summaryrefslogtreecommitdiff
path: root/frontend/gamma/js/Clipperz/Crypto
Side-by-side diff
Diffstat (limited to 'frontend/gamma/js/Clipperz/Crypto') (more/less context) (ignore whitespace changes)
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/AES.js29
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/Base.js22
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/BigInt.js23
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/BigInt_scoped.js22
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js83
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js26
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Point.js22
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Value.js24
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js31
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/PRNG.js33
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/RSA.js22
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/SHA.js22
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/SRP.js36
13 files changed, 145 insertions, 250 deletions
diff --git a/frontend/gamma/js/Clipperz/Crypto/AES.js b/frontend/gamma/js/Clipperz/Crypto/AES.js
index c811f1c..cb56f11 100644
--- a/frontend/gamma/js/Clipperz/Crypto/AES.js
+++ b/frontend/gamma/js/Clipperz/Crypto/AES.js
@@ -1,339 +1,336 @@
/*
-Copyright 2008-2011 Clipperz Srl
+Copyright 2008-2013 Clipperz Srl
-This file is part of Clipperz Community Edition.
-Clipperz Community Edition is an online password manager.
+This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
-* Clipperz Community Edition is free software: you can redistribute
- it and/or modify it under the terms of the GNU Affero General Public
- License as published by the Free Software Foundation, either version
- 3 of the License, or (at your option) any later version.
+* Clipperz is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
-* Clipperz Community Edition is distributed in the hope that it will
- be useful, but WITHOUT ANY WARRANTY; without even the implied
- warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+* Clipperz is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
- License along with Clipperz Community Edition. If not, see
- <http://www.gnu.org/licenses/>.
+ License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.AES depends on Clipperz.ByteArray!";
}
// Dependency commented to avoid a circular reference
//try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.AES depends on Clipperz.Crypto.PRNG!";
//}
if (typeof(Clipperz.Crypto.AES) == 'undefined') { Clipperz.Crypto.AES = {}; }
//#############################################################################
Clipperz.Crypto.AES.DeferredExecutionContext = function(args) {
args = args || {};
this._key = args.key;
this._message = args.message;
this._result = args.message.clone();
this._nonce = args.nonce;
this._messageLength = this._message.length();
this._messageArray = this._message.arrayValues();
this._resultArray = this._result.arrayValues();
this._nonceArray = this._nonce.arrayValues();
this._executionStep = 0;
// this._elaborationChunkSize = 1024; // 4096; // 16384; // 4096;
this._elaborationChunks = 10;
this._pauseTime = 0.02; // 0.02 // 0.2;
return this;
}
Clipperz.Crypto.AES.DeferredExecutionContext.prototype = MochiKit.Base.update(null, {
'key': function() {
return this._key;
},
'message': function() {
return this._message;
},
'messageLength': function() {
return this._messageLength;
},
'result': function() {
return new Clipperz.ByteArray(this.resultArray());
},
'nonce': function() {
return this._nonce;
},
'messageArray': function() {
return this._messageArray;
},
'resultArray': function() {
return this._resultArray;
},
'nonceArray': function() {
return this._nonceArray;
},
'elaborationChunkSize': function() {
// return Clipperz.Crypto.AES.DeferredExecution.chunkSize;
// return this._elaborationChunkSize;
return (this._elaborationChunks * 1024);
},
'executionStep': function() {
return this._executionStep;
},
'setExecutionStep': function(aValue) {
this._executionStep = aValue;
},
'tuneExecutionParameters': function (anElapsedTime) {
//var originalChunks = this._elaborationChunks;
if (anElapsedTime > 0) {
this._elaborationChunks = Math.round(this._elaborationChunks * ((anElapsedTime + 1000)/(anElapsedTime * 2)));
}
//Clipperz.log("tuneExecutionParameters - elapsedTime: " + anElapsedTime + /*originalChunks,*/ " chunks # " + this._elaborationChunks + " [" + this._executionStep + " / " + this._messageLength + "]");
},
'pause': function(aValue) {
// return MochiKit.Async.wait(Clipperz.Crypto.AES.DeferredExecution.pauseTime, aValue);
return MochiKit.Async.wait(this._pauseTime, aValue);
},
'isDone': function () {
-//console.log("isDone", this.executionStep(), this.messageLength());
return (this._executionStep >= this._messageLength);
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.AES.Key = function(args) {
args = args || {};
this._key = args.key;
this._keySize = args.keySize || this.key().length();
if (this.keySize() == 128/8) {
this._b = 176;
this._numberOfRounds = 10;
} else if (this.keySize() == 256/8) {
this._b = 240;
this._numberOfRounds = 14;
} else {
- MochiKit.Logging.logError("AES unsupported key size: " + (this.keySize() * 8) + " bits");
+ Clipperz.logError("AES unsupported key size: " + (this.keySize() * 8) + " bits");
throw Clipperz.Crypto.AES.exception.UnsupportedKeySize;
}
this._stretchedKey = null;
return this;
}
Clipperz.Crypto.AES.Key.prototype = MochiKit.Base.update(null, {
'asString': function() {
return "Clipperz.Crypto.AES.Key (" + this.key().toHexString() + ")";
},
//-----------------------------------------------------------------------------
'key': function() {
return this._key;
},
'keySize': function() {
return this._keySize;
},
'b': function() {
return this._b;
},
'numberOfRounds': function() {
return this._numberOfRounds;
},
//=========================================================================
'keyScheduleCore': function(aWord, aRoundConstantsIndex) {
var result;
var sbox;
sbox = Clipperz.Crypto.AES.sbox();
result = [ sbox[aWord[1]] ^ Clipperz.Crypto.AES.roundConstants()[aRoundConstantsIndex],
sbox[aWord[2]],
sbox[aWord[3]],
sbox[aWord[0]] ];
return result;
},
//-----------------------------------------------------------------------------
'xorWithPreviousStretchValues': function(aKey, aWord, aPreviousWordIndex) {
var result;
var i,c;
result = [];
c = 4;
for (i=0; i<c; i++) {
result[i] = aWord[i] ^ aKey.byteAtIndex(aPreviousWordIndex + i);
}
return result;
},
//-----------------------------------------------------------------------------
'sboxShakeup': function(aWord) {
var result;
var sbox;
var i,c;
result = [];
sbox = Clipperz.Crypto.AES.sbox();
c =4;
for (i=0; i<c; i++) {
result[i] = sbox[aWord[i]];
}
return result;
},
//-----------------------------------------------------------------------------
'stretchKey': function(aKey) {
var currentWord;
var keyLength;
var previousStretchIndex;
var i,c;
keyLength = aKey.length();
previousStretchIndex = keyLength - this.keySize();
currentWord = [ aKey.byteAtIndex(keyLength - 4),
aKey.byteAtIndex(keyLength - 3),
aKey.byteAtIndex(keyLength - 2),
aKey.byteAtIndex(keyLength - 1) ];
currentWord = this.keyScheduleCore(currentWord, keyLength / this.keySize());
if (this.keySize() == 256/8) {
c = 8;
} else if (this.keySize() == 128/8){
c = 4;
}
for (i=0; i<c; i++) {
if (i == 4) {
// fifth streatch word
currentWord = this.sboxShakeup(currentWord);
}
currentWord = this.xorWithPreviousStretchValues(aKey, currentWord, previousStretchIndex + (i*4));
aKey.appendBytes(currentWord);
}
return aKey;
},
//-----------------------------------------------------------------------------
'stretchedKey': function() {
if (this._stretchedKey == null) {
var stretchedKey;
stretchedKey = this.key().clone();
while (stretchedKey.length() < this.keySize()) {
stretchedKey.appendByte(0);
}
while (stretchedKey.length() < this.b()) {
stretchedKey = this.stretchKey(stretchedKey);
}
this._stretchedKey = stretchedKey.split(0, this.b());
}
return this._stretchedKey;
},
//=========================================================================
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.AES.State = function(args) {
args = args || {};
this._data = args.block;
this._key = args.key;
return this;
}
Clipperz.Crypto.AES.State.prototype = MochiKit.Base.update(null, {
'key': function() {
return this._key;
},
//-----------------------------------------------------------------------------
'data': function() {
return this._data;
},
'setData': function(aValue) {
this._data = aValue;
},
//=========================================================================
'addRoundKey': function(aRoundNumber) {
// each byte of the state is combined with the round key; each round key is derived from the cipher key using a key schedule.
var data;
var stretchedKey;
var firstStretchedKeyIndex;
var i,c;
data = this.data();
stretchedKey = this.key().stretchedKey();
firstStretchedKeyIndex = aRoundNumber * (128/8);
c = 128/8;
for (i=0; i<c; i++) {
data[i] = data[i] ^ stretchedKey.byteAtIndex(firstStretchedKeyIndex + i);
}
},
//-----------------------------------------------------------------------------
'subBytes': function() {
// a non-linear substitution step where each byte is replaced with another according to a lookup table.
var i,c;
var data;
@@ -619,248 +616,244 @@ MochiKit.Base.update(Clipperz.Crypto.AES, {
state = new Clipperz.Crypto.AES.State({block:aBlock, key:aKey});
//is(state.data(), 'before');
state.encrypt();
result = state.data();
return result;
},
//-----------------------------------------------------------------------------
'encryptBlocks': function(aKey, aMessage, aNonce) {
var result;
var nonce;
var self;
var messageIndex;
var messageLength;
var blockSize;
self = Clipperz.Crypto.AES;
blockSize = 128/8;
messageLength = aMessage.length;
nonce = aNonce;
result = aMessage;
messageIndex = 0;
while (messageIndex < messageLength) {
var encryptedBlock;
var i,c;
self.incrementNonce(nonce);
encryptedBlock = self.encryptBlock(aKey, nonce);
if ((messageLength - messageIndex) > blockSize) {
c = blockSize;
} else {
c = messageLength - messageIndex;
}
for (i=0; i<c; i++) {
result[messageIndex + i] = result[messageIndex + i] ^ encryptedBlock[i];
}
messageIndex += blockSize;
}
return result;
},
//-----------------------------------------------------------------------------
'encrypt': function(aKey, someData, aNonce) {
var result;
var nonce;
var encryptedData;
var key;
key = new Clipperz.Crypto.AES.Key({key:aKey});
nonce = aNonce ? aNonce.clone() : Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(128/8);
encryptedData = Clipperz.Crypto.AES.encryptBlocks(key, someData.arrayValues(), nonce.arrayValues());
result = nonce.appendBytes(encryptedData);
return result;
},
//-----------------------------------------------------------------------------
'decrypt': function(aKey, someData) {
var result;
var nonce;
var encryptedData;
var decryptedData;
var dataIterator;
var key;
key = new Clipperz.Crypto.AES.Key({key:aKey});
encryptedData = someData.arrayValues();
nonce = encryptedData.slice(0, (128/8));
encryptedData = encryptedData.slice(128/8);
decryptedData = Clipperz.Crypto.AES.encryptBlocks(key, encryptedData, nonce);
result = new Clipperz.ByteArray(decryptedData);
return result;
},
//=============================================================================
'deferredEncryptExecutionChunk': function(anExecutionContext) {
var result;
var nonce;
var self;
var messageIndex;
var messageLength;
var blockSize;
var executionLimit;
var startTime, endTime;
self = Clipperz.Crypto.AES;
startTime = new Date();
blockSize = 128/8;
messageLength = anExecutionContext.messageArray().length;
nonce = anExecutionContext.nonceArray();
result = anExecutionContext.resultArray();
messageIndex = anExecutionContext.executionStep();
executionLimit = messageIndex + anExecutionContext.elaborationChunkSize();
executionLimit = Math.min(executionLimit, messageLength);
while (messageIndex < executionLimit) {
var encryptedBlock;
var i,c;
self.incrementNonce(nonce);
encryptedBlock = self.encryptBlock(anExecutionContext.key(), nonce);
if ((executionLimit - messageIndex) > blockSize) {
c = blockSize;
} else {
c = executionLimit - messageIndex;
}
for (i=0; i<c; i++) {
result[messageIndex + i] = result[messageIndex + i] ^ encryptedBlock[i];
}
messageIndex += blockSize;
}
anExecutionContext.setExecutionStep(messageIndex);
endTime = new Date();
anExecutionContext.tuneExecutionParameters(endTime - startTime);
return anExecutionContext;
},
//-----------------------------------------------------------------------------
/*
'deferredEncryptBlocks': function(anExecutionContext) {
var deferredResult;
var messageSize;
var i,c;
messageSize = anExecutionContext.messageLength();
deferredResult = new Clipperz.Async.Deferred("AES.deferredEncryptBloks");
c = Math.ceil(messageSize / anExecutionContext.elaborationChunkSize());
for (i=0; i<c; i++) {
deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptExecutionChunk);
deferredResult.addMethod(anExecutionContext, 'pause');
}
deferredResult.callback(anExecutionContext);
return deferredResult;
},
*/
'deferredEncryptBlocks': function(anExecutionContext) {
var deferredResult;
if (! anExecutionContext.isDone()) {
deferredResult = Clipperz.Async.callbacks("Clipperz.Crypto.AES.deferredEncryptBloks", [
Clipperz.Crypto.AES.deferredEncryptExecutionChunk,
MochiKit.Base.method(anExecutionContext, 'pause'),
Clipperz.Crypto.AES.deferredEncryptBlocks
], {trace:false}, anExecutionContext);
} else {
deferredResult = MochiKit.Async.succeed(anExecutionContext);
}
return deferredResult;
},
//-----------------------------------------------------------------------------
'deferredEncrypt': function(aKey, someData, aNonce) {
var deferredResult;
var executionContext;
var result;
var nonce;
var key;
key = new Clipperz.Crypto.AES.Key({key:aKey});
nonce = aNonce ? aNonce.clone() : Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(128/8);
executionContext = new Clipperz.Crypto.AES.DeferredExecutionContext({key:key, message:someData, nonce:nonce});
deferredResult = new Clipperz.Async.Deferred("AES.deferredEncrypt");
-//deferredResult.addCallback(function (aValue) { console.log(">>> deferredEncrypt"); return aValue; });
deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptBlocks);
deferredResult.addCallback(function(anExecutionContext) {
var result;
result = anExecutionContext.nonce().clone();
result.appendBytes(anExecutionContext.resultArray());
return result;
});
-//deferredResult.addCallback(function (aValue) { console.log("<<< deferredEncrypt"); return aValue; });
deferredResult.callback(executionContext)
return deferredResult;
},
//-----------------------------------------------------------------------------
'deferredDecrypt': function(aKey, someData) {
var deferredResult
var nonce;
var message;
var key;
key = new Clipperz.Crypto.AES.Key({key:aKey});
nonce = someData.split(0, (128/8));
message = someData.split(128/8);
executionContext = new Clipperz.Crypto.AES.DeferredExecutionContext({key:key, message:message, nonce:nonce});
deferredResult = new Clipperz.Async.Deferred("AES.deferredDecrypt");
-//deferredResult.addCallback(function (aValue) { console.log(">>> deferredDecrypt"); return aValue; });
deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptBlocks);
deferredResult.addCallback(function(anExecutionContext) {
return anExecutionContext.result();
});
-//deferredResult.addCallback(function (aValue) { console.log("<<< deferredDecrypt"); return aValue; });
deferredResult.callback(executionContext);
return deferredResult;
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
//Clipperz.Crypto.AES.DeferredExecution = {
// 'chunkSize': 16384, // 4096, // 1024 4096 8192 16384 32768;
// 'pauseTime': 0.02 // 0.2
//}
Clipperz.Crypto.AES.exception = {
'UnsupportedKeySize': new MochiKit.Base.NamedError("Clipperz.Crypto.AES.exception.UnsupportedKeySize")
};
diff --git a/frontend/gamma/js/Clipperz/Crypto/Base.js b/frontend/gamma/js/Clipperz/Crypto/Base.js
index d3a8e36..9acfc49 100644
--- a/frontend/gamma/js/Clipperz/Crypto/Base.js
+++ b/frontend/gamma/js/Clipperz/Crypto/Base.js
@@ -1,214 +1,212 @@
/*
-Copyright 2008-2011 Clipperz Srl
+Copyright 2008-2013 Clipperz Srl
-This file is part of Clipperz Community Edition.
-Clipperz Community Edition is an online password manager.
+This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
-* Clipperz Community Edition is free software: you can redistribute
- it and/or modify it under the terms of the GNU Affero General Public
- License as published by the Free Software Foundation, either version
- 3 of the License, or (at your option) any later version.
+* Clipperz is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
-* Clipperz Community Edition is distributed in the hope that it will
- be useful, but WITHOUT ANY WARRANTY; without even the implied
- warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+* Clipperz is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
- License along with Clipperz Community Edition. If not, see
- <http://www.gnu.org/licenses/>.
+ License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
try { if (typeof(Clipperz.Base) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.Base depends on Clipperz.Base!";
}
if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; }
if (typeof(Clipperz.Crypto.Base) == 'undefined') { Clipperz.Crypto.Base = {}; }
Clipperz.Crypto.Base.VERSION = "0.1";
Clipperz.Crypto.Base.NAME = "Clipperz.Crypto.Base";
//#############################################################################
// Downloaded on March 30, 2006 from http://anmar.eu.org/projects/jssha2/files/jssha2-0.3.zip (jsSha2/sha256.js)
//#############################################################################
/* A JavaScript implementation of the Secure Hash Algorithm, SHA-256
* Version 0.3 Copyright Angel Marin 2003-2004 - http://anmar.eu.org/
* Distributed under the BSD License
* Some bits taken from Paul Johnston's SHA-1 implementation
*/
var chrsz = 8; /* bits per input character. 8 - ASCII; 16 - Unicode */
function safe_add (x, y) {
var lsw = (x & 0xFFFF) + (y & 0xFFFF);
var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
return (msw << 16) | (lsw & 0xFFFF);
}
function S (X, n) {return ( X >>> n ) | (X << (32 - n));}
function R (X, n) {return ( X >>> n );}
function Ch(x, y, z) {return ((x & y) ^ ((~x) & z));}
function Maj(x, y, z) {return ((x & y) ^ (x & z) ^ (y & z));}
function Sigma0256(x) {return (S(x, 2) ^ S(x, 13) ^ S(x, 22));}
function Sigma1256(x) {return (S(x, 6) ^ S(x, 11) ^ S(x, 25));}
function Gamma0256(x) {return (S(x, 7) ^ S(x, 18) ^ R(x, 3));}
function Gamma1256(x) {return (S(x, 17) ^ S(x, 19) ^ R(x, 10));}
function core_sha256 (m, l) {
var K = new Array(0x428A2F98,0x71374491,0xB5C0FBCF,0xE9B5DBA5,0x3956C25B,0x59F111F1,0x923F82A4,0xAB1C5ED5,0xD807AA98,0x12835B01,0x243185BE,0x550C7DC3,0x72BE5D74,0x80DEB1FE,0x9BDC06A7,0xC19BF174,0xE49B69C1,0xEFBE4786,0xFC19DC6,0x240CA1CC,0x2DE92C6F,0x4A7484AA,0x5CB0A9DC,0x76F988DA,0x983E5152,0xA831C66D,0xB00327C8,0xBF597FC7,0xC6E00BF3,0xD5A79147,0x6CA6351,0x14292967,0x27B70A85,0x2E1B2138,0x4D2C6DFC,0x53380D13,0x650A7354,0x766A0ABB,0x81C2C92E,0x92722C85,0xA2BFE8A1,0xA81A664B,0xC24B8B70,0xC76C51A3,0xD192E819,0xD6990624,0xF40E3585,0x106AA070,0x19A4C116,0x1E376C08,0x2748774C,0x34B0BCB5,0x391C0CB3,0x4ED8AA4A,0x5B9CCA4F,0x682E6FF3,0x748F82EE,0x78A5636F,0x84C87814,0x8CC70208,0x90BEFFFA,0xA4506CEB,0xBEF9A3F7,0xC67178F2);
var HASH = new Array(0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A, 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19);
var W = new Array(64);
var a, b, c, d, e, f, g, h, i, j;
var T1, T2;
/* append padding */
m[l >> 5] |= 0x80 << (24 - l % 32);
m[((l + 64 >> 9) << 4) + 15] = l;
for ( var i = 0; i<m.length; i+=16 ) {
a = HASH[0]; b = HASH[1]; c = HASH[2]; d = HASH[3]; e = HASH[4]; f = HASH[5]; g = HASH[6]; h = HASH[7];
for ( var j = 0; j<64; j++) {
if (j < 16) W[j] = m[j + i];
else W[j] = safe_add(safe_add(safe_add(Gamma1256(W[j - 2]), W[j - 7]), Gamma0256(W[j - 15])), W[j - 16]);
T1 = safe_add(safe_add(safe_add(safe_add(h, Sigma1256(e)), Ch(e, f, g)), K[j]), W[j]);
T2 = safe_add(Sigma0256(a), Maj(a, b, c));
h = g; g = f; f = e; e = safe_add(d, T1); d = c; c = b; b = a; a = safe_add(T1, T2);
}
HASH[0] = safe_add(a, HASH[0]); HASH[1] = safe_add(b, HASH[1]); HASH[2] = safe_add(c, HASH[2]); HASH[3] = safe_add(d, HASH[3]); HASH[4] = safe_add(e, HASH[4]); HASH[5] = safe_add(f, HASH[5]); HASH[6] = safe_add(g, HASH[6]); HASH[7] = safe_add(h, HASH[7]);
}
return HASH;
}
function str2binb (str) {
var bin = Array();
var mask = (1 << chrsz) - 1;
for(var i = 0; i < str.length * chrsz; i += chrsz)
bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (24 - i%32);
return bin;
}
function binb2hex (binarray) {
var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */
var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
var str = "";
for (var i = 0; i < binarray.length * 4; i++) {
str += hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8+4)) & 0xF) + hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8 )) & 0xF);
}
return str;
}
function hex_sha256(s){return binb2hex(core_sha256(str2binb(s),s.length * chrsz));}
//#############################################################################
// Downloaded on March 30, 2006 from http://www.fourmilab.ch/javascrypt/javascrypt.zip (entropy.js)
//#############################################################################
// Entropy collection utilities
/* Start by declaring static storage and initialise
the entropy vector from the time we come through
here. */
var entropyData = new Array(); // Collected entropy data
var edlen = 0; // Keyboard array data length
addEntropyTime(); // Start entropy collection with page load time
ce(); // Roll milliseconds into initial entropy
// Add a byte to the entropy vector
function addEntropyByte(b) {
entropyData[edlen++] = b;
}
/* Capture entropy. When the user presses a key or performs
various other events for which we can request
notification, add the time in 255ths of a second to the
entropyData array. The name of the function is short
so it doesn't bloat the form object declarations in
which it appears in various "onXXX" events. */
function ce() {
addEntropyByte(Math.floor((((new Date).getMilliseconds()) * 255) / 999));
}
// Add a 32 bit quantity to the entropy vector
function addEntropy32(w) {
var i;
for (i = 0; i < 4; i++) {
addEntropyByte(w & 0xFF);
w >>= 8;
}
}
/* Add the current time and date (milliseconds since the epoch,
truncated to 32 bits) to the entropy vector. */
function addEntropyTime() {
addEntropy32((new Date()).getTime());
}
/* Start collection of entropy from mouse movements. The
argument specifies the number of entropy items to be
obtained from mouse motion, after which mouse motion
will be ignored. Note that you can re-enable mouse
motion collection at any time if not already underway. */
var mouseMotionCollect = 0;
var oldMoveHandler; // For saving and restoring mouse move handler in IE4
function mouseMotionEntropy(maxsamp) {
if (mouseMotionCollect <= 0) {
mouseMotionCollect = maxsamp;
if ((document.implementation.hasFeature("Events", "2.0")) &&
document.addEventListener) {
// Browser supports Document Object Model (DOM) 2 events
document.addEventListener("mousemove", mouseMoveEntropy, false);
} else {
if (document.attachEvent) {
// Internet Explorer 5 and above event model
document.attachEvent("onmousemove", mouseMoveEntropy);
} else {
// Internet Explorer 4 event model
oldMoveHandler = document.onmousemove;
document.onmousemove = mouseMoveEntropy;
}
}
//dump("Mouse enable", mouseMotionCollect);
}
}
/* Collect entropy from mouse motion events. Note that
this is craftily coded to work with either DOM2 or Internet
Explorer style events. Note that we don't use every successive
mouse movement event. Instead, we XOR the three bytes collected
from the mouse and use that to determine how many subsequent
mouse movements we ignore before capturing the next one. */
var mouseEntropyTime = 0; // Delay counter for mouse entropy collection
function mouseMoveEntropy(e) {
if (!e) {
e = window.event; // Internet Explorer event model
}
if (mouseMotionCollect > 0) {
if (mouseEntropyTime-- <= 0) {
addEntropyByte(e.screenX & 0xFF);
addEntropyByte(e.screenY & 0xFF);
ce();
mouseMotionCollect--;
mouseEntropyTime = (entropyData[edlen - 3] ^ entropyData[edlen - 2] ^
entropyData[edlen - 1]) % 19;
//dump("Mouse Move", byteArrayToHex(entropyData.slice(-3)));
}
if (mouseMotionCollect <= 0) {
if (document.removeEventListener) {
document.removeEventListener("mousemove", mouseMoveEntropy, false);
} else if (document.detachEvent) {
document.detachEvent("onmousemove", mouseMoveEntropy);
} else {
document.onmousemove = oldMoveHandler;
}
//dump("Spung!", 0);
}
diff --git a/frontend/gamma/js/Clipperz/Crypto/BigInt.js b/frontend/gamma/js/Clipperz/Crypto/BigInt.js
index 41483a3..031ed30 100644
--- a/frontend/gamma/js/Clipperz/Crypto/BigInt.js
+++ b/frontend/gamma/js/Clipperz/Crypto/BigInt.js
@@ -1,214 +1,212 @@
/*
-Copyright 2008-2011 Clipperz Srl
+Copyright 2008-2013 Clipperz Srl
-This file is part of Clipperz Community Edition.
-Clipperz Community Edition is an online password manager.
+This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
-* Clipperz Community Edition is free software: you can redistribute
- it and/or modify it under the terms of the GNU Affero General Public
- License as published by the Free Software Foundation, either version
- 3 of the License, or (at your option) any later version.
+* Clipperz is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
-* Clipperz Community Edition is distributed in the hope that it will
- be useful, but WITHOUT ANY WARRANTY; without even the implied
- warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+* Clipperz is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
- License along with Clipperz Community Edition. If not, see
- <http://www.gnu.org/licenses/>.
+ License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
if (typeof(Clipperz) == 'undefined') { Clipperz = {}; }
if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; }
//#############################################################################
// Downloaded on March 05, 2007 from http://www.leemon.com/crypto/BigInt.js
//#############################################################################
////////////////////////////////////////////////////////////////////////////////////////
// Big Integer Library v. 5.0
// Created 2000, last modified 2006
// Leemon Baird
// www.leemon.com
//
// This file is public domain. You can use it for any purpose without restriction.
// I do not guarantee that it is correct, so use it at your own risk. If you use
// it for something interesting, I'd appreciate hearing about it. If you find
// any bugs or make any improvements, I'd appreciate hearing about those too.
// It would also be nice if my name and address were left in the comments.
// But none of that is required.
//
// This code defines a bigInt library for arbitrary-precision integers.
// A bigInt is an array of integers storing the value in chunks of bpe bits,
// little endian (buff[0] is the least significant word).
// Negative bigInts are stored two's complement.
// Some functions assume their parameters have at least one leading zero element.
// Functions with an underscore at the end of the name have unpredictable behavior in case of overflow,
// so the caller must make sure overflow won't happen.
// For each function where a parameter is modified, that same
// variable must not be used as another argument too.
// So, you cannot square x by doing multMod_(x,x,n).
// You must use squareMod_(x,n) instead, or do y=dup(x); multMod_(x,y,n).
//
// These functions are designed to avoid frequent dynamic memory allocation in the inner loop.
// For most functions, if it needs a BigInt as a local variable it will actually use
// a global, and will only allocate to it when it's not the right size. This ensures
// that when a function is called repeatedly with same-sized parameters, it only allocates
// memory on the first call.
//
// Note that for cryptographic purposes, the calls to Math.random() must
// be replaced with calls to a better pseudorandom number generator.
//
// In the following, "bigInt" means a bigInt with at least one leading zero element,
// and "integer" means a nonnegative integer less than radix. In some cases, integer
// can be negative. Negative bigInts are 2s complement.
//
// The following functions do not modify their inputs, but dynamically allocate memory every time they are called:
//
// function bigInt2str(x,base) //convert a bigInt into a string in a given base, from base 2 up to base 95
// function dup(x) //returns a copy of bigInt x
// function findPrimes(n) //return array of all primes less than integer n
// function int2bigInt(t,n,m) //convert integer t to a bigInt with at least n bits and m array elements
// function int2bigInt(s,b,n,m) //convert string s in base b to a bigInt with at least n bits and m array elements
// function trim(x,k) //return a copy of x with exactly k leading zero elements
//
// The following functions do not modify their inputs, so there is never a problem with the result being too big:
//
// function bitSize(x) //returns how many bits long the bigInt x is, not counting leading zeros
// function equals(x,y) //is the bigInt x equal to the bigint y?
// function equalsInt(x,y) //is bigint x equal to integer y?
// function greater(x,y) //is x>y? (x and y are nonnegative bigInts)
// function greaterShift(x,y,shift)//is (x <<(shift*bpe)) > y?
// function isZero(x) //is the bigInt x equal to zero?
// function millerRabin(x,b) //does one round of Miller-Rabin base integer b say that bigInt x is possibly prime (as opposed to definitely composite)?
// function modInt(x,n) //return x mod n for bigInt x and integer n.
// function negative(x) //is bigInt x negative?
//
// The following functions do not modify their inputs, but allocate memory and call functions with underscores
//
// function add(x,y) //return (x+y) for bigInts x and y.
// function addInt(x,n) //return (x+n) where x is a bigInt and n is an integer.
// function expand(x,n) //return a copy of x with at least n elements, adding leading zeros if needed
// function inverseMod(x,n) //return (x**(-1) mod n) for bigInts x and n. If no inverse exists, it returns null
// function mod(x,n) //return a new bigInt equal to (x mod n) for bigInts x and n.
// function mult(x,y) //return x*y for bigInts x and y. This is faster when y<x.
// function multMod(x,y,n) //return (x*y mod n) for bigInts x,y,n. For greater speed, let y<x.
// function powMod(x,y,n) //return (x**y mod n) where x,y,n are bigInts and ** is exponentiation. 0**0=1. Faster for odd n.
// function randTruePrime(k) //return a new, random, k-bit, true prime using Maurer's algorithm.
// function sub(x,y) //return (x-y) for bigInts x and y. Negative answers will be 2s complement
//
// The following functions write a bigInt result to one of the parameters, but
// the result is never bigger than the original, so there can't be overflow problems:
//
// function divInt_(x,n) //do x=floor(x/n) for bigInt x and integer n, and return the remainder
// function GCD_(x,y) //set x to the greatest common divisor of bigInts x and y, (y is destroyed).
// function halve_(x) //do x=floor(|x|/2)*sgn(x) for bigInt x in 2's complement
// function mod_(x,n) //do x=x mod n for bigInts x and n.
// function rightShift_(x,n) //right shift bigInt x by n bits. 0 <= n < bpe.
//
// The following functions write a bigInt result to one of the parameters. The caller is responsible for
// ensuring it is large enough to hold the result.
//
// function addInt_(x,n) //do x=x+n where x is a bigInt and n is an integer
// function add_(x,y) //do x=x+y for bigInts x and y
// function addShift_(x,y,ys) //do x=x+(y<<(ys*bpe))
// function copy_(x,y) //do x=y on bigInts x and y
// function copyInt_(x,n) //do x=n on bigInt x and integer n
// function carry_(x) //do carries and borrows so each element of the bigInt x fits in bpe bits.
// function divide_(x,y,q,r) //divide_ x by y giving quotient q and remainder r
// function eGCD_(x,y,d,a,b) //sets a,b,d to positive big integers such that d = GCD_(x,y) = a*x-b*y
// function inverseMod_(x,n) //do x=x**(-1) mod n, for bigInts x and n. Returns 1 (0) if inverse does (doesn't) exist
// function inverseModInt_(x,n) //return x**(-1) mod n, for integers x and n. Return 0 if there is no inverse
// function leftShift_(x,n) //left shift bigInt x by n bits. n<bpe.
// function linComb_(x,y,a,b) //do x=a*x+b*y for bigInts x and y and integers a and b
// function linCombShift_(x,y,b,ys) //do x=x+b*(y<<(ys*bpe)) for bigInts x and y, and integers b and ys
// function mont_(x,y,n,np) //Montgomery multiplication (see comments where the function is defined)
// function mult_(x,y) //do x=x*y for bigInts x and y.
// function multInt_(x,n) //do x=x*n where x is a bigInt and n is an integer.
// function multMod_(x,y,n) //do x=x*y mod n for bigInts x,y,n.
// function powMod_(x,y,n) //do x=x**y mod n, where x,y,n are bigInts (n is odd) and ** is exponentiation. 0**0=1.
// function randBigInt_(b,n,s) //do b = an n-bit random BigInt. if s=1, then nth bit (most significant bit) is set to 1. n>=1.
// function randTruePrime_(ans,k) //do ans = a random k-bit true random prime (not just probable prime) with 1 in the msb.
// function squareMod_(x,n) //do x=x*x mod n for bigInts x,n
// function sub_(x,y) //do x=x-y for bigInts x and y. Negative answers will be 2s complement.
// function subShift_(x,y,ys) //do x=x-(y<<(ys*bpe)). Negative answers will be 2s complement.
//
// The following functions are based on algorithms from the _Handbook of Applied Cryptography_
// powMod_() = algorithm 14.94, Montgomery exponentiation
// eGCD_,inverseMod_() = algorithm 14.61, Binary extended GCD_
// GCD_() = algorothm 14.57, Lehmer's algorithm
// mont_() = algorithm 14.36, Montgomery multiplication
// divide_() = algorithm 14.20 Multiple-precision division
// squareMod_() = algorithm 14.16 Multiple-precision squaring
// randTruePrime_() = algorithm 4.62, Maurer's algorithm
// millerRabin() = algorithm 4.24, Miller-Rabin algorithm
//
// Profiling shows:
// randTruePrime_() spends:
// 10% of its time in calls to powMod_()
// 85% of its time in calls to millerRabin()
// millerRabin() spends:
// 99% of its time in calls to powMod_() (always with a base of 2)
// powMod_() spends:
// 94% of its time in calls to mont_() (almost always with x==y)
//
// This suggests there are several ways to speed up this library slightly:
// - convert powMod_ to use a Montgomery form of k-ary window (or maybe a Montgomery form of sliding window)
// -- this should especially focus on being fast when raising 2 to a power mod n
// - convert randTruePrime_() to use a minimum r of 1/3 instead of 1/2 with the appropriate change to the test
// - tune the parameters in randTruePrime_(), including c, m, and recLimit
// - speed up the single loop in mont_() that takes 95% of the runtime, perhaps by reducing checking
// within the loop when all the parameters are the same length.
//
// There are several ideas that look like they wouldn't help much at all:
// - replacing trial division in randTruePrime_() with a sieve (that speeds up something taking almost no time anyway)
// - increase bpe from 15 to 30 (that would help if we had a 32*32->64 multiplier, but not with JavaScript's 32*32->32)
// - speeding up mont_(x,y,n,np) when x==y by doing a non-modular, non-Montgomery square
// followed by a Montgomery reduction. The intermediate answer will be twice as long as x, so that
// method would be slower. This is unfortunate because the code currently spends almost all of its time
// doing mont_(x,x,...), both for randTruePrime_() and powMod_(). A faster method for Montgomery squaring
// would have a large impact on the speed of randTruePrime_() and powMod_(). HAC has a couple of poorly-worded
// sentences that seem to imply it's faster to do a non-modular square followed by a single
// Montgomery reduction, but that's obviously wrong.
////////////////////////////////////////////////////////////////////////////////////////
//globals
bpe=0; //bits stored per array element
mask=0; //AND this with an array element to chop it down to bpe bits
radix=mask+1; //equals 2^bpe. A single 1 bit to the left of the last bit of mask.
//the digits for converting to different bases
digitsStr='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_=!@#$%^&*()[]{}|;:,.<>/?`~ \\\'\"+-';
//initialize the global variables
for (bpe=0; (1<<(bpe+1)) > (1<<bpe); bpe++); //bpe=number of bits in the mantissa on this platform
bpe>>=1; //bpe=number of bits in one element of the array representing the bigInt
mask=(1<<bpe)-1; //AND the mask with an integer to get its bpe least significant bits
radix=mask+1; //2^bpe. a single 1 bit to the left of the first bit of mask
one=int2bigInt(1,1,1); //constant used in powMod_()
//the following global variables are scratchpad memory to
//reduce dynamic memory allocation in the inner loop
t=new Array(0);
ss=t; //used in mult_()
s0=t; //used in multMod_(), squareMod_()
s1=t; //used in powMod_(), multMod_(), squareMod_()
s2=t; //used in powMod_(), multMod_()
s3=t; //used in powMod_()
s4=t; s5=t; //used in mod_()
s6=t; //used in bigInt2str()
s7=t; //used in powMod_()
T=t; //used in GCD_()
sa=t; //used in mont_()
mr_x1=t; mr_r=t; mr_a=t; //used in millerRabin()
eg_v=t; eg_u=t; eg_A=t; eg_B=t; eg_C=t; eg_D=t; //used in eGCD_(), inverseMod_()
md_q1=t; md_q2=t; md_q3=t; md_r=t; md_r1=t; md_r2=t; md_tt=t; //used in mod_()
primes=t; pows=t; s_i=t; s_i2=t; s_R=t; s_rm=t; s_q=t; s_n1=t;
s_a=t; s_r2=t; s_n=t; s_b=t; s_d=t; s_x1=t; s_x2=t, s_aa=t; //used in randTruePrime_()
@@ -1288,385 +1286,384 @@ function trim(x,k) {
y=new Array(i+k);
copy_(y,x);
return y;
}
//do x=x**y mod n, where x,y,n are bigInts and ** is exponentiation. 0**0=1.
//this is faster when n is odd. x usually needs to have as many elements as n.
function powMod_(x,y,n) {
var k1,k2,kn,np;
if(s7.length!=n.length)
s7=dup(n);
//for even modulus, use a simple square-and-multiply algorithm,
//rather than using the more complex Montgomery algorithm.
if ((n[0]&1)==0) {
copy_(s7,x);
copyInt_(x,1);
while(!equalsInt(y,0)) {
if (y[0]&1)
multMod_(x,s7,n);
divInt_(y,2);
squareMod_(s7,n);
}
return;
}
//calculate np from n for the Montgomery multiplications
copyInt_(s7,0);
for (kn=n.length;kn>0 && !n[kn-1];kn--);
np=radix-inverseModInt_(modInt(n,radix),radix);
s7[kn]=1;
multMod_(x ,s7,n); // x = x * 2**(kn*bp) mod n
if (s3.length!=x.length)
s3=dup(x);
else
copy_(s3,x);
for (k1=y.length-1;k1>0 & !y[k1]; k1--); //k1=first nonzero element of y
if (y[k1]==0) { //anything to the 0th power is 1
copyInt_(x,1);
return;
}
for (k2=1<<(bpe-1);k2 && !(y[k1] & k2); k2>>=1); //k2=position of first 1 bit in y[k1]
for (;;) {
if (!(k2>>=1)) { //look at next bit of y
k1--;
if (k1<0) {
mont_(x,one,n,np);
return;
}
k2=1<<(bpe-1);
}
mont_(x,x,n,np);
if (k2 & y[k1]) //if next bit is a 1
mont_(x,s3,n,np);
}
}
//do x=x*y*Ri mod n for bigInts x,y,n,
// where Ri = 2**(-kn*bpe) mod n, and kn is the
// number of elements in the n array, not
// counting leading zeros.
//x must be large enough to hold the answer.
//It's OK if x and y are the same variable.
//must have:
// x,y < n
// n is odd
// np = -(n^(-1)) mod radix
function mont_(x,y,n,np) {
var i,j,c,ui,t;
var kn=n.length;
var ky=y.length;
if (sa.length!=kn)
sa=new Array(kn);
for (;kn>0 && n[kn-1]==0;kn--); //ignore leading zeros of n
//this function sometimes gives wrong answers when the next line is uncommented
//for (;ky>0 && y[ky-1]==0;ky--); //ignore leading zeros of y
copyInt_(sa,0);
//the following loop consumes 95% of the runtime for randTruePrime_() and powMod_() for large keys
for (i=0; i<kn; i++) {
t=sa[0]+x[i]*y[0];
ui=((t & mask) * np) & mask; //the inner "& mask" is needed on Macintosh MSIE, but not windows MSIE
c=(t+ui*n[0]) >> bpe;
t=x[i];
//do sa=(sa+x[i]*y+ui*n)/b where b=2**bpe
for (j=1;j<ky;j++) {
c+=sa[j]+t*y[j]+ui*n[j];
sa[j-1]=c & mask;
c>>=bpe;
}
for (;j<kn;j++) {
c+=sa[j]+ui*n[j];
sa[j-1]=c & mask;
c>>=bpe;
}
sa[j-1]=c & mask;
}
if (!greater(n,sa))
sub_(sa,n);
copy_(x,sa);
}
//#############################################################################
//#############################################################################
//#############################################################################
//#############################################################################
//#############################################################################
//#############################################################################
//#############################################################################
//#############################################################################
Clipperz.Crypto.BigInt = function (aValue, aBase) {
var base;
var value;
if (typeof(aValue) == 'object') {
this._internalValue = aValue;
} else {
if (typeof(aValue) == 'undefined') {
value = "0";
} else {
value = aValue + "";
}
if (typeof(aBase) == 'undefined') {
base = 10;
} else {
base = aBase;
}
this._internalValue = str2bigInt(value, base, 1, 1);
}
return this;
}
//=============================================================================
MochiKit.Base.update(Clipperz.Crypto.BigInt.prototype, {
'clone': function() {
return new Clipperz.Crypto.BigInt(this.internalValue());
},
//-------------------------------------------------------------------------
'internalValue': function () {
return this._internalValue;
},
//-------------------------------------------------------------------------
'isBigInt': true,
//-------------------------------------------------------------------------
'toString': function(aBase) {
return this.asString(aBase);
},
//-------------------------------------------------------------------------
'asString': function (aBase, minimumLength) {
var result;
var base;
if (typeof(aBase) == 'undefined') {
base = 10;
} else {
base = aBase;
}
result = bigInt2str(this.internalValue(), base).toLowerCase();
if ((typeof(minimumLength) != 'undefined') && (result.length < minimumLength)) {
var i, c;
-//MochiKit.Logging.logDebug(">>> FIXING BigInt.asString length issue")
c = (minimumLength - result.length);
for (i=0; i<c; i++) {
result = '0' + result;
}
}
return result;
},
//-------------------------------------------------------------------------
'asByteArray': function() {
return new Clipperz.ByteArray("0x" + this.asString(16), 16);
},
//-------------------------------------------------------------------------
'equals': function (aValue) {
var result;
if (aValue.isBigInt) {
result = equals(this.internalValue(), aValue.internalValue());
} else if (typeof(aValue) == "number") {
result = equalsInt(this.internalValue(), aValue);
} else {
throw Clipperz.Crypt.BigInt.exception.UnknownType;
}
return result;
},
//-------------------------------------------------------------------------
'compare': function(aValue) {
/*
var result;
var thisAsString;
var aValueAsString;
thisAsString = this.asString(10);
aValueAsString = aValue.asString(10);
result = MochiKit.Base.compare(thisAsString.length, aValueAsString.length);
if (result == 0) {
result = MochiKit.Base.compare(thisAsString, aValueAsString);
}
return result;
*/
var result;
if (equals(this.internalValue(), aValue.internalValue())) {
result = 0;
} else if (greater(this.internalValue(), aValue.internalValue())) {
result = 1;
} else {
result = -1;
}
return result;
},
//-------------------------------------------------------------------------
'add': function (aValue) {
var result;
if (aValue.isBigInt) {
result = add(this.internalValue(), aValue.internalValue());
} else {
result = addInt(this.internalValue(), aValue);
}
return new Clipperz.Crypto.BigInt(result);
},
//-------------------------------------------------------------------------
'subtract': function (aValue) {
var result;
var value;
if (aValue.isBigInt) {
value = aValue;
} else {
value = new Clipperz.Crypto.BigInt(aValue);
}
result = sub(this.internalValue(), value.internalValue());
return new Clipperz.Crypto.BigInt(result);
},
//-------------------------------------------------------------------------
'multiply': function (aValue, aModule) {
var result;
var value;
if (aValue.isBigInt) {
value = aValue;
} else {
value = new Clipperz.Crypto.BigInt(aValue);
}
if (typeof(aModule) == 'undefined') {
result = mult(this.internalValue(), value.internalValue());
} else {
if (greater(this.internalValue(), value.internalValue())) {
result = multMod(this.internalValue(), value.internalValue(), aModule);
} else {
result = multMod(value.internalValue(), this.internalValue(), aModule);
}
}
return new Clipperz.Crypto.BigInt(result);
},
//-------------------------------------------------------------------------
'module': function (aModule) {
var result;
var module;
if (aModule.isBigInt) {
module = aModule;
} else {
module = new Clipperz.Crypto.BigInt(aModule);
}
result = mod(this.internalValue(), module.internalValue());
return new Clipperz.Crypto.BigInt(result);
},
//-------------------------------------------------------------------------
'powerModule': function(aValue, aModule) {
var result;
var value;
var module;
if (aValue.isBigInt) {
value = aValue;
} else {
value = new Clipperz.Crypto.BigInt(aValue);
}
if (aModule.isBigInt) {
module = aModule;
} else {
module = new Clipperz.Crypto.BigInt(aModule);
}
if (aValue == -1) {
result = inverseMod(this.internalValue(), module.internalValue());
} else {
result = powMod(this.internalValue(), value.internalValue(), module.internalValue());
}
return new Clipperz.Crypto.BigInt(result);
},
//-------------------------------------------------------------------------
'xor': function(aValue) {
var result;
var thisByteArray;
var aValueByteArray;
var xorArray;
thisByteArray = new Clipperz.ByteArray("0x" + this.asString(16), 16);
aValueByteArray = new Clipperz.ByteArray("0x" + aValue.asString(16), 16);
xorArray = thisByteArray.xorMergeWithBlock(aValueByteArray, 'right');
result = new Clipperz.Crypto.BigInt(xorArray.toHexString(), 16);
return result;
},
//-------------------------------------------------------------------------
'shiftLeft': function(aNumberOfBitsToShift) {
var result;
var internalResult;
var wholeByteToShift;
var bitsLeftToShift;
wholeByteToShift = Math.floor(aNumberOfBitsToShift / 8);
bitsLeftToShift = aNumberOfBitsToShift % 8;
if (wholeByteToShift == 0) {
internalResult = this.internalValue();
diff --git a/frontend/gamma/js/Clipperz/Crypto/BigInt_scoped.js b/frontend/gamma/js/Clipperz/Crypto/BigInt_scoped.js
index f91c7e9..bc60330 100644
--- a/frontend/gamma/js/Clipperz/Crypto/BigInt_scoped.js
+++ b/frontend/gamma/js/Clipperz/Crypto/BigInt_scoped.js
@@ -1,214 +1,212 @@
/*
-Copyright 2008-2011 Clipperz Srl
+Copyright 2008-2013 Clipperz Srl
-This file is part of Clipperz Community Edition.
-Clipperz Community Edition is an online password manager.
+This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
-* Clipperz Community Edition is free software: you can redistribute
- it and/or modify it under the terms of the GNU Affero General Public
- License as published by the Free Software Foundation, either version
- 3 of the License, or (at your option) any later version.
+* Clipperz is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
-* Clipperz Community Edition is distributed in the hope that it will
- be useful, but WITHOUT ANY WARRANTY; without even the implied
- warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+* Clipperz is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
- License along with Clipperz Community Edition. If not, see
- <http://www.gnu.org/licenses/>.
+ License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
if (typeof(Clipperz) == 'undefined') { Clipperz = {}; }
if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; }
if (typeof(Leemon) == 'undefined') { Leemon = {}; }
if (typeof(Baird.Crypto) == 'undefined') { Baird.Crypto = {}; }
if (typeof(Baird.Crypto.BigInt) == 'undefined') { Baird.Crypto.BigInt = {}; }
//#############################################################################
// Downloaded on March 05, 2007 from http://www.leemon.com/crypto/BigInt.js
//#############################################################################
////////////////////////////////////////////////////////////////////////////////////////
// Big Integer Library v. 5.0
// Created 2000, last modified 2006
// Leemon Baird
// www.leemon.com
//
// This file is public domain. You can use it for any purpose without restriction.
// I do not guarantee that it is correct, so use it at your own risk. If you use
// it for something interesting, I'd appreciate hearing about it. If you find
// any bugs or make any improvements, I'd appreciate hearing about those too.
// It would also be nice if my name and address were left in the comments.
// But none of that is required.
//
// This code defines a bigInt library for arbitrary-precision integers.
// A bigInt is an array of integers storing the value in chunks of bpe bits,
// little endian (buff[0] is the least significant word).
// Negative bigInts are stored two's complement.
// Some functions assume their parameters have at least one leading zero element.
// Functions with an underscore at the end of the name have unpredictable behavior in case of overflow,
// so the caller must make sure overflow won't happen.
// For each function where a parameter is modified, that same
// variable must not be used as another argument too.
// So, you cannot square x by doing multMod_(x,x,n).
// You must use squareMod_(x,n) instead, or do y=dup(x); multMod_(x,y,n).
//
// These functions are designed to avoid frequent dynamic memory allocation in the inner loop.
// For most functions, if it needs a BigInt as a local variable it will actually use
// a global, and will only allocate to it when it's not the right size. This ensures
// that when a function is called repeatedly with same-sized parameters, it only allocates
// memory on the first call.
//
// Note that for cryptographic purposes, the calls to Math.random() must
// be replaced with calls to a better pseudorandom number generator.
//
// In the following, "bigInt" means a bigInt with at least one leading zero element,
// and "integer" means a nonnegative integer less than radix. In some cases, integer
// can be negative. Negative bigInts are 2s complement.
//
// The following functions do not modify their inputs, but dynamically allocate memory every time they are called:
//
// function bigInt2str(x,base) //convert a bigInt into a string in a given base, from base 2 up to base 95
// function dup(x) //returns a copy of bigInt x
// function findPrimes(n) //return array of all primes less than integer n
// function int2bigInt(t,n,m) //convert integer t to a bigInt with at least n bits and m array elements
// function str2bigInt(s,b,n,m) //convert string s in base b to a bigInt with at least n bits and m array elements
// function trim(x,k) //return a copy of x with exactly k leading zero elements
//
// The following functions do not modify their inputs, so there is never a problem with the result being too big:
//
// function bitSize(x) //returns how many bits long the bigInt x is, not counting leading zeros
// function equals(x,y) //is the bigInt x equal to the bigint y?
// function equalsInt(x,y) //is bigint x equal to integer y?
// function greater(x,y) //is x>y? (x and y are nonnegative bigInts)
// function greaterShift(x,y,shift)//is (x <<(shift*bpe)) > y?
// function isZero(x) //is the bigInt x equal to zero?
// function millerRabin(x,b) //does one round of Miller-Rabin base integer b say that bigInt x is possibly prime (as opposed to definitely composite)?
// function modInt(x,n) //return x mod n for bigInt x and integer n.
// function negative(x) //is bigInt x negative?
//
// The following functions do not modify their inputs, but allocate memory and call functions with underscores
//
// function add(x,y) //return (x+y) for bigInts x and y.
// function addInt(x,n) //return (x+n) where x is a bigInt and n is an integer.
// function expand(x,n) //return a copy of x with at least n elements, adding leading zeros if needed
// function inverseMod(x,n) //return (x**(-1) mod n) for bigInts x and n. If no inverse exists, it returns null
// function mod(x,n) //return a new bigInt equal to (x mod n) for bigInts x and n.
// function mult(x,y) //return x*y for bigInts x and y. This is faster when y<x.
// function multMod(x,y,n) //return (x*y mod n) for bigInts x,y,n. For greater speed, let y<x.
// function powMod(x,y,n) //return (x**y mod n) where x,y,n are bigInts and ** is exponentiation. 0**0=1. Faster for odd n.
// function randTruePrime(k) //return a new, random, k-bit, true prime using Maurer's algorithm.
// function sub(x,y) //return (x-y) for bigInts x and y. Negative answers will be 2s complement
//
// The following functions write a bigInt result to one of the parameters, but
// the result is never bigger than the original, so there can't be overflow problems:
//
// function divInt_(x,n) //do x=floor(x/n) for bigInt x and integer n, and return the remainder
// function GCD_(x,y) //set x to the greatest common divisor of bigInts x and y, (y is destroyed).
// function halve_(x) //do x=floor(|x|/2)*sgn(x) for bigInt x in 2's complement
// function mod_(x,n) //do x=x mod n for bigInts x and n.
// function rightShift_(x,n) //right shift bigInt x by n bits. 0 <= n < bpe.
//
// The following functions write a bigInt result to one of the parameters. The caller is responsible for
// ensuring it is large enough to hold the result.
//
// function addInt_(x,n) //do x=x+n where x is a bigInt and n is an integer
// function add_(x,y) //do x=x+y for bigInts x and y
// function addShift_(x,y,ys) //do x=x+(y<<(ys*bpe))
// function copy_(x,y) //do x=y on bigInts x and y
// function copyInt_(x,n) //do x=n on bigInt x and integer n
// function carry_(x) //do carries and borrows so each element of the bigInt x fits in bpe bits.
// function divide_(x,y,q,r) //divide_ x by y giving quotient q and remainder r
// function eGCD_(x,y,d,a,b) //sets a,b,d to positive big integers such that d = GCD_(x,y) = a*x-b*y
// function inverseMod_(x,n) //do x=x**(-1) mod n, for bigInts x and n. Returns 1 (0) if inverse does (doesn't) exist
// function inverseModInt_(x,n) //return x**(-1) mod n, for integers x and n. Return 0 if there is no inverse
// function leftShift_(x,n) //left shift bigInt x by n bits. n<bpe.
// function linComb_(x,y,a,b) //do x=a*x+b*y for bigInts x and y and integers a and b
// function linCombShift_(x,y,b,ys) //do x=x+b*(y<<(ys*bpe)) for bigInts x and y, and integers b and ys
// function mont_(x,y,n,np) //Montgomery multiplication (see comments where the function is defined)
// function mult_(x,y) //do x=x*y for bigInts x and y.
// function multInt_(x,n) //do x=x*n where x is a bigInt and n is an integer.
// function multMod_(x,y,n) //do x=x*y mod n for bigInts x,y,n.
// function powMod_(x,y,n) //do x=x**y mod n, where x,y,n are bigInts (n is odd) and ** is exponentiation. 0**0=1.
// function randBigInt_(b,n,s) //do b = an n-bit random BigInt. if s=1, then nth bit (most significant bit) is set to 1. n>=1.
// function randTruePrime_(ans,k) //do ans = a random k-bit true random prime (not just probable prime) with 1 in the msb.
// function squareMod_(x,n) //do x=x*x mod n for bigInts x,n
// function sub_(x,y) //do x=x-y for bigInts x and y. Negative answers will be 2s complement.
// function subShift_(x,y,ys) //do x=x-(y<<(ys*bpe)). Negative answers will be 2s complement.
//
// The following functions are based on algorithms from the _Handbook of Applied Cryptography_
// powMod_() = algorithm 14.94, Montgomery exponentiation
// eGCD_,inverseMod_() = algorithm 14.61, Binary extended GCD_
// GCD_() = algorothm 14.57, Lehmer's algorithm
// mont_() = algorithm 14.36, Montgomery multiplication
// divide_() = algorithm 14.20 Multiple-precision division
// squareMod_() = algorithm 14.16 Multiple-precision squaring
// randTruePrime_() = algorithm 4.62, Maurer's algorithm
// millerRabin() = algorithm 4.24, Miller-Rabin algorithm
//
// Profiling shows:
// randTruePrime_() spends:
// 10% of its time in calls to powMod_()
// 85% of its time in calls to millerRabin()
// millerRabin() spends:
// 99% of its time in calls to powMod_() (always with a base of 2)
// powMod_() spends:
// 94% of its time in calls to mont_() (almost always with x==y)
//
// This suggests there are several ways to speed up this library slightly:
// - convert powMod_ to use a Montgomery form of k-ary window (or maybe a Montgomery form of sliding window)
// -- this should especially focus on being fast when raising 2 to a power mod n
// - convert randTruePrime_() to use a minimum r of 1/3 instead of 1/2 with the appropriate change to the test
// - tune the parameters in randTruePrime_(), including c, m, and recLimit
// - speed up the single loop in mont_() that takes 95% of the runtime, perhaps by reducing checking
// within the loop when all the parameters are the same length.
//
// There are several ideas that look like they wouldn't help much at all:
// - replacing trial division in randTruePrime_() with a sieve (that speeds up something taking almost no time anyway)
// - increase bpe from 15 to 30 (that would help if we had a 32*32->64 multiplier, but not with JavaScript's 32*32->32)
// - speeding up mont_(x,y,n,np) when x==y by doing a non-modular, non-Montgomery square
// followed by a Montgomery reduction. The intermediate answer will be twice as long as x, so that
// method would be slower. This is unfortunate because the code currently spends almost all of its time
// doing mont_(x,x,...), both for randTruePrime_() and powMod_(). A faster method for Montgomery squaring
// would have a large impact on the speed of randTruePrime_() and powMod_(). HAC has a couple of poorly-worded
// sentences that seem to imply it's faster to do a non-modular square followed by a single
// Montgomery reduction, but that's obviously wrong.
////////////////////////////////////////////////////////////////////////////////////////
//
// The whole library has been moved into the Baird.Crypto.BigInt scope by Giulio Cesare Solaroli <giulio.cesare@clipperz.com>
//
Baird.Crypto.BigInt.VERSION = "5.0";
Baird.Crypto.BigInt.NAME = "Baird.Crypto.BigInt";
MochiKit.Base.update(Baird.Crypto.BigInt, {
//globals
'bpe': 0, //bits stored per array element
'mask': 0, //AND this with an array element to chop it down to bpe bits
'radix': Baird.Crypto.BigInt.mask + 1, //equals 2^bpe. A single 1 bit to the left of the last bit of mask.
//the digits for converting to different bases
'digitsStr': '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_=!@#$%^&*()[]{}|;:,.<>/?`~ \\\'\"+-',
//initialize the global variables
for (bpe=0; (1<<(bpe+1)) > (1<<bpe); bpe++); //bpe=number of bits in the mantissa on this platform
bpe>>=1; //bpe=number of bits in one element of the array representing the bigInt
mask=(1<<bpe)-1; //AND the mask with an integer to get its bpe least significant bits
radix=mask+1; //2^bpe. a single 1 bit to the left of the first bit of mask
one=int2bigInt(1,1,1); //constant used in powMod_()
//the following global variables are scratchpad memory to
//reduce dynamic memory allocation in the inner loop
t=new Array(0);
ss=t; //used in mult_()
s0=t; //used in multMod_(), squareMod_()
s1=t; //used in powMod_(), multMod_(), squareMod_()
s2=t; //used in powMod_(), multMod_()
s3=t; //used in powMod_()
diff --git a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js
index 19f19c2..0d76b9c 100644
--- a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js
+++ b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js
@@ -1,547 +1,500 @@
/*
-Copyright 2008-2011 Clipperz Srl
+Copyright 2008-2013 Clipperz Srl
-This file is part of Clipperz Community Edition.
-Clipperz Community Edition is an online password manager.
+This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
-* Clipperz Community Edition is free software: you can redistribute
- it and/or modify it under the terms of the GNU Affero General Public
- License as published by the Free Software Foundation, either version
- 3 of the License, or (at your option) any later version.
+* Clipperz is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
-* Clipperz Community Edition is distributed in the hope that it will
- be useful, but WITHOUT ANY WARRANTY; without even the implied
- warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+* Clipperz is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
- License along with Clipperz Community Edition. If not, see
- <http://www.gnu.org/licenses/>.
+ License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
//}
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
Clipperz.Crypto.ECC.BinaryField.Curve = function(args) {
args = args || {};
this._modulus = args.modulus;
this._a = args.a;
this._b = args.b;
this._G = args.G;
this._r = args.r;
this._h = args.h;
this._finiteField = null;
return this;
}
Clipperz.Crypto.ECC.BinaryField.Curve.prototype = MochiKit.Base.update(null, {
'asString': function() {
return "Clipperz.Crypto.ECC.BinaryField.Curve";
},
//-----------------------------------------------------------------------------
'modulus': function() {
return this._modulus;
},
'a': function() {
return this._a;
},
'b': function() {
return this._b;
},
'G': function() {
return this._G;
},
'r': function() {
return this._r;
},
'h': function() {
return this._h;
},
//-----------------------------------------------------------------------------
'finiteField': function() {
if (this._finiteField == null) {
this._finiteField = new Clipperz.Crypto.ECC.BinaryField.FiniteField({modulus:this.modulus()})
}
return this._finiteField;
},
//-----------------------------------------------------------------------------
'negate': function(aPointA) {
var result;
result = new Clipperz.Crypto.ECC.Point({x:aPointA.x(), y:this.finiteField().add(aPointA.y(), aPointA.x())})
return result;
},
//-----------------------------------------------------------------------------
'add': function(aPointA, aPointB) {
var result;
-//console.log(">>> ECC.BinaryField.Curve.add");
if (aPointA.isZero()) {
-//console.log("--- pointA == zero");
result = aPointB;
} else if (aPointB.isZero()) {
-//console.log("--- pointB == zero");
result = aPointA;
} else if ( (aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) {
-//console.log("compare A.x - B.x: ", aPointA.x().compare(aPointB.x()));
-//console.log("compare A.y - B.y: ", (aPointA.y().compare(aPointB.y()) != 0));
-//console.log("compare B.x.isZero(): ", aPointB.x().isZero());
-
-//console.log("--- result = zero");
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
} else {
-//console.log("--- result = ELSE");
var f2m;
var x, y;
var lambda;
var aX, aY, bX, bY;
aX = aPointA.x()._value;
aY = aPointA.y()._value;
bX = aPointB.x()._value;
bY = aPointB.y()._value;
f2m = this.finiteField();
if (aPointA.x().compare(aPointB.x()) != 0) {
-//console.log(" a.x != b.x");
lambda = f2m._fastMultiply(
f2m._add(aY, bY),
f2m._inverse(f2m._add(aX, bX))
);
x = f2m._add(this.a()._value, f2m._square(lambda));
f2m._overwriteAdd(x, lambda);
f2m._overwriteAdd(x, aX);
f2m._overwriteAdd(x, bX);
} else {
-//console.log(" a.x == b.x");
lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX)));
-//console.log(" lambda: " + lambda.asString(16));
x = f2m._add(this.a()._value, f2m._square(lambda));
-//console.log(" x (step 1): " + x.asString(16));
f2m._overwriteAdd(x, lambda);
-//console.log(" x (step 2): " + x.asString(16));
}
y = f2m._fastMultiply(f2m._add(bX, x), lambda);
-//console.log(" y (step 1): " + y.asString(16));
f2m._overwriteAdd(y, x);
-//console.log(" y (step 2): " + y.asString(16));
f2m._overwriteAdd(y, bY);
-//console.log(" y (step 3): " + y.asString(16));
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)})
}
-//console.log("<<< ECC.BinaryField.Curve.add");
return result;
},
//-----------------------------------------------------------------------------
'addTwice': function(aPointA) {
return this.add(aPointA, aPointA);
},
//-----------------------------------------------------------------------------
'overwriteAdd': function(aPointA, aPointB) {
if (aPointA.isZero()) {
// result = aPointB;
aPointA._x._value = aPointB._x._value;
aPointA._y._value = aPointB._y._value;
} else if (aPointB.isZero()) {
// result = aPointA;
} else if ( (aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) {
// result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
aPointA._x = Clipperz.Crypto.ECC.BinaryField.Value.O;
aPointA._y = Clipperz.Crypto.ECC.BinaryField.Value.O;
} else {
var f2m;
var x, y;
var lambda;
var aX, aY, bX, bY;
aX = aPointA.x()._value;
aY = aPointA.y()._value;
bX = aPointB.x()._value;
bY = aPointB.y()._value;
f2m = this.finiteField();
if (aPointA.x().compare(aPointB.x()) != 0) {
-//console.log(" a.x != b.x");
lambda = f2m._fastMultiply(
f2m._add(aY, bY),
f2m._inverse(f2m._add(aX, bX))
);
x = f2m._add(this.a()._value, f2m._square(lambda));
f2m._overwriteAdd(x, lambda);
f2m._overwriteAdd(x, aX);
f2m._overwriteAdd(x, bX);
} else {
-//console.log(" a.x == b.x");
lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX)));
-//console.log(" lambda: " + lambda.asString(16));
x = f2m._add(this.a()._value, f2m._square(lambda));
-//console.log(" x (step 1): " + x.asString(16));
f2m._overwriteAdd(x, lambda);
-//console.log(" x (step 2): " + x.asString(16));
}
y = f2m._fastMultiply(f2m._add(bX, x), lambda);
-//console.log(" y (step 1): " + y.asString(16));
f2m._overwriteAdd(y, x);
-//console.log(" y (step 2): " + y.asString(16));
f2m._overwriteAdd(y, bY);
-//console.log(" y (step 3): " + y.asString(16));
// result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)})
aPointA._x._value = x;
aPointA._y._value = y;
}
-//console.log("<<< ECC.BinaryField.Curve.add");
return result;
},
//-----------------------------------------------------------------------------
'multiply': function(aValue, aPoint) {
var result;
//console.profile();
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
if (aValue.isZero() == false) {
var k, Q;
var i;
var countIndex; countIndex = 0;
if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) {
k = aValue;
Q = aPoint;
} else {
-MochiKit.Logging.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!");
+ Clipperz.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!");
k = aValue.negate();
Q = this.negate(aPoint);
}
-//console.log("k: " + k.toString(16));
-//console.log("k.bitSize: " + k.bitSize());
for (i=k.bitSize()-1; i>=0; i--) {
result = this.add(result, result);
// this.overwriteAdd(result, result);
if (k.isBitSet(i)) {
result = this.add(result, Q);
// this.overwriteAdd(result, Q);
}
-// if (countIndex==100) {console.log("multiply.break"); break;} else countIndex++;
+// if (countIndex==100) {Clipperz.log("multiply.break"); break;} else countIndex++;
}
}
//console.profileEnd();
return result;
},
//-----------------------------------------------------------------------------
'deferredMultiply': function(aValue, aPoint) {
var deferredResult;
var result;
-MochiKit.Logging.logDebug(">>> deferredMultiply - value: " + aValue + ", point: " + aPoint);
+Clipperz.log(">>> deferredMultiply - value: " + aValue + ", point: " + aPoint);
//console.profile("ECC.Curve.multiply");
deferredResult = new MochiKit.Async.Deferred();
//deferredResult.addCallback(function(res) {console.profile("ECC.Curve.deferredMultiply"); return res;} );
-//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 1: " + res); return res;});
+//deferredResult.addBoth(function(res) {Clipperz.logDebug("# 1: " + res); return res;});
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
-//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 2: " + res); return res;});
+//deferredResult.addBoth(function(res) {Clipperz.logDebug("# 2: " + res); return res;});
if (aValue.isZero() == false) {
var k, Q;
var i;
var countIndex; countIndex = 0;
if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) {
k = aValue;
Q = aPoint;
} else {
-MochiKit.Logging.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!");
+ Clipperz.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!");
k = aValue.negate();
Q = this.negate(aPoint);
}
-//console.log("k: " + k.toString(16));
-//console.log("k.bitSize: " + k.bitSize());
-//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 3: " + res); return res;});
for (i=k.bitSize()-1; i>=0; i--) {
-//MochiKit.Logging.logDebug("====> " + i);
-//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4 > i = " + i + ": " + res); return res;});
deferredResult.addMethod(this, "addTwice");
//# result = this.add(result, result);
// this.overwriteAdd(result, result);
if (k.isBitSet(i)) {
deferredResult.addMethod(this, "add", Q);
//# result = this.add(result, Q);
// this.overwriteAdd(result, Q);
}
if (i%20 == 0) {deferredResult.addCallback(MochiKit.Async.wait, 0.1);}
-
-// if (countIndex==100) {console.log("multiply.break"); break;} else countIndex++;
-//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4 < i = " + i + ": " + res); return res;});
}
-//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4: " + res); return res;});
}
//#console.profileEnd();
-//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 5: " + res); return res;});
//deferredResult.addBoth(function(res) {console.profileEnd(); return res;});
-//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 6: " + res); return res;});
deferredResult.callback(result);
//# return result;
return deferredResult;
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.ECC.StandardCurves = {};
MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, {
/*
'_K571': null,
'K571': function() {
if (Clipperz.Crypto.ECC.StandardCurves._K571 == null) {
Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.BinaryField.Curve({
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16)
});
}
return Clipperz.Crypto.ECC.StandardCurves._K571;
},
'_K283': null,
'K283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
if (Clipperz.Crypto.ECC.StandardCurves._K283 == null) {
Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.BinaryField.Curve({
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16)
});
}
return Clipperz.Crypto.ECC.StandardCurves._K283;
},
*/
//-----------------------------------------------------------------------------
'_B571': null,
'B571': function() { // f(z) = z^571 + z^10 + z^5 + z^2 + 1
if (Clipperz.Crypto.ECC.StandardCurves._B571 == null) {
Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
// S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
// n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16)
});
//-----------------------------------------------------------------------------
//
// Guide to Elliptic Curve Cryptography
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
// - Pag: 56, Alorithm 2.45 (with a typo!!!)
//
//-----------------------------------------------------------------------------
//
// http://www.milw0rm.com/papers/136
//
// -------------------------------------------------------------------------
// Polynomial Reduction Algorithm Modulo f571
// -------------------------------------------------------------------------
//
// Input: Polynomial p(x) of degree 1140 or less, stored as
// an array of 2T machinewords.
// Output: p(x) mod f571(x)
//
// FOR i = T-1, ..., 0 DO
// SET X := P[i+T]
// P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15)
// P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27)
//
// SET X := P[T-1] >> 27
// P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10)
// P[T-1] := P[T-1] & 0x07ffffff
//
// RETURN P[T-1],...,P[0]
//
// -------------------------------------------------------------------------
//
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module;
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) {
var result;
if (aValue.bitSize() > 1140) {
- MochiKit.Logging.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation");
+ Clipperz.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation");
result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue);
} else {
var C, T;
var i;
-//console.log(">>> binaryField.finiteField.(improved)module");
-// C = aValue.value().slice(0);
C = aValue._value.slice(0);
for (i=35; i>=18; i--) {
T = C[i];
C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0);
C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0);
}
T = (C[17] >>> 27);
C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0);
C[17] = (C[17] & 0x07ffffff);
for(i=18; i<=35; i++) {
C[i] = 0;
}
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
-//console.log("<<< binaryField.finiteField.(improved)module");
}
return result;
};
}
return Clipperz.Crypto.ECC.StandardCurves._B571;
},
//-----------------------------------------------------------------------------
'_B283': null,
'B283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
if (Clipperz.Crypto.ECC.StandardCurves._B283 == null) {
Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({
// modulus: new Clipperz.Crypto.ECC.BinaryField.Value('10000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
// S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
// n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16)
});
//-----------------------------------------------------------------------------
//
// Guide to Elliptic Curve Cryptography
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
// - Pag: 56, Alorithm 2.43
//
//-----------------------------------------------------------------------------
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module;
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) {
var result;
if (aValue.bitSize() > 564) {
- MochiKit.Logging.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation");
+ Clipperz.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation");
result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue);
} else {
var C, T;
var i;
-//console.log(">>> binaryField.finiteField.(improved)module");
C = aValue._value.slice(0);
for (i=17; i>=9; i--) {
T = C[i];
C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0);
C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0);
}
T = (C[8] >>> 27);
C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0);
C[8] = (C[8] & 0x07ffffff);
for(i=9; i<=17; i++) {
C[i] = 0;
}
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
-//console.log("<<< binaryField.finiteField.(improved)module");
}
return result;
};
}
return Clipperz.Crypto.ECC.StandardCurves._B283;
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
diff --git a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js
index 56f257a..7b7c2c6 100644
--- a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js
+++ b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js
@@ -1,270 +1,266 @@
/*
-Copyright 2008-2011 Clipperz Srl
+Copyright 2008-2013 Clipperz Srl
-This file is part of Clipperz Community Edition.
-Clipperz Community Edition is an online password manager.
+This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
-* Clipperz Community Edition is free software: you can redistribute
- it and/or modify it under the terms of the GNU Affero General Public
- License as published by the Free Software Foundation, either version
- 3 of the License, or (at your option) any later version.
+* Clipperz is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
-* Clipperz Community Edition is distributed in the hope that it will
- be useful, but WITHOUT ANY WARRANTY; without even the implied
- warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+* Clipperz is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
- License along with Clipperz Community Edition. If not, see
- <http://www.gnu.org/licenses/>.
+ License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
//}
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
Clipperz.Crypto.ECC.BinaryField.FiniteField = function(args) {
args = args || {};
this._modulus = args.modulus;
return this;
}
Clipperz.Crypto.ECC.BinaryField.FiniteField.prototype = MochiKit.Base.update(null, {
'asString': function() {
return "Clipperz.Crypto.ECC.BinaryField.FiniteField (" + this.modulus().asString() + ")";
},
//-----------------------------------------------------------------------------
'modulus': function() {
return this._modulus;
},
//-----------------------------------------------------------------------------
'_module': function(aValue) {
var result;
var modulusComparison;
-//console.log(">>> binaryField.finiteField.(standard)module");
modulusComparison = Clipperz.Crypto.ECC.BinaryField.Value._compare(aValue, this.modulus()._value);
if (modulusComparison < 0) {
result = aValue;
} else if (modulusComparison == 0) {
result = [0];
} else {
var modulusBitSize;
var resultBitSize;
result = aValue;
modulusBitSize = this.modulus().bitSize();
resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result);
while (resultBitSize >= modulusBitSize) {
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this.modulus()._value, resultBitSize - modulusBitSize));
resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result);
}
}
-//console.log("<<< binaryField.finiteField.(standard)module");
-
+
return result;
},
'module': function(aValue) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._module(aValue._value.slice(0)));
},
//-----------------------------------------------------------------------------
'_add': function(a, b) {
return Clipperz.Crypto.ECC.BinaryField.Value._xor(a, b);
},
'_overwriteAdd': function(a, b) {
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(a, b);
},
'add': function(a, b) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._add(a._value, b._value));
},
//-----------------------------------------------------------------------------
'negate': function(aValue) {
return aValue.clone();
},
//-----------------------------------------------------------------------------
'_multiply': function(a, b) {
var result;
var valueToXor;
var i,c;
result = [0];
valueToXor = b;
c = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(a);
for (i=0; i<c; i++) {
if (Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(a, i) === true) {
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, valueToXor);
}
valueToXor = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(valueToXor, 1);
}
result = this._module(result);
return result;
},
'multiply': function(a, b) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._multiply(a._value, b._value));
},
//-----------------------------------------------------------------------------
'_fastMultiply': function(a, b) {
var result;
var B;
var i,c;
result = [0];
B = b.slice(0); // Is this array copy avoidable?
c = 32;
for (i=0; i<c; i++) {
var ii, cc;
cc = a.length;
for (ii=0; ii<cc; ii++) {
if (((a[ii] >>> i) & 0x01) == 1) {
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, B, ii);
}
}
if (i < (c-1)) {
B = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(B, 1);
}
}
result = this._module(result);
return result;
},
'fastMultiply': function(a, b) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._fastMultiply(a._value, b._value));
},
//-----------------------------------------------------------------------------
//
// Guide to Elliptic Curve Cryptography
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
// - Pag: 49, Alorithm 2.34
//
//-----------------------------------------------------------------------------
'_square': function(aValue) {
var result;
var value;
var c,i;
var precomputedValues;
value = aValue;
result = new Array(value.length * 2);
precomputedValues = Clipperz.Crypto.ECC.BinaryField.FiniteField.squarePrecomputedBytes;
c = value.length;
for (i=0; i<c; i++) {
result[i*2] = precomputedValues[(value[i] & 0x000000ff)];
result[i*2] |= ((precomputedValues[(value[i] & 0x0000ff00) >>> 8]) << 16);
result[i*2 + 1] = precomputedValues[(value[i] & 0x00ff0000) >>> 16];
result[i*2 + 1] |= ((precomputedValues[(value[i] & 0xff000000) >>> 24]) << 16);
}
return this._module(result);
},
'square': function(aValue) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._square(aValue._value));
},
//-----------------------------------------------------------------------------
'_inverse': function(aValue) {
var result;
var b, c;
var u, v;
// b = Clipperz.Crypto.ECC.BinaryField.Value.I._value;
b = [1];
// c = Clipperz.Crypto.ECC.BinaryField.Value.O._value;
c = [0];
u = this._module(aValue);
v = this.modulus()._value.slice(0);
while (Clipperz.Crypto.ECC.BinaryField.Value._bitSize(u) > 1) {
var bitDifferenceSize;
bitDifferenceSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(u) - Clipperz.Crypto.ECC.BinaryField.Value._bitSize(v);
if (bitDifferenceSize < 0) {
var swap;
swap = u;
u = v;
v = swap;
swap = c;
c = b;
b = swap;
bitDifferenceSize = -bitDifferenceSize;
}
u = this._add(u, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(v, bitDifferenceSize));
b = this._add(b, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(c, bitDifferenceSize));
// this._overwriteAdd(u, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(v, bitDifferenceSize));
// this._overwriteAdd(b, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(c, bitDifferenceSize));
}
result = this._module(b);
return result;
},
'inverse': function(aValue) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._inverse(aValue._value));
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
Clipperz.Crypto.ECC.BinaryField.FiniteField.squarePrecomputedBytes = [
0x0000, // 0 = 0000 0000 -> 0000 0000 0000 0000
0x0001, // 1 = 0000 0001 -> 0000 0000 0000 0001
0x0004, // 2 = 0000 0010 -> 0000 0000 0000 0100
0x0005, // 3 = 0000 0011 -> 0000 0000 0000 0101
0x0010, // 4 = 0000 0100 -> 0000 0000 0001 0000
0x0011, // 5 = 0000 0101 -> 0000 0000 0001 0001
0x0014, // 6 = 0000 0110 -> 0000 0000 0001 0100
0x0015, // 7 = 0000 0111 -> 0000 0000 0001 0101
0x0040, // 8 = 0000 1000 -> 0000 0000 0100 0000
0x0041, // 9 = 0000 1001 -> 0000 0000 0100 0001
0x0044, // 10 = 0000 1010 -> 0000 0000 0100 0100
0x0045, // 11 = 0000 1011 -> 0000 0000 0100 0101
0x0050, // 12 = 0000 1100 -> 0000 0000 0101 0000
0x0051, // 13 = 0000 1101 -> 0000 0000 0101 0001
0x0054, // 14 = 0000 1110 -> 0000 0000 0101 0100
0x0055, // 15 = 0000 1111 -> 0000 0000 0101 0101
0x0100, // 16 = 0001 0000 -> 0000 0001 0000 0000
0x0101, // 17 = 0001 0001 -> 0000 0001 0000 0001
0x0104, // 18 = 0001 0010 -> 0000 0001 0000 0100
diff --git a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Point.js b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Point.js
index ffe287b..fef3220 100644
--- a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Point.js
+++ b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Point.js
@@ -1,64 +1,62 @@
/*
-Copyright 2008-2011 Clipperz Srl
+Copyright 2008-2013 Clipperz Srl
-This file is part of Clipperz Community Edition.
-Clipperz Community Edition is an online password manager.
+This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
-* Clipperz Community Edition is free software: you can redistribute
- it and/or modify it under the terms of the GNU Affero General Public
- License as published by the Free Software Foundation, either version
- 3 of the License, or (at your option) any later version.
+* Clipperz is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
-* Clipperz Community Edition is distributed in the hope that it will
- be useful, but WITHOUT ANY WARRANTY; without even the implied
- warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+* Clipperz is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
- License along with Clipperz Community Edition. If not, see
- <http://www.gnu.org/licenses/>.
+ License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
//}
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
Clipperz.Crypto.ECC.BinaryField.Point = function(args) {
args = args || {};
this._x = args.x;
this._y = args.y;
return this;
}
Clipperz.Crypto.ECC.BinaryField.Point.prototype = MochiKit.Base.update(null, {
'asString': function() {
return "Clipperz.Crypto.ECC.BinaryField.Point (" + this.x() + ", " + this.y() + ")";
},
//-----------------------------------------------------------------------------
'x': function() {
return this._x;
},
'y': function() {
return this._y;
},
//-----------------------------------------------------------------------------
'isZero': function() {
return (this.x().isZero() && this.y().isZero())
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
diff --git a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Value.js b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Value.js
index b705a20..634772a 100644
--- a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Value.js
+++ b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Value.js
@@ -1,383 +1,379 @@
/*
-Copyright 2008-2011 Clipperz Srl
+Copyright 2008-2013 Clipperz Srl
-This file is part of Clipperz Community Edition.
-Clipperz Community Edition is an online password manager.
+This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
-* Clipperz Community Edition is free software: you can redistribute
- it and/or modify it under the terms of the GNU Affero General Public
- License as published by the Free Software Foundation, either version
- 3 of the License, or (at your option) any later version.
+* Clipperz is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
-* Clipperz Community Edition is distributed in the hope that it will
- be useful, but WITHOUT ANY WARRANTY; without even the implied
- warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+* Clipperz is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
- License along with Clipperz Community Edition. If not, see
- <http://www.gnu.org/licenses/>.
+ License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
//}
if (typeof(Clipperz) == 'undefined') { Clipperz = {}; }
if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; }
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
Clipperz.Crypto.ECC.BinaryField.Value = function(aValue, aBase, aBitSize) {
if (aValue.constructor == String) {
var value;
var stringLength;
var numberOfWords;
var i,c;
if (aBase != 16) {
throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase;
}
value = aValue.replace(/ /g, '');
stringLength = value.length;
numberOfWords = Math.ceil(stringLength / 8);
this._value = new Array(numberOfWords);
c = numberOfWords;
for (i=0; i<c; i++) {
var word;
if (i < (c-1)) {
word = parseInt(value.substr(stringLength-((i+1)*8), 8), 16);
} else {
word = parseInt(value.substr(0, stringLength-(i*8)), 16);
}
this._value[i] = word;
}
} else if (aValue.constructor == Array) {
var itemsToCopy;
itemsToCopy = aValue.length;
while (aValue[itemsToCopy - 1] == 0) {
itemsToCopy --;
}
this._value = aValue.slice(0, itemsToCopy);
} else if (aValue.constructor == Number) {
this._value = [aValue];
} else {
// throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType;
}
this._bitSize == aBitSize || null;
return this;
}
Clipperz.Crypto.ECC.BinaryField.Value.prototype = MochiKit.Base.update(null, {
'value': function() {
return this._value;
},
//-----------------------------------------------------------------------------
'wordSize': function() {
return this._value.length
},
//-----------------------------------------------------------------------------
'clone': function() {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._value.slice(0), null, this._bitSize);
},
//-----------------------------------------------------------------------------
'isZero': function() {
return (this.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) == 0);
},
//-----------------------------------------------------------------------------
'asString': function(aBase) {
var result;
var i,c;
if (aBase != 16) {
throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase;
}
result = "";
c = this.wordSize();
for (i=0; i<c; i++) {
var wordAsString;
// wordAsString = ("00000000" + this.value()[i].toString(16));
wordAsString = ("00000000" + this._value[i].toString(16));
wordAsString = wordAsString.substring(wordAsString.length - 8);
result = wordAsString + result;
}
result = result.replace(/^(00)*/, "");
if (result == "") {
result = "0";
}
return result;
},
//-----------------------------------------------------------------------------
'shiftLeft': function(aNumberOfBitsToShift) {
// this method seems like it is never called. :-(
return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this._value, aNumberOfBitsToShift));
},
//-----------------------------------------------------------------------------
'bitSize': function() {
if (this._bitSize == null) {
this._bitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(this._value);
}
return this._bitSize;
},
//-----------------------------------------------------------------------------
'isBitSet': function(aBitPosition) {
return Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(this._value, aBitPosition);
},
//-----------------------------------------------------------------------------
'xor': function(aValue) {
return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._xor(this._value, aValue._value));
},
//-----------------------------------------------------------------------------
'compare': function(aValue) {
return Clipperz.Crypto.ECC.BinaryField.Value._compare(this._value, aValue._value);
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
Clipperz.Crypto.ECC.BinaryField.Value.O = new Clipperz.Crypto.ECC.BinaryField.Value('0', 16);
Clipperz.Crypto.ECC.BinaryField.Value.I = new Clipperz.Crypto.ECC.BinaryField.Value('1', 16);
Clipperz.Crypto.ECC.BinaryField.Value._xor = function(a, b, aFirstItemOffset) {
var result;
var resultSize;
var i,c;
var firstItemOffset;
firstItemOffset = aFirstItemOffset || 0;
resultSize = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset;
result = new Array(resultSize);
c = firstItemOffset;
for (i=0; i<c; i++) {
result[i] = a[i];
}
c = resultSize;
for (i=firstItemOffset; i<c; i++) {
result[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0);
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor = function(a, b, aFirstItemOffset) {
var i,c;
var firstItemOffset;
firstItemOffset = aFirstItemOffset || 0;
c = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset;
for (i=firstItemOffset; i<c; i++) {
a[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0);
}
};
Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft = function(aWordArray, aNumberOfBitsToShift) {
var numberOfWordsToShift;
var numberOfBitsToShift;
var result;
var overflowValue;
var nextOverflowValue;
var i,c;
numberOfWordsToShift = Math.floor(aNumberOfBitsToShift / 32);
numberOfBitsToShift = aNumberOfBitsToShift % 32;
result = new Array(aWordArray.length + numberOfWordsToShift);
c = numberOfWordsToShift;
for (i=0; i<c; i++) {
result[i] = 0;
}
overflowValue = 0;
nextOverflowValue = 0;
c = aWordArray.length;
for (i=0; i<c; i++) {
var value;
var resultWord;
// value = this.value()[i];
value = aWordArray[i];
if (numberOfBitsToShift > 0) {
nextOverflowValue = (value >>> (32 - numberOfBitsToShift));
value = value & (0xffffffff >>> numberOfBitsToShift);
resultWord = (((value << numberOfBitsToShift) | overflowValue) >>> 0);
} else {
resultWord = value;
}
result[i+numberOfWordsToShift] = resultWord;
overflowValue = nextOverflowValue;
}
if (overflowValue != 0) {
result[aWordArray.length + numberOfWordsToShift] = overflowValue;
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft = function(aWordArray, aNumberOfBitsToShift) {
var numberOfWordsToShift;
var numberOfBitsToShift;
var result;
var overflowValue;
var i,c;
numberOfWordsToShift = Math.floor(aNumberOfBitsToShift / 32);
numberOfBitsToShift = aNumberOfBitsToShift % 32;
result = new Array(aWordArray.length + numberOfWordsToShift);
c = numberOfWordsToShift;
for (i=0; i<c; i++) {
result[i] = 0;
}
overflowValue = 0;
nextOverflowValue = 0;
c = aWordArray.length;
for (i=0; i<c; i++) {
var value;
var resultWord;
// value = this.value()[i];
value = aWordArray[i];
if (numberOfBitsToShift > 0) {
var nextOverflowValue;
nextOverflowValue = (value >>> (32 - numberOfBitsToShift));
value = value & (0xffffffff >>> numberOfBitsToShift);
resultWord = (((value << numberOfBitsToShift) | overflowValue) >>> 0);
} else {
resultWord = value;
}
result[i+numberOfWordsToShift] = resultWord;
overflowValue = nextOverflowValue;
}
if (overflowValue != 0) {
result[aWordArray.length + numberOfWordsToShift] = overflowValue;
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value._bitSize = function(aWordArray) {
var result;
var notNullElements;
var mostValuableWord;
var matchingBitsInMostImportantWord;
var mask;
var i,c;
notNullElements = aWordArray.length;
if ((aWordArray.length == 1) && (aWordArray[0] == 0)) {
result = 0;
} else {
notNullElements --;
while((notNullElements > 0) && (aWordArray[notNullElements] == 0)) {
notNullElements --;
}
result = notNullElements * 32;
mostValuableWord = aWordArray[notNullElements];
matchingBits = 32;
mask = 0x80000000;
while ((matchingBits > 0) && ((mostValuableWord & mask) == 0)) {
matchingBits --;
mask >>>= 1;
}
result += matchingBits;
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value._isBitSet = function(aWordArray, aBitPosition) {
var result;
var byteIndex;
var bitIndexInSelectedByte;
byteIndex = Math.floor(aBitPosition / 32);
bitIndexInSelectedByte = aBitPosition % 32;
if (byteIndex <= aWordArray.length) {
result = ((aWordArray[byteIndex] & (1 << bitIndexInSelectedByte)) != 0);
} else {
result = false;
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value._compare = function(a,b) {
var result;
var i,c;
result = MochiKit.Base.compare(a.length, b.length);
c = a.length;
for (i=0; (i<c) && (result==0); i++) {
-//console.log("compare[" + c + " - " + i + " - 1] " + this.value()[c-i-1] + ", " + aValue.value()[c-i-1]);
-// result = MochiKit.Base.compare(this.value()[c-i-1], aValue.value()[c-i-1]);
result = MochiKit.Base.compare(a[c-i-1], b[c-i-1]);
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value['exception']= {
'UnsupportedBase': new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase"),
'UnsupportedConstructorValueType': new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType")
};
diff --git a/frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js b/frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js
index be197e3..239e264 100644
--- a/frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js
+++ b/frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js
@@ -1,236 +1,229 @@
/*
-Copyright 2008-2011 Clipperz Srl
+Copyright 2008-2013 Clipperz Srl
-This file is part of Clipperz Community Edition.
-Clipperz Community Edition is an online password manager.
+This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
-* Clipperz Community Edition is free software: you can redistribute
- it and/or modify it under the terms of the GNU Affero General Public
- License as published by the Free Software Foundation, either version
- 3 of the License, or (at your option) any later version.
+* Clipperz is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
-* Clipperz Community Edition is distributed in the hope that it will
- be useful, but WITHOUT ANY WARRANTY; without even the implied
- warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+* Clipperz is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
- License along with Clipperz Community Edition. If not, see
- <http://www.gnu.org/licenses/>.
+ License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
//try { if (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.BinaryField.Curve!";
//}
//try { if (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.Koblitz.Curve!";
//}
Clipperz.Crypto.ECC.StandardCurves = {};
MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, {
//==============================================================================
'_K571': null,
'K571': function() { // f(z) = z^571 + z^10 + z^5 + z^2 + 1
if ((Clipperz.Crypto.ECC.StandardCurves._K571 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) {
Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.Koblitz.Curve({
modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16),
a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16),
b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16),
G: new Clipperz.Crypto.ECC.Koblitz.Point({
x: new Clipperz.Crypto.ECC.Koblitz.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16),
y: new Clipperz.Crypto.ECC.Koblitz.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16)
}),
r: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16),
h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16),
primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16)
});
}
return Clipperz.Crypto.ECC.StandardCurves._K571;
},
//-----------------------------------------------------------------------------
'_K283': null,
'K283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
if ((Clipperz.Crypto.ECC.StandardCurves._K283 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) {
Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.Koblitz.Curve({
modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16),
b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16),
G: new Clipperz.Crypto.ECC.Koblitz.Point({
x: new Clipperz.Crypto.ECC.Koblitz.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16),
y: new Clipperz.Crypto.ECC.Koblitz.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16)
}),
r: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16),
h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16),
primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16)
});
}
return Clipperz.Crypto.ECC.StandardCurves._K283;
},
//==============================================================================
'_B571': null,
'B571': function() { // f(z) = z^571 + z^10 + z^5 + z^2 + 1
if ((Clipperz.Crypto.ECC.StandardCurves._B571 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) {
Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e 2221f295 de297117 b7f3d62f 5c6a97ff cb8ceff1 cd6ba8ce 4a9a18ad 84ffabbd 8efa5933 2be7ad67 56a66e29 4afd185a 78ff12aa 520e4de7 39baca0c 7ffeff7f 2955727a', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
// S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
// n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16)
});
//-----------------------------------------------------------------------------
//
// Guide to Elliptic Curve Cryptography
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
// - Pag: 56, Alorithm 2.45 (with a typo!!!)
//
//-----------------------------------------------------------------------------
//
// http://www.milw0rm.com/papers/136
//
// -------------------------------------------------------------------------
// Polynomial Reduction Algorithm Modulo f571
// -------------------------------------------------------------------------
//
// Input: Polynomial p(x) of degree 1140 or less, stored as
// an array of 2T machinewords.
// Output: p(x) mod f571(x)
//
// FOR i = T-1, ..., 0 DO
// SET X := P[i+T]
// P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15)
// P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27)
//
// SET X := P[T-1] >> 27
// P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10)
// P[T-1] := P[T-1] & 0x07ffffff
//
// RETURN P[T-1],...,P[0]
//
// -------------------------------------------------------------------------
//
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module;
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) {
var result;
if (aValue.bitSize() > 1140) {
- MochiKit.Logging.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation");
+ Clipperz.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation");
result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue);
} else {
var C, T;
var i;
-//console.log(">>> binaryField.finiteField.(improved)module");
-// C = aValue.value().slice(0);
C = aValue._value.slice(0);
for (i=35; i>=18; i--) {
T = C[i];
C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0);
C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0);
}
T = (C[17] >>> 27);
C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0);
C[17] = (C[17] & 0x07ffffff);
for(i=18; i<=35; i++) {
C[i] = 0;
}
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
-//console.log("<<< binaryField.finiteField.(improved)module");
}
return result;
};
}
return Clipperz.Crypto.ECC.StandardCurves._B571;
},
//-----------------------------------------------------------------------------
'_B283': null,
'B283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
if ((Clipperz.Crypto.ECC.StandardCurves._B283 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) {
Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
});
//-----------------------------------------------------------------------------
//
// Guide to Elliptic Curve Cryptography
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
// - Pag: 56, Alorithm 2.43
//
//-----------------------------------------------------------------------------
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module;
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) {
var result;
if (aValue.bitSize() > 564) {
- MochiKit.Logging.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation");
+ Clipperz.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation");
result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue);
} else {
var C, T;
var i;
-//console.log(">>> binaryField.finiteField.(improved)module");
C = aValue._value.slice(0);
for (i=17; i>=9; i--) {
T = C[i];
C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0);
C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0);
}
T = (C[8] >>> 27);
C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0);
C[8] = (C[8] & 0x07ffffff);
for(i=9; i<=17; i++) {
C[i] = 0;
}
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
-//console.log("<<< binaryField.finiteField.(improved)module");
}
return result;
};
}
return Clipperz.Crypto.ECC.StandardCurves._B283;
},
//==============================================================================
__syntaxFix__: "syntax fix"
});
diff --git a/frontend/gamma/js/Clipperz/Crypto/PRNG.js b/frontend/gamma/js/Clipperz/Crypto/PRNG.js
index adfdb16..c539f06 100644
--- a/frontend/gamma/js/Clipperz/Crypto/PRNG.js
+++ b/frontend/gamma/js/Clipperz/Crypto/PRNG.js
@@ -1,214 +1,212 @@
/*
-Copyright 2008-2011 Clipperz Srl
+Copyright 2008-2013 Clipperz Srl
-This file is part of Clipperz Community Edition.
-Clipperz Community Edition is an online password manager.
+This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
-* Clipperz Community Edition is free software: you can redistribute
- it and/or modify it under the terms of the GNU Affero General Public
- License as published by the Free Software Foundation, either version
- 3 of the License, or (at your option) any later version.
+* Clipperz is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
-* Clipperz Community Edition is distributed in the hope that it will
- be useful, but WITHOUT ANY WARRANTY; without even the implied
- warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+* Clipperz is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
- License along with Clipperz Community Edition. If not, see
- <http://www.gnu.org/licenses/>.
+ License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!";
}
try { if (typeof(Clipperz.Crypto.SHA) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.SHA!";
}
try { if (typeof(Clipperz.Crypto.AES) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.AES!";
}
if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { Clipperz.Crypto.PRNG = {}; }
//#############################################################################
Clipperz.Crypto.PRNG.EntropyAccumulator = function(args) {
args = args || {};
// MochiKit.Base.bindMethods(this);
this._stack = new Clipperz.ByteArray();
this._maxStackLengthBeforeHashing = args.maxStackLengthBeforeHashing || 256;
return this;
}
Clipperz.Crypto.PRNG.EntropyAccumulator.prototype = MochiKit.Base.update(null, {
'toString': function() {
return "Clipperz.Crypto.PRNG.EntropyAccumulator";
},
//-------------------------------------------------------------------------
'stack': function() {
return this._stack;
},
'setStack': function(aValue) {
this._stack = aValue;
},
'resetStack': function() {
this.stack().reset();
},
'maxStackLengthBeforeHashing': function() {
return this._maxStackLengthBeforeHashing;
},
//-------------------------------------------------------------------------
'addRandomByte': function(aValue) {
this.stack().appendByte(aValue);
if (this.stack().length() > this.maxStackLengthBeforeHashing()) {
this.setStack(Clipperz.Crypto.SHA.sha_d256(this.stack()));
}
},
//-------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.PRNG.RandomnessSource = function(args) {
args = args || {};
MochiKit.Base.bindMethods(this);
this._generator = args.generator || null;
this._sourceId = args.sourceId || null;
this._boostMode = args.boostMode || false;
this._nextPoolIndex = 0;
return this;
}
Clipperz.Crypto.PRNG.RandomnessSource.prototype = MochiKit.Base.update(null, {
'generator': function() {
return this._generator;
},
'setGenerator': function(aValue) {
this._generator = aValue;
},
//-------------------------------------------------------------------------
'boostMode': function() {
return this._boostMode;
},
'setBoostMode': function(aValue) {
this._boostMode = aValue;
},
//-------------------------------------------------------------------------
'sourceId': function() {
return this._sourceId;
},
'setSourceId': function(aValue) {
this._sourceId = aValue;
},
//-------------------------------------------------------------------------
'nextPoolIndex': function() {
return this._nextPoolIndex;
},
'incrementNextPoolIndex': function() {
this._nextPoolIndex = ((this._nextPoolIndex + 1) % this.generator().numberOfEntropyAccumulators());
},
//-------------------------------------------------------------------------
'updateGeneratorWithValue': function(aRandomValue) {
if (this.generator() != null) {
this.generator().addRandomByte(this.sourceId(), this.nextPoolIndex(), aRandomValue);
this.incrementNextPoolIndex();
}
},
//-------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.PRNG.TimeRandomnessSource = function(args) {
args = args || {};
// MochiKit.Base.bindMethods(this);
this._intervalTime = args.intervalTime || 1000;
Clipperz.Crypto.PRNG.RandomnessSource.call(this, args);
this.collectEntropy();
return this;
}
Clipperz.Crypto.PRNG.TimeRandomnessSource.prototype = MochiKit.Base.update(new Clipperz.Crypto.PRNG.RandomnessSource, {
'intervalTime': function() {
return this._intervalTime;
},
//-------------------------------------------------------------------------
'collectEntropy': function() {
var now;
var entropyByte;
var intervalTime;
now = new Date();
entropyByte = (now.getTime() & 0xff);
intervalTime = this.intervalTime();
if (this.boostMode() == true) {
intervalTime = intervalTime / 9;
}
this.updateGeneratorWithValue(entropyByte);
setTimeout(this.collectEntropy, intervalTime);
},
//-------------------------------------------------------------------------
'numberOfRandomBits': function() {
return 5;
},
//-------------------------------------------------------------------------
'pollingFrequency': function() {
return 10;
},
//-------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//*****************************************************************************
Clipperz.Crypto.PRNG.MouseRandomnessSource = function(args) {
args = args || {};
@@ -300,528 +298,519 @@ Clipperz.Crypto.PRNG.MouseRandomnessSource.prototype = MochiKit.Base.update(new
__syntaxFix__: "syntax fix"
});
//*****************************************************************************
Clipperz.Crypto.PRNG.KeyboardRandomnessSource = function(args) {
args = args || {};
Clipperz.Crypto.PRNG.RandomnessSource.call(this, args);
this._randomBitsCollector = 0;
this._numberOfRandomBitsCollected = 0;
MochiKit.Signal.connect(document, 'onkeypress', this, 'collectEntropy');
return this;
}
Clipperz.Crypto.PRNG.KeyboardRandomnessSource.prototype = MochiKit.Base.update(new Clipperz.Crypto.PRNG.RandomnessSource, {
//-------------------------------------------------------------------------
'randomBitsCollector': function() {
return this._randomBitsCollector;
},
'setRandomBitsCollector': function(aValue) {
this._randomBitsCollector = aValue;
},
'appendRandomBitToRandomBitsCollector': function(aValue) {
var collectedBits;
var numberOfRandomBitsCollected;
numberOfRandomBitsCollected = this.numberOfRandomBitsCollected();
collectetBits = this.randomBitsCollector() | (aValue << numberOfRandomBitsCollected);
this.setRandomBitsCollector(collectetBits);
numberOfRandomBitsCollected ++;
if (numberOfRandomBitsCollected == 8) {
this.updateGeneratorWithValue(collectetBits);
numberOfRandomBitsCollected = 0;
this.setRandomBitsCollector(0);
}
this.setNumberOfRandomBitsCollected(numberOfRandomBitsCollected)
},
//-------------------------------------------------------------------------
'numberOfRandomBitsCollected': function() {
return this._numberOfRandomBitsCollected;
},
'setNumberOfRandomBitsCollected': function(aValue) {
this._numberOfRandomBitsCollected = aValue;
},
//-------------------------------------------------------------------------
'collectEntropy': function(anEvent) {
/*
var mouseLocation;
var randomBit;
mouseLocation = anEvent.mouse().client;
randomBit = ((mouseLocation.x ^ mouseLocation.y) & 0x1);
this.appendRandomBitToRandomBitsCollector(randomBit);
*/
},
//-------------------------------------------------------------------------
'numberOfRandomBits': function() {
return 1;
},
//-------------------------------------------------------------------------
'pollingFrequency': function() {
return 10;
},
//-------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.PRNG.Fortuna = function(args) {
var i,c;
args = args || {};
this._key = args.seed || null;
if (this._key == null) {
this._counter = 0;
this._key = new Clipperz.ByteArray();
} else {
this._counter = 1;
}
this._aesKey = null;
this._firstPoolReseedLevel = args.firstPoolReseedLevel || 32 || 64;
this._numberOfEntropyAccumulators = args.numberOfEntropyAccumulators || 32;
this._accumulators = [];
c = this.numberOfEntropyAccumulators();
for (i=0; i<c; i++) {
this._accumulators.push(new Clipperz.Crypto.PRNG.EntropyAccumulator());
}
this._randomnessSources = [];
this._reseedCounter = 0;
return this;
}
Clipperz.Crypto.PRNG.Fortuna.prototype = MochiKit.Base.update(null, {
'toString': function() {
return "Clipperz.Crypto.PRNG.Fortuna";
},
//-------------------------------------------------------------------------
'key': function() {
return this._key;
},
'setKey': function(aValue) {
this._key = aValue;
this._aesKey = null;
},
'aesKey': function() {
if (this._aesKey == null) {
this._aesKey = new Clipperz.Crypto.AES.Key({key:this.key()});
}
return this._aesKey;
},
'accumulators': function() {
return this._accumulators;
},
'firstPoolReseedLevel': function() {
return this._firstPoolReseedLevel;
},
//-------------------------------------------------------------------------
'reseedCounter': function() {
return this._reseedCounter;
},
'incrementReseedCounter': function() {
this._reseedCounter = this._reseedCounter +1;
},
//-------------------------------------------------------------------------
'reseed': function() {
var newKeySeed;
var reseedCounter;
var reseedCounterMask;
var i, c;
newKeySeed = this.key();
this.incrementReseedCounter();
reseedCounter = this.reseedCounter();
c = this.numberOfEntropyAccumulators();
reseedCounterMask = 0xffffffff >>> (32 - c);
for (i=0; i<c; i++) {
if ((i == 0) || ((reseedCounter & (reseedCounterMask >>> (c - i))) == 0)) {
newKeySeed.appendBlock(this.accumulators()[i].stack());
this.accumulators()[i].resetStack();
}
}
if (reseedCounter == 1) {
c = this.randomnessSources().length;
for (i=0; i<c; i++) {
this.randomnessSources()[i].setBoostMode(false);
}
}
this.setKey(Clipperz.Crypto.SHA.sha_d256(newKeySeed));
if (reseedCounter == 1) {
-//MochiKit.Logging.logDebug("### PRNG.readyToGenerateRandomBytes");
Clipperz.log("### PRNG.readyToGenerateRandomBytes");
MochiKit.Signal.signal(this, 'readyToGenerateRandomBytes');
}
MochiKit.Signal.signal(this, 'reseeded');
},
//-------------------------------------------------------------------------
'isReadyToGenerateRandomValues': function() {
return this.reseedCounter() != 0;
},
//-------------------------------------------------------------------------
'entropyLevel': function() {
return this.accumulators()[0].stack().length() + (this.reseedCounter() * this.firstPoolReseedLevel());
},
//-------------------------------------------------------------------------
'counter': function() {
return this._counter;
},
'incrementCounter': function() {
this._counter += 1;
},
'counterBlock': function() {
var result;
result = new Clipperz.ByteArray().appendWords(this.counter(), 0, 0, 0);
return result;
},
//-------------------------------------------------------------------------
'getRandomBlock': function() {
var result;
result = new Clipperz.ByteArray(Clipperz.Crypto.AES.encryptBlock(this.aesKey(), this.counterBlock().arrayValues()));
this.incrementCounter();
return result;
},
//-------------------------------------------------------------------------
'getRandomBytes': function(aSize) {
var result;
if (this.isReadyToGenerateRandomValues()) {
var i,c;
var newKey;
result = new Clipperz.ByteArray();
c = Math.ceil(aSize / (128 / 8));
for (i=0; i<c; i++) {
result.appendBlock(this.getRandomBlock());
}
if (result.length() != aSize) {
result = result.split(0, aSize);
}
newKey = this.getRandomBlock().appendBlock(this.getRandomBlock());
this.setKey(newKey);
} else {
-MochiKit.Logging.logWarning("Fortuna generator has not enough entropy, yet!");
+Clipperz.logWarning("Fortuna generator has not enough entropy, yet!");
throw Clipperz.Crypto.PRNG.exception.NotEnoughEntropy;
}
return result;
},
//-------------------------------------------------------------------------
'addRandomByte': function(aSourceId, aPoolId, aRandomValue) {
var selectedAccumulator;
selectedAccumulator = this.accumulators()[aPoolId];
selectedAccumulator.addRandomByte(aRandomValue);
if (aPoolId == 0) {
MochiKit.Signal.signal(this, 'addedRandomByte')
if (selectedAccumulator.stack().length() > this.firstPoolReseedLevel()) {
this.reseed();
}
}
},
//-------------------------------------------------------------------------
'numberOfEntropyAccumulators': function() {
return this._numberOfEntropyAccumulators;
},
//-------------------------------------------------------------------------
'randomnessSources': function() {
return this._randomnessSources;
},
'addRandomnessSource': function(aRandomnessSource) {
aRandomnessSource.setGenerator(this);
aRandomnessSource.setSourceId(this.randomnessSources().length);
this.randomnessSources().push(aRandomnessSource);
if (this.isReadyToGenerateRandomValues() == false) {
aRandomnessSource.setBoostMode(true);
}
},
//-------------------------------------------------------------------------
'deferredEntropyCollection': function(aValue) {
var result;
-//MochiKit.Logging.logDebug(">>> PRNG.deferredEntropyCollection");
if (this.isReadyToGenerateRandomValues()) {
-//MochiKit.Logging.logDebug("--- PRNG.deferredEntropyCollection - 1");
result = aValue;
} else {
-//MochiKit.Logging.logDebug("--- PRNG.deferredEntropyCollection - 2");
var deferredResult;
-// Clipperz.NotificationCenter.notify(this, 'updatedProgressState', 'collectingEntropy', true);
-
deferredResult = new Clipperz.Async.Deferred("PRNG.deferredEntropyCollection");
-// deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("1.2.1 - PRNG.deferredEntropyCollection - 1: " + res); return res;});
deferredResult.addCallback(MochiKit.Base.partial(MochiKit.Async.succeed, aValue));
-// deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("1.2.2 - PRNG.deferredEntropyCollection - 2: " + res); return res;});
MochiKit.Signal.connect(this,
'readyToGenerateRandomBytes',
deferredResult,
'callback');
result = deferredResult;
}
-//MochiKit.Logging.logDebug("<<< PRNG.deferredEntropyCollection - result: " + result);
return result;
},
//-------------------------------------------------------------------------
'fastEntropyAccumulationForTestingPurpose': function() {
while (! this.isReadyToGenerateRandomValues()) {
this.addRandomByte(Math.floor(Math.random() * 32), Math.floor(Math.random() * 32), Math.floor(Math.random() * 256));
}
},
//-------------------------------------------------------------------------
'dump': function(appendToDoc) {
var tbl;
var i,c;
tbl = document.createElement("table");
tbl.border = 0;
with (tbl.style) {
border = "1px solid lightgrey";
fontFamily = 'Helvetica, Arial, sans-serif';
fontSize = '8pt';
//borderCollapse = "collapse";
}
var hdr = tbl.createTHead();
var hdrtr = hdr.insertRow(0);
// document.createElement("tr");
{
var ntd;
ntd = hdrtr.insertCell(0);
ntd.style.borderBottom = "1px solid lightgrey";
ntd.style.borderRight = "1px solid lightgrey";
ntd.appendChild(document.createTextNode("#"));
ntd = hdrtr.insertCell(1);
ntd.style.borderBottom = "1px solid lightgrey";
ntd.style.borderRight = "1px solid lightgrey";
ntd.appendChild(document.createTextNode("s"));
ntd = hdrtr.insertCell(2);
ntd.colSpan = this.firstPoolReseedLevel();
ntd.style.borderBottom = "1px solid lightgrey";
ntd.style.borderRight = "1px solid lightgrey";
ntd.appendChild(document.createTextNode("base values"));
ntd = hdrtr.insertCell(3);
ntd.colSpan = 20;
ntd.style.borderBottom = "1px solid lightgrey";
ntd.appendChild(document.createTextNode("extra values"));
}
c = this.accumulators().length;
for (i=0; i<c ; i++) {
var currentAccumulator;
var bdytr;
var bdytd;
var ii, cc;
currentAccumulator = this.accumulators()[i]
bdytr = tbl.insertRow(true);
bdytd = bdytr.insertCell(0);
bdytd.style.borderRight = "1px solid lightgrey";
bdytd.style.color = "lightgrey";
bdytd.appendChild(document.createTextNode("" + i));
bdytd = bdytr.insertCell(1);
bdytd.style.borderRight = "1px solid lightgrey";
bdytd.style.color = "gray";
bdytd.appendChild(document.createTextNode("" + currentAccumulator.stack().length()));
cc = Math.max(currentAccumulator.stack().length(), this.firstPoolReseedLevel());
for (ii=0; ii<cc; ii++) {
var cellText;
bdytd = bdytr.insertCell(ii + 2);
if (ii < currentAccumulator.stack().length()) {
cellText = Clipperz.ByteArray.byteToHex(currentAccumulator.stack().byteAtIndex(ii));
} else {
cellText = "_";
}
if (ii == (this.firstPoolReseedLevel() - 1)) {
bdytd.style.borderRight = "1px solid lightgrey";
}
bdytd.appendChild(document.createTextNode(cellText));
}
}
if (appendToDoc) {
var ne = document.createElement("div");
ne.id = "entropyGeneratorStatus";
with (ne.style) {
fontFamily = "Courier New, monospace";
fontSize = "12px";
lineHeight = "16px";
borderTop = "1px solid black";
padding = "10px";
}
if (document.getElementById(ne.id)) {
MochiKit.DOM.swapDOM(ne.id, ne);
} else {
document.body.appendChild(ne);
}
ne.appendChild(tbl);
}
return tbl;
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.PRNG.Random = function(args) {
args = args || {};
// MochiKit.Base.bindMethods(this);
return this;
}
Clipperz.Crypto.PRNG.Random.prototype = MochiKit.Base.update(null, {
'toString': function() {
return "Clipperz.Crypto.PRNG.Random";
},
//-------------------------------------------------------------------------
'getRandomBytes': function(aSize) {
//Clipperz.Profile.start("Clipperz.Crypto.PRNG.Random.getRandomBytes");
var result;
var i,c;
result = new Clipperz.ByteArray()
c = aSize || 1;
for (i=0; i<c; i++) {
result.appendByte((Math.random()*255) & 0xff);
}
//Clipperz.Profile.stop("Clipperz.Crypto.PRNG.Random.getRandomBytes");
return result;
},
//-------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
_clipperz_crypt_prng_defaultPRNG = null;
Clipperz.Crypto.PRNG.defaultRandomGenerator = function() {
if (_clipperz_crypt_prng_defaultPRNG == null) {
_clipperz_crypt_prng_defaultPRNG = new Clipperz.Crypto.PRNG.Fortuna();
//.............................................................
//
// TimeRandomnessSource
//
//.............................................................
{
var newRandomnessSource;
newRandomnessSource = new Clipperz.Crypto.PRNG.TimeRandomnessSource({intervalTime:111});
_clipperz_crypt_prng_defaultPRNG.addRandomnessSource(newRandomnessSource);
}
//.............................................................
//
// MouseRandomnessSource
//
//.............................................................
{
var newRandomnessSource;
newRandomnessSource = new Clipperz.Crypto.PRNG.MouseRandomnessSource();
_clipperz_crypt_prng_defaultPRNG.addRandomnessSource(newRandomnessSource);
}
diff --git a/frontend/gamma/js/Clipperz/Crypto/RSA.js b/frontend/gamma/js/Clipperz/Crypto/RSA.js
index 6844dba..5a480f1 100644
--- a/frontend/gamma/js/Clipperz/Crypto/RSA.js
+++ b/frontend/gamma/js/Clipperz/Crypto/RSA.js
@@ -1,148 +1,146 @@
/*
-Copyright 2008-2011 Clipperz Srl
+Copyright 2008-2013 Clipperz Srl
-This file is part of Clipperz Community Edition.
-Clipperz Community Edition is an online password manager.
+This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
-* Clipperz Community Edition is free software: you can redistribute
- it and/or modify it under the terms of the GNU Affero General Public
- License as published by the Free Software Foundation, either version
- 3 of the License, or (at your option) any later version.
+* Clipperz is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
-* Clipperz Community Edition is distributed in the hope that it will
- be useful, but WITHOUT ANY WARRANTY; without even the implied
- warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+* Clipperz is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
- License along with Clipperz Community Edition. If not, see
- <http://www.gnu.org/licenses/>.
+ License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.RSA depends on Clipperz.Crypto.BigInt!";
}
if (typeof(Clipperz.Crypto.RSA) == 'undefined') { Clipperz.Crypto.RSA = {}; }
Clipperz.Crypto.RSA.VERSION = "0.1";
Clipperz.Crypto.RSA.NAME = "Clipperz.RSA";
//#############################################################################
MochiKit.Base.update(Clipperz.Crypto.RSA, {
//-------------------------------------------------------------------------
'publicKeyWithValues': function (e, d, n) {
var result;
result = {};
if (e.isBigInt) {
result.e = e;
} else {
result.e = new Clipperz.Crypto.BigInt(e, 16);
}
if (d.isBigInt) {
result.d = d;
} else {
result.d = new Clipperz.Crypto.BigInt(d, 16);
}
if (n.isBigInt) {
result.n = n;
} else {
result.n = new Clipperz.Crypto.BigInt(n, 16);
}
return result;
},
'privateKeyWithValues': function(e, d, n) {
return Clipperz.Crypto.RSA.publicKeyWithValues(e, d, n);
},
//-----------------------------------------------------------------------------
'encryptUsingPublicKey': function (aKey, aMessage) {
var messageValue;
var result;
messageValue = new Clipperz.Crypto.BigInt(aMessage, 16);
result = messageValue.powerModule(aKey.e, aKey.n);
return result.asString(16);
},
//.............................................................................
'decryptUsingPublicKey': function (aKey, aMessage) {
return Clipperz.Crypto.RSA.encryptUsingPublicKey(aKey, aMessage);
},
//-----------------------------------------------------------------------------
'encryptUsingPrivateKey': function (aKey, aMessage) {
var messageValue;
var result;
messageValue = new Clipperz.Crypto.BigInt(aMessage, 16);
result = messageValue.powerModule(aKey.d, aKey.n);
return result.asString(16);
},
//.............................................................................
'decryptUsingPrivateKey': function (aKey, aMessage) {
return Clipperz.Crypto.RSA.encryptUsingPrivateKey(aKey, aMessage);
},
//-----------------------------------------------------------------------------
'generatePublicKey': function(aNumberOfBits) {
var result;
var e;
var d;
var n;
e = new Clipperz.Crypto.BigInt("10001", 16);
{
var p, q;
var phi;
do {
p = Clipperz.Crypto.BigInt.randomPrime(aNumberOfBits);
} while (p.module(e).equals(1));
do {
q = Clipperz.Crypto.BigInt.randomPrime(aNumberOfBits);
} while ((q.equals(p)) || (q.module(e).equals(1)));
n = p.multiply(q);
phi = (p.subtract(1).multiply(q.subtract(1)));
d = e.powerModule(-1, phi);
}
result = Clipperz.Crypto.RSA.publicKeyWithValues(e, d, n);
return result;
},
//-------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
//-------------------------------------------------------------------------
});
//#############################################################################
diff --git a/frontend/gamma/js/Clipperz/Crypto/SHA.js b/frontend/gamma/js/Clipperz/Crypto/SHA.js
index b07fa85..f8bfe6e 100644
--- a/frontend/gamma/js/Clipperz/Crypto/SHA.js
+++ b/frontend/gamma/js/Clipperz/Crypto/SHA.js
@@ -1,214 +1,212 @@
/*
-Copyright 2008-2011 Clipperz Srl
+Copyright 2008-2013 Clipperz Srl
-This file is part of Clipperz Community Edition.
-Clipperz Community Edition is an online password manager.
+This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
-* Clipperz Community Edition is free software: you can redistribute
- it and/or modify it under the terms of the GNU Affero General Public
- License as published by the Free Software Foundation, either version
- 3 of the License, or (at your option) any later version.
+* Clipperz is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
-* Clipperz Community Edition is distributed in the hope that it will
- be useful, but WITHOUT ANY WARRANTY; without even the implied
- warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+* Clipperz is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
- License along with Clipperz Community Edition. If not, see
- <http://www.gnu.org/licenses/>.
+ License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!";
}
if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; }
if (typeof(Clipperz.Crypto.SHA) == 'undefined') { Clipperz.Crypto.SHA = {}; }
Clipperz.Crypto.SHA.VERSION = "0.3";
Clipperz.Crypto.SHA.NAME = "Clipperz.Crypto.SHA";
MochiKit.Base.update(Clipperz.Crypto.SHA, {
'__repr__': function () {
return "[" + this.NAME + " " + this.VERSION + "]";
},
'toString': function () {
return this.__repr__();
},
//-----------------------------------------------------------------------------
'rotateRight': function(aValue, aNumberOfBits) {
//Clipperz.Profile.start("Clipperz.Crypto.SHA.rotateRight");
var result;
result = (aValue >>> aNumberOfBits) | (aValue << (32 - aNumberOfBits));
//Clipperz.Profile.stop("Clipperz.Crypto.SHA.rotateRight");
return result;
},
'shiftRight': function(aValue, aNumberOfBits) {
//Clipperz.Profile.start("Clipperz.Crypto.SHA.shiftRight");
var result;
result = aValue >>> aNumberOfBits;
//Clipperz.Profile.stop("Clipperz.Crypto.SHA.shiftRight");
return result;
},
//-----------------------------------------------------------------------------
'safeAdd': function() {
//Clipperz.Profile.start("Clipperz.Crypto.SHA.safeAdd");
var result;
var i, c;
result = arguments[0];
c = arguments.length;
for (i=1; i<c; i++) {
var lowerBytesSum;
lowerBytesSum = (result & 0xffff) + (arguments[i] & 0xffff);
result = (((result >> 16) + (arguments[i] >> 16) + (lowerBytesSum >> 16)) << 16) | (lowerBytesSum & 0xffff);
}
//Clipperz.Profile.stop("Clipperz.Crypto.SHA.safeAdd");
return result;
},
//-----------------------------------------------------------------------------
'sha256_array': function(aValue) {
//Clipperz.Profile.start("Clipperz.Crypto.SHA.sha256_array");
var result;
var message;
var h0, h1, h2, h3, h4, h5, h6, h7;
var k;
var messageLength;
var messageLengthInBits;
var _i, _c;
var charBits;
var rotateRight;
var shiftRight;
var safeAdd;
var bytesPerBlock;
var currentMessageIndex;
bytesPerBlock = 512/8;
rotateRight = Clipperz.Crypto.SHA.rotateRight;
shiftRight = Clipperz.Crypto.SHA.shiftRight;
safeAdd = Clipperz.Crypto.SHA.safeAdd;
charBits = 8;
h0 = 0x6a09e667;
h1 = 0xbb67ae85;
h2 = 0x3c6ef372;
h3 = 0xa54ff53a;
h4 = 0x510e527f;
h5 = 0x9b05688c;
h6 = 0x1f83d9ab;
h7 = 0x5be0cd19;
k = [ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2];
message = aValue;
messageLength = message.length;
//Pre-processing:
message.push(0x80); // append a single "1" bit to message
_c = (512 - (((messageLength + 1) * charBits) % 512) - 64) / charBits;
if (_c < 0) {
_c = _c + (512 / charBits);
}
for (_i=0; _i<_c; _i++) {
message.push(0x00); // append "0" bits until message length ≡ 448 ≡ -64 (mod 512)
}
messageLengthInBits = messageLength * charBits;
message.push(0x00); // the 4 most high byte are alway 0 as message length is represented with a 32bit value;
message.push(0x00);
message.push(0x00);
message.push(0x00);
message.push((messageLengthInBits >> 24) & 0xff);
message.push((messageLengthInBits >> 16) & 0xff);
message.push((messageLengthInBits >> 8) & 0xff);
message.push( messageLengthInBits & 0xff);
currentMessageIndex = 0;
while(currentMessageIndex < message.length) {
var w;
var a, b, c, d, e, f, g, h;
w = Array(64);
_c = 16;
for (_i=0; _i<_c; _i++) {
var _j;
_j = currentMessageIndex + _i*4;
w[_i] = (message[_j] << 24) | (message[_j + 1] << 16) | (message[_j + 2] << 8) | (message[_j + 3] << 0);
}
_c = 64;
for (_i=16; _i<_c; _i++) {
var s0, s1;
s0 = (rotateRight(w[_i-15], 7)) ^ (rotateRight(w[_i-15], 18)) ^ (shiftRight(w[_i-15], 3));
s1 = (rotateRight(w[_i-2], 17)) ^ (rotateRight(w[_i-2], 19)) ^ (shiftRight(w[_i-2], 10));
w[_i] = safeAdd(w[_i-16], s0, w[_i-7], s1);
}
a=h0; b=h1; c=h2; d=h3; e=h4; f=h5; g=h6; h=h7;
_c = 64;
for (_i=0; _i<_c; _i++) {
var s0, s1, ch, maj, t1, t2;
s0 = (rotateRight(a, 2)) ^ (rotateRight(a, 13)) ^ (rotateRight(a, 22));
maj = (a & b) ^ (a & c) ^ (b & c);
t2 = safeAdd(s0, maj);
s1 = (rotateRight(e, 6)) ^ (rotateRight(e, 11)) ^ (rotateRight(e, 25));
ch = (e & f) ^ ((~e) & g);
t1 = safeAdd(h, s1, ch, k[_i], w[_i]);
h = g;
g = f;
f = e;
e = safeAdd(d, t1);
d = c;
c = b;
b = a;
a = safeAdd(t1, t2);
}
h0 = safeAdd(h0, a);
h1 = safeAdd(h1, b);
h2 = safeAdd(h2, c);
h3 = safeAdd(h3, d);
h4 = safeAdd(h4, e);
h5 = safeAdd(h5, f);
h6 = safeAdd(h6, g);
h7 = safeAdd(h7, h);
currentMessageIndex += bytesPerBlock;
}
diff --git a/frontend/gamma/js/Clipperz/Crypto/SRP.js b/frontend/gamma/js/Clipperz/Crypto/SRP.js
index 3b25275..597e72d 100644
--- a/frontend/gamma/js/Clipperz/Crypto/SRP.js
+++ b/frontend/gamma/js/Clipperz/Crypto/SRP.js
@@ -1,328 +1,316 @@
/*
-Copyright 2008-2011 Clipperz Srl
+Copyright 2008-2013 Clipperz Srl
-This file is part of Clipperz Community Edition.
-Clipperz Community Edition is an online password manager.
+This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
-* Clipperz Community Edition is free software: you can redistribute
- it and/or modify it under the terms of the GNU Affero General Public
- License as published by the Free Software Foundation, either version
- 3 of the License, or (at your option) any later version.
+* Clipperz is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
-* Clipperz Community Edition is distributed in the hope that it will
- be useful, but WITHOUT ANY WARRANTY; without even the implied
- warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+* Clipperz is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
- License along with Clipperz Community Edition. If not, see
- <http://www.gnu.org/licenses/>.
+ License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!";
}
try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.BigInt!";
}
try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.PRNG!";
}
if (typeof(Clipperz.Crypto.SRP) == 'undefined') { Clipperz.Crypto.SRP = {}; }
Clipperz.Crypto.SRP.VERSION = "0.1";
Clipperz.Crypto.SRP.NAME = "Clipperz.Crypto.SRP";
//#############################################################################
MochiKit.Base.update(Clipperz.Crypto.SRP, {
'_n': null,
'_g': null,
//-------------------------------------------------------------------------
'n': function() {
if (Clipperz.Crypto.SRP._n == null) {
Clipperz.Crypto.SRP._n = new Clipperz.Crypto.BigInt("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16);
}
return Clipperz.Crypto.SRP._n;
},
//-------------------------------------------------------------------------
'g': function() {
if (Clipperz.Crypto.SRP._g == null) {
Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2); // eventually 5 (as suggested on the Diffi-Helmann documentation)
}
return Clipperz.Crypto.SRP._g;
},
//-----------------------------------------------------------------------------
'exception': {
'InvalidValue': new MochiKit.Base.NamedError("Clipperz.Crypto.SRP.exception.InvalidValue")
},
//-------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
//
// S R P C o n n e c t i o n version 1.0
//
//=============================================================================
Clipperz.Crypto.SRP.Connection = function (args) {
args = args || {};
this._C = args.C;
this._P = args.P;
this.hash = args.hash;
this._a = null;
this._A = null;
this._s = null;
this._B = null;
this._x = null;
this._u = null;
this._K = null;
this._M1 = null;
this._M2 = null;
this._sessionKey = null;
return this;
}
Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'toString': function () {
return "Clipperz.Crypto.SRP.Connection (username: " + this.username() + "). Status: " + this.statusDescription();
},
//-------------------------------------------------------------------------
'C': function () {
return this._C;
},
//-------------------------------------------------------------------------
'P': function () {
return this._P;
},
//-------------------------------------------------------------------------
'a': function () {
if (this._a == null) {
this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16);
// this._a = new Clipperz.Crypto.BigInt("37532428169486597638072888476611365392249575518156687476805936694442691012367", 10);
-//MochiKit.Logging.logDebug("SRP a: " + this._a);
}
return this._a;
},
//-------------------------------------------------------------------------
'A': function () {
if (this._A == null) {
// Warning: this value should be strictly greater than zero: how should we perform this check?
this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n());
if (this._A.equals(0)) {
-MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0.");
+ Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0.");
throw Clipperz.Crypto.SRP.exception.InvalidValue;
}
-//MochiKit.Logging.logDebug("SRP A: " + this._A);
}
return this._A;
},
//-------------------------------------------------------------------------
's': function () {
return this._s;
-//MochiKit.Logging.logDebug("SRP s: " + this._S);
},
'set_s': function(aValue) {
this._s = aValue;
},
//-------------------------------------------------------------------------
'B': function () {
return this._B;
},
'set_B': function(aValue) {
// Warning: this value should be strictly greater than zero: how should we perform this check?
if (! aValue.equals(0)) {
this._B = aValue;
-//MochiKit.Logging.logDebug("SRP B: " + this._B);
} else {
-MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0.");
+ Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0.");
throw Clipperz.Crypto.SRP.exception.InvalidValue;
}
},
//-------------------------------------------------------------------------
'x': function () {
if (this._x == null) {
this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s().asString(16, 64) + this.P()), 16);
-//MochiKit.Logging.logDebug("SRP x: " + this._x);
}
return this._x;
},
//-------------------------------------------------------------------------
'u': function () {
if (this._u == null) {
this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16);
-//MochiKit.Logging.logDebug("SRP u: " + this._u);
}
return this._u;
},
//-------------------------------------------------------------------------
'S': function () {
if (this._S == null) {
var bigint;
var srp;
bigint = Clipperz.Crypto.BigInt;
srp = Clipperz.Crypto.SRP;
this._S = bigint.powerModule(
bigint.subtract(this.B(), bigint.powerModule(srp.g(), this.x(), srp.n())),
bigint.add(this.a(), bigint.multiply(this.u(), this.x())),
srp.n()
)
-//MochiKit.Logging.logDebug("SRP S: " + this._S);
}
return this._S;
},
//-------------------------------------------------------------------------
'K': function () {
if (this._K == null) {
this._K = this.stringHash(this.S().asString());
-//MochiKit.Logging.logDebug("SRP K: " + this._K);
}
return this._K;
},
//-------------------------------------------------------------------------
'M1': function () {
if (this._M1 == null) {
this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K());
-//MochiKit.Logging.logDebug("SRP M1: " + this._M1);
}
return this._M1;
},
//-------------------------------------------------------------------------
'M2': function () {
if (this._M2 == null) {
this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K());
-//MochiKit.Logging.logDebug("SRP M2: " + this._M2);
}
return this._M2;
},
//=========================================================================
'serverSideCredentialsWithSalt': function(aSalt) {
var result;
var s, x, v;
s = aSalt;
x = this.stringHash(s + this.P());
v = Clipperz.Crypto.SRP.g().powerModule(new Clipperz.Crypto.BigInt(x, 16), Clipperz.Crypto.SRP.n());
result = {};
result['C'] = this.C();
result['s'] = s;
result['v'] = v.asString(16);
return result;
},
'serverSideCredentials': function() {
var result;
var s;
s = Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2);
result = this.serverSideCredentialsWithSalt(s);
return result;
},
//=========================================================================
/*
'computeServerSide_S': function(b) {
var result;
var v;
var bigint;
var srp;
bigint = Clipperz.Crypto.BigInt;
srp = Clipperz.Crypto.SRP;
v = new Clipperz.Crypto.BigInt(srpConnection.serverSideCredentialsWithSalt(this.s().asString(16, 64)).v, 16);
// _S = (this.A().multiply(this.v().modPow(this.u(), this.n()))).modPow(this.b(), this.n());
result = bigint.powerModule(
bigint.multiply(
this.A(),
bigint.powerModule(v, this.u(), srp.n())
), new Clipperz.Crypto.BigInt(b, 10), srp.n()
);
return result;
},
*/
//=========================================================================
'stringHash': function(aValue) {
var result;
result = this.hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
return result;
},
//=========================================================================
__syntaxFix__: "syntax fix"
});
//#############################################################################