clipperz/password-manager-mirror
1
0
Fork 0
mirror of http://git.whoc.org.uk/git/password-manager.git synced 2025-10-31 19:27:34 +01:00
Code Issues Releases Wiki Activity

Updated Copyright claims

Browse Source 
- updated reference dates;
- removed reference to Community Edition;
- normalized logging using Clipperz.log[Warn|Error|Debug]
This commit is contained in:
Clipperz
2013-01-31 14:42:04 +01:00
parent 767a3dcf48
commit 07d0357bee
422 changed files with 23531 additions and 7622 deletions
Download Patch File Download Diff File Expand all files Collapse all files

545
frontend/gamma/js/ClipperzCryptoLibrary/ECC/BinaryField/Curve.js Normal file
View File

@@ -0,0 +1,545 @@
/*
Copyright 2008-2013 Clipperz Srl
This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
* Clipperz is free software: you can redistribute it and/or modify it
under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
* Clipperz is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
//}
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
Clipperz.Crypto.ECC.BinaryField.Curve = function(args) {
args = args || {};
this._modulus = args.modulus;
this._a = args.a;
this._b = args.b;
this._G = args.G;
this._r = args.r;
this._h = args.h;
this._finiteField = null;
return this;
}
Clipperz.Crypto.ECC.BinaryField.Curve.prototype = MochiKit.Base.update(null, {
'asString': function() {
return "Clipperz.Crypto.ECC.BinaryField.Curve";
},
//-----------------------------------------------------------------------------
'modulus': function() {
return this._modulus;
},
'a': function() {
return this._a;
},
'b': function() {
return this._b;
},
'G': function() {
return this._G;
},
'r': function() {
return this._r;
},
'h': function() {
return this._h;
},
//-----------------------------------------------------------------------------
'finiteField': function() {
if (this._finiteField == null) {
this._finiteField = new Clipperz.Crypto.ECC.BinaryField.FiniteField({modulus:this.modulus()})
}
return this._finiteField;
},
//-----------------------------------------------------------------------------
'negate': function(aPointA) {
var result;
result = new Clipperz.Crypto.ECC.Point({x:aPointA.x(), y:this.finiteField().add(aPointA.y(), aPointA.x())})
return result;
},
//-----------------------------------------------------------------------------
'add': function(aPointA, aPointB) {
var result;
//console.log(">>> ECC.BinaryField.Curve.add");
if (aPointA.isZero()) {
//console.log("--- pointA == zero");
result = aPointB;
} else if (aPointB.isZero()) {
//console.log("--- pointB == zero");
result = aPointA;
} else if ( (aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) {
//console.log("compare A.x - B.x: ", aPointA.x().compare(aPointB.x()));
//console.log("compare A.y - B.y: ", (aPointA.y().compare(aPointB.y()) != 0));
//console.log("compare B.x.isZero(): ", aPointB.x().isZero());
//console.log("--- result = zero");
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
} else {
//console.log("--- result = ELSE");
var f2m;
var x, y;
var lambda;
var aX, aY, bX, bY;
aX = aPointA.x()._value;
aY = aPointA.y()._value;
bX = aPointB.x()._value;
bY = aPointB.y()._value;
f2m = this.finiteField();
if (aPointA.x().compare(aPointB.x()) != 0) {
//console.log(" a.x != b.x");
lambda = f2m._fastMultiply(
f2m._add(aY, bY),
f2m._inverse(f2m._add(aX, bX))
);
x = f2m._add(this.a()._value, f2m._square(lambda));
f2m._overwriteAdd(x, lambda);
f2m._overwriteAdd(x, aX);
f2m._overwriteAdd(x, bX);
} else {
//console.log(" a.x == b.x");
lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX)));
//console.log(" lambda: " + lambda.asString(16));
x = f2m._add(this.a()._value, f2m._square(lambda));
//console.log(" x (step 1): " + x.asString(16));
f2m._overwriteAdd(x, lambda);
//console.log(" x (step 2): " + x.asString(16));
}
y = f2m._fastMultiply(f2m._add(bX, x), lambda);
//console.log(" y (step 1): " + y.asString(16));
f2m._overwriteAdd(y, x);
//console.log(" y (step 2): " + y.asString(16));
f2m._overwriteAdd(y, bY);
//console.log(" y (step 3): " + y.asString(16));
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)})
}
//console.log("<<< ECC.BinaryField.Curve.add");
return result;
},
//-----------------------------------------------------------------------------
'addTwice': function(aPointA) {
return this.add(aPointA, aPointA);
},
//-----------------------------------------------------------------------------
'overwriteAdd': function(aPointA, aPointB) {
if (aPointA.isZero()) {
// result = aPointB;
aPointA._x._value = aPointB._x._value;
aPointA._y._value = aPointB._y._value;
} else if (aPointB.isZero()) {
// result = aPointA;
} else if ( (aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) {
// result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
aPointA._x = Clipperz.Crypto.ECC.BinaryField.Value.O;
aPointA._y = Clipperz.Crypto.ECC.BinaryField.Value.O;
} else {
var f2m;
var x, y;
var lambda;
var aX, aY, bX, bY;
aX = aPointA.x()._value;
aY = aPointA.y()._value;
bX = aPointB.x()._value;
bY = aPointB.y()._value;
f2m = this.finiteField();
if (aPointA.x().compare(aPointB.x()) != 0) {
//console.log(" a.x != b.x");
lambda = f2m._fastMultiply(
f2m._add(aY, bY),
f2m._inverse(f2m._add(aX, bX))
);
x = f2m._add(this.a()._value, f2m._square(lambda));
f2m._overwriteAdd(x, lambda);
f2m._overwriteAdd(x, aX);
f2m._overwriteAdd(x, bX);
} else {
//console.log(" a.x == b.x");
lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX)));
//console.log(" lambda: " + lambda.asString(16));
x = f2m._add(this.a()._value, f2m._square(lambda));
//console.log(" x (step 1): " + x.asString(16));
f2m._overwriteAdd(x, lambda);
//console.log(" x (step 2): " + x.asString(16));
}
y = f2m._fastMultiply(f2m._add(bX, x), lambda);
//console.log(" y (step 1): " + y.asString(16));
f2m._overwriteAdd(y, x);
//console.log(" y (step 2): " + y.asString(16));
f2m._overwriteAdd(y, bY);
//console.log(" y (step 3): " + y.asString(16));
// result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)})
aPointA._x._value = x;
aPointA._y._value = y;
}
//console.log("<<< ECC.BinaryField.Curve.add");
return result;
},
//-----------------------------------------------------------------------------
'multiply': function(aValue, aPoint) {
var result;
//console.profile();
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
if (aValue.isZero() == false) {
var k, Q;
var i;
var countIndex; countIndex = 0;
if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) {
k = aValue;
Q = aPoint;
} else {
MochiKit.Logging.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!");
k = aValue.negate();
Q = this.negate(aPoint);
}
//console.log("k: " + k.toString(16));
//console.log("k.bitSize: " + k.bitSize());
for (i=k.bitSize()-1; i>=0; i--) {
result = this.add(result, result);
// this.overwriteAdd(result, result);
if (k.isBitSet(i)) {
result = this.add(result, Q);
// this.overwriteAdd(result, Q);
}
// if (countIndex==100) {console.log("multiply.break"); break;} else countIndex++;
}
}
//console.profileEnd();
return result;
},
//-----------------------------------------------------------------------------
'deferredMultiply': function(aValue, aPoint) {
var deferredResult;
var result;
MochiKit.Logging.logDebug(">>> deferredMultiply - value: " + aValue + ", point: " + aPoint);
//console.profile("ECC.Curve.multiply");
deferredResult = new MochiKit.Async.Deferred();
//deferredResult.addCallback(function(res) {console.profile("ECC.Curve.deferredMultiply"); return res;} );
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 1: " + res); return res;});
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 2: " + res); return res;});
if (aValue.isZero() == false) {
var k, Q;
var i;
var countIndex; countIndex = 0;
if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) {
k = aValue;
Q = aPoint;
} else {
MochiKit.Logging.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!");
k = aValue.negate();
Q = this.negate(aPoint);
}
//console.log("k: " + k.toString(16));
//console.log("k.bitSize: " + k.bitSize());
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 3: " + res); return res;});
for (i=k.bitSize()-1; i>=0; i--) {
//MochiKit.Logging.logDebug("====> " + i);
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4 > i = " + i + ": " + res); return res;});
deferredResult.addMethod(this, "addTwice");
//# result = this.add(result, result);
// this.overwriteAdd(result, result);
if (k.isBitSet(i)) {
deferredResult.addMethod(this, "add", Q);
//# result = this.add(result, Q);
// this.overwriteAdd(result, Q);
}
if (i%20 == 0) {deferredResult.addCallback(MochiKit.Async.wait, 0.1);}
// if (countIndex==100) {console.log("multiply.break"); break;} else countIndex++;
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4 < i = " + i + ": " + res); return res;});
}
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4: " + res); return res;});
}
//#console.profileEnd();
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 5: " + res); return res;});
//deferredResult.addBoth(function(res) {console.profileEnd(); return res;});
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 6: " + res); return res;});
deferredResult.callback(result);
//# return result;
return deferredResult;
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.ECC.StandardCurves = {};
MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, {
/*
'_K571': null,
'K571': function() {
if (Clipperz.Crypto.ECC.StandardCurves._K571 == null) {
Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.BinaryField.Curve({
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16)
});
}
return Clipperz.Crypto.ECC.StandardCurves._K571;
},
'_K283': null,
'K283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
if (Clipperz.Crypto.ECC.StandardCurves._K283 == null) {
Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.BinaryField.Curve({
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16)
});
}
return Clipperz.Crypto.ECC.StandardCurves._K283;
},
*/
//-----------------------------------------------------------------------------
'_B571': null,
'B571': function() { // f(z) = z^571 + z^10 + z^5 + z^2 + 1
if (Clipperz.Crypto.ECC.StandardCurves._B571 == null) {
Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
// S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
// n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16)
});
//-----------------------------------------------------------------------------
//
// Guide to Elliptic Curve Cryptography
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
// - Pag: 56, Alorithm 2.45 (with a typo!!!)
//
//-----------------------------------------------------------------------------
//
// http://www.milw0rm.com/papers/136
//
// -------------------------------------------------------------------------
// Polynomial Reduction Algorithm Modulo f571
// -------------------------------------------------------------------------
//
// Input: Polynomial p(x) of degree 1140 or less, stored as
// an array of 2T machinewords.
// Output: p(x) mod f571(x)
//
// FOR i = T-1, ..., 0 DO
// SET X := P[i+T]
// P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15)
// P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27)
//
// SET X := P[T-1] >> 27
// P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10)
// P[T-1] := P[T-1] & 0x07ffffff
//
// RETURN P[T-1],...,P[0]
//
// -------------------------------------------------------------------------
//
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module;
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) {
var result;
if (aValue.bitSize() > 1140) {
MochiKit.Logging.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation");
result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue);
} else {
var C, T;
var i;
//console.log(">>> binaryField.finiteField.(improved)module");
// C = aValue.value().slice(0);
C = aValue._value.slice(0);
for (i=35; i>=18; i--) {
T = C[i];
C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0);
C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0);
}
T = (C[17] >>> 27);
C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0);
C[17] = (C[17] & 0x07ffffff);
for(i=18; i<=35; i++) {
C[i] = 0;
}
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
//console.log("<<< binaryField.finiteField.(improved)module");
}
return result;
};
}
return Clipperz.Crypto.ECC.StandardCurves._B571;
},
//-----------------------------------------------------------------------------
'_B283': null,
'B283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
if (Clipperz.Crypto.ECC.StandardCurves._B283 == null) {
Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({
// modulus: new Clipperz.Crypto.ECC.BinaryField.Value('10000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
// S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
// n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16)
});
//-----------------------------------------------------------------------------
//
// Guide to Elliptic Curve Cryptography
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
// - Pag: 56, Alorithm 2.43
//
//-----------------------------------------------------------------------------
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module;
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) {
var result;
if (aValue.bitSize() > 564) {
MochiKit.Logging.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation");
result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue);
} else {
var C, T;
var i;
//console.log(">>> binaryField.finiteField.(improved)module");
C = aValue._value.slice(0);
for (i=17; i>=9; i--) {
T = C[i];
C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0);
C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0);
}
T = (C[8] >>> 27);
C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0);
C[8] = (C[8] & 0x07ffffff);
for(i=9; i<=17; i++) {
C[i] = 0;
}
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
//console.log("<<< binaryField.finiteField.(improved)module");
}
return result;
};
}
return Clipperz.Crypto.ECC.StandardCurves._B283;
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################

521
frontend/gamma/js/ClipperzCryptoLibrary/ECC/BinaryField/FiniteField.js Normal file
View File

@@ -0,0 +1,521 @@
/*
Copyright 2008-2013 Clipperz Srl
This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
* Clipperz is free software: you can redistribute it and/or modify it
under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
* Clipperz is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
//}
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
Clipperz.Crypto.ECC.BinaryField.FiniteField = function(args) {
args = args || {};
this._modulus = args.modulus;
return this;
}
Clipperz.Crypto.ECC.BinaryField.FiniteField.prototype = MochiKit.Base.update(null, {
'asString': function() {
return "Clipperz.Crypto.ECC.BinaryField.FiniteField (" + this.modulus().asString() + ")";
},
//-----------------------------------------------------------------------------
'modulus': function() {
return this._modulus;
},
//-----------------------------------------------------------------------------
'_module': function(aValue) {
var result;
var modulusComparison;
//console.log(">>> binaryField.finiteField.(standard)module");
modulusComparison = Clipperz.Crypto.ECC.BinaryField.Value._compare(aValue, this.modulus()._value);
if (modulusComparison < 0) {
result = aValue;
} else if (modulusComparison == 0) {
result = [0];
} else {
var modulusBitSize;
var resultBitSize;
result = aValue;
modulusBitSize = this.modulus().bitSize();
resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result);
while (resultBitSize >= modulusBitSize) {
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this.modulus()._value, resultBitSize - modulusBitSize));
resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result);
}
}
//console.log("<<< binaryField.finiteField.(standard)module");
return result;
},
'module': function(aValue) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._module(aValue._value.slice(0)));
},
//-----------------------------------------------------------------------------
'_add': function(a, b) {
return Clipperz.Crypto.ECC.BinaryField.Value._xor(a, b);
},
'_overwriteAdd': function(a, b) {
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(a, b);
},
'add': function(a, b) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._add(a._value, b._value));
},
//-----------------------------------------------------------------------------
'negate': function(aValue) {
return aValue.clone();
},
//-----------------------------------------------------------------------------
'_multiply': function(a, b) {
var result;
var valueToXor;
var i,c;
result = [0];
valueToXor = b;
c = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(a);
for (i=0; i<c; i++) {
if (Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(a, i) === true) {
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, valueToXor);
}
valueToXor = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(valueToXor, 1);
}
result = this._module(result);
return result;
},
'multiply': function(a, b) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._multiply(a._value, b._value));
},
//-----------------------------------------------------------------------------
'_fastMultiply': function(a, b) {
var result;
var B;
var i,c;
result = [0];
B = b.slice(0); // Is this array copy avoidable?
c = 32;
for (i=0; i<c; i++) {
var ii, cc;
cc = a.length;
for (ii=0; ii<cc; ii++) {
if (((a[ii] >>> i) & 0x01) == 1) {
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, B, ii);
}
}
if (i < (c-1)) {
B = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(B, 1);
}
}
result = this._module(result);
return result;
},
'fastMultiply': function(a, b) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._fastMultiply(a._value, b._value));
},
//-----------------------------------------------------------------------------
//
// Guide to Elliptic Curve Cryptography
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
// - Pag: 49, Alorithm 2.34
//
//-----------------------------------------------------------------------------
'_square': function(aValue) {
var result;
var value;
var c,i;
var precomputedValues;
value = aValue;
result = new Array(value.length * 2);
precomputedValues = Clipperz.Crypto.ECC.BinaryField.FiniteField.squarePrecomputedBytes;
c = value.length;
for (i=0; i<c; i++) {
result[i*2] = precomputedValues[(value[i] & 0x000000ff)];
result[i*2] |= ((precomputedValues[(value[i] & 0x0000ff00) >>> 8]) << 16);
result[i*2 + 1] = precomputedValues[(value[i] & 0x00ff0000) >>> 16];
result[i*2 + 1] |= ((precomputedValues[(value[i] & 0xff000000) >>> 24]) << 16);
}
return this._module(result);
},
'square': function(aValue) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._square(aValue._value));
},
//-----------------------------------------------------------------------------
'_inverse': function(aValue) {
var result;
var b, c;
var u, v;
// b = Clipperz.Crypto.ECC.BinaryField.Value.I._value;
b = [1];
// c = Clipperz.Crypto.ECC.BinaryField.Value.O._value;
c = [0];
u = this._module(aValue);
v = this.modulus()._value.slice(0);
while (Clipperz.Crypto.ECC.BinaryField.Value._bitSize(u) > 1) {
var bitDifferenceSize;
bitDifferenceSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(u) - Clipperz.Crypto.ECC.BinaryField.Value._bitSize(v);
if (bitDifferenceSize < 0) {
var swap;
swap = u;
u = v;
v = swap;
swap = c;
c = b;
b = swap;
bitDifferenceSize = -bitDifferenceSize;
}
u = this._add(u, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(v, bitDifferenceSize));
b = this._add(b, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(c, bitDifferenceSize));
// this._overwriteAdd(u, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(v, bitDifferenceSize));
// this._overwriteAdd(b, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(c, bitDifferenceSize));
}
result = this._module(b);
return result;
},
'inverse': function(aValue) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._inverse(aValue._value));
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
Clipperz.Crypto.ECC.BinaryField.FiniteField.squarePrecomputedBytes = [
0x0000, // 0 = 0000 0000 -> 0000 0000 0000 0000
0x0001, // 1 = 0000 0001 -> 0000 0000 0000 0001
0x0004, // 2 = 0000 0010 -> 0000 0000 0000 0100
0x0005, // 3 = 0000 0011 -> 0000 0000 0000 0101
0x0010, // 4 = 0000 0100 -> 0000 0000 0001 0000
0x0011, // 5 = 0000 0101 -> 0000 0000 0001 0001
0x0014, // 6 = 0000 0110 -> 0000 0000 0001 0100
0x0015, // 7 = 0000 0111 -> 0000 0000 0001 0101
0x0040, // 8 = 0000 1000 -> 0000 0000 0100 0000
0x0041, // 9 = 0000 1001 -> 0000 0000 0100 0001
0x0044, // 10 = 0000 1010 -> 0000 0000 0100 0100
0x0045, // 11 = 0000 1011 -> 0000 0000 0100 0101
0x0050, // 12 = 0000 1100 -> 0000 0000 0101 0000
0x0051, // 13 = 0000 1101 -> 0000 0000 0101 0001
0x0054, // 14 = 0000 1110 -> 0000 0000 0101 0100
0x0055, // 15 = 0000 1111 -> 0000 0000 0101 0101
0x0100, // 16 = 0001 0000 -> 0000 0001 0000 0000
0x0101, // 17 = 0001 0001 -> 0000 0001 0000 0001
0x0104, // 18 = 0001 0010 -> 0000 0001 0000 0100
0x0105, // 19 = 0001 0011 -> 0000 0001 0000 0101
0x0110, // 20 = 0001 0100 -> 0000 0001 0001 0000
0x0111, // 21 = 0001 0101 -> 0000 0001 0001 0001
0x0114, // 22 = 0001 0110 -> 0000 0001 0001 0100
0x0115, // 23 = 0001 0111 -> 0000 0001 0001 0101
0x0140, // 24 = 0001 1000 -> 0000 0001 0100 0000
0x0141, // 25 = 0001 1001 -> 0000 0001 0100 0001
0x0144, // 26 = 0001 1010 -> 0000 0001 0100 0100
0x0145, // 27 = 0001 1011 -> 0000 0001 0100 0101
0x0150, // 28 = 0001 1100 -> 0000 0001 0101 0000
0x0151, // 28 = 0001 1101 -> 0000 0001 0101 0001
0x0154, // 30 = 0001 1110 -> 0000 0001 0101 0100
0x0155, // 31 = 0001 1111 -> 0000 0001 0101 0101
0x0400, // 32 = 0010 0000 -> 0000 0100 0000 0000
0x0401, // 33 = 0010 0001 -> 0000 0100 0000 0001
0x0404, // 34 = 0010 0010 -> 0000 0100 0000 0100
0x0405, // 35 = 0010 0011 -> 0000 0100 0000 0101
0x0410, // 36 = 0010 0100 -> 0000 0100 0001 0000
0x0411, // 37 = 0010 0101 -> 0000 0100 0001 0001
0x0414, // 38 = 0010 0110 -> 0000 0100 0001 0100
0x0415, // 39 = 0010 0111 -> 0000 0100 0001 0101
0x0440, // 40 = 0010 1000 -> 0000 0100 0100 0000
0x0441, // 41 = 0010 1001 -> 0000 0100 0100 0001
0x0444, // 42 = 0010 1010 -> 0000 0100 0100 0100
0x0445, // 43 = 0010 1011 -> 0000 0100 0100 0101
0x0450, // 44 = 0010 1100 -> 0000 0100 0101 0000
0x0451, // 45 = 0010 1101 -> 0000 0100 0101 0001
0x0454, // 46 = 0010 1110 -> 0000 0100 0101 0100
0x0455, // 47 = 0010 1111 -> 0000 0100 0101 0101
0x0500, // 48 = 0011 0000 -> 0000 0101 0000 0000
0x0501, // 49 = 0011 0001 -> 0000 0101 0000 0001
0x0504, // 50 = 0011 0010 -> 0000 0101 0000 0100
0x0505, // 51 = 0011 0011 -> 0000 0101 0000 0101
0x0510, // 52 = 0011 0100 -> 0000 0101 0001 0000
0x0511, // 53 = 0011 0101 -> 0000 0101 0001 0001
0x0514, // 54 = 0011 0110 -> 0000 0101 0001 0100
0x0515, // 55 = 0011 0111 -> 0000 0101 0001 0101
0x0540, // 56 = 0011 1000 -> 0000 0101 0100 0000
0x0541, // 57 = 0011 1001 -> 0000 0101 0100 0001
0x0544, // 58 = 0011 1010 -> 0000 0101 0100 0100
0x0545, // 59 = 0011 1011 -> 0000 0101 0100 0101
0x0550, // 60 = 0011 1100 -> 0000 0101 0101 0000
0x0551, // 61 = 0011 1101 -> 0000 0101 0101 0001
0x0554, // 62 = 0011 1110 -> 0000 0101 0101 0100
0x0555, // 63 = 0011 1111 -> 0000 0101 0101 0101
0x1000, // 64 = 0100 0000 -> 0001 0000 0000 0000
0x1001, // 65 = 0100 0001 -> 0001 0000 0000 0001
0x1004, // 66 = 0100 0010 -> 0001 0000 0000 0100
0x1005, // 67 = 0100 0011 -> 0001 0000 0000 0101
0x1010, // 68 = 0100 0100 -> 0001 0000 0001 0000
0x1011, // 69 = 0100 0101 -> 0001 0000 0001 0001
0x1014, // 70 = 0100 0110 -> 0001 0000 0001 0100
0x1015, // 71 = 0100 0111 -> 0001 0000 0001 0101
0x1040, // 72 = 0100 1000 -> 0001 0000 0100 0000
0x1041, // 73 = 0100 1001 -> 0001 0000 0100 0001
0x1044, // 74 = 0100 1010 -> 0001 0000 0100 0100
0x1045, // 75 = 0100 1011 -> 0001 0000 0100 0101
0x1050, // 76 = 0100 1100 -> 0001 0000 0101 0000
0x1051, // 77 = 0100 1101 -> 0001 0000 0101 0001
0x1054, // 78 = 0100 1110 -> 0001 0000 0101 0100
0x1055, // 79 = 0100 1111 -> 0001 0000 0101 0101
0x1100, // 80 = 0101 0000 -> 0001 0001 0000 0000
0x1101, // 81 = 0101 0001 -> 0001 0001 0000 0001
0x1104, // 82 = 0101 0010 -> 0001 0001 0000 0100
0x1105, // 83 = 0101 0011 -> 0001 0001 0000 0101
0x1110, // 84 = 0101 0100 -> 0001 0001 0001 0000
0x1111, // 85 = 0101 0101 -> 0001 0001 0001 0001
0x1114, // 86 = 0101 0110 -> 0001 0001 0001 0100
0x1115, // 87 = 0101 0111 -> 0001 0001 0001 0101
0x1140, // 88 = 0101 1000 -> 0001 0001 0100 0000
0x1141, // 89 = 0101 1001 -> 0001 0001 0100 0001
0x1144, // 90 = 0101 1010 -> 0001 0001 0100 0100
0x1145, // 91 = 0101 1011 -> 0001 0001 0100 0101
0x1150, // 92 = 0101 1100 -> 0001 0001 0101 0000
0x1151, // 93 = 0101 1101 -> 0001 0001 0101 0001
0x1154, // 94 = 0101 1110 -> 0001 0001 0101 0100
0x1155, // 95 = 0101 1111 -> 0001 0001 0101 0101
0x1400, // 96 = 0110 0000 -> 0001 0100 0000 0000
0x1401, // 97 = 0110 0001 -> 0001 0100 0000 0001
0x1404, // 98 = 0110 0010 -> 0001 0100 0000 0100
0x1405, // 99 = 0110 0011 -> 0001 0100 0000 0101
0x1410, // 100 = 0110 0100 -> 0001 0100 0001 0000
0x1411, // 101 = 0110 0101 -> 0001 0100 0001 0001
0x1414, // 102 = 0110 0110 -> 0001 0100 0001 0100
0x1415, // 103 = 0110 0111 -> 0001 0100 0001 0101
0x1440, // 104 = 0110 1000 -> 0001 0100 0100 0000
0x1441, // 105 = 0110 1001 -> 0001 0100 0100 0001
0x1444, // 106 = 0110 1010 -> 0001 0100 0100 0100
0x1445, // 107 = 0110 1011 -> 0001 0100 0100 0101
0x1450, // 108 = 0110 1100 -> 0001 0100 0101 0000
0x1451, // 109 = 0110 1101 -> 0001 0100 0101 0001
0x1454, // 110 = 0110 1110 -> 0001 0100 0101 0100
0x1455, // 111 = 0110 1111 -> 0001 0100 0101 0101
0x1500, // 112 = 0111 0000 -> 0001 0101 0000 0000
0x1501, // 113 = 0111 0001 -> 0001 0101 0000 0001
0x1504, // 114 = 0111 0010 -> 0001 0101 0000 0100
0x1505, // 115 = 0111 0011 -> 0001 0101 0000 0101
0x1510, // 116 = 0111 0100 -> 0001 0101 0001 0000
0x1511, // 117 = 0111 0101 -> 0001 0101 0001 0001
0x1514, // 118 = 0111 0110 -> 0001 0101 0001 0100
0x1515, // 119 = 0111 0111 -> 0001 0101 0001 0101
0x1540, // 120 = 0111 1000 -> 0001 0101 0100 0000
0x1541, // 121 = 0111 1001 -> 0001 0101 0100 0001
0x1544, // 122 = 0111 1010 -> 0001 0101 0100 0100
0x1545, // 123 = 0111 1011 -> 0001 0101 0100 0101
0x1550, // 124 = 0111 1100 -> 0001 0101 0101 0000
0x1551, // 125 = 0111 1101 -> 0001 0101 0101 0001
0x1554, // 126 = 0111 1110 -> 0001 0101 0101 0100
0x1555, // 127 = 0111 1111 -> 0001 0101 0101 0101
0x4000, // 128 = 1000 0000 -> 0100 0000 0000 0000
0x4001, // 129 = 1000 0001 -> 0100 0000 0000 0001
0x4004, // 130 = 1000 0010 -> 0100 0000 0000 0100
0x4005, // 131 = 1000 0011 -> 0100 0000 0000 0101
0x4010, // 132 = 1000 0100 -> 0100 0000 0001 0000
0x4011, // 133 = 1000 0101 -> 0100 0000 0001 0001
0x4014, // 134 = 1000 0110 -> 0100 0000 0001 0100
0x4015, // 135 = 1000 0111 -> 0100 0000 0001 0101
0x4040, // 136 = 1000 1000 -> 0100 0000 0100 0000
0x4041, // 137 = 1000 1001 -> 0100 0000 0100 0001
0x4044, // 138 = 1000 1010 -> 0100 0000 0100 0100
0x4045, // 139 = 1000 1011 -> 0100 0000 0100 0101
0x4050, // 140 = 1000 1100 -> 0100 0000 0101 0000
0x4051, // 141 = 1000 1101 -> 0100 0000 0101 0001
0x4054, // 142 = 1000 1110 -> 0100 0000 0101 0100
0x4055, // 143 = 1000 1111 -> 0100 0000 0101 0101
0x4100, // 144 = 1001 0000 -> 0100 0001 0000 0000
0x4101, // 145 = 1001 0001 -> 0100 0001 0000 0001
0x4104, // 146 = 1001 0010 -> 0100 0001 0000 0100
0x4105, // 147 = 1001 0011 -> 0100 0001 0000 0101
0x4110, // 148 = 1001 0100 -> 0100 0001 0001 0000
0x4111, // 149 = 1001 0101 -> 0100 0001 0001 0001
0x4114, // 150 = 1001 0110 -> 0100 0001 0001 0100
0x4115, // 151 = 1001 0111 -> 0100 0001 0001 0101
0x4140, // 152 = 1001 1000 -> 0100 0001 0100 0000
0x4141, // 153 = 1001 1001 -> 0100 0001 0100 0001
0x4144, // 154 = 1001 1010 -> 0100 0001 0100 0100
0x4145, // 155 = 1001 1011 -> 0100 0001 0100 0101
0x4150, // 156 = 1001 1100 -> 0100 0001 0101 0000
0x4151, // 157 = 1001 1101 -> 0100 0001 0101 0001
0x4154, // 158 = 1001 1110 -> 0100 0001 0101 0100
0x4155, // 159 = 1001 1111 -> 0100 0001 0101 0101
0x4400, // 160 = 1010 0000 -> 0100 0100 0000 0000
0x4401, // 161 = 1010 0001 -> 0100 0100 0000 0001
0x4404, // 162 = 1010 0010 -> 0100 0100 0000 0100
0x4405, // 163 = 1010 0011 -> 0100 0100 0000 0101
0x4410, // 164 = 1010 0100 -> 0100 0100 0001 0000
0x4411, // 165 = 1010 0101 -> 0100 0100 0001 0001
0x4414, // 166 = 1010 0110 -> 0100 0100 0001 0100
0x4415, // 167 = 1010 0111 -> 0100 0100 0001 0101
0x4440, // 168 = 1010 1000 -> 0100 0100 0100 0000
0x4441, // 169 = 1010 1001 -> 0100 0100 0100 0001
0x4444, // 170 = 1010 1010 -> 0100 0100 0100 0100
0x4445, // 171 = 1010 1011 -> 0100 0100 0100 0101
0x4450, // 172 = 1010 1100 -> 0100 0100 0101 0000
0x4451, // 173 = 1010 1101 -> 0100 0100 0101 0001
0x4454, // 174 = 1010 1110 -> 0100 0100 0101 0100
0x4455, // 175 = 1010 1111 -> 0100 0100 0101 0101
0x4500, // 176 = 1011 0000 -> 0100 0101 0000 0000
0x4501, // 177 = 1011 0001 -> 0100 0101 0000 0001
0x4504, // 178 = 1011 0010 -> 0100 0101 0000 0100
0x4505, // 179 = 1011 0011 -> 0100 0101 0000 0101
0x4510, // 180 = 1011 0100 -> 0100 0101 0001 0000
0x4511, // 181 = 1011 0101 -> 0100 0101 0001 0001
0x4514, // 182 = 1011 0110 -> 0100 0101 0001 0100
0x4515, // 183 = 1011 0111 -> 0100 0101 0001 0101
0x4540, // 184 = 1011 1000 -> 0100 0101 0100 0000
0x4541, // 185 = 1011 1001 -> 0100 0101 0100 0001
0x4544, // 186 = 1011 1010 -> 0100 0101 0100 0100
0x4545, // 187 = 1011 1011 -> 0100 0101 0100 0101
0x4550, // 188 = 1011 1100 -> 0100 0101 0101 0000
0x4551, // 189 = 1011 1101 -> 0100 0101 0101 0001
0x4554, // 190 = 1011 1110 -> 0100 0101 0101 0100
0x4555, // 191 = 1011 1111 -> 0100 0101 0101 0101
0x5000, // 192 = 1100 0000 -> 0101 0000 0000 0000
0x5001, // 193 = 1100 0001 -> 0101 0000 0000 0001
0x5004, // 194 = 1100 0010 -> 0101 0000 0000 0100
0x5005, // 195 = 1100 0011 -> 0101 0000 0000 0101
0x5010, // 196 = 1100 0100 -> 0101 0000 0001 0000
0x5011, // 197 = 1100 0101 -> 0101 0000 0001 0001
0x5014, // 198 = 1100 0110 -> 0101 0000 0001 0100
0x5015, // 199 = 1100 0111 -> 0101 0000 0001 0101
0x5040, // 200 = 1100 1000 -> 0101 0000 0100 0000
0x5041, // 201 = 1100 1001 -> 0101 0000 0100 0001
0x5044, // 202 = 1100 1010 -> 0101 0000 0100 0100
0x5045, // 203 = 1100 1011 -> 0101 0000 0100 0101
0x5050, // 204 = 1100 1100 -> 0101 0000 0101 0000
0x5051, // 205 = 1100 1101 -> 0101 0000 0101 0001
0x5054, // 206 = 1100 1110 -> 0101 0000 0101 0100
0x5055, // 207 = 1100 1111 -> 0101 0000 0101 0101
0x5100, // 208 = 1101 0000 -> 0101 0001 0000 0000
0x5101, // 209 = 1101 0001 -> 0101 0001 0000 0001
0x5104, // 210 = 1101 0010 -> 0101 0001 0000 0100
0x5105, // 211 = 1101 0011 -> 0101 0001 0000 0101
0x5110, // 212 = 1101 0100 -> 0101 0001 0001 0000
0x5111, // 213 = 1101 0101 -> 0101 0001 0001 0001
0x5114, // 214 = 1101 0110 -> 0101 0001 0001 0100
0x5115, // 215 = 1101 0111 -> 0101 0001 0001 0101
0x5140, // 216 = 1101 1000 -> 0101 0001 0100 0000
0x5141, // 217 = 1101 1001 -> 0101 0001 0100 0001
0x5144, // 218 = 1101 1010 -> 0101 0001 0100 0100
0x5145, // 219 = 1101 1011 -> 0101 0001 0100 0101
0x5150, // 220 = 1101 1100 -> 0101 0001 0101 0000
0x5151, // 221 = 1101 1101 -> 0101 0001 0101 0001
0x5154, // 222 = 1101 1110 -> 0101 0001 0101 0100
0x5155, // 223 = 1101 1111 -> 0101 0001 0101 0101
0x5400, // 224 = 1110 0000 -> 0101 0100 0000 0000
0x5401, // 225 = 1110 0001 -> 0101 0100 0000 0001
0x5404, // 226 = 1110 0010 -> 0101 0100 0000 0100
0x5405, // 227 = 1110 0011 -> 0101 0100 0000 0101
0x5410, // 228 = 1110 0100 -> 0101 0100 0001 0000
0x5411, // 229 = 1110 0101 -> 0101 0100 0001 0001
0x5414, // 230 = 1110 0110 -> 0101 0100 0001 0100
0x5415, // 231 = 1110 0111 -> 0101 0100 0001 0101
0x5440, // 232 = 1110 1000 -> 0101 0100 0100 0000
0x5441, // 233 = 1110 1001 -> 0101 0100 0100 0001
0x5444, // 234 = 1110 1010 -> 0101 0100 0100 0100
0x5445, // 235 = 1110 1011 -> 0101 0100 0100 0101
0x5450, // 236 = 1110 1100 -> 0101 0100 0101 0000
0x5451, // 237 = 1110 1101 -> 0101 0100 0101 0001
0x5454, // 238 = 1110 1110 -> 0101 0100 0101 0100
0x5455, // 239 = 1110 1111 -> 0101 0100 0101 0101
0x5500, // 240 = 1111 0000 -> 0101 0101 0000 0000
0x5501, // 241 = 1111 0001 -> 0101 0101 0000 0001
0x5504, // 242 = 1111 0010 -> 0101 0101 0000 0100
0x5505, // 243 = 1111 0011 -> 0101 0101 0000 0101
0x5510, // 244 = 1111 0100 -> 0101 0101 0001 0000
0x5511, // 245 = 1111 0101 -> 0101 0101 0001 0001
0x5514, // 246 = 1111 0110 -> 0101 0101 0001 0100
0x5515, // 247 = 1111 0111 -> 0101 0101 0001 0101
0x5540, // 248 = 1111 1000 -> 0101 0101 0100 0000
0x5541, // 249 = 1111 1001 -> 0101 0101 0100 0001
0x5544, // 250 = 1111 1010 -> 0101 0101 0100 0100
0x5545, // 251 = 1111 1011 -> 0101 0101 0100 0101
0x5550, // 252 = 1111 1100 -> 0101 0101 0101 0000
0x5551, // 253 = 1111 1101 -> 0101 0101 0101 0001
0x5554, // 254 = 1111 1110 -> 0101 0101 0101 0100
0x5555 // 255 = 1111 1111 -> 0101 0101 0101 0101
]

62
frontend/gamma/js/ClipperzCryptoLibrary/ECC/BinaryField/Point.js Normal file
View File

@@ -0,0 +1,62 @@
/*
Copyright 2008-2013 Clipperz Srl
This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
* Clipperz is free software: you can redistribute it and/or modify it
under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
* Clipperz is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
//}
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
Clipperz.Crypto.ECC.BinaryField.Point = function(args) {
args = args || {};
this._x = args.x;
this._y = args.y;
return this;
}
Clipperz.Crypto.ECC.BinaryField.Point.prototype = MochiKit.Base.update(null, {
'asString': function() {
return "Clipperz.Crypto.ECC.BinaryField.Point (" + this.x() + ", " + this.y() + ")";
},
//-----------------------------------------------------------------------------
'x': function() {
return this._x;
},
'y': function() {
return this._y;
},
//-----------------------------------------------------------------------------
'isZero': function() {
return (this.x().isZero() && this.y().isZero())
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});

381
frontend/gamma/js/ClipperzCryptoLibrary/ECC/BinaryField/Value.js Normal file
View File

@@ -0,0 +1,381 @@
/*
Copyright 2008-2013 Clipperz Srl
This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
* Clipperz is free software: you can redistribute it and/or modify it
under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
* Clipperz is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
//}
if (typeof(Clipperz) == 'undefined') { Clipperz = {}; }
if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; }
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
Clipperz.Crypto.ECC.BinaryField.Value = function(aValue, aBase, aBitSize) {
if (aValue.constructor == String) {
var value;
var stringLength;
var numberOfWords;
var i,c;
if (aBase != 16) {
throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase;
}
value = aValue.replace(/ /g, '');
stringLength = value.length;
numberOfWords = Math.ceil(stringLength / 8);
this._value = new Array(numberOfWords);
c = numberOfWords;
for (i=0; i<c; i++) {
var word;
if (i < (c-1)) {
word = parseInt(value.substr(stringLength-((i+1)*8), 8), 16);
} else {
word = parseInt(value.substr(0, stringLength-(i*8)), 16);
}
this._value[i] = word;
}
} else if (aValue.constructor == Array) {
var itemsToCopy;
itemsToCopy = aValue.length;
while (aValue[itemsToCopy - 1] == 0) {
itemsToCopy --;
}
this._value = aValue.slice(0, itemsToCopy);
} else if (aValue.constructor == Number) {
this._value = [aValue];
} else {
// throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType;
}
this._bitSize == aBitSize || null;
return this;
}
Clipperz.Crypto.ECC.BinaryField.Value.prototype = MochiKit.Base.update(null, {
'value': function() {
return this._value;
},
//-----------------------------------------------------------------------------
'wordSize': function() {
return this._value.length
},
//-----------------------------------------------------------------------------
'clone': function() {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._value.slice(0), null, this._bitSize);
},
//-----------------------------------------------------------------------------
'isZero': function() {
return (this.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) == 0);
},
//-----------------------------------------------------------------------------
'asString': function(aBase) {
var result;
var i,c;
if (aBase != 16) {
throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase;
}
result = "";
c = this.wordSize();
for (i=0; i<c; i++) {
var wordAsString;
// wordAsString = ("00000000" + this.value()[i].toString(16));
wordAsString = ("00000000" + this._value[i].toString(16));
wordAsString = wordAsString.substring(wordAsString.length - 8);
result = wordAsString + result;
}
result = result.replace(/^(00)*/, "");
if (result == "") {
result = "0";
}
return result;
},
//-----------------------------------------------------------------------------
'shiftLeft': function(aNumberOfBitsToShift) {
// this method seems like it is never called. :-(
return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this._value, aNumberOfBitsToShift));
},
//-----------------------------------------------------------------------------
'bitSize': function() {
if (this._bitSize == null) {
this._bitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(this._value);
}
return this._bitSize;
},
//-----------------------------------------------------------------------------
'isBitSet': function(aBitPosition) {
return Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(this._value, aBitPosition);
},
//-----------------------------------------------------------------------------
'xor': function(aValue) {
return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._xor(this._value, aValue._value));
},
//-----------------------------------------------------------------------------
'compare': function(aValue) {
return Clipperz.Crypto.ECC.BinaryField.Value._compare(this._value, aValue._value);
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
Clipperz.Crypto.ECC.BinaryField.Value.O = new Clipperz.Crypto.ECC.BinaryField.Value('0', 16);
Clipperz.Crypto.ECC.BinaryField.Value.I = new Clipperz.Crypto.ECC.BinaryField.Value('1', 16);
Clipperz.Crypto.ECC.BinaryField.Value._xor = function(a, b, aFirstItemOffset) {
var result;
var resultSize;
var i,c;
var firstItemOffset;
firstItemOffset = aFirstItemOffset || 0;
resultSize = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset;
result = new Array(resultSize);
c = firstItemOffset;
for (i=0; i<c; i++) {
result[i] = a[i];
}
c = resultSize;
for (i=firstItemOffset; i<c; i++) {
result[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0);
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor = function(a, b, aFirstItemOffset) {
var i,c;
var firstItemOffset;
firstItemOffset = aFirstItemOffset || 0;
c = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset;
for (i=firstItemOffset; i<c; i++) {
a[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0);
}
};
Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft = function(aWordArray, aNumberOfBitsToShift) {
var numberOfWordsToShift;
var numberOfBitsToShift;
var result;
var overflowValue;
var nextOverflowValue;
var i,c;
numberOfWordsToShift = Math.floor(aNumberOfBitsToShift / 32);
numberOfBitsToShift = aNumberOfBitsToShift % 32;
result = new Array(aWordArray.length + numberOfWordsToShift);
c = numberOfWordsToShift;
for (i=0; i<c; i++) {
result[i] = 0;
}
overflowValue = 0;
nextOverflowValue = 0;
c = aWordArray.length;
for (i=0; i<c; i++) {
var value;
var resultWord;
// value = this.value()[i];
value = aWordArray[i];
if (numberOfBitsToShift > 0) {
nextOverflowValue = (value >>> (32 - numberOfBitsToShift));
value = value & (0xffffffff >>> numberOfBitsToShift);
resultWord = (((value << numberOfBitsToShift) | overflowValue) >>> 0);
} else {
resultWord = value;
}
result[i+numberOfWordsToShift] = resultWord;
overflowValue = nextOverflowValue;
}
if (overflowValue != 0) {
result[aWordArray.length + numberOfWordsToShift] = overflowValue;
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft = function(aWordArray, aNumberOfBitsToShift) {
var numberOfWordsToShift;
var numberOfBitsToShift;
var result;
var overflowValue;
var i,c;
numberOfWordsToShift = Math.floor(aNumberOfBitsToShift / 32);
numberOfBitsToShift = aNumberOfBitsToShift % 32;
result = new Array(aWordArray.length + numberOfWordsToShift);
c = numberOfWordsToShift;
for (i=0; i<c; i++) {
result[i] = 0;
}
overflowValue = 0;
nextOverflowValue = 0;
c = aWordArray.length;
for (i=0; i<c; i++) {
var value;
var resultWord;
// value = this.value()[i];
value = aWordArray[i];
if (numberOfBitsToShift > 0) {
var nextOverflowValue;
nextOverflowValue = (value >>> (32 - numberOfBitsToShift));
value = value & (0xffffffff >>> numberOfBitsToShift);
resultWord = (((value << numberOfBitsToShift) | overflowValue) >>> 0);
} else {
resultWord = value;
}
result[i+numberOfWordsToShift] = resultWord;
overflowValue = nextOverflowValue;
}
if (overflowValue != 0) {
result[aWordArray.length + numberOfWordsToShift] = overflowValue;
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value._bitSize = function(aWordArray) {
var result;
var notNullElements;
var mostValuableWord;
var matchingBitsInMostImportantWord;
var mask;
var i,c;
notNullElements = aWordArray.length;
if ((aWordArray.length == 1) && (aWordArray[0] == 0)) {
result = 0;
} else {
notNullElements --;
while((notNullElements > 0) && (aWordArray[notNullElements] == 0)) {
notNullElements --;
}
result = notNullElements * 32;
mostValuableWord = aWordArray[notNullElements];
matchingBits = 32;
mask = 0x80000000;
while ((matchingBits > 0) && ((mostValuableWord & mask) == 0)) {
matchingBits --;
mask >>>= 1;
}
result += matchingBits;
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value._isBitSet = function(aWordArray, aBitPosition) {
var result;
var byteIndex;
var bitIndexInSelectedByte;
byteIndex = Math.floor(aBitPosition / 32);
bitIndexInSelectedByte = aBitPosition % 32;
if (byteIndex <= aWordArray.length) {
result = ((aWordArray[byteIndex] & (1 << bitIndexInSelectedByte)) != 0);
} else {
result = false;
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value._compare = function(a,b) {
var result;
var i,c;
result = MochiKit.Base.compare(a.length, b.length);
c = a.length;
for (i=0; (i<c) && (result==0); i++) {
//console.log("compare[" + c + " - " + i + " - 1] " + this.value()[c-i-1] + ", " + aValue.value()[c-i-1]);
// result = MochiKit.Base.compare(this.value()[c-i-1], aValue.value()[c-i-1]);
result = MochiKit.Base.compare(a[c-i-1], b[c-i-1]);
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value['exception']= {
'UnsupportedBase': new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase"),
'UnsupportedConstructorValueType': new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType")
};

234
frontend/gamma/js/ClipperzCryptoLibrary/ECC/StandardCurves.js Normal file
View File

@@ -0,0 +1,234 @@
/*
Copyright 2008-2013 Clipperz Srl
This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.
* Clipperz is free software: you can redistribute it and/or modify it
under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
* Clipperz is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
License along with Clipperz. If not, see http://www.gnu.org/licenses/.
*/
//try { if (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.BinaryField.Curve!";
//}
//try { if (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.Koblitz.Curve!";
//}
Clipperz.Crypto.ECC.StandardCurves = {};
MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, {
//==============================================================================
'_K571': null,
'K571': function() { // f(z) = z^571 + z^10 + z^5 + z^2 + 1
if ((Clipperz.Crypto.ECC.StandardCurves._K571 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) {
Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.Koblitz.Curve({
modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16),
a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16),
b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16),
G: new Clipperz.Crypto.ECC.Koblitz.Point({
x: new Clipperz.Crypto.ECC.Koblitz.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16),
y: new Clipperz.Crypto.ECC.Koblitz.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16)
}),
r: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16),
h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16),
primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16)
});
}
return Clipperz.Crypto.ECC.StandardCurves._K571;
},
//-----------------------------------------------------------------------------
'_K283': null,
'K283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
if ((Clipperz.Crypto.ECC.StandardCurves._K283 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) {
Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.Koblitz.Curve({
modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16),
b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16),
G: new Clipperz.Crypto.ECC.Koblitz.Point({
x: new Clipperz.Crypto.ECC.Koblitz.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16),
y: new Clipperz.Crypto.ECC.Koblitz.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16)
}),
r: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16),
h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16),
primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16)
});
}
return Clipperz.Crypto.ECC.StandardCurves._K283;
},
//==============================================================================
'_B571': null,
'B571': function() { // f(z) = z^571 + z^10 + z^5 + z^2 + 1
if ((Clipperz.Crypto.ECC.StandardCurves._B571 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) {
Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e 2221f295 de297117 b7f3d62f 5c6a97ff cb8ceff1 cd6ba8ce 4a9a18ad 84ffabbd 8efa5933 2be7ad67 56a66e29 4afd185a 78ff12aa 520e4de7 39baca0c 7ffeff7f 2955727a', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
// S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
// n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16)
});
//-----------------------------------------------------------------------------
//
// Guide to Elliptic Curve Cryptography
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
// - Pag: 56, Alorithm 2.45 (with a typo!!!)
//
//-----------------------------------------------------------------------------
//
// http://www.milw0rm.com/papers/136
//
// -------------------------------------------------------------------------
// Polynomial Reduction Algorithm Modulo f571
// -------------------------------------------------------------------------
//
// Input: Polynomial p(x) of degree 1140 or less, stored as
// an array of 2T machinewords.
// Output: p(x) mod f571(x)
//
// FOR i = T-1, ..., 0 DO
// SET X := P[i+T]
// P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15)
// P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27)
//
// SET X := P[T-1] >> 27
// P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10)
// P[T-1] := P[T-1] & 0x07ffffff
//
// RETURN P[T-1],...,P[0]
//
// -------------------------------------------------------------------------
//
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module;
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) {
var result;
if (aValue.bitSize() > 1140) {
MochiKit.Logging.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation");
result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue);
} else {
var C, T;
var i;
//console.log(">>> binaryField.finiteField.(improved)module");
// C = aValue.value().slice(0);
C = aValue._value.slice(0);
for (i=35; i>=18; i--) {
T = C[i];
C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0);
C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0);
}
T = (C[17] >>> 27);
C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0);
C[17] = (C[17] & 0x07ffffff);
for(i=18; i<=35; i++) {
C[i] = 0;
}
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
//console.log("<<< binaryField.finiteField.(improved)module");
}
return result;
};
}
return Clipperz.Crypto.ECC.StandardCurves._B571;
},
//-----------------------------------------------------------------------------
'_B283': null,
'B283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
if ((Clipperz.Crypto.ECC.StandardCurves._B283 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) {
Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
});
//-----------------------------------------------------------------------------
//
// Guide to Elliptic Curve Cryptography
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
// - Pag: 56, Alorithm 2.43
//
//-----------------------------------------------------------------------------
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module;
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) {
var result;
if (aValue.bitSize() > 564) {
MochiKit.Logging.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation");
result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue);
} else {
var C, T;
var i;
//console.log(">>> binaryField.finiteField.(improved)module");
C = aValue._value.slice(0);
for (i=17; i>=9; i--) {
T = C[i];
C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0);
C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0);
}
T = (C[8] >>> 27);
C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0);
C[8] = (C[8] & 0x07ffffff);
for(i=9; i<=17; i++) {
C[i] = 0;
}
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
//console.log("<<< binaryField.finiteField.(improved)module");
}
return result;
};
}
return Clipperz.Crypto.ECC.StandardCurves._B283;
},
//==============================================================================
__syntaxFix__: "syntax fix"
});