summaryrefslogtreecommitdiff
path: root/frontend
authorGiulio Cesare Solaroli <giulio.cesare@clipperz.com>2014-05-30 14:10:13 (UTC)
committer Giulio Cesare Solaroli <giulio.cesare@clipperz.com>2014-05-30 14:15:51 (UTC)
commit7fdb41fa2b1f621636882ad9059c1f3ecfb74083 (patch) (side-by-side diff)
tree33c05ee7329d9b8e5eff79942f254d6c680ad661 /frontend
parented6b4edc82b0f65c77980713cd525053fcbc1dd2 (diff)
downloadclipperz-7fdb41fa2b1f621636882ad9059c1f3ecfb74083.zip
clipperz-7fdb41fa2b1f621636882ad9059c1f3ecfb74083.tar.gz
clipperz-7fdb41fa2b1f621636882ad9059c1f3ecfb74083.tar.bz2
Fixed vulnerability CLP-01-016
Diffstat (limited to 'frontend') (more/less context) (show whitespace changes)
-rw-r--r--frontend/beta/js/Clipperz/Crypto/SRP.js57
-rw-r--r--frontend/delta/js/Clipperz/Crypto/SRP.js47
-rw-r--r--frontend/gamma/js/Clipperz/Crypto/SRP.js47
3 files changed, 114 insertions, 37 deletions
diff --git a/frontend/beta/js/Clipperz/Crypto/SRP.js b/frontend/beta/js/Clipperz/Crypto/SRP.js
index 8cc80ba..8c522ad 100644
--- a/frontend/beta/js/Clipperz/Crypto/SRP.js
+++ b/frontend/beta/js/Clipperz/Crypto/SRP.js
@@ -45,4 +45,6 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, {
'_n': null,
'_g': null,
+ '_k': null,
+
//-------------------------------------------------------------------------
@@ -65,4 +67,13 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, {
},
+ 'k': function() {
+ if (Clipperz.Crypto.SRP._k == null) {
+// Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt(this.stringHash(this.n().asString() + this.g().asString()), 16);
+ Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt("64398bff522814e306a97cb9bfc4364b7eed16a8c17c5208a40a2bad2933c8e", 16);
+ }
+
+ return Clipperz.Crypto.SRP._k;
+ },
+
//-----------------------------------------------------------------------------
@@ -130,5 +141,4 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16);
// this._a = new Clipperz.Crypto.BigInt("37532428169486597638072888476611365392249575518156687476805936694442691012367", 10);
-//MochiKit.Logging.logDebug("SRP a: " + this._a);
}
@@ -140,12 +150,10 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'A': function () {
if (this._A == null) {
- // Warning: this value should be strictly greater than zero: how should we perform this check?
+ // Warning: this value should be strictly greater than zero
this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n());
-
- if (this._A.equals(0)) {
+ if (this._A.equals(0) || negative(this._A)) {
MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0.");
throw Clipperz.Crypto.SRP.exception.InvalidValue;
}
-//MochiKit.Logging.logDebug("SRP A: " + this._A);
}
@@ -157,5 +165,4 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to
's': function () {
return this._s;
-//MochiKit.Logging.logDebug("SRP s: " + this._S);
},
@@ -171,9 +178,7 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to
'set_B': function(aValue) {
- // Warning: this value should be strictly greater than zero: how should we perform this check?
- if (! aValue.equals(0)) {
+ // Warning: this value should be strictly greater than zero
this._B = aValue;
-//MochiKit.Logging.logDebug("SRP B: " + this._B);
- } else {
+ if (this._B.equals(0) || negative(this._B)) {
MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0.");
throw Clipperz.Crypto.SRP.exception.InvalidValue;
@@ -186,5 +191,4 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to
if (this._x == null) {
this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s().asString(16, 64) + this.P()), 16);
-//MochiKit.Logging.logDebug("SRP x: " + this._x);
}
@@ -196,6 +200,5 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to
'u': function () {
if (this._u == null) {
- this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16);
-//MochiKit.Logging.logDebug("SRP u: " + this._u);
+ this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.A().asString() + this.B().asString()), 16);
}
@@ -214,9 +217,14 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to
this._S = bigint.powerModule(
- bigint.subtract(this.B(), bigint.powerModule(srp.g(), this.x(), srp.n())),
+ bigint.subtract(
+ this.B(),
+ bigint.multiply(
+ Clipperz.Crypto.SRP.k(),
+ bigint.powerModule(srp.g(), this.x(), srp.n())
+ )
+ ),
bigint.add(this.a(), bigint.multiply(this.u(), this.x())),
srp.n()
)
-//MochiKit.Logging.logDebug("SRP S: " + this._S);
}
@@ -229,5 +237,4 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to
if (this._K == null) {
this._K = this.stringHash(this.S().asString());
-//MochiKit.Logging.logDebug("SRP K: " + this._K);
}
@@ -239,6 +246,18 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to
'M1': function () {
if (this._M1 == null) {
- this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K());
-//MochiKit.Logging.logDebug("SRP M1: " + this._M1);
+// this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K());
+
+ // http://srp.stanford.edu/design.html
+ // User -> Host: M = H(H(N) xor H(g), H(I), s, A, B, K)
+
+ this._M1 = this.stringHash(
+ "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
+ this.stringHash(this.C()) +
+ this.s().asString() +
+ this.A().asString() +
+ this.B().asString() +
+ this.K()
+ );
+//console.log("M1", this._M1);
}
@@ -251,5 +270,5 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to
if (this._M2 == null) {
this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K());
-//MochiKit.Logging.logDebug("SRP M2: " + this._M2);
+//console.log("M2", this._M2);
}
diff --git a/frontend/delta/js/Clipperz/Crypto/SRP.js b/frontend/delta/js/Clipperz/Crypto/SRP.js
index 597e72d..6898dfb 100644
--- a/frontend/delta/js/Clipperz/Crypto/SRP.js
+++ b/frontend/delta/js/Clipperz/Crypto/SRP.js
@@ -45,4 +45,6 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, {
'_n': null,
'_g': null,
+ '_k': null,
+
//-------------------------------------------------------------------------
@@ -65,4 +67,13 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, {
},
+ 'k': function() {
+ if (Clipperz.Crypto.SRP._k == null) {
+// Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt(this.stringHash(this.n().asString() + this.g().asString()), 16);
+ Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt("64398bff522814e306a97cb9bfc4364b7eed16a8c17c5208a40a2bad2933c8e", 16);
+ }
+
+ return Clipperz.Crypto.SRP._k;
+ },
+
//-----------------------------------------------------------------------------
@@ -139,8 +150,7 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'A': function () {
if (this._A == null) {
- // Warning: this value should be strictly greater than zero: how should we perform this check?
+ // Warning: this value should be strictly greater than zero
this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n());
-
- if (this._A.equals(0)) {
+ if (this._A.equals(0) || negative(this._A)) {
Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0.");
throw Clipperz.Crypto.SRP.exception.InvalidValue;
@@ -168,8 +178,7 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'set_B': function(aValue) {
- // Warning: this value should be strictly greater than zero: how should we perform this check?
- if (! aValue.equals(0)) {
+ // Warning: this value should be strictly greater than zero
this._B = aValue;
- } else {
+ if (this._B.equals(0) || negative(this._B)) {
Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0.");
throw Clipperz.Crypto.SRP.exception.InvalidValue;
@@ -191,5 +200,5 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'u': function () {
if (this._u == null) {
- this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16);
+ this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.A().asString() + this.B().asString()), 16);
}
@@ -208,5 +217,11 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
this._S = bigint.powerModule(
- bigint.subtract(this.B(), bigint.powerModule(srp.g(), this.x(), srp.n())),
+ bigint.subtract(
+ this.B(),
+ bigint.multiply(
+ Clipperz.Crypto.SRP.k(),
+ bigint.powerModule(srp.g(), this.x(), srp.n())
+ )
+ ),
bigint.add(this.a(), bigint.multiply(this.u(), this.x())),
srp.n()
@@ -231,5 +246,18 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'M1': function () {
if (this._M1 == null) {
- this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K());
+// this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K());
+
+ // http://srp.stanford.edu/design.html
+ // User -> Host: M = H(H(N) xor H(g), H(I), s, A, B, K)
+
+ this._M1 = this.stringHash(
+ "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
+ this.stringHash(this.C()) +
+ this.s().asString() +
+ this.A().asString() +
+ this.B().asString() +
+ this.K()
+ );
+//console.log("M1", this._M1);
}
@@ -242,4 +270,5 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
if (this._M2 == null) {
this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K());
+//console.log("M2", this._M2);
}
diff --git a/frontend/gamma/js/Clipperz/Crypto/SRP.js b/frontend/gamma/js/Clipperz/Crypto/SRP.js
index 597e72d..6898dfb 100644
--- a/frontend/gamma/js/Clipperz/Crypto/SRP.js
+++ b/frontend/gamma/js/Clipperz/Crypto/SRP.js
@@ -45,4 +45,6 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, {
'_n': null,
'_g': null,
+ '_k': null,
+
//-------------------------------------------------------------------------
@@ -65,4 +67,13 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, {
},
+ 'k': function() {
+ if (Clipperz.Crypto.SRP._k == null) {
+// Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt(this.stringHash(this.n().asString() + this.g().asString()), 16);
+ Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt("64398bff522814e306a97cb9bfc4364b7eed16a8c17c5208a40a2bad2933c8e", 16);
+ }
+
+ return Clipperz.Crypto.SRP._k;
+ },
+
//-----------------------------------------------------------------------------
@@ -139,8 +150,7 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'A': function () {
if (this._A == null) {
- // Warning: this value should be strictly greater than zero: how should we perform this check?
+ // Warning: this value should be strictly greater than zero
this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n());
-
- if (this._A.equals(0)) {
+ if (this._A.equals(0) || negative(this._A)) {
Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0.");
throw Clipperz.Crypto.SRP.exception.InvalidValue;
@@ -168,8 +178,7 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'set_B': function(aValue) {
- // Warning: this value should be strictly greater than zero: how should we perform this check?
- if (! aValue.equals(0)) {
+ // Warning: this value should be strictly greater than zero
this._B = aValue;
- } else {
+ if (this._B.equals(0) || negative(this._B)) {
Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0.");
throw Clipperz.Crypto.SRP.exception.InvalidValue;
@@ -191,5 +200,5 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'u': function () {
if (this._u == null) {
- this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16);
+ this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.A().asString() + this.B().asString()), 16);
}
@@ -208,5 +217,11 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
this._S = bigint.powerModule(
- bigint.subtract(this.B(), bigint.powerModule(srp.g(), this.x(), srp.n())),
+ bigint.subtract(
+ this.B(),
+ bigint.multiply(
+ Clipperz.Crypto.SRP.k(),
+ bigint.powerModule(srp.g(), this.x(), srp.n())
+ )
+ ),
bigint.add(this.a(), bigint.multiply(this.u(), this.x())),
srp.n()
@@ -231,5 +246,18 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'M1': function () {
if (this._M1 == null) {
- this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K());
+// this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K());
+
+ // http://srp.stanford.edu/design.html
+ // User -> Host: M = H(H(N) xor H(g), H(I), s, A, B, K)
+
+ this._M1 = this.stringHash(
+ "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
+ this.stringHash(this.C()) +
+ this.s().asString() +
+ this.A().asString() +
+ this.B().asString() +
+ this.K()
+ );
+//console.log("M1", this._M1);
}
@@ -242,4 +270,5 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
if (this._M2 == null) {
this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K());
+//console.log("M2", this._M2);
}