mirror of
				http://git.whoc.org.uk/git/password-manager.git
				synced 2025-10-25 01:37:34 +02:00 
			
		
		
		
	First release of /delta version
This commit is contained in:
		
							
								
								
									
										859
									
								
								frontend/delta/js/Clipperz/Crypto/AES.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										859
									
								
								frontend/delta/js/Clipperz/Crypto/AES.js
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,859 @@ | ||||
| /* | ||||
|  | ||||
| Copyright 2008-2013 Clipperz Srl | ||||
|  | ||||
| This file is part of Clipperz, the online password manager. | ||||
| For further information about its features and functionalities please | ||||
| refer to http://www.clipperz.com. | ||||
|  | ||||
| * Clipperz is free software: you can redistribute it and/or modify it | ||||
|   under the terms of the GNU Affero General Public License as published | ||||
|   by the Free Software Foundation, either version 3 of the License, or  | ||||
|   (at your option) any later version. | ||||
|  | ||||
| * Clipperz is distributed in the hope that it will be useful, but  | ||||
|   WITHOUT ANY WARRANTY; without even the implied warranty of  | ||||
|   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||||
|   See the GNU Affero General Public License for more details. | ||||
|  | ||||
| * You should have received a copy of the GNU Affero General Public | ||||
|   License along with Clipperz. If not, see http://www.gnu.org/licenses/. | ||||
|  | ||||
| */ | ||||
|  | ||||
| try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | ||||
| 	throw "Clipperz.Crypto.AES depends on Clipperz.ByteArray!"; | ||||
| }   | ||||
|  | ||||
| //	Dependency commented to avoid a circular reference | ||||
| //try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) { | ||||
| //	throw "Clipperz.Crypto.AES depends on Clipperz.Crypto.PRNG!"; | ||||
| //}   | ||||
|  | ||||
| if (typeof(Clipperz.Crypto.AES) == 'undefined') { Clipperz.Crypto.AES = {}; } | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| Clipperz.Crypto.AES.DeferredExecutionContext = function(args) { | ||||
| 	args = args || {}; | ||||
|  | ||||
| 	this._key = args.key; | ||||
| 	this._message = args.message; | ||||
| 	this._result = args.message.clone(); | ||||
| 	this._nonce = args.nonce; | ||||
| 	this._messageLength = this._message.length(); | ||||
| 	 | ||||
| 	this._messageArray = this._message.arrayValues(); | ||||
| 	this._resultArray = this._result.arrayValues(); | ||||
| 	this._nonceArray = this._nonce.arrayValues(); | ||||
| 	 | ||||
| 	this._executionStep = 0; | ||||
| 	 | ||||
| //	this._elaborationChunkSize = 1024;	//	4096;	//	16384;	//	4096; | ||||
| 	this._elaborationChunks = 10; | ||||
| 	this._pauseTime = 0.02;				//	0.02	//	0.2; | ||||
|  | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.AES.DeferredExecutionContext.prototype = MochiKit.Base.update(null, { | ||||
|  | ||||
| 	'key': function() { | ||||
| 		return this._key; | ||||
| 	}, | ||||
| 	 | ||||
| 	'message': function() { | ||||
| 		return this._message; | ||||
| 	}, | ||||
| 	 | ||||
| 	'messageLength': function() { | ||||
| 		return this._messageLength; | ||||
| 	}, | ||||
| 	 | ||||
| 	'result': function() { | ||||
| 		return new Clipperz.ByteArray(this.resultArray()); | ||||
| 	}, | ||||
| 	 | ||||
| 	'nonce': function() { | ||||
| 		return this._nonce; | ||||
| 	}, | ||||
|  | ||||
| 	'messageArray': function() { | ||||
| 		return this._messageArray; | ||||
| 	}, | ||||
| 	 | ||||
| 	'resultArray': function() { | ||||
| 		return this._resultArray; | ||||
| 	}, | ||||
| 	 | ||||
| 	'nonceArray': function() { | ||||
| 		return this._nonceArray; | ||||
| 	}, | ||||
|  | ||||
| 	'elaborationChunkSize': function() { | ||||
| //		return Clipperz.Crypto.AES.DeferredExecution.chunkSize; | ||||
| //		return this._elaborationChunkSize; | ||||
| 		return (this._elaborationChunks * 1024); | ||||
| 	}, | ||||
| 	 | ||||
| 	'executionStep': function() { | ||||
| 		return this._executionStep; | ||||
| 	}, | ||||
| 	 | ||||
| 	'setExecutionStep': function(aValue) { | ||||
| 		this._executionStep = aValue; | ||||
| 	}, | ||||
| 	 | ||||
| 	'tuneExecutionParameters': function (anElapsedTime) { | ||||
| //var originalChunks = this._elaborationChunks; | ||||
| 		if (anElapsedTime > 0) { | ||||
| 			this._elaborationChunks = Math.round(this._elaborationChunks * ((anElapsedTime + 1000)/(anElapsedTime * 2))); | ||||
| 		} | ||||
| //Clipperz.log("tuneExecutionParameters - elapsedTime: " +  anElapsedTime + /*originalChunks,*/ " chunks # " + this._elaborationChunks + " [" + this._executionStep + " / " + this._messageLength + "]"); | ||||
| 	}, | ||||
| 	 | ||||
| 	'pause': function(aValue) { | ||||
| //		return MochiKit.Async.wait(Clipperz.Crypto.AES.DeferredExecution.pauseTime, aValue); | ||||
| 		return MochiKit.Async.wait(this._pauseTime, aValue); | ||||
| 	}, | ||||
| 	 | ||||
| 	'isDone': function () { | ||||
| 		return (this._executionStep >= this._messageLength); | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
|  | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| Clipperz.Crypto.AES.Key = function(args) { | ||||
| 	args = args || {}; | ||||
|  | ||||
| 	this._key = args.key; | ||||
| 	this._keySize = args.keySize || this.key().length(); | ||||
| 	 | ||||
| 	if (this.keySize() == 128/8) { | ||||
| 		this._b = 176; | ||||
| 		this._numberOfRounds = 10; | ||||
|  	} else if (this.keySize() == 256/8) { | ||||
| 		this._b = 240; | ||||
| 		this._numberOfRounds = 14; | ||||
| 	} else { | ||||
| 		Clipperz.logError("AES unsupported key size: " + (this.keySize() * 8) + " bits"); | ||||
| 		throw Clipperz.Crypto.AES.exception.UnsupportedKeySize; | ||||
| 	} | ||||
| 	 | ||||
| 	this._stretchedKey = null; | ||||
| 	 | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.AES.Key.prototype = MochiKit.Base.update(null, { | ||||
|  | ||||
| 	'asString': function() { | ||||
| 		return "Clipperz.Crypto.AES.Key (" + this.key().toHexString() + ")"; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'key': function() { | ||||
| 		return this._key; | ||||
| 	}, | ||||
|  | ||||
| 	'keySize': function() { | ||||
| 		return this._keySize; | ||||
| 	}, | ||||
| 	 | ||||
| 	'b': function() { | ||||
| 		return this._b; | ||||
| 	}, | ||||
| 	 | ||||
| 	'numberOfRounds': function() { | ||||
| 		return this._numberOfRounds; | ||||
| 	}, | ||||
| 	//========================================================================= | ||||
|  | ||||
| 	'keyScheduleCore': function(aWord, aRoundConstantsIndex) { | ||||
| 		var	result; | ||||
| 		var sbox; | ||||
|  | ||||
| 		sbox = Clipperz.Crypto.AES.sbox(); | ||||
|  | ||||
| 		result = [	sbox[aWord[1]] ^ Clipperz.Crypto.AES.roundConstants()[aRoundConstantsIndex], | ||||
| 					sbox[aWord[2]], | ||||
| 					sbox[aWord[3]], | ||||
| 					sbox[aWord[0]]	]; | ||||
|  | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'xorWithPreviousStretchValues': function(aKey, aWord, aPreviousWordIndex) { | ||||
| 		var	result; | ||||
| 		var i,c; | ||||
| 		 | ||||
| 		result = []; | ||||
| 		c = 4; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			result[i] = aWord[i] ^ aKey.byteAtIndex(aPreviousWordIndex + i); | ||||
| 		} | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'sboxShakeup': function(aWord) { | ||||
| 		var result; | ||||
| 		var sbox; | ||||
| 		var i,c; | ||||
| 		 | ||||
| 		result = []; | ||||
| 		sbox = Clipperz.Crypto.AES.sbox(); | ||||
| 		c =4; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			result[i] = sbox[aWord[i]]; | ||||
| 		} | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'stretchKey': function(aKey) { | ||||
| 		var	currentWord; | ||||
| 		var	keyLength; | ||||
| 		var	previousStretchIndex; | ||||
| 		var i,c; | ||||
| 		 | ||||
| 		keyLength = aKey.length(); | ||||
| 		previousStretchIndex = keyLength - this.keySize(); | ||||
|  | ||||
| 		currentWord = [	aKey.byteAtIndex(keyLength - 4), | ||||
| 						aKey.byteAtIndex(keyLength - 3), | ||||
| 						aKey.byteAtIndex(keyLength - 2), | ||||
| 						aKey.byteAtIndex(keyLength - 1)	]; | ||||
| 		currentWord = this.keyScheduleCore(currentWord, keyLength / this.keySize()); | ||||
|  | ||||
| 		if (this.keySize() == 256/8) { | ||||
| 			c = 8; | ||||
| 		} else if (this.keySize() == 128/8){ | ||||
| 			c = 4; | ||||
| 		} | ||||
| 		 | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			if (i == 4) { | ||||
| 				//	fifth streatch word | ||||
| 				currentWord = this.sboxShakeup(currentWord); | ||||
| 			} | ||||
|  | ||||
| 			currentWord = this.xorWithPreviousStretchValues(aKey, currentWord, previousStretchIndex + (i*4)); | ||||
| 			aKey.appendBytes(currentWord); | ||||
| 		} | ||||
|  | ||||
| 		return aKey; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'stretchedKey': function() { | ||||
| 		if (this._stretchedKey == null) { | ||||
| 			var stretchedKey; | ||||
| 			 | ||||
| 			stretchedKey = this.key().clone(); | ||||
|  | ||||
| 			while (stretchedKey.length() < this.keySize()) { | ||||
| 				stretchedKey.appendByte(0); | ||||
| 			} | ||||
|  | ||||
| 			while (stretchedKey.length() < this.b()) { | ||||
| 				stretchedKey = this.stretchKey(stretchedKey); | ||||
| 			} | ||||
| 			 | ||||
| 			this._stretchedKey = stretchedKey.split(0, this.b()); | ||||
| 		} | ||||
| 		 | ||||
| 		return this._stretchedKey; | ||||
| 	}, | ||||
|  | ||||
| 	//========================================================================= | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| Clipperz.Crypto.AES.State = function(args) { | ||||
| 	args = args || {}; | ||||
|  | ||||
| 	this._data = args.block; | ||||
| 	this._key = args.key; | ||||
| 	 | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.AES.State.prototype = MochiKit.Base.update(null, { | ||||
|  | ||||
| 	'key': function() { | ||||
| 		return this._key; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'data': function() { | ||||
| 		return this._data; | ||||
| 	}, | ||||
|  | ||||
| 	'setData': function(aValue) { | ||||
| 		this._data = aValue; | ||||
| 	}, | ||||
|  | ||||
| 	//========================================================================= | ||||
|  | ||||
| 	'addRoundKey': function(aRoundNumber) { | ||||
| 	 	//	each byte of the state is combined with the round key; each round key is derived from the cipher key using a key schedule. | ||||
| 		var	data; | ||||
| 		var	stretchedKey; | ||||
| 		var	firstStretchedKeyIndex; | ||||
| 		var i,c; | ||||
|  | ||||
| 		data = this.data(); | ||||
| 		stretchedKey = this.key().stretchedKey(); | ||||
| 		firstStretchedKeyIndex = aRoundNumber * (128/8); | ||||
| 		c = 128/8; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			data[i] = data[i] ^ stretchedKey.byteAtIndex(firstStretchedKeyIndex + i); | ||||
| 		} | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'subBytes': function() { | ||||
| 		//	 a non-linear substitution step where each byte is replaced with another according to a lookup table. | ||||
| 		var i,c; | ||||
| 		var	data; | ||||
| 		var sbox; | ||||
| 		 | ||||
| 		data = this.data(); | ||||
| 		sbox = Clipperz.Crypto.AES.sbox(); | ||||
| 		 | ||||
| 		c = 16; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			data[i] = sbox[data[i]]; | ||||
| 		} | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'shiftRows': function() { | ||||
| 		//	a transposition step where each row of the state is shifted cyclically a certain number of steps. | ||||
| 		var	newValue; | ||||
| 		var	data; | ||||
| 		var	shiftMapping; | ||||
| 		var	i,c; | ||||
| 		 | ||||
| 		newValue = new Array(16); | ||||
| 		data = this.data(); | ||||
| 		shiftMapping = Clipperz.Crypto.AES.shiftRowMapping(); | ||||
| //		[0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 1, 6, 11]; | ||||
| 		c = 16; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			newValue[i] = data[shiftMapping[i]]; | ||||
| 		} | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			data[i] = newValue[i]; | ||||
| 		} | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
| /* | ||||
| 	'mixColumnsWithValues': function(someValues) { | ||||
| 		var	result; | ||||
| 		var	a; | ||||
| 		var i,c; | ||||
| 		 | ||||
| 		c = 4; | ||||
| 		result = []; | ||||
| 		a = []; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			a[i] = []; | ||||
| 			a[i][1] = someValues[i] | ||||
| 			if ((a[i][1] & 0x80) == 0x80) { | ||||
| 				a[i][2] = (a[i][1] << 1) ^ 0x11b; | ||||
| 			} else { | ||||
| 				a[i][2] = a[i][1] << 1; | ||||
| 			} | ||||
| 			 | ||||
| 			a[i][3] = a[i][2] ^ a[i][1]; | ||||
| 		} | ||||
| 	 | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			var	x; | ||||
|  | ||||
| 			x = Clipperz.Crypto.AES.mixColumnsMatrix()[i]; | ||||
| 			result[i] = a[0][x[0]] ^ a[1][x[1]] ^ a[2][x[2]] ^ a[3][x[3]]; | ||||
| 		} | ||||
|  | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	'mixColumns': function() { | ||||
| 		//	a mixing operation which operates on the columns of the state, combining the four bytes in each column using a linear transformation. | ||||
| 		var data; | ||||
| 		var i, c; | ||||
| 		 | ||||
| 		data = this.data(); | ||||
| 		c = 4; | ||||
| 		for(i=0; i<c; i++) { | ||||
| 			var	blockIndex; | ||||
| 			var mixedValues; | ||||
| 			 | ||||
| 			blockIndex = i * 4; | ||||
| 			mixedValues = this.mixColumnsWithValues([	data[blockIndex + 0], | ||||
| 														data[blockIndex + 1], | ||||
| 														data[blockIndex + 2], | ||||
| 														data[blockIndex + 3]]); | ||||
| 			data[blockIndex + 0] = mixedValues[0]; | ||||
| 			data[blockIndex + 1] = mixedValues[1]; | ||||
| 			data[blockIndex + 2] = mixedValues[2]; | ||||
| 			data[blockIndex + 3] = mixedValues[3]; | ||||
| 		} | ||||
| 	}, | ||||
| */ | ||||
|  | ||||
| 	'mixColumns': function() { | ||||
| 		//	a mixing operation which operates on the columns of the state, combining the four bytes in each column using a linear transformation. | ||||
| 		var data; | ||||
| 		var i, c; | ||||
| 		var a_1; | ||||
| 		var a_2; | ||||
|  | ||||
| 		a_1 = new Array(4); | ||||
| 		a_2 = new Array(4); | ||||
| 		 | ||||
| 		data = this.data(); | ||||
| 		c = 4; | ||||
| 		for(i=0; i<c; i++) { | ||||
| 			var	blockIndex; | ||||
| 			var ii, cc; | ||||
| 			 | ||||
| 			blockIndex = i * 4; | ||||
|  | ||||
| 			cc = 4; | ||||
| 			for (ii=0; ii<cc; ii++) { | ||||
| 				var value; | ||||
| 				 | ||||
| 				value = data[blockIndex + ii]; | ||||
| 				a_1[ii] = value; | ||||
| 				a_2[ii] = (value & 0x80) ? ((value << 1) ^ 0x011b) : (value << 1); | ||||
| 			} | ||||
|  | ||||
| 			data[blockIndex + 0] = a_2[0] ^ a_1[1] ^ a_2[1] ^ a_1[2] ^ a_1[3]; | ||||
| 			data[blockIndex + 1] = a_1[0] ^ a_2[1] ^ a_1[2] ^ a_2[2] ^ a_1[3]; | ||||
| 			data[blockIndex + 2] = a_1[0] ^ a_1[1] ^ a_2[2] ^ a_1[3] ^ a_2[3]; | ||||
| 			data[blockIndex + 3] = a_1[0] ^ a_2[0] ^ a_1[1] ^ a_1[2] ^ a_2[3]; | ||||
| 		} | ||||
| 	}, | ||||
|  | ||||
| 	//========================================================================= | ||||
| 	 | ||||
| 	'spinRound': function(aRoundNumber) { | ||||
| 		this.addRoundKey(aRoundNumber); | ||||
| 		this.subBytes(); | ||||
| 		this.shiftRows(); | ||||
| 		this.mixColumns(); | ||||
| 	}, | ||||
|  | ||||
| 	'spinLastRound': function() { | ||||
| 		this.addRoundKey(this.key().numberOfRounds() - 1); | ||||
| 		this.subBytes(); | ||||
| 		this.shiftRows(); | ||||
| 		this.addRoundKey(this.key().numberOfRounds()); | ||||
| 	}, | ||||
|  | ||||
| 	//========================================================================= | ||||
|  | ||||
| 	'encrypt': function() { | ||||
| 		var	i,c; | ||||
|  | ||||
| 		c = this.key().numberOfRounds() - 1; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			this.spinRound(i); | ||||
| 		} | ||||
|  | ||||
| 		this.spinLastRound(); | ||||
| 	}, | ||||
| 	 | ||||
| 	//========================================================================= | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| Clipperz.Crypto.AES.VERSION = "0.1"; | ||||
| Clipperz.Crypto.AES.NAME = "Clipperz.Crypto.AES"; | ||||
|  | ||||
| MochiKit.Base.update(Clipperz.Crypto.AES, { | ||||
|  | ||||
| //	http://www.cs.eku.edu/faculty/styer/460/Encrypt/JS-AES.html | ||||
| //	http://en.wikipedia.org/wiki/Advanced_Encryption_Standard | ||||
| //	http://en.wikipedia.org/wiki/Rijndael_key_schedule  | ||||
| //	http://en.wikipedia.org/wiki/Rijndael_S-box | ||||
| 		 | ||||
| 	'__repr__': function () { | ||||
| 		return "[" + this.NAME + " " + this.VERSION + "]"; | ||||
| 	}, | ||||
|  | ||||
| 	'toString': function () { | ||||
| 		return this.__repr__(); | ||||
| 	}, | ||||
|  | ||||
| 	//============================================================================= | ||||
| 	 | ||||
| 	'_sbox': null, | ||||
| 	'sbox': function() { | ||||
| 		if (Clipperz.Crypto.AES._sbox == null) { | ||||
| 			Clipperz.Crypto.AES._sbox = [ | ||||
| 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, | ||||
| 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, | ||||
| 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, | ||||
| 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, | ||||
| 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, | ||||
| 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, | ||||
| 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8, | ||||
| 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, | ||||
| 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, | ||||
| 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, | ||||
| 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, | ||||
| 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, | ||||
| 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, | ||||
| 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, | ||||
| 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, | ||||
| 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 | ||||
| 			]; | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.AES._sbox; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	// | ||||
| 	//		0	4	8	12				0	4	8	12 | ||||
| 	//		1	5	9	13		=>		5	9	13	1 | ||||
| 	//		2	6	10	14				10	14	2	6 | ||||
| 	//		3	7	11	15				15	3	7	11 | ||||
| 	// | ||||
| 	'_shiftRowMapping': null, | ||||
| 	'shiftRowMapping': function() { | ||||
| 		if (Clipperz.Crypto.AES._shiftRowMapping == null) { | ||||
| 			Clipperz.Crypto.AES._shiftRowMapping = [0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 1, 6, 11]; | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.AES._shiftRowMapping; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'_mixColumnsMatrix': null, | ||||
| 	'mixColumnsMatrix': function() { | ||||
| 		if (Clipperz.Crypto.AES._mixColumnsMatrix == null) { | ||||
| 			Clipperz.Crypto.AES._mixColumnsMatrix = [	[2, 3, 1 ,1], | ||||
| 														[1, 2, 3, 1], | ||||
| 														[1, 1, 2, 3], | ||||
| 														[3, 1, 1, 2]   ]; | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.AES._mixColumnsMatrix; | ||||
| 	}, | ||||
|  | ||||
| 	'_roundConstants': null, | ||||
| 	'roundConstants': function() { | ||||
| 		if (Clipperz.Crypto.AES._roundConstants == null) { | ||||
| 			Clipperz.Crypto.AES._roundConstants = [ , 1, 2, 4, 8, 16, 32, 64, 128, 27, 54, 108, 216, 171, 77, 154]; | ||||
| //			Clipperz.Crypto.AES._roundConstants = [ , 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a]; | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.AES._roundConstants; | ||||
| 	}, | ||||
| 	 | ||||
| 	//============================================================================= | ||||
|  | ||||
| 	'incrementNonce': function(aNonce) { | ||||
| //Clipperz.Profile.start("Clipperz.Crypto.AES.incrementNonce"); | ||||
| 		var i; | ||||
| 		var done; | ||||
| 		 | ||||
| 		done = false; | ||||
| 		i = aNonce.length - 1; | ||||
| 		 | ||||
| 		while ((i>=0) && (done == false)) { | ||||
| 			var currentByteValue; | ||||
| 			 | ||||
| 			currentByteValue = aNonce[i]; | ||||
| 			 | ||||
| 			if (currentByteValue == 0xff) { | ||||
| 				aNonce[i] = 0; | ||||
| 				if (i>= 0) { | ||||
| 					i --; | ||||
| 				} else { | ||||
| 					done = true; | ||||
| 				} | ||||
| 			} else { | ||||
| 				aNonce[i] = currentByteValue + 1; | ||||
| 				done = true; | ||||
| 			} | ||||
| 		} | ||||
| //Clipperz.Profile.stop("Clipperz.Crypto.AES.incrementNonce"); | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'encryptBlock': function(aKey, aBlock) { | ||||
| 		var	result; | ||||
| 		var	state; | ||||
|  | ||||
| 		state = new Clipperz.Crypto.AES.State({block:aBlock, key:aKey}); | ||||
| //is(state.data(), 'before'); | ||||
| 		state.encrypt(); | ||||
| 		result = state.data();  | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'encryptBlocks': function(aKey, aMessage, aNonce) { | ||||
| 		var	result; | ||||
| 		var nonce; | ||||
| 		var self; | ||||
| 		var	messageIndex; | ||||
| 		var	messageLength; | ||||
| 		var blockSize;		 | ||||
| 		 | ||||
| 		self = Clipperz.Crypto.AES; | ||||
| 		blockSize = 128/8; | ||||
| 		messageLength = aMessage.length; | ||||
| 		nonce = aNonce; | ||||
|  | ||||
| 		result = aMessage; | ||||
| 		messageIndex = 0; | ||||
| 		while (messageIndex < messageLength) { | ||||
| 			var encryptedBlock; | ||||
| 			var i,c; | ||||
| 			 | ||||
| 			self.incrementNonce(nonce); | ||||
| 			encryptedBlock = self.encryptBlock(aKey, nonce); | ||||
| 			 | ||||
| 			if ((messageLength - messageIndex) > blockSize) { | ||||
| 				c = blockSize; | ||||
| 			} else { | ||||
| 				c = messageLength - messageIndex; | ||||
| 			} | ||||
| 			 | ||||
| 			for (i=0; i<c; i++) { | ||||
| 				result[messageIndex + i] = result[messageIndex + i] ^ encryptedBlock[i]; | ||||
| 			} | ||||
| 			 | ||||
| 			messageIndex += blockSize; | ||||
| 		} | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'encrypt': function(aKey, someData, aNonce) { | ||||
| 		var result; | ||||
| 		var nonce; | ||||
| 		var	encryptedData; | ||||
| 		var key; | ||||
|  | ||||
| 		key = new Clipperz.Crypto.AES.Key({key:aKey}); | ||||
| 		nonce = aNonce ? aNonce.clone() : Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(128/8); | ||||
|  | ||||
| 		encryptedData = Clipperz.Crypto.AES.encryptBlocks(key, someData.arrayValues(), nonce.arrayValues()); | ||||
|  | ||||
| 		result = nonce.appendBytes(encryptedData); | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'decrypt': function(aKey, someData) { | ||||
| 		var result; | ||||
| 		var nonce; | ||||
| 		var encryptedData; | ||||
| 		var decryptedData; | ||||
| 		var	dataIterator; | ||||
| 		var key; | ||||
|  | ||||
| 		key = new Clipperz.Crypto.AES.Key({key:aKey}); | ||||
|  | ||||
| 		encryptedData = someData.arrayValues(); | ||||
| 		nonce = encryptedData.slice(0, (128/8)); | ||||
| 		encryptedData = encryptedData.slice(128/8); | ||||
| 		decryptedData = Clipperz.Crypto.AES.encryptBlocks(key, encryptedData, nonce); | ||||
|  | ||||
| 		result = new Clipperz.ByteArray(decryptedData); | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	//============================================================================= | ||||
|  | ||||
| 	'deferredEncryptExecutionChunk': function(anExecutionContext) { | ||||
| 		var	result; | ||||
| 		var nonce; | ||||
| 		var self; | ||||
| 		var	messageIndex; | ||||
| 		var	messageLength; | ||||
| 		var blockSize;	 | ||||
| 		var executionLimit; | ||||
| 		var startTime, endTime; | ||||
|  | ||||
| 		self = Clipperz.Crypto.AES; | ||||
| 		startTime = new Date(); | ||||
| 		blockSize = 128/8; | ||||
| 		messageLength = anExecutionContext.messageArray().length; | ||||
| 		nonce = anExecutionContext.nonceArray(); | ||||
| 		result = anExecutionContext.resultArray(); | ||||
|  | ||||
| 		messageIndex = anExecutionContext.executionStep(); | ||||
| 		executionLimit = messageIndex + anExecutionContext.elaborationChunkSize(); | ||||
| 		executionLimit = Math.min(executionLimit, messageLength); | ||||
| 		 | ||||
| 		while (messageIndex < executionLimit) { | ||||
| 			var encryptedBlock; | ||||
| 			var i,c; | ||||
| 			 | ||||
| 			self.incrementNonce(nonce); | ||||
| 			encryptedBlock = self.encryptBlock(anExecutionContext.key(), nonce); | ||||
| 			 | ||||
| 			if ((executionLimit - messageIndex) > blockSize) { | ||||
| 				c = blockSize; | ||||
| 			} else { | ||||
| 				c = executionLimit - messageIndex; | ||||
| 			} | ||||
| 			 | ||||
| 			for (i=0; i<c; i++) { | ||||
| 				result[messageIndex + i] = result[messageIndex + i] ^ encryptedBlock[i]; | ||||
| 			} | ||||
| 			 | ||||
| 			messageIndex += blockSize; | ||||
| 		} | ||||
| 		anExecutionContext.setExecutionStep(messageIndex); | ||||
| 		endTime = new Date(); | ||||
| 		anExecutionContext.tuneExecutionParameters(endTime - startTime); | ||||
| 		 | ||||
| 		return anExecutionContext; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
| /* | ||||
| 	'deferredEncryptBlocks': function(anExecutionContext) { | ||||
| 		var	deferredResult; | ||||
| 		var	messageSize; | ||||
| 		var i,c; | ||||
| 		 | ||||
| 		messageSize = anExecutionContext.messageLength();		 | ||||
| 		 | ||||
| 		deferredResult = new Clipperz.Async.Deferred("AES.deferredEncryptBloks"); | ||||
|  | ||||
| 		c = Math.ceil(messageSize / anExecutionContext.elaborationChunkSize()); | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptExecutionChunk); | ||||
| 			deferredResult.addMethod(anExecutionContext, 'pause'); | ||||
| 		} | ||||
| 		 | ||||
| 		deferredResult.callback(anExecutionContext); | ||||
| 		 | ||||
| 		return deferredResult; | ||||
| 	}, | ||||
| */ | ||||
|  | ||||
| 	'deferredEncryptBlocks': function(anExecutionContext) { | ||||
| 		var	deferredResult; | ||||
|  | ||||
| 		if (! anExecutionContext.isDone()) { | ||||
| 			deferredResult = Clipperz.Async.callbacks("Clipperz.Crypto.AES.deferredEncryptBloks", [ | ||||
| 				Clipperz.Crypto.AES.deferredEncryptExecutionChunk, | ||||
| 				MochiKit.Base.method(anExecutionContext, 'pause'), | ||||
| 				Clipperz.Crypto.AES.deferredEncryptBlocks | ||||
| 			], {trace:false}, anExecutionContext); | ||||
| 		} else { | ||||
| 			deferredResult = MochiKit.Async.succeed(anExecutionContext); | ||||
| 		} | ||||
| 		 | ||||
| 		return deferredResult; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	 | ||||
| 	'deferredEncrypt': function(aKey, someData, aNonce) { | ||||
| 		var deferredResult; | ||||
| 		var	executionContext; | ||||
| 		var result; | ||||
| 		var nonce; | ||||
| 		var key; | ||||
|  | ||||
| 		key = new Clipperz.Crypto.AES.Key({key:aKey}); | ||||
| 		nonce = aNonce ? aNonce.clone() : Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(128/8); | ||||
|  | ||||
| 		executionContext = new Clipperz.Crypto.AES.DeferredExecutionContext({key:key, message:someData, nonce:nonce}); | ||||
|  | ||||
| 		deferredResult = new Clipperz.Async.Deferred("AES.deferredEncrypt"); | ||||
| 		deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptBlocks); | ||||
| 		deferredResult.addCallback(function(anExecutionContext) { | ||||
| 			var result; | ||||
| 			 | ||||
| 			result = anExecutionContext.nonce().clone(); | ||||
| 			result.appendBytes(anExecutionContext.resultArray()); | ||||
|  | ||||
| 			return result; | ||||
| 		}); | ||||
| 		deferredResult.callback(executionContext) | ||||
|  | ||||
| 		return deferredResult; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'deferredDecrypt': function(aKey, someData) { | ||||
| 		var deferredResult | ||||
| 		var nonce; | ||||
| 		var message; | ||||
| 		var key; | ||||
|  | ||||
| 		key = new Clipperz.Crypto.AES.Key({key:aKey}); | ||||
| 		nonce = someData.split(0, (128/8)); | ||||
| 		message = someData.split(128/8); | ||||
| 		executionContext = new Clipperz.Crypto.AES.DeferredExecutionContext({key:key, message:message, nonce:nonce}); | ||||
|  | ||||
| 		deferredResult = new Clipperz.Async.Deferred("AES.deferredDecrypt"); | ||||
| 		deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptBlocks); | ||||
| 		deferredResult.addCallback(function(anExecutionContext) { | ||||
| 			return anExecutionContext.result(); | ||||
| 		}); | ||||
| 		deferredResult.callback(executionContext); | ||||
|  | ||||
| 		return deferredResult; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| 	 | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| //Clipperz.Crypto.AES.DeferredExecution = { | ||||
| //	'chunkSize': 16384,	//	4096,	//	1024	4096	8192	16384	32768; | ||||
| //	'pauseTime': 0.02	//	0.2 | ||||
| //} | ||||
|  | ||||
| Clipperz.Crypto.AES.exception = { | ||||
| 	'UnsupportedKeySize':    new MochiKit.Base.NamedError("Clipperz.Crypto.AES.exception.UnsupportedKeySize")  | ||||
| }; | ||||
							
								
								
									
										843
									
								
								frontend/delta/js/Clipperz/Crypto/AES_2.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										843
									
								
								frontend/delta/js/Clipperz/Crypto/AES_2.js
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,843 @@ | ||||
| /* | ||||
|  | ||||
| Copyright 2008-2013 Clipperz Srl | ||||
|  | ||||
| This file is part of Clipperz, the online password manager. | ||||
| For further information about its features and functionalities please | ||||
| refer to http://www.clipperz.com. | ||||
|  | ||||
| * Clipperz is free software: you can redistribute it and/or modify it | ||||
|   under the terms of the GNU Affero General Public License as published | ||||
|   by the Free Software Foundation, either version 3 of the License, or  | ||||
|   (at your option) any later version. | ||||
|  | ||||
| * Clipperz is distributed in the hope that it will be useful, but  | ||||
|   WITHOUT ANY WARRANTY; without even the implied warranty of  | ||||
|   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||||
|   See the GNU Affero General Public License for more details. | ||||
|  | ||||
| * You should have received a copy of the GNU Affero General Public | ||||
|   License along with Clipperz. If not, see http://www.gnu.org/licenses/. | ||||
|  | ||||
| */ | ||||
|  | ||||
| try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | ||||
| 	throw "Clipperz.Crypto.AES_2 depends on Clipperz.ByteArray!"; | ||||
| }   | ||||
|  | ||||
| //	Dependency commented to avoid a circular reference | ||||
| //try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) { | ||||
| //	throw "Clipperz.Crypto.AES_2 depends on Clipperz.Crypto.PRNG!"; | ||||
| //}   | ||||
|  | ||||
| if (typeof(Clipperz.Crypto.AES_2) == 'undefined') { Clipperz.Crypto.AES_2 = {}; } | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| Clipperz.Crypto.AES_2.DeferredExecutionContext = function(args) { | ||||
| 	args = args || {}; | ||||
|  | ||||
| 	this._key = args.key; | ||||
| 	this._message = args.message; | ||||
| 	this._result = args.message.clone(); | ||||
| 	this._nonce = args.nonce; | ||||
| 	this._messageLength = this._message.length(); | ||||
| 	 | ||||
| 	this._messageArray = this._message.arrayValues(); | ||||
| 	this._resultArray = this._result.arrayValues(); | ||||
| 	this._nonceArray = this._nonce.arrayValues(); | ||||
| 	 | ||||
| 	this._executionStep = 0; | ||||
| 	 | ||||
| //	this._elaborationChunkSize = 1024;	//	4096;	//	16384;	//	4096; | ||||
| 	this._elaborationChunks = 10; | ||||
| 	this._pauseTime = 0.02;				//	0.02	//	0.2; | ||||
|  | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.AES_2.DeferredExecutionContext.prototype = MochiKit.Base.update(null, { | ||||
|  | ||||
| 	'key': function() { | ||||
| 		return this._key; | ||||
| 	}, | ||||
| 	 | ||||
| 	'message': function() { | ||||
| 		return this._message; | ||||
| 	}, | ||||
| 	 | ||||
| 	'messageLength': function() { | ||||
| 		return this._messageLength; | ||||
| 	}, | ||||
| 	 | ||||
| 	'result': function() { | ||||
| 		return new Clipperz.ByteArray(this.resultArray()); | ||||
| 	}, | ||||
| 	 | ||||
| 	'nonce': function() { | ||||
| 		return this._nonce; | ||||
| 	}, | ||||
|  | ||||
| 	'messageArray': function() { | ||||
| 		return this._messageArray; | ||||
| 	}, | ||||
| 	 | ||||
| 	'resultArray': function() { | ||||
| 		return this._resultArray; | ||||
| 	}, | ||||
| 	 | ||||
| 	'nonceArray': function() { | ||||
| 		return this._nonceArray; | ||||
| 	}, | ||||
|  | ||||
| 	'elaborationChunkSize': function() { | ||||
| //		return Clipperz.Crypto.AES_2.DeferredExecution.chunkSize; | ||||
| //		return this._elaborationChunkSize; | ||||
| 		return (this._elaborationChunks * 1024); | ||||
| 	}, | ||||
| 	 | ||||
| 	'executionStep': function() { | ||||
| 		return this._executionStep; | ||||
| 	}, | ||||
| 	 | ||||
| 	'setExecutionStep': function(aValue) { | ||||
| 		this._executionStep = aValue; | ||||
| 	}, | ||||
| 	 | ||||
| 	'tuneExecutionParameters': function (anElapsedTime) { | ||||
| //var originalChunks = this._elaborationChunks; | ||||
| 		if (anElapsedTime > 0) { | ||||
| 			this._elaborationChunks = Math.round(this._elaborationChunks * ((anElapsedTime + 1000)/(anElapsedTime * 2))); | ||||
| 		} | ||||
| //Clipperz.log("tuneExecutionParameters - elapsedTime: " +  anElapsedTime + /*originalChunks,*/ " chunks # " + this._elaborationChunks + " [" + this._executionStep + " / " + this._messageLength + "]"); | ||||
| 	}, | ||||
| 	 | ||||
| 	'pause': function(aValue) { | ||||
| //		return MochiKit.Async.wait(Clipperz.Crypto.AES_2.DeferredExecution.pauseTime, aValue); | ||||
| 		return MochiKit.Async.wait(this._pauseTime, aValue); | ||||
| 	}, | ||||
| 	 | ||||
| 	'isDone': function () { | ||||
| 		return (this._executionStep >= this._messageLength); | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
|  | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| Clipperz.Crypto.AES_2.Key = function(args) { | ||||
| 	args = args || {}; | ||||
|  | ||||
| 	this._key = args.key; | ||||
| 	this._keySize = args.keySize || this.key().length(); | ||||
| 	 | ||||
| 	if (this.keySize() == 128/8) { | ||||
| 		this._b = 176; | ||||
| 		this._numberOfRounds = 10; | ||||
|  	} else if (this.keySize() == 256/8) { | ||||
| 		this._b = 240; | ||||
| 		this._numberOfRounds = 14; | ||||
| 	} else { | ||||
| 		Clipperz.logError("AES unsupported key size: " + (this.keySize() * 8) + " bits"); | ||||
| 		throw Clipperz.Crypto.AES_2.exception.UnsupportedKeySize; | ||||
| 	} | ||||
| 	 | ||||
| 	this._stretchedKey = null; | ||||
| 	 | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.AES_2.Key.prototype = MochiKit.Base.update(null, { | ||||
|  | ||||
| 	'asString': function() { | ||||
| 		return "Clipperz.Crypto.AES_2.Key (" + this.key().toHexString() + ")"; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'key': function() { | ||||
| 		return this._key; | ||||
| 	}, | ||||
|  | ||||
| 	'keySize': function() { | ||||
| 		return this._keySize; | ||||
| 	}, | ||||
| 	 | ||||
| 	'b': function() { | ||||
| 		return this._b; | ||||
| 	}, | ||||
| 	 | ||||
| 	'numberOfRounds': function() { | ||||
| 		return this._numberOfRounds; | ||||
| 	}, | ||||
| 	//========================================================================= | ||||
|  | ||||
| 	'keyScheduleCore': function(aWord, aRoundConstantsIndex) { | ||||
| 		var	result; | ||||
| 		var sbox; | ||||
|  | ||||
| 		sbox = Clipperz.Crypto.AES_2.sbox(); | ||||
|  | ||||
| 		result = [	sbox[aWord[1]] ^ Clipperz.Crypto.AES_2.roundConstants()[aRoundConstantsIndex], | ||||
| 					sbox[aWord[2]], | ||||
| 					sbox[aWord[3]], | ||||
| 					sbox[aWord[0]]	]; | ||||
|  | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'xorWithPreviousStretchValues': function(aKey, aWord, aPreviousWordIndex) { | ||||
| 		var	result; | ||||
| 		var i,c; | ||||
| 		 | ||||
| 		result = []; | ||||
| 		c = 4; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			result[i] = aWord[i] ^ aKey.byteAtIndex(aPreviousWordIndex + i); | ||||
| 		} | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'sboxShakeup': function(aWord) { | ||||
| 		var result; | ||||
| 		var sbox; | ||||
| 		var i,c; | ||||
| 		 | ||||
| 		result = []; | ||||
| 		sbox = Clipperz.Crypto.AES_2.sbox(); | ||||
| 		c =4; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			result[i] = sbox[aWord[i]]; | ||||
| 		} | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'stretchKey': function(aKey) { | ||||
| 		var	currentWord; | ||||
| 		var	keyLength; | ||||
| 		var	previousStretchIndex; | ||||
| 		var i,c; | ||||
| 		 | ||||
| 		keyLength = aKey.length(); | ||||
| 		previousStretchIndex = keyLength - this.keySize(); | ||||
|  | ||||
| 		currentWord = [	aKey.byteAtIndex(keyLength - 4), | ||||
| 						aKey.byteAtIndex(keyLength - 3), | ||||
| 						aKey.byteAtIndex(keyLength - 2), | ||||
| 						aKey.byteAtIndex(keyLength - 1)	]; | ||||
| 		currentWord = this.keyScheduleCore(currentWord, keyLength / this.keySize()); | ||||
|  | ||||
| 		if (this.keySize() == 256/8) { | ||||
| 			c = 8; | ||||
| 		} else if (this.keySize() == 128/8){ | ||||
| 			c = 4; | ||||
| 		} | ||||
| 		 | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			if (i == 4) { | ||||
| 				//	fifth streatch word | ||||
| 				currentWord = this.sboxShakeup(currentWord); | ||||
| 			} | ||||
|  | ||||
| 			currentWord = this.xorWithPreviousStretchValues(aKey, currentWord, previousStretchIndex + (i*4)); | ||||
| 			aKey.appendBytes(currentWord); | ||||
| 		} | ||||
|  | ||||
| 		return aKey; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'stretchedKey': function() { | ||||
| 		if (this._stretchedKey == null) { | ||||
| 			var stretchedKey; | ||||
| 			 | ||||
| 			stretchedKey = this.key().clone(); | ||||
|  | ||||
| 			while (stretchedKey.length() < this.keySize()) { | ||||
| 				stretchedKey.appendByte(0); | ||||
| 			} | ||||
|  | ||||
| 			while (stretchedKey.length() < this.b()) { | ||||
| 				stretchedKey = this.stretchKey(stretchedKey); | ||||
| 			} | ||||
| 			 | ||||
| 			this._stretchedKey = stretchedKey.split(0, this.b()); | ||||
| 		} | ||||
| 		 | ||||
| 		return this._stretchedKey; | ||||
| 	}, | ||||
|  | ||||
| 	//========================================================================= | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| Clipperz.Crypto.AES_2.State = function(args) { | ||||
| 	args = args || {}; | ||||
|  | ||||
| 	this._data = args.block.slice(0); | ||||
| 	this._key = args.key; | ||||
| 	 | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.AES_2.State.prototype = MochiKit.Base.update(null, { | ||||
|  | ||||
| 	'key': function() { | ||||
| 		return this._key; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'data': function() { | ||||
| 		return this._data; | ||||
| 	}, | ||||
|  | ||||
| 	'setData': function(aValue) { | ||||
| 		this._data = aValue; | ||||
| 	}, | ||||
|  | ||||
| 	//========================================================================= | ||||
|  | ||||
| 	'addRoundKey': function(aRoundNumber) { | ||||
| 	 	//	each byte of the state is combined with the round key; each round key is derived from the cipher key using a key schedule. | ||||
| 		var	data; | ||||
| 		var	stretchedKey; | ||||
| 		var	firstStretchedKeyIndex; | ||||
| 		var i,c; | ||||
|  | ||||
| 		data = this.data(); | ||||
| 		stretchedKey = this.key().stretchedKey(); | ||||
| 		firstStretchedKeyIndex = aRoundNumber * (128/8); | ||||
| 		c = 128/8; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			data[i] = data[i] ^ stretchedKey.byteAtIndex(firstStretchedKeyIndex + i); | ||||
| 		} | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'subBytes': function() { | ||||
| 		//	 a non-linear substitution step where each byte is replaced with another according to a lookup table. | ||||
| 		var i,c; | ||||
| 		var	data; | ||||
| 		var sbox; | ||||
| 		 | ||||
| 		data = this.data(); | ||||
| 		sbox = Clipperz.Crypto.AES_2.sbox(); | ||||
| 		 | ||||
| 		c = 16; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			data[i] = sbox[data[i]]; | ||||
| 		} | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'shiftRows': function() { | ||||
| 		//	a transposition step where each row of the state is shifted cyclically a certain number of steps. | ||||
| 		var	newValue; | ||||
| 		var	data; | ||||
| 		var	shiftMapping; | ||||
| 		var	i,c; | ||||
| 		 | ||||
| 		newValue = new Array(16); | ||||
| 		data = this.data(); | ||||
| 		shiftMapping = Clipperz.Crypto.AES_2.shiftRowMapping(); | ||||
| //		[0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 1, 6, 11]; | ||||
| 		c = 16; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			newValue[i] = data[shiftMapping[i]]; | ||||
| 		} | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			data[i] = newValue[i]; | ||||
| 		} | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
| /* | ||||
| 	'mixColumnsWithValues': function(someValues) { | ||||
| 		var	result; | ||||
| 		var	a; | ||||
| 		var i,c; | ||||
| 		 | ||||
| 		c = 4; | ||||
| 		result = []; | ||||
| 		a = []; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			a[i] = []; | ||||
| 			a[i][1] = someValues[i] | ||||
| 			if ((a[i][1] & 0x80) == 0x80) { | ||||
| 				a[i][2] = (a[i][1] << 1) ^ 0x11b; | ||||
| 			} else { | ||||
| 				a[i][2] = a[i][1] << 1; | ||||
| 			} | ||||
| 			 | ||||
| 			a[i][3] = a[i][2] ^ a[i][1]; | ||||
| 		} | ||||
| 	 | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			var	x; | ||||
|  | ||||
| 			x = Clipperz.Crypto.AES_2.mixColumnsMatrix()[i]; | ||||
| 			result[i] = a[0][x[0]] ^ a[1][x[1]] ^ a[2][x[2]] ^ a[3][x[3]]; | ||||
| 		} | ||||
|  | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	'mixColumns': function() { | ||||
| 		//	a mixing operation which operates on the columns of the state, combining the four bytes in each column using a linear transformation. | ||||
| 		var data; | ||||
| 		var i, c; | ||||
| 		 | ||||
| 		data = this.data(); | ||||
| 		c = 4; | ||||
| 		for(i=0; i<c; i++) { | ||||
| 			var	blockIndex; | ||||
| 			var mixedValues; | ||||
| 			 | ||||
| 			blockIndex = i * 4; | ||||
| 			mixedValues = this.mixColumnsWithValues([	data[blockIndex + 0], | ||||
| 														data[blockIndex + 1], | ||||
| 														data[blockIndex + 2], | ||||
| 														data[blockIndex + 3]]); | ||||
| 			data[blockIndex + 0] = mixedValues[0]; | ||||
| 			data[blockIndex + 1] = mixedValues[1]; | ||||
| 			data[blockIndex + 2] = mixedValues[2]; | ||||
| 			data[blockIndex + 3] = mixedValues[3]; | ||||
| 		} | ||||
| 	}, | ||||
| */ | ||||
|  | ||||
| 	'mixColumns': function() { | ||||
| 		//	a mixing operation which operates on the columns of the state, combining the four bytes in each column using a linear transformation. | ||||
| 		var data; | ||||
| 		var i, c; | ||||
| 		var a_1; | ||||
| 		var a_2; | ||||
|  | ||||
| 		a_1 = new Array(4); | ||||
| 		a_2 = new Array(4); | ||||
| 		 | ||||
| 		data = this.data(); | ||||
| 		c = 4; | ||||
| 		for(i=0; i<c; i++) { | ||||
| 			var	blockIndex; | ||||
| 			var ii, cc; | ||||
| 			 | ||||
| 			blockIndex = i * 4; | ||||
|  | ||||
| 			cc = 4; | ||||
| 			for (ii=0; ii<cc; ii++) { | ||||
| 				var value; | ||||
| 				 | ||||
| 				value = data[blockIndex + ii]; | ||||
| 				a_1[ii] = value; | ||||
| 				a_2[ii] = (value & 0x80) ? ((value << 1) ^ 0x011b) : (value << 1); | ||||
| 			} | ||||
|  | ||||
| 			data[blockIndex + 0] = a_2[0] ^ a_1[1] ^ a_2[1] ^ a_1[2] ^ a_1[3]; | ||||
| 			data[blockIndex + 1] = a_1[0] ^ a_2[1] ^ a_1[2] ^ a_2[2] ^ a_1[3]; | ||||
| 			data[blockIndex + 2] = a_1[0] ^ a_1[1] ^ a_2[2] ^ a_1[3] ^ a_2[3]; | ||||
| 			data[blockIndex + 3] = a_1[0] ^ a_2[0] ^ a_1[1] ^ a_1[2] ^ a_2[3]; | ||||
| 		} | ||||
| 	}, | ||||
|  | ||||
| 	//========================================================================= | ||||
| 	 | ||||
| 	'spinRound': function(aRoundNumber) { | ||||
| 		this.addRoundKey(aRoundNumber); | ||||
| 		this.subBytes(); | ||||
| 		this.shiftRows(); | ||||
| 		this.mixColumns(); | ||||
| 	}, | ||||
|  | ||||
| 	'spinLastRound': function() { | ||||
| 		this.addRoundKey(this.key().numberOfRounds() - 1); | ||||
| 		this.subBytes(); | ||||
| 		this.shiftRows(); | ||||
| 		this.addRoundKey(this.key().numberOfRounds()); | ||||
| 	}, | ||||
|  | ||||
| 	//========================================================================= | ||||
|  | ||||
| 	'encrypt': function() { | ||||
| 		var	i,c; | ||||
|  | ||||
| 		c = this.key().numberOfRounds() - 1; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			this.spinRound(i); | ||||
| 		} | ||||
|  | ||||
| 		this.spinLastRound(); | ||||
| 	}, | ||||
| 	 | ||||
| 	//========================================================================= | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| Clipperz.Crypto.AES_2.VERSION = "0.1"; | ||||
| Clipperz.Crypto.AES_2.NAME = "Clipperz.Crypto.AES_2"; | ||||
|  | ||||
| MochiKit.Base.update(Clipperz.Crypto.AES_2, { | ||||
|  | ||||
| //	http://www.cs.eku.edu/faculty/styer/460/Encrypt/JS-AES.html | ||||
| //	http://en.wikipedia.org/wiki/Advanced_Encryption_Standard | ||||
| //	http://en.wikipedia.org/wiki/Rijndael_key_schedule  | ||||
| //	http://en.wikipedia.org/wiki/Rijndael_S-box | ||||
| 		 | ||||
| 	'__repr__': function () { | ||||
| 		return "[" + this.NAME + " " + this.VERSION + "]"; | ||||
| 	}, | ||||
|  | ||||
| 	'toString': function () { | ||||
| 		return this.__repr__(); | ||||
| 	}, | ||||
|  | ||||
| 	//============================================================================= | ||||
| 	 | ||||
| 	'_sbox': null, | ||||
| 	'sbox': function() { | ||||
| 		if (Clipperz.Crypto.AES_2._sbox == null) { | ||||
| 			Clipperz.Crypto.AES_2._sbox = [ | ||||
| 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, | ||||
| 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, | ||||
| 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, | ||||
| 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, | ||||
| 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, | ||||
| 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, | ||||
| 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8, | ||||
| 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, | ||||
| 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, | ||||
| 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, | ||||
| 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, | ||||
| 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, | ||||
| 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, | ||||
| 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, | ||||
| 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, | ||||
| 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 | ||||
| 			]; | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.AES_2._sbox; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	// | ||||
| 	//		0	4	8	12				0	4	8	12 | ||||
| 	//		1	5	9	13		=>		5	9	13	1 | ||||
| 	//		2	6	10	14				10	14	2	6 | ||||
| 	//		3	7	11	15				15	3	7	11 | ||||
| 	// | ||||
| 	'_shiftRowMapping': null, | ||||
| 	'shiftRowMapping': function() { | ||||
| 		if (Clipperz.Crypto.AES_2._shiftRowMapping == null) { | ||||
| 			Clipperz.Crypto.AES_2._shiftRowMapping = [0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 1, 6, 11]; | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.AES_2._shiftRowMapping; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'_mixColumnsMatrix': null, | ||||
| 	'mixColumnsMatrix': function() { | ||||
| 		if (Clipperz.Crypto.AES_2._mixColumnsMatrix == null) { | ||||
| 			Clipperz.Crypto.AES_2._mixColumnsMatrix = [	[2, 3, 1 ,1], | ||||
| 														[1, 2, 3, 1], | ||||
| 														[1, 1, 2, 3], | ||||
| 														[3, 1, 1, 2]   ]; | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.AES_2._mixColumnsMatrix; | ||||
| 	}, | ||||
|  | ||||
| 	'_roundConstants': null, | ||||
| 	'roundConstants': function() { | ||||
| 		if (Clipperz.Crypto.AES_2._roundConstants == null) { | ||||
| 			Clipperz.Crypto.AES_2._roundConstants = [ , 1, 2, 4, 8, 16, 32, 64, 128, 27, 54, 108, 216, 171, 77, 154]; | ||||
| //			Clipperz.Crypto.AES_2._roundConstants = [ , 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a]; | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.AES_2._roundConstants; | ||||
| 	}, | ||||
| 	 | ||||
| 	//============================================================================= | ||||
|  | ||||
| 	'incrementNonce': function(nonce) { | ||||
| 		var i; | ||||
| 		var done; | ||||
|  | ||||
| 		done = false; | ||||
| 		i = nonce.length - 1; | ||||
| 		 | ||||
| 		while ((i>=0) && (done == false)) { | ||||
| 			var currentByteValue; | ||||
| 			 | ||||
| 			currentByteValue = nonce[i]; | ||||
| 			 | ||||
| 			if (currentByteValue == 0xff) { | ||||
| 				nonce[i] = 0; | ||||
| 				if (i>= 0) { | ||||
| 					i --; | ||||
| 				} else { | ||||
| 					done = true; | ||||
| 				} | ||||
| 			} else { | ||||
| 				nonce[i] = currentByteValue + 1; | ||||
| 				done = true; | ||||
| 			} | ||||
| 		} | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'encryptBlock': function(aKey, aBlock) { | ||||
| 		var	result; | ||||
| 		var	state; | ||||
|  | ||||
| 		state = new Clipperz.Crypto.AES_2.State({block:aBlock, key:aKey}); | ||||
| //is(state.data(), 'before'); | ||||
| 		state.encrypt(); | ||||
| 		result = state.data();  | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'encryptBlocks': function(aKey, aMessage, aNonce) { | ||||
| 		var	result; | ||||
| 		var nonce; | ||||
| 		var self; | ||||
| 		var	messageIndex; | ||||
| 		var	messageLength; | ||||
| 		var blockSize;		 | ||||
| 		 | ||||
| 		self = Clipperz.Crypto.AES_2; | ||||
| 		blockSize = 128/8; | ||||
| 		messageLength = aMessage.length; | ||||
| 		nonce = aNonce; | ||||
|  | ||||
| 		result = aMessage; | ||||
| 		messageIndex = 0; | ||||
| 		while (messageIndex < messageLength) { | ||||
| 			var encryptedBlock; | ||||
| 			var i,c; | ||||
|  | ||||
| 			encryptedBlock = self.encryptBlock(aKey, nonce); | ||||
| 			 | ||||
| 			if ((messageLength - messageIndex) > blockSize) { | ||||
| 				c = blockSize; | ||||
| 			} else { | ||||
| 				c = messageLength - messageIndex; | ||||
| 			} | ||||
| 			 | ||||
| 			for (i=0; i<c; i++) { | ||||
| 				result[messageIndex + i] = result[messageIndex + i] ^ encryptedBlock[i]; | ||||
| 			} | ||||
| 			 | ||||
| 			messageIndex += blockSize; | ||||
| //			nonce = self.incrementNonce(nonce); | ||||
| 			self.incrementNonce(nonce) | ||||
| 		} | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'encrypt': function(aKey, someData, aNonce) { | ||||
| 		var result; | ||||
| 		var nonce; | ||||
| 		var	encryptedData; | ||||
| 		var key; | ||||
|  | ||||
| 		key = new Clipperz.Crypto.AES_2.Key({key:aKey}); | ||||
| 		nonce = aNonce ? aNonce.clone() : Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(128/8); | ||||
|  | ||||
| 		encryptedData = Clipperz.Crypto.AES_2.encryptBlocks(key, someData.arrayValues(), nonce.arrayValues()); | ||||
|  | ||||
| 		result = nonce.appendBytes(encryptedData); | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'decrypt': function(aKey, someData) { | ||||
| 		var result; | ||||
| 		var nonce; | ||||
| 		var encryptedData; | ||||
| 		var decryptedData; | ||||
| 		var	dataIterator; | ||||
| 		var key; | ||||
|  | ||||
| 		key = new Clipperz.Crypto.AES_2.Key({key:aKey}); | ||||
|  | ||||
| 		encryptedData = someData.arrayValues(); | ||||
| 		nonce = encryptedData.slice(0, (128/8)); | ||||
| 		encryptedData = encryptedData.slice(128/8); | ||||
| 		decryptedData = Clipperz.Crypto.AES_2.encryptBlocks(key, encryptedData, nonce); | ||||
|  | ||||
| 		result = new Clipperz.ByteArray(decryptedData); | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	//============================================================================= | ||||
|  | ||||
| 	'deferredEncryptExecutionChunk': function(anExecutionContext) { | ||||
| 		var	result; | ||||
| 		var nonce; | ||||
| 		var self; | ||||
| 		var	messageIndex; | ||||
| 		var	messageLength; | ||||
| 		var blockSize;	 | ||||
| 		var executionLimit; | ||||
| 		var startTime, endTime; | ||||
|  | ||||
| 		self = Clipperz.Crypto.AES_2; | ||||
| 		startTime = new Date(); | ||||
| 		blockSize = 128/8; | ||||
| 		messageLength = anExecutionContext.messageArray().length; | ||||
| 		nonce = anExecutionContext.nonceArray(); | ||||
| 		result = anExecutionContext.resultArray(); | ||||
|  | ||||
| 		messageIndex = anExecutionContext.executionStep(); | ||||
| 		executionLimit = messageIndex + anExecutionContext.elaborationChunkSize(); | ||||
| 		executionLimit = Math.min(executionLimit, messageLength); | ||||
| 		 | ||||
| 		while (messageIndex < executionLimit) { | ||||
| 			var encryptedBlock; | ||||
| 			var i,c; | ||||
| 			 | ||||
| //console.log("+++ nonce: [" + nonce + "]") | ||||
| 			encryptedBlock = self.encryptBlock(anExecutionContext.key(), nonce); | ||||
| 			 | ||||
| 			if ((executionLimit - messageIndex) > blockSize) { | ||||
| 				c = blockSize; | ||||
| 			} else { | ||||
| 				c = executionLimit - messageIndex; | ||||
| 			} | ||||
| 			 | ||||
| 			for (i=0; i<c; i++) { | ||||
| 				result[messageIndex + i] = result[messageIndex + i] ^ encryptedBlock[i]; | ||||
| 			} | ||||
| 			 | ||||
| 			messageIndex += blockSize; | ||||
| //			nonce = self.incrementNonce(nonce); | ||||
| 			self.incrementNonce(nonce); | ||||
| 		} | ||||
| 		anExecutionContext.setExecutionStep(messageIndex); | ||||
| 		endTime = new Date(); | ||||
| 		anExecutionContext.tuneExecutionParameters(endTime - startTime); | ||||
| 		 | ||||
| 		return anExecutionContext; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'deferredEncryptBlocks': function(anExecutionContext) { | ||||
| 		var	deferredResult; | ||||
|  | ||||
| //console.log("executionContext", anExecutionContext) | ||||
| //console.log(" --- nonce: " + anExecutionContext.nonceArray()) | ||||
| 		if (! anExecutionContext.isDone()) { | ||||
| 			deferredResult = Clipperz.Async.callbacks("Clipperz.Crypto.AES_2.deferredEncryptBloks", [ | ||||
| 				Clipperz.Crypto.AES_2.deferredEncryptExecutionChunk, | ||||
| 				MochiKit.Base.method(anExecutionContext, 'pause'), | ||||
| 				Clipperz.Crypto.AES_2.deferredEncryptBlocks | ||||
| 			], {trace:false}, anExecutionContext); | ||||
| 		} else { | ||||
| 			deferredResult = MochiKit.Async.succeed(anExecutionContext); | ||||
| 		} | ||||
| 		 | ||||
| 		return deferredResult; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	 | ||||
| 	'deferredEncrypt': function(aKey, someData, aNonce) { | ||||
| 		var deferredResult; | ||||
| 		var	executionContext; | ||||
| 		var result; | ||||
| 		var nonce; | ||||
| 		var key; | ||||
|  | ||||
| 		key = new Clipperz.Crypto.AES_2.Key({key:aKey}); | ||||
| 		nonce = aNonce ? aNonce.clone() : Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(128/8); | ||||
|  | ||||
| 		executionContext = new Clipperz.Crypto.AES_2.DeferredExecutionContext({key:key, message:someData, nonce:nonce}); | ||||
|  | ||||
| 		deferredResult = new Clipperz.Async.Deferred("AES.deferredEncrypt"); | ||||
| 		deferredResult.addCallback(Clipperz.Crypto.AES_2.deferredEncryptBlocks); | ||||
| 		deferredResult.addCallback(function(anExecutionContext) { | ||||
| 			var result; | ||||
| 			 | ||||
| 			result = anExecutionContext.nonce().clone(); | ||||
| 			result.appendBytes(anExecutionContext.resultArray()); | ||||
|  | ||||
| 			return result; | ||||
| 		}); | ||||
| 		deferredResult.callback(executionContext) | ||||
|  | ||||
| 		return deferredResult; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'deferredDecrypt': function(aKey, someData) { | ||||
| 		var deferredResult | ||||
| 		var nonce; | ||||
| 		var message; | ||||
| 		var key; | ||||
|  | ||||
| 		key = new Clipperz.Crypto.AES_2.Key({key:aKey}); | ||||
| 		nonce = someData.split(0, (128/8)); | ||||
| //console.log("nonce: [" + nonce.arrayValues() + "]") | ||||
| 		message = someData.split(128/8); | ||||
| //console.log("message: [" + message.arrayValues() + "]") | ||||
| 		executionContext = new Clipperz.Crypto.AES_2.DeferredExecutionContext({key:key, message:message, nonce:nonce}); | ||||
|  | ||||
| 		deferredResult = new Clipperz.Async.Deferred("AES.deferredDecrypt"); | ||||
| 		deferredResult.addCallback(Clipperz.Crypto.AES_2.deferredEncryptBlocks); | ||||
| 		deferredResult.addCallback(function(anExecutionContext) { | ||||
| 			return anExecutionContext.result(); | ||||
| 		}); | ||||
| 		deferredResult.callback(executionContext); | ||||
|  | ||||
| 		return deferredResult; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| 	 | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| //Clipperz.Crypto.AES_2.DeferredExecution = { | ||||
| //	'chunkSize': 16384,	//	4096,	//	1024	4096	8192	16384	32768; | ||||
| //	'pauseTime': 0.02	//	0.2 | ||||
| //} | ||||
|  | ||||
| Clipperz.Crypto.AES_2.exception = { | ||||
| 	'UnsupportedKeySize':    new MochiKit.Base.NamedError("Clipperz.Crypto.AES_2.exception.UnsupportedKeySize")  | ||||
| }; | ||||
							
								
								
									
										1847
									
								
								frontend/delta/js/Clipperz/Crypto/Base.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										1847
									
								
								frontend/delta/js/Clipperz/Crypto/Base.js
									
									
									
									
									
										Normal file
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							
							
								
								
									
										1754
									
								
								frontend/delta/js/Clipperz/Crypto/BigInt.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										1754
									
								
								frontend/delta/js/Clipperz/Crypto/BigInt.js
									
									
									
									
									
										Normal file
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							
							
								
								
									
										1644
									
								
								frontend/delta/js/Clipperz/Crypto/BigInt_scoped.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										1644
									
								
								frontend/delta/js/Clipperz/Crypto/BigInt_scoped.js
									
									
									
									
									
										Normal file
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							
							
								
								
									
										500
									
								
								frontend/delta/js/Clipperz/Crypto/ECC/BinaryField/Curve.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										500
									
								
								frontend/delta/js/Clipperz/Crypto/ECC/BinaryField/Curve.js
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,500 @@ | ||||
| /* | ||||
|  | ||||
| Copyright 2008-2013 Clipperz Srl | ||||
|  | ||||
| This file is part of Clipperz, the online password manager. | ||||
| For further information about its features and functionalities please | ||||
| refer to http://www.clipperz.com. | ||||
|  | ||||
| * Clipperz is free software: you can redistribute it and/or modify it | ||||
|   under the terms of the GNU Affero General Public License as published | ||||
|   by the Free Software Foundation, either version 3 of the License, or  | ||||
|   (at your option) any later version. | ||||
|  | ||||
| * Clipperz is distributed in the hope that it will be useful, but  | ||||
|   WITHOUT ANY WARRANTY; without even the implied warranty of  | ||||
|   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||||
|   See the GNU Affero General Public License for more details. | ||||
|  | ||||
| * You should have received a copy of the GNU Affero General Public | ||||
|   License along with Clipperz. If not, see http://www.gnu.org/licenses/. | ||||
|  | ||||
| */ | ||||
|  | ||||
| //try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | ||||
| //	throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; | ||||
| //}   | ||||
| if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } | ||||
| if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.Curve = function(args) { | ||||
| 	args = args || {}; | ||||
|  | ||||
| 	this._modulus = args.modulus; | ||||
| 	 | ||||
| 	this._a = args.a; | ||||
| 	this._b = args.b; | ||||
| 	this._G = args.G; | ||||
| 	this._r = args.r; | ||||
| 	this._h = args.h; | ||||
|  | ||||
| 	this._finiteField = null; | ||||
| 	 | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.Curve.prototype = MochiKit.Base.update(null, { | ||||
|  | ||||
| 	'asString': function() { | ||||
| 		return "Clipperz.Crypto.ECC.BinaryField.Curve"; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'modulus': function() { | ||||
| 		return this._modulus; | ||||
| 	}, | ||||
| 	 | ||||
| 	'a': function() { | ||||
| 		return this._a; | ||||
| 	}, | ||||
| 	 | ||||
| 	'b': function() { | ||||
| 		return this._b; | ||||
| 	}, | ||||
| 	 | ||||
| 	'G': function() { | ||||
| 		return this._G; | ||||
| 	}, | ||||
| 	 | ||||
| 	'r': function() { | ||||
| 		return this._r; | ||||
| 	}, | ||||
| 	 | ||||
| 	'h': function() { | ||||
| 		return this._h; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'finiteField': function() { | ||||
| 		if (this._finiteField == null) { | ||||
| 			this._finiteField = new Clipperz.Crypto.ECC.BinaryField.FiniteField({modulus:this.modulus()}) | ||||
| 		} | ||||
| 		 | ||||
| 		return this._finiteField; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'negate': function(aPointA) { | ||||
| 		var result; | ||||
|  | ||||
| 		result = new Clipperz.Crypto.ECC.Point({x:aPointA.x(), y:this.finiteField().add(aPointA.y(), aPointA.x())}) | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'add': function(aPointA, aPointB) { | ||||
| 		var result; | ||||
|  | ||||
| 		if (aPointA.isZero()) { | ||||
| 			result = aPointB; | ||||
| 		} else if (aPointB.isZero()) { | ||||
| 			result = aPointA; | ||||
| 		} else if (	(aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) { | ||||
| 			result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); | ||||
| 		} else { | ||||
| 			var	f2m; | ||||
| 			var x, y; | ||||
| 			var lambda; | ||||
| 			var aX, aY, bX, bY; | ||||
| 		 | ||||
| 			aX = aPointA.x()._value; | ||||
| 			aY = aPointA.y()._value; | ||||
| 			bX = aPointB.x()._value; | ||||
| 			bY = aPointB.y()._value; | ||||
|  | ||||
| 			f2m = this.finiteField(); | ||||
| 			 | ||||
| 			if (aPointA.x().compare(aPointB.x()) != 0) { | ||||
| 				lambda =	f2m._fastMultiply( | ||||
| 								f2m._add(aY, bY), | ||||
| 								f2m._inverse(f2m._add(aX, bX)) | ||||
| 							); | ||||
| 				x = f2m._add(this.a()._value, f2m._square(lambda)); | ||||
| 				f2m._overwriteAdd(x, lambda); | ||||
| 				f2m._overwriteAdd(x, aX); | ||||
| 				f2m._overwriteAdd(x, bX); | ||||
| 			} else { | ||||
| 				lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX))); | ||||
| 				x = f2m._add(this.a()._value, f2m._square(lambda)); | ||||
| 				f2m._overwriteAdd(x, lambda); | ||||
| 			} | ||||
| 			 | ||||
| 			y = f2m._fastMultiply(f2m._add(bX, x), lambda); | ||||
| 			f2m._overwriteAdd(y, x); | ||||
| 			f2m._overwriteAdd(y, bY); | ||||
|  | ||||
| 			result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)}) | ||||
| 		} | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'addTwice': function(aPointA) { | ||||
| 		return this.add(aPointA, aPointA); | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'overwriteAdd': function(aPointA, aPointB) { | ||||
| 		if (aPointA.isZero()) { | ||||
| //			result = aPointB; | ||||
| 			aPointA._x._value = aPointB._x._value; | ||||
| 			aPointA._y._value = aPointB._y._value; | ||||
| 		} else if (aPointB.isZero()) { | ||||
| //			result = aPointA; | ||||
| 		} else if (	(aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) { | ||||
| //			result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); | ||||
| 			aPointA._x = Clipperz.Crypto.ECC.BinaryField.Value.O; | ||||
| 			aPointA._y = Clipperz.Crypto.ECC.BinaryField.Value.O; | ||||
| 		} else { | ||||
| 			var	f2m; | ||||
| 			var x, y; | ||||
| 			var lambda; | ||||
| 			var aX, aY, bX, bY; | ||||
| 		 | ||||
| 			aX = aPointA.x()._value; | ||||
| 			aY = aPointA.y()._value; | ||||
| 			bX = aPointB.x()._value; | ||||
| 			bY = aPointB.y()._value; | ||||
|  | ||||
| 			f2m = this.finiteField(); | ||||
| 			 | ||||
| 			if (aPointA.x().compare(aPointB.x()) != 0) { | ||||
| 				lambda =	f2m._fastMultiply( | ||||
| 								f2m._add(aY, bY), | ||||
| 								f2m._inverse(f2m._add(aX, bX)) | ||||
| 							); | ||||
| 				x = f2m._add(this.a()._value, f2m._square(lambda)); | ||||
| 				f2m._overwriteAdd(x, lambda); | ||||
| 				f2m._overwriteAdd(x, aX); | ||||
| 				f2m._overwriteAdd(x, bX); | ||||
| 			} else { | ||||
| 				lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX))); | ||||
| 				x = f2m._add(this.a()._value, f2m._square(lambda)); | ||||
| 				f2m._overwriteAdd(x, lambda); | ||||
| 			} | ||||
| 			 | ||||
| 			y = f2m._fastMultiply(f2m._add(bX, x), lambda); | ||||
| 			f2m._overwriteAdd(y, x); | ||||
| 			f2m._overwriteAdd(y, bY); | ||||
|  | ||||
| //			result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)}) | ||||
| 			aPointA._x._value = x; | ||||
| 			aPointA._y._value = y; | ||||
|  | ||||
| 		} | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'multiply': function(aValue, aPoint) { | ||||
| 		var result; | ||||
|  | ||||
| //console.profile(); | ||||
| 		result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); | ||||
| 		 | ||||
| 		if (aValue.isZero() == false) { | ||||
| 			var k, Q; | ||||
| 			var i; | ||||
| 			var countIndex; countIndex = 0; | ||||
| 			 | ||||
| 			if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) { | ||||
| 				k = aValue; | ||||
| 				Q = aPoint; | ||||
| 			} else { | ||||
| 				Clipperz.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!"); | ||||
| 				k = aValue.negate(); | ||||
| 				Q = this.negate(aPoint); | ||||
| 			} | ||||
|  | ||||
| 			for (i=k.bitSize()-1; i>=0; i--) { | ||||
| 				result = this.add(result, result); | ||||
| //				this.overwriteAdd(result, result); | ||||
| 				if (k.isBitSet(i)) { | ||||
| 					result = this.add(result, Q); | ||||
| //					this.overwriteAdd(result, Q); | ||||
| 				} | ||||
| 				 | ||||
| //				if (countIndex==100) {Clipperz.log("multiply.break"); break;} else countIndex++; | ||||
| 			} | ||||
| 		} | ||||
| //console.profileEnd(); | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'deferredMultiply': function(aValue, aPoint) { | ||||
| 		var deferredResult; | ||||
| 		var result; | ||||
|  | ||||
| Clipperz.log(">>> deferredMultiply - value: " + aValue + ", point: " + aPoint); | ||||
| //console.profile("ECC.Curve.multiply"); | ||||
| 		deferredResult = new MochiKit.Async.Deferred(); | ||||
| //deferredResult.addCallback(function(res) {console.profile("ECC.Curve.deferredMultiply"); return res;} ); | ||||
| //deferredResult.addBoth(function(res) {Clipperz.logDebug("# 1: " + res); return res;}); | ||||
| 		 | ||||
| 		result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O}); | ||||
| //deferredResult.addBoth(function(res) {Clipperz.logDebug("# 2: " + res); return res;}); | ||||
|  | ||||
| 		if (aValue.isZero() == false) { | ||||
| 			var k, Q; | ||||
| 			var i; | ||||
| 			var countIndex; countIndex = 0; | ||||
| 			 | ||||
| 			if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) { | ||||
| 				k = aValue; | ||||
| 				Q = aPoint; | ||||
| 			} else { | ||||
| 				Clipperz.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!"); | ||||
| 				k = aValue.negate(); | ||||
| 				Q = this.negate(aPoint); | ||||
| 			} | ||||
|  | ||||
|  | ||||
| 			for (i=k.bitSize()-1; i>=0; i--) { | ||||
| 				deferredResult.addMethod(this, "addTwice"); | ||||
| //#				result = this.add(result, result); | ||||
| //				this.overwriteAdd(result, result); | ||||
| 				if (k.isBitSet(i)) { | ||||
| 					deferredResult.addMethod(this, "add", Q); | ||||
| //#					result = this.add(result, Q); | ||||
| //					this.overwriteAdd(result, Q); | ||||
| 				} | ||||
| 				if (i%20 == 0) {deferredResult.addCallback(MochiKit.Async.wait, 0.1);} | ||||
| 			} | ||||
| 		} | ||||
| //#console.profileEnd(); | ||||
| //deferredResult.addBoth(function(res) {console.profileEnd(); return res;}); | ||||
| 		deferredResult.callback(result); | ||||
| 		 | ||||
| //#		return result; | ||||
| 		return deferredResult; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| Clipperz.Crypto.ECC.StandardCurves = {}; | ||||
|  | ||||
| MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, { | ||||
| /* | ||||
| 	'_K571': null, | ||||
| 	'K571': function() { | ||||
| 		if (Clipperz.Crypto.ECC.StandardCurves._K571 == null) { | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.BinaryField.Curve({ | ||||
| 				modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16), | ||||
| 				a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16), | ||||
| 				b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), | ||||
| 				G: new Clipperz.Crypto.ECC.BinaryField.Point({ | ||||
| 					x: new Clipperz.Crypto.ECC.BinaryField.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16), | ||||
| 					y: new Clipperz.Crypto.ECC.BinaryField.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16) | ||||
| 				}), | ||||
| 				r: new Clipperz.Crypto.ECC.BinaryField.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16), | ||||
| 				h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16) | ||||
| 			}); | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.ECC.StandardCurves._K571; | ||||
| 	}, | ||||
|  | ||||
|  | ||||
|  | ||||
| 	'_K283': null, | ||||
| 	'K283': function() {	//	f(z) = z^283 + z^12 + z^7 + z^5 + 1 | ||||
| 		if (Clipperz.Crypto.ECC.StandardCurves._K283 == null) { | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.BinaryField.Curve({ | ||||
| 				modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), | ||||
| 				a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16), | ||||
| 				b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), | ||||
| 				G: new Clipperz.Crypto.ECC.BinaryField.Point({ | ||||
| 					x: new Clipperz.Crypto.ECC.BinaryField.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16), | ||||
| 					y: new Clipperz.Crypto.ECC.BinaryField.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16) | ||||
| 				}), | ||||
| 				r: new Clipperz.Crypto.ECC.BinaryField.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16), | ||||
| 				h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16) | ||||
| 			}); | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.ECC.StandardCurves._K283; | ||||
| 	}, | ||||
| */ | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'_B571': null, | ||||
| 	'B571': function() {	//	f(z) = z^571 + z^10 + z^5 + z^2 + 1 | ||||
| 		if (Clipperz.Crypto.ECC.StandardCurves._B571 == null) { | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({ | ||||
| 				modulus: new Clipperz.Crypto.ECC.BinaryField.Value('80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425', 16), | ||||
| 				a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), | ||||
| 				b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a', 16), | ||||
| 				G: new Clipperz.Crypto.ECC.BinaryField.Point({ | ||||
| 					x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16), | ||||
| 					y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16) | ||||
| 				}), | ||||
| 				r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16), | ||||
| 				h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) | ||||
|  | ||||
| //				S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10), | ||||
| //				n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16) | ||||
| 			}); | ||||
| 			 | ||||
| 			//----------------------------------------------------------------------------- | ||||
| 			// | ||||
| 			//	Guide to Elliptic Curve Cryptography | ||||
| 			//	Darrel Hankerson, Alfred Menezes, Scott Vanstone | ||||
| 			//	- Pag: 56, Alorithm 2.45 (with a typo!!!) | ||||
| 			//	 | ||||
| 			//----------------------------------------------------------------------------- | ||||
| 			// | ||||
| 			//		http://www.milw0rm.com/papers/136 | ||||
| 			// | ||||
| 			//		------------------------------------------------------------------------- | ||||
| 			//		  Polynomial Reduction Algorithm Modulo f571  | ||||
| 			//		------------------------------------------------------------------------- | ||||
| 			//		 | ||||
| 			//		  Input:  Polynomial p(x) of degree 1140 or less, stored as  | ||||
| 			//		          an array of 2T machinewords. | ||||
| 			//		  Output: p(x) mod f571(x) | ||||
| 			//		 | ||||
| 			//		  FOR i = T-1, ..., 0 DO | ||||
| 			//		      SET X  := P[i+T] | ||||
| 			//		      P[i]   := P[i]   ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15) | ||||
| 			//		      P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27) | ||||
| 			//		 | ||||
| 			//		  SET X  := P[T-1] >> 27 | ||||
| 			//		  P[0]   := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10) | ||||
| 			//		  P[T-1] := P[T-1] & 0x07ffffff | ||||
| 			//		 | ||||
| 			//		  RETURN P[T-1],...,P[0] | ||||
| 			//		 | ||||
| 			//		------------------------------------------------------------------------- | ||||
| 			//		 | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module; | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) { | ||||
| 				var	result; | ||||
| 				 | ||||
| 				if (aValue.bitSize() > 1140) { | ||||
| 					Clipperz.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation"); | ||||
| 					result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue); | ||||
| 				} else { | ||||
| 					var	C, T; | ||||
| 					var i; | ||||
| 		 | ||||
| 					C = aValue._value.slice(0); | ||||
| 					for (i=35; i>=18; i--) { | ||||
| 						T = C[i]; | ||||
| 						C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0); | ||||
| 						C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0); | ||||
| 					} | ||||
| 					T = (C[17] >>> 27); | ||||
| 					C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0); | ||||
| 					C[17] = (C[17] & 0x07ffffff); | ||||
|  | ||||
| 					for(i=18; i<=35; i++) { | ||||
| 						C[i] = 0; | ||||
| 					} | ||||
| 				 | ||||
| 					result = new Clipperz.Crypto.ECC.BinaryField.Value(C); | ||||
| 				} | ||||
| 			 | ||||
| 				return result; | ||||
| 			}; | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.ECC.StandardCurves._B571; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'_B283': null, | ||||
| 	'B283': function() {	//	f(z) = z^283 + z^12 + z^7 + z^5 + 1 | ||||
| 		if (Clipperz.Crypto.ECC.StandardCurves._B283 == null) { | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({ | ||||
| //				modulus: new Clipperz.Crypto.ECC.BinaryField.Value('10000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), | ||||
| 				modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), | ||||
| 				a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), | ||||
| 				b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16), | ||||
| 				G: new Clipperz.Crypto.ECC.BinaryField.Point({ | ||||
| 					x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16), | ||||
| 					y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16) | ||||
| 				}), | ||||
| 				r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16), | ||||
| 				h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) | ||||
|  | ||||
| //				S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10), | ||||
| //				n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16) | ||||
| 			}); | ||||
| 			 | ||||
| 			//----------------------------------------------------------------------------- | ||||
| 			// | ||||
| 			//	Guide to Elliptic Curve Cryptography | ||||
| 			//	Darrel Hankerson, Alfred Menezes, Scott Vanstone | ||||
| 			//	- Pag: 56, Alorithm 2.43 | ||||
| 			//	 | ||||
| 			//----------------------------------------------------------------------------- | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module; | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) { | ||||
| 				var	result; | ||||
|  | ||||
| 				if (aValue.bitSize() > 564) { | ||||
| 					Clipperz.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation"); | ||||
| 					result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue); | ||||
| 				} else { | ||||
| 					var	C, T; | ||||
| 					var i; | ||||
| 					 | ||||
| 					C = aValue._value.slice(0); | ||||
| 					for (i=17; i>=9; i--) { | ||||
| 						T = C[i]; | ||||
| 						C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0); | ||||
| 						C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0); | ||||
| 					} | ||||
| 					T = (C[8] >>> 27); | ||||
| 					C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0); | ||||
| 					C[8] = (C[8] & 0x07ffffff); | ||||
|  | ||||
| 					for(i=9; i<=17; i++) { | ||||
| 						C[i] = 0; | ||||
| 					} | ||||
| 				 | ||||
| 					result = new Clipperz.Crypto.ECC.BinaryField.Value(C); | ||||
| 				} | ||||
| 				 | ||||
| 				return result; | ||||
| 			}; | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.ECC.StandardCurves._B283; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
							
								
								
									
										519
									
								
								frontend/delta/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										519
									
								
								frontend/delta/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,519 @@ | ||||
| /* | ||||
|  | ||||
| Copyright 2008-2013 Clipperz Srl | ||||
|  | ||||
| This file is part of Clipperz, the online password manager. | ||||
| For further information about its features and functionalities please | ||||
| refer to http://www.clipperz.com. | ||||
|  | ||||
| * Clipperz is free software: you can redistribute it and/or modify it | ||||
|   under the terms of the GNU Affero General Public License as published | ||||
|   by the Free Software Foundation, either version 3 of the License, or  | ||||
|   (at your option) any later version. | ||||
|  | ||||
| * Clipperz is distributed in the hope that it will be useful, but  | ||||
|   WITHOUT ANY WARRANTY; without even the implied warranty of  | ||||
|   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||||
|   See the GNU Affero General Public License for more details. | ||||
|  | ||||
| * You should have received a copy of the GNU Affero General Public | ||||
|   License along with Clipperz. If not, see http://www.gnu.org/licenses/. | ||||
|  | ||||
| */ | ||||
|  | ||||
| //try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | ||||
| //	throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; | ||||
| //}   | ||||
| if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } | ||||
| if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.FiniteField = function(args) { | ||||
| 	args = args || {}; | ||||
| 	this._modulus = args.modulus; | ||||
|  | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.FiniteField.prototype = MochiKit.Base.update(null, { | ||||
|  | ||||
| 	'asString': function() { | ||||
| 		return "Clipperz.Crypto.ECC.BinaryField.FiniteField (" + this.modulus().asString() + ")"; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'modulus': function() { | ||||
| 		return this._modulus; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'_module': function(aValue) { | ||||
| 		var	result; | ||||
| 		var modulusComparison; | ||||
| 		 | ||||
| 		modulusComparison = Clipperz.Crypto.ECC.BinaryField.Value._compare(aValue, this.modulus()._value); | ||||
|  | ||||
| 		if (modulusComparison < 0) { | ||||
| 			result = aValue; | ||||
| 		} else if (modulusComparison == 0) { | ||||
| 			result = [0]; | ||||
| 		} else { | ||||
| 			var modulusBitSize; | ||||
| 			var resultBitSize; | ||||
| 			 | ||||
| 			result = aValue; | ||||
|  | ||||
| 			modulusBitSize = this.modulus().bitSize(); | ||||
| 			resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result); | ||||
| 			while (resultBitSize >= modulusBitSize) { | ||||
| 				Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this.modulus()._value, resultBitSize - modulusBitSize)); | ||||
| 				resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result); | ||||
| 			} | ||||
| 		} | ||||
|  | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	'module': function(aValue) { | ||||
| 		return new Clipperz.Crypto.ECC.BinaryField.Value(this._module(aValue._value.slice(0))); | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'_add': function(a, b) { | ||||
| 		return Clipperz.Crypto.ECC.BinaryField.Value._xor(a, b); | ||||
| 	}, | ||||
|  | ||||
| 	'_overwriteAdd': function(a, b) { | ||||
| 		Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(a, b); | ||||
| 	}, | ||||
| 	 | ||||
| 	'add': function(a, b) { | ||||
| 		return new Clipperz.Crypto.ECC.BinaryField.Value(this._add(a._value, b._value)); | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'negate': function(aValue) { | ||||
| 		return aValue.clone(); | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'_multiply': function(a, b) { | ||||
| 		var result; | ||||
| 		var valueToXor; | ||||
| 		var i,c; | ||||
|  | ||||
| 		result = [0]; | ||||
| 		valueToXor = b; | ||||
| 		c = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(a); | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			if (Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(a, i) === true) { | ||||
| 				Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, valueToXor); | ||||
| 			} | ||||
| 			valueToXor = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(valueToXor, 1); | ||||
| 		} | ||||
| 		result = this._module(result); | ||||
|  | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	'multiply': function(a, b) { | ||||
| 		return new Clipperz.Crypto.ECC.BinaryField.Value(this._multiply(a._value, b._value)); | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'_fastMultiply': function(a, b) { | ||||
| 		var result; | ||||
| 		var B; | ||||
| 		var i,c; | ||||
| 		 | ||||
| 		result = [0]; | ||||
| 		B = b.slice(0);	//	Is this array copy avoidable? | ||||
| 		c = 32; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			var ii, cc; | ||||
| 			 | ||||
| 			cc = a.length; | ||||
| 			for (ii=0; ii<cc; ii++) { | ||||
| 				if (((a[ii] >>> i) & 0x01) == 1) { | ||||
| 					Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, B, ii); | ||||
| 				} | ||||
| 			} | ||||
| 			 | ||||
| 			if (i < (c-1)) { | ||||
| 				B = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(B, 1); | ||||
| 			} | ||||
| 		} | ||||
| 		result = this._module(result); | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	'fastMultiply': function(a, b) { | ||||
| 		return new Clipperz.Crypto.ECC.BinaryField.Value(this._fastMultiply(a._value, b._value)); | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	// | ||||
| 	//	Guide to Elliptic Curve Cryptography | ||||
| 	//	Darrel Hankerson, Alfred Menezes, Scott Vanstone | ||||
| 	//	- Pag: 49, Alorithm 2.34 | ||||
| 	//	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'_square': function(aValue) { | ||||
| 		var result; | ||||
| 		var value; | ||||
| 		var c,i; | ||||
| 		var precomputedValues; | ||||
| 		 | ||||
| 		value = aValue; | ||||
| 		result = new Array(value.length * 2); | ||||
| 		precomputedValues = Clipperz.Crypto.ECC.BinaryField.FiniteField.squarePrecomputedBytes; | ||||
| 		 | ||||
| 		c = value.length; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			result[i*2]  = precomputedValues[(value[i] & 0x000000ff)]; | ||||
| 			result[i*2] |= ((precomputedValues[(value[i] & 0x0000ff00) >>> 8]) << 16); | ||||
|  | ||||
| 			result[i*2 + 1]  = precomputedValues[(value[i] & 0x00ff0000) >>> 16]; | ||||
| 			result[i*2 + 1] |= ((precomputedValues[(value[i] & 0xff000000) >>> 24]) << 16); | ||||
| 		} | ||||
|  | ||||
| 		return this._module(result); | ||||
| 	}, | ||||
| 	 | ||||
| 	'square': function(aValue) { | ||||
| 		return new Clipperz.Crypto.ECC.BinaryField.Value(this._square(aValue._value)); | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'_inverse': function(aValue) { | ||||
| 		var	result; | ||||
| 		var b, c; | ||||
| 		var u, v; | ||||
| 		 | ||||
| //		b = Clipperz.Crypto.ECC.BinaryField.Value.I._value; | ||||
| 		b = [1]; | ||||
| //		c = Clipperz.Crypto.ECC.BinaryField.Value.O._value; | ||||
| 		c = [0]; | ||||
| 		u = this._module(aValue); | ||||
| 		v = this.modulus()._value.slice(0); | ||||
| 		 | ||||
| 		while (Clipperz.Crypto.ECC.BinaryField.Value._bitSize(u) > 1) { | ||||
| 			var	bitDifferenceSize; | ||||
| 			 | ||||
| 			bitDifferenceSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(u) - Clipperz.Crypto.ECC.BinaryField.Value._bitSize(v); | ||||
| 			if (bitDifferenceSize < 0) { | ||||
| 				var swap; | ||||
| 				 | ||||
| 				swap = u; | ||||
| 				u = v; | ||||
| 				v = swap; | ||||
| 				 | ||||
| 				swap = c; | ||||
| 				c = b; | ||||
| 				b = swap; | ||||
| 				 | ||||
| 				bitDifferenceSize = -bitDifferenceSize; | ||||
| 			} | ||||
|  | ||||
| 			u = this._add(u, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(v, bitDifferenceSize)); | ||||
| 			b = this._add(b, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(c, bitDifferenceSize)); | ||||
| //			this._overwriteAdd(u, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(v, bitDifferenceSize)); | ||||
| //			this._overwriteAdd(b, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(c, bitDifferenceSize)); | ||||
| 		} | ||||
|  | ||||
| 		result = this._module(b); | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	'inverse': function(aValue) { | ||||
| 		return new Clipperz.Crypto.ECC.BinaryField.Value(this._inverse(aValue._value)); | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.FiniteField.squarePrecomputedBytes = [ | ||||
| 	0x0000,	//	  0 = 0000 0000 -> 0000 0000 0000 0000 | ||||
| 	0x0001,	//	  1 = 0000 0001 -> 0000 0000 0000 0001 | ||||
| 	0x0004,	//	  2 = 0000 0010 -> 0000 0000 0000 0100 | ||||
| 	0x0005,	//	  3 = 0000 0011 -> 0000 0000 0000 0101 | ||||
| 	0x0010,	//	  4 = 0000 0100 -> 0000 0000 0001 0000 | ||||
| 	0x0011,	//	  5 = 0000 0101 -> 0000 0000 0001 0001 | ||||
| 	0x0014,	//	  6 = 0000 0110 -> 0000 0000 0001 0100 | ||||
| 	0x0015,	//	  7 = 0000 0111 -> 0000 0000 0001 0101 | ||||
| 	0x0040,	//	  8 = 0000 1000 -> 0000 0000 0100 0000 | ||||
| 	0x0041,	//	  9 = 0000 1001 -> 0000 0000 0100 0001 | ||||
| 	0x0044,	//	 10 = 0000 1010 -> 0000 0000 0100 0100 | ||||
| 	0x0045,	//	 11 = 0000 1011 -> 0000 0000 0100 0101 | ||||
| 	0x0050,	//	 12 = 0000 1100 -> 0000 0000 0101 0000 | ||||
| 	0x0051,	//	 13 = 0000 1101 -> 0000 0000 0101 0001 | ||||
| 	0x0054,	//	 14 = 0000 1110 -> 0000 0000 0101 0100 | ||||
| 	0x0055,	//	 15 = 0000 1111 -> 0000 0000 0101 0101 | ||||
|  | ||||
| 	0x0100,	//	 16 = 0001 0000 -> 0000 0001 0000 0000 | ||||
| 	0x0101,	//	 17 = 0001 0001 -> 0000 0001 0000 0001 | ||||
| 	0x0104,	//	 18 = 0001 0010 -> 0000 0001 0000 0100 | ||||
| 	0x0105,	//	 19 = 0001 0011 -> 0000 0001 0000 0101 | ||||
| 	0x0110,	//	 20 = 0001 0100 -> 0000 0001 0001 0000 | ||||
| 	0x0111,	//	 21 = 0001 0101 -> 0000 0001 0001 0001 | ||||
| 	0x0114,	//	 22 = 0001 0110 -> 0000 0001 0001 0100 | ||||
| 	0x0115,	//	 23 = 0001 0111 -> 0000 0001 0001 0101 | ||||
| 	0x0140,	//	 24 = 0001 1000 -> 0000 0001 0100 0000 | ||||
| 	0x0141,	//	 25 = 0001 1001 -> 0000 0001 0100 0001 | ||||
| 	0x0144,	//	 26 = 0001 1010 -> 0000 0001 0100 0100 | ||||
| 	0x0145,	//	 27 = 0001 1011 -> 0000 0001 0100 0101 | ||||
| 	0x0150,	//	 28 = 0001 1100 -> 0000 0001 0101 0000 | ||||
| 	0x0151,	//	 28 = 0001 1101 -> 0000 0001 0101 0001 | ||||
| 	0x0154,	//	 30 = 0001 1110 -> 0000 0001 0101 0100 | ||||
| 	0x0155,	//	 31 = 0001 1111 -> 0000 0001 0101 0101 | ||||
|  | ||||
| 	0x0400,	//	 32 = 0010 0000 -> 0000 0100 0000 0000 | ||||
| 	0x0401,	//	 33 = 0010 0001 -> 0000 0100 0000 0001 | ||||
| 	0x0404,	//	 34 = 0010 0010 -> 0000 0100 0000 0100 | ||||
| 	0x0405,	//	 35 = 0010 0011 -> 0000 0100 0000 0101 | ||||
| 	0x0410,	//	 36 = 0010 0100 -> 0000 0100 0001 0000 | ||||
| 	0x0411,	//	 37 = 0010 0101 -> 0000 0100 0001 0001 | ||||
| 	0x0414,	//	 38 = 0010 0110 -> 0000 0100 0001 0100 | ||||
| 	0x0415,	//	 39 = 0010 0111 -> 0000 0100 0001 0101 | ||||
| 	0x0440,	//	 40 = 0010 1000 -> 0000 0100 0100 0000 | ||||
| 	0x0441,	//	 41 = 0010 1001 -> 0000 0100 0100 0001 | ||||
| 	0x0444,	//	 42 = 0010 1010 -> 0000 0100 0100 0100 | ||||
| 	0x0445,	//	 43 = 0010 1011 -> 0000 0100 0100 0101 | ||||
| 	0x0450,	//	 44 = 0010 1100 -> 0000 0100 0101 0000 | ||||
| 	0x0451,	//	 45 = 0010 1101 -> 0000 0100 0101 0001 | ||||
| 	0x0454,	//	 46 = 0010 1110 -> 0000 0100 0101 0100 | ||||
| 	0x0455,	//	 47 = 0010 1111 -> 0000 0100 0101 0101 | ||||
|  | ||||
| 	0x0500,	//	 48 = 0011 0000 -> 0000 0101 0000 0000 | ||||
| 	0x0501,	//	 49 = 0011 0001 -> 0000 0101 0000 0001 | ||||
| 	0x0504,	//	 50 = 0011 0010 -> 0000 0101 0000 0100 | ||||
| 	0x0505,	//	 51 = 0011 0011 -> 0000 0101 0000 0101 | ||||
| 	0x0510,	//	 52 = 0011 0100 -> 0000 0101 0001 0000 | ||||
| 	0x0511,	//	 53 = 0011 0101 -> 0000 0101 0001 0001 | ||||
| 	0x0514,	//	 54 = 0011 0110 -> 0000 0101 0001 0100 | ||||
| 	0x0515,	//	 55 = 0011 0111 -> 0000 0101 0001 0101 | ||||
| 	0x0540,	//	 56 = 0011 1000 -> 0000 0101 0100 0000 | ||||
| 	0x0541,	//	 57 = 0011 1001 -> 0000 0101 0100 0001 | ||||
| 	0x0544,	//	 58 = 0011 1010 -> 0000 0101 0100 0100 | ||||
| 	0x0545,	//	 59 = 0011 1011 -> 0000 0101 0100 0101 | ||||
| 	0x0550,	//	 60 = 0011 1100 -> 0000 0101 0101 0000 | ||||
| 	0x0551,	//	 61 = 0011 1101 -> 0000 0101 0101 0001 | ||||
| 	0x0554,	//	 62 = 0011 1110 -> 0000 0101 0101 0100 | ||||
| 	0x0555,	//	 63 = 0011 1111 -> 0000 0101 0101 0101 | ||||
|  | ||||
| 	0x1000,	//	 64 = 0100 0000 -> 0001 0000 0000 0000 | ||||
| 	0x1001,	//	 65 = 0100 0001 -> 0001 0000 0000 0001 | ||||
| 	0x1004,	//	 66 = 0100 0010 -> 0001 0000 0000 0100 | ||||
| 	0x1005,	//	 67 = 0100 0011 -> 0001 0000 0000 0101 | ||||
| 	0x1010,	//	 68 = 0100 0100 -> 0001 0000 0001 0000 | ||||
| 	0x1011,	//	 69 = 0100 0101 -> 0001 0000 0001 0001 | ||||
| 	0x1014,	//	 70 = 0100 0110 -> 0001 0000 0001 0100 | ||||
| 	0x1015,	//	 71 = 0100 0111 -> 0001 0000 0001 0101 | ||||
| 	0x1040,	//	 72 = 0100 1000 -> 0001 0000 0100 0000 | ||||
| 	0x1041,	//	 73 = 0100 1001 -> 0001 0000 0100 0001 | ||||
| 	0x1044,	//	 74 = 0100 1010 -> 0001 0000 0100 0100 | ||||
| 	0x1045,	//	 75 = 0100 1011 -> 0001 0000 0100 0101 | ||||
| 	0x1050,	//	 76 = 0100 1100 -> 0001 0000 0101 0000 | ||||
| 	0x1051,	//	 77 = 0100 1101 -> 0001 0000 0101 0001 | ||||
| 	0x1054,	//	 78 = 0100 1110 -> 0001 0000 0101 0100 | ||||
| 	0x1055,	//	 79 = 0100 1111 -> 0001 0000 0101 0101 | ||||
|  | ||||
| 	0x1100,	//	 80 = 0101 0000 -> 0001 0001 0000 0000 | ||||
| 	0x1101,	//	 81 = 0101 0001 -> 0001 0001 0000 0001 | ||||
| 	0x1104,	//	 82 = 0101 0010 -> 0001 0001 0000 0100 | ||||
| 	0x1105,	//	 83 = 0101 0011 -> 0001 0001 0000 0101 | ||||
| 	0x1110,	//	 84 = 0101 0100 -> 0001 0001 0001 0000 | ||||
| 	0x1111,	//	 85 = 0101 0101 -> 0001 0001 0001 0001 | ||||
| 	0x1114,	//	 86 = 0101 0110 -> 0001 0001 0001 0100 | ||||
| 	0x1115,	//	 87 = 0101 0111 -> 0001 0001 0001 0101 | ||||
| 	0x1140,	//	 88 = 0101 1000 -> 0001 0001 0100 0000 | ||||
| 	0x1141,	//	 89 = 0101 1001 -> 0001 0001 0100 0001 | ||||
| 	0x1144,	//	 90 = 0101 1010 -> 0001 0001 0100 0100 | ||||
| 	0x1145,	//	 91 = 0101 1011 -> 0001 0001 0100 0101 | ||||
| 	0x1150,	//	 92 = 0101 1100 -> 0001 0001 0101 0000 | ||||
| 	0x1151,	//	 93 = 0101 1101 -> 0001 0001 0101 0001 | ||||
| 	0x1154,	//	 94 = 0101 1110 -> 0001 0001 0101 0100 | ||||
| 	0x1155,	//	 95 = 0101 1111 -> 0001 0001 0101 0101 | ||||
|                                             | ||||
| 	0x1400,	//	 96 = 0110 0000 -> 0001 0100 0000 0000 | ||||
| 	0x1401,	//	 97 = 0110 0001 -> 0001 0100 0000 0001 | ||||
| 	0x1404,	//	 98 = 0110 0010 -> 0001 0100 0000 0100 | ||||
| 	0x1405,	//	 99 = 0110 0011 -> 0001 0100 0000 0101 | ||||
| 	0x1410,	//	100 = 0110 0100 -> 0001 0100 0001 0000 | ||||
| 	0x1411,	//	101 = 0110 0101 -> 0001 0100 0001 0001 | ||||
| 	0x1414,	//	102 = 0110 0110 -> 0001 0100 0001 0100 | ||||
| 	0x1415,	//	103 = 0110 0111 -> 0001 0100 0001 0101 | ||||
| 	0x1440,	//	104 = 0110 1000 -> 0001 0100 0100 0000 | ||||
| 	0x1441,	//	105 = 0110 1001 -> 0001 0100 0100 0001 | ||||
| 	0x1444,	//	106 = 0110 1010 -> 0001 0100 0100 0100 | ||||
| 	0x1445,	//	107 = 0110 1011 -> 0001 0100 0100 0101 | ||||
| 	0x1450,	//	108 = 0110 1100 -> 0001 0100 0101 0000 | ||||
| 	0x1451,	//	109 = 0110 1101 -> 0001 0100 0101 0001 | ||||
| 	0x1454,	//	110 = 0110 1110 -> 0001 0100 0101 0100 | ||||
| 	0x1455,	//	111 = 0110 1111 -> 0001 0100 0101 0101 | ||||
|  | ||||
| 	0x1500,	//	112 = 0111 0000 -> 0001 0101 0000 0000 | ||||
| 	0x1501,	//	113 = 0111 0001 -> 0001 0101 0000 0001 | ||||
| 	0x1504,	//	114 = 0111 0010 -> 0001 0101 0000 0100 | ||||
| 	0x1505,	//	115 = 0111 0011 -> 0001 0101 0000 0101 | ||||
| 	0x1510,	//	116 = 0111 0100 -> 0001 0101 0001 0000 | ||||
| 	0x1511,	//	117 = 0111 0101 -> 0001 0101 0001 0001 | ||||
| 	0x1514,	//	118 = 0111 0110 -> 0001 0101 0001 0100 | ||||
| 	0x1515,	//	119 = 0111 0111 -> 0001 0101 0001 0101 | ||||
| 	0x1540,	//	120 = 0111 1000 -> 0001 0101 0100 0000 | ||||
| 	0x1541,	//	121 = 0111 1001 -> 0001 0101 0100 0001 | ||||
| 	0x1544,	//	122 = 0111 1010 -> 0001 0101 0100 0100 | ||||
| 	0x1545,	//	123 = 0111 1011 -> 0001 0101 0100 0101 | ||||
| 	0x1550,	//	124 = 0111 1100 -> 0001 0101 0101 0000 | ||||
| 	0x1551,	//	125 = 0111 1101 -> 0001 0101 0101 0001 | ||||
| 	0x1554,	//	126 = 0111 1110 -> 0001 0101 0101 0100 | ||||
| 	0x1555,	//	127 = 0111 1111 -> 0001 0101 0101 0101 | ||||
|  | ||||
| 	0x4000,	//	128 = 1000 0000 -> 0100 0000 0000 0000 | ||||
| 	0x4001,	//	129 = 1000 0001 -> 0100 0000 0000 0001 | ||||
| 	0x4004,	//	130 = 1000 0010 -> 0100 0000 0000 0100 | ||||
| 	0x4005,	//	131 = 1000 0011 -> 0100 0000 0000 0101 | ||||
| 	0x4010,	//	132 = 1000 0100 -> 0100 0000 0001 0000 | ||||
| 	0x4011,	//	133 = 1000 0101 -> 0100 0000 0001 0001 | ||||
| 	0x4014,	//	134 = 1000 0110 -> 0100 0000 0001 0100 | ||||
| 	0x4015,	//	135 = 1000 0111 -> 0100 0000 0001 0101 | ||||
| 	0x4040,	//	136 = 1000 1000 -> 0100 0000 0100 0000 | ||||
| 	0x4041,	//	137 = 1000 1001 -> 0100 0000 0100 0001 | ||||
| 	0x4044,	//	138 = 1000 1010 -> 0100 0000 0100 0100 | ||||
| 	0x4045,	//	139 = 1000 1011 -> 0100 0000 0100 0101 | ||||
| 	0x4050,	//	140 = 1000 1100 -> 0100 0000 0101 0000 | ||||
| 	0x4051,	//	141 = 1000 1101 -> 0100 0000 0101 0001 | ||||
| 	0x4054,	//	142 = 1000 1110 -> 0100 0000 0101 0100 | ||||
| 	0x4055,	//	143 = 1000 1111 -> 0100 0000 0101 0101 | ||||
|  | ||||
| 	0x4100,	//	144 = 1001 0000 -> 0100 0001 0000 0000 | ||||
| 	0x4101,	//	145 = 1001 0001 -> 0100 0001 0000 0001 | ||||
| 	0x4104,	//	146 = 1001 0010 -> 0100 0001 0000 0100 | ||||
| 	0x4105,	//	147 = 1001 0011 -> 0100 0001 0000 0101 | ||||
| 	0x4110,	//	148 = 1001 0100 -> 0100 0001 0001 0000 | ||||
| 	0x4111,	//	149 = 1001 0101 -> 0100 0001 0001 0001 | ||||
| 	0x4114,	//	150 = 1001 0110 -> 0100 0001 0001 0100 | ||||
| 	0x4115,	//	151 = 1001 0111 -> 0100 0001 0001 0101 | ||||
| 	0x4140,	//	152 = 1001 1000 -> 0100 0001 0100 0000 | ||||
| 	0x4141,	//	153 = 1001 1001 -> 0100 0001 0100 0001 | ||||
| 	0x4144,	//	154 = 1001 1010 -> 0100 0001 0100 0100 | ||||
| 	0x4145,	//	155 = 1001 1011 -> 0100 0001 0100 0101 | ||||
| 	0x4150,	//	156 = 1001 1100 -> 0100 0001 0101 0000 | ||||
| 	0x4151,	//	157 = 1001 1101 -> 0100 0001 0101 0001 | ||||
| 	0x4154,	//	158 = 1001 1110 -> 0100 0001 0101 0100 | ||||
| 	0x4155,	//	159 = 1001 1111 -> 0100 0001 0101 0101 | ||||
|  | ||||
| 	0x4400,	//	160 = 1010 0000 -> 0100 0100 0000 0000 | ||||
| 	0x4401,	//	161 = 1010 0001 -> 0100 0100 0000 0001 | ||||
| 	0x4404,	//	162 = 1010 0010 -> 0100 0100 0000 0100 | ||||
| 	0x4405,	//	163 = 1010 0011 -> 0100 0100 0000 0101 | ||||
| 	0x4410,	//	164 = 1010 0100 -> 0100 0100 0001 0000 | ||||
| 	0x4411,	//	165 = 1010 0101 -> 0100 0100 0001 0001 | ||||
| 	0x4414,	//	166 = 1010 0110 -> 0100 0100 0001 0100 | ||||
| 	0x4415,	//	167 = 1010 0111 -> 0100 0100 0001 0101 | ||||
| 	0x4440,	//	168 = 1010 1000 -> 0100 0100 0100 0000 | ||||
| 	0x4441,	//	169 = 1010 1001 -> 0100 0100 0100 0001 | ||||
| 	0x4444,	//	170 = 1010 1010 -> 0100 0100 0100 0100 | ||||
| 	0x4445,	//	171 = 1010 1011 -> 0100 0100 0100 0101 | ||||
| 	0x4450,	//	172 = 1010 1100 -> 0100 0100 0101 0000 | ||||
| 	0x4451,	//	173 = 1010 1101 -> 0100 0100 0101 0001 | ||||
| 	0x4454,	//	174 = 1010 1110 -> 0100 0100 0101 0100 | ||||
| 	0x4455,	//	175 = 1010 1111 -> 0100 0100 0101 0101 | ||||
|  | ||||
| 	0x4500,	//	176 = 1011 0000 -> 0100 0101 0000 0000 | ||||
| 	0x4501,	//	177 = 1011 0001 -> 0100 0101 0000 0001 | ||||
| 	0x4504,	//	178 = 1011 0010 -> 0100 0101 0000 0100 | ||||
| 	0x4505,	//	179 = 1011 0011 -> 0100 0101 0000 0101 | ||||
| 	0x4510,	//	180 = 1011 0100 -> 0100 0101 0001 0000 | ||||
| 	0x4511,	//	181 = 1011 0101 -> 0100 0101 0001 0001 | ||||
| 	0x4514,	//	182 = 1011 0110 -> 0100 0101 0001 0100 | ||||
| 	0x4515,	//	183 = 1011 0111 -> 0100 0101 0001 0101 | ||||
| 	0x4540,	//	184 = 1011 1000 -> 0100 0101 0100 0000 | ||||
| 	0x4541,	//	185 = 1011 1001 -> 0100 0101 0100 0001 | ||||
| 	0x4544,	//	186 = 1011 1010 -> 0100 0101 0100 0100 | ||||
| 	0x4545,	//	187 = 1011 1011 -> 0100 0101 0100 0101 | ||||
| 	0x4550,	//	188 = 1011 1100 -> 0100 0101 0101 0000 | ||||
| 	0x4551,	//	189 = 1011 1101 -> 0100 0101 0101 0001 | ||||
| 	0x4554,	//	190 = 1011 1110 -> 0100 0101 0101 0100 | ||||
| 	0x4555,	//	191 = 1011 1111 -> 0100 0101 0101 0101 | ||||
|  | ||||
| 	0x5000,	//	192 = 1100 0000 -> 0101 0000 0000 0000 | ||||
| 	0x5001,	//	193 = 1100 0001 -> 0101 0000 0000 0001 | ||||
| 	0x5004,	//	194 = 1100 0010 -> 0101 0000 0000 0100 | ||||
| 	0x5005,	//	195 = 1100 0011 -> 0101 0000 0000 0101 | ||||
| 	0x5010,	//	196 = 1100 0100 -> 0101 0000 0001 0000 | ||||
| 	0x5011,	//	197 = 1100 0101 -> 0101 0000 0001 0001 | ||||
| 	0x5014,	//	198 = 1100 0110 -> 0101 0000 0001 0100 | ||||
| 	0x5015,	//	199 = 1100 0111 -> 0101 0000 0001 0101 | ||||
| 	0x5040,	//	200 = 1100 1000 -> 0101 0000 0100 0000 | ||||
| 	0x5041,	//	201 = 1100 1001 -> 0101 0000 0100 0001 | ||||
| 	0x5044,	//	202 = 1100 1010 -> 0101 0000 0100 0100 | ||||
| 	0x5045,	//	203 = 1100 1011 -> 0101 0000 0100 0101 | ||||
| 	0x5050,	//	204 = 1100 1100 -> 0101 0000 0101 0000 | ||||
| 	0x5051,	//	205 = 1100 1101 -> 0101 0000 0101 0001 | ||||
| 	0x5054,	//	206 = 1100 1110 -> 0101 0000 0101 0100 | ||||
| 	0x5055,	//	207 = 1100 1111 -> 0101 0000 0101 0101 | ||||
|  | ||||
| 	0x5100,	//	208 = 1101 0000 -> 0101 0001 0000 0000 | ||||
| 	0x5101,	//	209 = 1101 0001 -> 0101 0001 0000 0001 | ||||
| 	0x5104,	//	210 = 1101 0010 -> 0101 0001 0000 0100 | ||||
| 	0x5105,	//	211 = 1101 0011 -> 0101 0001 0000 0101 | ||||
| 	0x5110,	//	212 = 1101 0100 -> 0101 0001 0001 0000 | ||||
| 	0x5111,	//	213 = 1101 0101 -> 0101 0001 0001 0001 | ||||
| 	0x5114,	//	214 = 1101 0110 -> 0101 0001 0001 0100 | ||||
| 	0x5115,	//	215 = 1101 0111 -> 0101 0001 0001 0101 | ||||
| 	0x5140,	//	216 = 1101 1000 -> 0101 0001 0100 0000 | ||||
| 	0x5141,	//	217 = 1101 1001 -> 0101 0001 0100 0001 | ||||
| 	0x5144,	//	218 = 1101 1010 -> 0101 0001 0100 0100 | ||||
| 	0x5145,	//	219 = 1101 1011 -> 0101 0001 0100 0101 | ||||
| 	0x5150,	//	220 = 1101 1100 -> 0101 0001 0101 0000 | ||||
| 	0x5151,	//	221 = 1101 1101 -> 0101 0001 0101 0001 | ||||
| 	0x5154,	//	222 = 1101 1110 -> 0101 0001 0101 0100 | ||||
| 	0x5155,	//	223 = 1101 1111 -> 0101 0001 0101 0101 | ||||
|  | ||||
| 	0x5400,	//	224 = 1110 0000 -> 0101 0100 0000 0000 | ||||
| 	0x5401,	//	225 = 1110 0001 -> 0101 0100 0000 0001 | ||||
| 	0x5404,	//	226 = 1110 0010 -> 0101 0100 0000 0100 | ||||
| 	0x5405,	//	227 = 1110 0011 -> 0101 0100 0000 0101 | ||||
| 	0x5410,	//	228 = 1110 0100 -> 0101 0100 0001 0000 | ||||
| 	0x5411,	//	229 = 1110 0101 -> 0101 0100 0001 0001 | ||||
| 	0x5414,	//	230 = 1110 0110 -> 0101 0100 0001 0100 | ||||
| 	0x5415,	//	231 = 1110 0111 -> 0101 0100 0001 0101 | ||||
| 	0x5440,	//	232 = 1110 1000 -> 0101 0100 0100 0000 | ||||
| 	0x5441,	//	233 = 1110 1001 -> 0101 0100 0100 0001 | ||||
| 	0x5444,	//	234 = 1110 1010 -> 0101 0100 0100 0100 | ||||
| 	0x5445,	//	235 = 1110 1011 -> 0101 0100 0100 0101 | ||||
| 	0x5450,	//	236 = 1110 1100 -> 0101 0100 0101 0000 | ||||
| 	0x5451,	//	237 = 1110 1101 -> 0101 0100 0101 0001 | ||||
| 	0x5454,	//	238 = 1110 1110 -> 0101 0100 0101 0100 | ||||
| 	0x5455,	//	239 = 1110 1111 -> 0101 0100 0101 0101 | ||||
|  | ||||
| 	0x5500,	//	240 = 1111 0000 -> 0101 0101 0000 0000 | ||||
| 	0x5501,	//	241 = 1111 0001 -> 0101 0101 0000 0001 | ||||
| 	0x5504,	//	242 = 1111 0010 -> 0101 0101 0000 0100 | ||||
| 	0x5505,	//	243 = 1111 0011 -> 0101 0101 0000 0101 | ||||
| 	0x5510,	//	244 = 1111 0100 -> 0101 0101 0001 0000 | ||||
| 	0x5511,	//	245 = 1111 0101 -> 0101 0101 0001 0001 | ||||
| 	0x5514,	//	246 = 1111 0110 -> 0101 0101 0001 0100 | ||||
| 	0x5515,	//	247 = 1111 0111 -> 0101 0101 0001 0101 | ||||
| 	0x5540,	//	248 = 1111 1000 -> 0101 0101 0100 0000 | ||||
| 	0x5541,	//	249 = 1111 1001 -> 0101 0101 0100 0001 | ||||
| 	0x5544,	//	250 = 1111 1010 -> 0101 0101 0100 0100 | ||||
| 	0x5545,	//	251 = 1111 1011 -> 0101 0101 0100 0101 | ||||
| 	0x5550,	//	252 = 1111 1100 -> 0101 0101 0101 0000 | ||||
| 	0x5551,	//	253 = 1111 1101 -> 0101 0101 0101 0001 | ||||
| 	0x5554,	//	254 = 1111 1110 -> 0101 0101 0101 0100 | ||||
| 	0x5555	//	255 = 1111 1111 -> 0101 0101 0101 0101 | ||||
| 	 | ||||
| ] | ||||
							
								
								
									
										62
									
								
								frontend/delta/js/Clipperz/Crypto/ECC/BinaryField/Point.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										62
									
								
								frontend/delta/js/Clipperz/Crypto/ECC/BinaryField/Point.js
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,62 @@ | ||||
| /* | ||||
|  | ||||
| Copyright 2008-2013 Clipperz Srl | ||||
|  | ||||
| This file is part of Clipperz, the online password manager. | ||||
| For further information about its features and functionalities please | ||||
| refer to http://www.clipperz.com. | ||||
|  | ||||
| * Clipperz is free software: you can redistribute it and/or modify it | ||||
|   under the terms of the GNU Affero General Public License as published | ||||
|   by the Free Software Foundation, either version 3 of the License, or  | ||||
|   (at your option) any later version. | ||||
|  | ||||
| * Clipperz is distributed in the hope that it will be useful, but  | ||||
|   WITHOUT ANY WARRANTY; without even the implied warranty of  | ||||
|   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||||
|   See the GNU Affero General Public License for more details. | ||||
|  | ||||
| * You should have received a copy of the GNU Affero General Public | ||||
|   License along with Clipperz. If not, see http://www.gnu.org/licenses/. | ||||
|  | ||||
| */ | ||||
|  | ||||
| //try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | ||||
| //	throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; | ||||
| //}   | ||||
| if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } | ||||
| if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.Point = function(args) { | ||||
| 	args = args || {}; | ||||
| 	this._x = args.x; | ||||
| 	this._y = args.y; | ||||
| 	 | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.Point.prototype = MochiKit.Base.update(null, { | ||||
|  | ||||
| 	'asString': function() { | ||||
| 		return "Clipperz.Crypto.ECC.BinaryField.Point (" + this.x() + ", " + this.y() + ")"; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'x': function() { | ||||
| 		return this._x; | ||||
| 	}, | ||||
| 	 | ||||
| 	'y': function() { | ||||
| 		return this._y; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'isZero': function() { | ||||
| 		return (this.x().isZero() && this.y().isZero()) | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
							
								
								
									
										379
									
								
								frontend/delta/js/Clipperz/Crypto/ECC/BinaryField/Value.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										379
									
								
								frontend/delta/js/Clipperz/Crypto/ECC/BinaryField/Value.js
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,379 @@ | ||||
| /* | ||||
|  | ||||
| Copyright 2008-2013 Clipperz Srl | ||||
|  | ||||
| This file is part of Clipperz, the online password manager. | ||||
| For further information about its features and functionalities please | ||||
| refer to http://www.clipperz.com. | ||||
|  | ||||
| * Clipperz is free software: you can redistribute it and/or modify it | ||||
|   under the terms of the GNU Affero General Public License as published | ||||
|   by the Free Software Foundation, either version 3 of the License, or  | ||||
|   (at your option) any later version. | ||||
|  | ||||
| * Clipperz is distributed in the hope that it will be useful, but  | ||||
|   WITHOUT ANY WARRANTY; without even the implied warranty of  | ||||
|   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||||
|   See the GNU Affero General Public License for more details. | ||||
|  | ||||
| * You should have received a copy of the GNU Affero General Public | ||||
|   License along with Clipperz. If not, see http://www.gnu.org/licenses/. | ||||
|  | ||||
| */ | ||||
|  | ||||
| //try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | ||||
| //	throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!"; | ||||
| //}   | ||||
| if (typeof(Clipperz) == 'undefined') { Clipperz = {}; } | ||||
| if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } | ||||
| if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; } | ||||
| if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; } | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.Value = function(aValue, aBase, aBitSize) { | ||||
| 	if (aValue.constructor == String) { | ||||
| 		var	value; | ||||
| 		var	stringLength; | ||||
| 		var numberOfWords; | ||||
| 		var	i,c; | ||||
| 	 | ||||
| 		if (aBase != 16) { | ||||
| 			throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase; | ||||
| 		} | ||||
|  | ||||
| 		value = aValue.replace(/ /g, ''); | ||||
| 		stringLength = value.length; | ||||
| 		numberOfWords = Math.ceil(stringLength / 8); | ||||
| 		this._value = new Array(numberOfWords); | ||||
| 	 | ||||
| 		c = numberOfWords; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			var	word; | ||||
| 		 | ||||
| 			if (i < (c-1)) { | ||||
| 				word = parseInt(value.substr(stringLength-((i+1)*8), 8), 16); | ||||
| 			} else { | ||||
| 				word = parseInt(value.substr(0, stringLength-(i*8)), 16); | ||||
| 			} | ||||
| 			 | ||||
| 			this._value[i] = word; | ||||
| 		} | ||||
| 	} else if (aValue.constructor == Array) { | ||||
| 		var itemsToCopy; | ||||
|  | ||||
| 		itemsToCopy = aValue.length; | ||||
| 		while (aValue[itemsToCopy - 1] == 0) { | ||||
| 			itemsToCopy --; | ||||
| 		} | ||||
|  | ||||
| 		this._value = aValue.slice(0, itemsToCopy); | ||||
| 	} else if (aValue.constructor == Number) { | ||||
| 		this._value = [aValue]; | ||||
| 	} else { | ||||
| //		throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType; | ||||
| 	} | ||||
| 	 | ||||
| 	this._bitSize == aBitSize || null; | ||||
|  | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.Value.prototype = MochiKit.Base.update(null, { | ||||
|  | ||||
| 	'value': function() { | ||||
| 		return this._value; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	 | ||||
| 	'wordSize': function() { | ||||
| 		return this._value.length | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'clone': function() { | ||||
| 		return new Clipperz.Crypto.ECC.BinaryField.Value(this._value.slice(0), null, this._bitSize); | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'isZero': function() { | ||||
| 		return (this.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) == 0); | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'asString': function(aBase) { | ||||
| 		var	result; | ||||
| 		var i,c; | ||||
| 		 | ||||
| 		if (aBase != 16) { | ||||
| 			throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase; | ||||
| 		} | ||||
| 		 | ||||
| 		result = ""; | ||||
| 		c = this.wordSize(); | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			var	wordAsString; | ||||
| 			 | ||||
| //			wordAsString = ("00000000" + this.value()[i].toString(16)); | ||||
| 			wordAsString = ("00000000" + this._value[i].toString(16)); | ||||
| 			wordAsString = wordAsString.substring(wordAsString.length - 8); | ||||
| 			result = wordAsString + result; | ||||
| 		} | ||||
| 		 | ||||
| 		result = result.replace(/^(00)*/, ""); | ||||
| 		 | ||||
| 		if (result == "") { | ||||
| 			result = "0"; | ||||
| 		} | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'shiftLeft': function(aNumberOfBitsToShift) { | ||||
| 		//	this method seems like it is never called. :-( | ||||
| 		return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this._value, aNumberOfBitsToShift)); | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'bitSize': function() { | ||||
| 		if (this._bitSize == null) { | ||||
| 			this._bitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(this._value); | ||||
| 		} | ||||
|  | ||||
| 		return this._bitSize; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'isBitSet': function(aBitPosition) { | ||||
| 		return Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(this._value, aBitPosition); | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'xor': function(aValue) { | ||||
| 		return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._xor(this._value, aValue._value)); | ||||
| 	},  | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'compare': function(aValue) { | ||||
| 		return Clipperz.Crypto.ECC.BinaryField.Value._compare(this._value, aValue._value); | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.Value.O = new Clipperz.Crypto.ECC.BinaryField.Value('0', 16); | ||||
| Clipperz.Crypto.ECC.BinaryField.Value.I = new Clipperz.Crypto.ECC.BinaryField.Value('1', 16); | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.Value._xor = function(a, b, aFirstItemOffset) { | ||||
| 	var result; | ||||
| 	var resultSize; | ||||
| 	var i,c; | ||||
| 	var firstItemOffset; | ||||
| 	 | ||||
| 	firstItemOffset = aFirstItemOffset || 0; | ||||
| 	resultSize = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset; | ||||
|  | ||||
| 	result = new Array(resultSize); | ||||
| 	 | ||||
| 	c = firstItemOffset; | ||||
| 	for (i=0; i<c; i++) { | ||||
| 		result[i] = a[i]; | ||||
| 	} | ||||
|  | ||||
| 	c = resultSize; | ||||
| 	for (i=firstItemOffset; i<c; i++) { | ||||
| 		result[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0); | ||||
| 	} | ||||
| 	 | ||||
| 	return result; | ||||
| }; | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor = function(a, b, aFirstItemOffset) { | ||||
| 	var i,c; | ||||
| 	var firstItemOffset; | ||||
| 	 | ||||
| 	firstItemOffset = aFirstItemOffset || 0; | ||||
|  | ||||
| 	c = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset; | ||||
| 	for (i=firstItemOffset; i<c; i++) { | ||||
| 		a[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0); | ||||
| 	} | ||||
| }; | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft = function(aWordArray, aNumberOfBitsToShift) { | ||||
| 	var numberOfWordsToShift; | ||||
| 	var	numberOfBitsToShift; | ||||
| 	var result; | ||||
| 	var	overflowValue; | ||||
| 	var nextOverflowValue; | ||||
| 	var	i,c; | ||||
|  | ||||
| 	numberOfWordsToShift = Math.floor(aNumberOfBitsToShift / 32); | ||||
| 	numberOfBitsToShift = aNumberOfBitsToShift % 32; | ||||
|  | ||||
| 	result = new Array(aWordArray.length + numberOfWordsToShift); | ||||
| 	 | ||||
| 	c = numberOfWordsToShift; | ||||
| 	for (i=0; i<c; i++) { | ||||
| 		result[i] = 0; | ||||
| 	} | ||||
| 	 | ||||
| 	overflowValue = 0; | ||||
| 	nextOverflowValue = 0; | ||||
| 	 | ||||
| 	c = aWordArray.length; | ||||
| 	for (i=0; i<c; i++) { | ||||
| 		var	value; | ||||
| 		var	resultWord; | ||||
|  | ||||
| //		value = this.value()[i]; | ||||
| 		value = aWordArray[i]; | ||||
|  | ||||
| 		if (numberOfBitsToShift > 0) { | ||||
| 			nextOverflowValue = (value >>> (32 - numberOfBitsToShift)); | ||||
| 			value = value & (0xffffffff >>> numberOfBitsToShift); | ||||
| 			resultWord = (((value << numberOfBitsToShift) | overflowValue) >>> 0); | ||||
| 		} else { | ||||
| 			resultWord = value; | ||||
| 		} | ||||
| 		 | ||||
| 		result[i+numberOfWordsToShift] = resultWord; | ||||
| 		overflowValue = nextOverflowValue; | ||||
| 	} | ||||
|  | ||||
| 	if (overflowValue != 0) { | ||||
| 		result[aWordArray.length + numberOfWordsToShift] = overflowValue; | ||||
| 	} | ||||
|  | ||||
| 	return result; | ||||
| }; | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft = function(aWordArray, aNumberOfBitsToShift) { | ||||
| 	var numberOfWordsToShift; | ||||
| 	var	numberOfBitsToShift; | ||||
| 	var result; | ||||
| 	var	overflowValue; | ||||
| 	var	i,c; | ||||
|  | ||||
| 	numberOfWordsToShift = Math.floor(aNumberOfBitsToShift / 32); | ||||
| 	numberOfBitsToShift = aNumberOfBitsToShift % 32; | ||||
|  | ||||
| 	result = new Array(aWordArray.length + numberOfWordsToShift); | ||||
| 	 | ||||
| 	c = numberOfWordsToShift; | ||||
| 	for (i=0; i<c; i++) { | ||||
| 		result[i] = 0; | ||||
| 	} | ||||
| 	 | ||||
| 	overflowValue = 0; | ||||
| 	nextOverflowValue = 0; | ||||
| 	 | ||||
| 	c = aWordArray.length; | ||||
| 	for (i=0; i<c; i++) { | ||||
| 		var	value; | ||||
| 		var	resultWord; | ||||
|  | ||||
| //		value = this.value()[i]; | ||||
| 		value = aWordArray[i]; | ||||
|  | ||||
| 		if (numberOfBitsToShift > 0) { | ||||
| 			var nextOverflowValue; | ||||
| 		 | ||||
| 			nextOverflowValue = (value >>> (32 - numberOfBitsToShift)); | ||||
| 			value = value & (0xffffffff >>> numberOfBitsToShift); | ||||
| 			resultWord = (((value << numberOfBitsToShift) | overflowValue) >>> 0); | ||||
| 		} else { | ||||
| 			resultWord = value; | ||||
| 		} | ||||
| 		 | ||||
| 		result[i+numberOfWordsToShift] = resultWord; | ||||
| 		overflowValue = nextOverflowValue; | ||||
| 	} | ||||
|  | ||||
| 	if (overflowValue != 0) { | ||||
| 		result[aWordArray.length + numberOfWordsToShift] = overflowValue; | ||||
| 	} | ||||
|  | ||||
| 	return result; | ||||
| }; | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.Value._bitSize = function(aWordArray) { | ||||
| 	var	result; | ||||
| 	var	notNullElements; | ||||
| 	var mostValuableWord; | ||||
| 	var matchingBitsInMostImportantWord; | ||||
| 	var mask; | ||||
| 	var i,c; | ||||
|  | ||||
| 	notNullElements = aWordArray.length; | ||||
| 	 | ||||
| 	if ((aWordArray.length == 1) && (aWordArray[0] == 0)) { | ||||
| 		result = 0; | ||||
| 	} else { | ||||
| 			notNullElements --; | ||||
| 		while((notNullElements > 0) && (aWordArray[notNullElements] == 0)) { | ||||
| 			notNullElements --; | ||||
| 		} | ||||
| 	 | ||||
| 		result = notNullElements * 32; | ||||
| 		mostValuableWord = aWordArray[notNullElements]; | ||||
|  | ||||
| 		matchingBits = 32; | ||||
| 		mask = 0x80000000; | ||||
| 	 | ||||
| 		while ((matchingBits > 0) && ((mostValuableWord & mask) == 0)) { | ||||
| 			matchingBits --; | ||||
| 			mask >>>= 1; | ||||
| 		} | ||||
| 	 | ||||
| 		result += matchingBits; | ||||
| 	} | ||||
| 	 | ||||
| 	return result; | ||||
| }; | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.Value._isBitSet = function(aWordArray, aBitPosition) { | ||||
| 	var result; | ||||
| 	var	byteIndex; | ||||
| 	var bitIndexInSelectedByte; | ||||
|  | ||||
| 	byteIndex = Math.floor(aBitPosition / 32); | ||||
| 	bitIndexInSelectedByte = aBitPosition % 32; | ||||
| 	 | ||||
| 	if (byteIndex <= aWordArray.length) { | ||||
| 		result = ((aWordArray[byteIndex] & (1 << bitIndexInSelectedByte)) != 0); | ||||
| 	} else { | ||||
| 		result = false; | ||||
| 	} | ||||
|  | ||||
| 	return result; | ||||
| }; | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.Value._compare = function(a,b) { | ||||
| 	var	result; | ||||
| 	var i,c; | ||||
| 	 | ||||
| 	result = MochiKit.Base.compare(a.length, b.length); | ||||
|  | ||||
| 	c = a.length; | ||||
| 	for (i=0; (i<c) && (result==0); i++) { | ||||
| 		result = MochiKit.Base.compare(a[c-i-1], b[c-i-1]); | ||||
| 	} | ||||
| 	 | ||||
| 	return result; | ||||
| }; | ||||
|  | ||||
|  | ||||
| Clipperz.Crypto.ECC.BinaryField.Value['exception']= { | ||||
| 	'UnsupportedBase':					new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase"), | ||||
| 	'UnsupportedConstructorValueType':	new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType") | ||||
| }; | ||||
							
								
								
									
										229
									
								
								frontend/delta/js/Clipperz/Crypto/ECC/StandardCurves.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										229
									
								
								frontend/delta/js/Clipperz/Crypto/ECC/StandardCurves.js
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,229 @@ | ||||
| /* | ||||
|  | ||||
| Copyright 2008-2013 Clipperz Srl | ||||
|  | ||||
| This file is part of Clipperz, the online password manager. | ||||
| For further information about its features and functionalities please | ||||
| refer to http://www.clipperz.com. | ||||
|  | ||||
| * Clipperz is free software: you can redistribute it and/or modify it | ||||
|   under the terms of the GNU Affero General Public License as published | ||||
|   by the Free Software Foundation, either version 3 of the License, or  | ||||
|   (at your option) any later version. | ||||
|  | ||||
| * Clipperz is distributed in the hope that it will be useful, but  | ||||
|   WITHOUT ANY WARRANTY; without even the implied warranty of  | ||||
|   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||||
|   See the GNU Affero General Public License for more details. | ||||
|  | ||||
| * You should have received a copy of the GNU Affero General Public | ||||
|   License along with Clipperz. If not, see http://www.gnu.org/licenses/. | ||||
|  | ||||
| */ | ||||
|  | ||||
| //try { if (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) == 'undefined') { throw ""; }} catch (e) { | ||||
| //	throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.BinaryField.Curve!"; | ||||
| //} | ||||
| //try { if (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) == 'undefined') { throw ""; }} catch (e) { | ||||
| //	throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.Koblitz.Curve!"; | ||||
| //} | ||||
|  | ||||
| Clipperz.Crypto.ECC.StandardCurves = {}; | ||||
|  | ||||
| MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, { | ||||
|  | ||||
| 	//============================================================================== | ||||
|  | ||||
| 	'_K571': null, | ||||
| 	'K571': function() {	//	f(z) = z^571 + z^10 + z^5 + z^2 + 1 | ||||
| 		if ((Clipperz.Crypto.ECC.StandardCurves._K571 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) { | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.Koblitz.Curve({ | ||||
| 				modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16), | ||||
| 				a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16), | ||||
| 				b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16), | ||||
| 				G: new Clipperz.Crypto.ECC.Koblitz.Point({ | ||||
| 					x: new Clipperz.Crypto.ECC.Koblitz.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16), | ||||
| 					y: new Clipperz.Crypto.ECC.Koblitz.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16) | ||||
| 				}), | ||||
| 				r: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16), | ||||
| 				h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16), | ||||
| 				primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16) | ||||
| 			}); | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.ECC.StandardCurves._K571; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'_K283': null, | ||||
| 	'K283': function() {	//	f(z) = z^283 + z^12 + z^7 + z^5 + 1 | ||||
| 		if ((Clipperz.Crypto.ECC.StandardCurves._K283 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) { | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.Koblitz.Curve({ | ||||
| 				modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), | ||||
| 				a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16), | ||||
| 				b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16), | ||||
| 				G: new Clipperz.Crypto.ECC.Koblitz.Point({ | ||||
| 					x: new Clipperz.Crypto.ECC.Koblitz.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16), | ||||
| 					y: new Clipperz.Crypto.ECC.Koblitz.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16) | ||||
| 				}), | ||||
| 				r: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16), | ||||
| 				h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16), | ||||
| 				primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16) | ||||
| 			}); | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.ECC.StandardCurves._K283; | ||||
| 	}, | ||||
|  | ||||
| 	//============================================================================== | ||||
|  | ||||
| 	'_B571': null, | ||||
| 	'B571': function() {	//	f(z) = z^571 + z^10 + z^5 + z^2 + 1 | ||||
| 		if ((Clipperz.Crypto.ECC.StandardCurves._B571 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) { | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({ | ||||
| 				modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16), | ||||
| 				a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), | ||||
| 				b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e 2221f295 de297117 b7f3d62f 5c6a97ff cb8ceff1 cd6ba8ce 4a9a18ad 84ffabbd 8efa5933 2be7ad67 56a66e29 4afd185a 78ff12aa 520e4de7 39baca0c 7ffeff7f 2955727a', 16), | ||||
| 				G: new Clipperz.Crypto.ECC.BinaryField.Point({ | ||||
| 					x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16), | ||||
| 					y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16) | ||||
| 				}), | ||||
| 				r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16), | ||||
| 				h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) | ||||
|  | ||||
| //				S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10), | ||||
| //				n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16) | ||||
| 			}); | ||||
| 			 | ||||
| 			//----------------------------------------------------------------------------- | ||||
| 			// | ||||
| 			//	Guide to Elliptic Curve Cryptography | ||||
| 			//	Darrel Hankerson, Alfred Menezes, Scott Vanstone | ||||
| 			//	- Pag: 56, Alorithm 2.45 (with a typo!!!) | ||||
| 			//	 | ||||
| 			//----------------------------------------------------------------------------- | ||||
| 			// | ||||
| 			//		http://www.milw0rm.com/papers/136 | ||||
| 			// | ||||
| 			//		------------------------------------------------------------------------- | ||||
| 			//		  Polynomial Reduction Algorithm Modulo f571  | ||||
| 			//		------------------------------------------------------------------------- | ||||
| 			//		 | ||||
| 			//		  Input:  Polynomial p(x) of degree 1140 or less, stored as  | ||||
| 			//		          an array of 2T machinewords. | ||||
| 			//		  Output: p(x) mod f571(x) | ||||
| 			//		 | ||||
| 			//		  FOR i = T-1, ..., 0 DO | ||||
| 			//		      SET X  := P[i+T] | ||||
| 			//		      P[i]   := P[i]   ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15) | ||||
| 			//		      P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27) | ||||
| 			//		 | ||||
| 			//		  SET X  := P[T-1] >> 27 | ||||
| 			//		  P[0]   := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10) | ||||
| 			//		  P[T-1] := P[T-1] & 0x07ffffff | ||||
| 			//		 | ||||
| 			//		  RETURN P[T-1],...,P[0] | ||||
| 			//		 | ||||
| 			//		------------------------------------------------------------------------- | ||||
| 			//		 | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module; | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) { | ||||
| 				var	result; | ||||
| 				 | ||||
| 				if (aValue.bitSize() > 1140) { | ||||
| 					Clipperz.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation"); | ||||
| 					result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue); | ||||
| 				} else { | ||||
| 					var	C, T; | ||||
| 					var i; | ||||
| 		 | ||||
| 					C = aValue._value.slice(0); | ||||
| 					for (i=35; i>=18; i--) { | ||||
| 						T = C[i]; | ||||
| 						C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0); | ||||
| 						C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0); | ||||
| 					} | ||||
| 					T = (C[17] >>> 27); | ||||
| 					C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0); | ||||
| 					C[17] = (C[17] & 0x07ffffff); | ||||
|  | ||||
| 					for(i=18; i<=35; i++) { | ||||
| 						C[i] = 0; | ||||
| 					} | ||||
| 				 | ||||
| 					result = new Clipperz.Crypto.ECC.BinaryField.Value(C); | ||||
| 				} | ||||
| 			 | ||||
| 				return result; | ||||
| 			}; | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.ECC.StandardCurves._B571; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'_B283': null, | ||||
| 	'B283': function() {	//	f(z) = z^283 + z^12 + z^7 + z^5 + 1 | ||||
| 		if ((Clipperz.Crypto.ECC.StandardCurves._B283 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) { | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({ | ||||
| 				modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16), | ||||
| 				a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16), | ||||
| 				b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16), | ||||
| 				G: new Clipperz.Crypto.ECC.BinaryField.Point({ | ||||
| 					x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16), | ||||
| 					y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16) | ||||
| 				}), | ||||
| 				r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16), | ||||
| 				h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16) | ||||
| 			}); | ||||
| 			 | ||||
| 			//----------------------------------------------------------------------------- | ||||
| 			// | ||||
| 			//	Guide to Elliptic Curve Cryptography | ||||
| 			//	Darrel Hankerson, Alfred Menezes, Scott Vanstone | ||||
| 			//	- Pag: 56, Alorithm 2.43 | ||||
| 			//	 | ||||
| 			//----------------------------------------------------------------------------- | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module; | ||||
| 			Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) { | ||||
| 				var	result; | ||||
|  | ||||
| 				if (aValue.bitSize() > 564) { | ||||
| 					Clipperz.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation"); | ||||
| 					result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue); | ||||
| 				} else { | ||||
| 					var	C, T; | ||||
| 					var i; | ||||
| 					 | ||||
| 					C = aValue._value.slice(0); | ||||
| 					for (i=17; i>=9; i--) { | ||||
| 						T = C[i]; | ||||
| 						C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0); | ||||
| 						C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0); | ||||
| 					} | ||||
| 					T = (C[8] >>> 27); | ||||
| 					C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0); | ||||
| 					C[8] = (C[8] & 0x07ffffff); | ||||
|  | ||||
| 					for(i=9; i<=17; i++) { | ||||
| 						C[i] = 0; | ||||
| 					} | ||||
| 				 | ||||
| 					result = new Clipperz.Crypto.ECC.BinaryField.Value(C); | ||||
| 				} | ||||
| 				 | ||||
| 				return result; | ||||
| 			}; | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.ECC.StandardCurves._B283; | ||||
| 	}, | ||||
|  | ||||
| 	//============================================================================== | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
|  | ||||
|  | ||||
							
								
								
									
										841
									
								
								frontend/delta/js/Clipperz/Crypto/PRNG.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										841
									
								
								frontend/delta/js/Clipperz/Crypto/PRNG.js
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,841 @@ | ||||
| /* | ||||
|  | ||||
| Copyright 2008-2013 Clipperz Srl | ||||
|  | ||||
| This file is part of Clipperz, the online password manager. | ||||
| For further information about its features and functionalities please | ||||
| refer to http://www.clipperz.com. | ||||
|  | ||||
| * Clipperz is free software: you can redistribute it and/or modify it | ||||
|   under the terms of the GNU Affero General Public License as published | ||||
|   by the Free Software Foundation, either version 3 of the License, or  | ||||
|   (at your option) any later version. | ||||
|  | ||||
| * Clipperz is distributed in the hope that it will be useful, but  | ||||
|   WITHOUT ANY WARRANTY; without even the implied warranty of  | ||||
|   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||||
|   See the GNU Affero General Public License for more details. | ||||
|  | ||||
| * You should have received a copy of the GNU Affero General Public | ||||
|   License along with Clipperz. If not, see http://www.gnu.org/licenses/. | ||||
|  | ||||
| */ | ||||
|  | ||||
| try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | ||||
| 	throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!"; | ||||
| }   | ||||
|  | ||||
| try { if (typeof(Clipperz.Crypto.SHA) == 'undefined') { throw ""; }} catch (e) { | ||||
| 	throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.SHA!"; | ||||
| }   | ||||
|  | ||||
| try { if (typeof(Clipperz.Crypto.AES) == 'undefined') { throw ""; }} catch (e) { | ||||
| 	throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.AES!"; | ||||
| }   | ||||
|  | ||||
| if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { Clipperz.Crypto.PRNG = {}; } | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| Clipperz.Crypto.PRNG.EntropyAccumulator = function(args) { | ||||
| 	args = args || {}; | ||||
| //	MochiKit.Base.bindMethods(this); | ||||
|  | ||||
| 	this._stack = new Clipperz.ByteArray(); | ||||
| 	this._maxStackLengthBeforeHashing = args.maxStackLengthBeforeHashing || 256; | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.PRNG.EntropyAccumulator.prototype = MochiKit.Base.update(null, { | ||||
|  | ||||
| 	'toString': function() { | ||||
| 		return "Clipperz.Crypto.PRNG.EntropyAccumulator"; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'stack': function() { | ||||
| 		return this._stack; | ||||
| 	}, | ||||
| 	 | ||||
| 	'setStack': function(aValue) { | ||||
| 		this._stack = aValue; | ||||
| 	}, | ||||
|  | ||||
| 	'resetStack': function() { | ||||
| 		this.stack().reset(); | ||||
| 	}, | ||||
| 	 | ||||
| 	'maxStackLengthBeforeHashing': function() { | ||||
| 		return this._maxStackLengthBeforeHashing; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'addRandomByte': function(aValue) { | ||||
| 		this.stack().appendByte(aValue); | ||||
| 				 | ||||
| 		if (this.stack().length() > this.maxStackLengthBeforeHashing()) { | ||||
| 			this.setStack(Clipperz.Crypto.SHA.sha_d256(this.stack())); | ||||
| 		} | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| Clipperz.Crypto.PRNG.RandomnessSource = function(args) { | ||||
| 	args = args || {}; | ||||
| 	MochiKit.Base.bindMethods(this); | ||||
|  | ||||
| 	this._generator = args.generator || null; | ||||
| 	this._sourceId = args.sourceId || null; | ||||
| 	this._boostMode = args.boostMode || false; | ||||
| 	 | ||||
| 	this._nextPoolIndex = 0; | ||||
| 	 | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.PRNG.RandomnessSource.prototype = MochiKit.Base.update(null, { | ||||
|  | ||||
| 	'generator': function() { | ||||
| 		return this._generator; | ||||
| 	}, | ||||
|  | ||||
| 	'setGenerator': function(aValue) { | ||||
| 		this._generator = aValue; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'boostMode': function() { | ||||
| 		return this._boostMode; | ||||
| 	}, | ||||
| 	 | ||||
| 	'setBoostMode': function(aValue) { | ||||
| 		this._boostMode = aValue; | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
| 	 | ||||
| 	'sourceId': function() { | ||||
| 		return this._sourceId; | ||||
| 	}, | ||||
|  | ||||
| 	'setSourceId': function(aValue) { | ||||
| 		this._sourceId = aValue; | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'nextPoolIndex': function() { | ||||
| 		return this._nextPoolIndex; | ||||
| 	}, | ||||
| 	 | ||||
| 	'incrementNextPoolIndex': function() { | ||||
| 		this._nextPoolIndex = ((this._nextPoolIndex + 1) % this.generator().numberOfEntropyAccumulators()); | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'updateGeneratorWithValue': function(aRandomValue) { | ||||
| 		if (this.generator() != null) { | ||||
| 			this.generator().addRandomByte(this.sourceId(), this.nextPoolIndex(), aRandomValue); | ||||
| 			this.incrementNextPoolIndex(); | ||||
| 		} | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
| 	 | ||||
| Clipperz.Crypto.PRNG.TimeRandomnessSource = function(args) { | ||||
| 	args = args || {}; | ||||
| //	MochiKit.Base.bindMethods(this); | ||||
|  | ||||
| 	this._intervalTime = args.intervalTime || 1000; | ||||
| 	 | ||||
| 	Clipperz.Crypto.PRNG.RandomnessSource.call(this, args); | ||||
|  | ||||
| 	this.collectEntropy(); | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.PRNG.TimeRandomnessSource.prototype = MochiKit.Base.update(new Clipperz.Crypto.PRNG.RandomnessSource, { | ||||
|  | ||||
| 	'intervalTime': function() { | ||||
| 		return this._intervalTime; | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'collectEntropy': function() { | ||||
| 		var	now; | ||||
| 		var	entropyByte; | ||||
| 		var intervalTime; | ||||
| 		now = new Date(); | ||||
| 		entropyByte = (now.getTime() & 0xff); | ||||
| 		 | ||||
| 		intervalTime = this.intervalTime(); | ||||
| 		if (this.boostMode() == true) { | ||||
| 			intervalTime = intervalTime / 9; | ||||
| 		} | ||||
| 		 | ||||
| 		this.updateGeneratorWithValue(entropyByte); | ||||
| 		setTimeout(this.collectEntropy, intervalTime); | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'numberOfRandomBits': function() { | ||||
| 		return 5; | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'pollingFrequency': function() { | ||||
| 		return 10; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
| //***************************************************************************** | ||||
|  | ||||
| Clipperz.Crypto.PRNG.MouseRandomnessSource = function(args) { | ||||
| 	args = args || {}; | ||||
|  | ||||
| 	Clipperz.Crypto.PRNG.RandomnessSource.call(this, args); | ||||
|  | ||||
| 	this._numberOfBitsToCollectAtEachEvent = 4; | ||||
| 	this._randomBitsCollector = 0; | ||||
| 	this._numberOfRandomBitsCollected = 0; | ||||
| 	 | ||||
| 	MochiKit.Signal.connect(document, 'onmousemove', this, 'collectEntropy'); | ||||
|  | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.PRNG.MouseRandomnessSource.prototype = MochiKit.Base.update(new Clipperz.Crypto.PRNG.RandomnessSource, { | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'numberOfBitsToCollectAtEachEvent': function() { | ||||
| 		return this._numberOfBitsToCollectAtEachEvent; | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'randomBitsCollector': function() { | ||||
| 		return this._randomBitsCollector; | ||||
| 	}, | ||||
|  | ||||
| 	'setRandomBitsCollector': function(aValue) { | ||||
| 		this._randomBitsCollector = aValue; | ||||
| 	}, | ||||
|  | ||||
| 	'appendRandomBitsToRandomBitsCollector': function(aValue) { | ||||
| 		var collectedBits; | ||||
| 		var numberOfRandomBitsCollected; | ||||
| 		 | ||||
| 		numberOfRandomBitsCollected = this.numberOfRandomBitsCollected(); | ||||
| 		collectetBits = this.randomBitsCollector() | (aValue << numberOfRandomBitsCollected); | ||||
| 		this.setRandomBitsCollector(collectetBits); | ||||
| 		numberOfRandomBitsCollected += this.numberOfBitsToCollectAtEachEvent(); | ||||
| 		 | ||||
| 		if (numberOfRandomBitsCollected == 8) { | ||||
| 			this.updateGeneratorWithValue(collectetBits); | ||||
| 			numberOfRandomBitsCollected = 0; | ||||
| 			this.setRandomBitsCollector(0); | ||||
| 		} | ||||
| 		 | ||||
| 		this.setNumberOfRandomBitsCollected(numberOfRandomBitsCollected) | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'numberOfRandomBitsCollected': function() { | ||||
| 		return this._numberOfRandomBitsCollected; | ||||
| 	}, | ||||
|  | ||||
| 	'setNumberOfRandomBitsCollected': function(aValue) { | ||||
| 		this._numberOfRandomBitsCollected = aValue; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'collectEntropy': function(anEvent) { | ||||
| 		var mouseLocation; | ||||
| 		var randomBit; | ||||
| 		var mask; | ||||
| 		 | ||||
| 		mask = 0xffffffff >>> (32 - this.numberOfBitsToCollectAtEachEvent()); | ||||
| 		 | ||||
| 		mouseLocation = anEvent.mouse().client; | ||||
| 		randomBit = ((mouseLocation.x ^ mouseLocation.y) & mask); | ||||
| 		this.appendRandomBitsToRandomBitsCollector(randomBit) | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'numberOfRandomBits': function() { | ||||
| 		return 1; | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'pollingFrequency': function() { | ||||
| 		return 10; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
| //***************************************************************************** | ||||
|  | ||||
| Clipperz.Crypto.PRNG.KeyboardRandomnessSource = function(args) { | ||||
| 	args = args || {}; | ||||
| 	Clipperz.Crypto.PRNG.RandomnessSource.call(this, args); | ||||
|  | ||||
| 	this._randomBitsCollector = 0; | ||||
| 	this._numberOfRandomBitsCollected = 0; | ||||
| 	 | ||||
| 	MochiKit.Signal.connect(document, 'onkeypress', this, 'collectEntropy'); | ||||
|  | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.PRNG.KeyboardRandomnessSource.prototype = MochiKit.Base.update(new Clipperz.Crypto.PRNG.RandomnessSource, { | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'randomBitsCollector': function() { | ||||
| 		return this._randomBitsCollector; | ||||
| 	}, | ||||
|  | ||||
| 	'setRandomBitsCollector': function(aValue) { | ||||
| 		this._randomBitsCollector = aValue; | ||||
| 	}, | ||||
|  | ||||
| 	'appendRandomBitToRandomBitsCollector': function(aValue) { | ||||
| 		var collectedBits; | ||||
| 		var numberOfRandomBitsCollected; | ||||
| 		 | ||||
| 		numberOfRandomBitsCollected = this.numberOfRandomBitsCollected(); | ||||
| 		collectetBits = this.randomBitsCollector() | (aValue << numberOfRandomBitsCollected); | ||||
| 		this.setRandomBitsCollector(collectetBits); | ||||
| 		numberOfRandomBitsCollected ++; | ||||
| 		 | ||||
| 		if (numberOfRandomBitsCollected == 8) { | ||||
| 			this.updateGeneratorWithValue(collectetBits); | ||||
| 			numberOfRandomBitsCollected = 0; | ||||
| 			this.setRandomBitsCollector(0); | ||||
| 		} | ||||
| 		 | ||||
| 		this.setNumberOfRandomBitsCollected(numberOfRandomBitsCollected) | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'numberOfRandomBitsCollected': function() { | ||||
| 		return this._numberOfRandomBitsCollected; | ||||
| 	}, | ||||
|  | ||||
| 	'setNumberOfRandomBitsCollected': function(aValue) { | ||||
| 		this._numberOfRandomBitsCollected = aValue; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'collectEntropy': function(anEvent) { | ||||
| /* | ||||
| 		var mouseLocation; | ||||
| 		var randomBit; | ||||
| 		 | ||||
| 		mouseLocation = anEvent.mouse().client; | ||||
| 			 | ||||
| 		randomBit = ((mouseLocation.x ^ mouseLocation.y) & 0x1); | ||||
| 		this.appendRandomBitToRandomBitsCollector(randomBit); | ||||
| */ | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'numberOfRandomBits': function() { | ||||
| 		return 1; | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'pollingFrequency': function() { | ||||
| 		return 10; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| Clipperz.Crypto.PRNG.Fortuna = function(args) { | ||||
| 	var	i,c; | ||||
| 	 | ||||
| 	args = args || {}; | ||||
|  | ||||
| 	this._key = args.seed || null; | ||||
| 	if (this._key == null) { | ||||
| 		this._counter = 0; | ||||
| 		this._key = new Clipperz.ByteArray(); | ||||
| 	} else { | ||||
| 		this._counter = 1; | ||||
| 	} | ||||
| 	 | ||||
| 	this._aesKey = null; | ||||
| 	 | ||||
| 	this._firstPoolReseedLevel = args.firstPoolReseedLevel || 32 || 64; | ||||
| 	this._numberOfEntropyAccumulators = args.numberOfEntropyAccumulators || 32; | ||||
| 	 | ||||
| 	this._accumulators = []; | ||||
| 	c = this.numberOfEntropyAccumulators(); | ||||
| 	for (i=0; i<c; i++) { | ||||
| 		this._accumulators.push(new Clipperz.Crypto.PRNG.EntropyAccumulator()); | ||||
| 	} | ||||
|  | ||||
| 	this._randomnessSources = []; | ||||
| 	this._reseedCounter = 0; | ||||
| 	 | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.PRNG.Fortuna.prototype = MochiKit.Base.update(null, { | ||||
|  | ||||
| 	'toString': function() { | ||||
| 		return "Clipperz.Crypto.PRNG.Fortuna"; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'key': function() { | ||||
| 		return this._key; | ||||
| 	}, | ||||
|  | ||||
| 	'setKey': function(aValue) { | ||||
| 		this._key = aValue; | ||||
| 		this._aesKey = null; | ||||
| 	}, | ||||
| 	 | ||||
| 	'aesKey': function() { | ||||
| 		if (this._aesKey == null) { | ||||
| 			this._aesKey = new Clipperz.Crypto.AES.Key({key:this.key()}); | ||||
| 		} | ||||
| 		 | ||||
| 		return this._aesKey; | ||||
| 	}, | ||||
| 	 | ||||
| 	'accumulators': function() { | ||||
| 		return this._accumulators; | ||||
| 	}, | ||||
| 	 | ||||
| 	'firstPoolReseedLevel': function() { | ||||
| 		return this._firstPoolReseedLevel; | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'reseedCounter': function() { | ||||
| 		return this._reseedCounter; | ||||
| 	}, | ||||
|  | ||||
| 	'incrementReseedCounter': function() { | ||||
| 		this._reseedCounter = this._reseedCounter +1; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'reseed': function() { | ||||
| 		var	newKeySeed; | ||||
| 		var reseedCounter; | ||||
| 		var	reseedCounterMask; | ||||
| 		var i, c; | ||||
| 		 | ||||
| 		newKeySeed = this.key(); | ||||
| 		this.incrementReseedCounter(); | ||||
| 		reseedCounter = this.reseedCounter(); | ||||
| 		 | ||||
| 		c = this.numberOfEntropyAccumulators(); | ||||
| 		reseedCounterMask = 0xffffffff >>> (32 - c); | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			if ((i == 0) || ((reseedCounter & (reseedCounterMask >>> (c - i))) == 0)) { | ||||
| 				newKeySeed.appendBlock(this.accumulators()[i].stack()); | ||||
| 				this.accumulators()[i].resetStack(); | ||||
| 			}  | ||||
| 		} | ||||
| 		 | ||||
| 		if (reseedCounter == 1) { | ||||
| 			c = this.randomnessSources().length; | ||||
| 			for (i=0; i<c; i++) { | ||||
| 				this.randomnessSources()[i].setBoostMode(false); | ||||
| 			} | ||||
| 		} | ||||
| 		 | ||||
| 		this.setKey(Clipperz.Crypto.SHA.sha_d256(newKeySeed)); | ||||
| 		if (reseedCounter == 1) { | ||||
| Clipperz.log("### PRNG.readyToGenerateRandomBytes"); | ||||
| 			MochiKit.Signal.signal(this, 'readyToGenerateRandomBytes'); | ||||
| 		} | ||||
| 		MochiKit.Signal.signal(this, 'reseeded'); | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'isReadyToGenerateRandomValues': function() { | ||||
| 		return this.reseedCounter() != 0; | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'entropyLevel': function() { | ||||
| 		return this.accumulators()[0].stack().length() + (this.reseedCounter() * this.firstPoolReseedLevel()); | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'counter': function() { | ||||
| 		return this._counter; | ||||
| 	}, | ||||
| 	 | ||||
| 	'incrementCounter': function() { | ||||
| 		this._counter += 1; | ||||
| 	}, | ||||
| 	 | ||||
| 	'counterBlock': function() { | ||||
| 		var result; | ||||
|  | ||||
| 		result = new Clipperz.ByteArray().appendWords(this.counter(), 0, 0, 0); | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'getRandomBlock': function() { | ||||
| 		var result; | ||||
|  | ||||
| 		result = new Clipperz.ByteArray(Clipperz.Crypto.AES.encryptBlock(this.aesKey(), this.counterBlock().arrayValues())); | ||||
| 		this.incrementCounter(); | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'getRandomBytes': function(aSize) { | ||||
| 		var result; | ||||
|  | ||||
| 		if (this.isReadyToGenerateRandomValues()) { | ||||
| 			var i,c; | ||||
| 			var newKey; | ||||
| 			 | ||||
| 			result = new Clipperz.ByteArray(); | ||||
| 		 | ||||
| 			c = Math.ceil(aSize / (128 / 8)); | ||||
| 			for (i=0; i<c; i++) { | ||||
| 				result.appendBlock(this.getRandomBlock()); | ||||
| 			} | ||||
|  | ||||
| 			if (result.length() != aSize) { | ||||
| 				result = result.split(0, aSize); | ||||
| 			} | ||||
| 			 | ||||
| 			newKey = this.getRandomBlock().appendBlock(this.getRandomBlock()); | ||||
| 			this.setKey(newKey); | ||||
| 		} else { | ||||
| Clipperz.logWarning("Fortuna generator has not enough entropy, yet!"); | ||||
| 			throw Clipperz.Crypto.PRNG.exception.NotEnoughEntropy; | ||||
| 		} | ||||
|  | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'addRandomByte': function(aSourceId, aPoolId, aRandomValue) { | ||||
| 		var	selectedAccumulator; | ||||
|  | ||||
| 		selectedAccumulator = this.accumulators()[aPoolId]; | ||||
| 		selectedAccumulator.addRandomByte(aRandomValue); | ||||
|  | ||||
| 		if (aPoolId == 0) { | ||||
| 			MochiKit.Signal.signal(this, 'addedRandomByte') | ||||
| 			if (selectedAccumulator.stack().length() > this.firstPoolReseedLevel()) { | ||||
| 				this.reseed(); | ||||
| 			} | ||||
| 		} | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
| 	 | ||||
| 	'numberOfEntropyAccumulators': function() { | ||||
| 		return this._numberOfEntropyAccumulators; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'randomnessSources': function() { | ||||
| 		return this._randomnessSources; | ||||
| 	}, | ||||
| 	 | ||||
| 	'addRandomnessSource': function(aRandomnessSource) { | ||||
| 		aRandomnessSource.setGenerator(this); | ||||
| 		aRandomnessSource.setSourceId(this.randomnessSources().length); | ||||
| 		this.randomnessSources().push(aRandomnessSource); | ||||
| 		 | ||||
| 		if (this.isReadyToGenerateRandomValues() == false) { | ||||
| 			aRandomnessSource.setBoostMode(true); | ||||
| 		} | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'deferredEntropyCollection': function(aValue) { | ||||
| 		var result; | ||||
|  | ||||
|  | ||||
| 		if (this.isReadyToGenerateRandomValues()) { | ||||
| 			result = aValue; | ||||
| 		} else { | ||||
| 			var deferredResult; | ||||
|  | ||||
| 			deferredResult = new Clipperz.Async.Deferred("PRNG.deferredEntropyCollection"); | ||||
| 			deferredResult.addCallback(MochiKit.Base.partial(MochiKit.Async.succeed, aValue)); | ||||
| 			MochiKit.Signal.connect(this, | ||||
| 									'readyToGenerateRandomBytes', | ||||
| 									deferredResult, | ||||
| 									'callback'); | ||||
| 									 | ||||
| 			result = deferredResult; | ||||
| 		} | ||||
|  | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'fastEntropyAccumulationForTestingPurpose': function() { | ||||
| 		while (! this.isReadyToGenerateRandomValues()) { | ||||
| 			this.addRandomByte(Math.floor(Math.random() * 32), Math.floor(Math.random() * 32), Math.floor(Math.random() * 256)); | ||||
| 		} | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'dump': function(appendToDoc) { | ||||
| 		var tbl; | ||||
| 		var i,c; | ||||
| 		 | ||||
| 		tbl = document.createElement("table"); | ||||
| 		tbl.border = 0; | ||||
| 		with (tbl.style) { | ||||
| 			border = "1px solid lightgrey"; | ||||
| 			fontFamily = 'Helvetica, Arial, sans-serif'; | ||||
| 			fontSize = '8pt'; | ||||
| 			//borderCollapse = "collapse"; | ||||
| 		} | ||||
| 		var hdr = tbl.createTHead(); | ||||
| 		var hdrtr = hdr.insertRow(0); | ||||
| 		// document.createElement("tr"); | ||||
| 		{ | ||||
| 			var ntd; | ||||
| 			 | ||||
| 			ntd = hdrtr.insertCell(0); | ||||
| 			ntd.style.borderBottom = "1px solid lightgrey"; | ||||
| 			ntd.style.borderRight = "1px solid lightgrey"; | ||||
| 			ntd.appendChild(document.createTextNode("#")); | ||||
|  | ||||
| 			ntd = hdrtr.insertCell(1); | ||||
| 			ntd.style.borderBottom = "1px solid lightgrey"; | ||||
| 			ntd.style.borderRight = "1px solid lightgrey"; | ||||
| 			ntd.appendChild(document.createTextNode("s")); | ||||
|  | ||||
| 			ntd = hdrtr.insertCell(2); | ||||
| 			ntd.colSpan = this.firstPoolReseedLevel(); | ||||
| 			ntd.style.borderBottom = "1px solid lightgrey"; | ||||
| 			ntd.style.borderRight = "1px solid lightgrey"; | ||||
| 			ntd.appendChild(document.createTextNode("base values")); | ||||
| 			 | ||||
| 			ntd = hdrtr.insertCell(3); | ||||
| 			ntd.colSpan = 20; | ||||
| 			ntd.style.borderBottom = "1px solid lightgrey"; | ||||
| 			ntd.appendChild(document.createTextNode("extra values")); | ||||
|  | ||||
| 		} | ||||
|  | ||||
| 		c = this.accumulators().length; | ||||
| 		for (i=0; i<c ; i++) { | ||||
| 			var	currentAccumulator; | ||||
| 			var bdytr; | ||||
| 			var bdytd; | ||||
| 			var ii, cc; | ||||
|  | ||||
| 			currentAccumulator = this.accumulators()[i] | ||||
| 			 | ||||
| 			bdytr = tbl.insertRow(true); | ||||
| 			 | ||||
| 			bdytd = bdytr.insertCell(0); | ||||
| 			bdytd.style.borderRight = "1px solid lightgrey"; | ||||
| 			bdytd.style.color = "lightgrey"; | ||||
| 			bdytd.appendChild(document.createTextNode("" + i)); | ||||
|  | ||||
| 			bdytd = bdytr.insertCell(1); | ||||
| 			bdytd.style.borderRight = "1px solid lightgrey"; | ||||
| 			bdytd.style.color = "gray"; | ||||
| 			bdytd.appendChild(document.createTextNode("" + currentAccumulator.stack().length())); | ||||
|  | ||||
|  | ||||
| 			cc = Math.max(currentAccumulator.stack().length(), this.firstPoolReseedLevel()); | ||||
| 			for (ii=0; ii<cc; ii++) { | ||||
| 				var cellText; | ||||
| 				 | ||||
| 				bdytd = bdytr.insertCell(ii + 2); | ||||
| 				 | ||||
| 				if (ii < currentAccumulator.stack().length()) { | ||||
| 					cellText = Clipperz.ByteArray.byteToHex(currentAccumulator.stack().byteAtIndex(ii)); | ||||
| 				} else { | ||||
| 					cellText = "_"; | ||||
| 				} | ||||
| 				 | ||||
| 				if (ii == (this.firstPoolReseedLevel() - 1)) { | ||||
| 					bdytd.style.borderRight = "1px solid lightgrey"; | ||||
| 				} | ||||
| 				 | ||||
| 				bdytd.appendChild(document.createTextNode(cellText)); | ||||
| 			} | ||||
| 			 | ||||
| 		} | ||||
| 		 | ||||
|  | ||||
| 		if (appendToDoc) { | ||||
| 			var ne = document.createElement("div"); | ||||
| 			ne.id = "entropyGeneratorStatus"; | ||||
| 			with (ne.style) { | ||||
| 				fontFamily = "Courier New, monospace"; | ||||
| 				fontSize = "12px"; | ||||
| 				lineHeight = "16px"; | ||||
| 				borderTop = "1px solid black"; | ||||
| 				padding = "10px"; | ||||
| 			} | ||||
| 			if (document.getElementById(ne.id)) { | ||||
| 				MochiKit.DOM.swapDOM(ne.id, ne); | ||||
| 			} else { | ||||
| 				document.body.appendChild(ne); | ||||
| 			} | ||||
| 			ne.appendChild(tbl); | ||||
| 		} | ||||
|  | ||||
| 		return tbl; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| Clipperz.Crypto.PRNG.Random = function(args) { | ||||
| 	args = args || {}; | ||||
| //	MochiKit.Base.bindMethods(this); | ||||
|  | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.PRNG.Random.prototype = MochiKit.Base.update(null, { | ||||
|  | ||||
| 	'toString': function() { | ||||
| 		return "Clipperz.Crypto.PRNG.Random"; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'getRandomBytes': function(aSize) { | ||||
| //Clipperz.Profile.start("Clipperz.Crypto.PRNG.Random.getRandomBytes"); | ||||
| 		var	result; | ||||
| 		var i,c; | ||||
| 		 | ||||
| 		result = new Clipperz.ByteArray() | ||||
| 		c = aSize || 1; | ||||
| 		for (i=0; i<c; i++) { | ||||
| 			result.appendByte((Math.random()*255) & 0xff); | ||||
| 		} | ||||
| 		 | ||||
| //Clipperz.Profile.stop("Clipperz.Crypto.PRNG.Random.getRandomBytes"); | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| _clipperz_crypt_prng_defaultPRNG = null; | ||||
|  | ||||
| Clipperz.Crypto.PRNG.defaultRandomGenerator = function() { | ||||
| 	if (_clipperz_crypt_prng_defaultPRNG == null) { | ||||
| 		_clipperz_crypt_prng_defaultPRNG = new Clipperz.Crypto.PRNG.Fortuna(); | ||||
|  | ||||
| 		//............................................................. | ||||
| 		// | ||||
| 		//		TimeRandomnessSource | ||||
| 		// | ||||
| 		//............................................................. | ||||
| 		{ | ||||
| 			var newRandomnessSource; | ||||
| 		 | ||||
| 			newRandomnessSource = new Clipperz.Crypto.PRNG.TimeRandomnessSource({intervalTime:111}); | ||||
| 			_clipperz_crypt_prng_defaultPRNG.addRandomnessSource(newRandomnessSource); | ||||
| 		} | ||||
|  | ||||
| 		//............................................................. | ||||
| 		// | ||||
| 		//		MouseRandomnessSource | ||||
| 		// | ||||
| 		//............................................................. | ||||
| 		{ | ||||
| 			var	newRandomnessSource; | ||||
| 			 | ||||
| 			newRandomnessSource = new Clipperz.Crypto.PRNG.MouseRandomnessSource(); | ||||
| 			_clipperz_crypt_prng_defaultPRNG.addRandomnessSource(newRandomnessSource); | ||||
| 		} | ||||
|  | ||||
| 		//............................................................. | ||||
| 		// | ||||
| 		//		KeyboardRandomnessSource | ||||
| 		// | ||||
| 		//............................................................. | ||||
| 		{ | ||||
| 			var	newRandomnessSource; | ||||
| 			 | ||||
| 			newRandomnessSource = new Clipperz.Crypto.PRNG.KeyboardRandomnessSource(); | ||||
| 			_clipperz_crypt_prng_defaultPRNG.addRandomnessSource(newRandomnessSource); | ||||
| 		} | ||||
|  | ||||
| 	} | ||||
|  | ||||
| 	return _clipperz_crypt_prng_defaultPRNG; | ||||
| }; | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| Clipperz.Crypto.PRNG.exception =  { | ||||
| 	NotEnoughEntropy: new MochiKit.Base.NamedError("Clipperz.Crypto.PRNG.exception.NotEnoughEntropy")  | ||||
| }; | ||||
|  | ||||
|  | ||||
| MochiKit.DOM.addLoadEvent(Clipperz.Crypto.PRNG.defaultRandomGenerator); | ||||
							
								
								
									
										146
									
								
								frontend/delta/js/Clipperz/Crypto/RSA.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										146
									
								
								frontend/delta/js/Clipperz/Crypto/RSA.js
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,146 @@ | ||||
| /* | ||||
|  | ||||
| Copyright 2008-2013 Clipperz Srl | ||||
|  | ||||
| This file is part of Clipperz, the online password manager. | ||||
| For further information about its features and functionalities please | ||||
| refer to http://www.clipperz.com. | ||||
|  | ||||
| * Clipperz is free software: you can redistribute it and/or modify it | ||||
|   under the terms of the GNU Affero General Public License as published | ||||
|   by the Free Software Foundation, either version 3 of the License, or  | ||||
|   (at your option) any later version. | ||||
|  | ||||
| * Clipperz is distributed in the hope that it will be useful, but  | ||||
|   WITHOUT ANY WARRANTY; without even the implied warranty of  | ||||
|   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||||
|   See the GNU Affero General Public License for more details. | ||||
|  | ||||
| * You should have received a copy of the GNU Affero General Public | ||||
|   License along with Clipperz. If not, see http://www.gnu.org/licenses/. | ||||
|  | ||||
| */ | ||||
|  | ||||
| try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) { | ||||
| 	throw "Clipperz.Crypto.RSA depends on Clipperz.Crypto.BigInt!"; | ||||
| }   | ||||
|  | ||||
| if (typeof(Clipperz.Crypto.RSA) == 'undefined') { Clipperz.Crypto.RSA = {}; } | ||||
|  | ||||
| Clipperz.Crypto.RSA.VERSION = "0.1"; | ||||
| Clipperz.Crypto.RSA.NAME = "Clipperz.RSA"; | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| MochiKit.Base.update(Clipperz.Crypto.RSA, { | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'publicKeyWithValues': function (e, d, n) { | ||||
| 		var	result; | ||||
| 		 | ||||
| 		result = {}; | ||||
|  | ||||
| 		if (e.isBigInt) { | ||||
| 			result.e = e; | ||||
| 		} else { | ||||
| 			result.e = new Clipperz.Crypto.BigInt(e, 16); | ||||
| 		} | ||||
| 		 | ||||
| 		if (d.isBigInt) { | ||||
| 			result.d = d; | ||||
| 		} else { | ||||
| 			result.d = new Clipperz.Crypto.BigInt(d, 16); | ||||
| 		} | ||||
| 		 | ||||
| 		if (n.isBigInt) { | ||||
| 			result.n = n; | ||||
| 		} else { | ||||
| 			result.n = new Clipperz.Crypto.BigInt(n, 16); | ||||
| 		} | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	'privateKeyWithValues': function(e, d, n) { | ||||
| 		return Clipperz.Crypto.RSA.publicKeyWithValues(e, d, n); | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'encryptUsingPublicKey': function (aKey, aMessage) { | ||||
| 		var	messageValue; | ||||
| 		var	result; | ||||
| 		 | ||||
| 		messageValue = new Clipperz.Crypto.BigInt(aMessage, 16); | ||||
| 		result = messageValue.powerModule(aKey.e, aKey.n); | ||||
| 		 | ||||
| 		return result.asString(16); | ||||
| 	}, | ||||
|  | ||||
| 	//............................................................................. | ||||
|  | ||||
| 	'decryptUsingPublicKey': function (aKey, aMessage) { | ||||
| 		return Clipperz.Crypto.RSA.encryptUsingPublicKey(aKey, aMessage); | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'encryptUsingPrivateKey': function (aKey, aMessage) { | ||||
| 		var	messageValue; | ||||
| 		var	result; | ||||
| 		 | ||||
| 		messageValue = new Clipperz.Crypto.BigInt(aMessage, 16); | ||||
| 		result = messageValue.powerModule(aKey.d, aKey.n); | ||||
| 		 | ||||
| 		return result.asString(16); | ||||
| 	}, | ||||
|  | ||||
| 	//............................................................................. | ||||
|  | ||||
| 	'decryptUsingPrivateKey': function (aKey, aMessage) { | ||||
| 		return Clipperz.Crypto.RSA.encryptUsingPrivateKey(aKey, aMessage); | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	 | ||||
| 	'generatePublicKey': function(aNumberOfBits) { | ||||
| 		var	result; | ||||
| 		var	e; | ||||
| 		var	d; | ||||
| 		var	n; | ||||
| 		 | ||||
| 		e = new Clipperz.Crypto.BigInt("10001", 16); | ||||
|  | ||||
| 		{ | ||||
| 			var p, q; | ||||
| 			var	phi; | ||||
|  | ||||
| 			do { | ||||
| 				p = Clipperz.Crypto.BigInt.randomPrime(aNumberOfBits); | ||||
| 			} while (p.module(e).equals(1)); | ||||
| 			 | ||||
| 			do { | ||||
| 				q = Clipperz.Crypto.BigInt.randomPrime(aNumberOfBits); | ||||
| 			} while ((q.equals(p)) || (q.module(e).equals(1))); | ||||
|  | ||||
| 			n = p.multiply(q); | ||||
| 			phi = (p.subtract(1).multiply(q.subtract(1))); | ||||
| 			d = e.powerModule(-1, phi); | ||||
| 		} | ||||
| 		 | ||||
| 		result = Clipperz.Crypto.RSA.publicKeyWithValues(e, d, n); | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
							
								
								
									
										296
									
								
								frontend/delta/js/Clipperz/Crypto/SHA.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										296
									
								
								frontend/delta/js/Clipperz/Crypto/SHA.js
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,296 @@ | ||||
| /* | ||||
|  | ||||
| Copyright 2008-2013 Clipperz Srl | ||||
|  | ||||
| This file is part of Clipperz, the online password manager. | ||||
| For further information about its features and functionalities please | ||||
| refer to http://www.clipperz.com. | ||||
|  | ||||
| * Clipperz is free software: you can redistribute it and/or modify it | ||||
|   under the terms of the GNU Affero General Public License as published | ||||
|   by the Free Software Foundation, either version 3 of the License, or  | ||||
|   (at your option) any later version. | ||||
|  | ||||
| * Clipperz is distributed in the hope that it will be useful, but  | ||||
|   WITHOUT ANY WARRANTY; without even the implied warranty of  | ||||
|   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||||
|   See the GNU Affero General Public License for more details. | ||||
|  | ||||
| * You should have received a copy of the GNU Affero General Public | ||||
|   License along with Clipperz. If not, see http://www.gnu.org/licenses/. | ||||
|  | ||||
| */ | ||||
|  | ||||
| try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | ||||
| 	throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!"; | ||||
| }   | ||||
|  | ||||
| if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; } | ||||
| if (typeof(Clipperz.Crypto.SHA) == 'undefined') { Clipperz.Crypto.SHA = {}; } | ||||
|  | ||||
| Clipperz.Crypto.SHA.VERSION = "0.3"; | ||||
| Clipperz.Crypto.SHA.NAME = "Clipperz.Crypto.SHA"; | ||||
|  | ||||
| MochiKit.Base.update(Clipperz.Crypto.SHA, { | ||||
|  | ||||
| 	'__repr__': function () { | ||||
| 		return "[" + this.NAME + " " + this.VERSION + "]"; | ||||
| 	}, | ||||
|  | ||||
| 	'toString': function () { | ||||
| 		return this.__repr__(); | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'rotateRight': function(aValue, aNumberOfBits) { | ||||
| //Clipperz.Profile.start("Clipperz.Crypto.SHA.rotateRight"); | ||||
| 		var result; | ||||
| 		 | ||||
| 		result = (aValue >>> aNumberOfBits) | (aValue << (32 - aNumberOfBits)); | ||||
| 		 | ||||
| //Clipperz.Profile.stop("Clipperz.Crypto.SHA.rotateRight"); | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	'shiftRight': function(aValue, aNumberOfBits) { | ||||
| //Clipperz.Profile.start("Clipperz.Crypto.SHA.shiftRight"); | ||||
| 		var result; | ||||
| 		 | ||||
| 		result = aValue >>> aNumberOfBits; | ||||
| 		 | ||||
| //Clipperz.Profile.stop("Clipperz.Crypto.SHA.shiftRight"); | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'safeAdd': function() { | ||||
| //Clipperz.Profile.start("Clipperz.Crypto.SHA.safeAdd"); | ||||
| 		var	result; | ||||
| 		var	i, c; | ||||
| 		 | ||||
| 		result = arguments[0]; | ||||
| 		c = arguments.length; | ||||
| 		for (i=1; i<c; i++) { | ||||
| 			var	lowerBytesSum; | ||||
|  | ||||
| 			lowerBytesSum = (result & 0xffff) + (arguments[i] & 0xffff); | ||||
| 			result = (((result >> 16) + (arguments[i] >> 16) + (lowerBytesSum >> 16)) << 16) | (lowerBytesSum & 0xffff); | ||||
| 		} | ||||
| 		 | ||||
| //Clipperz.Profile.stop("Clipperz.Crypto.SHA.safeAdd"); | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'sha256_array': function(aValue) { | ||||
| //Clipperz.Profile.start("Clipperz.Crypto.SHA.sha256_array"); | ||||
| 		var	result; | ||||
| 		var	message; | ||||
| 		var h0, h1, h2, h3, h4, h5, h6, h7; | ||||
| 		var	k; | ||||
| 		var	messageLength; | ||||
| 		var	messageLengthInBits; | ||||
| 		var	_i, _c; | ||||
| 		var charBits; | ||||
| 		var rotateRight; | ||||
| 		var shiftRight; | ||||
| 		var safeAdd; | ||||
| 		var	bytesPerBlock; | ||||
| 		var currentMessageIndex; | ||||
|  | ||||
| 		bytesPerBlock = 512/8; | ||||
| 		rotateRight = Clipperz.Crypto.SHA.rotateRight; | ||||
| 		shiftRight = Clipperz.Crypto.SHA.shiftRight; | ||||
| 		safeAdd = Clipperz.Crypto.SHA.safeAdd; | ||||
| 		 | ||||
| 		charBits = 8; | ||||
| 		 | ||||
| 		h0 = 0x6a09e667; | ||||
| 		h1 = 0xbb67ae85; | ||||
| 		h2 = 0x3c6ef372; | ||||
| 		h3 = 0xa54ff53a; | ||||
| 		h4 = 0x510e527f; | ||||
| 		h5 = 0x9b05688c; | ||||
| 		h6 = 0x1f83d9ab; | ||||
| 		h7 = 0x5be0cd19; | ||||
|  | ||||
| 		k = [	0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, | ||||
| 				0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, | ||||
| 				0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, | ||||
| 				0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, | ||||
| 				0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, | ||||
| 				0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, | ||||
| 				0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, | ||||
| 				0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2]; | ||||
|  | ||||
| 		message = aValue; | ||||
| 		messageLength = message.length; | ||||
|  | ||||
| 		//Pre-processing: | ||||
| 		message.push(0x80);	//	append a single "1" bit to  message | ||||
|  | ||||
| 		_c = (512 - (((messageLength + 1) * charBits) % 512) - 64) / charBits; | ||||
| 		if (_c < 0) { | ||||
| 			_c = _c + (512 / charBits); | ||||
| 		} | ||||
|  | ||||
| 		for (_i=0; _i<_c; _i++) { | ||||
| 			message.push(0x00);			//	append "0" bits until message length ≡ 448 ≡ -64 (mod 512) | ||||
| 		} | ||||
|  | ||||
| 		messageLengthInBits = messageLength * charBits; | ||||
| 		message.push(0x00);	//	the 4 most high byte are alway 0 as message length is represented with a 32bit value; | ||||
| 		message.push(0x00); | ||||
| 		message.push(0x00); | ||||
| 		message.push(0x00); | ||||
| 		message.push((messageLengthInBits >> 24)	& 0xff); | ||||
| 		message.push((messageLengthInBits >> 16)	& 0xff); | ||||
| 		message.push((messageLengthInBits >> 8)		& 0xff); | ||||
| 		message.push( messageLengthInBits			& 0xff); | ||||
|  | ||||
| 		currentMessageIndex = 0; | ||||
| 		while(currentMessageIndex < message.length) { | ||||
| 			var	w; | ||||
| 			var	a, b, c, d, e, f, g, h; | ||||
|  | ||||
| 			w = Array(64); | ||||
|  | ||||
| 			_c = 16; | ||||
| 			for (_i=0; _i<_c; _i++) { | ||||
| 				var _j; | ||||
| 				 | ||||
| 				_j = currentMessageIndex + _i*4; | ||||
| 				w[_i] = (message[_j] << 24) | (message[_j + 1] << 16) | (message[_j + 2] << 8) | (message[_j + 3] << 0); | ||||
| 			} | ||||
|  | ||||
| 			_c = 64; | ||||
| 			for (_i=16; _i<_c; _i++) { | ||||
| 				var	s0, s1; | ||||
| 				 | ||||
| 				s0 = (rotateRight(w[_i-15], 7)) ^ (rotateRight(w[_i-15], 18)) ^ (shiftRight(w[_i-15], 3)); | ||||
| 				s1 = (rotateRight(w[_i-2], 17)) ^ (rotateRight(w[_i-2], 19)) ^ (shiftRight(w[_i-2], 10)); | ||||
| 				w[_i] = safeAdd(w[_i-16], s0, w[_i-7], s1); | ||||
| 			} | ||||
|  | ||||
| 			a=h0; b=h1; c=h2; d=h3; e=h4; f=h5; g=h6; h=h7; | ||||
|  | ||||
| 			_c = 64; | ||||
| 			for (_i=0; _i<_c; _i++) { | ||||
| 				var s0, s1, ch, maj, t1, t2; | ||||
| 				 | ||||
| 				s0  = (rotateRight(a, 2)) ^ (rotateRight(a, 13)) ^ (rotateRight(a, 22)); | ||||
| 				maj = (a & b) ^ (a & c) ^ (b & c); | ||||
| 				t2  = safeAdd(s0, maj); | ||||
| 				s1  = (rotateRight(e, 6)) ^ (rotateRight(e, 11)) ^ (rotateRight(e, 25)); | ||||
| 				ch  = (e & f) ^ ((~e) & g); | ||||
| 				t1  = safeAdd(h, s1, ch, k[_i], w[_i]); | ||||
|  | ||||
| 				h = g; | ||||
| 				g = f; | ||||
| 				f = e; | ||||
| 				e = safeAdd(d, t1); | ||||
| 				d = c; | ||||
| 				c = b; | ||||
| 				b = a; | ||||
| 				a = safeAdd(t1, t2); | ||||
| 			} | ||||
|  | ||||
| 		    h0 = safeAdd(h0, a); | ||||
| 		    h1 = safeAdd(h1, b); | ||||
| 		    h2 = safeAdd(h2, c); | ||||
| 		    h3 = safeAdd(h3, d); | ||||
| 		    h4 = safeAdd(h4, e); | ||||
| 		    h5 = safeAdd(h5, f); | ||||
| 		    h6 = safeAdd(h6, g); | ||||
| 		    h7 = safeAdd(h7, h); | ||||
| 			 | ||||
| 			currentMessageIndex += bytesPerBlock; | ||||
| 		} | ||||
|  | ||||
| 		result = new Array(256/8); | ||||
| 		result[0]  = (h0 >> 24)	& 0xff; | ||||
| 		result[1]  = (h0 >> 16)	& 0xff; | ||||
| 		result[2]  = (h0 >> 8)	& 0xff; | ||||
| 		result[3]  =  h0		& 0xff; | ||||
|  | ||||
| 		result[4]  = (h1 >> 24)	& 0xff; | ||||
| 		result[5]  = (h1 >> 16)	& 0xff; | ||||
| 		result[6]  = (h1 >> 8)	& 0xff; | ||||
| 		result[7]  =  h1		& 0xff; | ||||
|  | ||||
| 		result[8]  = (h2 >> 24)	& 0xff; | ||||
| 		result[9]  = (h2 >> 16)	& 0xff; | ||||
| 		result[10] = (h2 >> 8)	& 0xff; | ||||
| 		result[11] =  h2		& 0xff; | ||||
| 		 | ||||
| 		result[12] = (h3 >> 24)	& 0xff; | ||||
| 		result[13] = (h3 >> 16)	& 0xff; | ||||
| 		result[14] = (h3 >> 8)	& 0xff; | ||||
| 		result[15] =  h3		& 0xff; | ||||
|  | ||||
| 		result[16] = (h4 >> 24)	& 0xff; | ||||
| 		result[17] = (h4 >> 16)	& 0xff; | ||||
| 		result[18] = (h4 >> 8)	& 0xff; | ||||
| 		result[19] =  h4		& 0xff; | ||||
|  | ||||
| 		result[20] = (h5 >> 24)	& 0xff; | ||||
| 		result[21] = (h5 >> 16)	& 0xff; | ||||
| 		result[22] = (h5 >> 8)	& 0xff; | ||||
| 		result[23] =  h5	 	& 0xff; | ||||
|  | ||||
| 		result[24] = (h6 >> 24)	& 0xff; | ||||
| 		result[25] = (h6 >> 16)	& 0xff; | ||||
| 		result[26] = (h6 >> 8)	& 0xff; | ||||
| 		result[27] =  h6		& 0xff; | ||||
| 			 | ||||
| 		result[28] = (h7 >> 24)	& 0xff; | ||||
| 		result[29] = (h7 >> 16)	& 0xff; | ||||
| 		result[30] = (h7 >> 8)	& 0xff; | ||||
| 		result[31] =  h7		& 0xff; | ||||
| 		 | ||||
| //Clipperz.Profile.stop("Clipperz.Crypto.SHA.sha256_array"); | ||||
| 		return result; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'sha256': function(aValue) { | ||||
| //Clipperz.Profile.start("Clipperz.Crypto.SHA.sha256"); | ||||
| 		var result; | ||||
| 		var resultArray; | ||||
| 		var	valueArray; | ||||
| 		 | ||||
| 		valueArray = aValue.arrayValues(); | ||||
| 		resultArray = Clipperz.Crypto.SHA.sha256_array(valueArray); | ||||
| 		 | ||||
| 		result = new Clipperz.ByteArray(resultArray); | ||||
| 		 | ||||
| //Clipperz.Profile.stop("Clipperz.Crypto.SHA.sha256"); | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'sha_d256': function(aValue) { | ||||
| //Clipperz.Profile.start("Clipperz.Crypto.SHA.sha_d256"); | ||||
| 		var result; | ||||
| 		var resultArray; | ||||
| 		var	valueArray; | ||||
| 		 | ||||
| 		valueArray = aValue.arrayValues(); | ||||
| 		resultArray = Clipperz.Crypto.SHA.sha256_array(valueArray); | ||||
| 		resultArray = Clipperz.Crypto.SHA.sha256_array(resultArray); | ||||
| 		 | ||||
| 		result = new Clipperz.ByteArray(resultArray); | ||||
| 		 | ||||
| //Clipperz.Profile.stop("Clipperz.Crypto.SHA.sha256"); | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	//----------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| 	 | ||||
| }); | ||||
							
								
								
									
										316
									
								
								frontend/delta/js/Clipperz/Crypto/SRP.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										316
									
								
								frontend/delta/js/Clipperz/Crypto/SRP.js
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,316 @@ | ||||
| /* | ||||
|  | ||||
| Copyright 2008-2013 Clipperz Srl | ||||
|  | ||||
| This file is part of Clipperz, the online password manager. | ||||
| For further information about its features and functionalities please | ||||
| refer to http://www.clipperz.com. | ||||
|  | ||||
| * Clipperz is free software: you can redistribute it and/or modify it | ||||
|   under the terms of the GNU Affero General Public License as published | ||||
|   by the Free Software Foundation, either version 3 of the License, or  | ||||
|   (at your option) any later version. | ||||
|  | ||||
| * Clipperz is distributed in the hope that it will be useful, but  | ||||
|   WITHOUT ANY WARRANTY; without even the implied warranty of  | ||||
|   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||||
|   See the GNU Affero General Public License for more details. | ||||
|  | ||||
| * You should have received a copy of the GNU Affero General Public | ||||
|   License along with Clipperz. If not, see http://www.gnu.org/licenses/. | ||||
|  | ||||
| */ | ||||
|  | ||||
| try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) { | ||||
| 	throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!"; | ||||
| }   | ||||
|  | ||||
| try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) { | ||||
| 	throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.BigInt!"; | ||||
| }   | ||||
|  | ||||
| try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) { | ||||
| 	throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.PRNG!"; | ||||
| }   | ||||
|  | ||||
| if (typeof(Clipperz.Crypto.SRP) == 'undefined') { Clipperz.Crypto.SRP = {}; } | ||||
|  | ||||
| Clipperz.Crypto.SRP.VERSION = "0.1"; | ||||
| Clipperz.Crypto.SRP.NAME = "Clipperz.Crypto.SRP"; | ||||
|  | ||||
| //############################################################################# | ||||
|  | ||||
| MochiKit.Base.update(Clipperz.Crypto.SRP, { | ||||
|  | ||||
| 	'_n': null, | ||||
| 	'_g': null, | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'n': function() { | ||||
| 		if (Clipperz.Crypto.SRP._n == null) { | ||||
| 		 	Clipperz.Crypto.SRP._n = new Clipperz.Crypto.BigInt("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.SRP._n; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'g': function() { | ||||
| 		if (Clipperz.Crypto.SRP._g == null) { | ||||
| 			Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2);	//	eventually 5 (as suggested on the Diffi-Helmann documentation) | ||||
| 		} | ||||
| 		 | ||||
| 		return Clipperz.Crypto.SRP._g; | ||||
| 	}, | ||||
|  | ||||
| 	//----------------------------------------------------------------------------- | ||||
|  | ||||
| 	'exception': { | ||||
| 		'InvalidValue': new MochiKit.Base.NamedError("Clipperz.Crypto.SRP.exception.InvalidValue")  | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
| 	__syntaxFix__: "syntax fix" | ||||
|  | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
| // | ||||
| //		S R P   C o n n e c t i o n     version 1.0 | ||||
| // | ||||
| //============================================================================= | ||||
| Clipperz.Crypto.SRP.Connection = function (args) { | ||||
| 	args = args || {}; | ||||
|  | ||||
| 	this._C = args.C; | ||||
| 	this._P = args.P; | ||||
| 	this.hash = args.hash; | ||||
|  | ||||
| 	this._a = null; | ||||
| 	this._A = null; | ||||
| 	 | ||||
| 	this._s = null; | ||||
| 	this._B = null; | ||||
|  | ||||
| 	this._x = null; | ||||
| 	 | ||||
| 	this._u = null; | ||||
| 	this._K = null; | ||||
| 	this._M1 = null; | ||||
| 	this._M2 = null; | ||||
| 	 | ||||
| 	this._sessionKey = null; | ||||
|  | ||||
| 	return this; | ||||
| } | ||||
|  | ||||
| Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, { | ||||
|  | ||||
| 	'toString': function () { | ||||
| 		return "Clipperz.Crypto.SRP.Connection (username: " + this.username() + "). Status: " + this.statusDescription(); | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'C': function () { | ||||
| 		return this._C; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'P': function () { | ||||
| 		return this._P; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'a': function () { | ||||
| 		if (this._a == null) { | ||||
| 			this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16); | ||||
| //			this._a = new Clipperz.Crypto.BigInt("37532428169486597638072888476611365392249575518156687476805936694442691012367", 10); | ||||
| 		} | ||||
| 		 | ||||
| 		return this._a; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'A': function () { | ||||
| 		if (this._A == null) { | ||||
| 			//	Warning: this value should be strictly greater than zero: how should we perform this check? | ||||
| 			this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n()); | ||||
| 			 | ||||
| 			if (this._A.equals(0)) { | ||||
| 				Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0."); | ||||
| 				throw Clipperz.Crypto.SRP.exception.InvalidValue; | ||||
| 			} | ||||
| 		} | ||||
| 		 | ||||
| 		return this._A; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	's': function () { | ||||
| 		return this._s; | ||||
| 	}, | ||||
|  | ||||
| 	'set_s': function(aValue) { | ||||
| 		this._s = aValue; | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'B': function () { | ||||
| 		return this._B; | ||||
| 	}, | ||||
|  | ||||
| 	'set_B': function(aValue) { | ||||
| 		//	Warning: this value should be strictly greater than zero: how should we perform this check? | ||||
| 		if (! aValue.equals(0)) { | ||||
| 			this._B = aValue; | ||||
| 		} else { | ||||
| 			Clipperz.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0."); | ||||
| 			throw Clipperz.Crypto.SRP.exception.InvalidValue; | ||||
| 		} | ||||
| 	}, | ||||
| 	 | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'x': function () { | ||||
| 		if (this._x == null) { | ||||
| 			this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s().asString(16, 64) + this.P()), 16); | ||||
| 		} | ||||
| 		 | ||||
| 		return this._x; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'u': function () { | ||||
| 		if (this._u == null) { | ||||
| 			this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16); | ||||
| 		} | ||||
| 		 | ||||
| 		return this._u; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'S': function () { | ||||
| 		if (this._S == null) { | ||||
| 			var bigint; | ||||
| 			var	srp; | ||||
|  | ||||
| 			bigint = Clipperz.Crypto.BigInt; | ||||
| 			srp = 	 Clipperz.Crypto.SRP; | ||||
|  | ||||
| 			this._S =	bigint.powerModule( | ||||
| 								bigint.subtract(this.B(), bigint.powerModule(srp.g(), this.x(), srp.n())), | ||||
| 								bigint.add(this.a(), bigint.multiply(this.u(), this.x())), | ||||
| 								srp.n() | ||||
| 						) | ||||
| 		} | ||||
| 		 | ||||
| 		return this._S; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'K': function () { | ||||
| 		if (this._K == null) { | ||||
| 			this._K = this.stringHash(this.S().asString()); | ||||
| 		} | ||||
| 		 | ||||
| 		return this._K; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'M1': function () { | ||||
| 		if (this._M1 == null) { | ||||
| 			this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K()); | ||||
| 		} | ||||
| 		 | ||||
| 		return this._M1; | ||||
| 	}, | ||||
|  | ||||
| 	//------------------------------------------------------------------------- | ||||
|  | ||||
| 	'M2': function () { | ||||
| 		if (this._M2 == null) { | ||||
| 			this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K()); | ||||
| 		} | ||||
| 		 | ||||
| 		return this._M2; | ||||
| 	}, | ||||
|  | ||||
| 	//========================================================================= | ||||
|  | ||||
| 	'serverSideCredentialsWithSalt': function(aSalt) { | ||||
| 		var result; | ||||
| 		var s, x, v; | ||||
| 		 | ||||
| 		s = aSalt; | ||||
| 		x = this.stringHash(s + this.P()); | ||||
| 		v = Clipperz.Crypto.SRP.g().powerModule(new Clipperz.Crypto.BigInt(x, 16), Clipperz.Crypto.SRP.n()); | ||||
|  | ||||
| 		result = {}; | ||||
| 		result['C'] = this.C(); | ||||
| 		result['s'] = s; | ||||
| 		result['v'] = v.asString(16); | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	'serverSideCredentials': function() { | ||||
| 		var result; | ||||
| 		var s; | ||||
| 		 | ||||
| 		s = Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2); | ||||
|  | ||||
| 		result = this.serverSideCredentialsWithSalt(s); | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	//========================================================================= | ||||
| /* | ||||
| 	'computeServerSide_S': function(b) { | ||||
| 		var result; | ||||
| 		var v; | ||||
| 		var bigint; | ||||
| 		var	srp; | ||||
|  | ||||
| 		bigint = Clipperz.Crypto.BigInt; | ||||
| 		srp = 	 Clipperz.Crypto.SRP; | ||||
|  | ||||
| 		v = new Clipperz.Crypto.BigInt(srpConnection.serverSideCredentialsWithSalt(this.s().asString(16, 64)).v, 16); | ||||
| //		_S =  (this.A().multiply(this.v().modPow(this.u(), this.n()))).modPow(this.b(), this.n()); | ||||
| 		result = bigint.powerModule( | ||||
| 					bigint.multiply( | ||||
| 						this.A(), | ||||
| 						bigint.powerModule(v, this.u(), srp.n()) | ||||
| 					), new Clipperz.Crypto.BigInt(b, 10), srp.n() | ||||
| 				); | ||||
|  | ||||
| 		return result; | ||||
| 	}, | ||||
| */ | ||||
| 	//========================================================================= | ||||
|  | ||||
| 	'stringHash': function(aValue) { | ||||
| 		var	result; | ||||
|  | ||||
| 		result = this.hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2); | ||||
| 		 | ||||
| 		return result; | ||||
| 	}, | ||||
| 	 | ||||
| 	//========================================================================= | ||||
| 	__syntaxFix__: "syntax fix" | ||||
| 	 | ||||
| }); | ||||
|  | ||||
| //############################################################################# | ||||
		Reference in New Issue
	
	Block a user
	 Giulio Cesare Solaroli
					Giulio Cesare Solaroli