author | Giulio Cesare Solaroli <giulio.cesare@clipperz.com> | 2014-05-30 14:10:13 (UTC) |
---|---|---|
committer | Giulio Cesare Solaroli <giulio.cesare@clipperz.com> | 2014-05-30 14:15:51 (UTC) |
commit | 7fdb41fa2b1f621636882ad9059c1f3ecfb74083 (patch) (side-by-side diff) | |
tree | 33c05ee7329d9b8e5eff79942f254d6c680ad661 /frontend | |
parent | ed6b4edc82b0f65c77980713cd525053fcbc1dd2 (diff) | |
download | clipperz-7fdb41fa2b1f621636882ad9059c1f3ecfb74083.zip clipperz-7fdb41fa2b1f621636882ad9059c1f3ecfb74083.tar.gz clipperz-7fdb41fa2b1f621636882ad9059c1f3ecfb74083.tar.bz2 |
Fixed vulnerability CLP-01-016
-rw-r--r-- | frontend/beta/js/Clipperz/Crypto/SRP.js | 57 | ||||
-rw-r--r-- | frontend/delta/js/Clipperz/Crypto/SRP.js | 47 | ||||
-rw-r--r-- | frontend/gamma/js/Clipperz/Crypto/SRP.js | 47 |
3 files changed, 114 insertions, 37 deletions
diff --git a/frontend/beta/js/Clipperz/Crypto/SRP.js b/frontend/beta/js/Clipperz/Crypto/SRP.js index 8cc80ba..8c522ad 100644 --- a/frontend/beta/js/Clipperz/Crypto/SRP.js +++ b/frontend/beta/js/Clipperz/Crypto/SRP.js @@ -45,4 +45,6 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, { '_n': null, '_g': null, + '_k': null, + //------------------------------------------------------------------------- @@ -65,4 +67,13 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, { }, + 'k': function() { + if (Clipperz.Crypto.SRP._k == null) { +// Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt(this.stringHash(this.n().asString() + this.g().asString()), 16); + Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt("64398bff522814e306a97cb9bfc4364b7eed16a8c17c5208a40a2bad2933c8e", 16); + } + + return Clipperz.Crypto.SRP._k; + }, + //----------------------------------------------------------------------------- @@ -130,5 +141,4 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16); // this._a = new Clipperz.Crypto.BigInt("37532428169486597638072888476611365392249575518156687476805936694442691012367", 10); -//MochiKit.Logging.logDebug("SRP a: " + this._a); } @@ -140,12 +150,10 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { 'A': function () { if (this._A == null) { - // Warning: this value should be strictly greater than zero: how should we perform this check? + // Warning: this value should be strictly greater than zero this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n()); - - if (this._A.equals(0)) { + if (this._A.equals(0) || negative(this._A)) { MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0."); throw Clipperz.Crypto.SRP.exception.InvalidValue; } -//MochiKit.Logging.logDebug("SRP A: " + this._A); } @@ -157,5 +165,4 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 's': function () { return this._s; -//MochiKit.Logging.logDebug("SRP s: " + this._S); }, @@ -171,9 +178,7 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 'set_B': function(aValue) { - // Warning: this value should be strictly greater than zero: how should we perform this check? - if (! aValue.equals(0)) { + // Warning: this value should be strictly greater than zero this._B = aValue; -//MochiKit.Logging.logDebug("SRP B: " + this._B); - } else { + if (this._B.equals(0) || negative(this._B)) { MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0."); throw Clipperz.Crypto.SRP.exception.InvalidValue; @@ -186,5 +191,4 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to if (this._x == null) { this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s().asString(16, 64) + this.P()), 16); -//MochiKit.Logging.logDebug("SRP x: " + this._x); } @@ -196,6 +200,5 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 'u': function () { if (this._u == null) { - this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16); -//MochiKit.Logging.logDebug("SRP u: " + this._u); + this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.A().asString() + this.B().asString()), 16); } @@ -214,9 +217,14 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to this._S = bigint.powerModule( - bigint.subtract(this.B(), bigint.powerModule(srp.g(), this.x(), srp.n())), + bigint.subtract( + this.B(), + bigint.multiply( + Clipperz.Crypto.SRP.k(), + bigint.powerModule(srp.g(), this.x(), srp.n()) + ) + ), bigint.add(this.a(), bigint.multiply(this.u(), this.x())), srp.n() ) -//MochiKit.Logging.logDebug("SRP S: " + this._S); } @@ -229,5 +237,4 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to if (this._K == null) { this._K = this.stringHash(this.S().asString()); -//MochiKit.Logging.logDebug("SRP K: " + this._K); } @@ -239,6 +246,18 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 'M1': function () { if (this._M1 == null) { - this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K()); -//MochiKit.Logging.logDebug("SRP M1: " + this._M1); +// this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K()); + + // http://srp.stanford.edu/design.html + // User -> Host: M = H(H(N) xor H(g), H(I), s, A, B, K) + + this._M1 = this.stringHash( + "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" + + this.stringHash(this.C()) + + this.s().asString() + + this.A().asString() + + this.B().asString() + + this.K() + ); +//console.log("M1", this._M1); } @@ -251,5 +270,5 @@ MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to if (this._M2 == null) { this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K()); -//MochiKit.Logging.logDebug("SRP M2: " + this._M2); +//console.log("M2", this._M2); } diff --git a/frontend/delta/js/Clipperz/Crypto/SRP.js b/frontend/delta/js/Clipperz/Crypto/SRP.js index 597e72d..6898dfb 100644 --- a/frontend/delta/js/Clipperz/Crypto/SRP.js +++ b/frontend/delta/js/Clipperz/Crypto/SRP.js @@ -45,4 +45,6 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, { '_n': null, '_g': null, + '_k': null, + //------------------------------------------------------------------------- @@ -65,4 +67,13 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, { }, + 'k': function() { + if (Clipperz.Crypto.SRP._k == null) { +// Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt(this.stringHash(this.n().asString() + this.g().asString()), 16); + Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt("64398bff522814e306a97cb9bfc4364b7eed16a8c17c5208a40a2bad2933c8e", 16); + } + + return Clipperz.Crypto.SRP._k; + }, + //----------------------------------------------------------------------------- @@ -139,8 +150,7 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { 'A': function () { if (this._A == null) { - // Warning: this value should be strictly greater than zero: how should we perform this check? + // Warning: this value should be strictly greater than zero this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n()); - - if (this._A.equals(0)) { + if (this._A.equals(0) || negative(this._A)) { Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0."); throw Clipperz.Crypto.SRP.exception.InvalidValue; @@ -168,8 +178,7 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { 'set_B': function(aValue) { - // Warning: this value should be strictly greater than zero: how should we perform this check? - if (! aValue.equals(0)) { + // Warning: this value should be strictly greater than zero this._B = aValue; - } else { + if (this._B.equals(0) || negative(this._B)) { Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0."); throw Clipperz.Crypto.SRP.exception.InvalidValue; @@ -191,5 +200,5 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { 'u': function () { if (this._u == null) { - this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16); + this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.A().asString() + this.B().asString()), 16); } @@ -208,5 +217,11 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { this._S = bigint.powerModule( - bigint.subtract(this.B(), bigint.powerModule(srp.g(), this.x(), srp.n())), + bigint.subtract( + this.B(), + bigint.multiply( + Clipperz.Crypto.SRP.k(), + bigint.powerModule(srp.g(), this.x(), srp.n()) + ) + ), bigint.add(this.a(), bigint.multiply(this.u(), this.x())), srp.n() @@ -231,5 +246,18 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { 'M1': function () { if (this._M1 == null) { - this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K()); +// this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K()); + + // http://srp.stanford.edu/design.html + // User -> Host: M = H(H(N) xor H(g), H(I), s, A, B, K) + + this._M1 = this.stringHash( + "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" + + this.stringHash(this.C()) + + this.s().asString() + + this.A().asString() + + this.B().asString() + + this.K() + ); +//console.log("M1", this._M1); } @@ -242,4 +270,5 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { if (this._M2 == null) { this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K()); +//console.log("M2", this._M2); } diff --git a/frontend/gamma/js/Clipperz/Crypto/SRP.js b/frontend/gamma/js/Clipperz/Crypto/SRP.js index 597e72d..6898dfb 100644 --- a/frontend/gamma/js/Clipperz/Crypto/SRP.js +++ b/frontend/gamma/js/Clipperz/Crypto/SRP.js @@ -45,4 +45,6 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, { '_n': null, '_g': null, + '_k': null, + //------------------------------------------------------------------------- @@ -65,4 +67,13 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, { }, + 'k': function() { + if (Clipperz.Crypto.SRP._k == null) { +// Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt(this.stringHash(this.n().asString() + this.g().asString()), 16); + Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt("64398bff522814e306a97cb9bfc4364b7eed16a8c17c5208a40a2bad2933c8e", 16); + } + + return Clipperz.Crypto.SRP._k; + }, + //----------------------------------------------------------------------------- @@ -139,8 +150,7 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { 'A': function () { if (this._A == null) { - // Warning: this value should be strictly greater than zero: how should we perform this check? + // Warning: this value should be strictly greater than zero this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n()); - - if (this._A.equals(0)) { + if (this._A.equals(0) || negative(this._A)) { Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0."); throw Clipperz.Crypto.SRP.exception.InvalidValue; @@ -168,8 +178,7 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { 'set_B': function(aValue) { - // Warning: this value should be strictly greater than zero: how should we perform this check? - if (! aValue.equals(0)) { + // Warning: this value should be strictly greater than zero this._B = aValue; - } else { + if (this._B.equals(0) || negative(this._B)) { Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0."); throw Clipperz.Crypto.SRP.exception.InvalidValue; @@ -191,5 +200,5 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { 'u': function () { if (this._u == null) { - this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16); + this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.A().asString() + this.B().asString()), 16); } @@ -208,5 +217,11 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { this._S = bigint.powerModule( - bigint.subtract(this.B(), bigint.powerModule(srp.g(), this.x(), srp.n())), + bigint.subtract( + this.B(), + bigint.multiply( + Clipperz.Crypto.SRP.k(), + bigint.powerModule(srp.g(), this.x(), srp.n()) + ) + ), bigint.add(this.a(), bigint.multiply(this.u(), this.x())), srp.n() @@ -231,5 +246,18 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { 'M1': function () { if (this._M1 == null) { - this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K()); +// this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K()); + + // http://srp.stanford.edu/design.html + // User -> Host: M = H(H(N) xor H(g), H(I), s, A, B, K) + + this._M1 = this.stringHash( + "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" + + this.stringHash(this.C()) + + this.s().asString() + + this.A().asString() + + this.B().asString() + + this.K() + ); +//console.log("M1", this._M1); } @@ -242,4 +270,5 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { if (this._M2 == null) { this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K()); +//console.log("M2", this._M2); } |