mirror of
http://git.whoc.org.uk/git/password-manager.git
synced 2024-11-14 08:29:01 +01:00
Aborted attempt to factor out the Crypto library on its own module
This commit is contained in:
parent
0608e045f6
commit
1906ddfb5d
@ -1,864 +0,0 @@
|
||||
/*
|
||||
|
||||
Copyright 2008-2013 Clipperz Srl
|
||||
|
||||
This file is part of Clipperz, the online password manager.
|
||||
For further information about its features and functionalities please
|
||||
refer to http://www.clipperz.com.
|
||||
|
||||
* Clipperz is free software: you can redistribute it and/or modify it
|
||||
under the terms of the GNU Affero General Public License as published
|
||||
by the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
* Clipperz is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
See the GNU Affero General Public License for more details.
|
||||
|
||||
* You should have received a copy of the GNU Affero General Public
|
||||
License along with Clipperz. If not, see http://www.gnu.org/licenses/.
|
||||
|
||||
*/
|
||||
|
||||
try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
|
||||
throw "Clipperz.Crypto.AES depends on Clipperz.ByteArray!";
|
||||
}
|
||||
|
||||
// Dependency commented to avoid a circular reference
|
||||
//try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) {
|
||||
// throw "Clipperz.Crypto.AES depends on Clipperz.Crypto.PRNG!";
|
||||
//}
|
||||
|
||||
if (typeof(Clipperz.Crypto.AES) == 'undefined') { Clipperz.Crypto.AES = {}; }
|
||||
|
||||
//#############################################################################
|
||||
|
||||
Clipperz.Crypto.AES.DeferredExecutionContext = function(args) {
|
||||
args = args || {};
|
||||
|
||||
this._key = args.key;
|
||||
this._message = args.message;
|
||||
this._result = args.message.clone();
|
||||
this._nonce = args.nonce;
|
||||
this._messageLength = this._message.length();
|
||||
|
||||
this._messageArray = this._message.arrayValues();
|
||||
this._resultArray = this._result.arrayValues();
|
||||
this._nonceArray = this._nonce.arrayValues();
|
||||
|
||||
this._executionStep = 0;
|
||||
|
||||
// this._elaborationChunkSize = 1024; // 4096; // 16384; // 4096;
|
||||
this._elaborationChunks = 10;
|
||||
this._pauseTime = 0.02; // 0.02 // 0.2;
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
Clipperz.Crypto.AES.DeferredExecutionContext.prototype = MochiKit.Base.update(null, {
|
||||
|
||||
'key': function() {
|
||||
return this._key;
|
||||
},
|
||||
|
||||
'message': function() {
|
||||
return this._message;
|
||||
},
|
||||
|
||||
'messageLength': function() {
|
||||
return this._messageLength;
|
||||
},
|
||||
|
||||
'result': function() {
|
||||
return new Clipperz.ByteArray(this.resultArray());
|
||||
},
|
||||
|
||||
'nonce': function() {
|
||||
return this._nonce;
|
||||
},
|
||||
|
||||
'messageArray': function() {
|
||||
return this._messageArray;
|
||||
},
|
||||
|
||||
'resultArray': function() {
|
||||
return this._resultArray;
|
||||
},
|
||||
|
||||
'nonceArray': function() {
|
||||
return this._nonceArray;
|
||||
},
|
||||
|
||||
'elaborationChunkSize': function() {
|
||||
// return Clipperz.Crypto.AES.DeferredExecution.chunkSize;
|
||||
// return this._elaborationChunkSize;
|
||||
return (this._elaborationChunks * 1024);
|
||||
},
|
||||
|
||||
'executionStep': function() {
|
||||
return this._executionStep;
|
||||
},
|
||||
|
||||
'setExecutionStep': function(aValue) {
|
||||
this._executionStep = aValue;
|
||||
},
|
||||
|
||||
'tuneExecutionParameters': function (anElapsedTime) {
|
||||
//var originalChunks = this._elaborationChunks;
|
||||
if (anElapsedTime > 0) {
|
||||
this._elaborationChunks = Math.round(this._elaborationChunks * ((anElapsedTime + 1000)/(anElapsedTime * 2)));
|
||||
}
|
||||
//Clipperz.log("tuneExecutionParameters - elapsedTime: " + anElapsedTime + /*originalChunks,*/ " chunks # " + this._elaborationChunks + " [" + this._executionStep + " / " + this._messageLength + "]");
|
||||
},
|
||||
|
||||
'pause': function(aValue) {
|
||||
// return MochiKit.Async.wait(Clipperz.Crypto.AES.DeferredExecution.pauseTime, aValue);
|
||||
return MochiKit.Async.wait(this._pauseTime, aValue);
|
||||
},
|
||||
|
||||
'isDone': function () {
|
||||
//console.log("isDone", this.executionStep(), this.messageLength());
|
||||
return (this._executionStep >= this._messageLength);
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
|
||||
});
|
||||
|
||||
//#############################################################################
|
||||
|
||||
Clipperz.Crypto.AES.Key = function(args) {
|
||||
args = args || {};
|
||||
|
||||
this._key = args.key;
|
||||
this._keySize = args.keySize || this.key().length();
|
||||
|
||||
if (this.keySize() == 128/8) {
|
||||
this._b = 176;
|
||||
this._numberOfRounds = 10;
|
||||
} else if (this.keySize() == 256/8) {
|
||||
this._b = 240;
|
||||
this._numberOfRounds = 14;
|
||||
} else {
|
||||
MochiKit.Logging.logError("AES unsupported key size: " + (this.keySize() * 8) + " bits");
|
||||
throw Clipperz.Crypto.AES.exception.UnsupportedKeySize;
|
||||
}
|
||||
|
||||
this._stretchedKey = null;
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
Clipperz.Crypto.AES.Key.prototype = MochiKit.Base.update(null, {
|
||||
|
||||
'asString': function() {
|
||||
return "Clipperz.Crypto.AES.Key (" + this.key().toHexString() + ")";
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'key': function() {
|
||||
return this._key;
|
||||
},
|
||||
|
||||
'keySize': function() {
|
||||
return this._keySize;
|
||||
},
|
||||
|
||||
'b': function() {
|
||||
return this._b;
|
||||
},
|
||||
|
||||
'numberOfRounds': function() {
|
||||
return this._numberOfRounds;
|
||||
},
|
||||
//=========================================================================
|
||||
|
||||
'keyScheduleCore': function(aWord, aRoundConstantsIndex) {
|
||||
var result;
|
||||
var sbox;
|
||||
|
||||
sbox = Clipperz.Crypto.AES.sbox();
|
||||
|
||||
result = [ sbox[aWord[1]] ^ Clipperz.Crypto.AES.roundConstants()[aRoundConstantsIndex],
|
||||
sbox[aWord[2]],
|
||||
sbox[aWord[3]],
|
||||
sbox[aWord[0]] ];
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'xorWithPreviousStretchValues': function(aKey, aWord, aPreviousWordIndex) {
|
||||
var result;
|
||||
var i,c;
|
||||
|
||||
result = [];
|
||||
c = 4;
|
||||
for (i=0; i<c; i++) {
|
||||
result[i] = aWord[i] ^ aKey.byteAtIndex(aPreviousWordIndex + i);
|
||||
}
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'sboxShakeup': function(aWord) {
|
||||
var result;
|
||||
var sbox;
|
||||
var i,c;
|
||||
|
||||
result = [];
|
||||
sbox = Clipperz.Crypto.AES.sbox();
|
||||
c =4;
|
||||
for (i=0; i<c; i++) {
|
||||
result[i] = sbox[aWord[i]];
|
||||
}
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'stretchKey': function(aKey) {
|
||||
var currentWord;
|
||||
var keyLength;
|
||||
var previousStretchIndex;
|
||||
var i,c;
|
||||
|
||||
keyLength = aKey.length();
|
||||
previousStretchIndex = keyLength - this.keySize();
|
||||
|
||||
currentWord = [ aKey.byteAtIndex(keyLength - 4),
|
||||
aKey.byteAtIndex(keyLength - 3),
|
||||
aKey.byteAtIndex(keyLength - 2),
|
||||
aKey.byteAtIndex(keyLength - 1) ];
|
||||
currentWord = this.keyScheduleCore(currentWord, keyLength / this.keySize());
|
||||
|
||||
if (this.keySize() == 256/8) {
|
||||
c = 8;
|
||||
} else if (this.keySize() == 128/8){
|
||||
c = 4;
|
||||
}
|
||||
|
||||
for (i=0; i<c; i++) {
|
||||
if (i == 4) {
|
||||
// fifth streatch word
|
||||
currentWord = this.sboxShakeup(currentWord);
|
||||
}
|
||||
|
||||
currentWord = this.xorWithPreviousStretchValues(aKey, currentWord, previousStretchIndex + (i*4));
|
||||
aKey.appendBytes(currentWord);
|
||||
}
|
||||
|
||||
return aKey;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'stretchedKey': function() {
|
||||
if (this._stretchedKey == null) {
|
||||
var stretchedKey;
|
||||
|
||||
stretchedKey = this.key().clone();
|
||||
|
||||
while (stretchedKey.length() < this.keySize()) {
|
||||
stretchedKey.appendByte(0);
|
||||
}
|
||||
|
||||
while (stretchedKey.length() < this.b()) {
|
||||
stretchedKey = this.stretchKey(stretchedKey);
|
||||
}
|
||||
|
||||
this._stretchedKey = stretchedKey.split(0, this.b());
|
||||
}
|
||||
|
||||
return this._stretchedKey;
|
||||
},
|
||||
|
||||
//=========================================================================
|
||||
__syntaxFix__: "syntax fix"
|
||||
});
|
||||
|
||||
//#############################################################################
|
||||
|
||||
Clipperz.Crypto.AES.State = function(args) {
|
||||
args = args || {};
|
||||
|
||||
this._data = args.block;
|
||||
this._key = args.key;
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
Clipperz.Crypto.AES.State.prototype = MochiKit.Base.update(null, {
|
||||
|
||||
'key': function() {
|
||||
return this._key;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'data': function() {
|
||||
return this._data;
|
||||
},
|
||||
|
||||
'setData': function(aValue) {
|
||||
this._data = aValue;
|
||||
},
|
||||
|
||||
//=========================================================================
|
||||
|
||||
'addRoundKey': function(aRoundNumber) {
|
||||
// each byte of the state is combined with the round key; each round key is derived from the cipher key using a key schedule.
|
||||
var data;
|
||||
var stretchedKey;
|
||||
var firstStretchedKeyIndex;
|
||||
var i,c;
|
||||
|
||||
data = this.data();
|
||||
stretchedKey = this.key().stretchedKey();
|
||||
firstStretchedKeyIndex = aRoundNumber * (128/8);
|
||||
c = 128/8;
|
||||
for (i=0; i<c; i++) {
|
||||
data[i] = data[i] ^ stretchedKey.byteAtIndex(firstStretchedKeyIndex + i);
|
||||
}
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'subBytes': function() {
|
||||
// a non-linear substitution step where each byte is replaced with another according to a lookup table.
|
||||
var i,c;
|
||||
var data;
|
||||
var sbox;
|
||||
|
||||
data = this.data();
|
||||
sbox = Clipperz.Crypto.AES.sbox();
|
||||
|
||||
c = 16;
|
||||
for (i=0; i<c; i++) {
|
||||
data[i] = sbox[data[i]];
|
||||
}
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'shiftRows': function() {
|
||||
// a transposition step where each row of the state is shifted cyclically a certain number of steps.
|
||||
var newValue;
|
||||
var data;
|
||||
var shiftMapping;
|
||||
var i,c;
|
||||
|
||||
newValue = new Array(16);
|
||||
data = this.data();
|
||||
shiftMapping = Clipperz.Crypto.AES.shiftRowMapping();
|
||||
// [0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 1, 6, 11];
|
||||
c = 16;
|
||||
for (i=0; i<c; i++) {
|
||||
newValue[i] = data[shiftMapping[i]];
|
||||
}
|
||||
for (i=0; i<c; i++) {
|
||||
data[i] = newValue[i];
|
||||
}
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
/*
|
||||
'mixColumnsWithValues': function(someValues) {
|
||||
var result;
|
||||
var a;
|
||||
var i,c;
|
||||
|
||||
c = 4;
|
||||
result = [];
|
||||
a = [];
|
||||
for (i=0; i<c; i++) {
|
||||
a[i] = [];
|
||||
a[i][1] = someValues[i]
|
||||
if ((a[i][1] & 0x80) == 0x80) {
|
||||
a[i][2] = (a[i][1] << 1) ^ 0x11b;
|
||||
} else {
|
||||
a[i][2] = a[i][1] << 1;
|
||||
}
|
||||
|
||||
a[i][3] = a[i][2] ^ a[i][1];
|
||||
}
|
||||
|
||||
for (i=0; i<c; i++) {
|
||||
var x;
|
||||
|
||||
x = Clipperz.Crypto.AES.mixColumnsMatrix()[i];
|
||||
result[i] = a[0][x[0]] ^ a[1][x[1]] ^ a[2][x[2]] ^ a[3][x[3]];
|
||||
}
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
'mixColumns': function() {
|
||||
// a mixing operation which operates on the columns of the state, combining the four bytes in each column using a linear transformation.
|
||||
var data;
|
||||
var i, c;
|
||||
|
||||
data = this.data();
|
||||
c = 4;
|
||||
for(i=0; i<c; i++) {
|
||||
var blockIndex;
|
||||
var mixedValues;
|
||||
|
||||
blockIndex = i * 4;
|
||||
mixedValues = this.mixColumnsWithValues([ data[blockIndex + 0],
|
||||
data[blockIndex + 1],
|
||||
data[blockIndex + 2],
|
||||
data[blockIndex + 3]]);
|
||||
data[blockIndex + 0] = mixedValues[0];
|
||||
data[blockIndex + 1] = mixedValues[1];
|
||||
data[blockIndex + 2] = mixedValues[2];
|
||||
data[blockIndex + 3] = mixedValues[3];
|
||||
}
|
||||
},
|
||||
*/
|
||||
|
||||
'mixColumns': function() {
|
||||
// a mixing operation which operates on the columns of the state, combining the four bytes in each column using a linear transformation.
|
||||
var data;
|
||||
var i, c;
|
||||
var a_1;
|
||||
var a_2;
|
||||
|
||||
a_1 = new Array(4);
|
||||
a_2 = new Array(4);
|
||||
|
||||
data = this.data();
|
||||
c = 4;
|
||||
for(i=0; i<c; i++) {
|
||||
var blockIndex;
|
||||
var ii, cc;
|
||||
|
||||
blockIndex = i * 4;
|
||||
|
||||
cc = 4;
|
||||
for (ii=0; ii<cc; ii++) {
|
||||
var value;
|
||||
|
||||
value = data[blockIndex + ii];
|
||||
a_1[ii] = value;
|
||||
a_2[ii] = (value & 0x80) ? ((value << 1) ^ 0x011b) : (value << 1);
|
||||
}
|
||||
|
||||
data[blockIndex + 0] = a_2[0] ^ a_1[1] ^ a_2[1] ^ a_1[2] ^ a_1[3];
|
||||
data[blockIndex + 1] = a_1[0] ^ a_2[1] ^ a_1[2] ^ a_2[2] ^ a_1[3];
|
||||
data[blockIndex + 2] = a_1[0] ^ a_1[1] ^ a_2[2] ^ a_1[3] ^ a_2[3];
|
||||
data[blockIndex + 3] = a_1[0] ^ a_2[0] ^ a_1[1] ^ a_1[2] ^ a_2[3];
|
||||
}
|
||||
},
|
||||
|
||||
//=========================================================================
|
||||
|
||||
'spinRound': function(aRoundNumber) {
|
||||
this.addRoundKey(aRoundNumber);
|
||||
this.subBytes();
|
||||
this.shiftRows();
|
||||
this.mixColumns();
|
||||
},
|
||||
|
||||
'spinLastRound': function() {
|
||||
this.addRoundKey(this.key().numberOfRounds() - 1);
|
||||
this.subBytes();
|
||||
this.shiftRows();
|
||||
this.addRoundKey(this.key().numberOfRounds());
|
||||
},
|
||||
|
||||
//=========================================================================
|
||||
|
||||
'encrypt': function() {
|
||||
var i,c;
|
||||
|
||||
c = this.key().numberOfRounds() - 1;
|
||||
for (i=0; i<c; i++) {
|
||||
this.spinRound(i);
|
||||
}
|
||||
|
||||
this.spinLastRound();
|
||||
},
|
||||
|
||||
//=========================================================================
|
||||
__syntaxFix__: "syntax fix"
|
||||
});
|
||||
|
||||
//#############################################################################
|
||||
|
||||
Clipperz.Crypto.AES.VERSION = "0.1";
|
||||
Clipperz.Crypto.AES.NAME = "Clipperz.Crypto.AES";
|
||||
|
||||
MochiKit.Base.update(Clipperz.Crypto.AES, {
|
||||
|
||||
// http://www.cs.eku.edu/faculty/styer/460/Encrypt/JS-AES.html
|
||||
// http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
|
||||
// http://en.wikipedia.org/wiki/Rijndael_key_schedule
|
||||
// http://en.wikipedia.org/wiki/Rijndael_S-box
|
||||
|
||||
'__repr__': function () {
|
||||
return "[" + this.NAME + " " + this.VERSION + "]";
|
||||
},
|
||||
|
||||
'toString': function () {
|
||||
return this.__repr__();
|
||||
},
|
||||
|
||||
//=============================================================================
|
||||
|
||||
'_sbox': null,
|
||||
'sbox': function() {
|
||||
if (Clipperz.Crypto.AES._sbox == null) {
|
||||
Clipperz.Crypto.AES._sbox = [
|
||||
0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
|
||||
0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
|
||||
0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
|
||||
0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
|
||||
0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
|
||||
0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
|
||||
0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
|
||||
0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
|
||||
0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
|
||||
0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
|
||||
0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
|
||||
0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
|
||||
0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
|
||||
0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
|
||||
0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
|
||||
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
|
||||
];
|
||||
}
|
||||
|
||||
return Clipperz.Crypto.AES._sbox;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
//
|
||||
// 0 4 8 12 0 4 8 12
|
||||
// 1 5 9 13 => 5 9 13 1
|
||||
// 2 6 10 14 10 14 2 6
|
||||
// 3 7 11 15 15 3 7 11
|
||||
//
|
||||
'_shiftRowMapping': null,
|
||||
'shiftRowMapping': function() {
|
||||
if (Clipperz.Crypto.AES._shiftRowMapping == null) {
|
||||
Clipperz.Crypto.AES._shiftRowMapping = [0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 1, 6, 11];
|
||||
}
|
||||
|
||||
return Clipperz.Crypto.AES._shiftRowMapping;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'_mixColumnsMatrix': null,
|
||||
'mixColumnsMatrix': function() {
|
||||
if (Clipperz.Crypto.AES._mixColumnsMatrix == null) {
|
||||
Clipperz.Crypto.AES._mixColumnsMatrix = [ [2, 3, 1 ,1],
|
||||
[1, 2, 3, 1],
|
||||
[1, 1, 2, 3],
|
||||
[3, 1, 1, 2] ];
|
||||
}
|
||||
|
||||
return Clipperz.Crypto.AES._mixColumnsMatrix;
|
||||
},
|
||||
|
||||
'_roundConstants': null,
|
||||
'roundConstants': function() {
|
||||
if (Clipperz.Crypto.AES._roundConstants == null) {
|
||||
Clipperz.Crypto.AES._roundConstants = [ , 1, 2, 4, 8, 16, 32, 64, 128, 27, 54, 108, 216, 171, 77, 154];
|
||||
// Clipperz.Crypto.AES._roundConstants = [ , 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a];
|
||||
}
|
||||
|
||||
return Clipperz.Crypto.AES._roundConstants;
|
||||
},
|
||||
|
||||
//=============================================================================
|
||||
|
||||
'incrementNonce': function(aNonce) {
|
||||
//Clipperz.Profile.start("Clipperz.Crypto.AES.incrementNonce");
|
||||
var i;
|
||||
var done;
|
||||
|
||||
done = false;
|
||||
i = aNonce.length - 1;
|
||||
|
||||
while ((i>=0) && (done == false)) {
|
||||
var currentByteValue;
|
||||
|
||||
currentByteValue = aNonce[i];
|
||||
|
||||
if (currentByteValue == 0xff) {
|
||||
aNonce[i] = 0;
|
||||
if (i>= 0) {
|
||||
i --;
|
||||
} else {
|
||||
done = true;
|
||||
}
|
||||
} else {
|
||||
aNonce[i] = currentByteValue + 1;
|
||||
done = true;
|
||||
}
|
||||
}
|
||||
//Clipperz.Profile.stop("Clipperz.Crypto.AES.incrementNonce");
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'encryptBlock': function(aKey, aBlock) {
|
||||
var result;
|
||||
var state;
|
||||
|
||||
state = new Clipperz.Crypto.AES.State({block:aBlock, key:aKey});
|
||||
//is(state.data(), 'before');
|
||||
state.encrypt();
|
||||
result = state.data();
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'encryptBlocks': function(aKey, aMessage, aNonce) {
|
||||
var result;
|
||||
var nonce;
|
||||
var self;
|
||||
var messageIndex;
|
||||
var messageLength;
|
||||
var blockSize;
|
||||
|
||||
self = Clipperz.Crypto.AES;
|
||||
blockSize = 128/8;
|
||||
messageLength = aMessage.length;
|
||||
nonce = aNonce;
|
||||
|
||||
result = aMessage;
|
||||
messageIndex = 0;
|
||||
while (messageIndex < messageLength) {
|
||||
var encryptedBlock;
|
||||
var i,c;
|
||||
|
||||
self.incrementNonce(nonce);
|
||||
encryptedBlock = self.encryptBlock(aKey, nonce);
|
||||
|
||||
if ((messageLength - messageIndex) > blockSize) {
|
||||
c = blockSize;
|
||||
} else {
|
||||
c = messageLength - messageIndex;
|
||||
}
|
||||
|
||||
for (i=0; i<c; i++) {
|
||||
result[messageIndex + i] = result[messageIndex + i] ^ encryptedBlock[i];
|
||||
}
|
||||
|
||||
messageIndex += blockSize;
|
||||
}
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'encrypt': function(aKey, someData, aNonce) {
|
||||
var result;
|
||||
var nonce;
|
||||
var encryptedData;
|
||||
var key;
|
||||
|
||||
key = new Clipperz.Crypto.AES.Key({key:aKey});
|
||||
nonce = aNonce ? aNonce.clone() : Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(128/8);
|
||||
|
||||
encryptedData = Clipperz.Crypto.AES.encryptBlocks(key, someData.arrayValues(), nonce.arrayValues());
|
||||
|
||||
result = nonce.appendBytes(encryptedData);
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'decrypt': function(aKey, someData) {
|
||||
var result;
|
||||
var nonce;
|
||||
var encryptedData;
|
||||
var decryptedData;
|
||||
var dataIterator;
|
||||
var key;
|
||||
|
||||
key = new Clipperz.Crypto.AES.Key({key:aKey});
|
||||
|
||||
encryptedData = someData.arrayValues();
|
||||
nonce = encryptedData.slice(0, (128/8));
|
||||
encryptedData = encryptedData.slice(128/8);
|
||||
decryptedData = Clipperz.Crypto.AES.encryptBlocks(key, encryptedData, nonce);
|
||||
|
||||
result = new Clipperz.ByteArray(decryptedData);
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//=============================================================================
|
||||
|
||||
'deferredEncryptExecutionChunk': function(anExecutionContext) {
|
||||
var result;
|
||||
var nonce;
|
||||
var self;
|
||||
var messageIndex;
|
||||
var messageLength;
|
||||
var blockSize;
|
||||
var executionLimit;
|
||||
var startTime, endTime;
|
||||
|
||||
self = Clipperz.Crypto.AES;
|
||||
startTime = new Date();
|
||||
blockSize = 128/8;
|
||||
messageLength = anExecutionContext.messageArray().length;
|
||||
nonce = anExecutionContext.nonceArray();
|
||||
result = anExecutionContext.resultArray();
|
||||
|
||||
messageIndex = anExecutionContext.executionStep();
|
||||
executionLimit = messageIndex + anExecutionContext.elaborationChunkSize();
|
||||
executionLimit = Math.min(executionLimit, messageLength);
|
||||
|
||||
while (messageIndex < executionLimit) {
|
||||
var encryptedBlock;
|
||||
var i,c;
|
||||
|
||||
self.incrementNonce(nonce);
|
||||
encryptedBlock = self.encryptBlock(anExecutionContext.key(), nonce);
|
||||
|
||||
if ((executionLimit - messageIndex) > blockSize) {
|
||||
c = blockSize;
|
||||
} else {
|
||||
c = executionLimit - messageIndex;
|
||||
}
|
||||
|
||||
for (i=0; i<c; i++) {
|
||||
result[messageIndex + i] = result[messageIndex + i] ^ encryptedBlock[i];
|
||||
}
|
||||
|
||||
messageIndex += blockSize;
|
||||
}
|
||||
anExecutionContext.setExecutionStep(messageIndex);
|
||||
endTime = new Date();
|
||||
anExecutionContext.tuneExecutionParameters(endTime - startTime);
|
||||
|
||||
return anExecutionContext;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
/*
|
||||
'deferredEncryptBlocks': function(anExecutionContext) {
|
||||
var deferredResult;
|
||||
var messageSize;
|
||||
var i,c;
|
||||
|
||||
messageSize = anExecutionContext.messageLength();
|
||||
|
||||
deferredResult = new Clipperz.Async.Deferred("AES.deferredEncryptBloks");
|
||||
|
||||
c = Math.ceil(messageSize / anExecutionContext.elaborationChunkSize());
|
||||
for (i=0; i<c; i++) {
|
||||
deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptExecutionChunk);
|
||||
deferredResult.addMethod(anExecutionContext, 'pause');
|
||||
}
|
||||
|
||||
deferredResult.callback(anExecutionContext);
|
||||
|
||||
return deferredResult;
|
||||
},
|
||||
*/
|
||||
|
||||
'deferredEncryptBlocks': function(anExecutionContext) {
|
||||
var deferredResult;
|
||||
|
||||
if (! anExecutionContext.isDone()) {
|
||||
deferredResult = Clipperz.Async.callbacks("Clipperz.Crypto.AES.deferredEncryptBloks", [
|
||||
Clipperz.Crypto.AES.deferredEncryptExecutionChunk,
|
||||
MochiKit.Base.method(anExecutionContext, 'pause'),
|
||||
Clipperz.Crypto.AES.deferredEncryptBlocks
|
||||
], {trace:false}, anExecutionContext);
|
||||
} else {
|
||||
deferredResult = MochiKit.Async.succeed(anExecutionContext);
|
||||
}
|
||||
|
||||
return deferredResult;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'deferredEncrypt': function(aKey, someData, aNonce) {
|
||||
var deferredResult;
|
||||
var executionContext;
|
||||
var result;
|
||||
var nonce;
|
||||
var key;
|
||||
|
||||
key = new Clipperz.Crypto.AES.Key({key:aKey});
|
||||
nonce = aNonce ? aNonce.clone() : Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(128/8);
|
||||
|
||||
executionContext = new Clipperz.Crypto.AES.DeferredExecutionContext({key:key, message:someData, nonce:nonce});
|
||||
|
||||
deferredResult = new Clipperz.Async.Deferred("AES.deferredEncrypt");
|
||||
//deferredResult.addCallback(function (aValue) { console.log(">>> deferredEncrypt"); return aValue; });
|
||||
deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptBlocks);
|
||||
deferredResult.addCallback(function(anExecutionContext) {
|
||||
var result;
|
||||
|
||||
result = anExecutionContext.nonce().clone();
|
||||
result.appendBytes(anExecutionContext.resultArray());
|
||||
|
||||
return result;
|
||||
});
|
||||
//deferredResult.addCallback(function (aValue) { console.log("<<< deferredEncrypt"); return aValue; });
|
||||
deferredResult.callback(executionContext)
|
||||
|
||||
return deferredResult;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'deferredDecrypt': function(aKey, someData) {
|
||||
var deferredResult
|
||||
var nonce;
|
||||
var message;
|
||||
var key;
|
||||
|
||||
key = new Clipperz.Crypto.AES.Key({key:aKey});
|
||||
nonce = someData.split(0, (128/8));
|
||||
message = someData.split(128/8);
|
||||
executionContext = new Clipperz.Crypto.AES.DeferredExecutionContext({key:key, message:message, nonce:nonce});
|
||||
|
||||
deferredResult = new Clipperz.Async.Deferred("AES.deferredDecrypt");
|
||||
//deferredResult.addCallback(function (aValue) { console.log(">>> deferredDecrypt"); return aValue; });
|
||||
deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptBlocks);
|
||||
deferredResult.addCallback(function(anExecutionContext) {
|
||||
return anExecutionContext.result();
|
||||
});
|
||||
//deferredResult.addCallback(function (aValue) { console.log("<<< deferredDecrypt"); return aValue; });
|
||||
deferredResult.callback(executionContext);
|
||||
|
||||
return deferredResult;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
|
||||
});
|
||||
|
||||
//#############################################################################
|
||||
|
||||
//Clipperz.Crypto.AES.DeferredExecution = {
|
||||
// 'chunkSize': 16384, // 4096, // 1024 4096 8192 16384 32768;
|
||||
// 'pauseTime': 0.02 // 0.2
|
||||
//}
|
||||
|
||||
Clipperz.Crypto.AES.exception = {
|
||||
'UnsupportedKeySize': new MochiKit.Base.NamedError("Clipperz.Crypto.AES.exception.UnsupportedKeySize")
|
||||
};
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -1,545 +0,0 @@
|
||||
/*
|
||||
|
||||
Copyright 2008-2013 Clipperz Srl
|
||||
|
||||
This file is part of Clipperz, the online password manager.
|
||||
For further information about its features and functionalities please
|
||||
refer to http://www.clipperz.com.
|
||||
|
||||
* Clipperz is free software: you can redistribute it and/or modify it
|
||||
under the terms of the GNU Affero General Public License as published
|
||||
by the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
* Clipperz is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
See the GNU Affero General Public License for more details.
|
||||
|
||||
* You should have received a copy of the GNU Affero General Public
|
||||
License along with Clipperz. If not, see http://www.gnu.org/licenses/.
|
||||
|
||||
*/
|
||||
|
||||
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
|
||||
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
|
||||
//}
|
||||
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
|
||||
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.Curve = function(args) {
|
||||
args = args || {};
|
||||
|
||||
this._modulus = args.modulus;
|
||||
|
||||
this._a = args.a;
|
||||
this._b = args.b;
|
||||
this._G = args.G;
|
||||
this._r = args.r;
|
||||
this._h = args.h;
|
||||
|
||||
this._finiteField = null;
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.Curve.prototype = MochiKit.Base.update(null, {
|
||||
|
||||
'asString': function() {
|
||||
return "Clipperz.Crypto.ECC.BinaryField.Curve";
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'modulus': function() {
|
||||
return this._modulus;
|
||||
},
|
||||
|
||||
'a': function() {
|
||||
return this._a;
|
||||
},
|
||||
|
||||
'b': function() {
|
||||
return this._b;
|
||||
},
|
||||
|
||||
'G': function() {
|
||||
return this._G;
|
||||
},
|
||||
|
||||
'r': function() {
|
||||
return this._r;
|
||||
},
|
||||
|
||||
'h': function() {
|
||||
return this._h;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'finiteField': function() {
|
||||
if (this._finiteField == null) {
|
||||
this._finiteField = new Clipperz.Crypto.ECC.BinaryField.FiniteField({modulus:this.modulus()})
|
||||
}
|
||||
|
||||
return this._finiteField;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'negate': function(aPointA) {
|
||||
var result;
|
||||
|
||||
result = new Clipperz.Crypto.ECC.Point({x:aPointA.x(), y:this.finiteField().add(aPointA.y(), aPointA.x())})
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'add': function(aPointA, aPointB) {
|
||||
var result;
|
||||
|
||||
//console.log(">>> ECC.BinaryField.Curve.add");
|
||||
if (aPointA.isZero()) {
|
||||
//console.log("--- pointA == zero");
|
||||
result = aPointB;
|
||||
} else if (aPointB.isZero()) {
|
||||
//console.log("--- pointB == zero");
|
||||
result = aPointA;
|
||||
} else if ( (aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) {
|
||||
//console.log("compare A.x - B.x: ", aPointA.x().compare(aPointB.x()));
|
||||
//console.log("compare A.y - B.y: ", (aPointA.y().compare(aPointB.y()) != 0));
|
||||
//console.log("compare B.x.isZero(): ", aPointB.x().isZero());
|
||||
|
||||
//console.log("--- result = zero");
|
||||
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
|
||||
} else {
|
||||
//console.log("--- result = ELSE");
|
||||
var f2m;
|
||||
var x, y;
|
||||
var lambda;
|
||||
var aX, aY, bX, bY;
|
||||
|
||||
aX = aPointA.x()._value;
|
||||
aY = aPointA.y()._value;
|
||||
bX = aPointB.x()._value;
|
||||
bY = aPointB.y()._value;
|
||||
|
||||
f2m = this.finiteField();
|
||||
|
||||
if (aPointA.x().compare(aPointB.x()) != 0) {
|
||||
//console.log(" a.x != b.x");
|
||||
lambda = f2m._fastMultiply(
|
||||
f2m._add(aY, bY),
|
||||
f2m._inverse(f2m._add(aX, bX))
|
||||
);
|
||||
x = f2m._add(this.a()._value, f2m._square(lambda));
|
||||
f2m._overwriteAdd(x, lambda);
|
||||
f2m._overwriteAdd(x, aX);
|
||||
f2m._overwriteAdd(x, bX);
|
||||
} else {
|
||||
//console.log(" a.x == b.x");
|
||||
lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX)));
|
||||
//console.log(" lambda: " + lambda.asString(16));
|
||||
x = f2m._add(this.a()._value, f2m._square(lambda));
|
||||
//console.log(" x (step 1): " + x.asString(16));
|
||||
f2m._overwriteAdd(x, lambda);
|
||||
//console.log(" x (step 2): " + x.asString(16));
|
||||
}
|
||||
|
||||
y = f2m._fastMultiply(f2m._add(bX, x), lambda);
|
||||
//console.log(" y (step 1): " + y.asString(16));
|
||||
f2m._overwriteAdd(y, x);
|
||||
//console.log(" y (step 2): " + y.asString(16));
|
||||
f2m._overwriteAdd(y, bY);
|
||||
//console.log(" y (step 3): " + y.asString(16));
|
||||
|
||||
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)})
|
||||
}
|
||||
//console.log("<<< ECC.BinaryField.Curve.add");
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'addTwice': function(aPointA) {
|
||||
return this.add(aPointA, aPointA);
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'overwriteAdd': function(aPointA, aPointB) {
|
||||
if (aPointA.isZero()) {
|
||||
// result = aPointB;
|
||||
aPointA._x._value = aPointB._x._value;
|
||||
aPointA._y._value = aPointB._y._value;
|
||||
} else if (aPointB.isZero()) {
|
||||
// result = aPointA;
|
||||
} else if ( (aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) {
|
||||
// result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
|
||||
aPointA._x = Clipperz.Crypto.ECC.BinaryField.Value.O;
|
||||
aPointA._y = Clipperz.Crypto.ECC.BinaryField.Value.O;
|
||||
} else {
|
||||
var f2m;
|
||||
var x, y;
|
||||
var lambda;
|
||||
var aX, aY, bX, bY;
|
||||
|
||||
aX = aPointA.x()._value;
|
||||
aY = aPointA.y()._value;
|
||||
bX = aPointB.x()._value;
|
||||
bY = aPointB.y()._value;
|
||||
|
||||
f2m = this.finiteField();
|
||||
|
||||
if (aPointA.x().compare(aPointB.x()) != 0) {
|
||||
//console.log(" a.x != b.x");
|
||||
lambda = f2m._fastMultiply(
|
||||
f2m._add(aY, bY),
|
||||
f2m._inverse(f2m._add(aX, bX))
|
||||
);
|
||||
x = f2m._add(this.a()._value, f2m._square(lambda));
|
||||
f2m._overwriteAdd(x, lambda);
|
||||
f2m._overwriteAdd(x, aX);
|
||||
f2m._overwriteAdd(x, bX);
|
||||
} else {
|
||||
//console.log(" a.x == b.x");
|
||||
lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX)));
|
||||
//console.log(" lambda: " + lambda.asString(16));
|
||||
x = f2m._add(this.a()._value, f2m._square(lambda));
|
||||
//console.log(" x (step 1): " + x.asString(16));
|
||||
f2m._overwriteAdd(x, lambda);
|
||||
//console.log(" x (step 2): " + x.asString(16));
|
||||
}
|
||||
|
||||
y = f2m._fastMultiply(f2m._add(bX, x), lambda);
|
||||
//console.log(" y (step 1): " + y.asString(16));
|
||||
f2m._overwriteAdd(y, x);
|
||||
//console.log(" y (step 2): " + y.asString(16));
|
||||
f2m._overwriteAdd(y, bY);
|
||||
//console.log(" y (step 3): " + y.asString(16));
|
||||
|
||||
// result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)})
|
||||
aPointA._x._value = x;
|
||||
aPointA._y._value = y;
|
||||
|
||||
}
|
||||
//console.log("<<< ECC.BinaryField.Curve.add");
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'multiply': function(aValue, aPoint) {
|
||||
var result;
|
||||
|
||||
//console.profile();
|
||||
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
|
||||
|
||||
if (aValue.isZero() == false) {
|
||||
var k, Q;
|
||||
var i;
|
||||
var countIndex; countIndex = 0;
|
||||
|
||||
if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) {
|
||||
k = aValue;
|
||||
Q = aPoint;
|
||||
} else {
|
||||
MochiKit.Logging.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!");
|
||||
k = aValue.negate();
|
||||
Q = this.negate(aPoint);
|
||||
}
|
||||
|
||||
//console.log("k: " + k.toString(16));
|
||||
//console.log("k.bitSize: " + k.bitSize());
|
||||
for (i=k.bitSize()-1; i>=0; i--) {
|
||||
result = this.add(result, result);
|
||||
// this.overwriteAdd(result, result);
|
||||
if (k.isBitSet(i)) {
|
||||
result = this.add(result, Q);
|
||||
// this.overwriteAdd(result, Q);
|
||||
}
|
||||
|
||||
// if (countIndex==100) {console.log("multiply.break"); break;} else countIndex++;
|
||||
}
|
||||
}
|
||||
//console.profileEnd();
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'deferredMultiply': function(aValue, aPoint) {
|
||||
var deferredResult;
|
||||
var result;
|
||||
|
||||
MochiKit.Logging.logDebug(">>> deferredMultiply - value: " + aValue + ", point: " + aPoint);
|
||||
//console.profile("ECC.Curve.multiply");
|
||||
deferredResult = new MochiKit.Async.Deferred();
|
||||
//deferredResult.addCallback(function(res) {console.profile("ECC.Curve.deferredMultiply"); return res;} );
|
||||
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 1: " + res); return res;});
|
||||
|
||||
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
|
||||
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 2: " + res); return res;});
|
||||
|
||||
if (aValue.isZero() == false) {
|
||||
var k, Q;
|
||||
var i;
|
||||
var countIndex; countIndex = 0;
|
||||
|
||||
if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) {
|
||||
k = aValue;
|
||||
Q = aPoint;
|
||||
} else {
|
||||
MochiKit.Logging.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!");
|
||||
k = aValue.negate();
|
||||
Q = this.negate(aPoint);
|
||||
}
|
||||
|
||||
//console.log("k: " + k.toString(16));
|
||||
//console.log("k.bitSize: " + k.bitSize());
|
||||
|
||||
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 3: " + res); return res;});
|
||||
for (i=k.bitSize()-1; i>=0; i--) {
|
||||
//MochiKit.Logging.logDebug("====> " + i);
|
||||
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4 > i = " + i + ": " + res); return res;});
|
||||
deferredResult.addMethod(this, "addTwice");
|
||||
//# result = this.add(result, result);
|
||||
// this.overwriteAdd(result, result);
|
||||
if (k.isBitSet(i)) {
|
||||
deferredResult.addMethod(this, "add", Q);
|
||||
//# result = this.add(result, Q);
|
||||
// this.overwriteAdd(result, Q);
|
||||
}
|
||||
if (i%20 == 0) {deferredResult.addCallback(MochiKit.Async.wait, 0.1);}
|
||||
|
||||
// if (countIndex==100) {console.log("multiply.break"); break;} else countIndex++;
|
||||
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4 < i = " + i + ": " + res); return res;});
|
||||
}
|
||||
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4: " + res); return res;});
|
||||
}
|
||||
//#console.profileEnd();
|
||||
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 5: " + res); return res;});
|
||||
//deferredResult.addBoth(function(res) {console.profileEnd(); return res;});
|
||||
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 6: " + res); return res;});
|
||||
deferredResult.callback(result);
|
||||
|
||||
//# return result;
|
||||
return deferredResult;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
});
|
||||
|
||||
|
||||
//#############################################################################
|
||||
|
||||
Clipperz.Crypto.ECC.StandardCurves = {};
|
||||
|
||||
MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, {
|
||||
/*
|
||||
'_K571': null,
|
||||
'K571': function() {
|
||||
if (Clipperz.Crypto.ECC.StandardCurves._K571 == null) {
|
||||
Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.BinaryField.Curve({
|
||||
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16),
|
||||
a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16),
|
||||
b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
|
||||
G: new Clipperz.Crypto.ECC.BinaryField.Point({
|
||||
x: new Clipperz.Crypto.ECC.BinaryField.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16),
|
||||
y: new Clipperz.Crypto.ECC.BinaryField.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16)
|
||||
}),
|
||||
r: new Clipperz.Crypto.ECC.BinaryField.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16),
|
||||
h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16)
|
||||
});
|
||||
}
|
||||
|
||||
return Clipperz.Crypto.ECC.StandardCurves._K571;
|
||||
},
|
||||
|
||||
|
||||
|
||||
'_K283': null,
|
||||
'K283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
|
||||
if (Clipperz.Crypto.ECC.StandardCurves._K283 == null) {
|
||||
Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.BinaryField.Curve({
|
||||
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
|
||||
a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16),
|
||||
b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
|
||||
G: new Clipperz.Crypto.ECC.BinaryField.Point({
|
||||
x: new Clipperz.Crypto.ECC.BinaryField.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16),
|
||||
y: new Clipperz.Crypto.ECC.BinaryField.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16)
|
||||
}),
|
||||
r: new Clipperz.Crypto.ECC.BinaryField.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16),
|
||||
h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16)
|
||||
});
|
||||
}
|
||||
|
||||
return Clipperz.Crypto.ECC.StandardCurves._K283;
|
||||
},
|
||||
*/
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'_B571': null,
|
||||
'B571': function() { // f(z) = z^571 + z^10 + z^5 + z^2 + 1
|
||||
if (Clipperz.Crypto.ECC.StandardCurves._B571 == null) {
|
||||
Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({
|
||||
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425', 16),
|
||||
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
|
||||
b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a', 16),
|
||||
G: new Clipperz.Crypto.ECC.BinaryField.Point({
|
||||
x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16),
|
||||
y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16)
|
||||
}),
|
||||
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16),
|
||||
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
|
||||
|
||||
// S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
|
||||
// n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16)
|
||||
});
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
//
|
||||
// Guide to Elliptic Curve Cryptography
|
||||
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
|
||||
// - Pag: 56, Alorithm 2.45 (with a typo!!!)
|
||||
//
|
||||
//-----------------------------------------------------------------------------
|
||||
//
|
||||
// http://www.milw0rm.com/papers/136
|
||||
//
|
||||
// -------------------------------------------------------------------------
|
||||
// Polynomial Reduction Algorithm Modulo f571
|
||||
// -------------------------------------------------------------------------
|
||||
//
|
||||
// Input: Polynomial p(x) of degree 1140 or less, stored as
|
||||
// an array of 2T machinewords.
|
||||
// Output: p(x) mod f571(x)
|
||||
//
|
||||
// FOR i = T-1, ..., 0 DO
|
||||
// SET X := P[i+T]
|
||||
// P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15)
|
||||
// P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27)
|
||||
//
|
||||
// SET X := P[T-1] >> 27
|
||||
// P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10)
|
||||
// P[T-1] := P[T-1] & 0x07ffffff
|
||||
//
|
||||
// RETURN P[T-1],...,P[0]
|
||||
//
|
||||
// -------------------------------------------------------------------------
|
||||
//
|
||||
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module;
|
||||
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) {
|
||||
var result;
|
||||
|
||||
if (aValue.bitSize() > 1140) {
|
||||
MochiKit.Logging.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation");
|
||||
result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue);
|
||||
} else {
|
||||
var C, T;
|
||||
var i;
|
||||
|
||||
//console.log(">>> binaryField.finiteField.(improved)module");
|
||||
// C = aValue.value().slice(0);
|
||||
C = aValue._value.slice(0);
|
||||
for (i=35; i>=18; i--) {
|
||||
T = C[i];
|
||||
C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0);
|
||||
C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0);
|
||||
}
|
||||
T = (C[17] >>> 27);
|
||||
C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0);
|
||||
C[17] = (C[17] & 0x07ffffff);
|
||||
|
||||
for(i=18; i<=35; i++) {
|
||||
C[i] = 0;
|
||||
}
|
||||
|
||||
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
|
||||
//console.log("<<< binaryField.finiteField.(improved)module");
|
||||
}
|
||||
|
||||
return result;
|
||||
};
|
||||
}
|
||||
|
||||
return Clipperz.Crypto.ECC.StandardCurves._B571;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'_B283': null,
|
||||
'B283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
|
||||
if (Clipperz.Crypto.ECC.StandardCurves._B283 == null) {
|
||||
Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({
|
||||
// modulus: new Clipperz.Crypto.ECC.BinaryField.Value('10000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
|
||||
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
|
||||
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
|
||||
b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16),
|
||||
G: new Clipperz.Crypto.ECC.BinaryField.Point({
|
||||
x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16),
|
||||
y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16)
|
||||
}),
|
||||
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16),
|
||||
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
|
||||
|
||||
// S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
|
||||
// n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16)
|
||||
});
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
//
|
||||
// Guide to Elliptic Curve Cryptography
|
||||
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
|
||||
// - Pag: 56, Alorithm 2.43
|
||||
//
|
||||
//-----------------------------------------------------------------------------
|
||||
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module;
|
||||
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) {
|
||||
var result;
|
||||
|
||||
if (aValue.bitSize() > 564) {
|
||||
MochiKit.Logging.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation");
|
||||
result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue);
|
||||
} else {
|
||||
var C, T;
|
||||
var i;
|
||||
|
||||
//console.log(">>> binaryField.finiteField.(improved)module");
|
||||
C = aValue._value.slice(0);
|
||||
for (i=17; i>=9; i--) {
|
||||
T = C[i];
|
||||
C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0);
|
||||
C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0);
|
||||
}
|
||||
T = (C[8] >>> 27);
|
||||
C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0);
|
||||
C[8] = (C[8] & 0x07ffffff);
|
||||
|
||||
for(i=9; i<=17; i++) {
|
||||
C[i] = 0;
|
||||
}
|
||||
|
||||
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
|
||||
//console.log("<<< binaryField.finiteField.(improved)module");
|
||||
}
|
||||
|
||||
return result;
|
||||
};
|
||||
}
|
||||
|
||||
return Clipperz.Crypto.ECC.StandardCurves._B283;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
});
|
||||
|
||||
//#############################################################################
|
||||
|
@ -1,521 +0,0 @@
|
||||
/*
|
||||
|
||||
Copyright 2008-2013 Clipperz Srl
|
||||
|
||||
This file is part of Clipperz, the online password manager.
|
||||
For further information about its features and functionalities please
|
||||
refer to http://www.clipperz.com.
|
||||
|
||||
* Clipperz is free software: you can redistribute it and/or modify it
|
||||
under the terms of the GNU Affero General Public License as published
|
||||
by the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
* Clipperz is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
See the GNU Affero General Public License for more details.
|
||||
|
||||
* You should have received a copy of the GNU Affero General Public
|
||||
License along with Clipperz. If not, see http://www.gnu.org/licenses/.
|
||||
|
||||
*/
|
||||
|
||||
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
|
||||
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
|
||||
//}
|
||||
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
|
||||
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.FiniteField = function(args) {
|
||||
args = args || {};
|
||||
this._modulus = args.modulus;
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.FiniteField.prototype = MochiKit.Base.update(null, {
|
||||
|
||||
'asString': function() {
|
||||
return "Clipperz.Crypto.ECC.BinaryField.FiniteField (" + this.modulus().asString() + ")";
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'modulus': function() {
|
||||
return this._modulus;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'_module': function(aValue) {
|
||||
var result;
|
||||
var modulusComparison;
|
||||
//console.log(">>> binaryField.finiteField.(standard)module");
|
||||
|
||||
modulusComparison = Clipperz.Crypto.ECC.BinaryField.Value._compare(aValue, this.modulus()._value);
|
||||
|
||||
if (modulusComparison < 0) {
|
||||
result = aValue;
|
||||
} else if (modulusComparison == 0) {
|
||||
result = [0];
|
||||
} else {
|
||||
var modulusBitSize;
|
||||
var resultBitSize;
|
||||
|
||||
result = aValue;
|
||||
|
||||
modulusBitSize = this.modulus().bitSize();
|
||||
resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result);
|
||||
while (resultBitSize >= modulusBitSize) {
|
||||
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this.modulus()._value, resultBitSize - modulusBitSize));
|
||||
resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result);
|
||||
}
|
||||
}
|
||||
//console.log("<<< binaryField.finiteField.(standard)module");
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
'module': function(aValue) {
|
||||
return new Clipperz.Crypto.ECC.BinaryField.Value(this._module(aValue._value.slice(0)));
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'_add': function(a, b) {
|
||||
return Clipperz.Crypto.ECC.BinaryField.Value._xor(a, b);
|
||||
},
|
||||
|
||||
'_overwriteAdd': function(a, b) {
|
||||
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(a, b);
|
||||
},
|
||||
|
||||
'add': function(a, b) {
|
||||
return new Clipperz.Crypto.ECC.BinaryField.Value(this._add(a._value, b._value));
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'negate': function(aValue) {
|
||||
return aValue.clone();
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'_multiply': function(a, b) {
|
||||
var result;
|
||||
var valueToXor;
|
||||
var i,c;
|
||||
|
||||
result = [0];
|
||||
valueToXor = b;
|
||||
c = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(a);
|
||||
for (i=0; i<c; i++) {
|
||||
if (Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(a, i) === true) {
|
||||
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, valueToXor);
|
||||
}
|
||||
valueToXor = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(valueToXor, 1);
|
||||
}
|
||||
result = this._module(result);
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
'multiply': function(a, b) {
|
||||
return new Clipperz.Crypto.ECC.BinaryField.Value(this._multiply(a._value, b._value));
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'_fastMultiply': function(a, b) {
|
||||
var result;
|
||||
var B;
|
||||
var i,c;
|
||||
|
||||
result = [0];
|
||||
B = b.slice(0); // Is this array copy avoidable?
|
||||
c = 32;
|
||||
for (i=0; i<c; i++) {
|
||||
var ii, cc;
|
||||
|
||||
cc = a.length;
|
||||
for (ii=0; ii<cc; ii++) {
|
||||
if (((a[ii] >>> i) & 0x01) == 1) {
|
||||
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, B, ii);
|
||||
}
|
||||
}
|
||||
|
||||
if (i < (c-1)) {
|
||||
B = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(B, 1);
|
||||
}
|
||||
}
|
||||
result = this._module(result);
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
'fastMultiply': function(a, b) {
|
||||
return new Clipperz.Crypto.ECC.BinaryField.Value(this._fastMultiply(a._value, b._value));
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
//
|
||||
// Guide to Elliptic Curve Cryptography
|
||||
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
|
||||
// - Pag: 49, Alorithm 2.34
|
||||
//
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'_square': function(aValue) {
|
||||
var result;
|
||||
var value;
|
||||
var c,i;
|
||||
var precomputedValues;
|
||||
|
||||
value = aValue;
|
||||
result = new Array(value.length * 2);
|
||||
precomputedValues = Clipperz.Crypto.ECC.BinaryField.FiniteField.squarePrecomputedBytes;
|
||||
|
||||
c = value.length;
|
||||
for (i=0; i<c; i++) {
|
||||
result[i*2] = precomputedValues[(value[i] & 0x000000ff)];
|
||||
result[i*2] |= ((precomputedValues[(value[i] & 0x0000ff00) >>> 8]) << 16);
|
||||
|
||||
result[i*2 + 1] = precomputedValues[(value[i] & 0x00ff0000) >>> 16];
|
||||
result[i*2 + 1] |= ((precomputedValues[(value[i] & 0xff000000) >>> 24]) << 16);
|
||||
}
|
||||
|
||||
return this._module(result);
|
||||
},
|
||||
|
||||
'square': function(aValue) {
|
||||
return new Clipperz.Crypto.ECC.BinaryField.Value(this._square(aValue._value));
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'_inverse': function(aValue) {
|
||||
var result;
|
||||
var b, c;
|
||||
var u, v;
|
||||
|
||||
// b = Clipperz.Crypto.ECC.BinaryField.Value.I._value;
|
||||
b = [1];
|
||||
// c = Clipperz.Crypto.ECC.BinaryField.Value.O._value;
|
||||
c = [0];
|
||||
u = this._module(aValue);
|
||||
v = this.modulus()._value.slice(0);
|
||||
|
||||
while (Clipperz.Crypto.ECC.BinaryField.Value._bitSize(u) > 1) {
|
||||
var bitDifferenceSize;
|
||||
|
||||
bitDifferenceSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(u) - Clipperz.Crypto.ECC.BinaryField.Value._bitSize(v);
|
||||
if (bitDifferenceSize < 0) {
|
||||
var swap;
|
||||
|
||||
swap = u;
|
||||
u = v;
|
||||
v = swap;
|
||||
|
||||
swap = c;
|
||||
c = b;
|
||||
b = swap;
|
||||
|
||||
bitDifferenceSize = -bitDifferenceSize;
|
||||
}
|
||||
|
||||
u = this._add(u, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(v, bitDifferenceSize));
|
||||
b = this._add(b, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(c, bitDifferenceSize));
|
||||
// this._overwriteAdd(u, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(v, bitDifferenceSize));
|
||||
// this._overwriteAdd(b, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(c, bitDifferenceSize));
|
||||
}
|
||||
|
||||
result = this._module(b);
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
'inverse': function(aValue) {
|
||||
return new Clipperz.Crypto.ECC.BinaryField.Value(this._inverse(aValue._value));
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
});
|
||||
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.FiniteField.squarePrecomputedBytes = [
|
||||
0x0000, // 0 = 0000 0000 -> 0000 0000 0000 0000
|
||||
0x0001, // 1 = 0000 0001 -> 0000 0000 0000 0001
|
||||
0x0004, // 2 = 0000 0010 -> 0000 0000 0000 0100
|
||||
0x0005, // 3 = 0000 0011 -> 0000 0000 0000 0101
|
||||
0x0010, // 4 = 0000 0100 -> 0000 0000 0001 0000
|
||||
0x0011, // 5 = 0000 0101 -> 0000 0000 0001 0001
|
||||
0x0014, // 6 = 0000 0110 -> 0000 0000 0001 0100
|
||||
0x0015, // 7 = 0000 0111 -> 0000 0000 0001 0101
|
||||
0x0040, // 8 = 0000 1000 -> 0000 0000 0100 0000
|
||||
0x0041, // 9 = 0000 1001 -> 0000 0000 0100 0001
|
||||
0x0044, // 10 = 0000 1010 -> 0000 0000 0100 0100
|
||||
0x0045, // 11 = 0000 1011 -> 0000 0000 0100 0101
|
||||
0x0050, // 12 = 0000 1100 -> 0000 0000 0101 0000
|
||||
0x0051, // 13 = 0000 1101 -> 0000 0000 0101 0001
|
||||
0x0054, // 14 = 0000 1110 -> 0000 0000 0101 0100
|
||||
0x0055, // 15 = 0000 1111 -> 0000 0000 0101 0101
|
||||
|
||||
0x0100, // 16 = 0001 0000 -> 0000 0001 0000 0000
|
||||
0x0101, // 17 = 0001 0001 -> 0000 0001 0000 0001
|
||||
0x0104, // 18 = 0001 0010 -> 0000 0001 0000 0100
|
||||
0x0105, // 19 = 0001 0011 -> 0000 0001 0000 0101
|
||||
0x0110, // 20 = 0001 0100 -> 0000 0001 0001 0000
|
||||
0x0111, // 21 = 0001 0101 -> 0000 0001 0001 0001
|
||||
0x0114, // 22 = 0001 0110 -> 0000 0001 0001 0100
|
||||
0x0115, // 23 = 0001 0111 -> 0000 0001 0001 0101
|
||||
0x0140, // 24 = 0001 1000 -> 0000 0001 0100 0000
|
||||
0x0141, // 25 = 0001 1001 -> 0000 0001 0100 0001
|
||||
0x0144, // 26 = 0001 1010 -> 0000 0001 0100 0100
|
||||
0x0145, // 27 = 0001 1011 -> 0000 0001 0100 0101
|
||||
0x0150, // 28 = 0001 1100 -> 0000 0001 0101 0000
|
||||
0x0151, // 28 = 0001 1101 -> 0000 0001 0101 0001
|
||||
0x0154, // 30 = 0001 1110 -> 0000 0001 0101 0100
|
||||
0x0155, // 31 = 0001 1111 -> 0000 0001 0101 0101
|
||||
|
||||
0x0400, // 32 = 0010 0000 -> 0000 0100 0000 0000
|
||||
0x0401, // 33 = 0010 0001 -> 0000 0100 0000 0001
|
||||
0x0404, // 34 = 0010 0010 -> 0000 0100 0000 0100
|
||||
0x0405, // 35 = 0010 0011 -> 0000 0100 0000 0101
|
||||
0x0410, // 36 = 0010 0100 -> 0000 0100 0001 0000
|
||||
0x0411, // 37 = 0010 0101 -> 0000 0100 0001 0001
|
||||
0x0414, // 38 = 0010 0110 -> 0000 0100 0001 0100
|
||||
0x0415, // 39 = 0010 0111 -> 0000 0100 0001 0101
|
||||
0x0440, // 40 = 0010 1000 -> 0000 0100 0100 0000
|
||||
0x0441, // 41 = 0010 1001 -> 0000 0100 0100 0001
|
||||
0x0444, // 42 = 0010 1010 -> 0000 0100 0100 0100
|
||||
0x0445, // 43 = 0010 1011 -> 0000 0100 0100 0101
|
||||
0x0450, // 44 = 0010 1100 -> 0000 0100 0101 0000
|
||||
0x0451, // 45 = 0010 1101 -> 0000 0100 0101 0001
|
||||
0x0454, // 46 = 0010 1110 -> 0000 0100 0101 0100
|
||||
0x0455, // 47 = 0010 1111 -> 0000 0100 0101 0101
|
||||
|
||||
0x0500, // 48 = 0011 0000 -> 0000 0101 0000 0000
|
||||
0x0501, // 49 = 0011 0001 -> 0000 0101 0000 0001
|
||||
0x0504, // 50 = 0011 0010 -> 0000 0101 0000 0100
|
||||
0x0505, // 51 = 0011 0011 -> 0000 0101 0000 0101
|
||||
0x0510, // 52 = 0011 0100 -> 0000 0101 0001 0000
|
||||
0x0511, // 53 = 0011 0101 -> 0000 0101 0001 0001
|
||||
0x0514, // 54 = 0011 0110 -> 0000 0101 0001 0100
|
||||
0x0515, // 55 = 0011 0111 -> 0000 0101 0001 0101
|
||||
0x0540, // 56 = 0011 1000 -> 0000 0101 0100 0000
|
||||
0x0541, // 57 = 0011 1001 -> 0000 0101 0100 0001
|
||||
0x0544, // 58 = 0011 1010 -> 0000 0101 0100 0100
|
||||
0x0545, // 59 = 0011 1011 -> 0000 0101 0100 0101
|
||||
0x0550, // 60 = 0011 1100 -> 0000 0101 0101 0000
|
||||
0x0551, // 61 = 0011 1101 -> 0000 0101 0101 0001
|
||||
0x0554, // 62 = 0011 1110 -> 0000 0101 0101 0100
|
||||
0x0555, // 63 = 0011 1111 -> 0000 0101 0101 0101
|
||||
|
||||
0x1000, // 64 = 0100 0000 -> 0001 0000 0000 0000
|
||||
0x1001, // 65 = 0100 0001 -> 0001 0000 0000 0001
|
||||
0x1004, // 66 = 0100 0010 -> 0001 0000 0000 0100
|
||||
0x1005, // 67 = 0100 0011 -> 0001 0000 0000 0101
|
||||
0x1010, // 68 = 0100 0100 -> 0001 0000 0001 0000
|
||||
0x1011, // 69 = 0100 0101 -> 0001 0000 0001 0001
|
||||
0x1014, // 70 = 0100 0110 -> 0001 0000 0001 0100
|
||||
0x1015, // 71 = 0100 0111 -> 0001 0000 0001 0101
|
||||
0x1040, // 72 = 0100 1000 -> 0001 0000 0100 0000
|
||||
0x1041, // 73 = 0100 1001 -> 0001 0000 0100 0001
|
||||
0x1044, // 74 = 0100 1010 -> 0001 0000 0100 0100
|
||||
0x1045, // 75 = 0100 1011 -> 0001 0000 0100 0101
|
||||
0x1050, // 76 = 0100 1100 -> 0001 0000 0101 0000
|
||||
0x1051, // 77 = 0100 1101 -> 0001 0000 0101 0001
|
||||
0x1054, // 78 = 0100 1110 -> 0001 0000 0101 0100
|
||||
0x1055, // 79 = 0100 1111 -> 0001 0000 0101 0101
|
||||
|
||||
0x1100, // 80 = 0101 0000 -> 0001 0001 0000 0000
|
||||
0x1101, // 81 = 0101 0001 -> 0001 0001 0000 0001
|
||||
0x1104, // 82 = 0101 0010 -> 0001 0001 0000 0100
|
||||
0x1105, // 83 = 0101 0011 -> 0001 0001 0000 0101
|
||||
0x1110, // 84 = 0101 0100 -> 0001 0001 0001 0000
|
||||
0x1111, // 85 = 0101 0101 -> 0001 0001 0001 0001
|
||||
0x1114, // 86 = 0101 0110 -> 0001 0001 0001 0100
|
||||
0x1115, // 87 = 0101 0111 -> 0001 0001 0001 0101
|
||||
0x1140, // 88 = 0101 1000 -> 0001 0001 0100 0000
|
||||
0x1141, // 89 = 0101 1001 -> 0001 0001 0100 0001
|
||||
0x1144, // 90 = 0101 1010 -> 0001 0001 0100 0100
|
||||
0x1145, // 91 = 0101 1011 -> 0001 0001 0100 0101
|
||||
0x1150, // 92 = 0101 1100 -> 0001 0001 0101 0000
|
||||
0x1151, // 93 = 0101 1101 -> 0001 0001 0101 0001
|
||||
0x1154, // 94 = 0101 1110 -> 0001 0001 0101 0100
|
||||
0x1155, // 95 = 0101 1111 -> 0001 0001 0101 0101
|
||||
|
||||
0x1400, // 96 = 0110 0000 -> 0001 0100 0000 0000
|
||||
0x1401, // 97 = 0110 0001 -> 0001 0100 0000 0001
|
||||
0x1404, // 98 = 0110 0010 -> 0001 0100 0000 0100
|
||||
0x1405, // 99 = 0110 0011 -> 0001 0100 0000 0101
|
||||
0x1410, // 100 = 0110 0100 -> 0001 0100 0001 0000
|
||||
0x1411, // 101 = 0110 0101 -> 0001 0100 0001 0001
|
||||
0x1414, // 102 = 0110 0110 -> 0001 0100 0001 0100
|
||||
0x1415, // 103 = 0110 0111 -> 0001 0100 0001 0101
|
||||
0x1440, // 104 = 0110 1000 -> 0001 0100 0100 0000
|
||||
0x1441, // 105 = 0110 1001 -> 0001 0100 0100 0001
|
||||
0x1444, // 106 = 0110 1010 -> 0001 0100 0100 0100
|
||||
0x1445, // 107 = 0110 1011 -> 0001 0100 0100 0101
|
||||
0x1450, // 108 = 0110 1100 -> 0001 0100 0101 0000
|
||||
0x1451, // 109 = 0110 1101 -> 0001 0100 0101 0001
|
||||
0x1454, // 110 = 0110 1110 -> 0001 0100 0101 0100
|
||||
0x1455, // 111 = 0110 1111 -> 0001 0100 0101 0101
|
||||
|
||||
0x1500, // 112 = 0111 0000 -> 0001 0101 0000 0000
|
||||
0x1501, // 113 = 0111 0001 -> 0001 0101 0000 0001
|
||||
0x1504, // 114 = 0111 0010 -> 0001 0101 0000 0100
|
||||
0x1505, // 115 = 0111 0011 -> 0001 0101 0000 0101
|
||||
0x1510, // 116 = 0111 0100 -> 0001 0101 0001 0000
|
||||
0x1511, // 117 = 0111 0101 -> 0001 0101 0001 0001
|
||||
0x1514, // 118 = 0111 0110 -> 0001 0101 0001 0100
|
||||
0x1515, // 119 = 0111 0111 -> 0001 0101 0001 0101
|
||||
0x1540, // 120 = 0111 1000 -> 0001 0101 0100 0000
|
||||
0x1541, // 121 = 0111 1001 -> 0001 0101 0100 0001
|
||||
0x1544, // 122 = 0111 1010 -> 0001 0101 0100 0100
|
||||
0x1545, // 123 = 0111 1011 -> 0001 0101 0100 0101
|
||||
0x1550, // 124 = 0111 1100 -> 0001 0101 0101 0000
|
||||
0x1551, // 125 = 0111 1101 -> 0001 0101 0101 0001
|
||||
0x1554, // 126 = 0111 1110 -> 0001 0101 0101 0100
|
||||
0x1555, // 127 = 0111 1111 -> 0001 0101 0101 0101
|
||||
|
||||
0x4000, // 128 = 1000 0000 -> 0100 0000 0000 0000
|
||||
0x4001, // 129 = 1000 0001 -> 0100 0000 0000 0001
|
||||
0x4004, // 130 = 1000 0010 -> 0100 0000 0000 0100
|
||||
0x4005, // 131 = 1000 0011 -> 0100 0000 0000 0101
|
||||
0x4010, // 132 = 1000 0100 -> 0100 0000 0001 0000
|
||||
0x4011, // 133 = 1000 0101 -> 0100 0000 0001 0001
|
||||
0x4014, // 134 = 1000 0110 -> 0100 0000 0001 0100
|
||||
0x4015, // 135 = 1000 0111 -> 0100 0000 0001 0101
|
||||
0x4040, // 136 = 1000 1000 -> 0100 0000 0100 0000
|
||||
0x4041, // 137 = 1000 1001 -> 0100 0000 0100 0001
|
||||
0x4044, // 138 = 1000 1010 -> 0100 0000 0100 0100
|
||||
0x4045, // 139 = 1000 1011 -> 0100 0000 0100 0101
|
||||
0x4050, // 140 = 1000 1100 -> 0100 0000 0101 0000
|
||||
0x4051, // 141 = 1000 1101 -> 0100 0000 0101 0001
|
||||
0x4054, // 142 = 1000 1110 -> 0100 0000 0101 0100
|
||||
0x4055, // 143 = 1000 1111 -> 0100 0000 0101 0101
|
||||
|
||||
0x4100, // 144 = 1001 0000 -> 0100 0001 0000 0000
|
||||
0x4101, // 145 = 1001 0001 -> 0100 0001 0000 0001
|
||||
0x4104, // 146 = 1001 0010 -> 0100 0001 0000 0100
|
||||
0x4105, // 147 = 1001 0011 -> 0100 0001 0000 0101
|
||||
0x4110, // 148 = 1001 0100 -> 0100 0001 0001 0000
|
||||
0x4111, // 149 = 1001 0101 -> 0100 0001 0001 0001
|
||||
0x4114, // 150 = 1001 0110 -> 0100 0001 0001 0100
|
||||
0x4115, // 151 = 1001 0111 -> 0100 0001 0001 0101
|
||||
0x4140, // 152 = 1001 1000 -> 0100 0001 0100 0000
|
||||
0x4141, // 153 = 1001 1001 -> 0100 0001 0100 0001
|
||||
0x4144, // 154 = 1001 1010 -> 0100 0001 0100 0100
|
||||
0x4145, // 155 = 1001 1011 -> 0100 0001 0100 0101
|
||||
0x4150, // 156 = 1001 1100 -> 0100 0001 0101 0000
|
||||
0x4151, // 157 = 1001 1101 -> 0100 0001 0101 0001
|
||||
0x4154, // 158 = 1001 1110 -> 0100 0001 0101 0100
|
||||
0x4155, // 159 = 1001 1111 -> 0100 0001 0101 0101
|
||||
|
||||
0x4400, // 160 = 1010 0000 -> 0100 0100 0000 0000
|
||||
0x4401, // 161 = 1010 0001 -> 0100 0100 0000 0001
|
||||
0x4404, // 162 = 1010 0010 -> 0100 0100 0000 0100
|
||||
0x4405, // 163 = 1010 0011 -> 0100 0100 0000 0101
|
||||
0x4410, // 164 = 1010 0100 -> 0100 0100 0001 0000
|
||||
0x4411, // 165 = 1010 0101 -> 0100 0100 0001 0001
|
||||
0x4414, // 166 = 1010 0110 -> 0100 0100 0001 0100
|
||||
0x4415, // 167 = 1010 0111 -> 0100 0100 0001 0101
|
||||
0x4440, // 168 = 1010 1000 -> 0100 0100 0100 0000
|
||||
0x4441, // 169 = 1010 1001 -> 0100 0100 0100 0001
|
||||
0x4444, // 170 = 1010 1010 -> 0100 0100 0100 0100
|
||||
0x4445, // 171 = 1010 1011 -> 0100 0100 0100 0101
|
||||
0x4450, // 172 = 1010 1100 -> 0100 0100 0101 0000
|
||||
0x4451, // 173 = 1010 1101 -> 0100 0100 0101 0001
|
||||
0x4454, // 174 = 1010 1110 -> 0100 0100 0101 0100
|
||||
0x4455, // 175 = 1010 1111 -> 0100 0100 0101 0101
|
||||
|
||||
0x4500, // 176 = 1011 0000 -> 0100 0101 0000 0000
|
||||
0x4501, // 177 = 1011 0001 -> 0100 0101 0000 0001
|
||||
0x4504, // 178 = 1011 0010 -> 0100 0101 0000 0100
|
||||
0x4505, // 179 = 1011 0011 -> 0100 0101 0000 0101
|
||||
0x4510, // 180 = 1011 0100 -> 0100 0101 0001 0000
|
||||
0x4511, // 181 = 1011 0101 -> 0100 0101 0001 0001
|
||||
0x4514, // 182 = 1011 0110 -> 0100 0101 0001 0100
|
||||
0x4515, // 183 = 1011 0111 -> 0100 0101 0001 0101
|
||||
0x4540, // 184 = 1011 1000 -> 0100 0101 0100 0000
|
||||
0x4541, // 185 = 1011 1001 -> 0100 0101 0100 0001
|
||||
0x4544, // 186 = 1011 1010 -> 0100 0101 0100 0100
|
||||
0x4545, // 187 = 1011 1011 -> 0100 0101 0100 0101
|
||||
0x4550, // 188 = 1011 1100 -> 0100 0101 0101 0000
|
||||
0x4551, // 189 = 1011 1101 -> 0100 0101 0101 0001
|
||||
0x4554, // 190 = 1011 1110 -> 0100 0101 0101 0100
|
||||
0x4555, // 191 = 1011 1111 -> 0100 0101 0101 0101
|
||||
|
||||
0x5000, // 192 = 1100 0000 -> 0101 0000 0000 0000
|
||||
0x5001, // 193 = 1100 0001 -> 0101 0000 0000 0001
|
||||
0x5004, // 194 = 1100 0010 -> 0101 0000 0000 0100
|
||||
0x5005, // 195 = 1100 0011 -> 0101 0000 0000 0101
|
||||
0x5010, // 196 = 1100 0100 -> 0101 0000 0001 0000
|
||||
0x5011, // 197 = 1100 0101 -> 0101 0000 0001 0001
|
||||
0x5014, // 198 = 1100 0110 -> 0101 0000 0001 0100
|
||||
0x5015, // 199 = 1100 0111 -> 0101 0000 0001 0101
|
||||
0x5040, // 200 = 1100 1000 -> 0101 0000 0100 0000
|
||||
0x5041, // 201 = 1100 1001 -> 0101 0000 0100 0001
|
||||
0x5044, // 202 = 1100 1010 -> 0101 0000 0100 0100
|
||||
0x5045, // 203 = 1100 1011 -> 0101 0000 0100 0101
|
||||
0x5050, // 204 = 1100 1100 -> 0101 0000 0101 0000
|
||||
0x5051, // 205 = 1100 1101 -> 0101 0000 0101 0001
|
||||
0x5054, // 206 = 1100 1110 -> 0101 0000 0101 0100
|
||||
0x5055, // 207 = 1100 1111 -> 0101 0000 0101 0101
|
||||
|
||||
0x5100, // 208 = 1101 0000 -> 0101 0001 0000 0000
|
||||
0x5101, // 209 = 1101 0001 -> 0101 0001 0000 0001
|
||||
0x5104, // 210 = 1101 0010 -> 0101 0001 0000 0100
|
||||
0x5105, // 211 = 1101 0011 -> 0101 0001 0000 0101
|
||||
0x5110, // 212 = 1101 0100 -> 0101 0001 0001 0000
|
||||
0x5111, // 213 = 1101 0101 -> 0101 0001 0001 0001
|
||||
0x5114, // 214 = 1101 0110 -> 0101 0001 0001 0100
|
||||
0x5115, // 215 = 1101 0111 -> 0101 0001 0001 0101
|
||||
0x5140, // 216 = 1101 1000 -> 0101 0001 0100 0000
|
||||
0x5141, // 217 = 1101 1001 -> 0101 0001 0100 0001
|
||||
0x5144, // 218 = 1101 1010 -> 0101 0001 0100 0100
|
||||
0x5145, // 219 = 1101 1011 -> 0101 0001 0100 0101
|
||||
0x5150, // 220 = 1101 1100 -> 0101 0001 0101 0000
|
||||
0x5151, // 221 = 1101 1101 -> 0101 0001 0101 0001
|
||||
0x5154, // 222 = 1101 1110 -> 0101 0001 0101 0100
|
||||
0x5155, // 223 = 1101 1111 -> 0101 0001 0101 0101
|
||||
|
||||
0x5400, // 224 = 1110 0000 -> 0101 0100 0000 0000
|
||||
0x5401, // 225 = 1110 0001 -> 0101 0100 0000 0001
|
||||
0x5404, // 226 = 1110 0010 -> 0101 0100 0000 0100
|
||||
0x5405, // 227 = 1110 0011 -> 0101 0100 0000 0101
|
||||
0x5410, // 228 = 1110 0100 -> 0101 0100 0001 0000
|
||||
0x5411, // 229 = 1110 0101 -> 0101 0100 0001 0001
|
||||
0x5414, // 230 = 1110 0110 -> 0101 0100 0001 0100
|
||||
0x5415, // 231 = 1110 0111 -> 0101 0100 0001 0101
|
||||
0x5440, // 232 = 1110 1000 -> 0101 0100 0100 0000
|
||||
0x5441, // 233 = 1110 1001 -> 0101 0100 0100 0001
|
||||
0x5444, // 234 = 1110 1010 -> 0101 0100 0100 0100
|
||||
0x5445, // 235 = 1110 1011 -> 0101 0100 0100 0101
|
||||
0x5450, // 236 = 1110 1100 -> 0101 0100 0101 0000
|
||||
0x5451, // 237 = 1110 1101 -> 0101 0100 0101 0001
|
||||
0x5454, // 238 = 1110 1110 -> 0101 0100 0101 0100
|
||||
0x5455, // 239 = 1110 1111 -> 0101 0100 0101 0101
|
||||
|
||||
0x5500, // 240 = 1111 0000 -> 0101 0101 0000 0000
|
||||
0x5501, // 241 = 1111 0001 -> 0101 0101 0000 0001
|
||||
0x5504, // 242 = 1111 0010 -> 0101 0101 0000 0100
|
||||
0x5505, // 243 = 1111 0011 -> 0101 0101 0000 0101
|
||||
0x5510, // 244 = 1111 0100 -> 0101 0101 0001 0000
|
||||
0x5511, // 245 = 1111 0101 -> 0101 0101 0001 0001
|
||||
0x5514, // 246 = 1111 0110 -> 0101 0101 0001 0100
|
||||
0x5515, // 247 = 1111 0111 -> 0101 0101 0001 0101
|
||||
0x5540, // 248 = 1111 1000 -> 0101 0101 0100 0000
|
||||
0x5541, // 249 = 1111 1001 -> 0101 0101 0100 0001
|
||||
0x5544, // 250 = 1111 1010 -> 0101 0101 0100 0100
|
||||
0x5545, // 251 = 1111 1011 -> 0101 0101 0100 0101
|
||||
0x5550, // 252 = 1111 1100 -> 0101 0101 0101 0000
|
||||
0x5551, // 253 = 1111 1101 -> 0101 0101 0101 0001
|
||||
0x5554, // 254 = 1111 1110 -> 0101 0101 0101 0100
|
||||
0x5555 // 255 = 1111 1111 -> 0101 0101 0101 0101
|
||||
|
||||
]
|
@ -1,62 +0,0 @@
|
||||
/*
|
||||
|
||||
Copyright 2008-2013 Clipperz Srl
|
||||
|
||||
This file is part of Clipperz, the online password manager.
|
||||
For further information about its features and functionalities please
|
||||
refer to http://www.clipperz.com.
|
||||
|
||||
* Clipperz is free software: you can redistribute it and/or modify it
|
||||
under the terms of the GNU Affero General Public License as published
|
||||
by the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
* Clipperz is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
See the GNU Affero General Public License for more details.
|
||||
|
||||
* You should have received a copy of the GNU Affero General Public
|
||||
License along with Clipperz. If not, see http://www.gnu.org/licenses/.
|
||||
|
||||
*/
|
||||
|
||||
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
|
||||
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
|
||||
//}
|
||||
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
|
||||
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.Point = function(args) {
|
||||
args = args || {};
|
||||
this._x = args.x;
|
||||
this._y = args.y;
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.Point.prototype = MochiKit.Base.update(null, {
|
||||
|
||||
'asString': function() {
|
||||
return "Clipperz.Crypto.ECC.BinaryField.Point (" + this.x() + ", " + this.y() + ")";
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'x': function() {
|
||||
return this._x;
|
||||
},
|
||||
|
||||
'y': function() {
|
||||
return this._y;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'isZero': function() {
|
||||
return (this.x().isZero() && this.y().isZero())
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
});
|
@ -1,381 +0,0 @@
|
||||
/*
|
||||
|
||||
Copyright 2008-2013 Clipperz Srl
|
||||
|
||||
This file is part of Clipperz, the online password manager.
|
||||
For further information about its features and functionalities please
|
||||
refer to http://www.clipperz.com.
|
||||
|
||||
* Clipperz is free software: you can redistribute it and/or modify it
|
||||
under the terms of the GNU Affero General Public License as published
|
||||
by the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
* Clipperz is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
See the GNU Affero General Public License for more details.
|
||||
|
||||
* You should have received a copy of the GNU Affero General Public
|
||||
License along with Clipperz. If not, see http://www.gnu.org/licenses/.
|
||||
|
||||
*/
|
||||
|
||||
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
|
||||
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
|
||||
//}
|
||||
if (typeof(Clipperz) == 'undefined') { Clipperz = {}; }
|
||||
if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; }
|
||||
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
|
||||
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.Value = function(aValue, aBase, aBitSize) {
|
||||
if (aValue.constructor == String) {
|
||||
var value;
|
||||
var stringLength;
|
||||
var numberOfWords;
|
||||
var i,c;
|
||||
|
||||
if (aBase != 16) {
|
||||
throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase;
|
||||
}
|
||||
|
||||
value = aValue.replace(/ /g, '');
|
||||
stringLength = value.length;
|
||||
numberOfWords = Math.ceil(stringLength / 8);
|
||||
this._value = new Array(numberOfWords);
|
||||
|
||||
c = numberOfWords;
|
||||
for (i=0; i<c; i++) {
|
||||
var word;
|
||||
|
||||
if (i < (c-1)) {
|
||||
word = parseInt(value.substr(stringLength-((i+1)*8), 8), 16);
|
||||
} else {
|
||||
word = parseInt(value.substr(0, stringLength-(i*8)), 16);
|
||||
}
|
||||
|
||||
this._value[i] = word;
|
||||
}
|
||||
} else if (aValue.constructor == Array) {
|
||||
var itemsToCopy;
|
||||
|
||||
itemsToCopy = aValue.length;
|
||||
while (aValue[itemsToCopy - 1] == 0) {
|
||||
itemsToCopy --;
|
||||
}
|
||||
|
||||
this._value = aValue.slice(0, itemsToCopy);
|
||||
} else if (aValue.constructor == Number) {
|
||||
this._value = [aValue];
|
||||
} else {
|
||||
// throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType;
|
||||
}
|
||||
|
||||
this._bitSize == aBitSize || null;
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.Value.prototype = MochiKit.Base.update(null, {
|
||||
|
||||
'value': function() {
|
||||
return this._value;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'wordSize': function() {
|
||||
return this._value.length
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'clone': function() {
|
||||
return new Clipperz.Crypto.ECC.BinaryField.Value(this._value.slice(0), null, this._bitSize);
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'isZero': function() {
|
||||
return (this.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) == 0);
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'asString': function(aBase) {
|
||||
var result;
|
||||
var i,c;
|
||||
|
||||
if (aBase != 16) {
|
||||
throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase;
|
||||
}
|
||||
|
||||
result = "";
|
||||
c = this.wordSize();
|
||||
for (i=0; i<c; i++) {
|
||||
var wordAsString;
|
||||
|
||||
// wordAsString = ("00000000" + this.value()[i].toString(16));
|
||||
wordAsString = ("00000000" + this._value[i].toString(16));
|
||||
wordAsString = wordAsString.substring(wordAsString.length - 8);
|
||||
result = wordAsString + result;
|
||||
}
|
||||
|
||||
result = result.replace(/^(00)*/, "");
|
||||
|
||||
if (result == "") {
|
||||
result = "0";
|
||||
}
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'shiftLeft': function(aNumberOfBitsToShift) {
|
||||
// this method seems like it is never called. :-(
|
||||
return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this._value, aNumberOfBitsToShift));
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'bitSize': function() {
|
||||
if (this._bitSize == null) {
|
||||
this._bitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(this._value);
|
||||
}
|
||||
|
||||
return this._bitSize;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'isBitSet': function(aBitPosition) {
|
||||
return Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(this._value, aBitPosition);
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'xor': function(aValue) {
|
||||
return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._xor(this._value, aValue._value));
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'compare': function(aValue) {
|
||||
return Clipperz.Crypto.ECC.BinaryField.Value._compare(this._value, aValue._value);
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
});
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.Value.O = new Clipperz.Crypto.ECC.BinaryField.Value('0', 16);
|
||||
Clipperz.Crypto.ECC.BinaryField.Value.I = new Clipperz.Crypto.ECC.BinaryField.Value('1', 16);
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.Value._xor = function(a, b, aFirstItemOffset) {
|
||||
var result;
|
||||
var resultSize;
|
||||
var i,c;
|
||||
var firstItemOffset;
|
||||
|
||||
firstItemOffset = aFirstItemOffset || 0;
|
||||
resultSize = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset;
|
||||
|
||||
result = new Array(resultSize);
|
||||
|
||||
c = firstItemOffset;
|
||||
for (i=0; i<c; i++) {
|
||||
result[i] = a[i];
|
||||
}
|
||||
|
||||
c = resultSize;
|
||||
for (i=firstItemOffset; i<c; i++) {
|
||||
result[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0);
|
||||
}
|
||||
|
||||
return result;
|
||||
};
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor = function(a, b, aFirstItemOffset) {
|
||||
var i,c;
|
||||
var firstItemOffset;
|
||||
|
||||
firstItemOffset = aFirstItemOffset || 0;
|
||||
|
||||
c = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset;
|
||||
for (i=firstItemOffset; i<c; i++) {
|
||||
a[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0);
|
||||
}
|
||||
};
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft = function(aWordArray, aNumberOfBitsToShift) {
|
||||
var numberOfWordsToShift;
|
||||
var numberOfBitsToShift;
|
||||
var result;
|
||||
var overflowValue;
|
||||
var nextOverflowValue;
|
||||
var i,c;
|
||||
|
||||
numberOfWordsToShift = Math.floor(aNumberOfBitsToShift / 32);
|
||||
numberOfBitsToShift = aNumberOfBitsToShift % 32;
|
||||
|
||||
result = new Array(aWordArray.length + numberOfWordsToShift);
|
||||
|
||||
c = numberOfWordsToShift;
|
||||
for (i=0; i<c; i++) {
|
||||
result[i] = 0;
|
||||
}
|
||||
|
||||
overflowValue = 0;
|
||||
nextOverflowValue = 0;
|
||||
|
||||
c = aWordArray.length;
|
||||
for (i=0; i<c; i++) {
|
||||
var value;
|
||||
var resultWord;
|
||||
|
||||
// value = this.value()[i];
|
||||
value = aWordArray[i];
|
||||
|
||||
if (numberOfBitsToShift > 0) {
|
||||
nextOverflowValue = (value >>> (32 - numberOfBitsToShift));
|
||||
value = value & (0xffffffff >>> numberOfBitsToShift);
|
||||
resultWord = (((value << numberOfBitsToShift) | overflowValue) >>> 0);
|
||||
} else {
|
||||
resultWord = value;
|
||||
}
|
||||
|
||||
result[i+numberOfWordsToShift] = resultWord;
|
||||
overflowValue = nextOverflowValue;
|
||||
}
|
||||
|
||||
if (overflowValue != 0) {
|
||||
result[aWordArray.length + numberOfWordsToShift] = overflowValue;
|
||||
}
|
||||
|
||||
return result;
|
||||
};
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft = function(aWordArray, aNumberOfBitsToShift) {
|
||||
var numberOfWordsToShift;
|
||||
var numberOfBitsToShift;
|
||||
var result;
|
||||
var overflowValue;
|
||||
var i,c;
|
||||
|
||||
numberOfWordsToShift = Math.floor(aNumberOfBitsToShift / 32);
|
||||
numberOfBitsToShift = aNumberOfBitsToShift % 32;
|
||||
|
||||
result = new Array(aWordArray.length + numberOfWordsToShift);
|
||||
|
||||
c = numberOfWordsToShift;
|
||||
for (i=0; i<c; i++) {
|
||||
result[i] = 0;
|
||||
}
|
||||
|
||||
overflowValue = 0;
|
||||
nextOverflowValue = 0;
|
||||
|
||||
c = aWordArray.length;
|
||||
for (i=0; i<c; i++) {
|
||||
var value;
|
||||
var resultWord;
|
||||
|
||||
// value = this.value()[i];
|
||||
value = aWordArray[i];
|
||||
|
||||
if (numberOfBitsToShift > 0) {
|
||||
var nextOverflowValue;
|
||||
|
||||
nextOverflowValue = (value >>> (32 - numberOfBitsToShift));
|
||||
value = value & (0xffffffff >>> numberOfBitsToShift);
|
||||
resultWord = (((value << numberOfBitsToShift) | overflowValue) >>> 0);
|
||||
} else {
|
||||
resultWord = value;
|
||||
}
|
||||
|
||||
result[i+numberOfWordsToShift] = resultWord;
|
||||
overflowValue = nextOverflowValue;
|
||||
}
|
||||
|
||||
if (overflowValue != 0) {
|
||||
result[aWordArray.length + numberOfWordsToShift] = overflowValue;
|
||||
}
|
||||
|
||||
return result;
|
||||
};
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.Value._bitSize = function(aWordArray) {
|
||||
var result;
|
||||
var notNullElements;
|
||||
var mostValuableWord;
|
||||
var matchingBitsInMostImportantWord;
|
||||
var mask;
|
||||
var i,c;
|
||||
|
||||
notNullElements = aWordArray.length;
|
||||
|
||||
if ((aWordArray.length == 1) && (aWordArray[0] == 0)) {
|
||||
result = 0;
|
||||
} else {
|
||||
notNullElements --;
|
||||
while((notNullElements > 0) && (aWordArray[notNullElements] == 0)) {
|
||||
notNullElements --;
|
||||
}
|
||||
|
||||
result = notNullElements * 32;
|
||||
mostValuableWord = aWordArray[notNullElements];
|
||||
|
||||
matchingBits = 32;
|
||||
mask = 0x80000000;
|
||||
|
||||
while ((matchingBits > 0) && ((mostValuableWord & mask) == 0)) {
|
||||
matchingBits --;
|
||||
mask >>>= 1;
|
||||
}
|
||||
|
||||
result += matchingBits;
|
||||
}
|
||||
|
||||
return result;
|
||||
};
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.Value._isBitSet = function(aWordArray, aBitPosition) {
|
||||
var result;
|
||||
var byteIndex;
|
||||
var bitIndexInSelectedByte;
|
||||
|
||||
byteIndex = Math.floor(aBitPosition / 32);
|
||||
bitIndexInSelectedByte = aBitPosition % 32;
|
||||
|
||||
if (byteIndex <= aWordArray.length) {
|
||||
result = ((aWordArray[byteIndex] & (1 << bitIndexInSelectedByte)) != 0);
|
||||
} else {
|
||||
result = false;
|
||||
}
|
||||
|
||||
return result;
|
||||
};
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.Value._compare = function(a,b) {
|
||||
var result;
|
||||
var i,c;
|
||||
|
||||
result = MochiKit.Base.compare(a.length, b.length);
|
||||
|
||||
c = a.length;
|
||||
for (i=0; (i<c) && (result==0); i++) {
|
||||
//console.log("compare[" + c + " - " + i + " - 1] " + this.value()[c-i-1] + ", " + aValue.value()[c-i-1]);
|
||||
// result = MochiKit.Base.compare(this.value()[c-i-1], aValue.value()[c-i-1]);
|
||||
result = MochiKit.Base.compare(a[c-i-1], b[c-i-1]);
|
||||
}
|
||||
|
||||
return result;
|
||||
};
|
||||
|
||||
|
||||
Clipperz.Crypto.ECC.BinaryField.Value['exception']= {
|
||||
'UnsupportedBase': new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase"),
|
||||
'UnsupportedConstructorValueType': new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType")
|
||||
};
|
@ -1,234 +0,0 @@
|
||||
/*
|
||||
|
||||
Copyright 2008-2013 Clipperz Srl
|
||||
|
||||
This file is part of Clipperz, the online password manager.
|
||||
For further information about its features and functionalities please
|
||||
refer to http://www.clipperz.com.
|
||||
|
||||
* Clipperz is free software: you can redistribute it and/or modify it
|
||||
under the terms of the GNU Affero General Public License as published
|
||||
by the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
* Clipperz is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
See the GNU Affero General Public License for more details.
|
||||
|
||||
* You should have received a copy of the GNU Affero General Public
|
||||
License along with Clipperz. If not, see http://www.gnu.org/licenses/.
|
||||
|
||||
*/
|
||||
|
||||
//try { if (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) == 'undefined') { throw ""; }} catch (e) {
|
||||
// throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.BinaryField.Curve!";
|
||||
//}
|
||||
//try { if (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) == 'undefined') { throw ""; }} catch (e) {
|
||||
// throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.Koblitz.Curve!";
|
||||
//}
|
||||
|
||||
Clipperz.Crypto.ECC.StandardCurves = {};
|
||||
|
||||
MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, {
|
||||
|
||||
//==============================================================================
|
||||
|
||||
'_K571': null,
|
||||
'K571': function() { // f(z) = z^571 + z^10 + z^5 + z^2 + 1
|
||||
if ((Clipperz.Crypto.ECC.StandardCurves._K571 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) {
|
||||
Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.Koblitz.Curve({
|
||||
modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16),
|
||||
a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16),
|
||||
b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16),
|
||||
G: new Clipperz.Crypto.ECC.Koblitz.Point({
|
||||
x: new Clipperz.Crypto.ECC.Koblitz.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16),
|
||||
y: new Clipperz.Crypto.ECC.Koblitz.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16)
|
||||
}),
|
||||
r: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16),
|
||||
h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16),
|
||||
primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16)
|
||||
});
|
||||
}
|
||||
|
||||
return Clipperz.Crypto.ECC.StandardCurves._K571;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'_K283': null,
|
||||
'K283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
|
||||
if ((Clipperz.Crypto.ECC.StandardCurves._K283 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) {
|
||||
Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.Koblitz.Curve({
|
||||
modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
|
||||
a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16),
|
||||
b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16),
|
||||
G: new Clipperz.Crypto.ECC.Koblitz.Point({
|
||||
x: new Clipperz.Crypto.ECC.Koblitz.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16),
|
||||
y: new Clipperz.Crypto.ECC.Koblitz.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16)
|
||||
}),
|
||||
r: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16),
|
||||
h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16),
|
||||
primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16)
|
||||
});
|
||||
}
|
||||
|
||||
return Clipperz.Crypto.ECC.StandardCurves._K283;
|
||||
},
|
||||
|
||||
//==============================================================================
|
||||
|
||||
'_B571': null,
|
||||
'B571': function() { // f(z) = z^571 + z^10 + z^5 + z^2 + 1
|
||||
if ((Clipperz.Crypto.ECC.StandardCurves._B571 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) {
|
||||
Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({
|
||||
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16),
|
||||
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
|
||||
b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e 2221f295 de297117 b7f3d62f 5c6a97ff cb8ceff1 cd6ba8ce 4a9a18ad 84ffabbd 8efa5933 2be7ad67 56a66e29 4afd185a 78ff12aa 520e4de7 39baca0c 7ffeff7f 2955727a', 16),
|
||||
G: new Clipperz.Crypto.ECC.BinaryField.Point({
|
||||
x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16),
|
||||
y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16)
|
||||
}),
|
||||
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16),
|
||||
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
|
||||
|
||||
// S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
|
||||
// n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16)
|
||||
});
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
//
|
||||
// Guide to Elliptic Curve Cryptography
|
||||
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
|
||||
// - Pag: 56, Alorithm 2.45 (with a typo!!!)
|
||||
//
|
||||
//-----------------------------------------------------------------------------
|
||||
//
|
||||
// http://www.milw0rm.com/papers/136
|
||||
//
|
||||
// -------------------------------------------------------------------------
|
||||
// Polynomial Reduction Algorithm Modulo f571
|
||||
// -------------------------------------------------------------------------
|
||||
//
|
||||
// Input: Polynomial p(x) of degree 1140 or less, stored as
|
||||
// an array of 2T machinewords.
|
||||
// Output: p(x) mod f571(x)
|
||||
//
|
||||
// FOR i = T-1, ..., 0 DO
|
||||
// SET X := P[i+T]
|
||||
// P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15)
|
||||
// P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27)
|
||||
//
|
||||
// SET X := P[T-1] >> 27
|
||||
// P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10)
|
||||
// P[T-1] := P[T-1] & 0x07ffffff
|
||||
//
|
||||
// RETURN P[T-1],...,P[0]
|
||||
//
|
||||
// -------------------------------------------------------------------------
|
||||
//
|
||||
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module;
|
||||
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) {
|
||||
var result;
|
||||
|
||||
if (aValue.bitSize() > 1140) {
|
||||
MochiKit.Logging.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation");
|
||||
result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue);
|
||||
} else {
|
||||
var C, T;
|
||||
var i;
|
||||
|
||||
//console.log(">>> binaryField.finiteField.(improved)module");
|
||||
// C = aValue.value().slice(0);
|
||||
C = aValue._value.slice(0);
|
||||
for (i=35; i>=18; i--) {
|
||||
T = C[i];
|
||||
C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0);
|
||||
C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0);
|
||||
}
|
||||
T = (C[17] >>> 27);
|
||||
C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0);
|
||||
C[17] = (C[17] & 0x07ffffff);
|
||||
|
||||
for(i=18; i<=35; i++) {
|
||||
C[i] = 0;
|
||||
}
|
||||
|
||||
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
|
||||
//console.log("<<< binaryField.finiteField.(improved)module");
|
||||
}
|
||||
|
||||
return result;
|
||||
};
|
||||
}
|
||||
|
||||
return Clipperz.Crypto.ECC.StandardCurves._B571;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'_B283': null,
|
||||
'B283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
|
||||
if ((Clipperz.Crypto.ECC.StandardCurves._B283 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) {
|
||||
Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({
|
||||
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
|
||||
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
|
||||
b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16),
|
||||
G: new Clipperz.Crypto.ECC.BinaryField.Point({
|
||||
x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16),
|
||||
y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16)
|
||||
}),
|
||||
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16),
|
||||
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
|
||||
});
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
//
|
||||
// Guide to Elliptic Curve Cryptography
|
||||
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
|
||||
// - Pag: 56, Alorithm 2.43
|
||||
//
|
||||
//-----------------------------------------------------------------------------
|
||||
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module;
|
||||
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) {
|
||||
var result;
|
||||
|
||||
if (aValue.bitSize() > 564) {
|
||||
MochiKit.Logging.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation");
|
||||
result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue);
|
||||
} else {
|
||||
var C, T;
|
||||
var i;
|
||||
|
||||
//console.log(">>> binaryField.finiteField.(improved)module");
|
||||
C = aValue._value.slice(0);
|
||||
for (i=17; i>=9; i--) {
|
||||
T = C[i];
|
||||
C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0);
|
||||
C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0);
|
||||
}
|
||||
T = (C[8] >>> 27);
|
||||
C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0);
|
||||
C[8] = (C[8] & 0x07ffffff);
|
||||
|
||||
for(i=9; i<=17; i++) {
|
||||
C[i] = 0;
|
||||
}
|
||||
|
||||
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
|
||||
//console.log("<<< binaryField.finiteField.(improved)module");
|
||||
}
|
||||
|
||||
return result;
|
||||
};
|
||||
}
|
||||
|
||||
return Clipperz.Crypto.ECC.StandardCurves._B283;
|
||||
},
|
||||
|
||||
//==============================================================================
|
||||
__syntaxFix__: "syntax fix"
|
||||
});
|
||||
|
||||
|
||||
|
@ -1,850 +0,0 @@
|
||||
/*
|
||||
|
||||
Copyright 2008-2013 Clipperz Srl
|
||||
|
||||
This file is part of Clipperz, the online password manager.
|
||||
For further information about its features and functionalities please
|
||||
refer to http://www.clipperz.com.
|
||||
|
||||
* Clipperz is free software: you can redistribute it and/or modify it
|
||||
under the terms of the GNU Affero General Public License as published
|
||||
by the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
* Clipperz is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
See the GNU Affero General Public License for more details.
|
||||
|
||||
* You should have received a copy of the GNU Affero General Public
|
||||
License along with Clipperz. If not, see http://www.gnu.org/licenses/.
|
||||
|
||||
*/
|
||||
|
||||
try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
|
||||
throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!";
|
||||
}
|
||||
|
||||
try { if (typeof(Clipperz.Crypto.SHA) == 'undefined') { throw ""; }} catch (e) {
|
||||
throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.SHA!";
|
||||
}
|
||||
|
||||
try { if (typeof(Clipperz.Crypto.AES) == 'undefined') { throw ""; }} catch (e) {
|
||||
throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.AES!";
|
||||
}
|
||||
|
||||
if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { Clipperz.Crypto.PRNG = {}; }
|
||||
|
||||
//#############################################################################
|
||||
|
||||
Clipperz.Crypto.PRNG.EntropyAccumulator = function(args) {
|
||||
args = args || {};
|
||||
// MochiKit.Base.bindMethods(this);
|
||||
|
||||
this._stack = new Clipperz.ByteArray();
|
||||
this._maxStackLengthBeforeHashing = args.maxStackLengthBeforeHashing || 256;
|
||||
return this;
|
||||
}
|
||||
|
||||
Clipperz.Crypto.PRNG.EntropyAccumulator.prototype = MochiKit.Base.update(null, {
|
||||
|
||||
'toString': function() {
|
||||
return "Clipperz.Crypto.PRNG.EntropyAccumulator";
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'stack': function() {
|
||||
return this._stack;
|
||||
},
|
||||
|
||||
'setStack': function(aValue) {
|
||||
this._stack = aValue;
|
||||
},
|
||||
|
||||
'resetStack': function() {
|
||||
this.stack().reset();
|
||||
},
|
||||
|
||||
'maxStackLengthBeforeHashing': function() {
|
||||
return this._maxStackLengthBeforeHashing;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'addRandomByte': function(aValue) {
|
||||
this.stack().appendByte(aValue);
|
||||
|
||||
if (this.stack().length() > this.maxStackLengthBeforeHashing()) {
|
||||
this.setStack(Clipperz.Crypto.SHA.sha_d256(this.stack()));
|
||||
}
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
});
|
||||
|
||||
//#############################################################################
|
||||
|
||||
Clipperz.Crypto.PRNG.RandomnessSource = function(args) {
|
||||
args = args || {};
|
||||
MochiKit.Base.bindMethods(this);
|
||||
|
||||
this._generator = args.generator || null;
|
||||
this._sourceId = args.sourceId || null;
|
||||
this._boostMode = args.boostMode || false;
|
||||
|
||||
this._nextPoolIndex = 0;
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
Clipperz.Crypto.PRNG.RandomnessSource.prototype = MochiKit.Base.update(null, {
|
||||
|
||||
'generator': function() {
|
||||
return this._generator;
|
||||
},
|
||||
|
||||
'setGenerator': function(aValue) {
|
||||
this._generator = aValue;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'boostMode': function() {
|
||||
return this._boostMode;
|
||||
},
|
||||
|
||||
'setBoostMode': function(aValue) {
|
||||
this._boostMode = aValue;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'sourceId': function() {
|
||||
return this._sourceId;
|
||||
},
|
||||
|
||||
'setSourceId': function(aValue) {
|
||||
this._sourceId = aValue;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'nextPoolIndex': function() {
|
||||
return this._nextPoolIndex;
|
||||
},
|
||||
|
||||
'incrementNextPoolIndex': function() {
|
||||
this._nextPoolIndex = ((this._nextPoolIndex + 1) % this.generator().numberOfEntropyAccumulators());
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'updateGeneratorWithValue': function(aRandomValue) {
|
||||
if (this.generator() != null) {
|
||||
this.generator().addRandomByte(this.sourceId(), this.nextPoolIndex(), aRandomValue);
|
||||
this.incrementNextPoolIndex();
|
||||
}
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
});
|
||||
|
||||
//#############################################################################
|
||||
|
||||
Clipperz.Crypto.PRNG.TimeRandomnessSource = function(args) {
|
||||
args = args || {};
|
||||
// MochiKit.Base.bindMethods(this);
|
||||
|
||||
this._intervalTime = args.intervalTime || 1000;
|
||||
|
||||
Clipperz.Crypto.PRNG.RandomnessSource.call(this, args);
|
||||
|
||||
this.collectEntropy();
|
||||
return this;
|
||||
}
|
||||
|
||||
Clipperz.Crypto.PRNG.TimeRandomnessSource.prototype = MochiKit.Base.update(new Clipperz.Crypto.PRNG.RandomnessSource, {
|
||||
|
||||
'intervalTime': function() {
|
||||
return this._intervalTime;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'collectEntropy': function() {
|
||||
var now;
|
||||
var entropyByte;
|
||||
var intervalTime;
|
||||
now = new Date();
|
||||
entropyByte = (now.getTime() & 0xff);
|
||||
|
||||
intervalTime = this.intervalTime();
|
||||
if (this.boostMode() == true) {
|
||||
intervalTime = intervalTime / 9;
|
||||
}
|
||||
|
||||
this.updateGeneratorWithValue(entropyByte);
|
||||
setTimeout(this.collectEntropy, intervalTime);
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'numberOfRandomBits': function() {
|
||||
return 5;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'pollingFrequency': function() {
|
||||
return 10;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
});
|
||||
|
||||
//*****************************************************************************
|
||||
|
||||
Clipperz.Crypto.PRNG.MouseRandomnessSource = function(args) {
|
||||
args = args || {};
|
||||
|
||||
Clipperz.Crypto.PRNG.RandomnessSource.call(this, args);
|
||||
|
||||
this._numberOfBitsToCollectAtEachEvent = 4;
|
||||
this._randomBitsCollector = 0;
|
||||
this._numberOfRandomBitsCollected = 0;
|
||||
|
||||
MochiKit.Signal.connect(document, 'onmousemove', this, 'collectEntropy');
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
Clipperz.Crypto.PRNG.MouseRandomnessSource.prototype = MochiKit.Base.update(new Clipperz.Crypto.PRNG.RandomnessSource, {
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'numberOfBitsToCollectAtEachEvent': function() {
|
||||
return this._numberOfBitsToCollectAtEachEvent;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'randomBitsCollector': function() {
|
||||
return this._randomBitsCollector;
|
||||
},
|
||||
|
||||
'setRandomBitsCollector': function(aValue) {
|
||||
this._randomBitsCollector = aValue;
|
||||
},
|
||||
|
||||
'appendRandomBitsToRandomBitsCollector': function(aValue) {
|
||||
var collectedBits;
|
||||
var numberOfRandomBitsCollected;
|
||||
|
||||
numberOfRandomBitsCollected = this.numberOfRandomBitsCollected();
|
||||
collectetBits = this.randomBitsCollector() | (aValue << numberOfRandomBitsCollected);
|
||||
this.setRandomBitsCollector(collectetBits);
|
||||
numberOfRandomBitsCollected += this.numberOfBitsToCollectAtEachEvent();
|
||||
|
||||
if (numberOfRandomBitsCollected == 8) {
|
||||
this.updateGeneratorWithValue(collectetBits);
|
||||
numberOfRandomBitsCollected = 0;
|
||||
this.setRandomBitsCollector(0);
|
||||
}
|
||||
|
||||
this.setNumberOfRandomBitsCollected(numberOfRandomBitsCollected)
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'numberOfRandomBitsCollected': function() {
|
||||
return this._numberOfRandomBitsCollected;
|
||||
},
|
||||
|
||||
'setNumberOfRandomBitsCollected': function(aValue) {
|
||||
this._numberOfRandomBitsCollected = aValue;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'collectEntropy': function(anEvent) {
|
||||
var mouseLocation;
|
||||
var randomBit;
|
||||
var mask;
|
||||
|
||||
mask = 0xffffffff >>> (32 - this.numberOfBitsToCollectAtEachEvent());
|
||||
|
||||
mouseLocation = anEvent.mouse().client;
|
||||
randomBit = ((mouseLocation.x ^ mouseLocation.y) & mask);
|
||||
this.appendRandomBitsToRandomBitsCollector(randomBit)
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'numberOfRandomBits': function() {
|
||||
return 1;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'pollingFrequency': function() {
|
||||
return 10;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
});
|
||||
|
||||
//*****************************************************************************
|
||||
|
||||
Clipperz.Crypto.PRNG.KeyboardRandomnessSource = function(args) {
|
||||
args = args || {};
|
||||
Clipperz.Crypto.PRNG.RandomnessSource.call(this, args);
|
||||
|
||||
this._randomBitsCollector = 0;
|
||||
this._numberOfRandomBitsCollected = 0;
|
||||
|
||||
MochiKit.Signal.connect(document, 'onkeypress', this, 'collectEntropy');
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
Clipperz.Crypto.PRNG.KeyboardRandomnessSource.prototype = MochiKit.Base.update(new Clipperz.Crypto.PRNG.RandomnessSource, {
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'randomBitsCollector': function() {
|
||||
return this._randomBitsCollector;
|
||||
},
|
||||
|
||||
'setRandomBitsCollector': function(aValue) {
|
||||
this._randomBitsCollector = aValue;
|
||||
},
|
||||
|
||||
'appendRandomBitToRandomBitsCollector': function(aValue) {
|
||||
var collectedBits;
|
||||
var numberOfRandomBitsCollected;
|
||||
|
||||
numberOfRandomBitsCollected = this.numberOfRandomBitsCollected();
|
||||
collectetBits = this.randomBitsCollector() | (aValue << numberOfRandomBitsCollected);
|
||||
this.setRandomBitsCollector(collectetBits);
|
||||
numberOfRandomBitsCollected ++;
|
||||
|
||||
if (numberOfRandomBitsCollected == 8) {
|
||||
this.updateGeneratorWithValue(collectetBits);
|
||||
numberOfRandomBitsCollected = 0;
|
||||
this.setRandomBitsCollector(0);
|
||||
}
|
||||
|
||||
this.setNumberOfRandomBitsCollected(numberOfRandomBitsCollected)
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'numberOfRandomBitsCollected': function() {
|
||||
return this._numberOfRandomBitsCollected;
|
||||
},
|
||||
|
||||
'setNumberOfRandomBitsCollected': function(aValue) {
|
||||
this._numberOfRandomBitsCollected = aValue;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'collectEntropy': function(anEvent) {
|
||||
/*
|
||||
var mouseLocation;
|
||||
var randomBit;
|
||||
|
||||
mouseLocation = anEvent.mouse().client;
|
||||
|
||||
randomBit = ((mouseLocation.x ^ mouseLocation.y) & 0x1);
|
||||
this.appendRandomBitToRandomBitsCollector(randomBit);
|
||||
*/
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'numberOfRandomBits': function() {
|
||||
return 1;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'pollingFrequency': function() {
|
||||
return 10;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
});
|
||||
|
||||
//#############################################################################
|
||||
|
||||
Clipperz.Crypto.PRNG.Fortuna = function(args) {
|
||||
var i,c;
|
||||
|
||||
args = args || {};
|
||||
|
||||
this._key = args.seed || null;
|
||||
if (this._key == null) {
|
||||
this._counter = 0;
|
||||
this._key = new Clipperz.ByteArray();
|
||||
} else {
|
||||
this._counter = 1;
|
||||
}
|
||||
|
||||
this._aesKey = null;
|
||||
|
||||
this._firstPoolReseedLevel = args.firstPoolReseedLevel || 32 || 64;
|
||||
this._numberOfEntropyAccumulators = args.numberOfEntropyAccumulators || 32;
|
||||
|
||||
this._accumulators = [];
|
||||
c = this.numberOfEntropyAccumulators();
|
||||
for (i=0; i<c; i++) {
|
||||
this._accumulators.push(new Clipperz.Crypto.PRNG.EntropyAccumulator());
|
||||
}
|
||||
|
||||
this._randomnessSources = [];
|
||||
this._reseedCounter = 0;
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
Clipperz.Crypto.PRNG.Fortuna.prototype = MochiKit.Base.update(null, {
|
||||
|
||||
'toString': function() {
|
||||
return "Clipperz.Crypto.PRNG.Fortuna";
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'key': function() {
|
||||
return this._key;
|
||||
},
|
||||
|
||||
'setKey': function(aValue) {
|
||||
this._key = aValue;
|
||||
this._aesKey = null;
|
||||
},
|
||||
|
||||
'aesKey': function() {
|
||||
if (this._aesKey == null) {
|
||||
this._aesKey = new Clipperz.Crypto.AES.Key({key:this.key()});
|
||||
}
|
||||
|
||||
return this._aesKey;
|
||||
},
|
||||
|
||||
'accumulators': function() {
|
||||
return this._accumulators;
|
||||
},
|
||||
|
||||
'firstPoolReseedLevel': function() {
|
||||
return this._firstPoolReseedLevel;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'reseedCounter': function() {
|
||||
return this._reseedCounter;
|
||||
},
|
||||
|
||||
'incrementReseedCounter': function() {
|
||||
this._reseedCounter = this._reseedCounter +1;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'reseed': function() {
|
||||
var newKeySeed;
|
||||
var reseedCounter;
|
||||
var reseedCounterMask;
|
||||
var i, c;
|
||||
|
||||
newKeySeed = this.key();
|
||||
this.incrementReseedCounter();
|
||||
reseedCounter = this.reseedCounter();
|
||||
|
||||
c = this.numberOfEntropyAccumulators();
|
||||
reseedCounterMask = 0xffffffff >>> (32 - c);
|
||||
for (i=0; i<c; i++) {
|
||||
if ((i == 0) || ((reseedCounter & (reseedCounterMask >>> (c - i))) == 0)) {
|
||||
newKeySeed.appendBlock(this.accumulators()[i].stack());
|
||||
this.accumulators()[i].resetStack();
|
||||
}
|
||||
}
|
||||
|
||||
if (reseedCounter == 1) {
|
||||
c = this.randomnessSources().length;
|
||||
for (i=0; i<c; i++) {
|
||||
this.randomnessSources()[i].setBoostMode(false);
|
||||
}
|
||||
}
|
||||
|
||||
this.setKey(Clipperz.Crypto.SHA.sha_d256(newKeySeed));
|
||||
if (reseedCounter == 1) {
|
||||
//MochiKit.Logging.logDebug("### PRNG.readyToGenerateRandomBytes");
|
||||
Clipperz.log("### PRNG.readyToGenerateRandomBytes");
|
||||
MochiKit.Signal.signal(this, 'readyToGenerateRandomBytes');
|
||||
}
|
||||
MochiKit.Signal.signal(this, 'reseeded');
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'isReadyToGenerateRandomValues': function() {
|
||||
return this.reseedCounter() != 0;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'entropyLevel': function() {
|
||||
return this.accumulators()[0].stack().length() + (this.reseedCounter() * this.firstPoolReseedLevel());
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'counter': function() {
|
||||
return this._counter;
|
||||
},
|
||||
|
||||
'incrementCounter': function() {
|
||||
this._counter += 1;
|
||||
},
|
||||
|
||||
'counterBlock': function() {
|
||||
var result;
|
||||
|
||||
result = new Clipperz.ByteArray().appendWords(this.counter(), 0, 0, 0);
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'getRandomBlock': function() {
|
||||
var result;
|
||||
|
||||
result = new Clipperz.ByteArray(Clipperz.Crypto.AES.encryptBlock(this.aesKey(), this.counterBlock().arrayValues()));
|
||||
this.incrementCounter();
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'getRandomBytes': function(aSize) {
|
||||
var result;
|
||||
|
||||
if (this.isReadyToGenerateRandomValues()) {
|
||||
var i,c;
|
||||
var newKey;
|
||||
|
||||
result = new Clipperz.ByteArray();
|
||||
|
||||
c = Math.ceil(aSize / (128 / 8));
|
||||
for (i=0; i<c; i++) {
|
||||
result.appendBlock(this.getRandomBlock());
|
||||
}
|
||||
|
||||
if (result.length() != aSize) {
|
||||
result = result.split(0, aSize);
|
||||
}
|
||||
|
||||
newKey = this.getRandomBlock().appendBlock(this.getRandomBlock());
|
||||
this.setKey(newKey);
|
||||
} else {
|
||||
MochiKit.Logging.logWarning("Fortuna generator has not enough entropy, yet!");
|
||||
throw Clipperz.Crypto.PRNG.exception.NotEnoughEntropy;
|
||||
}
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'addRandomByte': function(aSourceId, aPoolId, aRandomValue) {
|
||||
var selectedAccumulator;
|
||||
|
||||
selectedAccumulator = this.accumulators()[aPoolId];
|
||||
selectedAccumulator.addRandomByte(aRandomValue);
|
||||
|
||||
if (aPoolId == 0) {
|
||||
MochiKit.Signal.signal(this, 'addedRandomByte')
|
||||
if (selectedAccumulator.stack().length() > this.firstPoolReseedLevel()) {
|
||||
this.reseed();
|
||||
}
|
||||
}
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'numberOfEntropyAccumulators': function() {
|
||||
return this._numberOfEntropyAccumulators;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'randomnessSources': function() {
|
||||
return this._randomnessSources;
|
||||
},
|
||||
|
||||
'addRandomnessSource': function(aRandomnessSource) {
|
||||
aRandomnessSource.setGenerator(this);
|
||||
aRandomnessSource.setSourceId(this.randomnessSources().length);
|
||||
this.randomnessSources().push(aRandomnessSource);
|
||||
|
||||
if (this.isReadyToGenerateRandomValues() == false) {
|
||||
aRandomnessSource.setBoostMode(true);
|
||||
}
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'deferredEntropyCollection': function(aValue) {
|
||||
var result;
|
||||
|
||||
//MochiKit.Logging.logDebug(">>> PRNG.deferredEntropyCollection");
|
||||
|
||||
if (this.isReadyToGenerateRandomValues()) {
|
||||
//MochiKit.Logging.logDebug("--- PRNG.deferredEntropyCollection - 1");
|
||||
result = aValue;
|
||||
} else {
|
||||
//MochiKit.Logging.logDebug("--- PRNG.deferredEntropyCollection - 2");
|
||||
var deferredResult;
|
||||
|
||||
// Clipperz.NotificationCenter.notify(this, 'updatedProgressState', 'collectingEntropy', true);
|
||||
|
||||
deferredResult = new Clipperz.Async.Deferred("PRNG.deferredEntropyCollection");
|
||||
// deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("1.2.1 - PRNG.deferredEntropyCollection - 1: " + res); return res;});
|
||||
deferredResult.addCallback(MochiKit.Base.partial(MochiKit.Async.succeed, aValue));
|
||||
// deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("1.2.2 - PRNG.deferredEntropyCollection - 2: " + res); return res;});
|
||||
MochiKit.Signal.connect(this,
|
||||
'readyToGenerateRandomBytes',
|
||||
deferredResult,
|
||||
'callback');
|
||||
|
||||
result = deferredResult;
|
||||
}
|
||||
//MochiKit.Logging.logDebug("<<< PRNG.deferredEntropyCollection - result: " + result);
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'fastEntropyAccumulationForTestingPurpose': function() {
|
||||
while (! this.isReadyToGenerateRandomValues()) {
|
||||
this.addRandomByte(Math.floor(Math.random() * 32), Math.floor(Math.random() * 32), Math.floor(Math.random() * 256));
|
||||
}
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'dump': function(appendToDoc) {
|
||||
var tbl;
|
||||
var i,c;
|
||||
|
||||
tbl = document.createElement("table");
|
||||
tbl.border = 0;
|
||||
with (tbl.style) {
|
||||
border = "1px solid lightgrey";
|
||||
fontFamily = 'Helvetica, Arial, sans-serif';
|
||||
fontSize = '8pt';
|
||||
//borderCollapse = "collapse";
|
||||
}
|
||||
var hdr = tbl.createTHead();
|
||||
var hdrtr = hdr.insertRow(0);
|
||||
// document.createElement("tr");
|
||||
{
|
||||
var ntd;
|
||||
|
||||
ntd = hdrtr.insertCell(0);
|
||||
ntd.style.borderBottom = "1px solid lightgrey";
|
||||
ntd.style.borderRight = "1px solid lightgrey";
|
||||
ntd.appendChild(document.createTextNode("#"));
|
||||
|
||||
ntd = hdrtr.insertCell(1);
|
||||
ntd.style.borderBottom = "1px solid lightgrey";
|
||||
ntd.style.borderRight = "1px solid lightgrey";
|
||||
ntd.appendChild(document.createTextNode("s"));
|
||||
|
||||
ntd = hdrtr.insertCell(2);
|
||||
ntd.colSpan = this.firstPoolReseedLevel();
|
||||
ntd.style.borderBottom = "1px solid lightgrey";
|
||||
ntd.style.borderRight = "1px solid lightgrey";
|
||||
ntd.appendChild(document.createTextNode("base values"));
|
||||
|
||||
ntd = hdrtr.insertCell(3);
|
||||
ntd.colSpan = 20;
|
||||
ntd.style.borderBottom = "1px solid lightgrey";
|
||||
ntd.appendChild(document.createTextNode("extra values"));
|
||||
|
||||
}
|
||||
|
||||
c = this.accumulators().length;
|
||||
for (i=0; i<c ; i++) {
|
||||
var currentAccumulator;
|
||||
var bdytr;
|
||||
var bdytd;
|
||||
var ii, cc;
|
||||
|
||||
currentAccumulator = this.accumulators()[i]
|
||||
|
||||
bdytr = tbl.insertRow(true);
|
||||
|
||||
bdytd = bdytr.insertCell(0);
|
||||
bdytd.style.borderRight = "1px solid lightgrey";
|
||||
bdytd.style.color = "lightgrey";
|
||||
bdytd.appendChild(document.createTextNode("" + i));
|
||||
|
||||
bdytd = bdytr.insertCell(1);
|
||||
bdytd.style.borderRight = "1px solid lightgrey";
|
||||
bdytd.style.color = "gray";
|
||||
bdytd.appendChild(document.createTextNode("" + currentAccumulator.stack().length()));
|
||||
|
||||
|
||||
cc = Math.max(currentAccumulator.stack().length(), this.firstPoolReseedLevel());
|
||||
for (ii=0; ii<cc; ii++) {
|
||||
var cellText;
|
||||
|
||||
bdytd = bdytr.insertCell(ii + 2);
|
||||
|
||||
if (ii < currentAccumulator.stack().length()) {
|
||||
cellText = Clipperz.ByteArray.byteToHex(currentAccumulator.stack().byteAtIndex(ii));
|
||||
} else {
|
||||
cellText = "_";
|
||||
}
|
||||
|
||||
if (ii == (this.firstPoolReseedLevel() - 1)) {
|
||||
bdytd.style.borderRight = "1px solid lightgrey";
|
||||
}
|
||||
|
||||
bdytd.appendChild(document.createTextNode(cellText));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
if (appendToDoc) {
|
||||
var ne = document.createElement("div");
|
||||
ne.id = "entropyGeneratorStatus";
|
||||
with (ne.style) {
|
||||
fontFamily = "Courier New, monospace";
|
||||
fontSize = "12px";
|
||||
lineHeight = "16px";
|
||||
borderTop = "1px solid black";
|
||||
padding = "10px";
|
||||
}
|
||||
if (document.getElementById(ne.id)) {
|
||||
MochiKit.DOM.swapDOM(ne.id, ne);
|
||||
} else {
|
||||
document.body.appendChild(ne);
|
||||
}
|
||||
ne.appendChild(tbl);
|
||||
}
|
||||
|
||||
return tbl;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
});
|
||||
|
||||
//#############################################################################
|
||||
|
||||
Clipperz.Crypto.PRNG.Random = function(args) {
|
||||
args = args || {};
|
||||
// MochiKit.Base.bindMethods(this);
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
Clipperz.Crypto.PRNG.Random.prototype = MochiKit.Base.update(null, {
|
||||
|
||||
'toString': function() {
|
||||
return "Clipperz.Crypto.PRNG.Random";
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'getRandomBytes': function(aSize) {
|
||||
//Clipperz.Profile.start("Clipperz.Crypto.PRNG.Random.getRandomBytes");
|
||||
var result;
|
||||
var i,c;
|
||||
|
||||
result = new Clipperz.ByteArray()
|
||||
c = aSize || 1;
|
||||
for (i=0; i<c; i++) {
|
||||
result.appendByte((Math.random()*255) & 0xff);
|
||||
}
|
||||
|
||||
//Clipperz.Profile.stop("Clipperz.Crypto.PRNG.Random.getRandomBytes");
|
||||
return result;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
});
|
||||
|
||||
//#############################################################################
|
||||
|
||||
_clipperz_crypt_prng_defaultPRNG = null;
|
||||
|
||||
Clipperz.Crypto.PRNG.defaultRandomGenerator = function() {
|
||||
if (_clipperz_crypt_prng_defaultPRNG == null) {
|
||||
_clipperz_crypt_prng_defaultPRNG = new Clipperz.Crypto.PRNG.Fortuna();
|
||||
|
||||
//.............................................................
|
||||
//
|
||||
// TimeRandomnessSource
|
||||
//
|
||||
//.............................................................
|
||||
{
|
||||
var newRandomnessSource;
|
||||
|
||||
newRandomnessSource = new Clipperz.Crypto.PRNG.TimeRandomnessSource({intervalTime:111});
|
||||
_clipperz_crypt_prng_defaultPRNG.addRandomnessSource(newRandomnessSource);
|
||||
}
|
||||
|
||||
//.............................................................
|
||||
//
|
||||
// MouseRandomnessSource
|
||||
//
|
||||
//.............................................................
|
||||
{
|
||||
var newRandomnessSource;
|
||||
|
||||
newRandomnessSource = new Clipperz.Crypto.PRNG.MouseRandomnessSource();
|
||||
_clipperz_crypt_prng_defaultPRNG.addRandomnessSource(newRandomnessSource);
|
||||
}
|
||||
|
||||
//.............................................................
|
||||
//
|
||||
// KeyboardRandomnessSource
|
||||
//
|
||||
//.............................................................
|
||||
{
|
||||
var newRandomnessSource;
|
||||
|
||||
newRandomnessSource = new Clipperz.Crypto.PRNG.KeyboardRandomnessSource();
|
||||
_clipperz_crypt_prng_defaultPRNG.addRandomnessSource(newRandomnessSource);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
return _clipperz_crypt_prng_defaultPRNG;
|
||||
};
|
||||
|
||||
//#############################################################################
|
||||
|
||||
Clipperz.Crypto.PRNG.exception = {
|
||||
NotEnoughEntropy: new MochiKit.Base.NamedError("Clipperz.Crypto.PRNG.exception.NotEnoughEntropy")
|
||||
};
|
||||
|
||||
|
||||
MochiKit.DOM.addLoadEvent(Clipperz.Crypto.PRNG.defaultRandomGenerator);
|
@ -1,146 +0,0 @@
|
||||
/*
|
||||
|
||||
Copyright 2008-2013 Clipperz Srl
|
||||
|
||||
This file is part of Clipperz, the online password manager.
|
||||
For further information about its features and functionalities please
|
||||
refer to http://www.clipperz.com.
|
||||
|
||||
* Clipperz is free software: you can redistribute it and/or modify it
|
||||
under the terms of the GNU Affero General Public License as published
|
||||
by the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
* Clipperz is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
See the GNU Affero General Public License for more details.
|
||||
|
||||
* You should have received a copy of the GNU Affero General Public
|
||||
License along with Clipperz. If not, see http://www.gnu.org/licenses/.
|
||||
|
||||
*/
|
||||
|
||||
try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) {
|
||||
throw "Clipperz.Crypto.RSA depends on Clipperz.Crypto.BigInt!";
|
||||
}
|
||||
|
||||
if (typeof(Clipperz.Crypto.RSA) == 'undefined') { Clipperz.Crypto.RSA = {}; }
|
||||
|
||||
Clipperz.Crypto.RSA.VERSION = "0.1";
|
||||
Clipperz.Crypto.RSA.NAME = "Clipperz.RSA";
|
||||
|
||||
//#############################################################################
|
||||
|
||||
MochiKit.Base.update(Clipperz.Crypto.RSA, {
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'publicKeyWithValues': function (e, d, n) {
|
||||
var result;
|
||||
|
||||
result = {};
|
||||
|
||||
if (e.isBigInt) {
|
||||
result.e = e;
|
||||
} else {
|
||||
result.e = new Clipperz.Crypto.BigInt(e, 16);
|
||||
}
|
||||
|
||||
if (d.isBigInt) {
|
||||
result.d = d;
|
||||
} else {
|
||||
result.d = new Clipperz.Crypto.BigInt(d, 16);
|
||||
}
|
||||
|
||||
if (n.isBigInt) {
|
||||
result.n = n;
|
||||
} else {
|
||||
result.n = new Clipperz.Crypto.BigInt(n, 16);
|
||||
}
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
'privateKeyWithValues': function(e, d, n) {
|
||||
return Clipperz.Crypto.RSA.publicKeyWithValues(e, d, n);
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'encryptUsingPublicKey': function (aKey, aMessage) {
|
||||
var messageValue;
|
||||
var result;
|
||||
|
||||
messageValue = new Clipperz.Crypto.BigInt(aMessage, 16);
|
||||
result = messageValue.powerModule(aKey.e, aKey.n);
|
||||
|
||||
return result.asString(16);
|
||||
},
|
||||
|
||||
//.............................................................................
|
||||
|
||||
'decryptUsingPublicKey': function (aKey, aMessage) {
|
||||
return Clipperz.Crypto.RSA.encryptUsingPublicKey(aKey, aMessage);
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'encryptUsingPrivateKey': function (aKey, aMessage) {
|
||||
var messageValue;
|
||||
var result;
|
||||
|
||||
messageValue = new Clipperz.Crypto.BigInt(aMessage, 16);
|
||||
result = messageValue.powerModule(aKey.d, aKey.n);
|
||||
|
||||
return result.asString(16);
|
||||
},
|
||||
|
||||
//.............................................................................
|
||||
|
||||
'decryptUsingPrivateKey': function (aKey, aMessage) {
|
||||
return Clipperz.Crypto.RSA.encryptUsingPrivateKey(aKey, aMessage);
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'generatePublicKey': function(aNumberOfBits) {
|
||||
var result;
|
||||
var e;
|
||||
var d;
|
||||
var n;
|
||||
|
||||
e = new Clipperz.Crypto.BigInt("10001", 16);
|
||||
|
||||
{
|
||||
var p, q;
|
||||
var phi;
|
||||
|
||||
do {
|
||||
p = Clipperz.Crypto.BigInt.randomPrime(aNumberOfBits);
|
||||
} while (p.module(e).equals(1));
|
||||
|
||||
do {
|
||||
q = Clipperz.Crypto.BigInt.randomPrime(aNumberOfBits);
|
||||
} while ((q.equals(p)) || (q.module(e).equals(1)));
|
||||
|
||||
n = p.multiply(q);
|
||||
phi = (p.subtract(1).multiply(q.subtract(1)));
|
||||
d = e.powerModule(-1, phi);
|
||||
}
|
||||
|
||||
result = Clipperz.Crypto.RSA.publicKeyWithValues(e, d, n);
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
__syntaxFix__: "syntax fix"
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
});
|
||||
|
||||
//#############################################################################
|
||||
|
@ -1,296 +0,0 @@
|
||||
/*
|
||||
|
||||
Copyright 2008-2013 Clipperz Srl
|
||||
|
||||
This file is part of Clipperz, the online password manager.
|
||||
For further information about its features and functionalities please
|
||||
refer to http://www.clipperz.com.
|
||||
|
||||
* Clipperz is free software: you can redistribute it and/or modify it
|
||||
under the terms of the GNU Affero General Public License as published
|
||||
by the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
* Clipperz is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
See the GNU Affero General Public License for more details.
|
||||
|
||||
* You should have received a copy of the GNU Affero General Public
|
||||
License along with Clipperz. If not, see http://www.gnu.org/licenses/.
|
||||
|
||||
*/
|
||||
|
||||
try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
|
||||
throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!";
|
||||
}
|
||||
|
||||
if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; }
|
||||
if (typeof(Clipperz.Crypto.SHA) == 'undefined') { Clipperz.Crypto.SHA = {}; }
|
||||
|
||||
Clipperz.Crypto.SHA.VERSION = "0.3";
|
||||
Clipperz.Crypto.SHA.NAME = "Clipperz.Crypto.SHA";
|
||||
|
||||
MochiKit.Base.update(Clipperz.Crypto.SHA, {
|
||||
|
||||
'__repr__': function () {
|
||||
return "[" + this.NAME + " " + this.VERSION + "]";
|
||||
},
|
||||
|
||||
'toString': function () {
|
||||
return this.__repr__();
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'rotateRight': function(aValue, aNumberOfBits) {
|
||||
//Clipperz.Profile.start("Clipperz.Crypto.SHA.rotateRight");
|
||||
var result;
|
||||
|
||||
result = (aValue >>> aNumberOfBits) | (aValue << (32 - aNumberOfBits));
|
||||
|
||||
//Clipperz.Profile.stop("Clipperz.Crypto.SHA.rotateRight");
|
||||
return result;
|
||||
},
|
||||
|
||||
'shiftRight': function(aValue, aNumberOfBits) {
|
||||
//Clipperz.Profile.start("Clipperz.Crypto.SHA.shiftRight");
|
||||
var result;
|
||||
|
||||
result = aValue >>> aNumberOfBits;
|
||||
|
||||
//Clipperz.Profile.stop("Clipperz.Crypto.SHA.shiftRight");
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'safeAdd': function() {
|
||||
//Clipperz.Profile.start("Clipperz.Crypto.SHA.safeAdd");
|
||||
var result;
|
||||
var i, c;
|
||||
|
||||
result = arguments[0];
|
||||
c = arguments.length;
|
||||
for (i=1; i<c; i++) {
|
||||
var lowerBytesSum;
|
||||
|
||||
lowerBytesSum = (result & 0xffff) + (arguments[i] & 0xffff);
|
||||
result = (((result >> 16) + (arguments[i] >> 16) + (lowerBytesSum >> 16)) << 16) | (lowerBytesSum & 0xffff);
|
||||
}
|
||||
|
||||
//Clipperz.Profile.stop("Clipperz.Crypto.SHA.safeAdd");
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'sha256_array': function(aValue) {
|
||||
//Clipperz.Profile.start("Clipperz.Crypto.SHA.sha256_array");
|
||||
var result;
|
||||
var message;
|
||||
var h0, h1, h2, h3, h4, h5, h6, h7;
|
||||
var k;
|
||||
var messageLength;
|
||||
var messageLengthInBits;
|
||||
var _i, _c;
|
||||
var charBits;
|
||||
var rotateRight;
|
||||
var shiftRight;
|
||||
var safeAdd;
|
||||
var bytesPerBlock;
|
||||
var currentMessageIndex;
|
||||
|
||||
bytesPerBlock = 512/8;
|
||||
rotateRight = Clipperz.Crypto.SHA.rotateRight;
|
||||
shiftRight = Clipperz.Crypto.SHA.shiftRight;
|
||||
safeAdd = Clipperz.Crypto.SHA.safeAdd;
|
||||
|
||||
charBits = 8;
|
||||
|
||||
h0 = 0x6a09e667;
|
||||
h1 = 0xbb67ae85;
|
||||
h2 = 0x3c6ef372;
|
||||
h3 = 0xa54ff53a;
|
||||
h4 = 0x510e527f;
|
||||
h5 = 0x9b05688c;
|
||||
h6 = 0x1f83d9ab;
|
||||
h7 = 0x5be0cd19;
|
||||
|
||||
k = [ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
|
||||
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
|
||||
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
|
||||
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
|
||||
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
|
||||
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
|
||||
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
|
||||
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2];
|
||||
|
||||
message = aValue;
|
||||
messageLength = message.length;
|
||||
|
||||
//Pre-processing:
|
||||
message.push(0x80); // append a single "1" bit to message
|
||||
|
||||
_c = (512 - (((messageLength + 1) * charBits) % 512) - 64) / charBits;
|
||||
if (_c < 0) {
|
||||
_c = _c + (512 / charBits);
|
||||
}
|
||||
|
||||
for (_i=0; _i<_c; _i++) {
|
||||
message.push(0x00); // append "0" bits until message length ≡ 448 ≡ -64 (mod 512)
|
||||
}
|
||||
|
||||
messageLengthInBits = messageLength * charBits;
|
||||
message.push(0x00); // the 4 most high byte are alway 0 as message length is represented with a 32bit value;
|
||||
message.push(0x00);
|
||||
message.push(0x00);
|
||||
message.push(0x00);
|
||||
message.push((messageLengthInBits >> 24) & 0xff);
|
||||
message.push((messageLengthInBits >> 16) & 0xff);
|
||||
message.push((messageLengthInBits >> 8) & 0xff);
|
||||
message.push( messageLengthInBits & 0xff);
|
||||
|
||||
currentMessageIndex = 0;
|
||||
while(currentMessageIndex < message.length) {
|
||||
var w;
|
||||
var a, b, c, d, e, f, g, h;
|
||||
|
||||
w = Array(64);
|
||||
|
||||
_c = 16;
|
||||
for (_i=0; _i<_c; _i++) {
|
||||
var _j;
|
||||
|
||||
_j = currentMessageIndex + _i*4;
|
||||
w[_i] = (message[_j] << 24) | (message[_j + 1] << 16) | (message[_j + 2] << 8) | (message[_j + 3] << 0);
|
||||
}
|
||||
|
||||
_c = 64;
|
||||
for (_i=16; _i<_c; _i++) {
|
||||
var s0, s1;
|
||||
|
||||
s0 = (rotateRight(w[_i-15], 7)) ^ (rotateRight(w[_i-15], 18)) ^ (shiftRight(w[_i-15], 3));
|
||||
s1 = (rotateRight(w[_i-2], 17)) ^ (rotateRight(w[_i-2], 19)) ^ (shiftRight(w[_i-2], 10));
|
||||
w[_i] = safeAdd(w[_i-16], s0, w[_i-7], s1);
|
||||
}
|
||||
|
||||
a=h0; b=h1; c=h2; d=h3; e=h4; f=h5; g=h6; h=h7;
|
||||
|
||||
_c = 64;
|
||||
for (_i=0; _i<_c; _i++) {
|
||||
var s0, s1, ch, maj, t1, t2;
|
||||
|
||||
s0 = (rotateRight(a, 2)) ^ (rotateRight(a, 13)) ^ (rotateRight(a, 22));
|
||||
maj = (a & b) ^ (a & c) ^ (b & c);
|
||||
t2 = safeAdd(s0, maj);
|
||||
s1 = (rotateRight(e, 6)) ^ (rotateRight(e, 11)) ^ (rotateRight(e, 25));
|
||||
ch = (e & f) ^ ((~e) & g);
|
||||
t1 = safeAdd(h, s1, ch, k[_i], w[_i]);
|
||||
|
||||
h = g;
|
||||
g = f;
|
||||
f = e;
|
||||
e = safeAdd(d, t1);
|
||||
d = c;
|
||||
c = b;
|
||||
b = a;
|
||||
a = safeAdd(t1, t2);
|
||||
}
|
||||
|
||||
h0 = safeAdd(h0, a);
|
||||
h1 = safeAdd(h1, b);
|
||||
h2 = safeAdd(h2, c);
|
||||
h3 = safeAdd(h3, d);
|
||||
h4 = safeAdd(h4, e);
|
||||
h5 = safeAdd(h5, f);
|
||||
h6 = safeAdd(h6, g);
|
||||
h7 = safeAdd(h7, h);
|
||||
|
||||
currentMessageIndex += bytesPerBlock;
|
||||
}
|
||||
|
||||
result = new Array(256/8);
|
||||
result[0] = (h0 >> 24) & 0xff;
|
||||
result[1] = (h0 >> 16) & 0xff;
|
||||
result[2] = (h0 >> 8) & 0xff;
|
||||
result[3] = h0 & 0xff;
|
||||
|
||||
result[4] = (h1 >> 24) & 0xff;
|
||||
result[5] = (h1 >> 16) & 0xff;
|
||||
result[6] = (h1 >> 8) & 0xff;
|
||||
result[7] = h1 & 0xff;
|
||||
|
||||
result[8] = (h2 >> 24) & 0xff;
|
||||
result[9] = (h2 >> 16) & 0xff;
|
||||
result[10] = (h2 >> 8) & 0xff;
|
||||
result[11] = h2 & 0xff;
|
||||
|
||||
result[12] = (h3 >> 24) & 0xff;
|
||||
result[13] = (h3 >> 16) & 0xff;
|
||||
result[14] = (h3 >> 8) & 0xff;
|
||||
result[15] = h3 & 0xff;
|
||||
|
||||
result[16] = (h4 >> 24) & 0xff;
|
||||
result[17] = (h4 >> 16) & 0xff;
|
||||
result[18] = (h4 >> 8) & 0xff;
|
||||
result[19] = h4 & 0xff;
|
||||
|
||||
result[20] = (h5 >> 24) & 0xff;
|
||||
result[21] = (h5 >> 16) & 0xff;
|
||||
result[22] = (h5 >> 8) & 0xff;
|
||||
result[23] = h5 & 0xff;
|
||||
|
||||
result[24] = (h6 >> 24) & 0xff;
|
||||
result[25] = (h6 >> 16) & 0xff;
|
||||
result[26] = (h6 >> 8) & 0xff;
|
||||
result[27] = h6 & 0xff;
|
||||
|
||||
result[28] = (h7 >> 24) & 0xff;
|
||||
result[29] = (h7 >> 16) & 0xff;
|
||||
result[30] = (h7 >> 8) & 0xff;
|
||||
result[31] = h7 & 0xff;
|
||||
|
||||
//Clipperz.Profile.stop("Clipperz.Crypto.SHA.sha256_array");
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'sha256': function(aValue) {
|
||||
//Clipperz.Profile.start("Clipperz.Crypto.SHA.sha256");
|
||||
var result;
|
||||
var resultArray;
|
||||
var valueArray;
|
||||
|
||||
valueArray = aValue.arrayValues();
|
||||
resultArray = Clipperz.Crypto.SHA.sha256_array(valueArray);
|
||||
|
||||
result = new Clipperz.ByteArray(resultArray);
|
||||
|
||||
//Clipperz.Profile.stop("Clipperz.Crypto.SHA.sha256");
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'sha_d256': function(aValue) {
|
||||
//Clipperz.Profile.start("Clipperz.Crypto.SHA.sha_d256");
|
||||
var result;
|
||||
var resultArray;
|
||||
var valueArray;
|
||||
|
||||
valueArray = aValue.arrayValues();
|
||||
resultArray = Clipperz.Crypto.SHA.sha256_array(valueArray);
|
||||
resultArray = Clipperz.Crypto.SHA.sha256_array(resultArray);
|
||||
|
||||
result = new Clipperz.ByteArray(resultArray);
|
||||
|
||||
//Clipperz.Profile.stop("Clipperz.Crypto.SHA.sha256");
|
||||
return result;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
|
||||
});
|
@ -1,326 +0,0 @@
|
||||
/*
|
||||
|
||||
Copyright 2008-2013 Clipperz Srl
|
||||
|
||||
This file is part of Clipperz, the online password manager.
|
||||
For further information about its features and functionalities please
|
||||
refer to http://www.clipperz.com.
|
||||
|
||||
* Clipperz is free software: you can redistribute it and/or modify it
|
||||
under the terms of the GNU Affero General Public License as published
|
||||
by the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
* Clipperz is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
See the GNU Affero General Public License for more details.
|
||||
|
||||
* You should have received a copy of the GNU Affero General Public
|
||||
License along with Clipperz. If not, see http://www.gnu.org/licenses/.
|
||||
|
||||
*/
|
||||
|
||||
try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
|
||||
throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!";
|
||||
}
|
||||
|
||||
try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) {
|
||||
throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.BigInt!";
|
||||
}
|
||||
|
||||
try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) {
|
||||
throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.PRNG!";
|
||||
}
|
||||
|
||||
if (typeof(Clipperz.Crypto.SRP) == 'undefined') { Clipperz.Crypto.SRP = {}; }
|
||||
|
||||
Clipperz.Crypto.SRP.VERSION = "0.1";
|
||||
Clipperz.Crypto.SRP.NAME = "Clipperz.Crypto.SRP";
|
||||
|
||||
//#############################################################################
|
||||
|
||||
MochiKit.Base.update(Clipperz.Crypto.SRP, {
|
||||
|
||||
'_n': null,
|
||||
'_g': null,
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'n': function() {
|
||||
if (Clipperz.Crypto.SRP._n == null) {
|
||||
Clipperz.Crypto.SRP._n = new Clipperz.Crypto.BigInt("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16);
|
||||
}
|
||||
|
||||
return Clipperz.Crypto.SRP._n;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'g': function() {
|
||||
if (Clipperz.Crypto.SRP._g == null) {
|
||||
Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2); // eventually 5 (as suggested on the Diffi-Helmann documentation)
|
||||
}
|
||||
|
||||
return Clipperz.Crypto.SRP._g;
|
||||
},
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
'exception': {
|
||||
'InvalidValue': new MochiKit.Base.NamedError("Clipperz.Crypto.SRP.exception.InvalidValue")
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
__syntaxFix__: "syntax fix"
|
||||
|
||||
});
|
||||
|
||||
//#############################################################################
|
||||
//
|
||||
// S R P C o n n e c t i o n version 1.0
|
||||
//
|
||||
//=============================================================================
|
||||
Clipperz.Crypto.SRP.Connection = function (args) {
|
||||
args = args || {};
|
||||
|
||||
this._C = args.C;
|
||||
this._P = args.P;
|
||||
this.hash = args.hash;
|
||||
|
||||
this._a = null;
|
||||
this._A = null;
|
||||
|
||||
this._s = null;
|
||||
this._B = null;
|
||||
|
||||
this._x = null;
|
||||
|
||||
this._u = null;
|
||||
this._K = null;
|
||||
this._M1 = null;
|
||||
this._M2 = null;
|
||||
|
||||
this._sessionKey = null;
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
|
||||
|
||||
'toString': function () {
|
||||
return "Clipperz.Crypto.SRP.Connection (username: " + this.username() + "). Status: " + this.statusDescription();
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'C': function () {
|
||||
return this._C;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'P': function () {
|
||||
return this._P;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'a': function () {
|
||||
if (this._a == null) {
|
||||
this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16);
|
||||
// this._a = new Clipperz.Crypto.BigInt("37532428169486597638072888476611365392249575518156687476805936694442691012367", 10);
|
||||
//MochiKit.Logging.logDebug("SRP a: " + this._a);
|
||||
}
|
||||
|
||||
return this._a;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'A': function () {
|
||||
if (this._A == null) {
|
||||
// Warning: this value should be strictly greater than zero: how should we perform this check?
|
||||
this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n());
|
||||
|
||||
if (this._A.equals(0)) {
|
||||
MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0.");
|
||||
throw Clipperz.Crypto.SRP.exception.InvalidValue;
|
||||
}
|
||||
//MochiKit.Logging.logDebug("SRP A: " + this._A);
|
||||
}
|
||||
|
||||
return this._A;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
's': function () {
|
||||
return this._s;
|
||||
//MochiKit.Logging.logDebug("SRP s: " + this._S);
|
||||
},
|
||||
|
||||
'set_s': function(aValue) {
|
||||
this._s = aValue;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'B': function () {
|
||||
return this._B;
|
||||
},
|
||||
|
||||
'set_B': function(aValue) {
|
||||
// Warning: this value should be strictly greater than zero: how should we perform this check?
|
||||
if (! aValue.equals(0)) {
|
||||
this._B = aValue;
|
||||
//MochiKit.Logging.logDebug("SRP B: " + this._B);
|
||||
} else {
|
||||
MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0.");
|
||||
throw Clipperz.Crypto.SRP.exception.InvalidValue;
|
||||
}
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'x': function () {
|
||||
if (this._x == null) {
|
||||
this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s().asString(16, 64) + this.P()), 16);
|
||||
//MochiKit.Logging.logDebug("SRP x: " + this._x);
|
||||
}
|
||||
|
||||
return this._x;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'u': function () {
|
||||
if (this._u == null) {
|
||||
this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16);
|
||||
//MochiKit.Logging.logDebug("SRP u: " + this._u);
|
||||
}
|
||||
|
||||
return this._u;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'S': function () {
|
||||
if (this._S == null) {
|
||||
var bigint;
|
||||
var srp;
|
||||
|
||||
bigint = Clipperz.Crypto.BigInt;
|
||||
srp = Clipperz.Crypto.SRP;
|
||||
|
||||
this._S = bigint.powerModule(
|
||||
bigint.subtract(this.B(), bigint.powerModule(srp.g(), this.x(), srp.n())),
|
||||
bigint.add(this.a(), bigint.multiply(this.u(), this.x())),
|
||||
srp.n()
|
||||
)
|
||||
//MochiKit.Logging.logDebug("SRP S: " + this._S);
|
||||
}
|
||||
|
||||
return this._S;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'K': function () {
|
||||
if (this._K == null) {
|
||||
this._K = this.stringHash(this.S().asString());
|
||||
//MochiKit.Logging.logDebug("SRP K: " + this._K);
|
||||
}
|
||||
|
||||
return this._K;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'M1': function () {
|
||||
if (this._M1 == null) {
|
||||
this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K());
|
||||
//MochiKit.Logging.logDebug("SRP M1: " + this._M1);
|
||||
}
|
||||
|
||||
return this._M1;
|
||||
},
|
||||
|
||||
//-------------------------------------------------------------------------
|
||||
|
||||
'M2': function () {
|
||||
if (this._M2 == null) {
|
||||
this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K());
|
||||
//MochiKit.Logging.logDebug("SRP M2: " + this._M2);
|
||||
}
|
||||
|
||||
return this._M2;
|
||||
},
|
||||
|
||||
//=========================================================================
|
||||
|
||||
'serverSideCredentialsWithSalt': function(aSalt) {
|
||||
var result;
|
||||
var s, x, v;
|
||||
|
||||
s = aSalt;
|
||||
x = this.stringHash(s + this.P());
|
||||
v = Clipperz.Crypto.SRP.g().powerModule(new Clipperz.Crypto.BigInt(x, 16), Clipperz.Crypto.SRP.n());
|
||||
|
||||
result = {};
|
||||
result['C'] = this.C();
|
||||
result['s'] = s;
|
||||
result['v'] = v.asString(16);
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
'serverSideCredentials': function() {
|
||||
var result;
|
||||
var s;
|
||||
|
||||
s = Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2);
|
||||
|
||||
result = this.serverSideCredentialsWithSalt(s);
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//=========================================================================
|
||||
/*
|
||||
'computeServerSide_S': function(b) {
|
||||
var result;
|
||||
var v;
|
||||
var bigint;
|
||||
var srp;
|
||||
|
||||
bigint = Clipperz.Crypto.BigInt;
|
||||
srp = Clipperz.Crypto.SRP;
|
||||
|
||||
v = new Clipperz.Crypto.BigInt(srpConnection.serverSideCredentialsWithSalt(this.s().asString(16, 64)).v, 16);
|
||||
// _S = (this.A().multiply(this.v().modPow(this.u(), this.n()))).modPow(this.b(), this.n());
|
||||
result = bigint.powerModule(
|
||||
bigint.multiply(
|
||||
this.A(),
|
||||
bigint.powerModule(v, this.u(), srp.n())
|
||||
), new Clipperz.Crypto.BigInt(b, 10), srp.n()
|
||||
);
|
||||
|
||||
return result;
|
||||
},
|
||||
*/
|
||||
//=========================================================================
|
||||
|
||||
'stringHash': function(aValue) {
|
||||
var result;
|
||||
|
||||
result = this.hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
|
||||
|
||||
return result;
|
||||
},
|
||||
|
||||
//=========================================================================
|
||||
__syntaxFix__: "syntax fix"
|
||||
|
||||
});
|
||||
|
||||
//#############################################################################
|
Loading…
Reference in New Issue
Block a user