Update changes

This commit is contained in:
aunxx 2016-05-30 12:15:43 +01:00
parent f2ed0f50bb
commit 0c42ee2e76
4 changed files with 142 additions and 67 deletions

View File

@ -107,7 +107,8 @@ function digits($base) {
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
function clipperz_hash($value) { function clipperz_hash($value) {
return hash("sha256", hash("sha256", $value, true)); //return hash("sha256", hash("sha256", $value, true));
return hash("sha256", $value, false);
} }
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
@ -251,6 +252,8 @@ error_log("registration");
error_log("handshake"); error_log("handshake");
$srp_g = "2"; $srp_g = "2";
$srp_n = base2dec("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16); $srp_n = base2dec("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16);
// Define k: k = H(N, g) in SRP-6a
$srp_k = base2dec(clipperz_hash($srp_n . $srp_g), 16);
$message = $parameters["message"]; $message = $parameters["message"];
@ -287,9 +290,12 @@ error_log("handshake");
$_SESSION["v"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"; $_SESSION["v"] = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00";
} }
$_SESSION["b"] = clipperz_randomSeed(); // This should now work with a random seed. Need to check.
// $_SESSION["b"] = clipperz_randomSeed();
// $_SESSION["b"] = "5761e6c84d22ea3c5649de01702d60f674ccfe79238540eb34c61cd020230c53"; // $_SESSION["b"] = "5761e6c84d22ea3c5649de01702d60f674ccfe79238540eb34c61cd020230c53";
$_SESSION["B"] = dec2base(bcadd(base2dec($_SESSION["v"], 16), bcpowmod($srp_g, base2dec($_SESSION["b"], 16), $srp_n)), 16); $_SESSION["b"] = "23309839184091712110293815740584558132927982490099443826709662564655631314481";
$_SESSION["B"] = dec2base(bcmod( bcadd( bcmod( bcmul( $srp_k, base2dec($_SESSION["v"], 16)), $srp_n), bcpowmod( $srp_g, $_SESSION["b"], $srp_n) ), $srp_n), 16);
$result["s"] = $_SESSION["s"]; $result["s"] = $_SESSION["s"];
$result["B"] = $_SESSION["B"]; $result["B"] = $_SESSION["B"];
@ -297,11 +303,13 @@ error_log("handshake");
//============================================================= //=============================================================
} else if ($message == "credentialCheck") { } else if ($message == "credentialCheck") {
error_log("credentialCheck"); error_log("credentialCheck");
$u = clipperz_hash(base2dec($_SESSION["B"],16));
$A = base2dec($_SESSION["A"], 16); $A = base2dec($_SESSION["A"], 16);
$S = bcpowmod(bcmul($A, bcpowmod(base2dec($_SESSION["v"], 16), base2dec($u, 16), $srp_n)), base2dec($_SESSION["b"], 16), $srp_n); // u = H(A, B)
$u = base2dec(clipperz_hash($A . base2dec($_SESSION["B"],16)), 16);
// S = (Av^u) ^ b
$S = bcpowmod( bcmul( $A, bcpowmod( base2dec($_SESSION["v"], 16), $u, $srp_n) ), $_SESSION["b"], $srp_n );
$K = clipperz_hash($S); $K = clipperz_hash($S);
$M1 = clipperz_hash($A.base2dec($_SESSION["B"],16).$K); $M1 = clipperz_hash("597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" . clipperz_hash($_SESSION['C']) . base2dec($_SESSION["s"],16) . base2dec($_SESSION['A'],16) . base2dec($_SESSION['B'],16) . base2dec($K,16));
//$result["B"] = $_SESSION["B"]; //$result["B"] = $_SESSION["B"];
//$result["u"] = $u; //$result["u"] = $u;
@ -311,6 +319,20 @@ error_log("credentialCheck");
//$result["M1"] = $M1; //$result["M1"] = $M1;
//$result["_M1"] = $parameters["parameters"]["M1"]; //$result["_M1"] = $parameters["parameters"]["M1"];
// error_log("credentialCheck calculated: ". $M1);
// error_log("credentialCheck S: ". $S);
// error_log("credentialCheck A: ". $A);
// error_log("credentialCheck B: ". $_SESSION["B"]);
// error_log("credentialCheck base2dec: ". base2dec($_SESSION["B"],16));
// error_log("credentialCheck K: ". base2dec($K,16));
// error_log("credentialCheck n: ". $srp_n);
// error_log("credentialCheck u: ". $u);
// error_log("credentialCheck v: ". base2dec($_SESSION['v'],16));
// error_log("credentialCheck expected: ". $parameters["parameters"]["M1"]);
//User -> Host: M = H(H(N) xor H(g), H(I), s, A, B, K)
if ($M1 == $parameters["parameters"]["M1"]) { if ($M1 == $parameters["parameters"]["M1"]) {
$_SESSION["K"] = $K; $_SESSION["K"] = $K;
$M2 = clipperz_hash($A.$M1.$K); $M2 = clipperz_hash($A.$M1.$K);

View File

@ -138,8 +138,10 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'a': function () { 'a': function () {
if (this._a == null) { if (this._a == null) {
this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16); // this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16);
// this._a = new Clipperz.Crypto.BigInt("37532428169486597638072888476611365392249575518156687476805936694442691012367", 10); // Due to the problem with BigInt not handling signed numbers, this must be even.
// Possible generate any number, then bitwise shift right then left.
this._a = new Clipperz.Crypto.BigInt("33361134861037855263467252772741875431812790785257651194773534061185325245730", 10);
} }
return this._a; return this._a;
@ -191,7 +193,8 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'x': function () { 'x': function () {
if (this._x == null) { if (this._x == null) {
this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s().asString(16, 64) + this.P()), 16); // Private key x = H(s, p)
this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s() + this.P()), 16);
} }
return this._x; return this._x;
@ -210,6 +213,7 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
//------------------------------------------------------------------------- //-------------------------------------------------------------------------
'S': function () { 'S': function () {
// S = (B - kg^x) ^ (a + ux)
if (this._S == null) { if (this._S == null) {
var bigint; var bigint;
var srp; var srp;
@ -217,17 +221,8 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
bigint = Clipperz.Crypto.BigInt; bigint = Clipperz.Crypto.BigInt;
srp = Clipperz.Crypto.SRP; srp = Clipperz.Crypto.SRP;
this._S = bigint.powerModule( this._S = bigint.powerModule( bigint.subtract( bigint.multiply(Clipperz.Crypto.SRP.k(),bigint.powerModule(srp.g(), this.x(), srp.n())), this.B()), bigint.add(this.a(), bigint.multiply(this.u(), this.x())),srp.n() );
bigint.subtract(
this.B(),
bigint.multiply(
Clipperz.Crypto.SRP.k(),
bigint.powerModule(srp.g(), this.x(), srp.n())
)
),
bigint.add(this.a(), bigint.multiply(this.u(), this.x())),
srp.n()
)
} }
return this._S; return this._S;
@ -258,9 +253,25 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
this.s().asString() + this.s().asString() +
this.A().asString() + this.A().asString() +
this.B().asString() + this.B().asString() +
this.K() new Clipperz.Crypto.BigInt(this.K(),16).asString()
); );
//console.log("M1", this._M1); //console.log("M1", this._M1);
//console.log("g", this.g().asString());
//console.log("s", this.s().asString());
//console.log("a", this.a().asString());
//console.log("A", this.A().asString());
//console.log("B", this.B().asString());
//console.log("S", this.S().asString());
//console.log("k", Clipperz.Crypto.SRP.k().asString());
//console.log("K", this.K());
//console.log("x", this.x().asString());
//console.log("P", this.P());
//console.log("u", this.u());
//console.log("u", this.u().asString());
//console.log("Test", this.stringHash(this.A().asString));
//console.log("N", Clipperz.Crypto.SRP.n().asString());
//console.log("g", Clipperz.Crypto.SRP.g().asString());
//console.log("test", this.A().asString() + this.B().asString());
} }
return this._M1; return this._M1;
@ -283,15 +294,22 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
var result; var result;
var s, x, v; var s, x, v;
s = aSalt; //` s = aSalt;
s = new Clipperz.Crypto.BigInt(aSalt,16);
x = this.stringHash(s.asString() + this.P());
x = this.stringHash(s + this.P()); x = this.stringHash(s + this.P());
v = Clipperz.Crypto.SRP.g().powerModule(new Clipperz.Crypto.BigInt(x, 16), Clipperz.Crypto.SRP.n()); v = Clipperz.Crypto.SRP.g().powerModule(new Clipperz.Crypto.BigInt(x, 16), Clipperz.Crypto.SRP.n());
result = {}; result = {};
result['C'] = this.C(); result['C'] = this.C();
result['s'] = s; result['s'] = s.asString(16);
result['v'] = v.asString(16); result['v'] = v.asString(16);
//console.log("ServerSide C", result['C']);
//console.log("ServerSide s", result['s']);
//console.log("ServerSide v", result['v']);
//console.log("ServerSide P", this.P());
//console.log("ServerSide x", ge.asString());
return result; return result;
}, },
@ -334,7 +352,8 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'stringHash': function(aValue) { 'stringHash': function(aValue) {
var result; var result;
result = this.hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2); //result = this.hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
result = Clipperz.Crypto.SHA.sha256( new Clipperz.ByteArray(aValue)).toHexString().substring(2);
return result; return result;
}, },

View File

@ -56,8 +56,6 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, {
return Clipperz.Crypto.SRP._n; return Clipperz.Crypto.SRP._n;
}, },
//.........................................................................
'g': function() { 'g': function() {
if (Clipperz.Crypto.SRP._g == null) { if (Clipperz.Crypto.SRP._g == null) {
Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2); // eventually 5 (as suggested on the Diffi-Helmann documentation) Clipperz.Crypto.SRP._g = new Clipperz.Crypto.BigInt(2); // eventually 5 (as suggested on the Diffi-Helmann documentation)
@ -66,8 +64,6 @@ MochiKit.Base.update(Clipperz.Crypto.SRP, {
return Clipperz.Crypto.SRP._g; return Clipperz.Crypto.SRP._g;
}, },
//.........................................................................
'k': function() { 'k': function() {
if (Clipperz.Crypto.SRP._k == null) { if (Clipperz.Crypto.SRP._k == null) {
// Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt(this.stringHash(this.n().asString() + this.g().asString()), 16); // Clipperz.Crypto.SRP._k = new Clipperz.Crypto.BigInt(this.stringHash(this.n().asString() + this.g().asString()), 16);
@ -140,8 +136,10 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'a': function () { 'a': function () {
if (this._a == null) { if (this._a == null) {
this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16); // this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16);
// this._a = new Clipperz.Crypto.BigInt("37532428169486597638072888476611365392249575518156687476805936694442691012367", 10); // Due to the problem with BigInt not handling signed numbers, this must be even.
// Possible generate any number, then bitwise shift right then left.
this._a = new Clipperz.Crypto.BigInt("33361134861037855263467252772741875431812790785257651194773534061185325245730", 10);
} }
return this._a; return this._a;
@ -193,7 +191,8 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'x': function () { 'x': function () {
if (this._x == null) { if (this._x == null) {
this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s().asString(16, 64) + this.P()), 16); // Private key x = H(s, p)
this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s() + this.P()), 16);
} }
return this._x; return this._x;
@ -212,6 +211,7 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
//------------------------------------------------------------------------- //-------------------------------------------------------------------------
'S': function () { 'S': function () {
// S = (B - kg^x) ^ (a + ux)
if (this._S == null) { if (this._S == null) {
var bigint; var bigint;
var srp; var srp;
@ -219,17 +219,8 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
bigint = Clipperz.Crypto.BigInt; bigint = Clipperz.Crypto.BigInt;
srp = Clipperz.Crypto.SRP; srp = Clipperz.Crypto.SRP;
this._S = bigint.powerModule( this._S = bigint.powerModule( bigint.subtract( bigint.multiply(Clipperz.Crypto.SRP.k(),bigint.powerModule(srp.g(), this.x(), srp.n())), this.B()), bigint.add(this.a(), bigint.multiply(this.u(), this.x())),srp.n() );
bigint.subtract(
this.B(),
bigint.multiply(
Clipperz.Crypto.SRP.k(),
bigint.powerModule(srp.g(), this.x(), srp.n())
)
),
bigint.add(this.a(), bigint.multiply(this.u(), this.x())),
srp.n()
)
} }
return this._S; return this._S;
@ -260,9 +251,25 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
this.s().asString() + this.s().asString() +
this.A().asString() + this.A().asString() +
this.B().asString() + this.B().asString() +
this.K() new Clipperz.Crypto.BigInt(this.K(),16).asString()
); );
//console.log("M1", this._M1); //console.log("M1", this._M1);
//console.log("g", this.g().asString());
//console.log("s", this.s().asString());
//console.log("a", this.a().asString());
//console.log("A", this.A().asString());
//console.log("B", this.B().asString());
//console.log("S", this.S().asString());
//console.log("k", Clipperz.Crypto.SRP.k().asString());
//console.log("K", this.K());
//console.log("x", this.x().asString());
//console.log("P", this.P());
//console.log("u", this.u());
//console.log("u", this.u().asString());
//console.log("Test", this.stringHash(this.A().asString));
//console.log("N", Clipperz.Crypto.SRP.n().asString());
//console.log("g", Clipperz.Crypto.SRP.g().asString());
//console.log("test", this.A().asString() + this.B().asString());
} }
return this._M1; return this._M1;
@ -285,15 +292,22 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
var result; var result;
var s, x, v; var s, x, v;
s = aSalt; //` s = aSalt;
s = new Clipperz.Crypto.BigInt(aSalt,16);
x = this.stringHash(s.asString() + this.P());
x = this.stringHash(s + this.P()); x = this.stringHash(s + this.P());
v = Clipperz.Crypto.SRP.g().powerModule(new Clipperz.Crypto.BigInt(x, 16), Clipperz.Crypto.SRP.n()); v = Clipperz.Crypto.SRP.g().powerModule(new Clipperz.Crypto.BigInt(x, 16), Clipperz.Crypto.SRP.n());
result = {}; result = {};
result['C'] = this.C(); result['C'] = this.C();
result['s'] = s; result['s'] = s.asString(16);
result['v'] = v.asString(16); result['v'] = v.asString(16);
//console.log("ServerSide C", result['C']);
//console.log("ServerSide s", result['s']);
//console.log("ServerSide v", result['v']);
//console.log("ServerSide P", this.P());
//console.log("ServerSide x", ge.asString());
return result; return result;
}, },
@ -336,7 +350,8 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'stringHash': function(aValue) { 'stringHash': function(aValue) {
var result; var result;
result = this.hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2); //result = this.hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
result = Clipperz.Crypto.SHA.sha256( new Clipperz.ByteArray(aValue)).toHexString().substring(2);
return result; return result;
}, },

View File

@ -138,8 +138,10 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'a': function () { 'a': function () {
if (this._a == null) { if (this._a == null) {
this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16); // this._a = new Clipperz.Crypto.BigInt(Clipperz.Crypto.PRNG.defaultRandomGenerator().getRandomBytes(32).toHexString().substring(2), 16);
// this._a = new Clipperz.Crypto.BigInt("37532428169486597638072888476611365392249575518156687476805936694442691012367", 10); // Due to the problem with BigInt not handling signed numbers, this must be even.
// Possible generate any number, then bitwise shift right then left.
this._a = new Clipperz.Crypto.BigInt("33361134861037855263467252772741875431812790785257651194773534061185325245730", 10);
} }
return this._a; return this._a;
@ -191,7 +193,8 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'x': function () { 'x': function () {
if (this._x == null) { if (this._x == null) {
this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s().asString(16, 64) + this.P()), 16); // Private key x = H(s, p)
this._x = new Clipperz.Crypto.BigInt(this.stringHash(this.s() + this.P()), 16);
} }
return this._x; return this._x;
@ -210,6 +213,7 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
//------------------------------------------------------------------------- //-------------------------------------------------------------------------
'S': function () { 'S': function () {
// S = (B - kg^x) ^ (a + ux)
if (this._S == null) { if (this._S == null) {
var bigint; var bigint;
var srp; var srp;
@ -217,17 +221,8 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
bigint = Clipperz.Crypto.BigInt; bigint = Clipperz.Crypto.BigInt;
srp = Clipperz.Crypto.SRP; srp = Clipperz.Crypto.SRP;
this._S = bigint.powerModule( this._S = bigint.powerModule( bigint.subtract( bigint.multiply(Clipperz.Crypto.SRP.k(),bigint.powerModule(srp.g(), this.x(), srp.n())), this.B()), bigint.add(this.a(), bigint.multiply(this.u(), this.x())),srp.n() );
bigint.subtract(
this.B(),
bigint.multiply(
Clipperz.Crypto.SRP.k(),
bigint.powerModule(srp.g(), this.x(), srp.n())
)
),
bigint.add(this.a(), bigint.multiply(this.u(), this.x())),
srp.n()
)
} }
return this._S; return this._S;
@ -258,9 +253,25 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
this.s().asString() + this.s().asString() +
this.A().asString() + this.A().asString() +
this.B().asString() + this.B().asString() +
this.K() new Clipperz.Crypto.BigInt(this.K(),16).asString()
); );
//console.log("M1", this._M1); //console.log("M1", this._M1);
//console.log("g", this.g().asString());
//console.log("s", this.s().asString());
//console.log("a", this.a().asString());
//console.log("A", this.A().asString());
//console.log("B", this.B().asString());
//console.log("S", this.S().asString());
//console.log("k", Clipperz.Crypto.SRP.k().asString());
//console.log("K", this.K());
//console.log("x", this.x().asString());
//console.log("P", this.P());
//console.log("u", this.u());
//console.log("u", this.u().asString());
//console.log("Test", this.stringHash(this.A().asString));
//console.log("N", Clipperz.Crypto.SRP.n().asString());
//console.log("g", Clipperz.Crypto.SRP.g().asString());
//console.log("test", this.A().asString() + this.B().asString());
} }
return this._M1; return this._M1;
@ -283,15 +294,22 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
var result; var result;
var s, x, v; var s, x, v;
s = aSalt; //` s = aSalt;
s = new Clipperz.Crypto.BigInt(aSalt,16);
x = this.stringHash(s.asString() + this.P());
x = this.stringHash(s + this.P()); x = this.stringHash(s + this.P());
v = Clipperz.Crypto.SRP.g().powerModule(new Clipperz.Crypto.BigInt(x, 16), Clipperz.Crypto.SRP.n()); v = Clipperz.Crypto.SRP.g().powerModule(new Clipperz.Crypto.BigInt(x, 16), Clipperz.Crypto.SRP.n());
result = {}; result = {};
result['C'] = this.C(); result['C'] = this.C();
result['s'] = s; result['s'] = s.asString(16);
result['v'] = v.asString(16); result['v'] = v.asString(16);
//console.log("ServerSide C", result['C']);
//console.log("ServerSide s", result['s']);
//console.log("ServerSide v", result['v']);
//console.log("ServerSide P", this.P());
//console.log("ServerSide x", ge.asString());
return result; return result;
}, },
@ -334,7 +352,8 @@ Clipperz.Crypto.SRP.Connection.prototype = MochiKit.Base.update(null, {
'stringHash': function(aValue) { 'stringHash': function(aValue) {
var result; var result;
result = this.hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2); //result = this.hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
result = Clipperz.Crypto.SHA.sha256( new Clipperz.ByteArray(aValue)).toHexString().substring(2);
return result; return result;
}, },