Diffstat (limited to 'frontend/gamma/js/Clipperz/Crypto') (more/less context) (ignore whitespace changes)
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/AES.js | 29 | ||||
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/Base.js | 22 | ||||
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/BigInt.js | 23 | ||||
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/BigInt_scoped.js | 22 | ||||
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js | 83 | ||||
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js | 26 | ||||
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Point.js | 22 | ||||
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Value.js | 24 | ||||
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js | 31 | ||||
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/PRNG.js | 33 | ||||
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/RSA.js | 22 | ||||
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/SHA.js | 22 | ||||
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/SRP.js | 36 |
13 files changed, 145 insertions, 250 deletions
diff --git a/frontend/gamma/js/Clipperz/Crypto/AES.js b/frontend/gamma/js/Clipperz/Crypto/AES.js index c811f1c..cb56f11 100644 --- a/frontend/gamma/js/Clipperz/Crypto/AES.js +++ b/frontend/gamma/js/Clipperz/Crypto/AES.js | |||
@@ -1,243 +1,240 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.AES depends on Clipperz.ByteArray!"; | 25 | throw "Clipperz.Crypto.AES depends on Clipperz.ByteArray!"; |
28 | } | 26 | } |
29 | 27 | ||
30 | //Dependency commented to avoid a circular reference | 28 | //Dependency commented to avoid a circular reference |
31 | //try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) { | 29 | //try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) { |
32 | //throw "Clipperz.Crypto.AES depends on Clipperz.Crypto.PRNG!"; | 30 | //throw "Clipperz.Crypto.AES depends on Clipperz.Crypto.PRNG!"; |
33 | //} | 31 | //} |
34 | 32 | ||
35 | if (typeof(Clipperz.Crypto.AES) == 'undefined') { Clipperz.Crypto.AES = {}; } | 33 | if (typeof(Clipperz.Crypto.AES) == 'undefined') { Clipperz.Crypto.AES = {}; } |
36 | 34 | ||
37 | //############################################################################# | 35 | //############################################################################# |
38 | 36 | ||
39 | Clipperz.Crypto.AES.DeferredExecutionContext = function(args) { | 37 | Clipperz.Crypto.AES.DeferredExecutionContext = function(args) { |
40 | args = args || {}; | 38 | args = args || {}; |
41 | 39 | ||
42 | this._key = args.key; | 40 | this._key = args.key; |
43 | this._message = args.message; | 41 | this._message = args.message; |
44 | this._result = args.message.clone(); | 42 | this._result = args.message.clone(); |
45 | this._nonce = args.nonce; | 43 | this._nonce = args.nonce; |
46 | this._messageLength = this._message.length(); | 44 | this._messageLength = this._message.length(); |
47 | 45 | ||
48 | this._messageArray = this._message.arrayValues(); | 46 | this._messageArray = this._message.arrayValues(); |
49 | this._resultArray = this._result.arrayValues(); | 47 | this._resultArray = this._result.arrayValues(); |
50 | this._nonceArray = this._nonce.arrayValues(); | 48 | this._nonceArray = this._nonce.arrayValues(); |
51 | 49 | ||
52 | this._executionStep = 0; | 50 | this._executionStep = 0; |
53 | 51 | ||
54 | // this._elaborationChunkSize = 1024; // 4096; // 16384; //4096; | 52 | // this._elaborationChunkSize = 1024; // 4096; // 16384; //4096; |
55 | this._elaborationChunks = 10; | 53 | this._elaborationChunks = 10; |
56 | this._pauseTime = 0.02; // 0.02 //0.2; | 54 | this._pauseTime = 0.02; // 0.02 //0.2; |
57 | 55 | ||
58 | return this; | 56 | return this; |
59 | } | 57 | } |
60 | 58 | ||
61 | Clipperz.Crypto.AES.DeferredExecutionContext.prototype = MochiKit.Base.update(null, { | 59 | Clipperz.Crypto.AES.DeferredExecutionContext.prototype = MochiKit.Base.update(null, { |
62 | 60 | ||
63 | 'key': function() { | 61 | 'key': function() { |
64 | return this._key; | 62 | return this._key; |
65 | }, | 63 | }, |
66 | 64 | ||
67 | 'message': function() { | 65 | 'message': function() { |
68 | return this._message; | 66 | return this._message; |
69 | }, | 67 | }, |
70 | 68 | ||
71 | 'messageLength': function() { | 69 | 'messageLength': function() { |
72 | return this._messageLength; | 70 | return this._messageLength; |
73 | }, | 71 | }, |
74 | 72 | ||
75 | 'result': function() { | 73 | 'result': function() { |
76 | return new Clipperz.ByteArray(this.resultArray()); | 74 | return new Clipperz.ByteArray(this.resultArray()); |
77 | }, | 75 | }, |
78 | 76 | ||
79 | 'nonce': function() { | 77 | 'nonce': function() { |
80 | return this._nonce; | 78 | return this._nonce; |
81 | }, | 79 | }, |
82 | 80 | ||
83 | 'messageArray': function() { | 81 | 'messageArray': function() { |
84 | return this._messageArray; | 82 | return this._messageArray; |
85 | }, | 83 | }, |
86 | 84 | ||
87 | 'resultArray': function() { | 85 | 'resultArray': function() { |
88 | return this._resultArray; | 86 | return this._resultArray; |
89 | }, | 87 | }, |
90 | 88 | ||
91 | 'nonceArray': function() { | 89 | 'nonceArray': function() { |
92 | return this._nonceArray; | 90 | return this._nonceArray; |
93 | }, | 91 | }, |
94 | 92 | ||
95 | 'elaborationChunkSize': function() { | 93 | 'elaborationChunkSize': function() { |
96 | // return Clipperz.Crypto.AES.DeferredExecution.chunkSize; | 94 | // return Clipperz.Crypto.AES.DeferredExecution.chunkSize; |
97 | // return this._elaborationChunkSize; | 95 | // return this._elaborationChunkSize; |
98 | return (this._elaborationChunks * 1024); | 96 | return (this._elaborationChunks * 1024); |
99 | }, | 97 | }, |
100 | 98 | ||
101 | 'executionStep': function() { | 99 | 'executionStep': function() { |
102 | return this._executionStep; | 100 | return this._executionStep; |
103 | }, | 101 | }, |
104 | 102 | ||
105 | 'setExecutionStep': function(aValue) { | 103 | 'setExecutionStep': function(aValue) { |
106 | this._executionStep = aValue; | 104 | this._executionStep = aValue; |
107 | }, | 105 | }, |
108 | 106 | ||
109 | 'tuneExecutionParameters': function (anElapsedTime) { | 107 | 'tuneExecutionParameters': function (anElapsedTime) { |
110 | //var originalChunks = this._elaborationChunks; | 108 | //var originalChunks = this._elaborationChunks; |
111 | if (anElapsedTime > 0) { | 109 | if (anElapsedTime > 0) { |
112 | this._elaborationChunks = Math.round(this._elaborationChunks * ((anElapsedTime + 1000)/(anElapsedTime * 2))); | 110 | this._elaborationChunks = Math.round(this._elaborationChunks * ((anElapsedTime + 1000)/(anElapsedTime * 2))); |
113 | } | 111 | } |
114 | //Clipperz.log("tuneExecutionParameters - elapsedTime: " + anElapsedTime + /*originalChunks,*/ " chunks # " + this._elaborationChunks + " [" + this._executionStep + " / " + this._messageLength + "]"); | 112 | //Clipperz.log("tuneExecutionParameters - elapsedTime: " + anElapsedTime + /*originalChunks,*/ " chunks # " + this._elaborationChunks + " [" + this._executionStep + " / " + this._messageLength + "]"); |
115 | }, | 113 | }, |
116 | 114 | ||
117 | 'pause': function(aValue) { | 115 | 'pause': function(aValue) { |
118 | // return MochiKit.Async.wait(Clipperz.Crypto.AES.DeferredExecution.pauseTime, aValue); | 116 | // return MochiKit.Async.wait(Clipperz.Crypto.AES.DeferredExecution.pauseTime, aValue); |
119 | return MochiKit.Async.wait(this._pauseTime, aValue); | 117 | return MochiKit.Async.wait(this._pauseTime, aValue); |
120 | }, | 118 | }, |
121 | 119 | ||
122 | 'isDone': function () { | 120 | 'isDone': function () { |
123 | //console.log("isDone", this.executionStep(), this.messageLength()); | ||
124 | return (this._executionStep >= this._messageLength); | 121 | return (this._executionStep >= this._messageLength); |
125 | }, | 122 | }, |
126 | 123 | ||
127 | //----------------------------------------------------------------------------- | 124 | //----------------------------------------------------------------------------- |
128 | __syntaxFix__: "syntax fix" | 125 | __syntaxFix__: "syntax fix" |
129 | 126 | ||
130 | }); | 127 | }); |
131 | 128 | ||
132 | //############################################################################# | 129 | //############################################################################# |
133 | 130 | ||
134 | Clipperz.Crypto.AES.Key = function(args) { | 131 | Clipperz.Crypto.AES.Key = function(args) { |
135 | args = args || {}; | 132 | args = args || {}; |
136 | 133 | ||
137 | this._key = args.key; | 134 | this._key = args.key; |
138 | this._keySize = args.keySize || this.key().length(); | 135 | this._keySize = args.keySize || this.key().length(); |
139 | 136 | ||
140 | if (this.keySize() == 128/8) { | 137 | if (this.keySize() == 128/8) { |
141 | this._b = 176; | 138 | this._b = 176; |
142 | this._numberOfRounds = 10; | 139 | this._numberOfRounds = 10; |
143 | } else if (this.keySize() == 256/8) { | 140 | } else if (this.keySize() == 256/8) { |
144 | this._b = 240; | 141 | this._b = 240; |
145 | this._numberOfRounds = 14; | 142 | this._numberOfRounds = 14; |
146 | } else { | 143 | } else { |
147 | MochiKit.Logging.logError("AES unsupported key size: " + (this.keySize() * 8) + " bits"); | 144 | Clipperz.logError("AES unsupported key size: " + (this.keySize() * 8) + " bits"); |
148 | throw Clipperz.Crypto.AES.exception.UnsupportedKeySize; | 145 | throw Clipperz.Crypto.AES.exception.UnsupportedKeySize; |
149 | } | 146 | } |
150 | 147 | ||
151 | this._stretchedKey = null; | 148 | this._stretchedKey = null; |
152 | 149 | ||
153 | return this; | 150 | return this; |
154 | } | 151 | } |
155 | 152 | ||
156 | Clipperz.Crypto.AES.Key.prototype = MochiKit.Base.update(null, { | 153 | Clipperz.Crypto.AES.Key.prototype = MochiKit.Base.update(null, { |
157 | 154 | ||
158 | 'asString': function() { | 155 | 'asString': function() { |
159 | return "Clipperz.Crypto.AES.Key (" + this.key().toHexString() + ")"; | 156 | return "Clipperz.Crypto.AES.Key (" + this.key().toHexString() + ")"; |
160 | }, | 157 | }, |
161 | 158 | ||
162 | //----------------------------------------------------------------------------- | 159 | //----------------------------------------------------------------------------- |
163 | 160 | ||
164 | 'key': function() { | 161 | 'key': function() { |
165 | return this._key; | 162 | return this._key; |
166 | }, | 163 | }, |
167 | 164 | ||
168 | 'keySize': function() { | 165 | 'keySize': function() { |
169 | return this._keySize; | 166 | return this._keySize; |
170 | }, | 167 | }, |
171 | 168 | ||
172 | 'b': function() { | 169 | 'b': function() { |
173 | return this._b; | 170 | return this._b; |
174 | }, | 171 | }, |
175 | 172 | ||
176 | 'numberOfRounds': function() { | 173 | 'numberOfRounds': function() { |
177 | return this._numberOfRounds; | 174 | return this._numberOfRounds; |
178 | }, | 175 | }, |
179 | //========================================================================= | 176 | //========================================================================= |
180 | 177 | ||
181 | 'keyScheduleCore': function(aWord, aRoundConstantsIndex) { | 178 | 'keyScheduleCore': function(aWord, aRoundConstantsIndex) { |
182 | varresult; | 179 | varresult; |
183 | var sbox; | 180 | var sbox; |
184 | 181 | ||
185 | sbox = Clipperz.Crypto.AES.sbox(); | 182 | sbox = Clipperz.Crypto.AES.sbox(); |
186 | 183 | ||
187 | result = [sbox[aWord[1]] ^ Clipperz.Crypto.AES.roundConstants()[aRoundConstantsIndex], | 184 | result = [sbox[aWord[1]] ^ Clipperz.Crypto.AES.roundConstants()[aRoundConstantsIndex], |
188 | sbox[aWord[2]], | 185 | sbox[aWord[2]], |
189 | sbox[aWord[3]], | 186 | sbox[aWord[3]], |
190 | sbox[aWord[0]]]; | 187 | sbox[aWord[0]]]; |
191 | 188 | ||
192 | return result; | 189 | return result; |
193 | }, | 190 | }, |
194 | 191 | ||
195 | //----------------------------------------------------------------------------- | 192 | //----------------------------------------------------------------------------- |
196 | 193 | ||
197 | 'xorWithPreviousStretchValues': function(aKey, aWord, aPreviousWordIndex) { | 194 | 'xorWithPreviousStretchValues': function(aKey, aWord, aPreviousWordIndex) { |
198 | varresult; | 195 | varresult; |
199 | var i,c; | 196 | var i,c; |
200 | 197 | ||
201 | result = []; | 198 | result = []; |
202 | c = 4; | 199 | c = 4; |
203 | for (i=0; i<c; i++) { | 200 | for (i=0; i<c; i++) { |
204 | result[i] = aWord[i] ^ aKey.byteAtIndex(aPreviousWordIndex + i); | 201 | result[i] = aWord[i] ^ aKey.byteAtIndex(aPreviousWordIndex + i); |
205 | } | 202 | } |
206 | 203 | ||
207 | return result; | 204 | return result; |
208 | }, | 205 | }, |
209 | 206 | ||
210 | //----------------------------------------------------------------------------- | 207 | //----------------------------------------------------------------------------- |
211 | 208 | ||
212 | 'sboxShakeup': function(aWord) { | 209 | 'sboxShakeup': function(aWord) { |
213 | var result; | 210 | var result; |
214 | var sbox; | 211 | var sbox; |
215 | var i,c; | 212 | var i,c; |
216 | 213 | ||
217 | result = []; | 214 | result = []; |
218 | sbox = Clipperz.Crypto.AES.sbox(); | 215 | sbox = Clipperz.Crypto.AES.sbox(); |
219 | c =4; | 216 | c =4; |
220 | for (i=0; i<c; i++) { | 217 | for (i=0; i<c; i++) { |
221 | result[i] = sbox[aWord[i]]; | 218 | result[i] = sbox[aWord[i]]; |
222 | } | 219 | } |
223 | 220 | ||
224 | return result; | 221 | return result; |
225 | }, | 222 | }, |
226 | 223 | ||
227 | //----------------------------------------------------------------------------- | 224 | //----------------------------------------------------------------------------- |
228 | 225 | ||
229 | 'stretchKey': function(aKey) { | 226 | 'stretchKey': function(aKey) { |
230 | varcurrentWord; | 227 | varcurrentWord; |
231 | varkeyLength; | 228 | varkeyLength; |
232 | varpreviousStretchIndex; | 229 | varpreviousStretchIndex; |
233 | var i,c; | 230 | var i,c; |
234 | 231 | ||
235 | keyLength = aKey.length(); | 232 | keyLength = aKey.length(); |
236 | previousStretchIndex = keyLength - this.keySize(); | 233 | previousStretchIndex = keyLength - this.keySize(); |
237 | 234 | ||
238 | currentWord = [aKey.byteAtIndex(keyLength - 4), | 235 | currentWord = [aKey.byteAtIndex(keyLength - 4), |
239 | aKey.byteAtIndex(keyLength - 3), | 236 | aKey.byteAtIndex(keyLength - 3), |
240 | aKey.byteAtIndex(keyLength - 2), | 237 | aKey.byteAtIndex(keyLength - 2), |
241 | aKey.byteAtIndex(keyLength - 1)]; | 238 | aKey.byteAtIndex(keyLength - 1)]; |
242 | currentWord = this.keyScheduleCore(currentWord, keyLength / this.keySize()); | 239 | currentWord = this.keyScheduleCore(currentWord, keyLength / this.keySize()); |
243 | 240 | ||
@@ -715,152 +712,148 @@ MochiKit.Base.update(Clipperz.Crypto.AES, { | |||
715 | varmessageLength; | 712 | varmessageLength; |
716 | var blockSize; | 713 | var blockSize; |
717 | var executionLimit; | 714 | var executionLimit; |
718 | var startTime, endTime; | 715 | var startTime, endTime; |
719 | 716 | ||
720 | self = Clipperz.Crypto.AES; | 717 | self = Clipperz.Crypto.AES; |
721 | startTime = new Date(); | 718 | startTime = new Date(); |
722 | blockSize = 128/8; | 719 | blockSize = 128/8; |
723 | messageLength = anExecutionContext.messageArray().length; | 720 | messageLength = anExecutionContext.messageArray().length; |
724 | nonce = anExecutionContext.nonceArray(); | 721 | nonce = anExecutionContext.nonceArray(); |
725 | result = anExecutionContext.resultArray(); | 722 | result = anExecutionContext.resultArray(); |
726 | 723 | ||
727 | messageIndex = anExecutionContext.executionStep(); | 724 | messageIndex = anExecutionContext.executionStep(); |
728 | executionLimit = messageIndex + anExecutionContext.elaborationChunkSize(); | 725 | executionLimit = messageIndex + anExecutionContext.elaborationChunkSize(); |
729 | executionLimit = Math.min(executionLimit, messageLength); | 726 | executionLimit = Math.min(executionLimit, messageLength); |
730 | 727 | ||
731 | while (messageIndex < executionLimit) { | 728 | while (messageIndex < executionLimit) { |
732 | var encryptedBlock; | 729 | var encryptedBlock; |
733 | var i,c; | 730 | var i,c; |
734 | 731 | ||
735 | self.incrementNonce(nonce); | 732 | self.incrementNonce(nonce); |
736 | encryptedBlock = self.encryptBlock(anExecutionContext.key(), nonce); | 733 | encryptedBlock = self.encryptBlock(anExecutionContext.key(), nonce); |
737 | 734 | ||
738 | if ((executionLimit - messageIndex) > blockSize) { | 735 | if ((executionLimit - messageIndex) > blockSize) { |
739 | c = blockSize; | 736 | c = blockSize; |
740 | } else { | 737 | } else { |
741 | c = executionLimit - messageIndex; | 738 | c = executionLimit - messageIndex; |
742 | } | 739 | } |
743 | 740 | ||
744 | for (i=0; i<c; i++) { | 741 | for (i=0; i<c; i++) { |
745 | result[messageIndex + i] = result[messageIndex + i] ^ encryptedBlock[i]; | 742 | result[messageIndex + i] = result[messageIndex + i] ^ encryptedBlock[i]; |
746 | } | 743 | } |
747 | 744 | ||
748 | messageIndex += blockSize; | 745 | messageIndex += blockSize; |
749 | } | 746 | } |
750 | anExecutionContext.setExecutionStep(messageIndex); | 747 | anExecutionContext.setExecutionStep(messageIndex); |
751 | endTime = new Date(); | 748 | endTime = new Date(); |
752 | anExecutionContext.tuneExecutionParameters(endTime - startTime); | 749 | anExecutionContext.tuneExecutionParameters(endTime - startTime); |
753 | 750 | ||
754 | return anExecutionContext; | 751 | return anExecutionContext; |
755 | }, | 752 | }, |
756 | 753 | ||
757 | //----------------------------------------------------------------------------- | 754 | //----------------------------------------------------------------------------- |
758 | /* | 755 | /* |
759 | 'deferredEncryptBlocks': function(anExecutionContext) { | 756 | 'deferredEncryptBlocks': function(anExecutionContext) { |
760 | vardeferredResult; | 757 | vardeferredResult; |
761 | varmessageSize; | 758 | varmessageSize; |
762 | var i,c; | 759 | var i,c; |
763 | 760 | ||
764 | messageSize = anExecutionContext.messageLength(); | 761 | messageSize = anExecutionContext.messageLength(); |
765 | 762 | ||
766 | deferredResult = new Clipperz.Async.Deferred("AES.deferredEncryptBloks"); | 763 | deferredResult = new Clipperz.Async.Deferred("AES.deferredEncryptBloks"); |
767 | 764 | ||
768 | c = Math.ceil(messageSize / anExecutionContext.elaborationChunkSize()); | 765 | c = Math.ceil(messageSize / anExecutionContext.elaborationChunkSize()); |
769 | for (i=0; i<c; i++) { | 766 | for (i=0; i<c; i++) { |
770 | deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptExecutionChunk); | 767 | deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptExecutionChunk); |
771 | deferredResult.addMethod(anExecutionContext, 'pause'); | 768 | deferredResult.addMethod(anExecutionContext, 'pause'); |
772 | } | 769 | } |
773 | 770 | ||
774 | deferredResult.callback(anExecutionContext); | 771 | deferredResult.callback(anExecutionContext); |
775 | 772 | ||
776 | return deferredResult; | 773 | return deferredResult; |
777 | }, | 774 | }, |
778 | */ | 775 | */ |
779 | 776 | ||
780 | 'deferredEncryptBlocks': function(anExecutionContext) { | 777 | 'deferredEncryptBlocks': function(anExecutionContext) { |
781 | vardeferredResult; | 778 | vardeferredResult; |
782 | 779 | ||
783 | if (! anExecutionContext.isDone()) { | 780 | if (! anExecutionContext.isDone()) { |
784 | deferredResult = Clipperz.Async.callbacks("Clipperz.Crypto.AES.deferredEncryptBloks", [ | 781 | deferredResult = Clipperz.Async.callbacks("Clipperz.Crypto.AES.deferredEncryptBloks", [ |
785 | Clipperz.Crypto.AES.deferredEncryptExecutionChunk, | 782 | Clipperz.Crypto.AES.deferredEncryptExecutionChunk, |
786 | MochiKit.Base.method(anExecutionContext, 'pause'), | 783 | MochiKit.Base.method(anExecutionContext, 'pause'), |
787 | Clipperz.Crypto.AES.deferredEncryptBlocks | 784 | Clipperz.Crypto.AES.deferredEncryptBlocks |
788 | ], {trace:false}, anExecutionContext); | 785 | ], {trace:false}, anExecutionContext); |
789 | } else { | 786 | } else { |
790 | deferredResult = MochiKit.Async.succeed(anExecutionContext); | 787 | deferredResult = MochiKit.Async.succeed(anExecutionContext); |
791 | } | 788 | } |
792 | 789 | ||
793 | return deferredResult; | 790 | return deferredResult; |
794 | }, | 791 | }, |
795 | 792 | ||
796 | //----------------------------------------------------------------------------- | 793 | //----------------------------------------------------------------------------- |
797 | 794 | ||
798 | 'deferredEncrypt': function(aKey, someData, aNonce) { | 795 | 'deferredEncrypt': function(aKey, someData, aNonce) { |
799 | var deferredResult; | 796 | var deferredResult; |
800 | varexecutionContext; | 797 | varexecutionContext; |
801 | var result; | 798 | var result; |
802 | var nonce; | 799 | var nonce; |
803 | var key; | 800 | var key; |
804 | 801 | ||
805 | key = new Clipperz.Crypto.AES.Key({key:aKey}); | 802 | key = new Clipperz.Crypto.AES.Key({key:aKey}); |
806 | nonce = aNonce ? aNonce.clone() : Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(128/8); | 803 | nonce = aNonce ? aNonce.clone() : Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(128/8); |
807 | 804 | ||
808 | executionContext = new Clipperz.Crypto.AES.DeferredExecutionContext({key:key, message:someData, nonce:nonce}); | 805 | executionContext = new Clipperz.Crypto.AES.DeferredExecutionContext({key:key, message:someData, nonce:nonce}); |
809 | 806 | ||
810 | deferredResult = new Clipperz.Async.Deferred("AES.deferredEncrypt"); | 807 | deferredResult = new Clipperz.Async.Deferred("AES.deferredEncrypt"); |
811 | //deferredResult.addCallback(function (aValue) { console.log(">>> deferredEncrypt"); return aValue; }); | ||
812 | deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptBlocks); | 808 | deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptBlocks); |
813 | deferredResult.addCallback(function(anExecutionContext) { | 809 | deferredResult.addCallback(function(anExecutionContext) { |
814 | var result; | 810 | var result; |
815 | 811 | ||
816 | result = anExecutionContext.nonce().clone(); | 812 | result = anExecutionContext.nonce().clone(); |
817 | result.appendBytes(anExecutionContext.resultArray()); | 813 | result.appendBytes(anExecutionContext.resultArray()); |
818 | 814 | ||
819 | return result; | 815 | return result; |
820 | }); | 816 | }); |
821 | //deferredResult.addCallback(function (aValue) { console.log("<<< deferredEncrypt"); return aValue; }); | ||
822 | deferredResult.callback(executionContext) | 817 | deferredResult.callback(executionContext) |
823 | 818 | ||
824 | return deferredResult; | 819 | return deferredResult; |
825 | }, | 820 | }, |
826 | 821 | ||
827 | //----------------------------------------------------------------------------- | 822 | //----------------------------------------------------------------------------- |
828 | 823 | ||
829 | 'deferredDecrypt': function(aKey, someData) { | 824 | 'deferredDecrypt': function(aKey, someData) { |
830 | var deferredResult | 825 | var deferredResult |
831 | var nonce; | 826 | var nonce; |
832 | var message; | 827 | var message; |
833 | var key; | 828 | var key; |
834 | 829 | ||
835 | key = new Clipperz.Crypto.AES.Key({key:aKey}); | 830 | key = new Clipperz.Crypto.AES.Key({key:aKey}); |
836 | nonce = someData.split(0, (128/8)); | 831 | nonce = someData.split(0, (128/8)); |
837 | message = someData.split(128/8); | 832 | message = someData.split(128/8); |
838 | executionContext = new Clipperz.Crypto.AES.DeferredExecutionContext({key:key, message:message, nonce:nonce}); | 833 | executionContext = new Clipperz.Crypto.AES.DeferredExecutionContext({key:key, message:message, nonce:nonce}); |
839 | 834 | ||
840 | deferredResult = new Clipperz.Async.Deferred("AES.deferredDecrypt"); | 835 | deferredResult = new Clipperz.Async.Deferred("AES.deferredDecrypt"); |
841 | //deferredResult.addCallback(function (aValue) { console.log(">>> deferredDecrypt"); return aValue; }); | ||
842 | deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptBlocks); | 836 | deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptBlocks); |
843 | deferredResult.addCallback(function(anExecutionContext) { | 837 | deferredResult.addCallback(function(anExecutionContext) { |
844 | return anExecutionContext.result(); | 838 | return anExecutionContext.result(); |
845 | }); | 839 | }); |
846 | //deferredResult.addCallback(function (aValue) { console.log("<<< deferredDecrypt"); return aValue; }); | ||
847 | deferredResult.callback(executionContext); | 840 | deferredResult.callback(executionContext); |
848 | 841 | ||
849 | return deferredResult; | 842 | return deferredResult; |
850 | }, | 843 | }, |
851 | 844 | ||
852 | //----------------------------------------------------------------------------- | 845 | //----------------------------------------------------------------------------- |
853 | __syntaxFix__: "syntax fix" | 846 | __syntaxFix__: "syntax fix" |
854 | 847 | ||
855 | }); | 848 | }); |
856 | 849 | ||
857 | //############################################################################# | 850 | //############################################################################# |
858 | 851 | ||
859 | //Clipperz.Crypto.AES.DeferredExecution = { | 852 | //Clipperz.Crypto.AES.DeferredExecution = { |
860 | // 'chunkSize': 16384, // 4096, // 1024 4096 8192 1638432768; | 853 | // 'chunkSize': 16384, // 4096, // 1024 4096 8192 1638432768; |
861 | // 'pauseTime': 0.02 //0.2 | 854 | // 'pauseTime': 0.02 //0.2 |
862 | //} | 855 | //} |
863 | 856 | ||
864 | Clipperz.Crypto.AES.exception = { | 857 | Clipperz.Crypto.AES.exception = { |
865 | 'UnsupportedKeySize': new MochiKit.Base.NamedError("Clipperz.Crypto.AES.exception.UnsupportedKeySize") | 858 | 'UnsupportedKeySize': new MochiKit.Base.NamedError("Clipperz.Crypto.AES.exception.UnsupportedKeySize") |
866 | }; | 859 | }; |
diff --git a/frontend/gamma/js/Clipperz/Crypto/Base.js b/frontend/gamma/js/Clipperz/Crypto/Base.js index d3a8e36..9acfc49 100644 --- a/frontend/gamma/js/Clipperz/Crypto/Base.js +++ b/frontend/gamma/js/Clipperz/Crypto/Base.js | |||
@@ -1,118 +1,116 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.Base) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.Base) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.Base depends on Clipperz.Base!"; | 25 | throw "Clipperz.Crypto.Base depends on Clipperz.Base!"; |
28 | } | 26 | } |
29 | 27 | ||
30 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } | 28 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } |
31 | if (typeof(Clipperz.Crypto.Base) == 'undefined') { Clipperz.Crypto.Base = {}; } | 29 | if (typeof(Clipperz.Crypto.Base) == 'undefined') { Clipperz.Crypto.Base = {}; } |
32 | 30 | ||
33 | Clipperz.Crypto.Base.VERSION = "0.1"; | 31 | Clipperz.Crypto.Base.VERSION = "0.1"; |
34 | Clipperz.Crypto.Base.NAME = "Clipperz.Crypto.Base"; | 32 | Clipperz.Crypto.Base.NAME = "Clipperz.Crypto.Base"; |
35 | 33 | ||
36 | //############################################################################# | 34 | //############################################################################# |
37 | //Downloaded on March 30, 2006 from http://anmar.eu.org/projects/jssha2/files/jssha2-0.3.zip (jsSha2/sha256.js) | 35 | //Downloaded on March 30, 2006 from http://anmar.eu.org/projects/jssha2/files/jssha2-0.3.zip (jsSha2/sha256.js) |
38 | //############################################################################# | 36 | //############################################################################# |
39 | 37 | ||
40 | /* A JavaScript implementation of the Secure Hash Algorithm, SHA-256 | 38 | /* A JavaScript implementation of the Secure Hash Algorithm, SHA-256 |
41 | * Version 0.3 Copyright Angel Marin 2003-2004 - http://anmar.eu.org/ | 39 | * Version 0.3 Copyright Angel Marin 2003-2004 - http://anmar.eu.org/ |
42 | * Distributed under the BSD License | 40 | * Distributed under the BSD License |
43 | * Some bits taken from Paul Johnston's SHA-1 implementation | 41 | * Some bits taken from Paul Johnston's SHA-1 implementation |
44 | */ | 42 | */ |
45 | var chrsz = 8; /* bits per input character. 8 - ASCII; 16 - Unicode */ | 43 | var chrsz = 8; /* bits per input character. 8 - ASCII; 16 - Unicode */ |
46 | function safe_add (x, y) { | 44 | function safe_add (x, y) { |
47 | var lsw = (x & 0xFFFF) + (y & 0xFFFF); | 45 | var lsw = (x & 0xFFFF) + (y & 0xFFFF); |
48 | var msw = (x >> 16) + (y >> 16) + (lsw >> 16); | 46 | var msw = (x >> 16) + (y >> 16) + (lsw >> 16); |
49 | return (msw << 16) | (lsw & 0xFFFF); | 47 | return (msw << 16) | (lsw & 0xFFFF); |
50 | } | 48 | } |
51 | function S (X, n) {return ( X >>> n ) | (X << (32 - n));} | 49 | function S (X, n) {return ( X >>> n ) | (X << (32 - n));} |
52 | function R (X, n) {return ( X >>> n );} | 50 | function R (X, n) {return ( X >>> n );} |
53 | function Ch(x, y, z) {return ((x & y) ^ ((~x) & z));} | 51 | function Ch(x, y, z) {return ((x & y) ^ ((~x) & z));} |
54 | function Maj(x, y, z) {return ((x & y) ^ (x & z) ^ (y & z));} | 52 | function Maj(x, y, z) {return ((x & y) ^ (x & z) ^ (y & z));} |
55 | function Sigma0256(x) {return (S(x, 2) ^ S(x, 13) ^ S(x, 22));} | 53 | function Sigma0256(x) {return (S(x, 2) ^ S(x, 13) ^ S(x, 22));} |
56 | function Sigma1256(x) {return (S(x, 6) ^ S(x, 11) ^ S(x, 25));} | 54 | function Sigma1256(x) {return (S(x, 6) ^ S(x, 11) ^ S(x, 25));} |
57 | function Gamma0256(x) {return (S(x, 7) ^ S(x, 18) ^ R(x, 3));} | 55 | function Gamma0256(x) {return (S(x, 7) ^ S(x, 18) ^ R(x, 3));} |
58 | function Gamma1256(x) {return (S(x, 17) ^ S(x, 19) ^ R(x, 10));} | 56 | function Gamma1256(x) {return (S(x, 17) ^ S(x, 19) ^ R(x, 10));} |
59 | function core_sha256 (m, l) { | 57 | function core_sha256 (m, l) { |
60 | var K = new Array(0x428A2F98,0x71374491,0xB5C0FBCF,0xE9B5DBA5,0x3956C25B,0x59F111F1,0x923F82A4,0xAB1C5ED5,0xD807AA98,0x12835B01,0x243185BE,0x550C7DC3,0x72BE5D74,0x80DEB1FE,0x9BDC06A7,0xC19BF174,0xE49B69C1,0xEFBE4786,0xFC19DC6,0x240CA1CC,0x2DE92C6F,0x4A7484AA,0x5CB0A9DC,0x76F988DA,0x983E5152,0xA831C66D,0xB00327C8,0xBF597FC7,0xC6E00BF3,0xD5A79147,0x6CA6351,0x14292967,0x27B70A85,0x2E1B2138,0x4D2C6DFC,0x53380D13,0x650A7354,0x766A0ABB,0x81C2C92E,0x92722C85,0xA2BFE8A1,0xA81A664B,0xC24B8B70,0xC76C51A3,0xD192E819,0xD6990624,0xF40E3585,0x106AA070,0x19A4C116,0x1E376C08,0x2748774C,0x34B0BCB5,0x391C0CB3,0x4ED8AA4A,0x5B9CCA4F,0x682E6FF3,0x748F82EE,0x78A5636F,0x84C87814,0x8CC70208,0x90BEFFFA,0xA4506CEB,0xBEF9A3F7,0xC67178F2); | 58 | var K = new Array(0x428A2F98,0x71374491,0xB5C0FBCF,0xE9B5DBA5,0x3956C25B,0x59F111F1,0x923F82A4,0xAB1C5ED5,0xD807AA98,0x12835B01,0x243185BE,0x550C7DC3,0x72BE5D74,0x80DEB1FE,0x9BDC06A7,0xC19BF174,0xE49B69C1,0xEFBE4786,0xFC19DC6,0x240CA1CC,0x2DE92C6F,0x4A7484AA,0x5CB0A9DC,0x76F988DA,0x983E5152,0xA831C66D,0xB00327C8,0xBF597FC7,0xC6E00BF3,0xD5A79147,0x6CA6351,0x14292967,0x27B70A85,0x2E1B2138,0x4D2C6DFC,0x53380D13,0x650A7354,0x766A0ABB,0x81C2C92E,0x92722C85,0xA2BFE8A1,0xA81A664B,0xC24B8B70,0xC76C51A3,0xD192E819,0xD6990624,0xF40E3585,0x106AA070,0x19A4C116,0x1E376C08,0x2748774C,0x34B0BCB5,0x391C0CB3,0x4ED8AA4A,0x5B9CCA4F,0x682E6FF3,0x748F82EE,0x78A5636F,0x84C87814,0x8CC70208,0x90BEFFFA,0xA4506CEB,0xBEF9A3F7,0xC67178F2); |
61 | var HASH = new Array(0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A, 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19); | 59 | var HASH = new Array(0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A, 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19); |
62 | var W = new Array(64); | 60 | var W = new Array(64); |
63 | var a, b, c, d, e, f, g, h, i, j; | 61 | var a, b, c, d, e, f, g, h, i, j; |
64 | var T1, T2; | 62 | var T1, T2; |
65 | /* append padding */ | 63 | /* append padding */ |
66 | m[l >> 5] |= 0x80 << (24 - l % 32); | 64 | m[l >> 5] |= 0x80 << (24 - l % 32); |
67 | m[((l + 64 >> 9) << 4) + 15] = l; | 65 | m[((l + 64 >> 9) << 4) + 15] = l; |
68 | for ( var i = 0; i<m.length; i+=16 ) { | 66 | for ( var i = 0; i<m.length; i+=16 ) { |
69 | a = HASH[0]; b = HASH[1]; c = HASH[2]; d = HASH[3]; e = HASH[4]; f = HASH[5]; g = HASH[6]; h = HASH[7]; | 67 | a = HASH[0]; b = HASH[1]; c = HASH[2]; d = HASH[3]; e = HASH[4]; f = HASH[5]; g = HASH[6]; h = HASH[7]; |
70 | for ( var j = 0; j<64; j++) { | 68 | for ( var j = 0; j<64; j++) { |
71 | if (j < 16) W[j] = m[j + i]; | 69 | if (j < 16) W[j] = m[j + i]; |
72 | else W[j] = safe_add(safe_add(safe_add(Gamma1256(W[j - 2]), W[j - 7]), Gamma0256(W[j - 15])), W[j - 16]); | 70 | else W[j] = safe_add(safe_add(safe_add(Gamma1256(W[j - 2]), W[j - 7]), Gamma0256(W[j - 15])), W[j - 16]); |
73 | T1 = safe_add(safe_add(safe_add(safe_add(h, Sigma1256(e)), Ch(e, f, g)), K[j]), W[j]); | 71 | T1 = safe_add(safe_add(safe_add(safe_add(h, Sigma1256(e)), Ch(e, f, g)), K[j]), W[j]); |
74 | T2 = safe_add(Sigma0256(a), Maj(a, b, c)); | 72 | T2 = safe_add(Sigma0256(a), Maj(a, b, c)); |
75 | h = g; g = f; f = e; e = safe_add(d, T1); d = c; c = b; b = a; a = safe_add(T1, T2); | 73 | h = g; g = f; f = e; e = safe_add(d, T1); d = c; c = b; b = a; a = safe_add(T1, T2); |
76 | } | 74 | } |
77 | HASH[0] = safe_add(a, HASH[0]); HASH[1] = safe_add(b, HASH[1]); HASH[2] = safe_add(c, HASH[2]); HASH[3] = safe_add(d, HASH[3]); HASH[4] = safe_add(e, HASH[4]); HASH[5] = safe_add(f, HASH[5]); HASH[6] = safe_add(g, HASH[6]); HASH[7] = safe_add(h, HASH[7]); | 75 | HASH[0] = safe_add(a, HASH[0]); HASH[1] = safe_add(b, HASH[1]); HASH[2] = safe_add(c, HASH[2]); HASH[3] = safe_add(d, HASH[3]); HASH[4] = safe_add(e, HASH[4]); HASH[5] = safe_add(f, HASH[5]); HASH[6] = safe_add(g, HASH[6]); HASH[7] = safe_add(h, HASH[7]); |
78 | } | 76 | } |
79 | return HASH; | 77 | return HASH; |
80 | } | 78 | } |
81 | function str2binb (str) { | 79 | function str2binb (str) { |
82 | var bin = Array(); | 80 | var bin = Array(); |
83 | var mask = (1 << chrsz) - 1; | 81 | var mask = (1 << chrsz) - 1; |
84 | for(var i = 0; i < str.length * chrsz; i += chrsz) | 82 | for(var i = 0; i < str.length * chrsz; i += chrsz) |
85 | bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (24 - i%32); | 83 | bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (24 - i%32); |
86 | return bin; | 84 | return bin; |
87 | } | 85 | } |
88 | function binb2hex (binarray) { | 86 | function binb2hex (binarray) { |
89 | var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */ | 87 | var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */ |
90 | var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef"; | 88 | var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef"; |
91 | var str = ""; | 89 | var str = ""; |
92 | for (var i = 0; i < binarray.length * 4; i++) { | 90 | for (var i = 0; i < binarray.length * 4; i++) { |
93 | str += hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8+4)) & 0xF) + hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8 )) & 0xF); | 91 | str += hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8+4)) & 0xF) + hex_tab.charAt((binarray[i>>2] >> ((3 - i%4)*8 )) & 0xF); |
94 | } | 92 | } |
95 | return str; | 93 | return str; |
96 | } | 94 | } |
97 | function hex_sha256(s){return binb2hex(core_sha256(str2binb(s),s.length * chrsz));} | 95 | function hex_sha256(s){return binb2hex(core_sha256(str2binb(s),s.length * chrsz));} |
98 | 96 | ||
99 | 97 | ||
100 | 98 | ||
101 | //############################################################################# | 99 | //############################################################################# |
102 | //Downloaded on March 30, 2006 from http://www.fourmilab.ch/javascrypt/javascrypt.zip (entropy.js) | 100 | //Downloaded on March 30, 2006 from http://www.fourmilab.ch/javascrypt/javascrypt.zip (entropy.js) |
103 | //############################################################################# | 101 | //############################################################################# |
104 | 102 | ||
105 | // Entropy collection utilities | 103 | // Entropy collection utilities |
106 | 104 | ||
107 | /*Start by declaring static storage and initialise | 105 | /*Start by declaring static storage and initialise |
108 | the entropy vector from the time we come through | 106 | the entropy vector from the time we come through |
109 | here. */ | 107 | here. */ |
110 | 108 | ||
111 | var entropyData = new Array(); // Collected entropy data | 109 | var entropyData = new Array(); // Collected entropy data |
112 | var edlen = 0; // Keyboard array data length | 110 | var edlen = 0; // Keyboard array data length |
113 | 111 | ||
114 | addEntropyTime(); // Start entropy collection with page load time | 112 | addEntropyTime(); // Start entropy collection with page load time |
115 | ce(); // Roll milliseconds into initial entropy | 113 | ce(); // Roll milliseconds into initial entropy |
116 | 114 | ||
117 | //Add a byte to the entropy vector | 115 | //Add a byte to the entropy vector |
118 | 116 | ||
diff --git a/frontend/gamma/js/Clipperz/Crypto/BigInt.js b/frontend/gamma/js/Clipperz/Crypto/BigInt.js index 41483a3..031ed30 100644 --- a/frontend/gamma/js/Clipperz/Crypto/BigInt.js +++ b/frontend/gamma/js/Clipperz/Crypto/BigInt.js | |||
@@ -1,118 +1,116 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | if (typeof(Clipperz) == 'undefined') { Clipperz = {}; } | 24 | if (typeof(Clipperz) == 'undefined') { Clipperz = {}; } |
27 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } | 25 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } |
28 | 26 | ||
29 | //############################################################################# | 27 | //############################################################################# |
30 | //Downloaded on March 05, 2007 from http://www.leemon.com/crypto/BigInt.js | 28 | //Downloaded on March 05, 2007 from http://www.leemon.com/crypto/BigInt.js |
31 | //############################################################################# | 29 | //############################################################################# |
32 | 30 | ||
33 | 31 | ||
34 | //////////////////////////////////////////////////////////////////////////////////////// | 32 | //////////////////////////////////////////////////////////////////////////////////////// |
35 | // Big Integer Library v. 5.0 | 33 | // Big Integer Library v. 5.0 |
36 | // Created 2000, last modified 2006 | 34 | // Created 2000, last modified 2006 |
37 | // Leemon Baird | 35 | // Leemon Baird |
38 | // www.leemon.com | 36 | // www.leemon.com |
39 | // | 37 | // |
40 | // This file is public domain. You can use it for any purpose without restriction. | 38 | // This file is public domain. You can use it for any purpose without restriction. |
41 | // I do not guarantee that it is correct, so use it at your own risk. If you use | 39 | // I do not guarantee that it is correct, so use it at your own risk. If you use |
42 | // it for something interesting, I'd appreciate hearing about it. If you find | 40 | // it for something interesting, I'd appreciate hearing about it. If you find |
43 | // any bugs or make any improvements, I'd appreciate hearing about those too. | 41 | // any bugs or make any improvements, I'd appreciate hearing about those too. |
44 | // It would also be nice if my name and address were left in the comments. | 42 | // It would also be nice if my name and address were left in the comments. |
45 | // But none of that is required. | 43 | // But none of that is required. |
46 | // | 44 | // |
47 | // This code defines a bigInt library for arbitrary-precision integers. | 45 | // This code defines a bigInt library for arbitrary-precision integers. |
48 | // A bigInt is an array of integers storing the value in chunks of bpe bits, | 46 | // A bigInt is an array of integers storing the value in chunks of bpe bits, |
49 | // little endian (buff[0] is the least significant word). | 47 | // little endian (buff[0] is the least significant word). |
50 | // Negative bigInts are stored two's complement. | 48 | // Negative bigInts are stored two's complement. |
51 | // Some functions assume their parameters have at least one leading zero element. | 49 | // Some functions assume their parameters have at least one leading zero element. |
52 | // Functions with an underscore at the end of the name have unpredictable behavior in case of overflow, | 50 | // Functions with an underscore at the end of the name have unpredictable behavior in case of overflow, |
53 | // so the caller must make sure overflow won't happen. | 51 | // so the caller must make sure overflow won't happen. |
54 | // For each function where a parameter is modified, that same | 52 | // For each function where a parameter is modified, that same |
55 | // variable must not be used as another argument too. | 53 | // variable must not be used as another argument too. |
56 | // So, you cannot square x by doing multMod_(x,x,n). | 54 | // So, you cannot square x by doing multMod_(x,x,n). |
57 | // You must use squareMod_(x,n) instead, or do y=dup(x); multMod_(x,y,n). | 55 | // You must use squareMod_(x,n) instead, or do y=dup(x); multMod_(x,y,n). |
58 | // | 56 | // |
59 | // These functions are designed to avoid frequent dynamic memory allocation in the inner loop. | 57 | // These functions are designed to avoid frequent dynamic memory allocation in the inner loop. |
60 | // For most functions, if it needs a BigInt as a local variable it will actually use | 58 | // For most functions, if it needs a BigInt as a local variable it will actually use |
61 | // a global, and will only allocate to it when it's not the right size. This ensures | 59 | // a global, and will only allocate to it when it's not the right size. This ensures |
62 | // that when a function is called repeatedly with same-sized parameters, it only allocates | 60 | // that when a function is called repeatedly with same-sized parameters, it only allocates |
63 | // memory on the first call. | 61 | // memory on the first call. |
64 | // | 62 | // |
65 | // Note that for cryptographic purposes, the calls to Math.random() must | 63 | // Note that for cryptographic purposes, the calls to Math.random() must |
66 | // be replaced with calls to a better pseudorandom number generator. | 64 | // be replaced with calls to a better pseudorandom number generator. |
67 | // | 65 | // |
68 | // In the following, "bigInt" means a bigInt with at least one leading zero element, | 66 | // In the following, "bigInt" means a bigInt with at least one leading zero element, |
69 | // and "integer" means a nonnegative integer less than radix. In some cases, integer | 67 | // and "integer" means a nonnegative integer less than radix. In some cases, integer |
70 | // can be negative. Negative bigInts are 2s complement. | 68 | // can be negative. Negative bigInts are 2s complement. |
71 | // | 69 | // |
72 | // The following functions do not modify their inputs, but dynamically allocate memory every time they are called: | 70 | // The following functions do not modify their inputs, but dynamically allocate memory every time they are called: |
73 | // | 71 | // |
74 | // function bigInt2str(x,base) //convert a bigInt into a string in a given base, from base 2 up to base 95 | 72 | // function bigInt2str(x,base) //convert a bigInt into a string in a given base, from base 2 up to base 95 |
75 | // function dup(x) //returns a copy of bigInt x | 73 | // function dup(x) //returns a copy of bigInt x |
76 | // function findPrimes(n) //return array of all primes less than integer n | 74 | // function findPrimes(n) //return array of all primes less than integer n |
77 | // function int2bigInt(t,n,m) //convert integer t to a bigInt with at least n bits and m array elements | 75 | // function int2bigInt(t,n,m) //convert integer t to a bigInt with at least n bits and m array elements |
78 | // function int2bigInt(s,b,n,m) //convert string s in base b to a bigInt with at least n bits and m array elements | 76 | // function int2bigInt(s,b,n,m) //convert string s in base b to a bigInt with at least n bits and m array elements |
79 | // function trim(x,k) //return a copy of x with exactly k leading zero elements | 77 | // function trim(x,k) //return a copy of x with exactly k leading zero elements |
80 | // | 78 | // |
81 | // The following functions do not modify their inputs, so there is never a problem with the result being too big: | 79 | // The following functions do not modify their inputs, so there is never a problem with the result being too big: |
82 | // | 80 | // |
83 | // function bitSize(x) //returns how many bits long the bigInt x is, not counting leading zeros | 81 | // function bitSize(x) //returns how many bits long the bigInt x is, not counting leading zeros |
84 | // function equals(x,y) //is the bigInt x equal to the bigint y? | 82 | // function equals(x,y) //is the bigInt x equal to the bigint y? |
85 | // function equalsInt(x,y) //is bigint x equal to integer y? | 83 | // function equalsInt(x,y) //is bigint x equal to integer y? |
86 | // function greater(x,y) //is x>y? (x and y are nonnegative bigInts) | 84 | // function greater(x,y) //is x>y? (x and y are nonnegative bigInts) |
87 | // function greaterShift(x,y,shift)//is (x <<(shift*bpe)) > y? | 85 | // function greaterShift(x,y,shift)//is (x <<(shift*bpe)) > y? |
88 | // function isZero(x) //is the bigInt x equal to zero? | 86 | // function isZero(x) //is the bigInt x equal to zero? |
89 | // function millerRabin(x,b) //does one round of Miller-Rabin base integer b say that bigInt x is possibly prime (as opposed to definitely composite)? | 87 | // function millerRabin(x,b) //does one round of Miller-Rabin base integer b say that bigInt x is possibly prime (as opposed to definitely composite)? |
90 | // function modInt(x,n) //return x mod n for bigInt x and integer n. | 88 | // function modInt(x,n) //return x mod n for bigInt x and integer n. |
91 | // function negative(x) //is bigInt x negative? | 89 | // function negative(x) //is bigInt x negative? |
92 | // | 90 | // |
93 | // The following functions do not modify their inputs, but allocate memory and call functions with underscores | 91 | // The following functions do not modify their inputs, but allocate memory and call functions with underscores |
94 | // | 92 | // |
95 | // function add(x,y) //return (x+y) for bigInts x and y. | 93 | // function add(x,y) //return (x+y) for bigInts x and y. |
96 | // function addInt(x,n) //return (x+n) where x is a bigInt and n is an integer. | 94 | // function addInt(x,n) //return (x+n) where x is a bigInt and n is an integer. |
97 | // function expand(x,n) //return a copy of x with at least n elements, adding leading zeros if needed | 95 | // function expand(x,n) //return a copy of x with at least n elements, adding leading zeros if needed |
98 | // function inverseMod(x,n) //return (x**(-1) mod n) for bigInts x and n. If no inverse exists, it returns null | 96 | // function inverseMod(x,n) //return (x**(-1) mod n) for bigInts x and n. If no inverse exists, it returns null |
99 | // function mod(x,n) //return a new bigInt equal to (x mod n) for bigInts x and n. | 97 | // function mod(x,n) //return a new bigInt equal to (x mod n) for bigInts x and n. |
100 | // function mult(x,y) //return x*y for bigInts x and y. This is faster when y<x. | 98 | // function mult(x,y) //return x*y for bigInts x and y. This is faster when y<x. |
101 | // function multMod(x,y,n) //return (x*y mod n) for bigInts x,y,n. For greater speed, let y<x. | 99 | // function multMod(x,y,n) //return (x*y mod n) for bigInts x,y,n. For greater speed, let y<x. |
102 | // function powMod(x,y,n) //return (x**y mod n) where x,y,n are bigInts and ** is exponentiation. 0**0=1. Faster for odd n. | 100 | // function powMod(x,y,n) //return (x**y mod n) where x,y,n are bigInts and ** is exponentiation. 0**0=1. Faster for odd n. |
103 | // function randTruePrime(k) //return a new, random, k-bit, true prime using Maurer's algorithm. | 101 | // function randTruePrime(k) //return a new, random, k-bit, true prime using Maurer's algorithm. |
104 | // function sub(x,y) //return (x-y) for bigInts x and y. Negative answers will be 2s complement | 102 | // function sub(x,y) //return (x-y) for bigInts x and y. Negative answers will be 2s complement |
105 | // | 103 | // |
106 | // The following functions write a bigInt result to one of the parameters, but | 104 | // The following functions write a bigInt result to one of the parameters, but |
107 | // the result is never bigger than the original, so there can't be overflow problems: | 105 | // the result is never bigger than the original, so there can't be overflow problems: |
108 | // | 106 | // |
109 | // function divInt_(x,n) //do x=floor(x/n) for bigInt x and integer n, and return the remainder | 107 | // function divInt_(x,n) //do x=floor(x/n) for bigInt x and integer n, and return the remainder |
110 | // function GCD_(x,y) //set x to the greatest common divisor of bigInts x and y, (y is destroyed). | 108 | // function GCD_(x,y) //set x to the greatest common divisor of bigInts x and y, (y is destroyed). |
111 | // function halve_(x) //do x=floor(|x|/2)*sgn(x) for bigInt x in 2's complement | 109 | // function halve_(x) //do x=floor(|x|/2)*sgn(x) for bigInt x in 2's complement |
112 | // function mod_(x,n) //do x=x mod n for bigInts x and n. | 110 | // function mod_(x,n) //do x=x mod n for bigInts x and n. |
113 | // function rightShift_(x,n) //right shift bigInt x by n bits. 0 <= n < bpe. | 111 | // function rightShift_(x,n) //right shift bigInt x by n bits. 0 <= n < bpe. |
114 | // | 112 | // |
115 | // The following functions write a bigInt result to one of the parameters. The caller is responsible for | 113 | // The following functions write a bigInt result to one of the parameters. The caller is responsible for |
116 | // ensuring it is large enough to hold the result. | 114 | // ensuring it is large enough to hold the result. |
117 | // | 115 | // |
118 | // function addInt_(x,n) //do x=x+n where x is a bigInt and n is an integer | 116 | // function addInt_(x,n) //do x=x+n where x is a bigInt and n is an integer |
@@ -1384,193 +1382,192 @@ function mont_(x,y,n,np) { | |||
1384 | } | 1382 | } |
1385 | for (;j<kn;j++) { | 1383 | for (;j<kn;j++) { |
1386 | c+=sa[j]+ui*n[j]; | 1384 | c+=sa[j]+ui*n[j]; |
1387 | sa[j-1]=c & mask; | 1385 | sa[j-1]=c & mask; |
1388 | c>>=bpe; | 1386 | c>>=bpe; |
1389 | } | 1387 | } |
1390 | sa[j-1]=c & mask; | 1388 | sa[j-1]=c & mask; |
1391 | } | 1389 | } |
1392 | 1390 | ||
1393 | if (!greater(n,sa)) | 1391 | if (!greater(n,sa)) |
1394 | sub_(sa,n); | 1392 | sub_(sa,n); |
1395 | copy_(x,sa); | 1393 | copy_(x,sa); |
1396 | } | 1394 | } |
1397 | 1395 | ||
1398 | 1396 | ||
1399 | 1397 | ||
1400 | 1398 | ||
1401 | //############################################################################# | 1399 | //############################################################################# |
1402 | //############################################################################# | 1400 | //############################################################################# |
1403 | //############################################################################# | 1401 | //############################################################################# |
1404 | //############################################################################# | 1402 | //############################################################################# |
1405 | //############################################################################# | 1403 | //############################################################################# |
1406 | //############################################################################# | 1404 | //############################################################################# |
1407 | //############################################################################# | 1405 | //############################################################################# |
1408 | 1406 | ||
1409 | 1407 | ||
1410 | 1408 | ||
1411 | 1409 | ||
1412 | 1410 | ||
1413 | //############################################################################# | 1411 | //############################################################################# |
1414 | 1412 | ||
1415 | Clipperz.Crypto.BigInt = function (aValue, aBase) { | 1413 | Clipperz.Crypto.BigInt = function (aValue, aBase) { |
1416 | varbase; | 1414 | varbase; |
1417 | varvalue; | 1415 | varvalue; |
1418 | 1416 | ||
1419 | if (typeof(aValue) == 'object') { | 1417 | if (typeof(aValue) == 'object') { |
1420 | this._internalValue = aValue; | 1418 | this._internalValue = aValue; |
1421 | } else { | 1419 | } else { |
1422 | if (typeof(aValue) == 'undefined') { | 1420 | if (typeof(aValue) == 'undefined') { |
1423 | value = "0"; | 1421 | value = "0"; |
1424 | } else { | 1422 | } else { |
1425 | value = aValue + ""; | 1423 | value = aValue + ""; |
1426 | } | 1424 | } |
1427 | 1425 | ||
1428 | if (typeof(aBase) == 'undefined') { | 1426 | if (typeof(aBase) == 'undefined') { |
1429 | base = 10; | 1427 | base = 10; |
1430 | } else { | 1428 | } else { |
1431 | base = aBase; | 1429 | base = aBase; |
1432 | } | 1430 | } |
1433 | 1431 | ||
1434 | this._internalValue = str2bigInt(value, base, 1, 1); | 1432 | this._internalValue = str2bigInt(value, base, 1, 1); |
1435 | } | 1433 | } |
1436 | 1434 | ||
1437 | return this; | 1435 | return this; |
1438 | } | 1436 | } |
1439 | 1437 | ||
1440 | //============================================================================= | 1438 | //============================================================================= |
1441 | 1439 | ||
1442 | MochiKit.Base.update(Clipperz.Crypto.BigInt.prototype, { | 1440 | MochiKit.Base.update(Clipperz.Crypto.BigInt.prototype, { |
1443 | 1441 | ||
1444 | 'clone': function() { | 1442 | 'clone': function() { |
1445 | return new Clipperz.Crypto.BigInt(this.internalValue()); | 1443 | return new Clipperz.Crypto.BigInt(this.internalValue()); |
1446 | }, | 1444 | }, |
1447 | 1445 | ||
1448 | //------------------------------------------------------------------------- | 1446 | //------------------------------------------------------------------------- |
1449 | 1447 | ||
1450 | 'internalValue': function () { | 1448 | 'internalValue': function () { |
1451 | return this._internalValue; | 1449 | return this._internalValue; |
1452 | }, | 1450 | }, |
1453 | 1451 | ||
1454 | //------------------------------------------------------------------------- | 1452 | //------------------------------------------------------------------------- |
1455 | 1453 | ||
1456 | 'isBigInt': true, | 1454 | 'isBigInt': true, |
1457 | 1455 | ||
1458 | //------------------------------------------------------------------------- | 1456 | //------------------------------------------------------------------------- |
1459 | 1457 | ||
1460 | 'toString': function(aBase) { | 1458 | 'toString': function(aBase) { |
1461 | return this.asString(aBase); | 1459 | return this.asString(aBase); |
1462 | }, | 1460 | }, |
1463 | 1461 | ||
1464 | //------------------------------------------------------------------------- | 1462 | //------------------------------------------------------------------------- |
1465 | 1463 | ||
1466 | 'asString': function (aBase, minimumLength) { | 1464 | 'asString': function (aBase, minimumLength) { |
1467 | varresult; | 1465 | varresult; |
1468 | varbase; | 1466 | varbase; |
1469 | 1467 | ||
1470 | if (typeof(aBase) == 'undefined') { | 1468 | if (typeof(aBase) == 'undefined') { |
1471 | base = 10; | 1469 | base = 10; |
1472 | } else { | 1470 | } else { |
1473 | base = aBase; | 1471 | base = aBase; |
1474 | } | 1472 | } |
1475 | 1473 | ||
1476 | result = bigInt2str(this.internalValue(), base).toLowerCase(); | 1474 | result = bigInt2str(this.internalValue(), base).toLowerCase(); |
1477 | 1475 | ||
1478 | if ((typeof(minimumLength) != 'undefined') && (result.length < minimumLength)) { | 1476 | if ((typeof(minimumLength) != 'undefined') && (result.length < minimumLength)) { |
1479 | var i, c; | 1477 | var i, c; |
1480 | //MochiKit.Logging.logDebug(">>> FIXING BigInt.asString length issue") | ||
1481 | c = (minimumLength - result.length); | 1478 | c = (minimumLength - result.length); |
1482 | for (i=0; i<c; i++) { | 1479 | for (i=0; i<c; i++) { |
1483 | result = '0' + result; | 1480 | result = '0' + result; |
1484 | } | 1481 | } |
1485 | } | 1482 | } |
1486 | 1483 | ||
1487 | return result; | 1484 | return result; |
1488 | }, | 1485 | }, |
1489 | 1486 | ||
1490 | //------------------------------------------------------------------------- | 1487 | //------------------------------------------------------------------------- |
1491 | 1488 | ||
1492 | 'asByteArray': function() { | 1489 | 'asByteArray': function() { |
1493 | return new Clipperz.ByteArray("0x" + this.asString(16), 16); | 1490 | return new Clipperz.ByteArray("0x" + this.asString(16), 16); |
1494 | }, | 1491 | }, |
1495 | 1492 | ||
1496 | //------------------------------------------------------------------------- | 1493 | //------------------------------------------------------------------------- |
1497 | 1494 | ||
1498 | 'equals': function (aValue) { | 1495 | 'equals': function (aValue) { |
1499 | var result; | 1496 | var result; |
1500 | 1497 | ||
1501 | if (aValue.isBigInt) { | 1498 | if (aValue.isBigInt) { |
1502 | result = equals(this.internalValue(), aValue.internalValue()); | 1499 | result = equals(this.internalValue(), aValue.internalValue()); |
1503 | } else if (typeof(aValue) == "number") { | 1500 | } else if (typeof(aValue) == "number") { |
1504 | result = equalsInt(this.internalValue(), aValue); | 1501 | result = equalsInt(this.internalValue(), aValue); |
1505 | } else { | 1502 | } else { |
1506 | throw Clipperz.Crypt.BigInt.exception.UnknownType; | 1503 | throw Clipperz.Crypt.BigInt.exception.UnknownType; |
1507 | } | 1504 | } |
1508 | 1505 | ||
1509 | return result; | 1506 | return result; |
1510 | }, | 1507 | }, |
1511 | 1508 | ||
1512 | //------------------------------------------------------------------------- | 1509 | //------------------------------------------------------------------------- |
1513 | 1510 | ||
1514 | 'compare': function(aValue) { | 1511 | 'compare': function(aValue) { |
1515 | /* | 1512 | /* |
1516 | var result; | 1513 | var result; |
1517 | var thisAsString; | 1514 | var thisAsString; |
1518 | var aValueAsString; | 1515 | var aValueAsString; |
1519 | 1516 | ||
1520 | thisAsString = this.asString(10); | 1517 | thisAsString = this.asString(10); |
1521 | aValueAsString = aValue.asString(10); | 1518 | aValueAsString = aValue.asString(10); |
1522 | 1519 | ||
1523 | result = MochiKit.Base.compare(thisAsString.length, aValueAsString.length); | 1520 | result = MochiKit.Base.compare(thisAsString.length, aValueAsString.length); |
1524 | if (result == 0) { | 1521 | if (result == 0) { |
1525 | result = MochiKit.Base.compare(thisAsString, aValueAsString); | 1522 | result = MochiKit.Base.compare(thisAsString, aValueAsString); |
1526 | } | 1523 | } |
1527 | 1524 | ||
1528 | return result; | 1525 | return result; |
1529 | */ | 1526 | */ |
1530 | var result; | 1527 | var result; |
1531 | 1528 | ||
1532 | if (equals(this.internalValue(), aValue.internalValue())) { | 1529 | if (equals(this.internalValue(), aValue.internalValue())) { |
1533 | result = 0; | 1530 | result = 0; |
1534 | } else if (greater(this.internalValue(), aValue.internalValue())) { | 1531 | } else if (greater(this.internalValue(), aValue.internalValue())) { |
1535 | result = 1; | 1532 | result = 1; |
1536 | } else { | 1533 | } else { |
1537 | result = -1; | 1534 | result = -1; |
1538 | } | 1535 | } |
1539 | 1536 | ||
1540 | return result; | 1537 | return result; |
1541 | }, | 1538 | }, |
1542 | 1539 | ||
1543 | //------------------------------------------------------------------------- | 1540 | //------------------------------------------------------------------------- |
1544 | 1541 | ||
1545 | 'add': function (aValue) { | 1542 | 'add': function (aValue) { |
1546 | var result; | 1543 | var result; |
1547 | 1544 | ||
1548 | if (aValue.isBigInt) { | 1545 | if (aValue.isBigInt) { |
1549 | result = add(this.internalValue(), aValue.internalValue()); | 1546 | result = add(this.internalValue(), aValue.internalValue()); |
1550 | } else { | 1547 | } else { |
1551 | result = addInt(this.internalValue(), aValue); | 1548 | result = addInt(this.internalValue(), aValue); |
1552 | } | 1549 | } |
1553 | 1550 | ||
1554 | return new Clipperz.Crypto.BigInt(result); | 1551 | return new Clipperz.Crypto.BigInt(result); |
1555 | }, | 1552 | }, |
1556 | 1553 | ||
1557 | //------------------------------------------------------------------------- | 1554 | //------------------------------------------------------------------------- |
1558 | 1555 | ||
1559 | 'subtract': function (aValue) { | 1556 | 'subtract': function (aValue) { |
1560 | var result; | 1557 | var result; |
1561 | var value; | 1558 | var value; |
1562 | 1559 | ||
1563 | if (aValue.isBigInt) { | 1560 | if (aValue.isBigInt) { |
1564 | value = aValue; | 1561 | value = aValue; |
1565 | } else { | 1562 | } else { |
1566 | value = new Clipperz.Crypto.BigInt(aValue); | 1563 | value = new Clipperz.Crypto.BigInt(aValue); |
1567 | } | 1564 | } |
1568 | 1565 | ||
1569 | result = sub(this.internalValue(), value.internalValue()); | 1566 | result = sub(this.internalValue(), value.internalValue()); |
1570 | 1567 | ||
1571 | return new Clipperz.Crypto.BigInt(result); | 1568 | return new Clipperz.Crypto.BigInt(result); |
1572 | }, | 1569 | }, |
1573 | 1570 | ||
1574 | //------------------------------------------------------------------------- | 1571 | //------------------------------------------------------------------------- |
1575 | 1572 | ||
1576 | 'multiply': function (aValue, aModule) { | 1573 | 'multiply': function (aValue, aModule) { |
diff --git a/frontend/gamma/js/Clipperz/Crypto/BigInt_scoped.js b/frontend/gamma/js/Clipperz/Crypto/BigInt_scoped.js index f91c7e9..bc60330 100644 --- a/frontend/gamma/js/Clipperz/Crypto/BigInt_scoped.js +++ b/frontend/gamma/js/Clipperz/Crypto/BigInt_scoped.js | |||
@@ -1,118 +1,116 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | if (typeof(Clipperz) == 'undefined') { Clipperz = {}; } | 24 | if (typeof(Clipperz) == 'undefined') { Clipperz = {}; } |
27 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } | 25 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } |
28 | 26 | ||
29 | if (typeof(Leemon) == 'undefined') { Leemon = {}; } | 27 | if (typeof(Leemon) == 'undefined') { Leemon = {}; } |
30 | if (typeof(Baird.Crypto) == 'undefined') { Baird.Crypto = {}; } | 28 | if (typeof(Baird.Crypto) == 'undefined') { Baird.Crypto = {}; } |
31 | if (typeof(Baird.Crypto.BigInt) == 'undefined') { Baird.Crypto.BigInt = {}; } | 29 | if (typeof(Baird.Crypto.BigInt) == 'undefined') { Baird.Crypto.BigInt = {}; } |
32 | 30 | ||
33 | 31 | ||
34 | //############################################################################# | 32 | //############################################################################# |
35 | //Downloaded on March 05, 2007 from http://www.leemon.com/crypto/BigInt.js | 33 | //Downloaded on March 05, 2007 from http://www.leemon.com/crypto/BigInt.js |
36 | //############################################################################# | 34 | //############################################################################# |
37 | 35 | ||
38 | //////////////////////////////////////////////////////////////////////////////////////// | 36 | //////////////////////////////////////////////////////////////////////////////////////// |
39 | // Big Integer Library v. 5.0 | 37 | // Big Integer Library v. 5.0 |
40 | // Created 2000, last modified 2006 | 38 | // Created 2000, last modified 2006 |
41 | // Leemon Baird | 39 | // Leemon Baird |
42 | // www.leemon.com | 40 | // www.leemon.com |
43 | // | 41 | // |
44 | // This file is public domain. You can use it for any purpose without restriction. | 42 | // This file is public domain. You can use it for any purpose without restriction. |
45 | // I do not guarantee that it is correct, so use it at your own risk. If you use | 43 | // I do not guarantee that it is correct, so use it at your own risk. If you use |
46 | // it for something interesting, I'd appreciate hearing about it. If you find | 44 | // it for something interesting, I'd appreciate hearing about it. If you find |
47 | // any bugs or make any improvements, I'd appreciate hearing about those too. | 45 | // any bugs or make any improvements, I'd appreciate hearing about those too. |
48 | // It would also be nice if my name and address were left in the comments. | 46 | // It would also be nice if my name and address were left in the comments. |
49 | // But none of that is required. | 47 | // But none of that is required. |
50 | // | 48 | // |
51 | // This code defines a bigInt library for arbitrary-precision integers. | 49 | // This code defines a bigInt library for arbitrary-precision integers. |
52 | // A bigInt is an array of integers storing the value in chunks of bpe bits, | 50 | // A bigInt is an array of integers storing the value in chunks of bpe bits, |
53 | // little endian (buff[0] is the least significant word). | 51 | // little endian (buff[0] is the least significant word). |
54 | // Negative bigInts are stored two's complement. | 52 | // Negative bigInts are stored two's complement. |
55 | // Some functions assume their parameters have at least one leading zero element. | 53 | // Some functions assume their parameters have at least one leading zero element. |
56 | // Functions with an underscore at the end of the name have unpredictable behavior in case of overflow, | 54 | // Functions with an underscore at the end of the name have unpredictable behavior in case of overflow, |
57 | // so the caller must make sure overflow won't happen. | 55 | // so the caller must make sure overflow won't happen. |
58 | // For each function where a parameter is modified, that same | 56 | // For each function where a parameter is modified, that same |
59 | // variable must not be used as another argument too. | 57 | // variable must not be used as another argument too. |
60 | // So, you cannot square x by doing multMod_(x,x,n). | 58 | // So, you cannot square x by doing multMod_(x,x,n). |
61 | // You must use squareMod_(x,n) instead, or do y=dup(x); multMod_(x,y,n). | 59 | // You must use squareMod_(x,n) instead, or do y=dup(x); multMod_(x,y,n). |
62 | // | 60 | // |
63 | // These functions are designed to avoid frequent dynamic memory allocation in the inner loop. | 61 | // These functions are designed to avoid frequent dynamic memory allocation in the inner loop. |
64 | // For most functions, if it needs a BigInt as a local variable it will actually use | 62 | // For most functions, if it needs a BigInt as a local variable it will actually use |
65 | // a global, and will only allocate to it when it's not the right size. This ensures | 63 | // a global, and will only allocate to it when it's not the right size. This ensures |
66 | // that when a function is called repeatedly with same-sized parameters, it only allocates | 64 | // that when a function is called repeatedly with same-sized parameters, it only allocates |
67 | // memory on the first call. | 65 | // memory on the first call. |
68 | // | 66 | // |
69 | // Note that for cryptographic purposes, the calls to Math.random() must | 67 | // Note that for cryptographic purposes, the calls to Math.random() must |
70 | // be replaced with calls to a better pseudorandom number generator. | 68 | // be replaced with calls to a better pseudorandom number generator. |
71 | // | 69 | // |
72 | // In the following, "bigInt" means a bigInt with at least one leading zero element, | 70 | // In the following, "bigInt" means a bigInt with at least one leading zero element, |
73 | // and "integer" means a nonnegative integer less than radix. In some cases, integer | 71 | // and "integer" means a nonnegative integer less than radix. In some cases, integer |
74 | // can be negative. Negative bigInts are 2s complement. | 72 | // can be negative. Negative bigInts are 2s complement. |
75 | // | 73 | // |
76 | // The following functions do not modify their inputs, but dynamically allocate memory every time they are called: | 74 | // The following functions do not modify their inputs, but dynamically allocate memory every time they are called: |
77 | // | 75 | // |
78 | // function bigInt2str(x,base) //convert a bigInt into a string in a given base, from base 2 up to base 95 | 76 | // function bigInt2str(x,base) //convert a bigInt into a string in a given base, from base 2 up to base 95 |
79 | // function dup(x) //returns a copy of bigInt x | 77 | // function dup(x) //returns a copy of bigInt x |
80 | // function findPrimes(n) //return array of all primes less than integer n | 78 | // function findPrimes(n) //return array of all primes less than integer n |
81 | // function int2bigInt(t,n,m) //convert integer t to a bigInt with at least n bits and m array elements | 79 | // function int2bigInt(t,n,m) //convert integer t to a bigInt with at least n bits and m array elements |
82 | // function str2bigInt(s,b,n,m) //convert string s in base b to a bigInt with at least n bits and m array elements | 80 | // function str2bigInt(s,b,n,m) //convert string s in base b to a bigInt with at least n bits and m array elements |
83 | // function trim(x,k) //return a copy of x with exactly k leading zero elements | 81 | // function trim(x,k) //return a copy of x with exactly k leading zero elements |
84 | // | 82 | // |
85 | // The following functions do not modify their inputs, so there is never a problem with the result being too big: | 83 | // The following functions do not modify their inputs, so there is never a problem with the result being too big: |
86 | // | 84 | // |
87 | // function bitSize(x) //returns how many bits long the bigInt x is, not counting leading zeros | 85 | // function bitSize(x) //returns how many bits long the bigInt x is, not counting leading zeros |
88 | // function equals(x,y) //is the bigInt x equal to the bigint y? | 86 | // function equals(x,y) //is the bigInt x equal to the bigint y? |
89 | // function equalsInt(x,y) //is bigint x equal to integer y? | 87 | // function equalsInt(x,y) //is bigint x equal to integer y? |
90 | // function greater(x,y) //is x>y? (x and y are nonnegative bigInts) | 88 | // function greater(x,y) //is x>y? (x and y are nonnegative bigInts) |
91 | // function greaterShift(x,y,shift)//is (x <<(shift*bpe)) > y? | 89 | // function greaterShift(x,y,shift)//is (x <<(shift*bpe)) > y? |
92 | // function isZero(x) //is the bigInt x equal to zero? | 90 | // function isZero(x) //is the bigInt x equal to zero? |
93 | // function millerRabin(x,b) //does one round of Miller-Rabin base integer b say that bigInt x is possibly prime (as opposed to definitely composite)? | 91 | // function millerRabin(x,b) //does one round of Miller-Rabin base integer b say that bigInt x is possibly prime (as opposed to definitely composite)? |
94 | // function modInt(x,n) //return x mod n for bigInt x and integer n. | 92 | // function modInt(x,n) //return x mod n for bigInt x and integer n. |
95 | // function negative(x) //is bigInt x negative? | 93 | // function negative(x) //is bigInt x negative? |
96 | // | 94 | // |
97 | // The following functions do not modify their inputs, but allocate memory and call functions with underscores | 95 | // The following functions do not modify their inputs, but allocate memory and call functions with underscores |
98 | // | 96 | // |
99 | // function add(x,y) //return (x+y) for bigInts x and y. | 97 | // function add(x,y) //return (x+y) for bigInts x and y. |
100 | // function addInt(x,n) //return (x+n) where x is a bigInt and n is an integer. | 98 | // function addInt(x,n) //return (x+n) where x is a bigInt and n is an integer. |
101 | // function expand(x,n) //return a copy of x with at least n elements, adding leading zeros if needed | 99 | // function expand(x,n) //return a copy of x with at least n elements, adding leading zeros if needed |
102 | // function inverseMod(x,n) //return (x**(-1) mod n) for bigInts x and n. If no inverse exists, it returns null | 100 | // function inverseMod(x,n) //return (x**(-1) mod n) for bigInts x and n. If no inverse exists, it returns null |
103 | // function mod(x,n) //return a new bigInt equal to (x mod n) for bigInts x and n. | 101 | // function mod(x,n) //return a new bigInt equal to (x mod n) for bigInts x and n. |
104 | // function mult(x,y) //return x*y for bigInts x and y. This is faster when y<x. | 102 | // function mult(x,y) //return x*y for bigInts x and y. This is faster when y<x. |
105 | // function multMod(x,y,n) //return (x*y mod n) for bigInts x,y,n. For greater speed, let y<x. | 103 | // function multMod(x,y,n) //return (x*y mod n) for bigInts x,y,n. For greater speed, let y<x. |
106 | // function powMod(x,y,n) //return (x**y mod n) where x,y,n are bigInts and ** is exponentiation. 0**0=1. Faster for odd n. | 104 | // function powMod(x,y,n) //return (x**y mod n) where x,y,n are bigInts and ** is exponentiation. 0**0=1. Faster for odd n. |
107 | // function randTruePrime(k) //return a new, random, k-bit, true prime using Maurer's algorithm. | 105 | // function randTruePrime(k) //return a new, random, k-bit, true prime using Maurer's algorithm. |
108 | // function sub(x,y) //return (x-y) for bigInts x and y. Negative answers will be 2s complement | 106 | // function sub(x,y) //return (x-y) for bigInts x and y. Negative answers will be 2s complement |
109 | // | 107 | // |
110 | // The following functions write a bigInt result to one of the parameters, but | 108 | // The following functions write a bigInt result to one of the parameters, but |
111 | // the result is never bigger than the original, so there can't be overflow problems: | 109 | // the result is never bigger than the original, so there can't be overflow problems: |
112 | // | 110 | // |
113 | // function divInt_(x,n) //do x=floor(x/n) for bigInt x and integer n, and return the remainder | 111 | // function divInt_(x,n) //do x=floor(x/n) for bigInt x and integer n, and return the remainder |
114 | // function GCD_(x,y) //set x to the greatest common divisor of bigInts x and y, (y is destroyed). | 112 | // function GCD_(x,y) //set x to the greatest common divisor of bigInts x and y, (y is destroyed). |
115 | // function halve_(x) //do x=floor(|x|/2)*sgn(x) for bigInt x in 2's complement | 113 | // function halve_(x) //do x=floor(|x|/2)*sgn(x) for bigInt x in 2's complement |
116 | // function mod_(x,n) //do x=x mod n for bigInts x and n. | 114 | // function mod_(x,n) //do x=x mod n for bigInts x and n. |
117 | // function rightShift_(x,n) //right shift bigInt x by n bits. 0 <= n < bpe. | 115 | // function rightShift_(x,n) //right shift bigInt x by n bits. 0 <= n < bpe. |
118 | // | 116 | // |
diff --git a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js index 19f19c2..0d76b9c 100644 --- a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js +++ b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js | |||
@@ -1,547 +1,500 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | //try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | //try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | //throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; | 25 | //throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; |
28 | //} | 26 | //} |
29 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } | 27 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } |
30 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } | 28 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } |
31 | 29 | ||
32 | Clipperz.Crypto.ECC.BinaryField.Curve = function(args) { | 30 | Clipperz.Crypto.ECC.BinaryField.Curve = function(args) { |
33 | args = args || {}; | 31 | args = args || {}; |
34 | 32 | ||
35 | this._modulus = args.modulus; | 33 | this._modulus = args.modulus; |
36 | 34 | ||
37 | this._a = args.a; | 35 | this._a = args.a; |
38 | this._b = args.b; | 36 | this._b = args.b; |
39 | this._G = args.G; | 37 | this._G = args.G; |
40 | this._r = args.r; | 38 | this._r = args.r; |
41 | this._h = args.h; | 39 | this._h = args.h; |
42 | 40 | ||
43 | this._finiteField = null; | 41 | this._finiteField = null; |
44 | 42 | ||
45 | return this; | 43 | return this; |
46 | } | 44 | } |
47 | 45 | ||
48 | Clipperz.Crypto.ECC.BinaryField.Curve.prototype = MochiKit.Base.update(null, { | 46 | Clipperz.Crypto.ECC.BinaryField.Curve.prototype = MochiKit.Base.update(null, { |
49 | 47 | ||
50 | 'asString': function() { | 48 | 'asString': function() { |
51 | return "Clipperz.Crypto.ECC.BinaryField.Curve"; | 49 | return "Clipperz.Crypto.ECC.BinaryField.Curve"; |
52 | }, | 50 | }, |
53 | 51 | ||
54 | //----------------------------------------------------------------------------- | 52 | //----------------------------------------------------------------------------- |
55 | 53 | ||
56 | 'modulus': function() { | 54 | 'modulus': function() { |
57 | return this._modulus; | 55 | return this._modulus; |
58 | }, | 56 | }, |
59 | 57 | ||
60 | 'a': function() { | 58 | 'a': function() { |
61 | return this._a; | 59 | return this._a; |
62 | }, | 60 | }, |
63 | 61 | ||
64 | 'b': function() { | 62 | 'b': function() { |
65 | return this._b; | 63 | return this._b; |
66 | }, | 64 | }, |
67 | 65 | ||
68 | 'G': function() { | 66 | 'G': function() { |
69 | return this._G; | 67 | return this._G; |
70 | }, | 68 | }, |
71 | 69 | ||
72 | 'r': function() { | 70 | 'r': function() { |
73 | return this._r; | 71 | return this._r; |
74 | }, | 72 | }, |
75 | 73 | ||
76 | 'h': function() { | 74 | 'h': function() { |
77 | return this._h; | 75 | return this._h; |
78 | }, | 76 | }, |
79 | 77 | ||
80 | //----------------------------------------------------------------------------- | 78 | //----------------------------------------------------------------------------- |
81 | 79 | ||
82 | 'finiteField': function() { | 80 | 'finiteField': function() { |
83 | if (this._finiteField == null) { | 81 | if (this._finiteField == null) { |
84 | this._finiteField = new Clipperz.Crypto.ECC.BinaryField.FiniteField({modulus:this.modulus()}) | 82 | this._finiteField = new Clipperz.Crypto.ECC.BinaryField.FiniteField({modulus:this.modulus()}) |
85 | } | 83 | } |
86 | 84 | ||
87 | return this._finiteField; | 85 | return this._finiteField; |
88 | }, | 86 | }, |
89 | 87 | ||
90 | //----------------------------------------------------------------------------- | 88 | //----------------------------------------------------------------------------- |
91 | 89 | ||
92 | 'negate': function(aPointA) { | 90 | 'negate': function(aPointA) { |
93 | var result; | 91 | var result; |
94 | 92 | ||
95 | result = new Clipperz.Crypto.ECC.Point({x:aPointA.x(), y:this.finiteField().add(aPointA.y(), aPointA.x())}) | 93 | result = new Clipperz.Crypto.ECC.Point({x:aPointA.x(), y:this.finiteField().add(aPointA.y(), aPointA.x())}) |
96 | 94 | ||
97 | return result; | 95 | return result; |
98 | }, | 96 | }, |
99 | 97 | ||
100 | //----------------------------------------------------------------------------- | 98 | //----------------------------------------------------------------------------- |
101 | 99 | ||
102 | 'add': function(aPointA, aPointB) { | 100 | 'add': function(aPointA, aPointB) { |
103 | var result; | 101 | var result; |
104 | 102 | ||
105 | //console.log(">>> ECC.BinaryField.Curve.add"); | ||
106 | if (aPointA.isZero()) { | 103 | if (aPointA.isZero()) { |
107 | //console.log("--- pointA == zero"); | ||
108 | result = aPointB; | 104 | result = aPointB; |
109 | } else if (aPointB.isZero()) { | 105 | } else if (aPointB.isZero()) { |
110 | //console.log("--- pointB == zero"); | ||
111 | result = aPointA; | 106 | result = aPointA; |
112 | } else if ((aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) { | 107 | } else if ((aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) { |
113 | //console.log("compare A.x - B.x: ", aPointA.x().compare(aPointB.x())); | ||
114 | //console.log("compare A.y - B.y: ", (aPointA.y().compare(aPointB.y()) != 0)); | ||
115 | //console.log("compare B.x.isZero(): ", aPointB.x().isZero()); | ||
116 | |||
117 | //console.log("--- result = zero"); | ||
118 | result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); | 108 | result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); |
119 | } else { | 109 | } else { |
120 | //console.log("--- result = ELSE"); | ||
121 | varf2m; | 110 | varf2m; |
122 | var x, y; | 111 | var x, y; |
123 | var lambda; | 112 | var lambda; |
124 | var aX, aY, bX, bY; | 113 | var aX, aY, bX, bY; |
125 | 114 | ||
126 | aX = aPointA.x()._value; | 115 | aX = aPointA.x()._value; |
127 | aY = aPointA.y()._value; | 116 | aY = aPointA.y()._value; |
128 | bX = aPointB.x()._value; | 117 | bX = aPointB.x()._value; |
129 | bY = aPointB.y()._value; | 118 | bY = aPointB.y()._value; |
130 | 119 | ||
131 | f2m = this.finiteField(); | 120 | f2m = this.finiteField(); |
132 | 121 | ||
133 | if (aPointA.x().compare(aPointB.x()) != 0) { | 122 | if (aPointA.x().compare(aPointB.x()) != 0) { |
134 | //console.log(" a.x != b.x"); | ||
135 | lambda =f2m._fastMultiply( | 123 | lambda =f2m._fastMultiply( |
136 | f2m._add(aY, bY), | 124 | f2m._add(aY, bY), |
137 | f2m._inverse(f2m._add(aX, bX)) | 125 | f2m._inverse(f2m._add(aX, bX)) |
138 | ); | 126 | ); |
139 | x = f2m._add(this.a()._value, f2m._square(lambda)); | 127 | x = f2m._add(this.a()._value, f2m._square(lambda)); |
140 | f2m._overwriteAdd(x, lambda); | 128 | f2m._overwriteAdd(x, lambda); |
141 | f2m._overwriteAdd(x, aX); | 129 | f2m._overwriteAdd(x, aX); |
142 | f2m._overwriteAdd(x, bX); | 130 | f2m._overwriteAdd(x, bX); |
143 | } else { | 131 | } else { |
144 | //console.log(" a.x == b.x"); | ||
145 | lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX))); | 132 | lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX))); |
146 | //console.log(" lambda: " + lambda.asString(16)); | ||
147 | x = f2m._add(this.a()._value, f2m._square(lambda)); | 133 | x = f2m._add(this.a()._value, f2m._square(lambda)); |
148 | //console.log(" x (step 1): " + x.asString(16)); | ||
149 | f2m._overwriteAdd(x, lambda); | 134 | f2m._overwriteAdd(x, lambda); |
150 | //console.log(" x (step 2): " + x.asString(16)); | ||
151 | } | 135 | } |
152 | 136 | ||
153 | y = f2m._fastMultiply(f2m._add(bX, x), lambda); | 137 | y = f2m._fastMultiply(f2m._add(bX, x), lambda); |
154 | //console.log(" y (step 1): " + y.asString(16)); | ||
155 | f2m._overwriteAdd(y, x); | 138 | f2m._overwriteAdd(y, x); |
156 | //console.log(" y (step 2): " + y.asString(16)); | ||
157 | f2m._overwriteAdd(y, bY); | 139 | f2m._overwriteAdd(y, bY); |
158 | //console.log(" y (step 3): " + y.asString(16)); | ||
159 | 140 | ||
160 | result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)}) | 141 | result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)}) |
161 | } | 142 | } |
162 | //console.log("<<< ECC.BinaryField.Curve.add"); | ||
163 | 143 | ||
164 | return result; | 144 | return result; |
165 | }, | 145 | }, |
166 | 146 | ||
167 | //----------------------------------------------------------------------------- | 147 | //----------------------------------------------------------------------------- |
168 | 148 | ||
169 | 'addTwice': function(aPointA) { | 149 | 'addTwice': function(aPointA) { |
170 | return this.add(aPointA, aPointA); | 150 | return this.add(aPointA, aPointA); |
171 | }, | 151 | }, |
172 | 152 | ||
173 | //----------------------------------------------------------------------------- | 153 | //----------------------------------------------------------------------------- |
174 | 154 | ||
175 | 'overwriteAdd': function(aPointA, aPointB) { | 155 | 'overwriteAdd': function(aPointA, aPointB) { |
176 | if (aPointA.isZero()) { | 156 | if (aPointA.isZero()) { |
177 | // result = aPointB; | 157 | // result = aPointB; |
178 | aPointA._x._value = aPointB._x._value; | 158 | aPointA._x._value = aPointB._x._value; |
179 | aPointA._y._value = aPointB._y._value; | 159 | aPointA._y._value = aPointB._y._value; |
180 | } else if (aPointB.isZero()) { | 160 | } else if (aPointB.isZero()) { |
181 | // result = aPointA; | 161 | // result = aPointA; |
182 | } else if ((aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) { | 162 | } else if ((aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) { |
183 | // result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); | 163 | // result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); |
184 | aPointA._x = Clipperz.Crypto.ECC.BinaryField.Value.O; | 164 | aPointA._x = Clipperz.Crypto.ECC.BinaryField.Value.O; |
185 | aPointA._y = Clipperz.Crypto.ECC.BinaryField.Value.O; | 165 | aPointA._y = Clipperz.Crypto.ECC.BinaryField.Value.O; |
186 | } else { | 166 | } else { |
187 | varf2m; | 167 | varf2m; |
188 | var x, y; | 168 | var x, y; |
189 | var lambda; | 169 | var lambda; |
190 | var aX, aY, bX, bY; | 170 | var aX, aY, bX, bY; |
191 | 171 | ||
192 | aX = aPointA.x()._value; | 172 | aX = aPointA.x()._value; |
193 | aY = aPointA.y()._value; | 173 | aY = aPointA.y()._value; |
194 | bX = aPointB.x()._value; | 174 | bX = aPointB.x()._value; |
195 | bY = aPointB.y()._value; | 175 | bY = aPointB.y()._value; |
196 | 176 | ||
197 | f2m = this.finiteField(); | 177 | f2m = this.finiteField(); |
198 | 178 | ||
199 | if (aPointA.x().compare(aPointB.x()) != 0) { | 179 | if (aPointA.x().compare(aPointB.x()) != 0) { |
200 | //console.log(" a.x != b.x"); | ||
201 | lambda =f2m._fastMultiply( | 180 | lambda =f2m._fastMultiply( |
202 | f2m._add(aY, bY), | 181 | f2m._add(aY, bY), |
203 | f2m._inverse(f2m._add(aX, bX)) | 182 | f2m._inverse(f2m._add(aX, bX)) |
204 | ); | 183 | ); |
205 | x = f2m._add(this.a()._value, f2m._square(lambda)); | 184 | x = f2m._add(this.a()._value, f2m._square(lambda)); |
206 | f2m._overwriteAdd(x, lambda); | 185 | f2m._overwriteAdd(x, lambda); |
207 | f2m._overwriteAdd(x, aX); | 186 | f2m._overwriteAdd(x, aX); |
208 | f2m._overwriteAdd(x, bX); | 187 | f2m._overwriteAdd(x, bX); |
209 | } else { | 188 | } else { |
210 | //console.log(" a.x == b.x"); | ||
211 | lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX))); | 189 | lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX))); |
212 | //console.log(" lambda: " + lambda.asString(16)); | ||
213 | x = f2m._add(this.a()._value, f2m._square(lambda)); | 190 | x = f2m._add(this.a()._value, f2m._square(lambda)); |
214 | //console.log(" x (step 1): " + x.asString(16)); | ||
215 | f2m._overwriteAdd(x, lambda); | 191 | f2m._overwriteAdd(x, lambda); |
216 | //console.log(" x (step 2): " + x.asString(16)); | ||
217 | } | 192 | } |
218 | 193 | ||
219 | y = f2m._fastMultiply(f2m._add(bX, x), lambda); | 194 | y = f2m._fastMultiply(f2m._add(bX, x), lambda); |
220 | //console.log(" y (step 1): " + y.asString(16)); | ||
221 | f2m._overwriteAdd(y, x); | 195 | f2m._overwriteAdd(y, x); |
222 | //console.log(" y (step 2): " + y.asString(16)); | ||
223 | f2m._overwriteAdd(y, bY); | 196 | f2m._overwriteAdd(y, bY); |
224 | //console.log(" y (step 3): " + y.asString(16)); | ||
225 | 197 | ||
226 | // result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)}) | 198 | // result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)}) |
227 | aPointA._x._value = x; | 199 | aPointA._x._value = x; |
228 | aPointA._y._value = y; | 200 | aPointA._y._value = y; |
229 | 201 | ||
230 | } | 202 | } |
231 | //console.log("<<< ECC.BinaryField.Curve.add"); | ||
232 | 203 | ||
233 | return result; | 204 | return result; |
234 | }, | 205 | }, |
235 | 206 | ||
236 | //----------------------------------------------------------------------------- | 207 | //----------------------------------------------------------------------------- |
237 | 208 | ||
238 | 'multiply': function(aValue, aPoint) { | 209 | 'multiply': function(aValue, aPoint) { |
239 | var result; | 210 | var result; |
240 | 211 | ||
241 | //console.profile(); | 212 | //console.profile(); |
242 | result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); | 213 | result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); |
243 | 214 | ||
244 | if (aValue.isZero() == false) { | 215 | if (aValue.isZero() == false) { |
245 | var k, Q; | 216 | var k, Q; |
246 | var i; | 217 | var i; |
247 | var countIndex; countIndex = 0; | 218 | var countIndex; countIndex = 0; |
248 | 219 | ||
249 | if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) { | 220 | if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) { |
250 | k = aValue; | 221 | k = aValue; |
251 | Q = aPoint; | 222 | Q = aPoint; |
252 | } else { | 223 | } else { |
253 | MochiKit.Logging.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!"); | 224 | Clipperz.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!"); |
254 | k = aValue.negate(); | 225 | k = aValue.negate(); |
255 | Q = this.negate(aPoint); | 226 | Q = this.negate(aPoint); |
256 | } | 227 | } |
257 | 228 | ||
258 | //console.log("k: " + k.toString(16)); | ||
259 | //console.log("k.bitSize: " + k.bitSize()); | ||
260 | for (i=k.bitSize()-1; i>=0; i--) { | 229 | for (i=k.bitSize()-1; i>=0; i--) { |
261 | result = this.add(result, result); | 230 | result = this.add(result, result); |
262 | // this.overwriteAdd(result, result); | 231 | // this.overwriteAdd(result, result); |
263 | if (k.isBitSet(i)) { | 232 | if (k.isBitSet(i)) { |
264 | result = this.add(result, Q); | 233 | result = this.add(result, Q); |
265 | // this.overwriteAdd(result, Q); | 234 | // this.overwriteAdd(result, Q); |
266 | } | 235 | } |
267 | 236 | ||
268 | // if (countIndex==100) {console.log("multiply.break"); break;} else countIndex++; | 237 | // if (countIndex==100) {Clipperz.log("multiply.break"); break;} else countIndex++; |
269 | } | 238 | } |
270 | } | 239 | } |
271 | //console.profileEnd(); | 240 | //console.profileEnd(); |
272 | 241 | ||
273 | return result; | 242 | return result; |
274 | }, | 243 | }, |
275 | 244 | ||
276 | //----------------------------------------------------------------------------- | 245 | //----------------------------------------------------------------------------- |
277 | 246 | ||
278 | 'deferredMultiply': function(aValue, aPoint) { | 247 | 'deferredMultiply': function(aValue, aPoint) { |
279 | var deferredResult; | 248 | var deferredResult; |
280 | var result; | 249 | var result; |
281 | 250 | ||
282 | MochiKit.Logging.logDebug(">>> deferredMultiply - value: " + aValue + ", point: " + aPoint); | 251 | Clipperz.log(">>> deferredMultiply - value: " + aValue + ", point: " + aPoint); |
283 | //console.profile("ECC.Curve.multiply"); | 252 | //console.profile("ECC.Curve.multiply"); |
284 | deferredResult = new MochiKit.Async.Deferred(); | 253 | deferredResult = new MochiKit.Async.Deferred(); |
285 | //deferredResult.addCallback(function(res) {console.profile("ECC.Curve.deferredMultiply"); return res;} ); | 254 | //deferredResult.addCallback(function(res) {console.profile("ECC.Curve.deferredMultiply"); return res;} ); |
286 | //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 1: " + res); return res;}); | 255 | //deferredResult.addBoth(function(res) {Clipperz.logDebug("# 1: " + res); return res;}); |
287 | 256 | ||
288 | result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); | 257 | result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); |
289 | //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 2: " + res); return res;}); | 258 | //deferredResult.addBoth(function(res) {Clipperz.logDebug("# 2: " + res); return res;}); |
290 | 259 | ||
291 | if (aValue.isZero() == false) { | 260 | if (aValue.isZero() == false) { |
292 | var k, Q; | 261 | var k, Q; |
293 | var i; | 262 | var i; |
294 | var countIndex; countIndex = 0; | 263 | var countIndex; countIndex = 0; |
295 | 264 | ||
296 | if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) { | 265 | if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) { |
297 | k = aValue; | 266 | k = aValue; |
298 | Q = aPoint; | 267 | Q = aPoint; |
299 | } else { | 268 | } else { |
300 | MochiKit.Logging.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!"); | 269 | Clipperz.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!"); |
301 | k = aValue.negate(); | 270 | k = aValue.negate(); |
302 | Q = this.negate(aPoint); | 271 | Q = this.negate(aPoint); |
303 | } | 272 | } |
304 | 273 | ||
305 | //console.log("k: " + k.toString(16)); | ||
306 | //console.log("k.bitSize: " + k.bitSize()); | ||
307 | 274 | ||
308 | //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 3: " + res); return res;}); | ||
309 | for (i=k.bitSize()-1; i>=0; i--) { | 275 | for (i=k.bitSize()-1; i>=0; i--) { |
310 | //MochiKit.Logging.logDebug("====> " + i); | ||
311 | //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4 > i = " + i + ": " + res); return res;}); | ||
312 | deferredResult.addMethod(this, "addTwice"); | 276 | deferredResult.addMethod(this, "addTwice"); |
313 | //# result = this.add(result, result); | 277 | //# result = this.add(result, result); |
314 | // this.overwriteAdd(result, result); | 278 | // this.overwriteAdd(result, result); |
315 | if (k.isBitSet(i)) { | 279 | if (k.isBitSet(i)) { |
316 | deferredResult.addMethod(this, "add", Q); | 280 | deferredResult.addMethod(this, "add", Q); |
317 | //# result = this.add(result, Q); | 281 | //# result = this.add(result, Q); |
318 | // this.overwriteAdd(result, Q); | 282 | // this.overwriteAdd(result, Q); |
319 | } | 283 | } |
320 | if (i%20 == 0) {deferredResult.addCallback(MochiKit.Async.wait, 0.1);} | 284 | if (i%20 == 0) {deferredResult.addCallback(MochiKit.Async.wait, 0.1);} |
321 | |||
322 | // if (countIndex==100) {console.log("multiply.break"); break;} else countIndex++; | ||
323 | //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4 < i = " + i + ": " + res); return res;}); | ||
324 | } | 285 | } |
325 | //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4: " + res); return res;}); | ||
326 | } | 286 | } |
327 | //#console.profileEnd(); | 287 | //#console.profileEnd(); |
328 | //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 5: " + res); return res;}); | ||
329 | //deferredResult.addBoth(function(res) {console.profileEnd(); return res;}); | 288 | //deferredResult.addBoth(function(res) {console.profileEnd(); return res;}); |
330 | //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 6: " + res); return res;}); | ||
331 | deferredResult.callback(result); | 289 | deferredResult.callback(result); |
332 | 290 | ||
333 | //# return result; | 291 | //# return result; |
334 | return deferredResult; | 292 | return deferredResult; |
335 | }, | 293 | }, |
336 | 294 | ||
337 | //----------------------------------------------------------------------------- | 295 | //----------------------------------------------------------------------------- |
338 | __syntaxFix__: "syntax fix" | 296 | __syntaxFix__: "syntax fix" |
339 | }); | 297 | }); |
340 | 298 | ||
341 | 299 | ||
342 | //############################################################################# | 300 | //############################################################################# |
343 | 301 | ||
344 | Clipperz.Crypto.ECC.StandardCurves = {}; | 302 | Clipperz.Crypto.ECC.StandardCurves = {}; |
345 | 303 | ||
346 | MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, { | 304 | MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, { |
347 | /* | 305 | /* |
348 | '_K571': null, | 306 | '_K571': null, |
349 | 'K571': function() { | 307 | 'K571': function() { |
350 | if (Clipperz.Crypto.ECC.StandardCurves._K571 == null) { | 308 | if (Clipperz.Crypto.ECC.StandardCurves._K571 == null) { |
351 | Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.BinaryField.Curve({ | 309 | Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.BinaryField.Curve({ |
352 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16), | 310 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16), |
353 | a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16), | 311 | a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16), |
354 | b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), | 312 | b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), |
355 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ | 313 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ |
356 | x: new Clipperz.Crypto.ECC.BinaryField.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16), | 314 | x: new Clipperz.Crypto.ECC.BinaryField.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16), |
357 | y: new Clipperz.Crypto.ECC.BinaryField.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16) | 315 | y: new Clipperz.Crypto.ECC.BinaryField.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16) |
358 | }), | 316 | }), |
359 | r: new Clipperz.Crypto.ECC.BinaryField.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16), | 317 | r: new Clipperz.Crypto.ECC.BinaryField.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16), |
360 | h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16) | 318 | h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16) |
361 | }); | 319 | }); |
362 | } | 320 | } |
363 | 321 | ||
364 | return Clipperz.Crypto.ECC.StandardCurves._K571; | 322 | return Clipperz.Crypto.ECC.StandardCurves._K571; |
365 | }, | 323 | }, |
366 | 324 | ||
367 | 325 | ||
368 | 326 | ||
369 | '_K283': null, | 327 | '_K283': null, |
370 | 'K283': function() { //f(z) = z^283 + z^12 + z^7 + z^5 + 1 | 328 | 'K283': function() { //f(z) = z^283 + z^12 + z^7 + z^5 + 1 |
371 | if (Clipperz.Crypto.ECC.StandardCurves._K283 == null) { | 329 | if (Clipperz.Crypto.ECC.StandardCurves._K283 == null) { |
372 | Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.BinaryField.Curve({ | 330 | Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.BinaryField.Curve({ |
373 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), | 331 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), |
374 | a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16), | 332 | a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16), |
375 | b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), | 333 | b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), |
376 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ | 334 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ |
377 | x: new Clipperz.Crypto.ECC.BinaryField.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16), | 335 | x: new Clipperz.Crypto.ECC.BinaryField.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16), |
378 | y: new Clipperz.Crypto.ECC.BinaryField.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16) | 336 | y: new Clipperz.Crypto.ECC.BinaryField.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16) |
379 | }), | 337 | }), |
380 | r: new Clipperz.Crypto.ECC.BinaryField.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16), | 338 | r: new Clipperz.Crypto.ECC.BinaryField.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16), |
381 | h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16) | 339 | h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16) |
382 | }); | 340 | }); |
383 | } | 341 | } |
384 | 342 | ||
385 | return Clipperz.Crypto.ECC.StandardCurves._K283; | 343 | return Clipperz.Crypto.ECC.StandardCurves._K283; |
386 | }, | 344 | }, |
387 | */ | 345 | */ |
388 | //----------------------------------------------------------------------------- | 346 | //----------------------------------------------------------------------------- |
389 | 347 | ||
390 | '_B571': null, | 348 | '_B571': null, |
391 | 'B571': function() { //f(z) = z^571 + z^10 + z^5 + z^2 + 1 | 349 | 'B571': function() { //f(z) = z^571 + z^10 + z^5 + z^2 + 1 |
392 | if (Clipperz.Crypto.ECC.StandardCurves._B571 == null) { | 350 | if (Clipperz.Crypto.ECC.StandardCurves._B571 == null) { |
393 | Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({ | 351 | Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({ |
394 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425', 16), | 352 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425', 16), |
395 | a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), | 353 | a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), |
396 | b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a', 16), | 354 | b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a', 16), |
397 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ | 355 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ |
398 | x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16), | 356 | x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16), |
399 | y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16) | 357 | y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16) |
400 | }), | 358 | }), |
401 | r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16), | 359 | r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16), |
402 | h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) | 360 | h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) |
403 | 361 | ||
404 | // S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10), | 362 | // S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10), |
405 | // n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16) | 363 | // n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16) |
406 | }); | 364 | }); |
407 | 365 | ||
408 | //----------------------------------------------------------------------------- | 366 | //----------------------------------------------------------------------------- |
409 | // | 367 | // |
410 | //Guide to Elliptic Curve Cryptography | 368 | //Guide to Elliptic Curve Cryptography |
411 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone | 369 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone |
412 | //- Pag: 56, Alorithm 2.45 (with a typo!!!) | 370 | //- Pag: 56, Alorithm 2.45 (with a typo!!!) |
413 | // | 371 | // |
414 | //----------------------------------------------------------------------------- | 372 | //----------------------------------------------------------------------------- |
415 | // | 373 | // |
416 | // http://www.milw0rm.com/papers/136 | 374 | // http://www.milw0rm.com/papers/136 |
417 | // | 375 | // |
418 | // ------------------------------------------------------------------------- | 376 | // ------------------------------------------------------------------------- |
419 | // Polynomial Reduction Algorithm Modulo f571 | 377 | // Polynomial Reduction Algorithm Modulo f571 |
420 | // ------------------------------------------------------------------------- | 378 | // ------------------------------------------------------------------------- |
421 | // | 379 | // |
422 | // Input: Polynomial p(x) of degree 1140 or less, stored as | 380 | // Input: Polynomial p(x) of degree 1140 or less, stored as |
423 | // an array of 2T machinewords. | 381 | // an array of 2T machinewords. |
424 | // Output: p(x) mod f571(x) | 382 | // Output: p(x) mod f571(x) |
425 | // | 383 | // |
426 | // FOR i = T-1, ..., 0 DO | 384 | // FOR i = T-1, ..., 0 DO |
427 | // SET X := P[i+T] | 385 | // SET X := P[i+T] |
428 | // P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15) | 386 | // P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15) |
429 | // P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27) | 387 | // P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27) |
430 | // | 388 | // |
431 | // SET X := P[T-1] >> 27 | 389 | // SET X := P[T-1] >> 27 |
432 | // P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10) | 390 | // P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10) |
433 | // P[T-1] := P[T-1] & 0x07ffffff | 391 | // P[T-1] := P[T-1] & 0x07ffffff |
434 | // | 392 | // |
435 | // RETURN P[T-1],...,P[0] | 393 | // RETURN P[T-1],...,P[0] |
436 | // | 394 | // |
437 | // ------------------------------------------------------------------------- | 395 | // ------------------------------------------------------------------------- |
438 | // | 396 | // |
439 | Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module; | 397 | Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module; |
440 | Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) { | 398 | Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) { |
441 | varresult; | 399 | varresult; |
442 | 400 | ||
443 | if (aValue.bitSize() > 1140) { | 401 | if (aValue.bitSize() > 1140) { |
444 | MochiKit.Logging.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation"); | 402 | Clipperz.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation"); |
445 | result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue); | 403 | result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue); |
446 | } else { | 404 | } else { |
447 | varC, T; | 405 | varC, T; |
448 | var i; | 406 | var i; |
449 | 407 | ||
450 | //console.log(">>> binaryField.finiteField.(improved)module"); | ||
451 | // C = aValue.value().slice(0); | ||
452 | C = aValue._value.slice(0); | 408 | C = aValue._value.slice(0); |
453 | for (i=35; i>=18; i--) { | 409 | for (i=35; i>=18; i--) { |
454 | T = C[i]; | 410 | T = C[i]; |
455 | C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0); | 411 | C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0); |
456 | C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0); | 412 | C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0); |
457 | } | 413 | } |
458 | T = (C[17] >>> 27); | 414 | T = (C[17] >>> 27); |
459 | C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0); | 415 | C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0); |
460 | C[17] = (C[17] & 0x07ffffff); | 416 | C[17] = (C[17] & 0x07ffffff); |
461 | 417 | ||
462 | for(i=18; i<=35; i++) { | 418 | for(i=18; i<=35; i++) { |
463 | C[i] = 0; | 419 | C[i] = 0; |
464 | } | 420 | } |
465 | 421 | ||
466 | result = new Clipperz.Crypto.ECC.BinaryField.Value(C); | 422 | result = new Clipperz.Crypto.ECC.BinaryField.Value(C); |
467 | //console.log("<<< binaryField.finiteField.(improved)module"); | ||
468 | } | 423 | } |
469 | 424 | ||
470 | return result; | 425 | return result; |
471 | }; | 426 | }; |
472 | } | 427 | } |
473 | 428 | ||
474 | return Clipperz.Crypto.ECC.StandardCurves._B571; | 429 | return Clipperz.Crypto.ECC.StandardCurves._B571; |
475 | }, | 430 | }, |
476 | 431 | ||
477 | //----------------------------------------------------------------------------- | 432 | //----------------------------------------------------------------------------- |
478 | 433 | ||
479 | '_B283': null, | 434 | '_B283': null, |
480 | 'B283': function() { //f(z) = z^283 + z^12 + z^7 + z^5 + 1 | 435 | 'B283': function() { //f(z) = z^283 + z^12 + z^7 + z^5 + 1 |
481 | if (Clipperz.Crypto.ECC.StandardCurves._B283 == null) { | 436 | if (Clipperz.Crypto.ECC.StandardCurves._B283 == null) { |
482 | Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({ | 437 | Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({ |
483 | // modulus: new Clipperz.Crypto.ECC.BinaryField.Value('10000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), | 438 | // modulus: new Clipperz.Crypto.ECC.BinaryField.Value('10000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), |
484 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), | 439 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), |
485 | a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), | 440 | a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), |
486 | b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16), | 441 | b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16), |
487 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ | 442 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ |
488 | x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16), | 443 | x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16), |
489 | y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16) | 444 | y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16) |
490 | }), | 445 | }), |
491 | r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16), | 446 | r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16), |
492 | h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) | 447 | h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) |
493 | 448 | ||
494 | // S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10), | 449 | // S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10), |
495 | // n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16) | 450 | // n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16) |
496 | }); | 451 | }); |
497 | 452 | ||
498 | //----------------------------------------------------------------------------- | 453 | //----------------------------------------------------------------------------- |
499 | // | 454 | // |
500 | //Guide to Elliptic Curve Cryptography | 455 | //Guide to Elliptic Curve Cryptography |
501 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone | 456 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone |
502 | //- Pag: 56, Alorithm 2.43 | 457 | //- Pag: 56, Alorithm 2.43 |
503 | // | 458 | // |
504 | //----------------------------------------------------------------------------- | 459 | //----------------------------------------------------------------------------- |
505 | Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module; | 460 | Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module; |
506 | Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) { | 461 | Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) { |
507 | varresult; | 462 | varresult; |
508 | 463 | ||
509 | if (aValue.bitSize() > 564) { | 464 | if (aValue.bitSize() > 564) { |
510 | MochiKit.Logging.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation"); | 465 | Clipperz.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation"); |
511 | result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue); | 466 | result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue); |
512 | } else { | 467 | } else { |
513 | varC, T; | 468 | varC, T; |
514 | var i; | 469 | var i; |
515 | 470 | ||
516 | //console.log(">>> binaryField.finiteField.(improved)module"); | ||
517 | C = aValue._value.slice(0); | 471 | C = aValue._value.slice(0); |
518 | for (i=17; i>=9; i--) { | 472 | for (i=17; i>=9; i--) { |
519 | T = C[i]; | 473 | T = C[i]; |
520 | C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0); | 474 | C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0); |
521 | C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0); | 475 | C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0); |
522 | } | 476 | } |
523 | T = (C[8] >>> 27); | 477 | T = (C[8] >>> 27); |
524 | C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0); | 478 | C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0); |
525 | C[8] = (C[8] & 0x07ffffff); | 479 | C[8] = (C[8] & 0x07ffffff); |
526 | 480 | ||
527 | for(i=9; i<=17; i++) { | 481 | for(i=9; i<=17; i++) { |
528 | C[i] = 0; | 482 | C[i] = 0; |
529 | } | 483 | } |
530 | 484 | ||
531 | result = new Clipperz.Crypto.ECC.BinaryField.Value(C); | 485 | result = new Clipperz.Crypto.ECC.BinaryField.Value(C); |
532 | //console.log("<<< binaryField.finiteField.(improved)module"); | ||
533 | } | 486 | } |
534 | 487 | ||
535 | return result; | 488 | return result; |
536 | }; | 489 | }; |
537 | } | 490 | } |
538 | 491 | ||
539 | return Clipperz.Crypto.ECC.StandardCurves._B283; | 492 | return Clipperz.Crypto.ECC.StandardCurves._B283; |
540 | }, | 493 | }, |
541 | 494 | ||
542 | //----------------------------------------------------------------------------- | 495 | //----------------------------------------------------------------------------- |
543 | __syntaxFix__: "syntax fix" | 496 | __syntaxFix__: "syntax fix" |
544 | }); | 497 | }); |
545 | 498 | ||
546 | //############################################################################# | 499 | //############################################################################# |
547 | 500 | ||
diff --git a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js index 56f257a..7b7c2c6 100644 --- a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js +++ b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js | |||
@@ -1,174 +1,170 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | //try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | //try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | //throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; | 25 | //throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; |
28 | //} | 26 | //} |
29 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } | 27 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } |
30 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } | 28 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } |
31 | 29 | ||
32 | Clipperz.Crypto.ECC.BinaryField.FiniteField = function(args) { | 30 | Clipperz.Crypto.ECC.BinaryField.FiniteField = function(args) { |
33 | args = args || {}; | 31 | args = args || {}; |
34 | this._modulus = args.modulus; | 32 | this._modulus = args.modulus; |
35 | 33 | ||
36 | return this; | 34 | return this; |
37 | } | 35 | } |
38 | 36 | ||
39 | Clipperz.Crypto.ECC.BinaryField.FiniteField.prototype = MochiKit.Base.update(null, { | 37 | Clipperz.Crypto.ECC.BinaryField.FiniteField.prototype = MochiKit.Base.update(null, { |
40 | 38 | ||
41 | 'asString': function() { | 39 | 'asString': function() { |
42 | return "Clipperz.Crypto.ECC.BinaryField.FiniteField (" + this.modulus().asString() + ")"; | 40 | return "Clipperz.Crypto.ECC.BinaryField.FiniteField (" + this.modulus().asString() + ")"; |
43 | }, | 41 | }, |
44 | 42 | ||
45 | //----------------------------------------------------------------------------- | 43 | //----------------------------------------------------------------------------- |
46 | 44 | ||
47 | 'modulus': function() { | 45 | 'modulus': function() { |
48 | return this._modulus; | 46 | return this._modulus; |
49 | }, | 47 | }, |
50 | 48 | ||
51 | //----------------------------------------------------------------------------- | 49 | //----------------------------------------------------------------------------- |
52 | 50 | ||
53 | '_module': function(aValue) { | 51 | '_module': function(aValue) { |
54 | varresult; | 52 | varresult; |
55 | var modulusComparison; | 53 | var modulusComparison; |
56 | //console.log(">>> binaryField.finiteField.(standard)module"); | ||
57 | 54 | ||
58 | modulusComparison = Clipperz.Crypto.ECC.BinaryField.Value._compare(aValue, this.modulus()._value); | 55 | modulusComparison = Clipperz.Crypto.ECC.BinaryField.Value._compare(aValue, this.modulus()._value); |
59 | 56 | ||
60 | if (modulusComparison < 0) { | 57 | if (modulusComparison < 0) { |
61 | result = aValue; | 58 | result = aValue; |
62 | } else if (modulusComparison == 0) { | 59 | } else if (modulusComparison == 0) { |
63 | result = [0]; | 60 | result = [0]; |
64 | } else { | 61 | } else { |
65 | var modulusBitSize; | 62 | var modulusBitSize; |
66 | var resultBitSize; | 63 | var resultBitSize; |
67 | 64 | ||
68 | result = aValue; | 65 | result = aValue; |
69 | 66 | ||
70 | modulusBitSize = this.modulus().bitSize(); | 67 | modulusBitSize = this.modulus().bitSize(); |
71 | resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result); | 68 | resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result); |
72 | while (resultBitSize >= modulusBitSize) { | 69 | while (resultBitSize >= modulusBitSize) { |
73 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this.modulus()._value, resultBitSize - modulusBitSize)); | 70 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this.modulus()._value, resultBitSize - modulusBitSize)); |
74 | resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result); | 71 | resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result); |
75 | } | 72 | } |
76 | } | 73 | } |
77 | //console.log("<<< binaryField.finiteField.(standard)module"); | 74 | |
78 | |||
79 | return result; | 75 | return result; |
80 | }, | 76 | }, |
81 | 77 | ||
82 | 'module': function(aValue) { | 78 | 'module': function(aValue) { |
83 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._module(aValue._value.slice(0))); | 79 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._module(aValue._value.slice(0))); |
84 | }, | 80 | }, |
85 | 81 | ||
86 | //----------------------------------------------------------------------------- | 82 | //----------------------------------------------------------------------------- |
87 | 83 | ||
88 | '_add': function(a, b) { | 84 | '_add': function(a, b) { |
89 | return Clipperz.Crypto.ECC.BinaryField.Value._xor(a, b); | 85 | return Clipperz.Crypto.ECC.BinaryField.Value._xor(a, b); |
90 | }, | 86 | }, |
91 | 87 | ||
92 | '_overwriteAdd': function(a, b) { | 88 | '_overwriteAdd': function(a, b) { |
93 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(a, b); | 89 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(a, b); |
94 | }, | 90 | }, |
95 | 91 | ||
96 | 'add': function(a, b) { | 92 | 'add': function(a, b) { |
97 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._add(a._value, b._value)); | 93 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._add(a._value, b._value)); |
98 | }, | 94 | }, |
99 | 95 | ||
100 | //----------------------------------------------------------------------------- | 96 | //----------------------------------------------------------------------------- |
101 | 97 | ||
102 | 'negate': function(aValue) { | 98 | 'negate': function(aValue) { |
103 | return aValue.clone(); | 99 | return aValue.clone(); |
104 | }, | 100 | }, |
105 | 101 | ||
106 | //----------------------------------------------------------------------------- | 102 | //----------------------------------------------------------------------------- |
107 | 103 | ||
108 | '_multiply': function(a, b) { | 104 | '_multiply': function(a, b) { |
109 | var result; | 105 | var result; |
110 | var valueToXor; | 106 | var valueToXor; |
111 | var i,c; | 107 | var i,c; |
112 | 108 | ||
113 | result = [0]; | 109 | result = [0]; |
114 | valueToXor = b; | 110 | valueToXor = b; |
115 | c = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(a); | 111 | c = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(a); |
116 | for (i=0; i<c; i++) { | 112 | for (i=0; i<c; i++) { |
117 | if (Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(a, i) === true) { | 113 | if (Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(a, i) === true) { |
118 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, valueToXor); | 114 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, valueToXor); |
119 | } | 115 | } |
120 | valueToXor = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(valueToXor, 1); | 116 | valueToXor = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(valueToXor, 1); |
121 | } | 117 | } |
122 | result = this._module(result); | 118 | result = this._module(result); |
123 | 119 | ||
124 | return result; | 120 | return result; |
125 | }, | 121 | }, |
126 | 122 | ||
127 | 'multiply': function(a, b) { | 123 | 'multiply': function(a, b) { |
128 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._multiply(a._value, b._value)); | 124 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._multiply(a._value, b._value)); |
129 | }, | 125 | }, |
130 | 126 | ||
131 | //----------------------------------------------------------------------------- | 127 | //----------------------------------------------------------------------------- |
132 | 128 | ||
133 | '_fastMultiply': function(a, b) { | 129 | '_fastMultiply': function(a, b) { |
134 | var result; | 130 | var result; |
135 | var B; | 131 | var B; |
136 | var i,c; | 132 | var i,c; |
137 | 133 | ||
138 | result = [0]; | 134 | result = [0]; |
139 | B = b.slice(0); //Is this array copy avoidable? | 135 | B = b.slice(0); //Is this array copy avoidable? |
140 | c = 32; | 136 | c = 32; |
141 | for (i=0; i<c; i++) { | 137 | for (i=0; i<c; i++) { |
142 | var ii, cc; | 138 | var ii, cc; |
143 | 139 | ||
144 | cc = a.length; | 140 | cc = a.length; |
145 | for (ii=0; ii<cc; ii++) { | 141 | for (ii=0; ii<cc; ii++) { |
146 | if (((a[ii] >>> i) & 0x01) == 1) { | 142 | if (((a[ii] >>> i) & 0x01) == 1) { |
147 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, B, ii); | 143 | Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, B, ii); |
148 | } | 144 | } |
149 | } | 145 | } |
150 | 146 | ||
151 | if (i < (c-1)) { | 147 | if (i < (c-1)) { |
152 | B = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(B, 1); | 148 | B = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(B, 1); |
153 | } | 149 | } |
154 | } | 150 | } |
155 | result = this._module(result); | 151 | result = this._module(result); |
156 | 152 | ||
157 | return result; | 153 | return result; |
158 | }, | 154 | }, |
159 | 155 | ||
160 | 'fastMultiply': function(a, b) { | 156 | 'fastMultiply': function(a, b) { |
161 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._fastMultiply(a._value, b._value)); | 157 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._fastMultiply(a._value, b._value)); |
162 | }, | 158 | }, |
163 | 159 | ||
164 | //----------------------------------------------------------------------------- | 160 | //----------------------------------------------------------------------------- |
165 | // | 161 | // |
166 | //Guide to Elliptic Curve Cryptography | 162 | //Guide to Elliptic Curve Cryptography |
167 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone | 163 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone |
168 | //- Pag: 49, Alorithm 2.34 | 164 | //- Pag: 49, Alorithm 2.34 |
169 | // | 165 | // |
170 | //----------------------------------------------------------------------------- | 166 | //----------------------------------------------------------------------------- |
171 | 167 | ||
172 | '_square': function(aValue) { | 168 | '_square': function(aValue) { |
173 | var result; | 169 | var result; |
174 | var value; | 170 | var value; |
diff --git a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Point.js b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Point.js index ffe287b..fef3220 100644 --- a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Point.js +++ b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Point.js | |||
@@ -1,64 +1,62 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | //try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | //try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | //throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; | 25 | //throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; |
28 | //} | 26 | //} |
29 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } | 27 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } |
30 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } | 28 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } |
31 | 29 | ||
32 | Clipperz.Crypto.ECC.BinaryField.Point = function(args) { | 30 | Clipperz.Crypto.ECC.BinaryField.Point = function(args) { |
33 | args = args || {}; | 31 | args = args || {}; |
34 | this._x = args.x; | 32 | this._x = args.x; |
35 | this._y = args.y; | 33 | this._y = args.y; |
36 | 34 | ||
37 | return this; | 35 | return this; |
38 | } | 36 | } |
39 | 37 | ||
40 | Clipperz.Crypto.ECC.BinaryField.Point.prototype = MochiKit.Base.update(null, { | 38 | Clipperz.Crypto.ECC.BinaryField.Point.prototype = MochiKit.Base.update(null, { |
41 | 39 | ||
42 | 'asString': function() { | 40 | 'asString': function() { |
43 | return "Clipperz.Crypto.ECC.BinaryField.Point (" + this.x() + ", " + this.y() + ")"; | 41 | return "Clipperz.Crypto.ECC.BinaryField.Point (" + this.x() + ", " + this.y() + ")"; |
44 | }, | 42 | }, |
45 | 43 | ||
46 | //----------------------------------------------------------------------------- | 44 | //----------------------------------------------------------------------------- |
47 | 45 | ||
48 | 'x': function() { | 46 | 'x': function() { |
49 | return this._x; | 47 | return this._x; |
50 | }, | 48 | }, |
51 | 49 | ||
52 | 'y': function() { | 50 | 'y': function() { |
53 | return this._y; | 51 | return this._y; |
54 | }, | 52 | }, |
55 | 53 | ||
56 | //----------------------------------------------------------------------------- | 54 | //----------------------------------------------------------------------------- |
57 | 55 | ||
58 | 'isZero': function() { | 56 | 'isZero': function() { |
59 | return (this.x().isZero() && this.y().isZero()) | 57 | return (this.x().isZero() && this.y().isZero()) |
60 | }, | 58 | }, |
61 | 59 | ||
62 | //----------------------------------------------------------------------------- | 60 | //----------------------------------------------------------------------------- |
63 | __syntaxFix__: "syntax fix" | 61 | __syntaxFix__: "syntax fix" |
64 | }); | 62 | }); |
diff --git a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Value.js b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Value.js index b705a20..634772a 100644 --- a/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Value.js +++ b/frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Value.js | |||
@@ -1,118 +1,116 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | //try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | //try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | //throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; | 25 | //throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; |
28 | //} | 26 | //} |
29 | if (typeof(Clipperz) == 'undefined') { Clipperz = {}; } | 27 | if (typeof(Clipperz) == 'undefined') { Clipperz = {}; } |
30 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } | 28 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } |
31 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } | 29 | if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } |
32 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } | 30 | if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } |
33 | 31 | ||
34 | Clipperz.Crypto.ECC.BinaryField.Value = function(aValue, aBase, aBitSize) { | 32 | Clipperz.Crypto.ECC.BinaryField.Value = function(aValue, aBase, aBitSize) { |
35 | if (aValue.constructor == String) { | 33 | if (aValue.constructor == String) { |
36 | varvalue; | 34 | varvalue; |
37 | varstringLength; | 35 | varstringLength; |
38 | var numberOfWords; | 36 | var numberOfWords; |
39 | vari,c; | 37 | vari,c; |
40 | 38 | ||
41 | if (aBase != 16) { | 39 | if (aBase != 16) { |
42 | throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase; | 40 | throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase; |
43 | } | 41 | } |
44 | 42 | ||
45 | value = aValue.replace(/ /g, ''); | 43 | value = aValue.replace(/ /g, ''); |
46 | stringLength = value.length; | 44 | stringLength = value.length; |
47 | numberOfWords = Math.ceil(stringLength / 8); | 45 | numberOfWords = Math.ceil(stringLength / 8); |
48 | this._value = new Array(numberOfWords); | 46 | this._value = new Array(numberOfWords); |
49 | 47 | ||
50 | c = numberOfWords; | 48 | c = numberOfWords; |
51 | for (i=0; i<c; i++) { | 49 | for (i=0; i<c; i++) { |
52 | varword; | 50 | varword; |
53 | 51 | ||
54 | if (i < (c-1)) { | 52 | if (i < (c-1)) { |
55 | word = parseInt(value.substr(stringLength-((i+1)*8), 8), 16); | 53 | word = parseInt(value.substr(stringLength-((i+1)*8), 8), 16); |
56 | } else { | 54 | } else { |
57 | word = parseInt(value.substr(0, stringLength-(i*8)), 16); | 55 | word = parseInt(value.substr(0, stringLength-(i*8)), 16); |
58 | } | 56 | } |
59 | 57 | ||
60 | this._value[i] = word; | 58 | this._value[i] = word; |
61 | } | 59 | } |
62 | } else if (aValue.constructor == Array) { | 60 | } else if (aValue.constructor == Array) { |
63 | var itemsToCopy; | 61 | var itemsToCopy; |
64 | 62 | ||
65 | itemsToCopy = aValue.length; | 63 | itemsToCopy = aValue.length; |
66 | while (aValue[itemsToCopy - 1] == 0) { | 64 | while (aValue[itemsToCopy - 1] == 0) { |
67 | itemsToCopy --; | 65 | itemsToCopy --; |
68 | } | 66 | } |
69 | 67 | ||
70 | this._value = aValue.slice(0, itemsToCopy); | 68 | this._value = aValue.slice(0, itemsToCopy); |
71 | } else if (aValue.constructor == Number) { | 69 | } else if (aValue.constructor == Number) { |
72 | this._value = [aValue]; | 70 | this._value = [aValue]; |
73 | } else { | 71 | } else { |
74 | // throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType; | 72 | // throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType; |
75 | } | 73 | } |
76 | 74 | ||
77 | this._bitSize == aBitSize || null; | 75 | this._bitSize == aBitSize || null; |
78 | 76 | ||
79 | return this; | 77 | return this; |
80 | } | 78 | } |
81 | 79 | ||
82 | Clipperz.Crypto.ECC.BinaryField.Value.prototype = MochiKit.Base.update(null, { | 80 | Clipperz.Crypto.ECC.BinaryField.Value.prototype = MochiKit.Base.update(null, { |
83 | 81 | ||
84 | 'value': function() { | 82 | 'value': function() { |
85 | return this._value; | 83 | return this._value; |
86 | }, | 84 | }, |
87 | 85 | ||
88 | //----------------------------------------------------------------------------- | 86 | //----------------------------------------------------------------------------- |
89 | 87 | ||
90 | 'wordSize': function() { | 88 | 'wordSize': function() { |
91 | return this._value.length | 89 | return this._value.length |
92 | }, | 90 | }, |
93 | 91 | ||
94 | //----------------------------------------------------------------------------- | 92 | //----------------------------------------------------------------------------- |
95 | 93 | ||
96 | 'clone': function() { | 94 | 'clone': function() { |
97 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._value.slice(0), null, this._bitSize); | 95 | return new Clipperz.Crypto.ECC.BinaryField.Value(this._value.slice(0), null, this._bitSize); |
98 | }, | 96 | }, |
99 | 97 | ||
100 | //----------------------------------------------------------------------------- | 98 | //----------------------------------------------------------------------------- |
101 | 99 | ||
102 | 'isZero': function() { | 100 | 'isZero': function() { |
103 | return (this.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) == 0); | 101 | return (this.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) == 0); |
104 | }, | 102 | }, |
105 | 103 | ||
106 | //----------------------------------------------------------------------------- | 104 | //----------------------------------------------------------------------------- |
107 | 105 | ||
108 | 'asString': function(aBase) { | 106 | 'asString': function(aBase) { |
109 | varresult; | 107 | varresult; |
110 | var i,c; | 108 | var i,c; |
111 | 109 | ||
112 | if (aBase != 16) { | 110 | if (aBase != 16) { |
113 | throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase; | 111 | throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase; |
114 | } | 112 | } |
115 | 113 | ||
116 | result = ""; | 114 | result = ""; |
117 | c = this.wordSize(); | 115 | c = this.wordSize(); |
118 | for (i=0; i<c; i++) { | 116 | for (i=0; i<c; i++) { |
@@ -275,109 +273,107 @@ Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft = function(aWordArray, | |||
275 | for (i=0; i<c; i++) { | 273 | for (i=0; i<c; i++) { |
276 | result[i] = 0; | 274 | result[i] = 0; |
277 | } | 275 | } |
278 | 276 | ||
279 | overflowValue = 0; | 277 | overflowValue = 0; |
280 | nextOverflowValue = 0; | 278 | nextOverflowValue = 0; |
281 | 279 | ||
282 | c = aWordArray.length; | 280 | c = aWordArray.length; |
283 | for (i=0; i<c; i++) { | 281 | for (i=0; i<c; i++) { |
284 | varvalue; | 282 | varvalue; |
285 | varresultWord; | 283 | varresultWord; |
286 | 284 | ||
287 | // value = this.value()[i]; | 285 | // value = this.value()[i]; |
288 | value = aWordArray[i]; | 286 | value = aWordArray[i]; |
289 | 287 | ||
290 | if (numberOfBitsToShift > 0) { | 288 | if (numberOfBitsToShift > 0) { |
291 | var nextOverflowValue; | 289 | var nextOverflowValue; |
292 | 290 | ||
293 | nextOverflowValue = (value >>> (32 - numberOfBitsToShift)); | 291 | nextOverflowValue = (value >>> (32 - numberOfBitsToShift)); |
294 | value = value & (0xffffffff >>> numberOfBitsToShift); | 292 | value = value & (0xffffffff >>> numberOfBitsToShift); |
295 | resultWord = (((value << numberOfBitsToShift) | overflowValue) >>> 0); | 293 | resultWord = (((value << numberOfBitsToShift) | overflowValue) >>> 0); |
296 | } else { | 294 | } else { |
297 | resultWord = value; | 295 | resultWord = value; |
298 | } | 296 | } |
299 | 297 | ||
300 | result[i+numberOfWordsToShift] = resultWord; | 298 | result[i+numberOfWordsToShift] = resultWord; |
301 | overflowValue = nextOverflowValue; | 299 | overflowValue = nextOverflowValue; |
302 | } | 300 | } |
303 | 301 | ||
304 | if (overflowValue != 0) { | 302 | if (overflowValue != 0) { |
305 | result[aWordArray.length + numberOfWordsToShift] = overflowValue; | 303 | result[aWordArray.length + numberOfWordsToShift] = overflowValue; |
306 | } | 304 | } |
307 | 305 | ||
308 | return result; | 306 | return result; |
309 | }; | 307 | }; |
310 | 308 | ||
311 | Clipperz.Crypto.ECC.BinaryField.Value._bitSize = function(aWordArray) { | 309 | Clipperz.Crypto.ECC.BinaryField.Value._bitSize = function(aWordArray) { |
312 | varresult; | 310 | varresult; |
313 | varnotNullElements; | 311 | varnotNullElements; |
314 | var mostValuableWord; | 312 | var mostValuableWord; |
315 | var matchingBitsInMostImportantWord; | 313 | var matchingBitsInMostImportantWord; |
316 | var mask; | 314 | var mask; |
317 | var i,c; | 315 | var i,c; |
318 | 316 | ||
319 | notNullElements = aWordArray.length; | 317 | notNullElements = aWordArray.length; |
320 | 318 | ||
321 | if ((aWordArray.length == 1) && (aWordArray[0] == 0)) { | 319 | if ((aWordArray.length == 1) && (aWordArray[0] == 0)) { |
322 | result = 0; | 320 | result = 0; |
323 | } else { | 321 | } else { |
324 | notNullElements --; | 322 | notNullElements --; |
325 | while((notNullElements > 0) && (aWordArray[notNullElements] == 0)) { | 323 | while((notNullElements > 0) && (aWordArray[notNullElements] == 0)) { |
326 | notNullElements --; | 324 | notNullElements --; |
327 | } | 325 | } |
328 | 326 | ||
329 | result = notNullElements * 32; | 327 | result = notNullElements * 32; |
330 | mostValuableWord = aWordArray[notNullElements]; | 328 | mostValuableWord = aWordArray[notNullElements]; |
331 | 329 | ||
332 | matchingBits = 32; | 330 | matchingBits = 32; |
333 | mask = 0x80000000; | 331 | mask = 0x80000000; |
334 | 332 | ||
335 | while ((matchingBits > 0) && ((mostValuableWord & mask) == 0)) { | 333 | while ((matchingBits > 0) && ((mostValuableWord & mask) == 0)) { |
336 | matchingBits --; | 334 | matchingBits --; |
337 | mask >>>= 1; | 335 | mask >>>= 1; |
338 | } | 336 | } |
339 | 337 | ||
340 | result += matchingBits; | 338 | result += matchingBits; |
341 | } | 339 | } |
342 | 340 | ||
343 | return result; | 341 | return result; |
344 | }; | 342 | }; |
345 | 343 | ||
346 | Clipperz.Crypto.ECC.BinaryField.Value._isBitSet = function(aWordArray, aBitPosition) { | 344 | Clipperz.Crypto.ECC.BinaryField.Value._isBitSet = function(aWordArray, aBitPosition) { |
347 | var result; | 345 | var result; |
348 | varbyteIndex; | 346 | varbyteIndex; |
349 | var bitIndexInSelectedByte; | 347 | var bitIndexInSelectedByte; |
350 | 348 | ||
351 | byteIndex = Math.floor(aBitPosition / 32); | 349 | byteIndex = Math.floor(aBitPosition / 32); |
352 | bitIndexInSelectedByte = aBitPosition % 32; | 350 | bitIndexInSelectedByte = aBitPosition % 32; |
353 | 351 | ||
354 | if (byteIndex <= aWordArray.length) { | 352 | if (byteIndex <= aWordArray.length) { |
355 | result = ((aWordArray[byteIndex] & (1 << bitIndexInSelectedByte)) != 0); | 353 | result = ((aWordArray[byteIndex] & (1 << bitIndexInSelectedByte)) != 0); |
356 | } else { | 354 | } else { |
357 | result = false; | 355 | result = false; |
358 | } | 356 | } |
359 | 357 | ||
360 | return result; | 358 | return result; |
361 | }; | 359 | }; |
362 | 360 | ||
363 | Clipperz.Crypto.ECC.BinaryField.Value._compare = function(a,b) { | 361 | Clipperz.Crypto.ECC.BinaryField.Value._compare = function(a,b) { |
364 | varresult; | 362 | varresult; |
365 | var i,c; | 363 | var i,c; |
366 | 364 | ||
367 | result = MochiKit.Base.compare(a.length, b.length); | 365 | result = MochiKit.Base.compare(a.length, b.length); |
368 | 366 | ||
369 | c = a.length; | 367 | c = a.length; |
370 | for (i=0; (i<c) && (result==0); i++) { | 368 | for (i=0; (i<c) && (result==0); i++) { |
371 | //console.log("compare[" + c + " - " + i + " - 1] " + this.value()[c-i-1] + ", " + aValue.value()[c-i-1]); | ||
372 | // result = MochiKit.Base.compare(this.value()[c-i-1], aValue.value()[c-i-1]); | ||
373 | result = MochiKit.Base.compare(a[c-i-1], b[c-i-1]); | 369 | result = MochiKit.Base.compare(a[c-i-1], b[c-i-1]); |
374 | } | 370 | } |
375 | 371 | ||
376 | return result; | 372 | return result; |
377 | }; | 373 | }; |
378 | 374 | ||
379 | 375 | ||
380 | Clipperz.Crypto.ECC.BinaryField.Value['exception']= { | 376 | Clipperz.Crypto.ECC.BinaryField.Value['exception']= { |
381 | 'UnsupportedBase': new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase"), | 377 | 'UnsupportedBase': new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase"), |
382 | 'UnsupportedConstructorValueType':new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType") | 378 | 'UnsupportedConstructorValueType':new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType") |
383 | }; | 379 | }; |
diff --git a/frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js b/frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js index be197e3..239e264 100644 --- a/frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js +++ b/frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js | |||
@@ -1,236 +1,229 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | //try { if (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) == 'undefined') { throw ""; }} catch (e) { | 24 | //try { if (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) == 'undefined') { throw ""; }} catch (e) { |
27 | //throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.BinaryField.Curve!"; | 25 | //throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.BinaryField.Curve!"; |
28 | //} | 26 | //} |
29 | //try { if (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) == 'undefined') { throw ""; }} catch (e) { | 27 | //try { if (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) == 'undefined') { throw ""; }} catch (e) { |
30 | //throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.Koblitz.Curve!"; | 28 | //throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.Koblitz.Curve!"; |
31 | //} | 29 | //} |
32 | 30 | ||
33 | Clipperz.Crypto.ECC.StandardCurves = {}; | 31 | Clipperz.Crypto.ECC.StandardCurves = {}; |
34 | 32 | ||
35 | MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, { | 33 | MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, { |
36 | 34 | ||
37 | //============================================================================== | 35 | //============================================================================== |
38 | 36 | ||
39 | '_K571': null, | 37 | '_K571': null, |
40 | 'K571': function() { //f(z) = z^571 + z^10 + z^5 + z^2 + 1 | 38 | 'K571': function() { //f(z) = z^571 + z^10 + z^5 + z^2 + 1 |
41 | if ((Clipperz.Crypto.ECC.StandardCurves._K571 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) { | 39 | if ((Clipperz.Crypto.ECC.StandardCurves._K571 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) { |
42 | Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.Koblitz.Curve({ | 40 | Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.Koblitz.Curve({ |
43 | modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16), | 41 | modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16), |
44 | a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16), | 42 | a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16), |
45 | b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16), | 43 | b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16), |
46 | G: new Clipperz.Crypto.ECC.Koblitz.Point({ | 44 | G: new Clipperz.Crypto.ECC.Koblitz.Point({ |
47 | x: new Clipperz.Crypto.ECC.Koblitz.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16), | 45 | x: new Clipperz.Crypto.ECC.Koblitz.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16), |
48 | y: new Clipperz.Crypto.ECC.Koblitz.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16) | 46 | y: new Clipperz.Crypto.ECC.Koblitz.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16) |
49 | }), | 47 | }), |
50 | r: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16), | 48 | r: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16), |
51 | h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16), | 49 | h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16), |
52 | primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16) | 50 | primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16) |
53 | }); | 51 | }); |
54 | } | 52 | } |
55 | 53 | ||
56 | return Clipperz.Crypto.ECC.StandardCurves._K571; | 54 | return Clipperz.Crypto.ECC.StandardCurves._K571; |
57 | }, | 55 | }, |
58 | 56 | ||
59 | //----------------------------------------------------------------------------- | 57 | //----------------------------------------------------------------------------- |
60 | 58 | ||
61 | '_K283': null, | 59 | '_K283': null, |
62 | 'K283': function() { //f(z) = z^283 + z^12 + z^7 + z^5 + 1 | 60 | 'K283': function() { //f(z) = z^283 + z^12 + z^7 + z^5 + 1 |
63 | if ((Clipperz.Crypto.ECC.StandardCurves._K283 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) { | 61 | if ((Clipperz.Crypto.ECC.StandardCurves._K283 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) { |
64 | Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.Koblitz.Curve({ | 62 | Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.Koblitz.Curve({ |
65 | modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), | 63 | modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), |
66 | a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16), | 64 | a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16), |
67 | b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16), | 65 | b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16), |
68 | G: new Clipperz.Crypto.ECC.Koblitz.Point({ | 66 | G: new Clipperz.Crypto.ECC.Koblitz.Point({ |
69 | x: new Clipperz.Crypto.ECC.Koblitz.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16), | 67 | x: new Clipperz.Crypto.ECC.Koblitz.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16), |
70 | y: new Clipperz.Crypto.ECC.Koblitz.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16) | 68 | y: new Clipperz.Crypto.ECC.Koblitz.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16) |
71 | }), | 69 | }), |
72 | r: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16), | 70 | r: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16), |
73 | h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16), | 71 | h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16), |
74 | primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16) | 72 | primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16) |
75 | }); | 73 | }); |
76 | } | 74 | } |
77 | 75 | ||
78 | return Clipperz.Crypto.ECC.StandardCurves._K283; | 76 | return Clipperz.Crypto.ECC.StandardCurves._K283; |
79 | }, | 77 | }, |
80 | 78 | ||
81 | //============================================================================== | 79 | //============================================================================== |
82 | 80 | ||
83 | '_B571': null, | 81 | '_B571': null, |
84 | 'B571': function() { //f(z) = z^571 + z^10 + z^5 + z^2 + 1 | 82 | 'B571': function() { //f(z) = z^571 + z^10 + z^5 + z^2 + 1 |
85 | if ((Clipperz.Crypto.ECC.StandardCurves._B571 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) { | 83 | if ((Clipperz.Crypto.ECC.StandardCurves._B571 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) { |
86 | Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({ | 84 | Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({ |
87 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16), | 85 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16), |
88 | a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), | 86 | a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), |
89 | b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e 2221f295 de297117 b7f3d62f 5c6a97ff cb8ceff1 cd6ba8ce 4a9a18ad 84ffabbd 8efa5933 2be7ad67 56a66e29 4afd185a 78ff12aa 520e4de7 39baca0c 7ffeff7f 2955727a', 16), | 87 | b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e 2221f295 de297117 b7f3d62f 5c6a97ff cb8ceff1 cd6ba8ce 4a9a18ad 84ffabbd 8efa5933 2be7ad67 56a66e29 4afd185a 78ff12aa 520e4de7 39baca0c 7ffeff7f 2955727a', 16), |
90 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ | 88 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ |
91 | x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16), | 89 | x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16), |
92 | y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16) | 90 | y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16) |
93 | }), | 91 | }), |
94 | r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16), | 92 | r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16), |
95 | h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) | 93 | h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) |
96 | 94 | ||
97 | // S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10), | 95 | // S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10), |
98 | // n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16) | 96 | // n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16) |
99 | }); | 97 | }); |
100 | 98 | ||
101 | //----------------------------------------------------------------------------- | 99 | //----------------------------------------------------------------------------- |
102 | // | 100 | // |
103 | //Guide to Elliptic Curve Cryptography | 101 | //Guide to Elliptic Curve Cryptography |
104 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone | 102 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone |
105 | //- Pag: 56, Alorithm 2.45 (with a typo!!!) | 103 | //- Pag: 56, Alorithm 2.45 (with a typo!!!) |
106 | // | 104 | // |
107 | //----------------------------------------------------------------------------- | 105 | //----------------------------------------------------------------------------- |
108 | // | 106 | // |
109 | // http://www.milw0rm.com/papers/136 | 107 | // http://www.milw0rm.com/papers/136 |
110 | // | 108 | // |
111 | // ------------------------------------------------------------------------- | 109 | // ------------------------------------------------------------------------- |
112 | // Polynomial Reduction Algorithm Modulo f571 | 110 | // Polynomial Reduction Algorithm Modulo f571 |
113 | // ------------------------------------------------------------------------- | 111 | // ------------------------------------------------------------------------- |
114 | // | 112 | // |
115 | // Input: Polynomial p(x) of degree 1140 or less, stored as | 113 | // Input: Polynomial p(x) of degree 1140 or less, stored as |
116 | // an array of 2T machinewords. | 114 | // an array of 2T machinewords. |
117 | // Output: p(x) mod f571(x) | 115 | // Output: p(x) mod f571(x) |
118 | // | 116 | // |
119 | // FOR i = T-1, ..., 0 DO | 117 | // FOR i = T-1, ..., 0 DO |
120 | // SET X := P[i+T] | 118 | // SET X := P[i+T] |
121 | // P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15) | 119 | // P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15) |
122 | // P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27) | 120 | // P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27) |
123 | // | 121 | // |
124 | // SET X := P[T-1] >> 27 | 122 | // SET X := P[T-1] >> 27 |
125 | // P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10) | 123 | // P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10) |
126 | // P[T-1] := P[T-1] & 0x07ffffff | 124 | // P[T-1] := P[T-1] & 0x07ffffff |
127 | // | 125 | // |
128 | // RETURN P[T-1],...,P[0] | 126 | // RETURN P[T-1],...,P[0] |
129 | // | 127 | // |
130 | // ------------------------------------------------------------------------- | 128 | // ------------------------------------------------------------------------- |
131 | // | 129 | // |
132 | Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module; | 130 | Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module; |
133 | Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) { | 131 | Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) { |
134 | varresult; | 132 | varresult; |
135 | 133 | ||
136 | if (aValue.bitSize() > 1140) { | 134 | if (aValue.bitSize() > 1140) { |
137 | MochiKit.Logging.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation"); | 135 | Clipperz.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation"); |
138 | result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue); | 136 | result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue); |
139 | } else { | 137 | } else { |
140 | varC, T; | 138 | varC, T; |
141 | var i; | 139 | var i; |
142 | 140 | ||
143 | //console.log(">>> binaryField.finiteField.(improved)module"); | ||
144 | // C = aValue.value().slice(0); | ||
145 | C = aValue._value.slice(0); | 141 | C = aValue._value.slice(0); |
146 | for (i=35; i>=18; i--) { | 142 | for (i=35; i>=18; i--) { |
147 | T = C[i]; | 143 | T = C[i]; |
148 | C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0); | 144 | C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0); |
149 | C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0); | 145 | C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0); |
150 | } | 146 | } |
151 | T = (C[17] >>> 27); | 147 | T = (C[17] >>> 27); |
152 | C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0); | 148 | C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0); |
153 | C[17] = (C[17] & 0x07ffffff); | 149 | C[17] = (C[17] & 0x07ffffff); |
154 | 150 | ||
155 | for(i=18; i<=35; i++) { | 151 | for(i=18; i<=35; i++) { |
156 | C[i] = 0; | 152 | C[i] = 0; |
157 | } | 153 | } |
158 | 154 | ||
159 | result = new Clipperz.Crypto.ECC.BinaryField.Value(C); | 155 | result = new Clipperz.Crypto.ECC.BinaryField.Value(C); |
160 | //console.log("<<< binaryField.finiteField.(improved)module"); | ||
161 | } | 156 | } |
162 | 157 | ||
163 | return result; | 158 | return result; |
164 | }; | 159 | }; |
165 | } | 160 | } |
166 | 161 | ||
167 | return Clipperz.Crypto.ECC.StandardCurves._B571; | 162 | return Clipperz.Crypto.ECC.StandardCurves._B571; |
168 | }, | 163 | }, |
169 | 164 | ||
170 | //----------------------------------------------------------------------------- | 165 | //----------------------------------------------------------------------------- |
171 | 166 | ||
172 | '_B283': null, | 167 | '_B283': null, |
173 | 'B283': function() { //f(z) = z^283 + z^12 + z^7 + z^5 + 1 | 168 | 'B283': function() { //f(z) = z^283 + z^12 + z^7 + z^5 + 1 |
174 | if ((Clipperz.Crypto.ECC.StandardCurves._B283 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) { | 169 | if ((Clipperz.Crypto.ECC.StandardCurves._B283 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) { |
175 | Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({ | 170 | Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({ |
176 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), | 171 | modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), |
177 | a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), | 172 | a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), |
178 | b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16), | 173 | b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16), |
179 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ | 174 | G: new Clipperz.Crypto.ECC.BinaryField.Point({ |
180 | x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16), | 175 | x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16), |
181 | y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16) | 176 | y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16) |
182 | }), | 177 | }), |
183 | r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16), | 178 | r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16), |
184 | h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) | 179 | h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) |
185 | }); | 180 | }); |
186 | 181 | ||
187 | //----------------------------------------------------------------------------- | 182 | //----------------------------------------------------------------------------- |
188 | // | 183 | // |
189 | //Guide to Elliptic Curve Cryptography | 184 | //Guide to Elliptic Curve Cryptography |
190 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone | 185 | //Darrel Hankerson, Alfred Menezes, Scott Vanstone |
191 | //- Pag: 56, Alorithm 2.43 | 186 | //- Pag: 56, Alorithm 2.43 |
192 | // | 187 | // |
193 | //----------------------------------------------------------------------------- | 188 | //----------------------------------------------------------------------------- |
194 | Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module; | 189 | Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module; |
195 | Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) { | 190 | Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) { |
196 | varresult; | 191 | varresult; |
197 | 192 | ||
198 | if (aValue.bitSize() > 564) { | 193 | if (aValue.bitSize() > 564) { |
199 | MochiKit.Logging.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation"); | 194 | Clipperz.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation"); |
200 | result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue); | 195 | result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue); |
201 | } else { | 196 | } else { |
202 | varC, T; | 197 | varC, T; |
203 | var i; | 198 | var i; |
204 | 199 | ||
205 | //console.log(">>> binaryField.finiteField.(improved)module"); | ||
206 | C = aValue._value.slice(0); | 200 | C = aValue._value.slice(0); |
207 | for (i=17; i>=9; i--) { | 201 | for (i=17; i>=9; i--) { |
208 | T = C[i]; | 202 | T = C[i]; |
209 | C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0); | 203 | C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0); |
210 | C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0); | 204 | C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0); |
211 | } | 205 | } |
212 | T = (C[8] >>> 27); | 206 | T = (C[8] >>> 27); |
213 | C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0); | 207 | C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0); |
214 | C[8] = (C[8] & 0x07ffffff); | 208 | C[8] = (C[8] & 0x07ffffff); |
215 | 209 | ||
216 | for(i=9; i<=17; i++) { | 210 | for(i=9; i<=17; i++) { |
217 | C[i] = 0; | 211 | C[i] = 0; |
218 | } | 212 | } |
219 | 213 | ||
220 | result = new Clipperz.Crypto.ECC.BinaryField.Value(C); | 214 | result = new Clipperz.Crypto.ECC.BinaryField.Value(C); |
221 | //console.log("<<< binaryField.finiteField.(improved)module"); | ||
222 | } | 215 | } |
223 | 216 | ||
224 | return result; | 217 | return result; |
225 | }; | 218 | }; |
226 | } | 219 | } |
227 | 220 | ||
228 | return Clipperz.Crypto.ECC.StandardCurves._B283; | 221 | return Clipperz.Crypto.ECC.StandardCurves._B283; |
229 | }, | 222 | }, |
230 | 223 | ||
231 | //============================================================================== | 224 | //============================================================================== |
232 | __syntaxFix__: "syntax fix" | 225 | __syntaxFix__: "syntax fix" |
233 | }); | 226 | }); |
234 | 227 | ||
235 | 228 | ||
236 | 229 | ||
diff --git a/frontend/gamma/js/Clipperz/Crypto/PRNG.js b/frontend/gamma/js/Clipperz/Crypto/PRNG.js index adfdb16..c539f06 100644 --- a/frontend/gamma/js/Clipperz/Crypto/PRNG.js +++ b/frontend/gamma/js/Clipperz/Crypto/PRNG.js | |||
@@ -1,118 +1,116 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!"; | 25 | throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!"; |
28 | } | 26 | } |
29 | 27 | ||
30 | try { if (typeof(Clipperz.Crypto.SHA) == 'undefined') { throw ""; }} catch (e) { | 28 | try { if (typeof(Clipperz.Crypto.SHA) == 'undefined') { throw ""; }} catch (e) { |
31 | throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.SHA!"; | 29 | throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.SHA!"; |
32 | } | 30 | } |
33 | 31 | ||
34 | try { if (typeof(Clipperz.Crypto.AES) == 'undefined') { throw ""; }} catch (e) { | 32 | try { if (typeof(Clipperz.Crypto.AES) == 'undefined') { throw ""; }} catch (e) { |
35 | throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.AES!"; | 33 | throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.AES!"; |
36 | } | 34 | } |
37 | 35 | ||
38 | if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { Clipperz.Crypto.PRNG = {}; } | 36 | if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { Clipperz.Crypto.PRNG = {}; } |
39 | 37 | ||
40 | //############################################################################# | 38 | //############################################################################# |
41 | 39 | ||
42 | Clipperz.Crypto.PRNG.EntropyAccumulator = function(args) { | 40 | Clipperz.Crypto.PRNG.EntropyAccumulator = function(args) { |
43 | args = args || {}; | 41 | args = args || {}; |
44 | //MochiKit.Base.bindMethods(this); | 42 | //MochiKit.Base.bindMethods(this); |
45 | 43 | ||
46 | this._stack = new Clipperz.ByteArray(); | 44 | this._stack = new Clipperz.ByteArray(); |
47 | this._maxStackLengthBeforeHashing = args.maxStackLengthBeforeHashing || 256; | 45 | this._maxStackLengthBeforeHashing = args.maxStackLengthBeforeHashing || 256; |
48 | return this; | 46 | return this; |
49 | } | 47 | } |
50 | 48 | ||
51 | Clipperz.Crypto.PRNG.EntropyAccumulator.prototype = MochiKit.Base.update(null, { | 49 | Clipperz.Crypto.PRNG.EntropyAccumulator.prototype = MochiKit.Base.update(null, { |
52 | 50 | ||
53 | 'toString': function() { | 51 | 'toString': function() { |
54 | return "Clipperz.Crypto.PRNG.EntropyAccumulator"; | 52 | return "Clipperz.Crypto.PRNG.EntropyAccumulator"; |
55 | }, | 53 | }, |
56 | 54 | ||
57 | //------------------------------------------------------------------------- | 55 | //------------------------------------------------------------------------- |
58 | 56 | ||
59 | 'stack': function() { | 57 | 'stack': function() { |
60 | return this._stack; | 58 | return this._stack; |
61 | }, | 59 | }, |
62 | 60 | ||
63 | 'setStack': function(aValue) { | 61 | 'setStack': function(aValue) { |
64 | this._stack = aValue; | 62 | this._stack = aValue; |
65 | }, | 63 | }, |
66 | 64 | ||
67 | 'resetStack': function() { | 65 | 'resetStack': function() { |
68 | this.stack().reset(); | 66 | this.stack().reset(); |
69 | }, | 67 | }, |
70 | 68 | ||
71 | 'maxStackLengthBeforeHashing': function() { | 69 | 'maxStackLengthBeforeHashing': function() { |
72 | return this._maxStackLengthBeforeHashing; | 70 | return this._maxStackLengthBeforeHashing; |
73 | }, | 71 | }, |
74 | 72 | ||
75 | //------------------------------------------------------------------------- | 73 | //------------------------------------------------------------------------- |
76 | 74 | ||
77 | 'addRandomByte': function(aValue) { | 75 | 'addRandomByte': function(aValue) { |
78 | this.stack().appendByte(aValue); | 76 | this.stack().appendByte(aValue); |
79 | 77 | ||
80 | if (this.stack().length() > this.maxStackLengthBeforeHashing()) { | 78 | if (this.stack().length() > this.maxStackLengthBeforeHashing()) { |
81 | this.setStack(Clipperz.Crypto.SHA.sha_d256(this.stack())); | 79 | this.setStack(Clipperz.Crypto.SHA.sha_d256(this.stack())); |
82 | } | 80 | } |
83 | }, | 81 | }, |
84 | 82 | ||
85 | //------------------------------------------------------------------------- | 83 | //------------------------------------------------------------------------- |
86 | __syntaxFix__: "syntax fix" | 84 | __syntaxFix__: "syntax fix" |
87 | }); | 85 | }); |
88 | 86 | ||
89 | //############################################################################# | 87 | //############################################################################# |
90 | 88 | ||
91 | Clipperz.Crypto.PRNG.RandomnessSource = function(args) { | 89 | Clipperz.Crypto.PRNG.RandomnessSource = function(args) { |
92 | args = args || {}; | 90 | args = args || {}; |
93 | MochiKit.Base.bindMethods(this); | 91 | MochiKit.Base.bindMethods(this); |
94 | 92 | ||
95 | this._generator = args.generator || null; | 93 | this._generator = args.generator || null; |
96 | this._sourceId = args.sourceId || null; | 94 | this._sourceId = args.sourceId || null; |
97 | this._boostMode = args.boostMode || false; | 95 | this._boostMode = args.boostMode || false; |
98 | 96 | ||
99 | this._nextPoolIndex = 0; | 97 | this._nextPoolIndex = 0; |
100 | 98 | ||
101 | return this; | 99 | return this; |
102 | } | 100 | } |
103 | 101 | ||
104 | Clipperz.Crypto.PRNG.RandomnessSource.prototype = MochiKit.Base.update(null, { | 102 | Clipperz.Crypto.PRNG.RandomnessSource.prototype = MochiKit.Base.update(null, { |
105 | 103 | ||
106 | 'generator': function() { | 104 | 'generator': function() { |
107 | return this._generator; | 105 | return this._generator; |
108 | }, | 106 | }, |
109 | 107 | ||
110 | 'setGenerator': function(aValue) { | 108 | 'setGenerator': function(aValue) { |
111 | this._generator = aValue; | 109 | this._generator = aValue; |
112 | }, | 110 | }, |
113 | 111 | ||
114 | //------------------------------------------------------------------------- | 112 | //------------------------------------------------------------------------- |
115 | 113 | ||
116 | 'boostMode': function() { | 114 | 'boostMode': function() { |
117 | return this._boostMode; | 115 | return this._boostMode; |
118 | }, | 116 | }, |
@@ -396,336 +394,327 @@ Clipperz.Crypto.PRNG.Fortuna = function(args) { | |||
396 | this._counter = 0; | 394 | this._counter = 0; |
397 | this._key = new Clipperz.ByteArray(); | 395 | this._key = new Clipperz.ByteArray(); |
398 | } else { | 396 | } else { |
399 | this._counter = 1; | 397 | this._counter = 1; |
400 | } | 398 | } |
401 | 399 | ||
402 | this._aesKey = null; | 400 | this._aesKey = null; |
403 | 401 | ||
404 | this._firstPoolReseedLevel = args.firstPoolReseedLevel || 32 || 64; | 402 | this._firstPoolReseedLevel = args.firstPoolReseedLevel || 32 || 64; |
405 | this._numberOfEntropyAccumulators = args.numberOfEntropyAccumulators || 32; | 403 | this._numberOfEntropyAccumulators = args.numberOfEntropyAccumulators || 32; |
406 | 404 | ||
407 | this._accumulators = []; | 405 | this._accumulators = []; |
408 | c = this.numberOfEntropyAccumulators(); | 406 | c = this.numberOfEntropyAccumulators(); |
409 | for (i=0; i<c; i++) { | 407 | for (i=0; i<c; i++) { |
410 | this._accumulators.push(new Clipperz.Crypto.PRNG.EntropyAccumulator()); | 408 | this._accumulators.push(new Clipperz.Crypto.PRNG.EntropyAccumulator()); |
411 | } | 409 | } |
412 | 410 | ||
413 | this._randomnessSources = []; | 411 | this._randomnessSources = []; |
414 | this._reseedCounter = 0; | 412 | this._reseedCounter = 0; |
415 | 413 | ||
416 | return this; | 414 | return this; |
417 | } | 415 | } |
418 | 416 | ||
419 | Clipperz.Crypto.PRNG.Fortuna.prototype = MochiKit.Base.update(null, { | 417 | Clipperz.Crypto.PRNG.Fortuna.prototype = MochiKit.Base.update(null, { |
420 | 418 | ||
421 | 'toString': function() { | 419 | 'toString': function() { |
422 | return "Clipperz.Crypto.PRNG.Fortuna"; | 420 | return "Clipperz.Crypto.PRNG.Fortuna"; |
423 | }, | 421 | }, |
424 | 422 | ||
425 | //------------------------------------------------------------------------- | 423 | //------------------------------------------------------------------------- |
426 | 424 | ||
427 | 'key': function() { | 425 | 'key': function() { |
428 | return this._key; | 426 | return this._key; |
429 | }, | 427 | }, |
430 | 428 | ||
431 | 'setKey': function(aValue) { | 429 | 'setKey': function(aValue) { |
432 | this._key = aValue; | 430 | this._key = aValue; |
433 | this._aesKey = null; | 431 | this._aesKey = null; |
434 | }, | 432 | }, |
435 | 433 | ||
436 | 'aesKey': function() { | 434 | 'aesKey': function() { |
437 | if (this._aesKey == null) { | 435 | if (this._aesKey == null) { |
438 | this._aesKey = new Clipperz.Crypto.AES.Key({key:this.key()}); | 436 | this._aesKey = new Clipperz.Crypto.AES.Key({key:this.key()}); |
439 | } | 437 | } |
440 | 438 | ||
441 | return this._aesKey; | 439 | return this._aesKey; |
442 | }, | 440 | }, |
443 | 441 | ||
444 | 'accumulators': function() { | 442 | 'accumulators': function() { |
445 | return this._accumulators; | 443 | return this._accumulators; |
446 | }, | 444 | }, |
447 | 445 | ||
448 | 'firstPoolReseedLevel': function() { | 446 | 'firstPoolReseedLevel': function() { |
449 | return this._firstPoolReseedLevel; | 447 | return this._firstPoolReseedLevel; |
450 | }, | 448 | }, |
451 | 449 | ||
452 | //------------------------------------------------------------------------- | 450 | //------------------------------------------------------------------------- |
453 | 451 | ||
454 | 'reseedCounter': function() { | 452 | 'reseedCounter': function() { |
455 | return this._reseedCounter; | 453 | return this._reseedCounter; |
456 | }, | 454 | }, |
457 | 455 | ||
458 | 'incrementReseedCounter': function() { | 456 | 'incrementReseedCounter': function() { |
459 | this._reseedCounter = this._reseedCounter +1; | 457 | this._reseedCounter = this._reseedCounter +1; |
460 | }, | 458 | }, |
461 | 459 | ||
462 | //------------------------------------------------------------------------- | 460 | //------------------------------------------------------------------------- |
463 | 461 | ||
464 | 'reseed': function() { | 462 | 'reseed': function() { |
465 | varnewKeySeed; | 463 | varnewKeySeed; |
466 | var reseedCounter; | 464 | var reseedCounter; |
467 | varreseedCounterMask; | 465 | varreseedCounterMask; |
468 | var i, c; | 466 | var i, c; |
469 | 467 | ||
470 | newKeySeed = this.key(); | 468 | newKeySeed = this.key(); |
471 | this.incrementReseedCounter(); | 469 | this.incrementReseedCounter(); |
472 | reseedCounter = this.reseedCounter(); | 470 | reseedCounter = this.reseedCounter(); |
473 | 471 | ||
474 | c = this.numberOfEntropyAccumulators(); | 472 | c = this.numberOfEntropyAccumulators(); |
475 | reseedCounterMask = 0xffffffff >>> (32 - c); | 473 | reseedCounterMask = 0xffffffff >>> (32 - c); |
476 | for (i=0; i<c; i++) { | 474 | for (i=0; i<c; i++) { |
477 | if ((i == 0) || ((reseedCounter & (reseedCounterMask >>> (c - i))) == 0)) { | 475 | if ((i == 0) || ((reseedCounter & (reseedCounterMask >>> (c - i))) == 0)) { |
478 | newKeySeed.appendBlock(this.accumulators()[i].stack()); | 476 | newKeySeed.appendBlock(this.accumulators()[i].stack()); |
479 | this.accumulators()[i].resetStack(); | 477 | this.accumulators()[i].resetStack(); |
480 | } | 478 | } |
481 | } | 479 | } |
482 | 480 | ||
483 | if (reseedCounter == 1) { | 481 | if (reseedCounter == 1) { |
484 | c = this.randomnessSources().length; | 482 | c = this.randomnessSources().length; |
485 | for (i=0; i<c; i++) { | 483 | for (i=0; i<c; i++) { |
486 | this.randomnessSources()[i].setBoostMode(false); | 484 | this.randomnessSources()[i].setBoostMode(false); |
487 | } | 485 | } |
488 | } | 486 | } |
489 | 487 | ||
490 | this.setKey(Clipperz.Crypto.SHA.sha_d256(newKeySeed)); | 488 | this.setKey(Clipperz.Crypto.SHA.sha_d256(newKeySeed)); |
491 | if (reseedCounter == 1) { | 489 | if (reseedCounter == 1) { |
492 | //MochiKit.Logging.logDebug("### PRNG.readyToGenerateRandomBytes"); | ||
493 | Clipperz.log("### PRNG.readyToGenerateRandomBytes"); | 490 | Clipperz.log("### PRNG.readyToGenerateRandomBytes"); |
494 | MochiKit.Signal.signal(this, 'readyToGenerateRandomBytes'); | 491 | MochiKit.Signal.signal(this, 'readyToGenerateRandomBytes'); |
495 | } | 492 | } |
496 | MochiKit.Signal.signal(this, 'reseeded'); | 493 | MochiKit.Signal.signal(this, 'reseeded'); |
497 | }, | 494 | }, |
498 | 495 | ||
499 | //------------------------------------------------------------------------- | 496 | //------------------------------------------------------------------------- |
500 | 497 | ||
501 | 'isReadyToGenerateRandomValues': function() { | 498 | 'isReadyToGenerateRandomValues': function() { |
502 | return this.reseedCounter() != 0; | 499 | return this.reseedCounter() != 0; |
503 | }, | 500 | }, |
504 | 501 | ||
505 | //------------------------------------------------------------------------- | 502 | //------------------------------------------------------------------------- |
506 | 503 | ||
507 | 'entropyLevel': function() { | 504 | 'entropyLevel': function() { |
508 | return this.accumulators()[0].stack().length() + (this.reseedCounter() * this.firstPoolReseedLevel()); | 505 | return this.accumulators()[0].stack().length() + (this.reseedCounter() * this.firstPoolReseedLevel()); |
509 | }, | 506 | }, |
510 | 507 | ||
511 | //------------------------------------------------------------------------- | 508 | //------------------------------------------------------------------------- |
512 | 509 | ||
513 | 'counter': function() { | 510 | 'counter': function() { |
514 | return this._counter; | 511 | return this._counter; |
515 | }, | 512 | }, |
516 | 513 | ||
517 | 'incrementCounter': function() { | 514 | 'incrementCounter': function() { |
518 | this._counter += 1; | 515 | this._counter += 1; |
519 | }, | 516 | }, |
520 | 517 | ||
521 | 'counterBlock': function() { | 518 | 'counterBlock': function() { |
522 | var result; | 519 | var result; |
523 | 520 | ||
524 | result = new Clipperz.ByteArray().appendWords(this.counter(), 0, 0, 0); | 521 | result = new Clipperz.ByteArray().appendWords(this.counter(), 0, 0, 0); |
525 | 522 | ||
526 | return result; | 523 | return result; |
527 | }, | 524 | }, |
528 | 525 | ||
529 | //------------------------------------------------------------------------- | 526 | //------------------------------------------------------------------------- |
530 | 527 | ||
531 | 'getRandomBlock': function() { | 528 | 'getRandomBlock': function() { |
532 | var result; | 529 | var result; |
533 | 530 | ||
534 | result = new Clipperz.ByteArray(Clipperz.Crypto.AES.encryptBlock(this.aesKey(), this.counterBlock().arrayValues())); | 531 | result = new Clipperz.ByteArray(Clipperz.Crypto.AES.encryptBlock(this.aesKey(), this.counterBlock().arrayValues())); |
535 | this.incrementCounter(); | 532 | this.incrementCounter(); |
536 | 533 | ||
537 | return result; | 534 | return result; |
538 | }, | 535 | }, |
539 | 536 | ||
540 | //------------------------------------------------------------------------- | 537 | //------------------------------------------------------------------------- |
541 | 538 | ||
542 | 'getRandomBytes': function(aSize) { | 539 | 'getRandomBytes': function(aSize) { |
543 | var result; | 540 | var result; |
544 | 541 | ||
545 | if (this.isReadyToGenerateRandomValues()) { | 542 | if (this.isReadyToGenerateRandomValues()) { |
546 | var i,c; | 543 | var i,c; |
547 | var newKey; | 544 | var newKey; |
548 | 545 | ||
549 | result = new Clipperz.ByteArray(); | 546 | result = new Clipperz.ByteArray(); |
550 | 547 | ||
551 | c = Math.ceil(aSize / (128 / 8)); | 548 | c = Math.ceil(aSize / (128 / 8)); |
552 | for (i=0; i<c; i++) { | 549 | for (i=0; i<c; i++) { |
553 | result.appendBlock(this.getRandomBlock()); | 550 | result.appendBlock(this.getRandomBlock()); |
554 | } | 551 | } |
555 | 552 | ||
556 | if (result.length() != aSize) { | 553 | if (result.length() != aSize) { |
557 | result = result.split(0, aSize); | 554 | result = result.split(0, aSize); |
558 | } | 555 | } |
559 | 556 | ||
560 | newKey = this.getRandomBlock().appendBlock(this.getRandomBlock()); | 557 | newKey = this.getRandomBlock().appendBlock(this.getRandomBlock()); |
561 | this.setKey(newKey); | 558 | this.setKey(newKey); |
562 | } else { | 559 | } else { |
563 | MochiKit.Logging.logWarning("Fortuna generator has not enough entropy, yet!"); | 560 | Clipperz.logWarning("Fortuna generator has not enough entropy, yet!"); |
564 | throw Clipperz.Crypto.PRNG.exception.NotEnoughEntropy; | 561 | throw Clipperz.Crypto.PRNG.exception.NotEnoughEntropy; |
565 | } | 562 | } |
566 | 563 | ||
567 | return result; | 564 | return result; |
568 | }, | 565 | }, |
569 | 566 | ||
570 | //------------------------------------------------------------------------- | 567 | //------------------------------------------------------------------------- |
571 | 568 | ||
572 | 'addRandomByte': function(aSourceId, aPoolId, aRandomValue) { | 569 | 'addRandomByte': function(aSourceId, aPoolId, aRandomValue) { |
573 | varselectedAccumulator; | 570 | varselectedAccumulator; |
574 | 571 | ||
575 | selectedAccumulator = this.accumulators()[aPoolId]; | 572 | selectedAccumulator = this.accumulators()[aPoolId]; |
576 | selectedAccumulator.addRandomByte(aRandomValue); | 573 | selectedAccumulator.addRandomByte(aRandomValue); |
577 | 574 | ||
578 | if (aPoolId == 0) { | 575 | if (aPoolId == 0) { |
579 | MochiKit.Signal.signal(this, 'addedRandomByte') | 576 | MochiKit.Signal.signal(this, 'addedRandomByte') |
580 | if (selectedAccumulator.stack().length() > this.firstPoolReseedLevel()) { | 577 | if (selectedAccumulator.stack().length() > this.firstPoolReseedLevel()) { |
581 | this.reseed(); | 578 | this.reseed(); |
582 | } | 579 | } |
583 | } | 580 | } |
584 | }, | 581 | }, |
585 | 582 | ||
586 | //------------------------------------------------------------------------- | 583 | //------------------------------------------------------------------------- |
587 | 584 | ||
588 | 'numberOfEntropyAccumulators': function() { | 585 | 'numberOfEntropyAccumulators': function() { |
589 | return this._numberOfEntropyAccumulators; | 586 | return this._numberOfEntropyAccumulators; |
590 | }, | 587 | }, |
591 | 588 | ||
592 | //------------------------------------------------------------------------- | 589 | //------------------------------------------------------------------------- |
593 | 590 | ||
594 | 'randomnessSources': function() { | 591 | 'randomnessSources': function() { |
595 | return this._randomnessSources; | 592 | return this._randomnessSources; |
596 | }, | 593 | }, |
597 | 594 | ||
598 | 'addRandomnessSource': function(aRandomnessSource) { | 595 | 'addRandomnessSource': function(aRandomnessSource) { |
599 | aRandomnessSource.setGenerator(this); | 596 | aRandomnessSource.setGenerator(this); |
600 | aRandomnessSource.setSourceId(this.randomnessSources().length); | 597 | aRandomnessSource.setSourceId(this.randomnessSources().length); |
601 | this.randomnessSources().push(aRandomnessSource); | 598 | this.randomnessSources().push(aRandomnessSource); |
602 | 599 | ||
603 | if (this.isReadyToGenerateRandomValues() == false) { | 600 | if (this.isReadyToGenerateRandomValues() == false) { |
604 | aRandomnessSource.setBoostMode(true); | 601 | aRandomnessSource.setBoostMode(true); |
605 | } | 602 | } |
606 | }, | 603 | }, |
607 | 604 | ||
608 | //------------------------------------------------------------------------- | 605 | //------------------------------------------------------------------------- |
609 | 606 | ||
610 | 'deferredEntropyCollection': function(aValue) { | 607 | 'deferredEntropyCollection': function(aValue) { |
611 | var result; | 608 | var result; |
612 | 609 | ||
613 | //MochiKit.Logging.logDebug(">>> PRNG.deferredEntropyCollection"); | ||
614 | 610 | ||
615 | if (this.isReadyToGenerateRandomValues()) { | 611 | if (this.isReadyToGenerateRandomValues()) { |
616 | //MochiKit.Logging.logDebug("--- PRNG.deferredEntropyCollection - 1"); | ||
617 | result = aValue; | 612 | result = aValue; |
618 | } else { | 613 | } else { |
619 | //MochiKit.Logging.logDebug("--- PRNG.deferredEntropyCollection - 2"); | ||
620 | var deferredResult; | 614 | var deferredResult; |
621 | 615 | ||
622 | // Clipperz.NotificationCenter.notify(this, 'updatedProgressState', 'collectingEntropy', true); | ||
623 | |||
624 | deferredResult = new Clipperz.Async.Deferred("PRNG.deferredEntropyCollection"); | 616 | deferredResult = new Clipperz.Async.Deferred("PRNG.deferredEntropyCollection"); |
625 | // deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("1.2.1 - PRNG.deferredEntropyCollection - 1: " + res); return res;}); | ||
626 | deferredResult.addCallback(MochiKit.Base.partial(MochiKit.Async.succeed, aValue)); | 617 | deferredResult.addCallback(MochiKit.Base.partial(MochiKit.Async.succeed, aValue)); |
627 | // deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("1.2.2 - PRNG.deferredEntropyCollection - 2: " + res); return res;}); | ||
628 | MochiKit.Signal.connect(this, | 618 | MochiKit.Signal.connect(this, |
629 | 'readyToGenerateRandomBytes', | 619 | 'readyToGenerateRandomBytes', |
630 | deferredResult, | 620 | deferredResult, |
631 | 'callback'); | 621 | 'callback'); |
632 | 622 | ||
633 | result = deferredResult; | 623 | result = deferredResult; |
634 | } | 624 | } |
635 | //MochiKit.Logging.logDebug("<<< PRNG.deferredEntropyCollection - result: " + result); | ||
636 | 625 | ||
637 | return result; | 626 | return result; |
638 | }, | 627 | }, |
639 | 628 | ||
640 | //------------------------------------------------------------------------- | 629 | //------------------------------------------------------------------------- |
641 | 630 | ||
642 | 'fastEntropyAccumulationForTestingPurpose': function() { | 631 | 'fastEntropyAccumulationForTestingPurpose': function() { |
643 | while (! this.isReadyToGenerateRandomValues()) { | 632 | while (! this.isReadyToGenerateRandomValues()) { |
644 | this.addRandomByte(Math.floor(Math.random() * 32), Math.floor(Math.random() * 32), Math.floor(Math.random() * 256)); | 633 | this.addRandomByte(Math.floor(Math.random() * 32), Math.floor(Math.random() * 32), Math.floor(Math.random() * 256)); |
645 | } | 634 | } |
646 | }, | 635 | }, |
647 | 636 | ||
648 | //------------------------------------------------------------------------- | 637 | //------------------------------------------------------------------------- |
649 | 638 | ||
650 | 'dump': function(appendToDoc) { | 639 | 'dump': function(appendToDoc) { |
651 | var tbl; | 640 | var tbl; |
652 | var i,c; | 641 | var i,c; |
653 | 642 | ||
654 | tbl = document.createElement("table"); | 643 | tbl = document.createElement("table"); |
655 | tbl.border = 0; | 644 | tbl.border = 0; |
656 | with (tbl.style) { | 645 | with (tbl.style) { |
657 | border = "1px solid lightgrey"; | 646 | border = "1px solid lightgrey"; |
658 | fontFamily = 'Helvetica, Arial, sans-serif'; | 647 | fontFamily = 'Helvetica, Arial, sans-serif'; |
659 | fontSize = '8pt'; | 648 | fontSize = '8pt'; |
660 | //borderCollapse = "collapse"; | 649 | //borderCollapse = "collapse"; |
661 | } | 650 | } |
662 | var hdr = tbl.createTHead(); | 651 | var hdr = tbl.createTHead(); |
663 | var hdrtr = hdr.insertRow(0); | 652 | var hdrtr = hdr.insertRow(0); |
664 | // document.createElement("tr"); | 653 | // document.createElement("tr"); |
665 | { | 654 | { |
666 | var ntd; | 655 | var ntd; |
667 | 656 | ||
668 | ntd = hdrtr.insertCell(0); | 657 | ntd = hdrtr.insertCell(0); |
669 | ntd.style.borderBottom = "1px solid lightgrey"; | 658 | ntd.style.borderBottom = "1px solid lightgrey"; |
670 | ntd.style.borderRight = "1px solid lightgrey"; | 659 | ntd.style.borderRight = "1px solid lightgrey"; |
671 | ntd.appendChild(document.createTextNode("#")); | 660 | ntd.appendChild(document.createTextNode("#")); |
672 | 661 | ||
673 | ntd = hdrtr.insertCell(1); | 662 | ntd = hdrtr.insertCell(1); |
674 | ntd.style.borderBottom = "1px solid lightgrey"; | 663 | ntd.style.borderBottom = "1px solid lightgrey"; |
675 | ntd.style.borderRight = "1px solid lightgrey"; | 664 | ntd.style.borderRight = "1px solid lightgrey"; |
676 | ntd.appendChild(document.createTextNode("s")); | 665 | ntd.appendChild(document.createTextNode("s")); |
677 | 666 | ||
678 | ntd = hdrtr.insertCell(2); | 667 | ntd = hdrtr.insertCell(2); |
679 | ntd.colSpan = this.firstPoolReseedLevel(); | 668 | ntd.colSpan = this.firstPoolReseedLevel(); |
680 | ntd.style.borderBottom = "1px solid lightgrey"; | 669 | ntd.style.borderBottom = "1px solid lightgrey"; |
681 | ntd.style.borderRight = "1px solid lightgrey"; | 670 | ntd.style.borderRight = "1px solid lightgrey"; |
682 | ntd.appendChild(document.createTextNode("base values")); | 671 | ntd.appendChild(document.createTextNode("base values")); |
683 | 672 | ||
684 | ntd = hdrtr.insertCell(3); | 673 | ntd = hdrtr.insertCell(3); |
685 | ntd.colSpan = 20; | 674 | ntd.colSpan = 20; |
686 | ntd.style.borderBottom = "1px solid lightgrey"; | 675 | ntd.style.borderBottom = "1px solid lightgrey"; |
687 | ntd.appendChild(document.createTextNode("extra values")); | 676 | ntd.appendChild(document.createTextNode("extra values")); |
688 | 677 | ||
689 | } | 678 | } |
690 | 679 | ||
691 | c = this.accumulators().length; | 680 | c = this.accumulators().length; |
692 | for (i=0; i<c ; i++) { | 681 | for (i=0; i<c ; i++) { |
693 | varcurrentAccumulator; | 682 | varcurrentAccumulator; |
694 | var bdytr; | 683 | var bdytr; |
695 | var bdytd; | 684 | var bdytd; |
696 | var ii, cc; | 685 | var ii, cc; |
697 | 686 | ||
698 | currentAccumulator = this.accumulators()[i] | 687 | currentAccumulator = this.accumulators()[i] |
699 | 688 | ||
700 | bdytr = tbl.insertRow(true); | 689 | bdytr = tbl.insertRow(true); |
701 | 690 | ||
702 | bdytd = bdytr.insertCell(0); | 691 | bdytd = bdytr.insertCell(0); |
703 | bdytd.style.borderRight = "1px solid lightgrey"; | 692 | bdytd.style.borderRight = "1px solid lightgrey"; |
704 | bdytd.style.color = "lightgrey"; | 693 | bdytd.style.color = "lightgrey"; |
705 | bdytd.appendChild(document.createTextNode("" + i)); | 694 | bdytd.appendChild(document.createTextNode("" + i)); |
706 | 695 | ||
707 | bdytd = bdytr.insertCell(1); | 696 | bdytd = bdytr.insertCell(1); |
708 | bdytd.style.borderRight = "1px solid lightgrey"; | 697 | bdytd.style.borderRight = "1px solid lightgrey"; |
709 | bdytd.style.color = "gray"; | 698 | bdytd.style.color = "gray"; |
710 | bdytd.appendChild(document.createTextNode("" + currentAccumulator.stack().length())); | 699 | bdytd.appendChild(document.createTextNode("" + currentAccumulator.stack().length())); |
711 | 700 | ||
712 | 701 | ||
713 | cc = Math.max(currentAccumulator.stack().length(), this.firstPoolReseedLevel()); | 702 | cc = Math.max(currentAccumulator.stack().length(), this.firstPoolReseedLevel()); |
714 | for (ii=0; ii<cc; ii++) { | 703 | for (ii=0; ii<cc; ii++) { |
715 | var cellText; | 704 | var cellText; |
716 | 705 | ||
717 | bdytd = bdytr.insertCell(ii + 2); | 706 | bdytd = bdytr.insertCell(ii + 2); |
718 | 707 | ||
719 | if (ii < currentAccumulator.stack().length()) { | 708 | if (ii < currentAccumulator.stack().length()) { |
720 | cellText = Clipperz.ByteArray.byteToHex(currentAccumulator.stack().byteAtIndex(ii)); | 709 | cellText = Clipperz.ByteArray.byteToHex(currentAccumulator.stack().byteAtIndex(ii)); |
721 | } else { | 710 | } else { |
722 | cellText = "_"; | 711 | cellText = "_"; |
723 | } | 712 | } |
724 | 713 | ||
725 | if (ii == (this.firstPoolReseedLevel() - 1)) { | 714 | if (ii == (this.firstPoolReseedLevel() - 1)) { |
726 | bdytd.style.borderRight = "1px solid lightgrey"; | 715 | bdytd.style.borderRight = "1px solid lightgrey"; |
727 | } | 716 | } |
728 | 717 | ||
729 | bdytd.appendChild(document.createTextNode(cellText)); | 718 | bdytd.appendChild(document.createTextNode(cellText)); |
730 | } | 719 | } |
731 | 720 | ||
diff --git a/frontend/gamma/js/Clipperz/Crypto/RSA.js b/frontend/gamma/js/Clipperz/Crypto/RSA.js index 6844dba..5a480f1 100644 --- a/frontend/gamma/js/Clipperz/Crypto/RSA.js +++ b/frontend/gamma/js/Clipperz/Crypto/RSA.js | |||
@@ -1,118 +1,116 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.RSA depends on Clipperz.Crypto.BigInt!"; | 25 | throw "Clipperz.Crypto.RSA depends on Clipperz.Crypto.BigInt!"; |
28 | } | 26 | } |
29 | 27 | ||
30 | if (typeof(Clipperz.Crypto.RSA) == 'undefined') { Clipperz.Crypto.RSA = {}; } | 28 | if (typeof(Clipperz.Crypto.RSA) == 'undefined') { Clipperz.Crypto.RSA = {}; } |
31 | 29 | ||
32 | Clipperz.Crypto.RSA.VERSION = "0.1"; | 30 | Clipperz.Crypto.RSA.VERSION = "0.1"; |
33 | Clipperz.Crypto.RSA.NAME = "Clipperz.RSA"; | 31 | Clipperz.Crypto.RSA.NAME = "Clipperz.RSA"; |
34 | 32 | ||
35 | //############################################################################# | 33 | //############################################################################# |
36 | 34 | ||
37 | MochiKit.Base.update(Clipperz.Crypto.RSA, { | 35 | MochiKit.Base.update(Clipperz.Crypto.RSA, { |
38 | 36 | ||
39 | //------------------------------------------------------------------------- | 37 | //------------------------------------------------------------------------- |
40 | 38 | ||
41 | 'publicKeyWithValues': function (e, d, n) { | 39 | 'publicKeyWithValues': function (e, d, n) { |
42 | varresult; | 40 | varresult; |
43 | 41 | ||
44 | result = {}; | 42 | result = {}; |
45 | 43 | ||
46 | if (e.isBigInt) { | 44 | if (e.isBigInt) { |
47 | result.e = e; | 45 | result.e = e; |
48 | } else { | 46 | } else { |
49 | result.e = new Clipperz.Crypto.BigInt(e, 16); | 47 | result.e = new Clipperz.Crypto.BigInt(e, 16); |
50 | } | 48 | } |
51 | 49 | ||
52 | if (d.isBigInt) { | 50 | if (d.isBigInt) { |
53 | result.d = d; | 51 | result.d = d; |
54 | } else { | 52 | } else { |
55 | result.d = new Clipperz.Crypto.BigInt(d, 16); | 53 | result.d = new Clipperz.Crypto.BigInt(d, 16); |
56 | } | 54 | } |
57 | 55 | ||
58 | if (n.isBigInt) { | 56 | if (n.isBigInt) { |
59 | result.n = n; | 57 | result.n = n; |
60 | } else { | 58 | } else { |
61 | result.n = new Clipperz.Crypto.BigInt(n, 16); | 59 | result.n = new Clipperz.Crypto.BigInt(n, 16); |
62 | } | 60 | } |
63 | 61 | ||
64 | return result; | 62 | return result; |
65 | }, | 63 | }, |
66 | 64 | ||
67 | 'privateKeyWithValues': function(e, d, n) { | 65 | 'privateKeyWithValues': function(e, d, n) { |
68 | return Clipperz.Crypto.RSA.publicKeyWithValues(e, d, n); | 66 | return Clipperz.Crypto.RSA.publicKeyWithValues(e, d, n); |
69 | }, | 67 | }, |
70 | 68 | ||
71 | //----------------------------------------------------------------------------- | 69 | //----------------------------------------------------------------------------- |
72 | 70 | ||
73 | 'encryptUsingPublicKey': function (aKey, aMessage) { | 71 | 'encryptUsingPublicKey': function (aKey, aMessage) { |
74 | varmessageValue; | 72 | varmessageValue; |
75 | varresult; | 73 | varresult; |
76 | 74 | ||
77 | messageValue = new Clipperz.Crypto.BigInt(aMessage, 16); | 75 | messageValue = new Clipperz.Crypto.BigInt(aMessage, 16); |
78 | result = messageValue.powerModule(aKey.e, aKey.n); | 76 | result = messageValue.powerModule(aKey.e, aKey.n); |
79 | 77 | ||
80 | return result.asString(16); | 78 | return result.asString(16); |
81 | }, | 79 | }, |
82 | 80 | ||
83 | //............................................................................. | 81 | //............................................................................. |
84 | 82 | ||
85 | 'decryptUsingPublicKey': function (aKey, aMessage) { | 83 | 'decryptUsingPublicKey': function (aKey, aMessage) { |
86 | return Clipperz.Crypto.RSA.encryptUsingPublicKey(aKey, aMessage); | 84 | return Clipperz.Crypto.RSA.encryptUsingPublicKey(aKey, aMessage); |
87 | }, | 85 | }, |
88 | 86 | ||
89 | //----------------------------------------------------------------------------- | 87 | //----------------------------------------------------------------------------- |
90 | 88 | ||
91 | 'encryptUsingPrivateKey': function (aKey, aMessage) { | 89 | 'encryptUsingPrivateKey': function (aKey, aMessage) { |
92 | varmessageValue; | 90 | varmessageValue; |
93 | varresult; | 91 | varresult; |
94 | 92 | ||
95 | messageValue = new Clipperz.Crypto.BigInt(aMessage, 16); | 93 | messageValue = new Clipperz.Crypto.BigInt(aMessage, 16); |
96 | result = messageValue.powerModule(aKey.d, aKey.n); | 94 | result = messageValue.powerModule(aKey.d, aKey.n); |
97 | 95 | ||
98 | return result.asString(16); | 96 | return result.asString(16); |
99 | }, | 97 | }, |
100 | 98 | ||
101 | //............................................................................. | 99 | //............................................................................. |
102 | 100 | ||
103 | 'decryptUsingPrivateKey': function (aKey, aMessage) { | 101 | 'decryptUsingPrivateKey': function (aKey, aMessage) { |
104 | return Clipperz.Crypto.RSA.encryptUsingPrivateKey(aKey, aMessage); | 102 | return Clipperz.Crypto.RSA.encryptUsingPrivateKey(aKey, aMessage); |
105 | }, | 103 | }, |
106 | 104 | ||
107 | //----------------------------------------------------------------------------- | 105 | //----------------------------------------------------------------------------- |
108 | 106 | ||
109 | 'generatePublicKey': function(aNumberOfBits) { | 107 | 'generatePublicKey': function(aNumberOfBits) { |
110 | varresult; | 108 | varresult; |
111 | vare; | 109 | vare; |
112 | vard; | 110 | vard; |
113 | varn; | 111 | varn; |
114 | 112 | ||
115 | e = new Clipperz.Crypto.BigInt("10001", 16); | 113 | e = new Clipperz.Crypto.BigInt("10001", 16); |
116 | 114 | ||
117 | { | 115 | { |
118 | var p, q; | 116 | var p, q; |
diff --git a/frontend/gamma/js/Clipperz/Crypto/SHA.js b/frontend/gamma/js/Clipperz/Crypto/SHA.js index b07fa85..f8bfe6e 100644 --- a/frontend/gamma/js/Clipperz/Crypto/SHA.js +++ b/frontend/gamma/js/Clipperz/Crypto/SHA.js | |||
@@ -1,118 +1,116 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!"; | 25 | throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!"; |
28 | } | 26 | } |
29 | 27 | ||
30 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } | 28 | if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } |
31 | if (typeof(Clipperz.Crypto.SHA) == 'undefined') { Clipperz.Crypto.SHA = {}; } | 29 | if (typeof(Clipperz.Crypto.SHA) == 'undefined') { Clipperz.Crypto.SHA = {}; } |
32 | 30 | ||
33 | Clipperz.Crypto.SHA.VERSION = "0.3"; | 31 | Clipperz.Crypto.SHA.VERSION = "0.3"; |
34 | Clipperz.Crypto.SHA.NAME = "Clipperz.Crypto.SHA"; | 32 | Clipperz.Crypto.SHA.NAME = "Clipperz.Crypto.SHA"; |
35 | 33 | ||
36 | MochiKit.Base.update(Clipperz.Crypto.SHA, { | 34 | MochiKit.Base.update(Clipperz.Crypto.SHA, { |
37 | 35 | ||
38 | '__repr__': function () { | 36 | '__repr__': function () { |
39 | return "[" + this.NAME + " " + this.VERSION + "]"; | 37 | return "[" + this.NAME + " " + this.VERSION + "]"; |
40 | }, | 38 | }, |
41 | 39 | ||
42 | 'toString': function () { | 40 | 'toString': function () { |
43 | return this.__repr__(); | 41 | return this.__repr__(); |
44 | }, | 42 | }, |
45 | 43 | ||
46 | //----------------------------------------------------------------------------- | 44 | //----------------------------------------------------------------------------- |
47 | 45 | ||
48 | 'rotateRight': function(aValue, aNumberOfBits) { | 46 | 'rotateRight': function(aValue, aNumberOfBits) { |
49 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.rotateRight"); | 47 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.rotateRight"); |
50 | var result; | 48 | var result; |
51 | 49 | ||
52 | result = (aValue >>> aNumberOfBits) | (aValue << (32 - aNumberOfBits)); | 50 | result = (aValue >>> aNumberOfBits) | (aValue << (32 - aNumberOfBits)); |
53 | 51 | ||
54 | //Clipperz.Profile.stop("Clipperz.Crypto.SHA.rotateRight"); | 52 | //Clipperz.Profile.stop("Clipperz.Crypto.SHA.rotateRight"); |
55 | return result; | 53 | return result; |
56 | }, | 54 | }, |
57 | 55 | ||
58 | 'shiftRight': function(aValue, aNumberOfBits) { | 56 | 'shiftRight': function(aValue, aNumberOfBits) { |
59 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.shiftRight"); | 57 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.shiftRight"); |
60 | var result; | 58 | var result; |
61 | 59 | ||
62 | result = aValue >>> aNumberOfBits; | 60 | result = aValue >>> aNumberOfBits; |
63 | 61 | ||
64 | //Clipperz.Profile.stop("Clipperz.Crypto.SHA.shiftRight"); | 62 | //Clipperz.Profile.stop("Clipperz.Crypto.SHA.shiftRight"); |
65 | return result; | 63 | return result; |
66 | }, | 64 | }, |
67 | 65 | ||
68 | //----------------------------------------------------------------------------- | 66 | //----------------------------------------------------------------------------- |
69 | 67 | ||
70 | 'safeAdd': function() { | 68 | 'safeAdd': function() { |
71 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.safeAdd"); | 69 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.safeAdd"); |
72 | varresult; | 70 | varresult; |
73 | vari, c; | 71 | vari, c; |
74 | 72 | ||
75 | result = arguments[0]; | 73 | result = arguments[0]; |
76 | c = arguments.length; | 74 | c = arguments.length; |
77 | for (i=1; i<c; i++) { | 75 | for (i=1; i<c; i++) { |
78 | varlowerBytesSum; | 76 | varlowerBytesSum; |
79 | 77 | ||
80 | lowerBytesSum = (result & 0xffff) + (arguments[i] & 0xffff); | 78 | lowerBytesSum = (result & 0xffff) + (arguments[i] & 0xffff); |
81 | result = (((result >> 16) + (arguments[i] >> 16) + (lowerBytesSum >> 16)) << 16) | (lowerBytesSum & 0xffff); | 79 | result = (((result >> 16) + (arguments[i] >> 16) + (lowerBytesSum >> 16)) << 16) | (lowerBytesSum & 0xffff); |
82 | } | 80 | } |
83 | 81 | ||
84 | //Clipperz.Profile.stop("Clipperz.Crypto.SHA.safeAdd"); | 82 | //Clipperz.Profile.stop("Clipperz.Crypto.SHA.safeAdd"); |
85 | return result; | 83 | return result; |
86 | }, | 84 | }, |
87 | 85 | ||
88 | //----------------------------------------------------------------------------- | 86 | //----------------------------------------------------------------------------- |
89 | 87 | ||
90 | 'sha256_array': function(aValue) { | 88 | 'sha256_array': function(aValue) { |
91 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.sha256_array"); | 89 | //Clipperz.Profile.start("Clipperz.Crypto.SHA.sha256_array"); |
92 | varresult; | 90 | varresult; |
93 | varmessage; | 91 | varmessage; |
94 | var h0, h1, h2, h3, h4, h5, h6, h7; | 92 | var h0, h1, h2, h3, h4, h5, h6, h7; |
95 | vark; | 93 | vark; |
96 | varmessageLength; | 94 | varmessageLength; |
97 | varmessageLengthInBits; | 95 | varmessageLengthInBits; |
98 | var_i, _c; | 96 | var_i, _c; |
99 | var charBits; | 97 | var charBits; |
100 | var rotateRight; | 98 | var rotateRight; |
101 | var shiftRight; | 99 | var shiftRight; |
102 | var safeAdd; | 100 | var safeAdd; |
103 | varbytesPerBlock; | 101 | varbytesPerBlock; |
104 | var currentMessageIndex; | 102 | var currentMessageIndex; |
105 | 103 | ||
106 | bytesPerBlock = 512/8; | 104 | bytesPerBlock = 512/8; |
107 | rotateRight = Clipperz.Crypto.SHA.rotateRight; | 105 | rotateRight = Clipperz.Crypto.SHA.rotateRight; |
108 | shiftRight = Clipperz.Crypto.SHA.shiftRight; | 106 | shiftRight = Clipperz.Crypto.SHA.shiftRight; |
109 | safeAdd = Clipperz.Crypto.SHA.safeAdd; | 107 | safeAdd = Clipperz.Crypto.SHA.safeAdd; |
110 | 108 | ||
111 | charBits = 8; | 109 | charBits = 8; |
112 | 110 | ||
113 | h0 = 0x6a09e667; | 111 | h0 = 0x6a09e667; |
114 | h1 = 0xbb67ae85; | 112 | h1 = 0xbb67ae85; |
115 | h2 = 0x3c6ef372; | 113 | h2 = 0x3c6ef372; |
116 | h3 = 0xa54ff53a; | 114 | h3 = 0xa54ff53a; |
117 | h4 = 0x510e527f; | 115 | h4 = 0x510e527f; |
118 | h5 = 0x9b05688c; | 116 | h5 = 0x9b05688c; |
diff --git a/frontend/gamma/js/Clipperz/Crypto/SRP.js b/frontend/gamma/js/Clipperz/Crypto/SRP.js index 3b25275..597e72d 100644 --- a/frontend/gamma/js/Clipperz/Crypto/SRP.js +++ b/frontend/gamma/js/Clipperz/Crypto/SRP.js | |||
@@ -1,328 +1,316 @@ | |||
1 | /* | 1 | /* |
2 | 2 | ||
3 | Copyright 2008-2011 Clipperz Srl | 3 | Copyright 2008-2013 Clipperz Srl |
4 | 4 | ||
5 | This file is part of Clipperz Community Edition. | 5 | This file is part of Clipperz, the online password manager. |
6 | Clipperz Community Edition is an online password manager. | ||
7 | For further information about its features and functionalities please | 6 | For further information about its features and functionalities please |
8 | refer to http://www.clipperz.com. | 7 | refer to http://www.clipperz.com. |
9 | 8 | ||
10 | * Clipperz Community Edition is free software: you can redistribute | 9 | * Clipperz is free software: you can redistribute it and/or modify it |
11 | it and/or modify it under the terms of the GNU Affero General Public | 10 | under the terms of the GNU Affero General Public License as published |
12 | License as published by the Free Software Foundation, either version | 11 | by the Free Software Foundation, either version 3 of the License, or |
13 | 3 of the License, or (at your option) any later version. | 12 | (at your option) any later version. |
14 | 13 | ||
15 | * Clipperz Community Edition is distributed in the hope that it will | 14 | * Clipperz is distributed in the hope that it will be useful, but |
16 | be useful, but WITHOUT ANY WARRANTY; without even the implied | 15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
17 | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
18 | See the GNU Affero General Public License for more details. | 17 | See the GNU Affero General Public License for more details. |
19 | 18 | ||
20 | * You should have received a copy of the GNU Affero General Public | 19 | * You should have received a copy of the GNU Affero General Public |
21 | License along with Clipperz Community Edition. If not, see | 20 | License along with Clipperz. If not, see http://www.gnu.org/licenses/. |
22 | <http://www.gnu.org/licenses/>. | ||
23 | 21 | ||
24 | */ | 22 | */ |
25 | 23 | ||
26 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | 24 | try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { |
27 | throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!"; | 25 | throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!"; |
28 | } | 26 | } |
29 | 27 | ||
30 | try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) { | 28 | try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) { |
31 | throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.BigInt!"; | 29 | throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.BigInt!"; |
32 | } | 30 | } |
33 | 31 | ||
34 | try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) { | 32 | try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) { |
35 | throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.PRNG!"; | 33 | throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.PRNG!"; |
36 | } | 34 | } |
37 | 35 | ||
38 | if (typeof(Clipperz.Crypto.SRP) == 'undefined') { Clipperz.Crypto.SRP = {}; } | 36 | if (typeof(Clipperz.Crypto.SRP) == 'undefined') { Clipperz.Crypto.SRP = {}; } |
39 | 37 | ||
40 | Clipperz.Crypto.SRP.VERSION = "0.1"; | 38 | Clipperz.Crypto.SRP.VERSION = "0.1"; |
41 | Clipperz.Crypto.SRP.NAME = "Clipperz.Crypto.SRP"; | 39 | Clipperz.Crypto.SRP.NAME = "Clipperz.Crypto.SRP"; |
42 | 40 | ||
43 | //############################################################################# | 41 | //############################################################################# |
44 | 42 | ||
45 | MochiKit.Base.update(Clipperz.Crypto.SRP, { | 43 | MochiKit.Base.update(Clipperz.Crypto.SRP, { |
46 | 44 | ||
47 | '_n': null, | 45 | '_n': null, |
48 | '_g': null, | 46 | '_g': null, |
49 | //------------------------------------------------------------------------- | 47 | //------------------------------------------------------------------------- |
50 | 48 | ||
51 | 'n': function() { | 49 | 'n': function() { |
52 | if (Clipperz.Crypto.SRP._n == null) { | 50 | if (Clipperz.Crypto.SRP._n == null) { |
53 | Clipperz.Crypto.SRP._n = new Clipperz.Crypto.BigInt("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); | 51 | Clipperz.Crypto.SRP._n = new Clipperz.Crypto.BigInt("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); |
54 | } | 52 | } |
55 | 53 | ||
56 | return Clipperz.Crypto.SRP._n; | 54 | return Clipperz.Crypto.SRP._n; |
57 | }, | 55 | }, |
58 | 56 | ||
59 | //------------------------------------------------------------------------- | 57 | //------------------------------------------------------------------------- |
60 | 58 | ||
61 | 'g': function() { | 59 | 'g': function() { |
62 | if (Clipperz.Crypto.SRP._g == null) { | 60 | if (Clipperz.Crypto.SRP._g == null) { |
63 | Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2); //eventually 5 (as suggested on the Diffi-Helmann documentation) | 61 | Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2); //eventually 5 (as suggested on the Diffi-Helmann documentation) |
64 | } | 62 | } |
65 | 63 | ||
66 | return Clipperz.Crypto.SRP._g; | 64 | return Clipperz.Crypto.SRP._g; |
67 | }, | 65 | }, |
68 | 66 | ||
69 | //----------------------------------------------------------------------------- | 67 | //----------------------------------------------------------------------------- |
70 | 68 | ||
71 | 'exception': { | 69 | 'exception': { |
72 | 'InvalidValue': new MochiKit.Base.NamedError("Clipperz.Crypto.SRP.exception.InvalidValue") | 70 | 'InvalidValue': new MochiKit.Base.NamedError("Clipperz.Crypto.SRP.exception.InvalidValue") |
73 | }, | 71 | }, |
74 | 72 | ||
75 | //------------------------------------------------------------------------- | 73 | //------------------------------------------------------------------------- |
76 | __syntaxFix__: "syntax fix" | 74 | __syntaxFix__: "syntax fix" |
77 | 75 | ||
78 | }); | 76 | }); |
79 | 77 | ||
80 | //############################################################################# | 78 | //############################################################################# |
81 | // | 79 | // |
82 | // S R P C o n n e c t i o n version 1.0 | 80 | // S R P C o n n e c t i o n version 1.0 |
83 | // | 81 | // |
84 | //============================================================================= | 82 | //============================================================================= |
85 | Clipperz.Crypto.SRP.Connection = function (args) { | 83 | Clipperz.Crypto.SRP.Connection = function (args) { |
86 | args = args || {}; | 84 | args = args || {}; |
87 | 85 | ||
88 | this._C = args.C; | 86 | this._C = args.C; |
89 | this._P = args.P; | 87 | this._P = args.P; |
90 | this.hash = args.hash; | 88 | this.hash = args.hash; |
91 | 89 | ||
92 | this._a = null; | 90 | this._a = null; |
93 | this._A = null; | 91 | this._A = null; |
94 | 92 | ||
95 | this._s = null; | 93 | this._s = null; |
96 | this._B = null; | 94 | this._B = null; |
97 | 95 | ||
98 | this._x = null; | 96 | this._x = null; |
99 | 97 | ||
100 | this._u = null; | 98 | this._u = null; |
101 | this._K = null; | 99 | this._K = null; |
102 | this._M1 = null; | 100 | this._M1 = null; |
103 | this._M2 = null; | 101 | this._M2 = null; |
104 | 102 | ||
105 | this._sessionKey = null; | 103 | this._sessionKey = null; |
106 | 104 | ||
107 | return this; | 105 | return this; |
108 | } | 106 | } |
109 | 107 | ||
110 | Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { | 108 | Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { |
111 | 109 | ||
112 | 'toString': function () { | 110 | 'toString': function () { |
113 | return "Clipperz.Crypto.SRP.Connection (username: " + this.username() + "). Status: " + this.statusDescription(); | 111 | return "Clipperz.Crypto.SRP.Connection (username: " + this.username() + "). Status: " + this.statusDescription(); |
114 | }, | 112 | }, |
115 | 113 | ||
116 | //------------------------------------------------------------------------- | 114 | //------------------------------------------------------------------------- |
117 | 115 | ||
118 | 'C': function () { | 116 | 'C': function () { |
119 | return this._C; | 117 | return this._C; |
120 | }, | 118 | }, |
121 | 119 | ||
122 | //------------------------------------------------------------------------- | 120 | //------------------------------------------------------------------------- |
123 | 121 | ||
124 | 'P': function () { | 122 | 'P': function () { |
125 | return this._P; | 123 | return this._P; |
126 | }, | 124 | }, |
127 | 125 | ||
128 | //------------------------------------------------------------------------- | 126 | //------------------------------------------------------------------------- |
129 | 127 | ||
130 | 'a': function () { | 128 | 'a': function () { |
131 | if (this._a == null) { | 129 | if (this._a == null) { |
132 | this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16); | 130 | this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16); |
133 | // this._a = new Clipperz.Crypto.BigInt("37532428169486597638072888476611365392249575518156687476805936694442691012367", 10); | 131 | // this._a = new Clipperz.Crypto.BigInt("37532428169486597638072888476611365392249575518156687476805936694442691012367", 10); |
134 | //MochiKit.Logging.logDebug("SRP a: " + this._a); | ||
135 | } | 132 | } |
136 | 133 | ||
137 | return this._a; | 134 | return this._a; |
138 | }, | 135 | }, |
139 | 136 | ||
140 | //------------------------------------------------------------------------- | 137 | //------------------------------------------------------------------------- |
141 | 138 | ||
142 | 'A': function () { | 139 | 'A': function () { |
143 | if (this._A == null) { | 140 | if (this._A == null) { |
144 | //Warning: this value should be strictly greater than zero: how should we perform this check? | 141 | //Warning: this value should be strictly greater than zero: how should we perform this check? |
145 | this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n()); | 142 | this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n()); |
146 | 143 | ||
147 | if (this._A.equals(0)) { | 144 | if (this._A.equals(0)) { |
148 | MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0."); | 145 | Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0."); |
149 | throw Clipperz.Crypto.SRP.exception.InvalidValue; | 146 | throw Clipperz.Crypto.SRP.exception.InvalidValue; |
150 | } | 147 | } |
151 | //MochiKit.Logging.logDebug("SRP A: " + this._A); | ||
152 | } | 148 | } |
153 | 149 | ||
154 | return this._A; | 150 | return this._A; |
155 | }, | 151 | }, |
156 | 152 | ||
157 | //------------------------------------------------------------------------- | 153 | //------------------------------------------------------------------------- |
158 | 154 | ||
159 | 's': function () { | 155 | 's': function () { |
160 | return this._s; | 156 | return this._s; |
161 | //MochiKit.Logging.logDebug("SRP s: " + this._S); | ||
162 | }, | 157 | }, |
163 | 158 | ||
164 | 'set_s': function(aValue) { | 159 | 'set_s': function(aValue) { |
165 | this._s = aValue; | 160 | this._s = aValue; |
166 | }, | 161 | }, |
167 | 162 | ||
168 | //------------------------------------------------------------------------- | 163 | //------------------------------------------------------------------------- |
169 | 164 | ||
170 | 'B': function () { | 165 | 'B': function () { |
171 | return this._B; | 166 | return this._B; |
172 | }, | 167 | }, |
173 | 168 | ||
174 | 'set_B': function(aValue) { | 169 | 'set_B': function(aValue) { |
175 | //Warning: this value should be strictly greater than zero: how should we perform this check? | 170 | //Warning: this value should be strictly greater than zero: how should we perform this check? |
176 | if (! aValue.equals(0)) { | 171 | if (! aValue.equals(0)) { |
177 | this._B = aValue; | 172 | this._B = aValue; |
178 | //MochiKit.Logging.logDebug("SRP B: " + this._B); | ||
179 | } else { | 173 | } else { |
180 | MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0."); | 174 | Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0."); |
181 | throw Clipperz.Crypto.SRP.exception.InvalidValue; | 175 | throw Clipperz.Crypto.SRP.exception.InvalidValue; |
182 | } | 176 | } |
183 | }, | 177 | }, |
184 | 178 | ||
185 | //------------------------------------------------------------------------- | 179 | //------------------------------------------------------------------------- |
186 | 180 | ||
187 | 'x': function () { | 181 | 'x': function () { |
188 | if (this._x == null) { | 182 | if (this._x == null) { |
189 | this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s().asString(16, 64) + this.P()), 16); | 183 | this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s().asString(16, 64) + this.P()), 16); |
190 | //MochiKit.Logging.logDebug("SRP x: " + this._x); | ||
191 | } | 184 | } |
192 | 185 | ||
193 | return this._x; | 186 | return this._x; |
194 | }, | 187 | }, |
195 | 188 | ||
196 | //------------------------------------------------------------------------- | 189 | //------------------------------------------------------------------------- |
197 | 190 | ||
198 | 'u': function () { | 191 | 'u': function () { |
199 | if (this._u == null) { | 192 | if (this._u == null) { |
200 | this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16); | 193 | this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16); |
201 | //MochiKit.Logging.logDebug("SRP u: " + this._u); | ||
202 | } | 194 | } |
203 | 195 | ||
204 | return this._u; | 196 | return this._u; |
205 | }, | 197 | }, |
206 | 198 | ||
207 | //------------------------------------------------------------------------- | 199 | //------------------------------------------------------------------------- |
208 | 200 | ||
209 | 'S': function () { | 201 | 'S': function () { |
210 | if (this._S == null) { | 202 | if (this._S == null) { |
211 | var bigint; | 203 | var bigint; |
212 | varsrp; | 204 | varsrp; |
213 | 205 | ||
214 | bigint = Clipperz.Crypto.BigInt; | 206 | bigint = Clipperz.Crypto.BigInt; |
215 | srp = Clipperz.Crypto.SRP; | 207 | srp = Clipperz.Crypto.SRP; |
216 | 208 | ||
217 | this._S =bigint.powerModule( | 209 | this._S =bigint.powerModule( |
218 | bigint.subtract(this.B(), bigint.powerModule(srp.g(), this.x(), srp.n())), | 210 | bigint.subtract(this.B(), bigint.powerModule(srp.g(), this.x(), srp.n())), |
219 | bigint.add(this.a(), bigint.multiply(this.u(), this.x())), | 211 | bigint.add(this.a(), bigint.multiply(this.u(), this.x())), |
220 | srp.n() | 212 | srp.n() |
221 | ) | 213 | ) |
222 | //MochiKit.Logging.logDebug("SRP S: " + this._S); | ||
223 | } | 214 | } |
224 | 215 | ||
225 | return this._S; | 216 | return this._S; |
226 | }, | 217 | }, |
227 | 218 | ||
228 | //------------------------------------------------------------------------- | 219 | //------------------------------------------------------------------------- |
229 | 220 | ||
230 | 'K': function () { | 221 | 'K': function () { |
231 | if (this._K == null) { | 222 | if (this._K == null) { |
232 | this._K = this.stringHash(this.S().asString()); | 223 | this._K = this.stringHash(this.S().asString()); |
233 | //MochiKit.Logging.logDebug("SRP K: " + this._K); | ||
234 | } | 224 | } |
235 | 225 | ||
236 | return this._K; | 226 | return this._K; |
237 | }, | 227 | }, |
238 | 228 | ||
239 | //------------------------------------------------------------------------- | 229 | //------------------------------------------------------------------------- |
240 | 230 | ||
241 | 'M1': function () { | 231 | 'M1': function () { |
242 | if (this._M1 == null) { | 232 | if (this._M1 == null) { |
243 | this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K()); | 233 | this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K()); |
244 | //MochiKit.Logging.logDebug("SRP M1: " + this._M1); | ||
245 | } | 234 | } |
246 | 235 | ||
247 | return this._M1; | 236 | return this._M1; |
248 | }, | 237 | }, |
249 | 238 | ||
250 | //------------------------------------------------------------------------- | 239 | //------------------------------------------------------------------------- |
251 | 240 | ||
252 | 'M2': function () { | 241 | 'M2': function () { |
253 | if (this._M2 == null) { | 242 | if (this._M2 == null) { |
254 | this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K()); | 243 | this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K()); |
255 | //MochiKit.Logging.logDebug("SRP M2: " + this._M2); | ||
256 | } | 244 | } |
257 | 245 | ||
258 | return this._M2; | 246 | return this._M2; |
259 | }, | 247 | }, |
260 | 248 | ||
261 | //========================================================================= | 249 | //========================================================================= |
262 | 250 | ||
263 | 'serverSideCredentialsWithSalt': function(aSalt) { | 251 | 'serverSideCredentialsWithSalt': function(aSalt) { |
264 | var result; | 252 | var result; |
265 | var s, x, v; | 253 | var s, x, v; |
266 | 254 | ||
267 | s = aSalt; | 255 | s = aSalt; |
268 | x = this.stringHash(s + this.P()); | 256 | x = this.stringHash(s + this.P()); |
269 | v = Clipperz.Crypto.SRP.g().powerModule(new Clipperz.Crypto.BigInt(x, 16), Clipperz.Crypto.SRP.n()); | 257 | v = Clipperz.Crypto.SRP.g().powerModule(new Clipperz.Crypto.BigInt(x, 16), Clipperz.Crypto.SRP.n()); |
270 | 258 | ||
271 | result = {}; | 259 | result = {}; |
272 | result['C'] = this.C(); | 260 | result['C'] = this.C(); |
273 | result['s'] = s; | 261 | result['s'] = s; |
274 | result['v'] = v.asString(16); | 262 | result['v'] = v.asString(16); |
275 | 263 | ||
276 | return result; | 264 | return result; |
277 | }, | 265 | }, |
278 | 266 | ||
279 | 'serverSideCredentials': function() { | 267 | 'serverSideCredentials': function() { |
280 | var result; | 268 | var result; |
281 | var s; | 269 | var s; |
282 | 270 | ||
283 | s = Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2); | 271 | s = Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2); |
284 | 272 | ||
285 | result = this.serverSideCredentialsWithSalt(s); | 273 | result = this.serverSideCredentialsWithSalt(s); |
286 | 274 | ||
287 | return result; | 275 | return result; |
288 | }, | 276 | }, |
289 | 277 | ||
290 | //========================================================================= | 278 | //========================================================================= |
291 | /* | 279 | /* |
292 | 'computeServerSide_S': function(b) { | 280 | 'computeServerSide_S': function(b) { |
293 | var result; | 281 | var result; |
294 | var v; | 282 | var v; |
295 | var bigint; | 283 | var bigint; |
296 | varsrp; | 284 | varsrp; |
297 | 285 | ||
298 | bigint = Clipperz.Crypto.BigInt; | 286 | bigint = Clipperz.Crypto.BigInt; |
299 | srp = Clipperz.Crypto.SRP; | 287 | srp = Clipperz.Crypto.SRP; |
300 | 288 | ||
301 | v = new Clipperz.Crypto.BigInt(srpConnection.serverSideCredentialsWithSalt(this.s().asString(16, 64)).v, 16); | 289 | v = new Clipperz.Crypto.BigInt(srpConnection.serverSideCredentialsWithSalt(this.s().asString(16, 64)).v, 16); |
302 | // _S = (this.A().multiply(this.v().modPow(this.u(), this.n()))).modPow(this.b(), this.n()); | 290 | // _S = (this.A().multiply(this.v().modPow(this.u(), this.n()))).modPow(this.b(), this.n()); |
303 | result = bigint.powerModule( | 291 | result = bigint.powerModule( |
304 | bigint.multiply( | 292 | bigint.multiply( |
305 | this.A(), | 293 | this.A(), |
306 | bigint.powerModule(v, this.u(), srp.n()) | 294 | bigint.powerModule(v, this.u(), srp.n()) |
307 | ), new Clipperz.Crypto.BigInt(b, 10), srp.n() | 295 | ), new Clipperz.Crypto.BigInt(b, 10), srp.n() |
308 | ); | 296 | ); |
309 | 297 | ||
310 | return result; | 298 | return result; |
311 | }, | 299 | }, |
312 | */ | 300 | */ |
313 | //========================================================================= | 301 | //========================================================================= |
314 | 302 | ||
315 | 'stringHash': function(aValue) { | 303 | 'stringHash': function(aValue) { |
316 | varresult; | 304 | varresult; |
317 | 305 | ||
318 | result = this.hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2); | 306 | result = this.hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2); |
319 | 307 | ||
320 | return result; | 308 | return result; |
321 | }, | 309 | }, |
322 | 310 | ||
323 | //========================================================================= | 311 | //========================================================================= |
324 | __syntaxFix__: "syntax fix" | 312 | __syntaxFix__: "syntax fix" |
325 | 313 | ||
326 | }); | 314 | }); |
327 | 315 | ||
328 | //############################################################################# | 316 | //############################################################################# |