("<<< binaryField.finiteField.(improved)module"); | ||
222 | } | 215 | } |
223 | 216 | ||
224 | return result; | 217 | return result; |
225 | }; | 218 | }; |
226 | } | 219 | } |
227 | 220 | ||
228 | return Clipperz.Crypto.ECC.StandardCurves._B283; | 221 | return Clipperz.Crypto.ECC.StandardCurves._B283; |
229 | }, | 222 | }, |
230 | 223 | ||
231 | //============================================================================== | 224 | //============================================================================== |
232 | __syntaxFix__: "syntax fix" | 225 | __syntaxFix__: "syntax fix" |
233 | }); | 226 | }); |
234 | 227 | ||
235 | 228 | ||
236 | 229 | ||