clipperz/password-manager-mirror
1
0
Fork 0
mirror of http://git.whoc.org.uk/git/password-manager.git synced 2025-10-25 01:37:34 +02:00
Code Issues Releases Wiki Activity

First version of the newly restructured repository

Browse Source
This commit is contained in:
Giulio Cesare Solaroli
2011-10-03 00:56:18 +01:00
parent 597ecfbc02
commit ef68436ac0
729 changed files with 232898 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

869
frontend/gamma/js/Clipperz/Crypto/AES.js Normal file
View File

@@ -0,0 +1,869 @@
/*
Copyright 2008-2011 Clipperz Srl
This file is part of Clipperz's Javascript Crypto Library.
Javascript Crypto Library provides web developers with an extensive
and efficient set of cryptographic functions. The library aims to
obtain maximum execution speed while preserving modularity and
reusability.
For further information about its features and functionalities please
refer to http://www.clipperz.com
* Javascript Crypto Library is free software: you can redistribute
it and/or modify it under the terms of the GNU Affero General Public
License as published by the Free Software Foundation, either version
3 of the License, or (at your option) any later version.
* Javascript Crypto Library is distributed in the hope that it will
be useful, but WITHOUT ANY WARRANTY; without even the implied
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
License along with Javascript Crypto Library. If not, see
<http://www.gnu.org/licenses/>.
*/
try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.AES depends on Clipperz.ByteArray!";
}
// Dependency commented to avoid a circular reference
//try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.AES depends on Clipperz.Crypto.PRNG!";
//}
if (typeof(Clipperz.Crypto.AES) == 'undefined') { Clipperz.Crypto.AES = {}; }
//#############################################################################
Clipperz.Crypto.AES.DeferredExecutionContext = function(args) {
args = args || {};
this._key = args.key;
this._message = args.message;
this._result = args.message.clone();
this._nonce = args.nonce;
this._messageLength = this._message.length();
this._messageArray = this._message.arrayValues();
this._resultArray = this._result.arrayValues();
this._nonceArray = this._nonce.arrayValues();
this._executionStep = 0;
// this._elaborationChunkSize = 1024; // 4096; // 16384; // 4096;
this._elaborationChunks = 10;
this._pauseTime = 0.02; // 0.02 // 0.2;
return this;
}
Clipperz.Crypto.AES.DeferredExecutionContext.prototype = MochiKit.Base.update(null, {
'key': function() {
return this._key;
},
'message': function() {
return this._message;
},
'messageLength': function() {
return this._messageLength;
},
'result': function() {
return new Clipperz.ByteArray(this.resultArray());
},
'nonce': function() {
return this._nonce;
},
'messageArray': function() {
return this._messageArray;
},
'resultArray': function() {
return this._resultArray;
},
'nonceArray': function() {
return this._nonceArray;
},
'elaborationChunkSize': function() {
// return Clipperz.Crypto.AES.DeferredExecution.chunkSize;
// return this._elaborationChunkSize;
return (this._elaborationChunks * 1024);
},
'executionStep': function() {
return this._executionStep;
},
'setExecutionStep': function(aValue) {
this._executionStep = aValue;
},
'tuneExecutionParameters': function (anElapsedTime) {
//var originalChunks = this._elaborationChunks;
if (anElapsedTime > 0) {
this._elaborationChunks = Math.round(this._elaborationChunks * ((anElapsedTime + 1000)/(anElapsedTime * 2)));
}
//Clipperz.log("tuneExecutionParameters - elapsedTime: " + anElapsedTime + /*originalChunks,*/ " chunks # " + this._elaborationChunks + " [" + this._executionStep + " / " + this._messageLength + "]");
},
'pause': function(aValue) {
// return MochiKit.Async.wait(Clipperz.Crypto.AES.DeferredExecution.pauseTime, aValue);
return MochiKit.Async.wait(this._pauseTime, aValue);
},
'isDone': function () {
//console.log("isDone", this.executionStep(), this.messageLength());
return (this._executionStep >= this._messageLength);
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.AES.Key = function(args) {
args = args || {};
this._key = args.key;
this._keySize = args.keySize || this.key().length();
if (this.keySize() == 128/8) {
this._b = 176;
this._numberOfRounds = 10;
} else if (this.keySize() == 256/8) {
this._b = 240;
this._numberOfRounds = 14;
} else {
MochiKit.Logging.logError("AES unsupported key size: " + (this.keySize() * 8) + " bits");
throw Clipperz.Crypto.AES.exception.UnsupportedKeySize;
}
this._stretchedKey = null;
return this;
}
Clipperz.Crypto.AES.Key.prototype = MochiKit.Base.update(null, {
'asString': function() {
return "Clipperz.Crypto.AES.Key (" + this.key().toHexString() + ")";
},
//-----------------------------------------------------------------------------
'key': function() {
return this._key;
},
'keySize': function() {
return this._keySize;
},
'b': function() {
return this._b;
},
'numberOfRounds': function() {
return this._numberOfRounds;
},
//=========================================================================
'keyScheduleCore': function(aWord, aRoundConstantsIndex) {
var result;
var sbox;
sbox = Clipperz.Crypto.AES.sbox();
result = [ sbox[aWord[1]] ^ Clipperz.Crypto.AES.roundConstants()[aRoundConstantsIndex],
sbox[aWord[2]],
sbox[aWord[3]],
sbox[aWord[0]] ];
return result;
},
//-----------------------------------------------------------------------------
'xorWithPreviousStretchValues': function(aKey, aWord, aPreviousWordIndex) {
var result;
var i,c;
result = [];
c = 4;
for (i=0; i<c; i++) {
result[i] = aWord[i] ^ aKey.byteAtIndex(aPreviousWordIndex + i);
}
return result;
},
//-----------------------------------------------------------------------------
'sboxShakeup': function(aWord) {
var result;
var sbox;
var i,c;
result = [];
sbox = Clipperz.Crypto.AES.sbox();
c =4;
for (i=0; i<c; i++) {
result[i] = sbox[aWord[i]];
}
return result;
},
//-----------------------------------------------------------------------------
'stretchKey': function(aKey) {
var currentWord;
var keyLength;
var previousStretchIndex;
var i,c;
keyLength = aKey.length();
previousStretchIndex = keyLength - this.keySize();
currentWord = [ aKey.byteAtIndex(keyLength - 4),
aKey.byteAtIndex(keyLength - 3),
aKey.byteAtIndex(keyLength - 2),
aKey.byteAtIndex(keyLength - 1) ];
currentWord = this.keyScheduleCore(currentWord, keyLength / this.keySize());
if (this.keySize() == 256/8) {
c = 8;
} else if (this.keySize() == 128/8){
c = 4;
}
for (i=0; i<c; i++) {
if (i == 4) {
// fifth streatch word
currentWord = this.sboxShakeup(currentWord);
}
currentWord = this.xorWithPreviousStretchValues(aKey, currentWord, previousStretchIndex + (i*4));
aKey.appendBytes(currentWord);
}
return aKey;
},
//-----------------------------------------------------------------------------
'stretchedKey': function() {
if (this._stretchedKey == null) {
var stretchedKey;
stretchedKey = this.key().clone();
while (stretchedKey.length() < this.keySize()) {
stretchedKey.appendByte(0);
}
while (stretchedKey.length() < this.b()) {
stretchedKey = this.stretchKey(stretchedKey);
}
this._stretchedKey = stretchedKey.split(0, this.b());
}
return this._stretchedKey;
},
//=========================================================================
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.AES.State = function(args) {
args = args || {};
this._data = args.block;
this._key = args.key;
return this;
}
Clipperz.Crypto.AES.State.prototype = MochiKit.Base.update(null, {
'key': function() {
return this._key;
},
//-----------------------------------------------------------------------------
'data': function() {
return this._data;
},
'setData': function(aValue) {
this._data = aValue;
},
//=========================================================================
'addRoundKey': function(aRoundNumber) {
// each byte of the state is combined with the round key; each round key is derived from the cipher key using a key schedule.
var data;
var stretchedKey;
var firstStretchedKeyIndex;
var i,c;
data = this.data();
stretchedKey = this.key().stretchedKey();
firstStretchedKeyIndex = aRoundNumber * (128/8);
c = 128/8;
for (i=0; i<c; i++) {
data[i] = data[i] ^ stretchedKey.byteAtIndex(firstStretchedKeyIndex + i);
}
},
//-----------------------------------------------------------------------------
'subBytes': function() {
// a non-linear substitution step where each byte is replaced with another according to a lookup table.
var i,c;
var data;
var sbox;
data = this.data();
sbox = Clipperz.Crypto.AES.sbox();
c = 16;
for (i=0; i<c; i++) {
data[i] = sbox[data[i]];
}
},
//-----------------------------------------------------------------------------
'shiftRows': function() {
// a transposition step where each row of the state is shifted cyclically a certain number of steps.
var newValue;
var data;
var shiftMapping;
var i,c;
newValue = new Array(16);
data = this.data();
shiftMapping = Clipperz.Crypto.AES.shiftRowMapping();
// [0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 1, 6, 11];
c = 16;
for (i=0; i<c; i++) {
newValue[i] = data[shiftMapping[i]];
}
for (i=0; i<c; i++) {
data[i] = newValue[i];
}
},
//-----------------------------------------------------------------------------
/*
'mixColumnsWithValues': function(someValues) {
var result;
var a;
var i,c;
c = 4;
result = [];
a = [];
for (i=0; i<c; i++) {
a[i] = [];
a[i][1] = someValues[i]
if ((a[i][1] & 0x80) == 0x80) {
a[i][2] = (a[i][1] << 1) ^ 0x11b;
} else {
a[i][2] = a[i][1] << 1;
}
a[i][3] = a[i][2] ^ a[i][1];
}
for (i=0; i<c; i++) {
var x;
x = Clipperz.Crypto.AES.mixColumnsMatrix()[i];
result[i] = a[0][x[0]] ^ a[1][x[1]] ^ a[2][x[2]] ^ a[3][x[3]];
}
return result;
},
'mixColumns': function() {
// a mixing operation which operates on the columns of the state, combining the four bytes in each column using a linear transformation.
var data;
var i, c;
data = this.data();
c = 4;
for(i=0; i<c; i++) {
var blockIndex;
var mixedValues;
blockIndex = i * 4;
mixedValues = this.mixColumnsWithValues([ data[blockIndex + 0],
data[blockIndex + 1],
data[blockIndex + 2],
data[blockIndex + 3]]);
data[blockIndex + 0] = mixedValues[0];
data[blockIndex + 1] = mixedValues[1];
data[blockIndex + 2] = mixedValues[2];
data[blockIndex + 3] = mixedValues[3];
}
},
*/
'mixColumns': function() {
// a mixing operation which operates on the columns of the state, combining the four bytes in each column using a linear transformation.
var data;
var i, c;
var a_1;
var a_2;
a_1 = new Array(4);
a_2 = new Array(4);
data = this.data();
c = 4;
for(i=0; i<c; i++) {
var blockIndex;
var ii, cc;
blockIndex = i * 4;
cc = 4;
for (ii=0; ii<cc; ii++) {
var value;
value = data[blockIndex + ii];
a_1[ii] = value;
a_2[ii] = (value & 0x80) ? ((value << 1) ^ 0x011b) : (value << 1);
}
data[blockIndex + 0] = a_2[0] ^ a_1[1] ^ a_2[1] ^ a_1[2] ^ a_1[3];
data[blockIndex + 1] = a_1[0] ^ a_2[1] ^ a_1[2] ^ a_2[2] ^ a_1[3];
data[blockIndex + 2] = a_1[0] ^ a_1[1] ^ a_2[2] ^ a_1[3] ^ a_2[3];
data[blockIndex + 3] = a_1[0] ^ a_2[0] ^ a_1[1] ^ a_1[2] ^ a_2[3];
}
},
//=========================================================================
'spinRound': function(aRoundNumber) {
this.addRoundKey(aRoundNumber);
this.subBytes();
this.shiftRows();
this.mixColumns();
},
'spinLastRound': function() {
this.addRoundKey(this.key().numberOfRounds() - 1);
this.subBytes();
this.shiftRows();
this.addRoundKey(this.key().numberOfRounds());
},
//=========================================================================
'encrypt': function() {
var i,c;
c = this.key().numberOfRounds() - 1;
for (i=0; i<c; i++) {
this.spinRound(i);
}
this.spinLastRound();
},
//=========================================================================
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.AES.VERSION = "0.1";
Clipperz.Crypto.AES.NAME = "Clipperz.Crypto.AES";
MochiKit.Base.update(Clipperz.Crypto.AES, {
// http://www.cs.eku.edu/faculty/styer/460/Encrypt/JS-AES.html
// http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
// http://en.wikipedia.org/wiki/Rijndael_key_schedule
// http://en.wikipedia.org/wiki/Rijndael_S-box
'__repr__': function () {
return "[" + this.NAME + " " + this.VERSION + "]";
},
'toString': function () {
return this.__repr__();
},
//=============================================================================
'_sbox': null,
'sbox': function() {
if (Clipperz.Crypto.AES._sbox == null) {
Clipperz.Crypto.AES._sbox = [
0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
];
}
return Clipperz.Crypto.AES._sbox;
},
//-----------------------------------------------------------------------------
//
// 0 4 8 12 0 4 8 12
// 1 5 9 13 => 5 9 13 1
// 2 6 10 14 10 14 2 6
// 3 7 11 15 15 3 7 11
//
'_shiftRowMapping': null,
'shiftRowMapping': function() {
if (Clipperz.Crypto.AES._shiftRowMapping == null) {
Clipperz.Crypto.AES._shiftRowMapping = [0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 1, 6, 11];
}
return Clipperz.Crypto.AES._shiftRowMapping;
},
//-----------------------------------------------------------------------------
'_mixColumnsMatrix': null,
'mixColumnsMatrix': function() {
if (Clipperz.Crypto.AES._mixColumnsMatrix == null) {
Clipperz.Crypto.AES._mixColumnsMatrix = [ [2, 3, 1 ,1],
[1, 2, 3, 1],
[1, 1, 2, 3],
[3, 1, 1, 2] ];
}
return Clipperz.Crypto.AES._mixColumnsMatrix;
},
'_roundConstants': null,
'roundConstants': function() {
if (Clipperz.Crypto.AES._roundConstants == null) {
Clipperz.Crypto.AES._roundConstants = [ , 1, 2, 4, 8, 16, 32, 64, 128, 27, 54, 108, 216, 171, 77, 154];
// Clipperz.Crypto.AES._roundConstants = [ , 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a];
}
return Clipperz.Crypto.AES._roundConstants;
},
//=============================================================================
'incrementNonce': function(aNonce) {
//Clipperz.Profile.start("Clipperz.Crypto.AES.incrementNonce");
var i;
var done;
done = false;
i = aNonce.length - 1;
while ((i>=0) && (done == false)) {
var currentByteValue;
currentByteValue = aNonce[i];
if (currentByteValue == 0xff) {
aNonce[i] = 0;
if (i>= 0) {
i --;
} else {
done = true;
}
} else {
aNonce[i] = currentByteValue + 1;
done = true;
}
}
//Clipperz.Profile.stop("Clipperz.Crypto.AES.incrementNonce");
},
//-----------------------------------------------------------------------------
'encryptBlock': function(aKey, aBlock) {
var result;
var state;
state = new Clipperz.Crypto.AES.State({block:aBlock, key:aKey});
//is(state.data(), 'before');
state.encrypt();
result = state.data();
return result;
},
//-----------------------------------------------------------------------------
'encryptBlocks': function(aKey, aMessage, aNonce) {
var result;
var nonce;
var self;
var messageIndex;
var messageLength;
var blockSize;
self = Clipperz.Crypto.AES;
blockSize = 128/8;
messageLength = aMessage.length;
nonce = aNonce;
result = aMessage;
messageIndex = 0;
while (messageIndex < messageLength) {
var encryptedBlock;
var i,c;
self.incrementNonce(nonce);
encryptedBlock = self.encryptBlock(aKey, nonce);
if ((messageLength - messageIndex) > blockSize) {
c = blockSize;
} else {
c = messageLength - messageIndex;
}
for (i=0; i<c; i++) {
result[messageIndex + i] = result[messageIndex + i] ^ encryptedBlock[i];
}
messageIndex += blockSize;
}
return result;
},
//-----------------------------------------------------------------------------
'encrypt': function(aKey, someData, aNonce) {
var result;
var nonce;
var encryptedData;
var key;
key = new Clipperz.Crypto.AES.Key({key:aKey});
nonce = aNonce ? aNonce.clone() : Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(128/8);
encryptedData = Clipperz.Crypto.AES.encryptBlocks(key, someData.arrayValues(), nonce.arrayValues());
result = nonce.appendBytes(encryptedData);
return result;
},
//-----------------------------------------------------------------------------
'decrypt': function(aKey, someData) {
var result;
var nonce;
var encryptedData;
var decryptedData;
var dataIterator;
var key;
key = new Clipperz.Crypto.AES.Key({key:aKey});
encryptedData = someData.arrayValues();
nonce = encryptedData.slice(0, (128/8));
encryptedData = encryptedData.slice(128/8);
decryptedData = Clipperz.Crypto.AES.encryptBlocks(key, encryptedData, nonce);
result = new Clipperz.ByteArray(decryptedData);
return result;
},
//=============================================================================
'deferredEncryptExecutionChunk': function(anExecutionContext) {
var result;
var nonce;
var self;
var messageIndex;
var messageLength;
var blockSize;
var executionLimit;
var startTime, endTime;
self = Clipperz.Crypto.AES;
startTime = new Date();
blockSize = 128/8;
messageLength = anExecutionContext.messageArray().length;
nonce = anExecutionContext.nonceArray();
result = anExecutionContext.resultArray();
messageIndex = anExecutionContext.executionStep();
executionLimit = messageIndex + anExecutionContext.elaborationChunkSize();
executionLimit = Math.min(executionLimit, messageLength);
while (messageIndex < executionLimit) {
var encryptedBlock;
var i,c;
self.incrementNonce(nonce);
encryptedBlock = self.encryptBlock(anExecutionContext.key(), nonce);
if ((executionLimit - messageIndex) > blockSize) {
c = blockSize;
} else {
c = executionLimit - messageIndex;
}
for (i=0; i<c; i++) {
result[messageIndex + i] = result[messageIndex + i] ^ encryptedBlock[i];
}
messageIndex += blockSize;
}
anExecutionContext.setExecutionStep(messageIndex);
endTime = new Date();
anExecutionContext.tuneExecutionParameters(endTime - startTime);
return anExecutionContext;
},
//-----------------------------------------------------------------------------
/*
'deferredEncryptBlocks': function(anExecutionContext) {
var deferredResult;
var messageSize;
var i,c;
messageSize = anExecutionContext.messageLength();
deferredResult = new Clipperz.Async.Deferred("AES.deferredEncryptBloks");
c = Math.ceil(messageSize / anExecutionContext.elaborationChunkSize());
for (i=0; i<c; i++) {
deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptExecutionChunk);
deferredResult.addMethod(anExecutionContext, 'pause');
}
deferredResult.callback(anExecutionContext);
return deferredResult;
},
*/
'deferredEncryptBlocks': function(anExecutionContext) {
var deferredResult;
if (! anExecutionContext.isDone()) {
deferredResult = Clipperz.Async.callbacks("Clipperz.Crypto.AES.deferredEncryptBloks", [
Clipperz.Crypto.AES.deferredEncryptExecutionChunk,
MochiKit.Base.method(anExecutionContext, 'pause'),
Clipperz.Crypto.AES.deferredEncryptBlocks
], {trace:false}, anExecutionContext);
} else {
deferredResult = MochiKit.Async.succeed(anExecutionContext);
}
return deferredResult;
},
//-----------------------------------------------------------------------------
'deferredEncrypt': function(aKey, someData, aNonce) {
var deferredResult;
var executionContext;
var result;
var nonce;
var key;
key = new Clipperz.Crypto.AES.Key({key:aKey});
nonce = aNonce ? aNonce.clone() : Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(128/8);
executionContext = new Clipperz.Crypto.AES.DeferredExecutionContext({key:key, message:someData, nonce:nonce});
deferredResult = new Clipperz.Async.Deferred("AES.deferredEncrypt");
//deferredResult.addCallback(function (aValue) { console.log(">>> deferredEncrypt"); return aValue; });
deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptBlocks);
deferredResult.addCallback(function(anExecutionContext) {
var result;
result = anExecutionContext.nonce().clone();
result.appendBytes(anExecutionContext.resultArray());
return result;
});
//deferredResult.addCallback(function (aValue) { console.log("<<< deferredEncrypt"); return aValue; });
deferredResult.callback(executionContext)
return deferredResult;
},
//-----------------------------------------------------------------------------
'deferredDecrypt': function(aKey, someData) {
var deferredResult
var nonce;
var message;
var key;
key = new Clipperz.Crypto.AES.Key({key:aKey});
nonce = someData.split(0, (128/8));
message = someData.split(128/8);
executionContext = new Clipperz.Crypto.AES.DeferredExecutionContext({key:key, message:message, nonce:nonce});
deferredResult = new Clipperz.Async.Deferred("AES.deferredDecrypt");
//deferredResult.addCallback(function (aValue) { console.log(">>> deferredDecrypt"); return aValue; });
deferredResult.addCallback(Clipperz.Crypto.AES.deferredEncryptBlocks);
deferredResult.addCallback(function(anExecutionContext) {
return anExecutionContext.result();
});
//deferredResult.addCallback(function (aValue) { console.log("<<< deferredDecrypt"); return aValue; });
deferredResult.callback(executionContext);
return deferredResult;
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
//Clipperz.Crypto.AES.DeferredExecution = {
// 'chunkSize': 16384, // 4096, // 1024 4096 8192 16384 32768;
// 'pauseTime': 0.02 // 0.2
//}
Clipperz.Crypto.AES.exception = {
'UnsupportedKeySize': new MochiKit.Base.NamedError("Clipperz.Crypto.AES.exception.UnsupportedKeySize")
};

1852
frontend/gamma/js/Clipperz/Crypto/Base.js Normal file
View File

File diff suppressed because it is too large Load Diff

1760
frontend/gamma/js/Clipperz/Crypto/BigInt.js Normal file
View File

File diff suppressed because it is too large Load Diff

1649
frontend/gamma/js/Clipperz/Crypto/BigInt_scoped.js Normal file
View File

File diff suppressed because it is too large Load Diff

550
frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Curve.js Normal file
View File

@@ -0,0 +1,550 @@
/*
Copyright 2008-2011 Clipperz Srl
This file is part of Clipperz's Javascript Crypto Library.
Javascript Crypto Library provides web developers with an extensive
and efficient set of cryptographic functions. The library aims to
obtain maximum execution speed while preserving modularity and
reusability.
For further information about its features and functionalities please
refer to http://www.clipperz.com
* Javascript Crypto Library is free software: you can redistribute
it and/or modify it under the terms of the GNU Affero General Public
License as published by the Free Software Foundation, either version
3 of the License, or (at your option) any later version.
* Javascript Crypto Library is distributed in the hope that it will
be useful, but WITHOUT ANY WARRANTY; without even the implied
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
License along with Javascript Crypto Library. If not, see
<http://www.gnu.org/licenses/>.
*/
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
//}
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
Clipperz.Crypto.ECC.BinaryField.Curve = function(args) {
args = args || {};
this._modulus = args.modulus;
this._a = args.a;
this._b = args.b;
this._G = args.G;
this._r = args.r;
this._h = args.h;
this._finiteField = null;
return this;
}
Clipperz.Crypto.ECC.BinaryField.Curve.prototype = MochiKit.Base.update(null, {
'asString': function() {
return "Clipperz.Crypto.ECC.BinaryField.Curve";
},
//-----------------------------------------------------------------------------
'modulus': function() {
return this._modulus;
},
'a': function() {
return this._a;
},
'b': function() {
return this._b;
},
'G': function() {
return this._G;
},
'r': function() {
return this._r;
},
'h': function() {
return this._h;
},
//-----------------------------------------------------------------------------
'finiteField': function() {
if (this._finiteField == null) {
this._finiteField = new Clipperz.Crypto.ECC.BinaryField.FiniteField({modulus:this.modulus()})
}
return this._finiteField;
},
//-----------------------------------------------------------------------------
'negate': function(aPointA) {
var result;
result = new Clipperz.Crypto.ECC.Point({x:aPointA.x(), y:this.finiteField().add(aPointA.y(), aPointA.x())})
return result;
},
//-----------------------------------------------------------------------------
'add': function(aPointA, aPointB) {
var result;
//console.log(">>> ECC.BinaryField.Curve.add");
if (aPointA.isZero()) {
//console.log("--- pointA == zero");
result = aPointB;
} else if (aPointB.isZero()) {
//console.log("--- pointB == zero");
result = aPointA;
} else if ( (aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) {
//console.log("compare A.x - B.x: ", aPointA.x().compare(aPointB.x()));
//console.log("compare A.y - B.y: ", (aPointA.y().compare(aPointB.y()) != 0));
//console.log("compare B.x.isZero(): ", aPointB.x().isZero());
//console.log("--- result = zero");
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
} else {
//console.log("--- result = ELSE");
var f2m;
var x, y;
var lambda;
var aX, aY, bX, bY;
aX = aPointA.x()._value;
aY = aPointA.y()._value;
bX = aPointB.x()._value;
bY = aPointB.y()._value;
f2m = this.finiteField();
if (aPointA.x().compare(aPointB.x()) != 0) {
//console.log(" a.x != b.x");
lambda = f2m._fastMultiply(
f2m._add(aY, bY),
f2m._inverse(f2m._add(aX, bX))
);
x = f2m._add(this.a()._value, f2m._square(lambda));
f2m._overwriteAdd(x, lambda);
f2m._overwriteAdd(x, aX);
f2m._overwriteAdd(x, bX);
} else {
//console.log(" a.x == b.x");
lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX)));
//console.log(" lambda: " + lambda.asString(16));
x = f2m._add(this.a()._value, f2m._square(lambda));
//console.log(" x (step 1): " + x.asString(16));
f2m._overwriteAdd(x, lambda);
//console.log(" x (step 2): " + x.asString(16));
}
y = f2m._fastMultiply(f2m._add(bX, x), lambda);
//console.log(" y (step 1): " + y.asString(16));
f2m._overwriteAdd(y, x);
//console.log(" y (step 2): " + y.asString(16));
f2m._overwriteAdd(y, bY);
//console.log(" y (step 3): " + y.asString(16));
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)})
}
//console.log("<<< ECC.BinaryField.Curve.add");
return result;
},
//-----------------------------------------------------------------------------
'addTwice': function(aPointA) {
return this.add(aPointA, aPointA);
},
//-----------------------------------------------------------------------------
'overwriteAdd': function(aPointA, aPointB) {
if (aPointA.isZero()) {
// result = aPointB;
aPointA._x._value = aPointB._x._value;
aPointA._y._value = aPointB._y._value;
} else if (aPointB.isZero()) {
// result = aPointA;
} else if ( (aPointA.x().compare(aPointB.x()) == 0) && ((aPointA.y().compare(aPointB.y()) != 0) || aPointB.x().isZero())) {
// result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
aPointA._x = Clipperz.Crypto.ECC.BinaryField.Value.O;
aPointA._y = Clipperz.Crypto.ECC.BinaryField.Value.O;
} else {
var f2m;
var x, y;
var lambda;
var aX, aY, bX, bY;
aX = aPointA.x()._value;
aY = aPointA.y()._value;
bX = aPointB.x()._value;
bY = aPointB.y()._value;
f2m = this.finiteField();
if (aPointA.x().compare(aPointB.x()) != 0) {
//console.log(" a.x != b.x");
lambda = f2m._fastMultiply(
f2m._add(aY, bY),
f2m._inverse(f2m._add(aX, bX))
);
x = f2m._add(this.a()._value, f2m._square(lambda));
f2m._overwriteAdd(x, lambda);
f2m._overwriteAdd(x, aX);
f2m._overwriteAdd(x, bX);
} else {
//console.log(" a.x == b.x");
lambda = f2m._add(bX, f2m._fastMultiply(bY, f2m._inverse(bX)));
//console.log(" lambda: " + lambda.asString(16));
x = f2m._add(this.a()._value, f2m._square(lambda));
//console.log(" x (step 1): " + x.asString(16));
f2m._overwriteAdd(x, lambda);
//console.log(" x (step 2): " + x.asString(16));
}
y = f2m._fastMultiply(f2m._add(bX, x), lambda);
//console.log(" y (step 1): " + y.asString(16));
f2m._overwriteAdd(y, x);
//console.log(" y (step 2): " + y.asString(16));
f2m._overwriteAdd(y, bY);
//console.log(" y (step 3): " + y.asString(16));
// result = new Clipperz.Crypto.ECC.BinaryField.Point({x:new Clipperz.Crypto.ECC.BinaryField.Value(x), y:new Clipperz.Crypto.ECC.BinaryField.Value(y)})
aPointA._x._value = x;
aPointA._y._value = y;
}
//console.log("<<< ECC.BinaryField.Curve.add");
return result;
},
//-----------------------------------------------------------------------------
'multiply': function(aValue, aPoint) {
var result;
//console.profile();
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
if (aValue.isZero() == false) {
var k, Q;
var i;
var countIndex; countIndex = 0;
if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) {
k = aValue;
Q = aPoint;
} else {
MochiKit.Logging.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!");
k = aValue.negate();
Q = this.negate(aPoint);
}
//console.log("k: " + k.toString(16));
//console.log("k.bitSize: " + k.bitSize());
for (i=k.bitSize()-1; i>=0; i--) {
result = this.add(result, result);
// this.overwriteAdd(result, result);
if (k.isBitSet(i)) {
result = this.add(result, Q);
// this.overwriteAdd(result, Q);
}
// if (countIndex==100) {console.log("multiply.break"); break;} else countIndex++;
}
}
//console.profileEnd();
return result;
},
//-----------------------------------------------------------------------------
'deferredMultiply': function(aValue, aPoint) {
var deferredResult;
var result;
MochiKit.Logging.logDebug(">>> deferredMultiply - value: " + aValue + ", point: " + aPoint);
//console.profile("ECC.Curve.multiply");
deferredResult = new MochiKit.Async.Deferred();
//deferredResult.addCallback(function(res) {console.profile("ECC.Curve.deferredMultiply"); return res;} );
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 1: " + res); return res;});
result = new Clipperz.Crypto.ECC.BinaryField.Point({x:Clipperz.Crypto.ECC.BinaryField.Value.O, y:Clipperz.Crypto.ECC.BinaryField.Value.O});
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 2: " + res); return res;});
if (aValue.isZero() == false) {
var k, Q;
var i;
var countIndex; countIndex = 0;
if (aValue.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) > 0) {
k = aValue;
Q = aPoint;
} else {
MochiKit.Logging.logError("The Clipperz.Crypto.ECC.BinaryFields.Value does not work with negative values!!!!");
k = aValue.negate();
Q = this.negate(aPoint);
}
//console.log("k: " + k.toString(16));
//console.log("k.bitSize: " + k.bitSize());
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 3: " + res); return res;});
for (i=k.bitSize()-1; i>=0; i--) {
//MochiKit.Logging.logDebug("====> " + i);
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4 > i = " + i + ": " + res); return res;});
deferredResult.addMethod(this, "addTwice");
//# result = this.add(result, result);
// this.overwriteAdd(result, result);
if (k.isBitSet(i)) {
deferredResult.addMethod(this, "add", Q);
//# result = this.add(result, Q);
// this.overwriteAdd(result, Q);
}
if (i%20 == 0) {deferredResult.addCallback(MochiKit.Async.wait, 0.1);}
// if (countIndex==100) {console.log("multiply.break"); break;} else countIndex++;
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4 < i = " + i + ": " + res); return res;});
}
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 4: " + res); return res;});
}
//#console.profileEnd();
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 5: " + res); return res;});
//deferredResult.addBoth(function(res) {console.profileEnd(); return res;});
//deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("# 6: " + res); return res;});
deferredResult.callback(result);
//# return result;
return deferredResult;
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.ECC.StandardCurves = {};
MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, {
/*
'_K571': null,
'K571': function() {
if (Clipperz.Crypto.ECC.StandardCurves._K571 == null) {
Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.BinaryField.Curve({
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16)
});
}
return Clipperz.Crypto.ECC.StandardCurves._K571;
},
'_K283': null,
'K283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
if (Clipperz.Crypto.ECC.StandardCurves._K283 == null) {
Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.BinaryField.Curve({
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('0', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('4', 16)
});
}
return Clipperz.Crypto.ECC.StandardCurves._K283;
},
*/
//-----------------------------------------------------------------------------
'_B571': null,
'B571': function() { // f(z) = z^571 + z^10 + z^5 + z^2 + 1
if (Clipperz.Crypto.ECC.StandardCurves._B571 == null) {
Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
// S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
// n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16)
});
//-----------------------------------------------------------------------------
//
// Guide to Elliptic Curve Cryptography
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
// - Pag: 56, Alorithm 2.45 (with a typo!!!)
//
//-----------------------------------------------------------------------------
//
// http://www.milw0rm.com/papers/136
//
// -------------------------------------------------------------------------
// Polynomial Reduction Algorithm Modulo f571
// -------------------------------------------------------------------------
//
// Input: Polynomial p(x) of degree 1140 or less, stored as
// an array of 2T machinewords.
// Output: p(x) mod f571(x)
//
// FOR i = T-1, ..., 0 DO
// SET X := P[i+T]
// P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15)
// P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27)
//
// SET X := P[T-1] >> 27
// P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10)
// P[T-1] := P[T-1] & 0x07ffffff
//
// RETURN P[T-1],...,P[0]
//
// -------------------------------------------------------------------------
//
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module;
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) {
var result;
if (aValue.bitSize() > 1140) {
MochiKit.Logging.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation");
result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue);
} else {
var C, T;
var i;
//console.log(">>> binaryField.finiteField.(improved)module");
// C = aValue.value().slice(0);
C = aValue._value.slice(0);
for (i=35; i>=18; i--) {
T = C[i];
C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0);
C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0);
}
T = (C[17] >>> 27);
C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0);
C[17] = (C[17] & 0x07ffffff);
for(i=18; i<=35; i++) {
C[i] = 0;
}
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
//console.log("<<< binaryField.finiteField.(improved)module");
}
return result;
};
}
return Clipperz.Crypto.ECC.StandardCurves._B571;
},
//-----------------------------------------------------------------------------
'_B283': null,
'B283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
if (Clipperz.Crypto.ECC.StandardCurves._B283 == null) {
Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({
// modulus: new Clipperz.Crypto.ECC.BinaryField.Value('10000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
// S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
// n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16)
});
//-----------------------------------------------------------------------------
//
// Guide to Elliptic Curve Cryptography
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
// - Pag: 56, Alorithm 2.43
//
//-----------------------------------------------------------------------------
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module;
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) {
var result;
if (aValue.bitSize() > 564) {
MochiKit.Logging.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation");
result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue);
} else {
var C, T;
var i;
//console.log(">>> binaryField.finiteField.(improved)module");
C = aValue._value.slice(0);
for (i=17; i>=9; i--) {
T = C[i];
C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0);
C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0);
}
T = (C[8] >>> 27);
C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0);
C[8] = (C[8] & 0x07ffffff);
for(i=9; i<=17; i++) {
C[i] = 0;
}
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
//console.log("<<< binaryField.finiteField.(improved)module");
}
return result;
};
}
return Clipperz.Crypto.ECC.StandardCurves._B283;
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################

526
frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/FiniteField.js Normal file
View File

@@ -0,0 +1,526 @@
/*
Copyright 2008-2011 Clipperz Srl
This file is part of Clipperz's Javascript Crypto Library.
Javascript Crypto Library provides web developers with an extensive
and efficient set of cryptographic functions. The library aims to
obtain maximum execution speed while preserving modularity and
reusability.
For further information about its features and functionalities please
refer to http://www.clipperz.com
* Javascript Crypto Library is free software: you can redistribute
it and/or modify it under the terms of the GNU Affero General Public
License as published by the Free Software Foundation, either version
3 of the License, or (at your option) any later version.
* Javascript Crypto Library is distributed in the hope that it will
be useful, but WITHOUT ANY WARRANTY; without even the implied
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
License along with Javascript Crypto Library. If not, see
<http://www.gnu.org/licenses/>.
*/
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
//}
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
Clipperz.Crypto.ECC.BinaryField.FiniteField = function(args) {
args = args || {};
this._modulus = args.modulus;
return this;
}
Clipperz.Crypto.ECC.BinaryField.FiniteField.prototype = MochiKit.Base.update(null, {
'asString': function() {
return "Clipperz.Crypto.ECC.BinaryField.FiniteField (" + this.modulus().asString() + ")";
},
//-----------------------------------------------------------------------------
'modulus': function() {
return this._modulus;
},
//-----------------------------------------------------------------------------
'_module': function(aValue) {
var result;
var modulusComparison;
//console.log(">>> binaryField.finiteField.(standard)module");
modulusComparison = Clipperz.Crypto.ECC.BinaryField.Value._compare(aValue, this.modulus()._value);
if (modulusComparison < 0) {
result = aValue;
} else if (modulusComparison == 0) {
result = [0];
} else {
var modulusBitSize;
var resultBitSize;
result = aValue;
modulusBitSize = this.modulus().bitSize();
resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result);
while (resultBitSize >= modulusBitSize) {
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this.modulus()._value, resultBitSize - modulusBitSize));
resultBitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(result);
}
}
//console.log("<<< binaryField.finiteField.(standard)module");
return result;
},
'module': function(aValue) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._module(aValue._value.slice(0)));
},
//-----------------------------------------------------------------------------
'_add': function(a, b) {
return Clipperz.Crypto.ECC.BinaryField.Value._xor(a, b);
},
'_overwriteAdd': function(a, b) {
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(a, b);
},
'add': function(a, b) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._add(a._value, b._value));
},
//-----------------------------------------------------------------------------
'negate': function(aValue) {
return aValue.clone();
},
//-----------------------------------------------------------------------------
'_multiply': function(a, b) {
var result;
var valueToXor;
var i,c;
result = [0];
valueToXor = b;
c = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(a);
for (i=0; i<c; i++) {
if (Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(a, i) === true) {
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, valueToXor);
}
valueToXor = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(valueToXor, 1);
}
result = this._module(result);
return result;
},
'multiply': function(a, b) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._multiply(a._value, b._value));
},
//-----------------------------------------------------------------------------
'_fastMultiply': function(a, b) {
var result;
var B;
var i,c;
result = [0];
B = b.slice(0); // Is this array copy avoidable?
c = 32;
for (i=0; i<c; i++) {
var ii, cc;
cc = a.length;
for (ii=0; ii<cc; ii++) {
if (((a[ii] >>> i) & 0x01) == 1) {
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor(result, B, ii);
}
}
if (i < (c-1)) {
B = Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft(B, 1);
}
}
result = this._module(result);
return result;
},
'fastMultiply': function(a, b) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._fastMultiply(a._value, b._value));
},
//-----------------------------------------------------------------------------
//
// Guide to Elliptic Curve Cryptography
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
// - Pag: 49, Alorithm 2.34
//
//-----------------------------------------------------------------------------
'_square': function(aValue) {
var result;
var value;
var c,i;
var precomputedValues;
value = aValue;
result = new Array(value.length * 2);
precomputedValues = Clipperz.Crypto.ECC.BinaryField.FiniteField.squarePrecomputedBytes;
c = value.length;
for (i=0; i<c; i++) {
result[i*2] = precomputedValues[(value[i] & 0x000000ff)];
result[i*2] |= ((precomputedValues[(value[i] & 0x0000ff00) >>> 8]) << 16);
result[i*2 + 1] = precomputedValues[(value[i] & 0x00ff0000) >>> 16];
result[i*2 + 1] |= ((precomputedValues[(value[i] & 0xff000000) >>> 24]) << 16);
}
return this._module(result);
},
'square': function(aValue) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._square(aValue._value));
},
//-----------------------------------------------------------------------------
'_inverse': function(aValue) {
var result;
var b, c;
var u, v;
// b = Clipperz.Crypto.ECC.BinaryField.Value.I._value;
b = [1];
// c = Clipperz.Crypto.ECC.BinaryField.Value.O._value;
c = [0];
u = this._module(aValue);
v = this.modulus()._value.slice(0);
while (Clipperz.Crypto.ECC.BinaryField.Value._bitSize(u) > 1) {
var bitDifferenceSize;
bitDifferenceSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(u) - Clipperz.Crypto.ECC.BinaryField.Value._bitSize(v);
if (bitDifferenceSize < 0) {
var swap;
swap = u;
u = v;
v = swap;
swap = c;
c = b;
b = swap;
bitDifferenceSize = -bitDifferenceSize;
}
u = this._add(u, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(v, bitDifferenceSize));
b = this._add(b, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(c, bitDifferenceSize));
// this._overwriteAdd(u, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(v, bitDifferenceSize));
// this._overwriteAdd(b, Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(c, bitDifferenceSize));
}
result = this._module(b);
return result;
},
'inverse': function(aValue) {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._inverse(aValue._value));
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
Clipperz.Crypto.ECC.BinaryField.FiniteField.squarePrecomputedBytes = [
0x0000, // 0 = 0000 0000 -> 0000 0000 0000 0000
0x0001, // 1 = 0000 0001 -> 0000 0000 0000 0001
0x0004, // 2 = 0000 0010 -> 0000 0000 0000 0100
0x0005, // 3 = 0000 0011 -> 0000 0000 0000 0101
0x0010, // 4 = 0000 0100 -> 0000 0000 0001 0000
0x0011, // 5 = 0000 0101 -> 0000 0000 0001 0001
0x0014, // 6 = 0000 0110 -> 0000 0000 0001 0100
0x0015, // 7 = 0000 0111 -> 0000 0000 0001 0101
0x0040, // 8 = 0000 1000 -> 0000 0000 0100 0000
0x0041, // 9 = 0000 1001 -> 0000 0000 0100 0001
0x0044, // 10 = 0000 1010 -> 0000 0000 0100 0100
0x0045, // 11 = 0000 1011 -> 0000 0000 0100 0101
0x0050, // 12 = 0000 1100 -> 0000 0000 0101 0000
0x0051, // 13 = 0000 1101 -> 0000 0000 0101 0001
0x0054, // 14 = 0000 1110 -> 0000 0000 0101 0100
0x0055, // 15 = 0000 1111 -> 0000 0000 0101 0101
0x0100, // 16 = 0001 0000 -> 0000 0001 0000 0000
0x0101, // 17 = 0001 0001 -> 0000 0001 0000 0001
0x0104, // 18 = 0001 0010 -> 0000 0001 0000 0100
0x0105, // 19 = 0001 0011 -> 0000 0001 0000 0101
0x0110, // 20 = 0001 0100 -> 0000 0001 0001 0000
0x0111, // 21 = 0001 0101 -> 0000 0001 0001 0001
0x0114, // 22 = 0001 0110 -> 0000 0001 0001 0100
0x0115, // 23 = 0001 0111 -> 0000 0001 0001 0101
0x0140, // 24 = 0001 1000 -> 0000 0001 0100 0000
0x0141, // 25 = 0001 1001 -> 0000 0001 0100 0001
0x0144, // 26 = 0001 1010 -> 0000 0001 0100 0100
0x0145, // 27 = 0001 1011 -> 0000 0001 0100 0101
0x0150, // 28 = 0001 1100 -> 0000 0001 0101 0000
0x0151, // 28 = 0001 1101 -> 0000 0001 0101 0001
0x0154, // 30 = 0001 1110 -> 0000 0001 0101 0100
0x0155, // 31 = 0001 1111 -> 0000 0001 0101 0101
0x0400, // 32 = 0010 0000 -> 0000 0100 0000 0000
0x0401, // 33 = 0010 0001 -> 0000 0100 0000 0001
0x0404, // 34 = 0010 0010 -> 0000 0100 0000 0100
0x0405, // 35 = 0010 0011 -> 0000 0100 0000 0101
0x0410, // 36 = 0010 0100 -> 0000 0100 0001 0000
0x0411, // 37 = 0010 0101 -> 0000 0100 0001 0001
0x0414, // 38 = 0010 0110 -> 0000 0100 0001 0100
0x0415, // 39 = 0010 0111 -> 0000 0100 0001 0101
0x0440, // 40 = 0010 1000 -> 0000 0100 0100 0000
0x0441, // 41 = 0010 1001 -> 0000 0100 0100 0001
0x0444, // 42 = 0010 1010 -> 0000 0100 0100 0100
0x0445, // 43 = 0010 1011 -> 0000 0100 0100 0101
0x0450, // 44 = 0010 1100 -> 0000 0100 0101 0000
0x0451, // 45 = 0010 1101 -> 0000 0100 0101 0001
0x0454, // 46 = 0010 1110 -> 0000 0100 0101 0100
0x0455, // 47 = 0010 1111 -> 0000 0100 0101 0101
0x0500, // 48 = 0011 0000 -> 0000 0101 0000 0000
0x0501, // 49 = 0011 0001 -> 0000 0101 0000 0001
0x0504, // 50 = 0011 0010 -> 0000 0101 0000 0100
0x0505, // 51 = 0011 0011 -> 0000 0101 0000 0101
0x0510, // 52 = 0011 0100 -> 0000 0101 0001 0000
0x0511, // 53 = 0011 0101 -> 0000 0101 0001 0001
0x0514, // 54 = 0011 0110 -> 0000 0101 0001 0100
0x0515, // 55 = 0011 0111 -> 0000 0101 0001 0101
0x0540, // 56 = 0011 1000 -> 0000 0101 0100 0000
0x0541, // 57 = 0011 1001 -> 0000 0101 0100 0001
0x0544, // 58 = 0011 1010 -> 0000 0101 0100 0100
0x0545, // 59 = 0011 1011 -> 0000 0101 0100 0101
0x0550, // 60 = 0011 1100 -> 0000 0101 0101 0000
0x0551, // 61 = 0011 1101 -> 0000 0101 0101 0001
0x0554, // 62 = 0011 1110 -> 0000 0101 0101 0100
0x0555, // 63 = 0011 1111 -> 0000 0101 0101 0101
0x1000, // 64 = 0100 0000 -> 0001 0000 0000 0000
0x1001, // 65 = 0100 0001 -> 0001 0000 0000 0001
0x1004, // 66 = 0100 0010 -> 0001 0000 0000 0100
0x1005, // 67 = 0100 0011 -> 0001 0000 0000 0101
0x1010, // 68 = 0100 0100 -> 0001 0000 0001 0000
0x1011, // 69 = 0100 0101 -> 0001 0000 0001 0001
0x1014, // 70 = 0100 0110 -> 0001 0000 0001 0100
0x1015, // 71 = 0100 0111 -> 0001 0000 0001 0101
0x1040, // 72 = 0100 1000 -> 0001 0000 0100 0000
0x1041, // 73 = 0100 1001 -> 0001 0000 0100 0001
0x1044, // 74 = 0100 1010 -> 0001 0000 0100 0100
0x1045, // 75 = 0100 1011 -> 0001 0000 0100 0101
0x1050, // 76 = 0100 1100 -> 0001 0000 0101 0000
0x1051, // 77 = 0100 1101 -> 0001 0000 0101 0001
0x1054, // 78 = 0100 1110 -> 0001 0000 0101 0100
0x1055, // 79 = 0100 1111 -> 0001 0000 0101 0101
0x1100, // 80 = 0101 0000 -> 0001 0001 0000 0000
0x1101, // 81 = 0101 0001 -> 0001 0001 0000 0001
0x1104, // 82 = 0101 0010 -> 0001 0001 0000 0100
0x1105, // 83 = 0101 0011 -> 0001 0001 0000 0101
0x1110, // 84 = 0101 0100 -> 0001 0001 0001 0000
0x1111, // 85 = 0101 0101 -> 0001 0001 0001 0001
0x1114, // 86 = 0101 0110 -> 0001 0001 0001 0100
0x1115, // 87 = 0101 0111 -> 0001 0001 0001 0101
0x1140, // 88 = 0101 1000 -> 0001 0001 0100 0000
0x1141, // 89 = 0101 1001 -> 0001 0001 0100 0001
0x1144, // 90 = 0101 1010 -> 0001 0001 0100 0100
0x1145, // 91 = 0101 1011 -> 0001 0001 0100 0101
0x1150, // 92 = 0101 1100 -> 0001 0001 0101 0000
0x1151, // 93 = 0101 1101 -> 0001 0001 0101 0001
0x1154, // 94 = 0101 1110 -> 0001 0001 0101 0100
0x1155, // 95 = 0101 1111 -> 0001 0001 0101 0101
0x1400, // 96 = 0110 0000 -> 0001 0100 0000 0000
0x1401, // 97 = 0110 0001 -> 0001 0100 0000 0001
0x1404, // 98 = 0110 0010 -> 0001 0100 0000 0100
0x1405, // 99 = 0110 0011 -> 0001 0100 0000 0101
0x1410, // 100 = 0110 0100 -> 0001 0100 0001 0000
0x1411, // 101 = 0110 0101 -> 0001 0100 0001 0001
0x1414, // 102 = 0110 0110 -> 0001 0100 0001 0100
0x1415, // 103 = 0110 0111 -> 0001 0100 0001 0101
0x1440, // 104 = 0110 1000 -> 0001 0100 0100 0000
0x1441, // 105 = 0110 1001 -> 0001 0100 0100 0001
0x1444, // 106 = 0110 1010 -> 0001 0100 0100 0100
0x1445, // 107 = 0110 1011 -> 0001 0100 0100 0101
0x1450, // 108 = 0110 1100 -> 0001 0100 0101 0000
0x1451, // 109 = 0110 1101 -> 0001 0100 0101 0001
0x1454, // 110 = 0110 1110 -> 0001 0100 0101 0100
0x1455, // 111 = 0110 1111 -> 0001 0100 0101 0101
0x1500, // 112 = 0111 0000 -> 0001 0101 0000 0000
0x1501, // 113 = 0111 0001 -> 0001 0101 0000 0001
0x1504, // 114 = 0111 0010 -> 0001 0101 0000 0100
0x1505, // 115 = 0111 0011 -> 0001 0101 0000 0101
0x1510, // 116 = 0111 0100 -> 0001 0101 0001 0000
0x1511, // 117 = 0111 0101 -> 0001 0101 0001 0001
0x1514, // 118 = 0111 0110 -> 0001 0101 0001 0100
0x1515, // 119 = 0111 0111 -> 0001 0101 0001 0101
0x1540, // 120 = 0111 1000 -> 0001 0101 0100 0000
0x1541, // 121 = 0111 1001 -> 0001 0101 0100 0001
0x1544, // 122 = 0111 1010 -> 0001 0101 0100 0100
0x1545, // 123 = 0111 1011 -> 0001 0101 0100 0101
0x1550, // 124 = 0111 1100 -> 0001 0101 0101 0000
0x1551, // 125 = 0111 1101 -> 0001 0101 0101 0001
0x1554, // 126 = 0111 1110 -> 0001 0101 0101 0100
0x1555, // 127 = 0111 1111 -> 0001 0101 0101 0101
0x4000, // 128 = 1000 0000 -> 0100 0000 0000 0000
0x4001, // 129 = 1000 0001 -> 0100 0000 0000 0001
0x4004, // 130 = 1000 0010 -> 0100 0000 0000 0100
0x4005, // 131 = 1000 0011 -> 0100 0000 0000 0101
0x4010, // 132 = 1000 0100 -> 0100 0000 0001 0000
0x4011, // 133 = 1000 0101 -> 0100 0000 0001 0001
0x4014, // 134 = 1000 0110 -> 0100 0000 0001 0100
0x4015, // 135 = 1000 0111 -> 0100 0000 0001 0101
0x4040, // 136 = 1000 1000 -> 0100 0000 0100 0000
0x4041, // 137 = 1000 1001 -> 0100 0000 0100 0001
0x4044, // 138 = 1000 1010 -> 0100 0000 0100 0100
0x4045, // 139 = 1000 1011 -> 0100 0000 0100 0101
0x4050, // 140 = 1000 1100 -> 0100 0000 0101 0000
0x4051, // 141 = 1000 1101 -> 0100 0000 0101 0001
0x4054, // 142 = 1000 1110 -> 0100 0000 0101 0100
0x4055, // 143 = 1000 1111 -> 0100 0000 0101 0101
0x4100, // 144 = 1001 0000 -> 0100 0001 0000 0000
0x4101, // 145 = 1001 0001 -> 0100 0001 0000 0001
0x4104, // 146 = 1001 0010 -> 0100 0001 0000 0100
0x4105, // 147 = 1001 0011 -> 0100 0001 0000 0101
0x4110, // 148 = 1001 0100 -> 0100 0001 0001 0000
0x4111, // 149 = 1001 0101 -> 0100 0001 0001 0001
0x4114, // 150 = 1001 0110 -> 0100 0001 0001 0100
0x4115, // 151 = 1001 0111 -> 0100 0001 0001 0101
0x4140, // 152 = 1001 1000 -> 0100 0001 0100 0000
0x4141, // 153 = 1001 1001 -> 0100 0001 0100 0001
0x4144, // 154 = 1001 1010 -> 0100 0001 0100 0100
0x4145, // 155 = 1001 1011 -> 0100 0001 0100 0101
0x4150, // 156 = 1001 1100 -> 0100 0001 0101 0000
0x4151, // 157 = 1001 1101 -> 0100 0001 0101 0001
0x4154, // 158 = 1001 1110 -> 0100 0001 0101 0100
0x4155, // 159 = 1001 1111 -> 0100 0001 0101 0101
0x4400, // 160 = 1010 0000 -> 0100 0100 0000 0000
0x4401, // 161 = 1010 0001 -> 0100 0100 0000 0001
0x4404, // 162 = 1010 0010 -> 0100 0100 0000 0100
0x4405, // 163 = 1010 0011 -> 0100 0100 0000 0101
0x4410, // 164 = 1010 0100 -> 0100 0100 0001 0000
0x4411, // 165 = 1010 0101 -> 0100 0100 0001 0001
0x4414, // 166 = 1010 0110 -> 0100 0100 0001 0100
0x4415, // 167 = 1010 0111 -> 0100 0100 0001 0101
0x4440, // 168 = 1010 1000 -> 0100 0100 0100 0000
0x4441, // 169 = 1010 1001 -> 0100 0100 0100 0001
0x4444, // 170 = 1010 1010 -> 0100 0100 0100 0100
0x4445, // 171 = 1010 1011 -> 0100 0100 0100 0101
0x4450, // 172 = 1010 1100 -> 0100 0100 0101 0000
0x4451, // 173 = 1010 1101 -> 0100 0100 0101 0001
0x4454, // 174 = 1010 1110 -> 0100 0100 0101 0100
0x4455, // 175 = 1010 1111 -> 0100 0100 0101 0101
0x4500, // 176 = 1011 0000 -> 0100 0101 0000 0000
0x4501, // 177 = 1011 0001 -> 0100 0101 0000 0001
0x4504, // 178 = 1011 0010 -> 0100 0101 0000 0100
0x4505, // 179 = 1011 0011 -> 0100 0101 0000 0101
0x4510, // 180 = 1011 0100 -> 0100 0101 0001 0000
0x4511, // 181 = 1011 0101 -> 0100 0101 0001 0001
0x4514, // 182 = 1011 0110 -> 0100 0101 0001 0100
0x4515, // 183 = 1011 0111 -> 0100 0101 0001 0101
0x4540, // 184 = 1011 1000 -> 0100 0101 0100 0000
0x4541, // 185 = 1011 1001 -> 0100 0101 0100 0001
0x4544, // 186 = 1011 1010 -> 0100 0101 0100 0100
0x4545, // 187 = 1011 1011 -> 0100 0101 0100 0101
0x4550, // 188 = 1011 1100 -> 0100 0101 0101 0000
0x4551, // 189 = 1011 1101 -> 0100 0101 0101 0001
0x4554, // 190 = 1011 1110 -> 0100 0101 0101 0100
0x4555, // 191 = 1011 1111 -> 0100 0101 0101 0101
0x5000, // 192 = 1100 0000 -> 0101 0000 0000 0000
0x5001, // 193 = 1100 0001 -> 0101 0000 0000 0001
0x5004, // 194 = 1100 0010 -> 0101 0000 0000 0100
0x5005, // 195 = 1100 0011 -> 0101 0000 0000 0101
0x5010, // 196 = 1100 0100 -> 0101 0000 0001 0000
0x5011, // 197 = 1100 0101 -> 0101 0000 0001 0001
0x5014, // 198 = 1100 0110 -> 0101 0000 0001 0100
0x5015, // 199 = 1100 0111 -> 0101 0000 0001 0101
0x5040, // 200 = 1100 1000 -> 0101 0000 0100 0000
0x5041, // 201 = 1100 1001 -> 0101 0000 0100 0001
0x5044, // 202 = 1100 1010 -> 0101 0000 0100 0100
0x5045, // 203 = 1100 1011 -> 0101 0000 0100 0101
0x5050, // 204 = 1100 1100 -> 0101 0000 0101 0000
0x5051, // 205 = 1100 1101 -> 0101 0000 0101 0001
0x5054, // 206 = 1100 1110 -> 0101 0000 0101 0100
0x5055, // 207 = 1100 1111 -> 0101 0000 0101 0101
0x5100, // 208 = 1101 0000 -> 0101 0001 0000 0000
0x5101, // 209 = 1101 0001 -> 0101 0001 0000 0001
0x5104, // 210 = 1101 0010 -> 0101 0001 0000 0100
0x5105, // 211 = 1101 0011 -> 0101 0001 0000 0101
0x5110, // 212 = 1101 0100 -> 0101 0001 0001 0000
0x5111, // 213 = 1101 0101 -> 0101 0001 0001 0001
0x5114, // 214 = 1101 0110 -> 0101 0001 0001 0100
0x5115, // 215 = 1101 0111 -> 0101 0001 0001 0101
0x5140, // 216 = 1101 1000 -> 0101 0001 0100 0000
0x5141, // 217 = 1101 1001 -> 0101 0001 0100 0001
0x5144, // 218 = 1101 1010 -> 0101 0001 0100 0100
0x5145, // 219 = 1101 1011 -> 0101 0001 0100 0101
0x5150, // 220 = 1101 1100 -> 0101 0001 0101 0000
0x5151, // 221 = 1101 1101 -> 0101 0001 0101 0001
0x5154, // 222 = 1101 1110 -> 0101 0001 0101 0100
0x5155, // 223 = 1101 1111 -> 0101 0001 0101 0101
0x5400, // 224 = 1110 0000 -> 0101 0100 0000 0000
0x5401, // 225 = 1110 0001 -> 0101 0100 0000 0001
0x5404, // 226 = 1110 0010 -> 0101 0100 0000 0100
0x5405, // 227 = 1110 0011 -> 0101 0100 0000 0101
0x5410, // 228 = 1110 0100 -> 0101 0100 0001 0000
0x5411, // 229 = 1110 0101 -> 0101 0100 0001 0001
0x5414, // 230 = 1110 0110 -> 0101 0100 0001 0100
0x5415, // 231 = 1110 0111 -> 0101 0100 0001 0101
0x5440, // 232 = 1110 1000 -> 0101 0100 0100 0000
0x5441, // 233 = 1110 1001 -> 0101 0100 0100 0001
0x5444, // 234 = 1110 1010 -> 0101 0100 0100 0100
0x5445, // 235 = 1110 1011 -> 0101 0100 0100 0101
0x5450, // 236 = 1110 1100 -> 0101 0100 0101 0000
0x5451, // 237 = 1110 1101 -> 0101 0100 0101 0001
0x5454, // 238 = 1110 1110 -> 0101 0100 0101 0100
0x5455, // 239 = 1110 1111 -> 0101 0100 0101 0101
0x5500, // 240 = 1111 0000 -> 0101 0101 0000 0000
0x5501, // 241 = 1111 0001 -> 0101 0101 0000 0001
0x5504, // 242 = 1111 0010 -> 0101 0101 0000 0100
0x5505, // 243 = 1111 0011 -> 0101 0101 0000 0101
0x5510, // 244 = 1111 0100 -> 0101 0101 0001 0000
0x5511, // 245 = 1111 0101 -> 0101 0101 0001 0001
0x5514, // 246 = 1111 0110 -> 0101 0101 0001 0100
0x5515, // 247 = 1111 0111 -> 0101 0101 0001 0101
0x5540, // 248 = 1111 1000 -> 0101 0101 0100 0000
0x5541, // 249 = 1111 1001 -> 0101 0101 0100 0001
0x5544, // 250 = 1111 1010 -> 0101 0101 0100 0100
0x5545, // 251 = 1111 1011 -> 0101 0101 0100 0101
0x5550, // 252 = 1111 1100 -> 0101 0101 0101 0000
0x5551, // 253 = 1111 1101 -> 0101 0101 0101 0001
0x5554, // 254 = 1111 1110 -> 0101 0101 0101 0100
0x5555 // 255 = 1111 1111 -> 0101 0101 0101 0101
]

67
frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Point.js Normal file
View File

@@ -0,0 +1,67 @@
/*
Copyright 2008-2011 Clipperz Srl
This file is part of Clipperz's Javascript Crypto Library.
Javascript Crypto Library provides web developers with an extensive
and efficient set of cryptographic functions. The library aims to
obtain maximum execution speed while preserving modularity and
reusability.
For further information about its features and functionalities please
refer to http://www.clipperz.com
* Javascript Crypto Library is free software: you can redistribute
it and/or modify it under the terms of the GNU Affero General Public
License as published by the Free Software Foundation, either version
3 of the License, or (at your option) any later version.
* Javascript Crypto Library is distributed in the hope that it will
be useful, but WITHOUT ANY WARRANTY; without even the implied
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
License along with Javascript Crypto Library. If not, see
<http://www.gnu.org/licenses/>.
*/
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
//}
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
Clipperz.Crypto.ECC.BinaryField.Point = function(args) {
args = args || {};
this._x = args.x;
this._y = args.y;
return this;
}
Clipperz.Crypto.ECC.BinaryField.Point.prototype = MochiKit.Base.update(null, {
'asString': function() {
return "Clipperz.Crypto.ECC.BinaryField.Point (" + this.x() + ", " + this.y() + ")";
},
//-----------------------------------------------------------------------------
'x': function() {
return this._x;
},
'y': function() {
return this._y;
},
//-----------------------------------------------------------------------------
'isZero': function() {
return (this.x().isZero() && this.y().isZero())
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});

386
frontend/gamma/js/Clipperz/Crypto/ECC/BinaryField/Value.js Normal file
View File

@@ -0,0 +1,386 @@
/*
Copyright 2008-2011 Clipperz Srl
This file is part of Clipperz's Javascript Crypto Library.
Javascript Crypto Library provides web developers with an extensive
and efficient set of cryptographic functions. The library aims to
obtain maximum execution speed while preserving modularity and
reusability.
For further information about its features and functionalities please
refer to http://www.clipperz.com
* Javascript Crypto Library is free software: you can redistribute
it and/or modify it under the terms of the GNU Affero General Public
License as published by the Free Software Foundation, either version
3 of the License, or (at your option) any later version.
* Javascript Crypto Library is distributed in the hope that it will
be useful, but WITHOUT ANY WARRANTY; without even the implied
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
License along with Javascript Crypto Library. If not, see
<http://www.gnu.org/licenses/>.
*/
//try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.ByteArray!";
//}
if (typeof(Clipperz) == 'undefined') { Clipperz = {}; }
if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; }
if (typeof(Clipperz.Crypto.ECC) == 'undefined') { Clipperz.Crypto.ECC = {}; }
if (typeof(Clipperz.Crypto.ECC.BinaryField) == 'undefined') { Clipperz.Crypto.ECC.BinaryField = {}; }
Clipperz.Crypto.ECC.BinaryField.Value = function(aValue, aBase, aBitSize) {
if (aValue.constructor == String) {
var value;
var stringLength;
var numberOfWords;
var i,c;
if (aBase != 16) {
throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase;
}
value = aValue.replace(/ /g, '');
stringLength = value.length;
numberOfWords = Math.ceil(stringLength / 8);
this._value = new Array(numberOfWords);
c = numberOfWords;
for (i=0; i<c; i++) {
var word;
if (i < (c-1)) {
word = parseInt(value.substr(stringLength-((i+1)*8), 8), 16);
} else {
word = parseInt(value.substr(0, stringLength-(i*8)), 16);
}
this._value[i] = word;
}
} else if (aValue.constructor == Array) {
var itemsToCopy;
itemsToCopy = aValue.length;
while (aValue[itemsToCopy - 1] == 0) {
itemsToCopy --;
}
this._value = aValue.slice(0, itemsToCopy);
} else if (aValue.constructor == Number) {
this._value = [aValue];
} else {
// throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType;
}
this._bitSize == aBitSize || null;
return this;
}
Clipperz.Crypto.ECC.BinaryField.Value.prototype = MochiKit.Base.update(null, {
'value': function() {
return this._value;
},
//-----------------------------------------------------------------------------
'wordSize': function() {
return this._value.length
},
//-----------------------------------------------------------------------------
'clone': function() {
return new Clipperz.Crypto.ECC.BinaryField.Value(this._value.slice(0), null, this._bitSize);
},
//-----------------------------------------------------------------------------
'isZero': function() {
return (this.compare(Clipperz.Crypto.ECC.BinaryField.Value.O) == 0);
},
//-----------------------------------------------------------------------------
'asString': function(aBase) {
var result;
var i,c;
if (aBase != 16) {
throw Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase;
}
result = "";
c = this.wordSize();
for (i=0; i<c; i++) {
var wordAsString;
// wordAsString = ("00000000" + this.value()[i].toString(16));
wordAsString = ("00000000" + this._value[i].toString(16));
wordAsString = wordAsString.substring(wordAsString.length - 8);
result = wordAsString + result;
}
result = result.replace(/^(00)*/, "");
if (result == "") {
result = "0";
}
return result;
},
//-----------------------------------------------------------------------------
'shiftLeft': function(aNumberOfBitsToShift) {
// this method seems like it is never called. :-(
return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft(this._value, aNumberOfBitsToShift));
},
//-----------------------------------------------------------------------------
'bitSize': function() {
if (this._bitSize == null) {
this._bitSize = Clipperz.Crypto.ECC.BinaryField.Value._bitSize(this._value);
}
return this._bitSize;
},
//-----------------------------------------------------------------------------
'isBitSet': function(aBitPosition) {
return Clipperz.Crypto.ECC.BinaryField.Value._isBitSet(this._value, aBitPosition);
},
//-----------------------------------------------------------------------------
'xor': function(aValue) {
return new Clipperz.Crypto.ECC.BinaryField.Value(Clipperz.Crypto.ECC.BinaryField.Value._xor(this._value, aValue._value));
},
//-----------------------------------------------------------------------------
'compare': function(aValue) {
return Clipperz.Crypto.ECC.BinaryField.Value._compare(this._value, aValue._value);
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
Clipperz.Crypto.ECC.BinaryField.Value.O = new Clipperz.Crypto.ECC.BinaryField.Value('0', 16);
Clipperz.Crypto.ECC.BinaryField.Value.I = new Clipperz.Crypto.ECC.BinaryField.Value('1', 16);
Clipperz.Crypto.ECC.BinaryField.Value._xor = function(a, b, aFirstItemOffset) {
var result;
var resultSize;
var i,c;
var firstItemOffset;
firstItemOffset = aFirstItemOffset || 0;
resultSize = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset;
result = new Array(resultSize);
c = firstItemOffset;
for (i=0; i<c; i++) {
result[i] = a[i];
}
c = resultSize;
for (i=firstItemOffset; i<c; i++) {
result[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0);
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value._overwriteXor = function(a, b, aFirstItemOffset) {
var i,c;
var firstItemOffset;
firstItemOffset = aFirstItemOffset || 0;
c = Math.max((a.length - firstItemOffset), b.length) + firstItemOffset;
for (i=firstItemOffset; i<c; i++) {
a[i] = (((a[i] || 0) ^ (b[i - firstItemOffset] || 0)) >>> 0);
}
};
Clipperz.Crypto.ECC.BinaryField.Value._shiftLeft = function(aWordArray, aNumberOfBitsToShift) {
var numberOfWordsToShift;
var numberOfBitsToShift;
var result;
var overflowValue;
var nextOverflowValue;
var i,c;
numberOfWordsToShift = Math.floor(aNumberOfBitsToShift / 32);
numberOfBitsToShift = aNumberOfBitsToShift % 32;
result = new Array(aWordArray.length + numberOfWordsToShift);
c = numberOfWordsToShift;
for (i=0; i<c; i++) {
result[i] = 0;
}
overflowValue = 0;
nextOverflowValue = 0;
c = aWordArray.length;
for (i=0; i<c; i++) {
var value;
var resultWord;
// value = this.value()[i];
value = aWordArray[i];
if (numberOfBitsToShift > 0) {
nextOverflowValue = (value >>> (32 - numberOfBitsToShift));
value = value & (0xffffffff >>> numberOfBitsToShift);
resultWord = (((value << numberOfBitsToShift) | overflowValue) >>> 0);
} else {
resultWord = value;
}
result[i+numberOfWordsToShift] = resultWord;
overflowValue = nextOverflowValue;
}
if (overflowValue != 0) {
result[aWordArray.length + numberOfWordsToShift] = overflowValue;
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value._overwriteShiftLeft = function(aWordArray, aNumberOfBitsToShift) {
var numberOfWordsToShift;
var numberOfBitsToShift;
var result;
var overflowValue;
var i,c;
numberOfWordsToShift = Math.floor(aNumberOfBitsToShift / 32);
numberOfBitsToShift = aNumberOfBitsToShift % 32;
result = new Array(aWordArray.length + numberOfWordsToShift);
c = numberOfWordsToShift;
for (i=0; i<c; i++) {
result[i] = 0;
}
overflowValue = 0;
nextOverflowValue = 0;
c = aWordArray.length;
for (i=0; i<c; i++) {
var value;
var resultWord;
// value = this.value()[i];
value = aWordArray[i];
if (numberOfBitsToShift > 0) {
var nextOverflowValue;
nextOverflowValue = (value >>> (32 - numberOfBitsToShift));
value = value & (0xffffffff >>> numberOfBitsToShift);
resultWord = (((value << numberOfBitsToShift) | overflowValue) >>> 0);
} else {
resultWord = value;
}
result[i+numberOfWordsToShift] = resultWord;
overflowValue = nextOverflowValue;
}
if (overflowValue != 0) {
result[aWordArray.length + numberOfWordsToShift] = overflowValue;
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value._bitSize = function(aWordArray) {
var result;
var notNullElements;
var mostValuableWord;
var matchingBitsInMostImportantWord;
var mask;
var i,c;
notNullElements = aWordArray.length;
if ((aWordArray.length == 1) && (aWordArray[0] == 0)) {
result = 0;
} else {
notNullElements --;
while((notNullElements > 0) && (aWordArray[notNullElements] == 0)) {
notNullElements --;
}
result = notNullElements * 32;
mostValuableWord = aWordArray[notNullElements];
matchingBits = 32;
mask = 0x80000000;
while ((matchingBits > 0) && ((mostValuableWord & mask) == 0)) {
matchingBits --;
mask >>>= 1;
}
result += matchingBits;
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value._isBitSet = function(aWordArray, aBitPosition) {
var result;
var byteIndex;
var bitIndexInSelectedByte;
byteIndex = Math.floor(aBitPosition / 32);
bitIndexInSelectedByte = aBitPosition % 32;
if (byteIndex <= aWordArray.length) {
result = ((aWordArray[byteIndex] & (1 << bitIndexInSelectedByte)) != 0);
} else {
result = false;
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value._compare = function(a,b) {
var result;
var i,c;
result = MochiKit.Base.compare(a.length, b.length);
c = a.length;
for (i=0; (i<c) && (result==0); i++) {
//console.log("compare[" + c + " - " + i + " - 1] " + this.value()[c-i-1] + ", " + aValue.value()[c-i-1]);
// result = MochiKit.Base.compare(this.value()[c-i-1], aValue.value()[c-i-1]);
result = MochiKit.Base.compare(a[c-i-1], b[c-i-1]);
}
return result;
};
Clipperz.Crypto.ECC.BinaryField.Value['exception']= {
'UnsupportedBase': new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedBase"),
'UnsupportedConstructorValueType': new MochiKit.Base.NamedError("Clipperz.Crypto.ECC.BinaryField.Value.exception.UnsupportedConstructorValueType")
};

239
frontend/gamma/js/Clipperz/Crypto/ECC/StandardCurves.js Normal file
View File

@@ -0,0 +1,239 @@
/*
Copyright 2008-2011 Clipperz Srl
This file is part of Clipperz's Javascript Crypto Library.
Javascript Crypto Library provides web developers with an extensive
and efficient set of cryptographic functions. The library aims to
obtain maximum execution speed while preserving modularity and
reusability.
For further information about its features and functionalities please
refer to http://www.clipperz.com
* Javascript Crypto Library is free software: you can redistribute
it and/or modify it under the terms of the GNU Affero General Public
License as published by the Free Software Foundation, either version
3 of the License, or (at your option) any later version.
* Javascript Crypto Library is distributed in the hope that it will
be useful, but WITHOUT ANY WARRANTY; without even the implied
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
License along with Javascript Crypto Library. If not, see
<http://www.gnu.org/licenses/>.
*/
//try { if (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.BinaryField.Curve!";
//}
//try { if (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) == 'undefined') { throw ""; }} catch (e) {
// throw "Clipperz.Crypto.ECC depends on Clipperz.Crypto.ECC.Koblitz.Curve!";
//}
Clipperz.Crypto.ECC.StandardCurves = {};
MochiKit.Base.update(Clipperz.Crypto.ECC.StandardCurves, {
//==============================================================================
'_K571': null,
'K571': function() { // f(z) = z^571 + z^10 + z^5 + z^2 + 1
if ((Clipperz.Crypto.ECC.StandardCurves._K571 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) {
Clipperz.Crypto.ECC.StandardCurves._K571 = new Clipperz.Crypto.ECC.Koblitz.Curve({
modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16),
a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16),
b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16),
G: new Clipperz.Crypto.ECC.Koblitz.Point({
x: new Clipperz.Crypto.ECC.Koblitz.Value('026eb7a8 59923fbc 82189631 f8103fe4 ac9ca297 0012d5d4 60248048 01841ca4 43709584 93b205e6 47da304d b4ceb08c bbd1ba39 494776fb 988b4717 4dca88c7 e2945283 a01c8972', 16),
y: new Clipperz.Crypto.ECC.Koblitz.Value('0349dc80 7f4fbf37 4f4aeade 3bca9531 4dd58cec 9f307a54 ffc61efc 006d8a2c 9d4979c0 ac44aea7 4fbebbb9 f772aedc b620b01a 7ba7af1b 320430c8 591984f6 01cd4c14 3ef1c7a3', 16)
}),
r: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16),
h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16),
primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850e1 f19a63e4 b391a8db 917f4138 b630d84b e5d63938 1e91deb4 5cfe778f 637c1001', 16)
});
}
return Clipperz.Crypto.ECC.StandardCurves._K571;
},
//-----------------------------------------------------------------------------
'_K283': null,
'K283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
if ((Clipperz.Crypto.ECC.StandardCurves._K283 == null) && (typeof(Clipperz.Crypto.ECC.Koblitz.Curve) != 'undefined')) {
Clipperz.Crypto.ECC.StandardCurves._K283 = new Clipperz.Crypto.ECC.Koblitz.Curve({
modulus: new Clipperz.Crypto.ECC.Koblitz.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
a: new Clipperz.Crypto.ECC.Koblitz.Value('0', 16),
b: new Clipperz.Crypto.ECC.Koblitz.Value('1', 16),
G: new Clipperz.Crypto.ECC.Koblitz.Point({
x: new Clipperz.Crypto.ECC.Koblitz.Value('0503213f 78ca4488 3f1a3b81 62f188e5 53cd265f 23c1567a 16876913 b0c2ac24 58492836', 16),
y: new Clipperz.Crypto.ECC.Koblitz.Value('01ccda38 0f1c9e31 8d90f95d 07e5426f e87e45c0 e8184698 e4596236 4e341161 77dd2259', 16)
}),
r: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16),
h: new Clipperz.Crypto.ECC.Koblitz.Value('4', 16),
primeFactor: new Clipperz.Crypto.ECC.Koblitz.Value('01ffffff ffffffff ffffffff ffffffff ffffe9ae 2ed07577 265dff7f 94451e06 1e163c61', 16)
});
}
return Clipperz.Crypto.ECC.StandardCurves._K283;
},
//==============================================================================
'_B571': null,
'B571': function() { // f(z) = z^571 + z^10 + z^5 + z^2 + 1
if ((Clipperz.Crypto.ECC.StandardCurves._B571 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) {
Clipperz.Crypto.ECC.StandardCurves._B571 = new Clipperz.Crypto.ECC.BinaryField.Curve({
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000425', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('02f40e7e 2221f295 de297117 b7f3d62f 5c6a97ff cb8ceff1 cd6ba8ce 4a9a18ad 84ffabbd 8efa5933 2be7ad67 56a66e29 4afd185a 78ff12aa 520e4de7 39baca0c 7ffeff7f 2955727a', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('0303001d 34b85629 6c16c0d4 0d3cd775 0a93d1d2 955fa80a a5f40fc8 db7b2abd bde53950 f4c0d293 cdd711a3 5b67fb14 99ae6003 8614f139 4abfa3b4 c850d927 e1e7769c 8eec2d19', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('037bf273 42da639b 6dccfffe b73d69d7 8c6c27a6 009cbbca 1980f853 3921e8a6 84423e43 bab08a57 6291af8f 461bb2a8 b3531d2f 0485c19b 16e2f151 6e23dd3c 1a4827af 1b8ac15b', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff e661ce18 ff559873 08059b18 6823851e c7dd9ca1 161de93d 5174d66e 8382e9bb 2fe84e47', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
// S: new Clipperz.Crypto.ECC.BinaryField.Value('2aa058f73a0e33ab486b0f610410c53a7f132310', 10),
// n: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47', 16)
});
//-----------------------------------------------------------------------------
//
// Guide to Elliptic Curve Cryptography
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
// - Pag: 56, Alorithm 2.45 (with a typo!!!)
//
//-----------------------------------------------------------------------------
//
// http://www.milw0rm.com/papers/136
//
// -------------------------------------------------------------------------
// Polynomial Reduction Algorithm Modulo f571
// -------------------------------------------------------------------------
//
// Input: Polynomial p(x) of degree 1140 or less, stored as
// an array of 2T machinewords.
// Output: p(x) mod f571(x)
//
// FOR i = T-1, ..., 0 DO
// SET X := P[i+T]
// P[i] := P[i] ^ (X<<5) ^ (X<<7) ^ (X<<10) ^ (X<<15)
// P[i+1] := P[i+1] ^ (X>>17) ^ (X>>22) ^ (X>>25) ^ (X>>27)
//
// SET X := P[T-1] >> 27
// P[0] := P[0] ^ X ^ (X<<2) ^ (X<<5) ^ (X<<10)
// P[T-1] := P[T-1] & 0x07ffffff
//
// RETURN P[T-1],...,P[0]
//
// -------------------------------------------------------------------------
//
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module;
Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().module = function(aValue) {
var result;
if (aValue.bitSize() > 1140) {
MochiKit.Logging.logWarning("ECC.StandarCurves.B571.finiteField().module: falling back to default implementation");
result = Clipperz.Crypto.ECC.StandardCurves._B571.finiteField().slowModule(aValue);
} else {
var C, T;
var i;
//console.log(">>> binaryField.finiteField.(improved)module");
// C = aValue.value().slice(0);
C = aValue._value.slice(0);
for (i=35; i>=18; i--) {
T = C[i];
C[i-18] = (((C[i-18] ^ (T<<5) ^ (T<<7) ^ (T<<10) ^ (T<<15)) & 0xffffffff) >>> 0);
C[i-17] = ((C[i-17] ^ (T>>>27) ^ (T>>>25) ^ (T>>>22) ^ (T>>>17)) >>> 0);
}
T = (C[17] >>> 27);
C[0] = ((C[0] ^ T ^ ((T<<2) ^ (T<<5) ^ (T<<10)) & 0xffffffff) >>> 0);
C[17] = (C[17] & 0x07ffffff);
for(i=18; i<=35; i++) {
C[i] = 0;
}
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
//console.log("<<< binaryField.finiteField.(improved)module");
}
return result;
};
}
return Clipperz.Crypto.ECC.StandardCurves._B571;
},
//-----------------------------------------------------------------------------
'_B283': null,
'B283': function() { // f(z) = z^283 + z^12 + z^7 + z^5 + 1
if ((Clipperz.Crypto.ECC.StandardCurves._B283 == null) && (typeof(Clipperz.Crypto.ECC.BinaryField.Curve) != 'undefined')) {
Clipperz.Crypto.ECC.StandardCurves._B283 = new Clipperz.Crypto.ECC.BinaryField.Curve({
modulus: new Clipperz.Crypto.ECC.BinaryField.Value('08000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 000010a1', 16),
a: new Clipperz.Crypto.ECC.BinaryField.Value('1', 16),
b: new Clipperz.Crypto.ECC.BinaryField.Value('027b680a c8b8596d a5a4af8a 19a0303f ca97fd76 45309fa2 a581485a f6263e31 3b79a2f5', 16),
G: new Clipperz.Crypto.ECC.BinaryField.Point({
x: new Clipperz.Crypto.ECC.BinaryField.Value('05f93925 8db7dd90 e1934f8c 70b0dfec 2eed25b8 557eac9c 80e2e198 f8cdbecd 86b12053', 16),
y: new Clipperz.Crypto.ECC.BinaryField.Value('03676854 fe24141c b98fe6d4 b20d02b4 516ff702 350eddb0 826779c8 13f0df45 be8112f4', 16)
}),
r: new Clipperz.Crypto.ECC.BinaryField.Value('03ffffff ffffffff ffffffff ffffffff ffffef90 399660fc 938a9016 5b042a7c efadb307', 16),
h: new Clipperz.Crypto.ECC.BinaryField.Value('2', 16)
});
//-----------------------------------------------------------------------------
//
// Guide to Elliptic Curve Cryptography
// Darrel Hankerson, Alfred Menezes, Scott Vanstone
// - Pag: 56, Alorithm 2.43
//
//-----------------------------------------------------------------------------
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module;
Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().module = function(aValue) {
var result;
if (aValue.bitSize() > 564) {
MochiKit.Logging.logWarning("ECC.StandarCurves.B283.finiteField().module: falling back to default implementation");
result = Clipperz.Crypto.ECC.StandardCurves._B283.finiteField().slowModule(aValue);
} else {
var C, T;
var i;
//console.log(">>> binaryField.finiteField.(improved)module");
C = aValue._value.slice(0);
for (i=17; i>=9; i--) {
T = C[i];
C[i-9] = (((C[i-9] ^ (T<<5) ^ (T<<10) ^ (T<<12) ^ (T<<17)) & 0xffffffff) >>> 0);
C[i-8] = ((C[i-8] ^ (T>>>27) ^ (T>>>22) ^ (T>>>20) ^ (T>>>15)) >>> 0);
}
T = (C[8] >>> 27);
C[0] = ((C[0] ^ T ^ ((T<<5) ^ (T<<7) ^ (T<<12)) & 0xffffffff) >>> 0);
C[8] = (C[8] & 0x07ffffff);
for(i=9; i<=17; i++) {
C[i] = 0;
}
result = new Clipperz.Crypto.ECC.BinaryField.Value(C);
//console.log("<<< binaryField.finiteField.(improved)module");
}
return result;
};
}
return Clipperz.Crypto.ECC.StandardCurves._B283;
},
//==============================================================================
__syntaxFix__: "syntax fix"
});

855
frontend/gamma/js/Clipperz/Crypto/PRNG.js Normal file
View File

@@ -0,0 +1,855 @@
/*
Copyright 2008-2011 Clipperz Srl
This file is part of Clipperz's Javascript Crypto Library.
Javascript Crypto Library provides web developers with an extensive
and efficient set of cryptographic functions. The library aims to
obtain maximum execution speed while preserving modularity and
reusability.
For further information about its features and functionalities please
refer to http://www.clipperz.com
* Javascript Crypto Library is free software: you can redistribute
it and/or modify it under the terms of the GNU Affero General Public
License as published by the Free Software Foundation, either version
3 of the License, or (at your option) any later version.
* Javascript Crypto Library is distributed in the hope that it will
be useful, but WITHOUT ANY WARRANTY; without even the implied
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
License along with Javascript Crypto Library. If not, see
<http://www.gnu.org/licenses/>.
*/
try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!";
}
try { if (typeof(Clipperz.Crypto.SHA) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.SHA!";
}
try { if (typeof(Clipperz.Crypto.AES) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.PRNG depends on Clipperz.Crypto.AES!";
}
if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { Clipperz.Crypto.PRNG = {}; }
//#############################################################################
Clipperz.Crypto.PRNG.EntropyAccumulator = function(args) {
args = args || {};
// MochiKit.Base.bindMethods(this);
this._stack = new Clipperz.ByteArray();
this._maxStackLengthBeforeHashing = args.maxStackLengthBeforeHashing || 256;
return this;
}
Clipperz.Crypto.PRNG.EntropyAccumulator.prototype = MochiKit.Base.update(null, {
'toString': function() {
return "Clipperz.Crypto.PRNG.EntropyAccumulator";
},
//-------------------------------------------------------------------------
'stack': function() {
return this._stack;
},
'setStack': function(aValue) {
this._stack = aValue;
},
'resetStack': function() {
this.stack().reset();
},
'maxStackLengthBeforeHashing': function() {
return this._maxStackLengthBeforeHashing;
},
//-------------------------------------------------------------------------
'addRandomByte': function(aValue) {
this.stack().appendByte(aValue);
if (this.stack().length() > this.maxStackLengthBeforeHashing()) {
this.setStack(Clipperz.Crypto.SHA.sha_d256(this.stack()));
}
},
//-------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.PRNG.RandomnessSource = function(args) {
args = args || {};
MochiKit.Base.bindMethods(this);
this._generator = args.generator || null;
this._sourceId = args.sourceId || null;
this._boostMode = args.boostMode || false;
this._nextPoolIndex = 0;
return this;
}
Clipperz.Crypto.PRNG.RandomnessSource.prototype = MochiKit.Base.update(null, {
'generator': function() {
return this._generator;
},
'setGenerator': function(aValue) {
this._generator = aValue;
},
//-------------------------------------------------------------------------
'boostMode': function() {
return this._boostMode;
},
'setBoostMode': function(aValue) {
this._boostMode = aValue;
},
//-------------------------------------------------------------------------
'sourceId': function() {
return this._sourceId;
},
'setSourceId': function(aValue) {
this._sourceId = aValue;
},
//-------------------------------------------------------------------------
'nextPoolIndex': function() {
return this._nextPoolIndex;
},
'incrementNextPoolIndex': function() {
this._nextPoolIndex = ((this._nextPoolIndex + 1) % this.generator().numberOfEntropyAccumulators());
},
//-------------------------------------------------------------------------
'updateGeneratorWithValue': function(aRandomValue) {
if (this.generator() != null) {
this.generator().addRandomByte(this.sourceId(), this.nextPoolIndex(), aRandomValue);
this.incrementNextPoolIndex();
}
},
//-------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.PRNG.TimeRandomnessSource = function(args) {
args = args || {};
// MochiKit.Base.bindMethods(this);
this._intervalTime = args.intervalTime || 1000;
Clipperz.Crypto.PRNG.RandomnessSource.call(this, args);
this.collectEntropy();
return this;
}
Clipperz.Crypto.PRNG.TimeRandomnessSource.prototype = MochiKit.Base.update(new Clipperz.Crypto.PRNG.RandomnessSource, {
'intervalTime': function() {
return this._intervalTime;
},
//-------------------------------------------------------------------------
'collectEntropy': function() {
var now;
var entropyByte;
var intervalTime;
now = new Date();
entropyByte = (now.getTime() & 0xff);
intervalTime = this.intervalTime();
if (this.boostMode() == true) {
intervalTime = intervalTime / 9;
}
this.updateGeneratorWithValue(entropyByte);
setTimeout(this.collectEntropy, intervalTime);
},
//-------------------------------------------------------------------------
'numberOfRandomBits': function() {
return 5;
},
//-------------------------------------------------------------------------
'pollingFrequency': function() {
return 10;
},
//-------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//*****************************************************************************
Clipperz.Crypto.PRNG.MouseRandomnessSource = function(args) {
args = args || {};
Clipperz.Crypto.PRNG.RandomnessSource.call(this, args);
this._numberOfBitsToCollectAtEachEvent = 4;
this._randomBitsCollector = 0;
this._numberOfRandomBitsCollected = 0;
MochiKit.Signal.connect(document, 'onmousemove', this, 'collectEntropy');
return this;
}
Clipperz.Crypto.PRNG.MouseRandomnessSource.prototype = MochiKit.Base.update(new Clipperz.Crypto.PRNG.RandomnessSource, {
//-------------------------------------------------------------------------
'numberOfBitsToCollectAtEachEvent': function() {
return this._numberOfBitsToCollectAtEachEvent;
},
//-------------------------------------------------------------------------
'randomBitsCollector': function() {
return this._randomBitsCollector;
},
'setRandomBitsCollector': function(aValue) {
this._randomBitsCollector = aValue;
},
'appendRandomBitsToRandomBitsCollector': function(aValue) {
var collectedBits;
var numberOfRandomBitsCollected;
numberOfRandomBitsCollected = this.numberOfRandomBitsCollected();
collectetBits = this.randomBitsCollector() | (aValue << numberOfRandomBitsCollected);
this.setRandomBitsCollector(collectetBits);
numberOfRandomBitsCollected += this.numberOfBitsToCollectAtEachEvent();
if (numberOfRandomBitsCollected == 8) {
this.updateGeneratorWithValue(collectetBits);
numberOfRandomBitsCollected = 0;
this.setRandomBitsCollector(0);
}
this.setNumberOfRandomBitsCollected(numberOfRandomBitsCollected)
},
//-------------------------------------------------------------------------
'numberOfRandomBitsCollected': function() {
return this._numberOfRandomBitsCollected;
},
'setNumberOfRandomBitsCollected': function(aValue) {
this._numberOfRandomBitsCollected = aValue;
},
//-------------------------------------------------------------------------
'collectEntropy': function(anEvent) {
var mouseLocation;
var randomBit;
var mask;
mask = 0xffffffff >>> (32 - this.numberOfBitsToCollectAtEachEvent());
mouseLocation = anEvent.mouse().client;
randomBit = ((mouseLocation.x ^ mouseLocation.y) & mask);
this.appendRandomBitsToRandomBitsCollector(randomBit)
},
//-------------------------------------------------------------------------
'numberOfRandomBits': function() {
return 1;
},
//-------------------------------------------------------------------------
'pollingFrequency': function() {
return 10;
},
//-------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//*****************************************************************************
Clipperz.Crypto.PRNG.KeyboardRandomnessSource = function(args) {
args = args || {};
Clipperz.Crypto.PRNG.RandomnessSource.call(this, args);
this._randomBitsCollector = 0;
this._numberOfRandomBitsCollected = 0;
MochiKit.Signal.connect(document, 'onkeypress', this, 'collectEntropy');
return this;
}
Clipperz.Crypto.PRNG.KeyboardRandomnessSource.prototype = MochiKit.Base.update(new Clipperz.Crypto.PRNG.RandomnessSource, {
//-------------------------------------------------------------------------
'randomBitsCollector': function() {
return this._randomBitsCollector;
},
'setRandomBitsCollector': function(aValue) {
this._randomBitsCollector = aValue;
},
'appendRandomBitToRandomBitsCollector': function(aValue) {
var collectedBits;
var numberOfRandomBitsCollected;
numberOfRandomBitsCollected = this.numberOfRandomBitsCollected();
collectetBits = this.randomBitsCollector() | (aValue << numberOfRandomBitsCollected);
this.setRandomBitsCollector(collectetBits);
numberOfRandomBitsCollected ++;
if (numberOfRandomBitsCollected == 8) {
this.updateGeneratorWithValue(collectetBits);
numberOfRandomBitsCollected = 0;
this.setRandomBitsCollector(0);
}
this.setNumberOfRandomBitsCollected(numberOfRandomBitsCollected)
},
//-------------------------------------------------------------------------
'numberOfRandomBitsCollected': function() {
return this._numberOfRandomBitsCollected;
},
'setNumberOfRandomBitsCollected': function(aValue) {
this._numberOfRandomBitsCollected = aValue;
},
//-------------------------------------------------------------------------
'collectEntropy': function(anEvent) {
/*
var mouseLocation;
var randomBit;
mouseLocation = anEvent.mouse().client;
randomBit = ((mouseLocation.x ^ mouseLocation.y) & 0x1);
this.appendRandomBitToRandomBitsCollector(randomBit);
*/
},
//-------------------------------------------------------------------------
'numberOfRandomBits': function() {
return 1;
},
//-------------------------------------------------------------------------
'pollingFrequency': function() {
return 10;
},
//-------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.PRNG.Fortuna = function(args) {
var i,c;
args = args || {};
this._key = args.seed || null;
if (this._key == null) {
this._counter = 0;
this._key = new Clipperz.ByteArray();
} else {
this._counter = 1;
}
this._aesKey = null;
this._firstPoolReseedLevel = args.firstPoolReseedLevel || 32 || 64;
this._numberOfEntropyAccumulators = args.numberOfEntropyAccumulators || 32;
this._accumulators = [];
c = this.numberOfEntropyAccumulators();
for (i=0; i<c; i++) {
this._accumulators.push(new Clipperz.Crypto.PRNG.EntropyAccumulator());
}
this._randomnessSources = [];
this._reseedCounter = 0;
return this;
}
Clipperz.Crypto.PRNG.Fortuna.prototype = MochiKit.Base.update(null, {
'toString': function() {
return "Clipperz.Crypto.PRNG.Fortuna";
},
//-------------------------------------------------------------------------
'key': function() {
return this._key;
},
'setKey': function(aValue) {
this._key = aValue;
this._aesKey = null;
},
'aesKey': function() {
if (this._aesKey == null) {
this._aesKey = new Clipperz.Crypto.AES.Key({key:this.key()});
}
return this._aesKey;
},
'accumulators': function() {
return this._accumulators;
},
'firstPoolReseedLevel': function() {
return this._firstPoolReseedLevel;
},
//-------------------------------------------------------------------------
'reseedCounter': function() {
return this._reseedCounter;
},
'incrementReseedCounter': function() {
this._reseedCounter = this._reseedCounter +1;
},
//-------------------------------------------------------------------------
'reseed': function() {
var newKeySeed;
var reseedCounter;
var reseedCounterMask;
var i, c;
newKeySeed = this.key();
this.incrementReseedCounter();
reseedCounter = this.reseedCounter();
c = this.numberOfEntropyAccumulators();
reseedCounterMask = 0xffffffff >>> (32 - c);
for (i=0; i<c; i++) {
if ((i == 0) || ((reseedCounter & (reseedCounterMask >>> (c - i))) == 0)) {
newKeySeed.appendBlock(this.accumulators()[i].stack());
this.accumulators()[i].resetStack();
}
}
if (reseedCounter == 1) {
c = this.randomnessSources().length;
for (i=0; i<c; i++) {
this.randomnessSources()[i].setBoostMode(false);
}
}
this.setKey(Clipperz.Crypto.SHA.sha_d256(newKeySeed));
if (reseedCounter == 1) {
//MochiKit.Logging.logDebug("### PRNG.readyToGenerateRandomBytes");
Clipperz.log("### PRNG.readyToGenerateRandomBytes");
MochiKit.Signal.signal(this, 'readyToGenerateRandomBytes');
}
MochiKit.Signal.signal(this, 'reseeded');
},
//-------------------------------------------------------------------------
'isReadyToGenerateRandomValues': function() {
return this.reseedCounter() != 0;
},
//-------------------------------------------------------------------------
'entropyLevel': function() {
return this.accumulators()[0].stack().length() + (this.reseedCounter() * this.firstPoolReseedLevel());
},
//-------------------------------------------------------------------------
'counter': function() {
return this._counter;
},
'incrementCounter': function() {
this._counter += 1;
},
'counterBlock': function() {
var result;
result = new Clipperz.ByteArray().appendWords(this.counter(), 0, 0, 0);
return result;
},
//-------------------------------------------------------------------------
'getRandomBlock': function() {
var result;
result = new Clipperz.ByteArray(Clipperz.Crypto.AES.encryptBlock(this.aesKey(), this.counterBlock().arrayValues()));
this.incrementCounter();
return result;
},
//-------------------------------------------------------------------------
'getRandomBytes': function(aSize) {
var result;
if (this.isReadyToGenerateRandomValues()) {
var i,c;
var newKey;
result = new Clipperz.ByteArray();
c = Math.ceil(aSize / (128 / 8));
for (i=0; i<c; i++) {
result.appendBlock(this.getRandomBlock());
}
if (result.length() != aSize) {
result = result.split(0, aSize);
}
newKey = this.getRandomBlock().appendBlock(this.getRandomBlock());
this.setKey(newKey);
} else {
MochiKit.Logging.logWarning("Fortuna generator has not enough entropy, yet!");
throw Clipperz.Crypto.PRNG.exception.NotEnoughEntropy;
}
return result;
},
//-------------------------------------------------------------------------
'addRandomByte': function(aSourceId, aPoolId, aRandomValue) {
var selectedAccumulator;
selectedAccumulator = this.accumulators()[aPoolId];
selectedAccumulator.addRandomByte(aRandomValue);
if (aPoolId == 0) {
MochiKit.Signal.signal(this, 'addedRandomByte')
if (selectedAccumulator.stack().length() > this.firstPoolReseedLevel()) {
this.reseed();
}
}
},
//-------------------------------------------------------------------------
'numberOfEntropyAccumulators': function() {
return this._numberOfEntropyAccumulators;
},
//-------------------------------------------------------------------------
'randomnessSources': function() {
return this._randomnessSources;
},
'addRandomnessSource': function(aRandomnessSource) {
aRandomnessSource.setGenerator(this);
aRandomnessSource.setSourceId(this.randomnessSources().length);
this.randomnessSources().push(aRandomnessSource);
if (this.isReadyToGenerateRandomValues() == false) {
aRandomnessSource.setBoostMode(true);
}
},
//-------------------------------------------------------------------------
'deferredEntropyCollection': function(aValue) {
var result;
//MochiKit.Logging.logDebug(">>> PRNG.deferredEntropyCollection");
if (this.isReadyToGenerateRandomValues()) {
//MochiKit.Logging.logDebug("--- PRNG.deferredEntropyCollection - 1");
result = aValue;
} else {
//MochiKit.Logging.logDebug("--- PRNG.deferredEntropyCollection - 2");
var deferredResult;
// Clipperz.NotificationCenter.notify(this, 'updatedProgressState', 'collectingEntropy', true);
deferredResult = new Clipperz.Async.Deferred("PRNG.deferredEntropyCollection");
// deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("1.2.1 - PRNG.deferredEntropyCollection - 1: " + res); return res;});
deferredResult.addCallback(MochiKit.Base.partial(MochiKit.Async.succeed, aValue));
// deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("1.2.2 - PRNG.deferredEntropyCollection - 2: " + res); return res;});
MochiKit.Signal.connect(this,
'readyToGenerateRandomBytes',
deferredResult,
'callback');
result = deferredResult;
}
//MochiKit.Logging.logDebug("<<< PRNG.deferredEntropyCollection - result: " + result);
return result;
},
//-------------------------------------------------------------------------
'fastEntropyAccumulationForTestingPurpose': function() {
while (! this.isReadyToGenerateRandomValues()) {
this.addRandomByte(Math.floor(Math.random() * 32), Math.floor(Math.random() * 32), Math.floor(Math.random() * 256));
}
},
//-------------------------------------------------------------------------
'dump': function(appendToDoc) {
var tbl;
var i,c;
tbl = document.createElement("table");
tbl.border = 0;
with (tbl.style) {
border = "1px solid lightgrey";
fontFamily = 'Helvetica, Arial, sans-serif';
fontSize = '8pt';
//borderCollapse = "collapse";
}
var hdr = tbl.createTHead();
var hdrtr = hdr.insertRow(0);
// document.createElement("tr");
{
var ntd;
ntd = hdrtr.insertCell(0);
ntd.style.borderBottom = "1px solid lightgrey";
ntd.style.borderRight = "1px solid lightgrey";
ntd.appendChild(document.createTextNode("#"));
ntd = hdrtr.insertCell(1);
ntd.style.borderBottom = "1px solid lightgrey";
ntd.style.borderRight = "1px solid lightgrey";
ntd.appendChild(document.createTextNode("s"));
ntd = hdrtr.insertCell(2);
ntd.colSpan = this.firstPoolReseedLevel();
ntd.style.borderBottom = "1px solid lightgrey";
ntd.style.borderRight = "1px solid lightgrey";
ntd.appendChild(document.createTextNode("base values"));
ntd = hdrtr.insertCell(3);
ntd.colSpan = 20;
ntd.style.borderBottom = "1px solid lightgrey";
ntd.appendChild(document.createTextNode("extra values"));
}
c = this.accumulators().length;
for (i=0; i<c ; i++) {
var currentAccumulator;
var bdytr;
var bdytd;
var ii, cc;
currentAccumulator = this.accumulators()[i]
bdytr = tbl.insertRow(true);
bdytd = bdytr.insertCell(0);
bdytd.style.borderRight = "1px solid lightgrey";
bdytd.style.color = "lightgrey";
bdytd.appendChild(document.createTextNode("" + i));
bdytd = bdytr.insertCell(1);
bdytd.style.borderRight = "1px solid lightgrey";
bdytd.style.color = "gray";
bdytd.appendChild(document.createTextNode("" + currentAccumulator.stack().length()));
cc = Math.max(currentAccumulator.stack().length(), this.firstPoolReseedLevel());
for (ii=0; ii<cc; ii++) {
var cellText;
bdytd = bdytr.insertCell(ii + 2);
if (ii < currentAccumulator.stack().length()) {
cellText = Clipperz.ByteArray.byteToHex(currentAccumulator.stack().byteAtIndex(ii));
} else {
cellText = "_";
}
if (ii == (this.firstPoolReseedLevel() - 1)) {
bdytd.style.borderRight = "1px solid lightgrey";
}
bdytd.appendChild(document.createTextNode(cellText));
}
}
if (appendToDoc) {
var ne = document.createElement("div");
ne.id = "entropyGeneratorStatus";
with (ne.style) {
fontFamily = "Courier New, monospace";
fontSize = "12px";
lineHeight = "16px";
borderTop = "1px solid black";
padding = "10px";
}
if (document.getElementById(ne.id)) {
MochiKit.DOM.swapDOM(ne.id, ne);
} else {
document.body.appendChild(ne);
}
ne.appendChild(tbl);
}
return tbl;
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
Clipperz.Crypto.PRNG.Random = function(args) {
args = args || {};
// MochiKit.Base.bindMethods(this);
return this;
}
Clipperz.Crypto.PRNG.Random.prototype = MochiKit.Base.update(null, {
'toString': function() {
return "Clipperz.Crypto.PRNG.Random";
},
//-------------------------------------------------------------------------
'getRandomBytes': function(aSize) {
//Clipperz.Profile.start("Clipperz.Crypto.PRNG.Random.getRandomBytes");
var result;
var i,c;
result = new Clipperz.ByteArray()
c = aSize || 1;
for (i=0; i<c; i++) {
result.appendByte((Math.random()*255) & 0xff);
}
//Clipperz.Profile.stop("Clipperz.Crypto.PRNG.Random.getRandomBytes");
return result;
},
//-------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
_clipperz_crypt_prng_defaultPRNG = null;
Clipperz.Crypto.PRNG.defaultRandomGenerator = function() {
if (_clipperz_crypt_prng_defaultPRNG == null) {
_clipperz_crypt_prng_defaultPRNG = new Clipperz.Crypto.PRNG.Fortuna();
//.............................................................
//
// TimeRandomnessSource
//
//.............................................................
{
var newRandomnessSource;
newRandomnessSource = new Clipperz.Crypto.PRNG.TimeRandomnessSource({intervalTime:111});
_clipperz_crypt_prng_defaultPRNG.addRandomnessSource(newRandomnessSource);
}
//.............................................................
//
// MouseRandomnessSource
//
//.............................................................
{
var newRandomnessSource;
newRandomnessSource = new Clipperz.Crypto.PRNG.MouseRandomnessSource();
_clipperz_crypt_prng_defaultPRNG.addRandomnessSource(newRandomnessSource);
}
//.............................................................
//
// KeyboardRandomnessSource
//
//.............................................................
{
var newRandomnessSource;
newRandomnessSource = new Clipperz.Crypto.PRNG.KeyboardRandomnessSource();
_clipperz_crypt_prng_defaultPRNG.addRandomnessSource(newRandomnessSource);
}
}
return _clipperz_crypt_prng_defaultPRNG;
};
//#############################################################################
Clipperz.Crypto.PRNG.exception = {
NotEnoughEntropy: new MochiKit.Base.NamedError("Clipperz.Crypto.PRNG.exception.NotEnoughEntropy")
};
MochiKit.DOM.addLoadEvent(Clipperz.Crypto.PRNG.defaultRandomGenerator);

151
frontend/gamma/js/Clipperz/Crypto/RSA.js Normal file
View File

@@ -0,0 +1,151 @@
/*
Copyright 2008-2011 Clipperz Srl
This file is part of Clipperz's Javascript Crypto Library.
Javascript Crypto Library provides web developers with an extensive
and efficient set of cryptographic functions. The library aims to
obtain maximum execution speed while preserving modularity and
reusability.
For further information about its features and functionalities please
refer to http://www.clipperz.com
* Javascript Crypto Library is free software: you can redistribute
it and/or modify it under the terms of the GNU Affero General Public
License as published by the Free Software Foundation, either version
3 of the License, or (at your option) any later version.
* Javascript Crypto Library is distributed in the hope that it will
be useful, but WITHOUT ANY WARRANTY; without even the implied
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
License along with Javascript Crypto Library. If not, see
<http://www.gnu.org/licenses/>.
*/
try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.RSA depends on Clipperz.Crypto.BigInt!";
}
if (typeof(Clipperz.Crypto.RSA) == 'undefined') { Clipperz.Crypto.RSA = {}; }
Clipperz.Crypto.RSA.VERSION = "0.1";
Clipperz.Crypto.RSA.NAME = "Clipperz.RSA";
//#############################################################################
MochiKit.Base.update(Clipperz.Crypto.RSA, {
//-------------------------------------------------------------------------
'publicKeyWithValues': function (e, d, n) {
var result;
result = {};
if (e.isBigInt) {
result.e = e;
} else {
result.e = new Clipperz.Crypto.BigInt(e, 16);
}
if (d.isBigInt) {
result.d = d;
} else {
result.d = new Clipperz.Crypto.BigInt(d, 16);
}
if (n.isBigInt) {
result.n = n;
} else {
result.n = new Clipperz.Crypto.BigInt(n, 16);
}
return result;
},
'privateKeyWithValues': function(e, d, n) {
return Clipperz.Crypto.RSA.publicKeyWithValues(e, d, n);
},
//-----------------------------------------------------------------------------
'encryptUsingPublicKey': function (aKey, aMessage) {
var messageValue;
var result;
messageValue = new Clipperz.Crypto.BigInt(aMessage, 16);
result = messageValue.powerModule(aKey.e, aKey.n);
return result.asString(16);
},
//.............................................................................
'decryptUsingPublicKey': function (aKey, aMessage) {
return Clipperz.Crypto.RSA.encryptUsingPublicKey(aKey, aMessage);
},
//-----------------------------------------------------------------------------
'encryptUsingPrivateKey': function (aKey, aMessage) {
var messageValue;
var result;
messageValue = new Clipperz.Crypto.BigInt(aMessage, 16);
result = messageValue.powerModule(aKey.d, aKey.n);
return result.asString(16);
},
//.............................................................................
'decryptUsingPrivateKey': function (aKey, aMessage) {
return Clipperz.Crypto.RSA.encryptUsingPrivateKey(aKey, aMessage);
},
//-----------------------------------------------------------------------------
'generatePublicKey': function(aNumberOfBits) {
var result;
var e;
var d;
var n;
e = new Clipperz.Crypto.BigInt("10001", 16);
{
var p, q;
var phi;
do {
p = Clipperz.Crypto.BigInt.randomPrime(aNumberOfBits);
} while (p.module(e).equals(1));
do {
q = Clipperz.Crypto.BigInt.randomPrime(aNumberOfBits);
} while ((q.equals(p)) || (q.module(e).equals(1)));
n = p.multiply(q);
phi = (p.subtract(1).multiply(q.subtract(1)));
d = e.powerModule(-1, phi);
}
result = Clipperz.Crypto.RSA.publicKeyWithValues(e, d, n);
return result;
},
//-------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
//-------------------------------------------------------------------------
});
//#############################################################################

301
frontend/gamma/js/Clipperz/Crypto/SHA.js Normal file
View File

@@ -0,0 +1,301 @@
/*
Copyright 2008-2011 Clipperz Srl
This file is part of Clipperz's Javascript Crypto Library.
Javascript Crypto Library provides web developers with an extensive
and efficient set of cryptographic functions. The library aims to
obtain maximum execution speed while preserving modularity and
reusability.
For further information about its features and functionalities please
refer to http://www.clipperz.com
* Javascript Crypto Library is free software: you can redistribute
it and/or modify it under the terms of the GNU Affero General Public
License as published by the Free Software Foundation, either version
3 of the License, or (at your option) any later version.
* Javascript Crypto Library is distributed in the hope that it will
be useful, but WITHOUT ANY WARRANTY; without even the implied
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
License along with Javascript Crypto Library. If not, see
<http://www.gnu.org/licenses/>.
*/
try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!";
}
if (typeof(Clipperz.Crypto) == 'undefined') { Clipperz.Crypto = {}; }
if (typeof(Clipperz.Crypto.SHA) == 'undefined') { Clipperz.Crypto.SHA = {}; }
Clipperz.Crypto.SHA.VERSION = "0.3";
Clipperz.Crypto.SHA.NAME = "Clipperz.Crypto.SHA";
MochiKit.Base.update(Clipperz.Crypto.SHA, {
'__repr__': function () {
return "[" + this.NAME + " " + this.VERSION + "]";
},
'toString': function () {
return this.__repr__();
},
//-----------------------------------------------------------------------------
'rotateRight': function(aValue, aNumberOfBits) {
//Clipperz.Profile.start("Clipperz.Crypto.SHA.rotateRight");
var result;
result = (aValue >>> aNumberOfBits) | (aValue << (32 - aNumberOfBits));
//Clipperz.Profile.stop("Clipperz.Crypto.SHA.rotateRight");
return result;
},
'shiftRight': function(aValue, aNumberOfBits) {
//Clipperz.Profile.start("Clipperz.Crypto.SHA.shiftRight");
var result;
result = aValue >>> aNumberOfBits;
//Clipperz.Profile.stop("Clipperz.Crypto.SHA.shiftRight");
return result;
},
//-----------------------------------------------------------------------------
'safeAdd': function() {
//Clipperz.Profile.start("Clipperz.Crypto.SHA.safeAdd");
var result;
var i, c;
result = arguments[0];
c = arguments.length;
for (i=1; i<c; i++) {
var lowerBytesSum;
lowerBytesSum = (result & 0xffff) + (arguments[i] & 0xffff);
result = (((result >> 16) + (arguments[i] >> 16) + (lowerBytesSum >> 16)) << 16) | (lowerBytesSum & 0xffff);
}
//Clipperz.Profile.stop("Clipperz.Crypto.SHA.safeAdd");
return result;
},
//-----------------------------------------------------------------------------
'sha256_array': function(aValue) {
//Clipperz.Profile.start("Clipperz.Crypto.SHA.sha256_array");
var result;
var message;
var h0, h1, h2, h3, h4, h5, h6, h7;
var k;
var messageLength;
var messageLengthInBits;
var _i, _c;
var charBits;
var rotateRight;
var shiftRight;
var safeAdd;
var bytesPerBlock;
var currentMessageIndex;
bytesPerBlock = 512/8;
rotateRight = Clipperz.Crypto.SHA.rotateRight;
shiftRight = Clipperz.Crypto.SHA.shiftRight;
safeAdd = Clipperz.Crypto.SHA.safeAdd;
charBits = 8;
h0 = 0x6a09e667;
h1 = 0xbb67ae85;
h2 = 0x3c6ef372;
h3 = 0xa54ff53a;
h4 = 0x510e527f;
h5 = 0x9b05688c;
h6 = 0x1f83d9ab;
h7 = 0x5be0cd19;
k = [ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2];
message = aValue;
messageLength = message.length;
//Pre-processing:
message.push(0x80); // append a single "1" bit to message
_c = (512 - (((messageLength + 1) * charBits) % 512) - 64) / charBits;
if (_c < 0) {
_c = _c + (512 / charBits);
}
for (_i=0; _i<_c; _i++) {
message.push(0x00); // append "0" bits until message length ≡ 448 ≡ -64 (mod 512)
}
messageLengthInBits = messageLength * charBits;
message.push(0x00); // the 4 most high byte are alway 0 as message length is represented with a 32bit value;
message.push(0x00);
message.push(0x00);
message.push(0x00);
message.push((messageLengthInBits >> 24) & 0xff);
message.push((messageLengthInBits >> 16) & 0xff);
message.push((messageLengthInBits >> 8) & 0xff);
message.push( messageLengthInBits & 0xff);
currentMessageIndex = 0;
while(currentMessageIndex < message.length) {
var w;
var a, b, c, d, e, f, g, h;
w = Array(64);
_c = 16;
for (_i=0; _i<_c; _i++) {
var _j;
_j = currentMessageIndex + _i*4;
w[_i] = (message[_j] << 24) | (message[_j + 1] << 16) | (message[_j + 2] << 8) | (message[_j + 3] << 0);
}
_c = 64;
for (_i=16; _i<_c; _i++) {
var s0, s1;
s0 = (rotateRight(w[_i-15], 7)) ^ (rotateRight(w[_i-15], 18)) ^ (shiftRight(w[_i-15], 3));
s1 = (rotateRight(w[_i-2], 17)) ^ (rotateRight(w[_i-2], 19)) ^ (shiftRight(w[_i-2], 10));
w[_i] = safeAdd(w[_i-16], s0, w[_i-7], s1);
}
a=h0; b=h1; c=h2; d=h3; e=h4; f=h5; g=h6; h=h7;
_c = 64;
for (_i=0; _i<_c; _i++) {
var s0, s1, ch, maj, t1, t2;
s0 = (rotateRight(a, 2)) ^ (rotateRight(a, 13)) ^ (rotateRight(a, 22));
maj = (a & b) ^ (a & c) ^ (b & c);
t2 = safeAdd(s0, maj);
s1 = (rotateRight(e, 6)) ^ (rotateRight(e, 11)) ^ (rotateRight(e, 25));
ch = (e & f) ^ ((~e) & g);
t1 = safeAdd(h, s1, ch, k[_i], w[_i]);
h = g;
g = f;
f = e;
e = safeAdd(d, t1);
d = c;
c = b;
b = a;
a = safeAdd(t1, t2);
}
h0 = safeAdd(h0, a);
h1 = safeAdd(h1, b);
h2 = safeAdd(h2, c);
h3 = safeAdd(h3, d);
h4 = safeAdd(h4, e);
h5 = safeAdd(h5, f);
h6 = safeAdd(h6, g);
h7 = safeAdd(h7, h);
currentMessageIndex += bytesPerBlock;
}
result = new Array(256/8);
result[0] = (h0 >> 24) & 0xff;
result[1] = (h0 >> 16) & 0xff;
result[2] = (h0 >> 8) & 0xff;
result[3] = h0 & 0xff;
result[4] = (h1 >> 24) & 0xff;
result[5] = (h1 >> 16) & 0xff;
result[6] = (h1 >> 8) & 0xff;
result[7] = h1 & 0xff;
result[8] = (h2 >> 24) & 0xff;
result[9] = (h2 >> 16) & 0xff;
result[10] = (h2 >> 8) & 0xff;
result[11] = h2 & 0xff;
result[12] = (h3 >> 24) & 0xff;
result[13] = (h3 >> 16) & 0xff;
result[14] = (h3 >> 8) & 0xff;
result[15] = h3 & 0xff;
result[16] = (h4 >> 24) & 0xff;
result[17] = (h4 >> 16) & 0xff;
result[18] = (h4 >> 8) & 0xff;
result[19] = h4 & 0xff;
result[20] = (h5 >> 24) & 0xff;
result[21] = (h5 >> 16) & 0xff;
result[22] = (h5 >> 8) & 0xff;
result[23] = h5 & 0xff;
result[24] = (h6 >> 24) & 0xff;
result[25] = (h6 >> 16) & 0xff;
result[26] = (h6 >> 8) & 0xff;
result[27] = h6 & 0xff;
result[28] = (h7 >> 24) & 0xff;
result[29] = (h7 >> 16) & 0xff;
result[30] = (h7 >> 8) & 0xff;
result[31] = h7 & 0xff;
//Clipperz.Profile.stop("Clipperz.Crypto.SHA.sha256_array");
return result;
},
//-----------------------------------------------------------------------------
'sha256': function(aValue) {
//Clipperz.Profile.start("Clipperz.Crypto.SHA.sha256");
var result;
var resultArray;
var valueArray;
valueArray = aValue.arrayValues();
resultArray = Clipperz.Crypto.SHA.sha256_array(valueArray);
result = new Clipperz.ByteArray(resultArray);
//Clipperz.Profile.stop("Clipperz.Crypto.SHA.sha256");
return result;
},
//-----------------------------------------------------------------------------
'sha_d256': function(aValue) {
//Clipperz.Profile.start("Clipperz.Crypto.SHA.sha_d256");
var result;
var resultArray;
var valueArray;
valueArray = aValue.arrayValues();
resultArray = Clipperz.Crypto.SHA.sha256_array(valueArray);
resultArray = Clipperz.Crypto.SHA.sha256_array(resultArray);
result = new Clipperz.ByteArray(resultArray);
//Clipperz.Profile.stop("Clipperz.Crypto.SHA.sha256");
return result;
},
//-----------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});

331
frontend/gamma/js/Clipperz/Crypto/SRP.js Normal file
View File

@@ -0,0 +1,331 @@
/*
Copyright 2008-2011 Clipperz Srl
This file is part of Clipperz's Javascript Crypto Library.
Javascript Crypto Library provides web developers with an extensive
and efficient set of cryptographic functions. The library aims to
obtain maximum execution speed while preserving modularity and
reusability.
For further information about its features and functionalities please
refer to http://www.clipperz.com
* Javascript Crypto Library is free software: you can redistribute
it and/or modify it under the terms of the GNU Affero General Public
License as published by the Free Software Foundation, either version
3 of the License, or (at your option) any later version.
* Javascript Crypto Library is distributed in the hope that it will
be useful, but WITHOUT ANY WARRANTY; without even the implied
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Affero General Public License for more details.
* You should have received a copy of the GNU Affero General Public
License along with Javascript Crypto Library. If not, see
<http://www.gnu.org/licenses/>.
*/
try { if (typeof(Clipperz.ByteArray) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.PRNG depends on Clipperz.ByteArray!";
}
try { if (typeof(Clipperz.Crypto.BigInt) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.BigInt!";
}
try { if (typeof(Clipperz.Crypto.PRNG) == 'undefined') { throw ""; }} catch (e) {
throw "Clipperz.Crypto.SRP depends on Clipperz.Crypto.PRNG!";
}
if (typeof(Clipperz.Crypto.SRP) == 'undefined') { Clipperz.Crypto.SRP = {}; }
Clipperz.Crypto.SRP.VERSION = "0.1";
Clipperz.Crypto.SRP.NAME = "Clipperz.Crypto.SRP";
//#############################################################################
MochiKit.Base.update(Clipperz.Crypto.SRP, {
'_n': null,
'_g': null,
//-------------------------------------------------------------------------
'n': function() {
if (Clipperz.Crypto.SRP._n == null) {
Clipperz.Crypto.SRP._n = new Clipperz.Crypto.BigInt("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16);
}
return Clipperz.Crypto.SRP._n;
},
//-------------------------------------------------------------------------
'g': function() {
if (Clipperz.Crypto.SRP._g == null) {
Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2); // eventually 5 (as suggested on the Diffi-Helmann documentation)
}
return Clipperz.Crypto.SRP._g;
},
//-----------------------------------------------------------------------------
'exception': {
'InvalidValue': new MochiKit.Base.NamedError("Clipperz.Crypto.SRP.exception.InvalidValue")
},
//-------------------------------------------------------------------------
__syntaxFix__: "syntax fix"
});
//#############################################################################
//
// S R P C o n n e c t i o n version 1.0
//
//=============================================================================
Clipperz.Crypto.SRP.Connection = function (args) {
args = args || {};
this._C = args.C;
this._P = args.P;
this.hash = args.hash;
this._a = null;
this._A = null;
this._s = null;
this._B = null;
this._x = null;
this._u = null;
this._K = null;
this._M1 = null;
this._M2 = null;
this._sessionKey = null;
return this;
}
Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'toString': function () {
return "Clipperz.Crypto.SRP.Connection (username: " + this.username() + "). Status: " + this.statusDescription();
},
//-------------------------------------------------------------------------
'C': function () {
return this._C;
},
//-------------------------------------------------------------------------
'P': function () {
return this._P;
},
//-------------------------------------------------------------------------
'a': function () {
if (this._a == null) {
this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16);
// this._a = new Clipperz.Crypto.BigInt("37532428169486597638072888476611365392249575518156687476805936694442691012367", 10);
//MochiKit.Logging.logDebug("SRP a: " + this._a);
}
return this._a;
},
//-------------------------------------------------------------------------
'A': function () {
if (this._A == null) {
// Warning: this value should be strictly greater than zero: how should we perform this check?
this._A = Clipperz.Crypto.SRP.g().powerModule(this.a(), Clipperz.Crypto.SRP.n());
if (this._A.equals(0)) {
MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'A' to 0.");
throw Clipperz.Crypto.SRP.exception.InvalidValue;
}
//MochiKit.Logging.logDebug("SRP A: " + this._A);
}
return this._A;
},
//-------------------------------------------------------------------------
's': function () {
return this._s;
//MochiKit.Logging.logDebug("SRP s: " + this._S);
},
'set_s': function(aValue) {
this._s = aValue;
},
//-------------------------------------------------------------------------
'B': function () {
return this._B;
},
'set_B': function(aValue) {
// Warning: this value should be strictly greater than zero: how should we perform this check?
if (! aValue.equals(0)) {
this._B = aValue;
//MochiKit.Logging.logDebug("SRP B: " + this._B);
} else {
MochiKit.Logging.logError("Clipperz.Crypto.SRP.Connection: trying to set 'B' to 0.");
throw Clipperz.Crypto.SRP.exception.InvalidValue;
}
},
//-------------------------------------------------------------------------
'x': function () {
if (this._x == null) {
this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s().asString(16, 64) + this.P()), 16);
//MochiKit.Logging.logDebug("SRP x: " + this._x);
}
return this._x;
},
//-------------------------------------------------------------------------
'u': function () {
if (this._u == null) {
this._u = new Clipperz.Crypto.BigInt(this.stringHash(this.B().asString()), 16);
//MochiKit.Logging.logDebug("SRP u: " + this._u);
}
return this._u;
},
//-------------------------------------------------------------------------
'S': function () {
if (this._S == null) {
var bigint;
var srp;
bigint = Clipperz.Crypto.BigInt;
srp = Clipperz.Crypto.SRP;
this._S = bigint.powerModule(
bigint.subtract(this.B(), bigint.powerModule(srp.g(), this.x(), srp.n())),
bigint.add(this.a(), bigint.multiply(this.u(), this.x())),
srp.n()
)
//MochiKit.Logging.logDebug("SRP S: " + this._S);
}
return this._S;
},
//-------------------------------------------------------------------------
'K': function () {
if (this._K == null) {
this._K = this.stringHash(this.S().asString());
//MochiKit.Logging.logDebug("SRP K: " + this._K);
}
return this._K;
},
//-------------------------------------------------------------------------
'M1': function () {
if (this._M1 == null) {
this._M1 = this.stringHash(this.A().asString(10) + this.B().asString(10) + this.K());
//MochiKit.Logging.logDebug("SRP M1: " + this._M1);
}
return this._M1;
},
//-------------------------------------------------------------------------
'M2': function () {
if (this._M2 == null) {
this._M2 = this.stringHash(this.A().asString(10) + this.M1() + this.K());
//MochiKit.Logging.logDebug("SRP M2: " + this._M2);
}
return this._M2;
},
//=========================================================================
'serverSideCredentialsWithSalt': function(aSalt) {
var result;
var s, x, v;
s = aSalt;
x = this.stringHash(s + this.P());
v = Clipperz.Crypto.SRP.g().powerModule(new Clipperz.Crypto.BigInt(x, 16), Clipperz.Crypto.SRP.n());
result = {};
result['C'] = this.C();
result['s'] = s;
result['v'] = v.asString(16);
return result;
},
'serverSideCredentials': function() {
var result;
var s;
s = Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2);
result = this.serverSideCredentialsWithSalt(s);
return result;
},
//=========================================================================
/*
'computeServerSide_S': function(b) {
var result;
var v;
var bigint;
var srp;
bigint = Clipperz.Crypto.BigInt;
srp = Clipperz.Crypto.SRP;
v = new Clipperz.Crypto.BigInt(srpConnection.serverSideCredentialsWithSalt(this.s().asString(16, 64)).v, 16);
// _S = (this.A().multiply(this.v().modPow(this.u(), this.n()))).modPow(this.b(), this.n());
result = bigint.powerModule(
bigint.multiply(
this.A(),
bigint.powerModule(v, this.u(), srp.n())
), new Clipperz.Crypto.BigInt(b, 10), srp.n()
);
return result;
},
*/
//=========================================================================
'stringHash': function(aValue) {
var result;
result = this.hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
return result;
},
//=========================================================================
__syntaxFix__: "syntax fix"
});
//#############################################################################