Skip to content
Browse files

Added client code and unit tests

  • Loading branch information...
1 parent 42165e4 commit 9fc9387683899d1cf35169074b75f6efe7c804ec @sschaetz committed Aug 18, 2011
View
53 client/crypto.js
@@ -0,0 +1,53 @@
+
+/**
+ * diffie hellman key exchange functions
+ */
+starbase.crypto.dh = function()
+{
+};
+
+starbase.crypto.dh = {
+
+ // p and g are taken from http://tools.ietf.org/html/rfc5114#section-2.3
+ p: str2bigInt(
+ "87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F2" +
+ "5D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA30" +
+ "16C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD" +
+ "5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B" +
+ "6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C" +
+ "4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0E" +
+ "F13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D9" +
+ "67E144E5140564251CCACB83E6B486F6B3CA3F7971506026" +
+ "C0B857F689962856DED4010ABD0BE621C3A3960A54E710C3" +
+ "75F26375D7014103A4B54330C198AF126116D2276E11715F" +
+ "693877FAD7EF09CADB094AE91E1A1597", 16, 2048),
+
+ g: str2bigInt(
+ "3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF2054" +
+ "07F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555" +
+ "BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18" +
+ "A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B" +
+ "777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC83" +
+ "1D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55" +
+ "A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14" +
+ "C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915" +
+ "B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6" +
+ "184B523D1DB246C32F63078490F00EF8D647D148D4795451" +
+ "5E2327CFEF98C582664B4C0F6CC41659", 16, 2048),
+
+ generate_publickey: function(secret)
+ {
+ var a = str2bigInt(secret, 16, 2048);
+ return bigInt2str(powMod(this.g, a, this.p), 16);
+ },
+
+ generate_sharedsecret: function(secret, remote_publickey)
+ {
+ var a = str2bigInt(secret, 16, 2048);
+ var B = str2bigInt(remote_publickey, 16, 2048);
+ return bigInt2str(powMod(B, a, this.p), 16);
+ }
+};
+
+
+
View
222 client/libs/bigint-5.4.min.js
@@ -0,0 +1,222 @@
+bpe=0;mask=0;radix=mask+1;digitsStr='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_=!@#$%^&*()[]{}|;:,.<>/?`~ \\\'\"+-';for(bpe=0;(1<<(bpe+1))>(1<<bpe);bpe++);bpe>>=1;mask=(1<<bpe)-1;radix=mask+1;one=int2bigInt(1,1,1);t=new Array(0);ss=t;s0=t;s1=t;s2=t;s3=t;s4=t;s5=t;s6=t;s7=t;T=t;sa=t;mr_x1=t;mr_r=t;mr_a=t;eg_v=t;eg_u=t;eg_A=t;eg_B=t;eg_C=t;eg_D=t;md_q1=t;md_q2=t;md_q3=t;md_r=t;md_r1=t;md_r2=t;md_tt=t;primes=t;pows=t;s_i=t;s_i2=t;s_R=t;s_rm=t;s_q=t;s_n1=t;s_a=t;s_r2=t;s_n=t;s_b=t;s_d=t;s_x1=t;s_x2=t,s_aa=t;rpprb=t;function findPrimes(n){var i,s,p,ans;s=new Array(n);for(i=0;i<n;i++)
+s[i]=0;s[0]=2;p=0;for(;s[p]<n;){for(i=s[p]*s[p];i<n;i+=s[p])
+s[i]=1;p++;s[p]=s[p-1]+1;for(;s[p]<n&&s[s[p]];s[p]++);}
+ans=new Array(p);for(i=0;i<p;i++)
+ans[i]=s[i];return ans;}
+function millerRabinInt(x,b){if(mr_x1.length!=x.length){mr_x1=dup(x);mr_r=dup(x);mr_a=dup(x);}
+copyInt_(mr_a,b);return millerRabin(x,mr_a);}
+function millerRabin(x,b){var i,j,k,s;if(mr_x1.length!=x.length){mr_x1=dup(x);mr_r=dup(x);mr_a=dup(x);}
+copy_(mr_a,b);copy_(mr_r,x);copy_(mr_x1,x);addInt_(mr_r,-1);addInt_(mr_x1,-1);k=0;for(i=0;i<mr_r.length;i++)
+for(j=1;j<mask;j<<=1)
+if(x[i]&j){s=(k<mr_r.length+bpe?k:0);i=mr_r.length;j=mask;}else
+k++;if(s)
+rightShift_(mr_r,s);powMod_(mr_a,mr_r,x);if(!equalsInt(mr_a,1)&&!equals(mr_a,mr_x1)){j=1;while(j<=s-1&&!equals(mr_a,mr_x1)){squareMod_(mr_a,x);if(equalsInt(mr_a,1)){return 0;}
+j++;}
+if(!equals(mr_a,mr_x1)){return 0;}}
+return 1;}
+function bitSize(x){var j,z,w;for(j=x.length-1;(x[j]==0)&&(j>0);j--);for(z=0,w=x[j];w;(w>>=1),z++);z+=bpe*j;return z;}
+function expand(x,n){var ans=int2bigInt(0,(x.length>n?x.length:n)*bpe,0);copy_(ans,x);return ans;}
+function randTruePrime(k){var ans=int2bigInt(0,k,0);randTruePrime_(ans,k);return trim(ans,1);}
+function randProbPrime(k){if(k>=600)return randProbPrimeRounds(k,2);if(k>=550)return randProbPrimeRounds(k,4);if(k>=500)return randProbPrimeRounds(k,5);if(k>=400)return randProbPrimeRounds(k,6);if(k>=350)return randProbPrimeRounds(k,7);if(k>=300)return randProbPrimeRounds(k,9);if(k>=250)return randProbPrimeRounds(k,12);if(k>=200)return randProbPrimeRounds(k,15);if(k>=150)return randProbPrimeRounds(k,18);if(k>=100)return randProbPrimeRounds(k,27);return randProbPrimeRounds(k,40);}
+function randProbPrimeRounds(k,n){var ans,i,divisible,B;B=30000;ans=int2bigInt(0,k,0);if(primes.length==0)
+primes=findPrimes(30000);if(rpprb.length!=ans.length)
+rpprb=dup(ans);for(;;){randBigInt_(ans,k,0);ans[0]|=1;divisible=0;for(i=0;(i<primes.length)&&(primes[i]<=B);i++)
+if(modInt(ans,primes[i])==0&&!equalsInt(ans,primes[i])){divisible=1;break;}
+for(i=0;i<n&&!divisible;i++){randBigInt_(rpprb,k,0);while(!greater(ans,rpprb))
+randBigInt_(rpprb,k,0);if(!millerRabin(ans,rpprb))
+divisible=1;}
+if(!divisible)
+return ans;}}
+function mod(x,n){var ans=dup(x);mod_(ans,n);return trim(ans,1);}
+function addInt(x,n){var ans=expand(x,x.length+1);addInt_(ans,n);return trim(ans,1);}
+function mult(x,y){var ans=expand(x,x.length+y.length);mult_(ans,y);return trim(ans,1);}
+function powMod(x,y,n){var ans=expand(x,n.length);powMod_(ans,trim(y,2),trim(n,2),0);return trim(ans,1);}
+function sub(x,y){var ans=expand(x,(x.length>y.length?x.length+1:y.length+1));sub_(ans,y);return trim(ans,1);}
+function add(x,y){var ans=expand(x,(x.length>y.length?x.length+1:y.length+1));add_(ans,y);return trim(ans,1);}
+function inverseMod(x,n){var ans=expand(x,n.length);var s;s=inverseMod_(ans,n);return s?trim(ans,1):null;}
+function multMod(x,y,n){var ans=expand(x,n.length);multMod_(ans,y,n);return trim(ans,1);}
+function randTruePrime_(ans,k){var c,m,pm,dd,j,r,B,divisible,z,zz,recSize;if(primes.length==0)
+primes=findPrimes(30000);if(pows.length==0){pows=new Array(512);for(j=0;j<512;j++){pows[j]=Math.pow(2,j/511.-1.);}}
+c=0.1;m=20;recLimit=20;if(s_i2.length!=ans.length){s_i2=dup(ans);s_R=dup(ans);s_n1=dup(ans);s_r2=dup(ans);s_d=dup(ans);s_x1=dup(ans);s_x2=dup(ans);s_b=dup(ans);s_n=dup(ans);s_i=dup(ans);s_rm=dup(ans);s_q=dup(ans);s_a=dup(ans);s_aa=dup(ans);}
+if(k<=recLimit){pm=(1<<((k+2)>>1))-1;copyInt_(ans,0);for(dd=1;dd;){dd=0;ans[0]=1|(1<<(k-1))|Math.floor(Math.random()*(1<<k));for(j=1;(j<primes.length)&&((primes[j]&pm)==primes[j]);j++){if(0==(ans[0]%primes[j])){dd=1;break;}}}
+carry_(ans);return;}
+B=c*k*k;if(k>2*m)
+for(r=1;k-k*r<=m;)
+r=pows[Math.floor(Math.random()*512)];else
+r=.5;recSize=Math.floor(r*k)+1;randTruePrime_(s_q,recSize);copyInt_(s_i2,0);s_i2[Math.floor((k-2)/bpe)]|=(1<<((k-2)%bpe));divide_(s_i2,s_q,s_i,s_rm);z=bitSize(s_i);for(;;){for(;;){randBigInt_(s_R,z,0);if(greater(s_i,s_R))
+break;}
+addInt_(s_R,1);add_(s_R,s_i);copy_(s_n,s_q);mult_(s_n,s_R);multInt_(s_n,2);addInt_(s_n,1);copy_(s_r2,s_R);multInt_(s_r2,2);for(divisible=0,j=0;(j<primes.length)&&(primes[j]<B);j++)
+if(modInt(s_n,primes[j])==0&&!equalsInt(s_n,primes[j])){divisible=1;break;}
+if(!divisible)
+if(!millerRabinInt(s_n,2))
+divisible=1;if(!divisible){addInt_(s_n,-3);for(j=s_n.length-1;(s_n[j]==0)&&(j>0);j--);for(zz=0,w=s_n[j];w;(w>>=1),zz++);zz+=bpe*j;for(;;){randBigInt_(s_a,zz,0);if(greater(s_n,s_a))
+break;}
+addInt_(s_n,3);addInt_(s_a,2);copy_(s_b,s_a);copy_(s_n1,s_n);addInt_(s_n1,-1);powMod_(s_b,s_n1,s_n);addInt_(s_b,-1);if(isZero(s_b)){copy_(s_b,s_a);powMod_(s_b,s_r2,s_n);addInt_(s_b,-1);copy_(s_aa,s_n);copy_(s_d,s_b);GCD_(s_d,s_n);if(equalsInt(s_d,1)){copy_(ans,s_aa);return;}}}}}
+function randBigInt(n,s){var a,b;a=Math.floor((n-1)/bpe)+2;b=int2bigInt(0,0,a);randBigInt_(b,n,s);return b;}
+function randBigInt_(b,n,s){var i,a;for(i=0;i<b.length;i++)
+b[i]=0;a=Math.floor((n-1)/bpe)+1;for(i=0;i<a;i++){b[i]=Math.floor(Math.random()*(1<<(bpe-1)));}
+b[a-1]&=(2<<((n-1)%bpe))-1;if(s==1)
+b[a-1]|=(1<<((n-1)%bpe));}
+function GCD(x,y){var xc,yc;xc=dup(x);yc=dup(y);GCD_(xc,yc);return xc;}
+function GCD_(x,y){var i,xp,yp,A,B,C,D,q,sing;if(T.length!=x.length)
+T=dup(x);sing=1;while(sing){sing=0;for(i=1;i<y.length;i++)
+if(y[i]){sing=1;break;}
+if(!sing)break;for(i=x.length;!x[i]&&i>=0;i--);xp=x[i];yp=y[i];A=1;B=0;C=0;D=1;while((yp+C)&&(yp+D)){q=Math.floor((xp+A)/(yp+C));qp=Math.floor((xp+B)/(yp+D));if(q!=qp)
+break;t=A-q*C;A=C;C=t;t=B-q*D;B=D;D=t;t=xp-q*yp;xp=yp;yp=t;}
+if(B){copy_(T,x);linComb_(x,y,A,B);linComb_(y,T,D,C);}else{mod_(x,y);copy_(T,x);copy_(x,y);copy_(y,T);}}
+if(y[0]==0)
+return;t=modInt(x,y[0]);copyInt_(x,y[0]);y[0]=t;while(y[0]){x[0]%=y[0];t=x[0];x[0]=y[0];y[0]=t;}}
+function inverseMod_(x,n){var k=1+2*Math.max(x.length,n.length);if(!(x[0]&1)&&!(n[0]&1)){copyInt_(x,0);return 0;}
+if(eg_u.length!=k){eg_u=new Array(k);eg_v=new Array(k);eg_A=new Array(k);eg_B=new Array(k);eg_C=new Array(k);eg_D=new Array(k);}
+copy_(eg_u,x);copy_(eg_v,n);copyInt_(eg_A,1);copyInt_(eg_B,0);copyInt_(eg_C,0);copyInt_(eg_D,1);for(;;){while(!(eg_u[0]&1)){halve_(eg_u);if(!(eg_A[0]&1)&&!(eg_B[0]&1)){halve_(eg_A);halve_(eg_B);}else{add_(eg_A,n);halve_(eg_A);sub_(eg_B,x);halve_(eg_B);}}
+while(!(eg_v[0]&1)){halve_(eg_v);if(!(eg_C[0]&1)&&!(eg_D[0]&1)){halve_(eg_C);halve_(eg_D);}else{add_(eg_C,n);halve_(eg_C);sub_(eg_D,x);halve_(eg_D);}}
+if(!greater(eg_v,eg_u)){sub_(eg_u,eg_v);sub_(eg_A,eg_C);sub_(eg_B,eg_D);}else{sub_(eg_v,eg_u);sub_(eg_C,eg_A);sub_(eg_D,eg_B);}
+if(equalsInt(eg_u,0)){if(negative(eg_C))
+add_(eg_C,n);copy_(x,eg_C);if(!equalsInt(eg_v,1)){copyInt_(x,0);return 0;}
+return 1;}}}
+function inverseModInt(x,n){var a=1,b=0,t;for(;;){if(x==1)return a;if(x==0)return 0;b-=a*Math.floor(n/x);n%=x;if(n==1)return b;if(n==0)return 0;a-=b*Math.floor(x/n);x%=n;}}
+function inverseModInt_(x,n){return inverseModInt(x,n);}
+function eGCD_(x,y,v,a,b){var g=0;var k=Math.max(x.length,y.length);if(eg_u.length!=k){eg_u=new Array(k);eg_A=new Array(k);eg_B=new Array(k);eg_C=new Array(k);eg_D=new Array(k);}
+while(!(x[0]&1)&&!(y[0]&1)){halve_(x);halve_(y);g++;}
+copy_(eg_u,x);copy_(v,y);copyInt_(eg_A,1);copyInt_(eg_B,0);copyInt_(eg_C,0);copyInt_(eg_D,1);for(;;){while(!(eg_u[0]&1)){halve_(eg_u);if(!(eg_A[0]&1)&&!(eg_B[0]&1)){halve_(eg_A);halve_(eg_B);}else{add_(eg_A,y);halve_(eg_A);sub_(eg_B,x);halve_(eg_B);}}
+while(!(v[0]&1)){halve_(v);if(!(eg_C[0]&1)&&!(eg_D[0]&1)){halve_(eg_C);halve_(eg_D);}else{add_(eg_C,y);halve_(eg_C);sub_(eg_D,x);halve_(eg_D);}}
+if(!greater(v,eg_u)){sub_(eg_u,v);sub_(eg_A,eg_C);sub_(eg_B,eg_D);}else{sub_(v,eg_u);sub_(eg_C,eg_A);sub_(eg_D,eg_B);}
+if(equalsInt(eg_u,0)){if(negative(eg_C)){add_(eg_C,y);sub_(eg_D,x);}
+multInt_(eg_D,-1);copy_(a,eg_C);copy_(b,eg_D);leftShift_(v,g);return;}}}
+function negative(x){return((x[x.length-1]>>(bpe-1))&1);}
+function greaterShift(x,y,shift){var i,kx=x.length,ky=y.length;k=((kx+shift)<ky)?(kx+shift):ky;for(i=ky-1-shift;i<kx&&i>=0;i++)
+if(x[i]>0)
+return 1;for(i=kx-1+shift;i<ky;i++)
+if(y[i]>0)
+return 0;for(i=k-1;i>=shift;i--)
+if(x[i-shift]>y[i])return 1;else if(x[i-shift]<y[i])return 0;return 0;}
+function greater(x,y){var i;var k=(x.length<y.length)?x.length:y.length;for(i=x.length;i<y.length;i++)
+if(y[i])
+return 0;for(i=y.length;i<x.length;i++)
+if(x[i])
+return 1;for(i=k-1;i>=0;i--)
+if(x[i]>y[i])
+return 1;else if(x[i]<y[i])
+return 0;return 0;}
+function divide_(x,y,q,r){var kx,ky;var i,j,y1,y2,c,a,b;copy_(r,x);for(ky=y.length;y[ky-1]==0;ky--);b=y[ky-1];for(a=0;b;a++)
+b>>=1;a=bpe-a;leftShift_(y,a);leftShift_(r,a);for(kx=r.length;r[kx-1]==0&&kx>ky;kx--);copyInt_(q,0);while(!greaterShift(y,r,kx-ky)){subShift_(r,y,kx-ky);q[kx-ky]++;}
+for(i=kx-1;i>=ky;i--){if(r[i]==y[ky-1])
+q[i-ky]=mask;else
+q[i-ky]=Math.floor((r[i]*radix+r[i-1])/y[ky-1]);for(;;){y2=(ky>1?y[ky-2]:0)*q[i-ky];c=y2>>bpe;y2=y2&mask;y1=c+q[i-ky]*y[ky-1];c=y1>>bpe;y1=y1&mask;if(c==r[i]?y1==r[i-1]?y2>(i>1?r[i-2]:0):y1>r[i-1]:c>r[i])
+q[i-ky]--;else
+break;}
+linCombShift_(r,y,-q[i-ky],i-ky);if(negative(r)){addShift_(r,y,i-ky);q[i-ky]--;}}
+rightShift_(y,a);rightShift_(r,a);}
+function carry_(x){var i,k,c,b;k=x.length;c=0;for(i=0;i<k;i++){c+=x[i];b=0;if(c<0){b=-(c>>bpe);c+=b*radix;}
+x[i]=c&mask;c=(c>>bpe)-b;}}
+function modInt(x,n){var i,c=0;for(i=x.length-1;i>=0;i--)
+c=(c*radix+x[i])%n;return c;}
+function int2bigInt(t,bits,minSize){var i,k;k=Math.ceil(bits/bpe)+1;k=minSize>k?minSize:k;buff=new Array(k);copyInt_(buff,t);return buff;}
+function str2bigInt(s,base,minSize){var d,i,j,x,y,kk;var k=s.length;if(base==-1){x=new Array(0);for(;;){y=new Array(x.length+1);for(i=0;i<x.length;i++)
+y[i+1]=x[i];y[0]=parseInt(s,10);x=y;d=s.indexOf(',',0);if(d<1)
+break;s=s.substring(d+1);if(s.length==0)
+break;}
+if(x.length<minSize){y=new Array(minSize);copy_(y,x);return y;}
+return x;}
+x=int2bigInt(0,base*k,0);for(i=0;i<k;i++){d=digitsStr.indexOf(s.substring(i,i+1),0);if(base<=36&&d>=36)
+d-=26;if(d>=base||d<0){break;}
+multInt_(x,base);addInt_(x,d);}
+for(k=x.length;k>0&&!x[k-1];k--);k=minSize>k+1?minSize:k+1;y=new Array(k);kk=k<x.length?k:x.length;for(i=0;i<kk;i++)
+y[i]=x[i];for(;i<k;i++)
+y[i]=0;return y;}
+function equalsInt(x,y){var i;if(x[0]!=y)
+return 0;for(i=1;i<x.length;i++)
+if(x[i])
+return 0;return 1;}
+function equals(x,y){var i;var k=x.length<y.length?x.length:y.length;for(i=0;i<k;i++)
+if(x[i]!=y[i])
+return 0;if(x.length>y.length){for(;i<x.length;i++)
+if(x[i])
+return 0;}else{for(;i<y.length;i++)
+if(y[i])
+return 0;}
+return 1;}
+function isZero(x){var i;for(i=0;i<x.length;i++)
+if(x[i])
+return 0;return 1;}
+function bigInt2str(x,base){var i,t,s="";if(s6.length!=x.length)
+s6=dup(x);else
+copy_(s6,x);if(base==-1){for(i=x.length-1;i>0;i--)
+s+=x[i]+',';s+=x[0];}
+else{while(!isZero(s6)){t=divInt_(s6,base);s=digitsStr.substring(t,t+1)+s;}}
+if(s.length==0)
+s="0";return s;}
+function dup(x){var i;buff=new Array(x.length);copy_(buff,x);return buff;}
+function copy_(x,y){var i;var k=x.length<y.length?x.length:y.length;for(i=0;i<k;i++)
+x[i]=y[i];for(i=k;i<x.length;i++)
+x[i]=0;}
+function copyInt_(x,n){var i,c;for(c=n,i=0;i<x.length;i++){x[i]=c&mask;c>>=bpe;}}
+function addInt_(x,n){var i,k,c,b;x[0]+=n;k=x.length;c=0;for(i=0;i<k;i++){c+=x[i];b=0;if(c<0){b=-(c>>bpe);c+=b*radix;}
+x[i]=c&mask;c=(c>>bpe)-b;if(!c)return;}}
+function rightShift_(x,n){var i;var k=Math.floor(n/bpe);if(k){for(i=0;i<x.length-k;i++)
+x[i]=x[i+k];for(;i<x.length;i++)
+x[i]=0;n%=bpe;}
+for(i=0;i<x.length-1;i++){x[i]=mask&((x[i+1]<<(bpe-n))|(x[i]>>n));}
+x[i]>>=n;}
+function halve_(x){var i;for(i=0;i<x.length-1;i++){x[i]=mask&((x[i+1]<<(bpe-1))|(x[i]>>1));}
+x[i]=(x[i]>>1)|(x[i]&(radix>>1));}
+function leftShift_(x,n){var i;var k=Math.floor(n/bpe);if(k){for(i=x.length;i>=k;i--)
+x[i]=x[i-k];for(;i>=0;i--)
+x[i]=0;n%=bpe;}
+if(!n)
+return;for(i=x.length-1;i>0;i--){x[i]=mask&((x[i]<<n)|(x[i-1]>>(bpe-n)));}
+x[i]=mask&(x[i]<<n);}
+function multInt_(x,n){var i,k,c,b;if(!n)
+return;k=x.length;c=0;for(i=0;i<k;i++){c+=x[i]*n;b=0;if(c<0){b=-(c>>bpe);c+=b*radix;}
+x[i]=c&mask;c=(c>>bpe)-b;}}
+function divInt_(x,n){var i,r=0,s;for(i=x.length-1;i>=0;i--){s=r*radix+x[i];x[i]=Math.floor(s/n);r=s%n;}
+return r;}
+function linComb_(x,y,a,b){var i,c,k,kk;k=x.length<y.length?x.length:y.length;kk=x.length;for(c=0,i=0;i<k;i++){c+=a*x[i]+b*y[i];x[i]=c&mask;c>>=bpe;}
+for(i=k;i<kk;i++){c+=a*x[i];x[i]=c&mask;c>>=bpe;}}
+function linCombShift_(x,y,b,ys){var i,c,k,kk;k=x.length<ys+y.length?x.length:ys+y.length;kk=x.length;for(c=0,i=ys;i<k;i++){c+=x[i]+b*y[i-ys];x[i]=c&mask;c>>=bpe;}
+for(i=k;c&&i<kk;i++){c+=x[i];x[i]=c&mask;c>>=bpe;}}
+function addShift_(x,y,ys){var i,c,k,kk;k=x.length<ys+y.length?x.length:ys+y.length;kk=x.length;for(c=0,i=ys;i<k;i++){c+=x[i]+y[i-ys];x[i]=c&mask;c>>=bpe;}
+for(i=k;c&&i<kk;i++){c+=x[i];x[i]=c&mask;c>>=bpe;}}
+function subShift_(x,y,ys){var i,c,k,kk;k=x.length<ys+y.length?x.length:ys+y.length;kk=x.length;for(c=0,i=ys;i<k;i++){c+=x[i]-y[i-ys];x[i]=c&mask;c>>=bpe;}
+for(i=k;c&&i<kk;i++){c+=x[i];x[i]=c&mask;c>>=bpe;}}
+function sub_(x,y){var i,c,k,kk;k=x.length<y.length?x.length:y.length;for(c=0,i=0;i<k;i++){c+=x[i]-y[i];x[i]=c&mask;c>>=bpe;}
+for(i=k;c&&i<x.length;i++){c+=x[i];x[i]=c&mask;c>>=bpe;}}
+function add_(x,y){var i,c,k,kk;k=x.length<y.length?x.length:y.length;for(c=0,i=0;i<k;i++){c+=x[i]+y[i];x[i]=c&mask;c>>=bpe;}
+for(i=k;c&&i<x.length;i++){c+=x[i];x[i]=c&mask;c>>=bpe;}}
+function mult_(x,y){var i;if(ss.length!=2*x.length)
+ss=new Array(2*x.length);copyInt_(ss,0);for(i=0;i<y.length;i++)
+if(y[i])
+linCombShift_(ss,x,y[i],i);copy_(x,ss);}
+function mod_(x,n){if(s4.length!=x.length)
+s4=dup(x);else
+copy_(s4,x);if(s5.length!=x.length)
+s5=dup(x);divide_(s4,n,s5,x);}
+function multMod_(x,y,n){var i;if(s0.length!=2*x.length)
+s0=new Array(2*x.length);copyInt_(s0,0);for(i=0;i<y.length;i++)
+if(y[i])
+linCombShift_(s0,x,y[i],i);mod_(s0,n);copy_(x,s0);}
+function squareMod_(x,n){var i,j,d,c,kx,kn,k;for(kx=x.length;kx>0&&!x[kx-1];kx--);k=kx>n.length?2*kx:2*n.length;if(s0.length!=k)
+s0=new Array(k);copyInt_(s0,0);for(i=0;i<kx;i++){c=s0[2*i]+x[i]*x[i];s0[2*i]=c&mask;c>>=bpe;for(j=i+1;j<kx;j++){c=s0[i+j]+2*x[i]*x[j]+c;s0[i+j]=(c&mask);c>>=bpe;}
+s0[i+kx]=c;}
+mod_(s0,n);copy_(x,s0);}
+function trim(x,k){var i,y;for(i=x.length;i>0&&!x[i-1];i--);y=new Array(i+k);copy_(y,x);return y;}
+function powMod_(x,y,n){var k1,k2,kn,np;if(s7.length!=n.length)
+s7=dup(n);if((n[0]&1)==0){copy_(s7,x);copyInt_(x,1);while(!equalsInt(y,0)){if(y[0]&1)
+multMod_(x,s7,n);divInt_(y,2);squareMod_(s7,n);}
+return;}
+copyInt_(s7,0);for(kn=n.length;kn>0&&!n[kn-1];kn--);np=radix-inverseModInt(modInt(n,radix),radix);s7[kn]=1;multMod_(x,s7,n);if(s3.length!=x.length)
+s3=dup(x);else
+copy_(s3,x);for(k1=y.length-1;k1>0&!y[k1];k1--);if(y[k1]==0){copyInt_(x,1);return;}
+for(k2=1<<(bpe-1);k2&&!(y[k1]&k2);k2>>=1);for(;;){if(!(k2>>=1)){k1--;if(k1<0){mont_(x,one,n,np);return;}
+k2=1<<(bpe-1);}
+mont_(x,x,n,np);if(k2&y[k1])
+mont_(x,s3,n,np);}}
+function mont_(x,y,n,np){var i,j,c,ui,t,ks;var kn=n.length;var ky=y.length;if(sa.length!=kn)
+sa=new Array(kn);copyInt_(sa,0);for(;kn>0&&n[kn-1]==0;kn--);for(;ky>0&&y[ky-1]==0;ky--);ks=sa.length-1;for(i=0;i<kn;i++){t=sa[0]+x[i]*y[0];ui=((t&mask)*np)&mask;c=(t+ui*n[0])>>bpe;t=x[i];j=1;for(;j<ky-4;){c+=sa[j]+ui*n[j]+t*y[j];sa[j-1]=c&mask;c>>=bpe;j++;c+=sa[j]+ui*n[j]+t*y[j];sa[j-1]=c&mask;c>>=bpe;j++;c+=sa[j]+ui*n[j]+t*y[j];sa[j-1]=c&mask;c>>=bpe;j++;c+=sa[j]+ui*n[j]+t*y[j];sa[j-1]=c&mask;c>>=bpe;j++;c+=sa[j]+ui*n[j]+t*y[j];sa[j-1]=c&mask;c>>=bpe;j++;}
+for(;j<ky;){c+=sa[j]+ui*n[j]+t*y[j];sa[j-1]=c&mask;c>>=bpe;j++;}
+for(;j<kn-4;){c+=sa[j]+ui*n[j];sa[j-1]=c&mask;c>>=bpe;j++;c+=sa[j]+ui*n[j];sa[j-1]=c&mask;c>>=bpe;j++;c+=sa[j]+ui*n[j];sa[j-1]=c&mask;c>>=bpe;j++;c+=sa[j]+ui*n[j];sa[j-1]=c&mask;c>>=bpe;j++;c+=sa[j]+ui*n[j];sa[j-1]=c&mask;c>>=bpe;j++;}
+for(;j<kn;){c+=sa[j]+ui*n[j];sa[j-1]=c&mask;c>>=bpe;j++;}
+for(;j<ks;){c+=sa[j];sa[j-1]=c&mask;c>>=bpe;j++;}
+sa[j-1]=c&mask;}
+if(!greater(n,sa))
+sub_(sa,n);copy_(x,sa);}
View
11 client/starbase.js
@@ -0,0 +1,11 @@
+
+/**
+ * @namespace starbase javascript library
+ */
+var starbase =
+{
+ /**
+ * @namespace cryptographic functions
+ */
+ crypto: {}
+};
View
124 client/unit/crypto.html
@@ -0,0 +1,124 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
+ "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+
+<script src="http://code.jquery.com/jquery-latest.js"></script>
+<link rel="stylesheet" href="http://code.jquery.com/qunit/git/qunit.css"
+ type="text/css" media="screen" />
+<script src="http://code.jquery.com/qunit/git/qunit.js"></script>
+
+<script src="../libs/bigint-5.4.min.js"></script>
+<script src="../starbase.js"></script>
+<script src="../crypto.js"></script>
+
+<script>
+$(document).ready(function(){
+
+module("diffie hellman key exchange functions");
+
+// all values are taken from http://tools.ietf.org/html/rfc5114#appendix-A.3
+
+test("public key calculation", function()
+{
+ expect(2);
+ // secret keys
+ var xA = "0881382CDB87660C6DC13E614938D5B9C8B2F248581CC5E31B35454397FCE50E";
+ var xB = "7D62A7E3EF36DE617B13D1AFB82C780D83A23BD4EE6705645121F371F546A53D";
+
+ // public keys we expect to calculate
+ var yA = "2E9380C8323AF97545BC4941DEB0EC37" +
+ "42C62FE0ECE824A6ABDBE66C59BEE0242911BFB967235CEB" +
+ "A35AE13E4EC752BE630B92DC4BDE2847A9C62CB815274542" +
+ "1FB7EB60A63C0FE9159FCCE726CE7CD8523D7450667EF840" +
+ "E4919121EB5F01C8C9B0D3D648A93BFB75689E8244AC134A" +
+ "F544711CE79A02DCC34226684780DDDCB498594106C37F5B" +
+ "C79856487AF5AB022A2E5E42F09897C1A85A11EA0212AF04" +
+ "D9B4CEBC937C3C1A3E15A8A0342E337615C84E7FE3B8B9B8" +
+ "7FB1E73A15AF12A30D746E06DFC34F290D797CE51AA13AA7" +
+ "85BF6658AFF5E4B093003CBEAF665B3C2E113A3A4E905269" +
+ "341DC0711426685F4EF37E868A8126FF3F2279B57CA67E29";
+
+ var yB = "575F0351BD2B1B817448BDF87A6C362C" +
+ "1E289D3903A30B9832C5741FA250363E7ACBC7F77F3DACBC" +
+ "1F131ADD8E03367EFF8FBBB3E1C5784424809B25AFE4D226" +
+ "2A1A6FD2FAB64105CA30A674E07F7809852088632FC04923" +
+ "3791AD4EDD083A978B883EE618BC5E0DD047415F2D95E683" +
+ "CF14826B5FBE10D3CE41C6C120C78AB20008C698BF7F0BCA" +
+ "B9D7F407BED0F43AFB2970F57F8D12043963E66DDD320D59" +
+ "9AD9936C8F44137C08B180EC5E985CEBE186F3D549677E80" +
+ "607331EE17AF3380A725B0782317D7DD43F59D7AF9568A9B" +
+ "B63A84D365F92244ED120988219302F42924C7CA90B89D24" +
+ "F71B0AB697823D7DEB1AFF5B0E8E4A45D49F7F53757E1913";
+
+ equal(starbase.crypto.dh.generate_publickey(xA), yA, "1st example ok");
+ equal(starbase.crypto.dh.generate_publickey(xB), yB, "2nd example ok");
+
+});
+
+
+test("secret shared key calculation", function()
+{
+ expect(2);
+
+ // secret keys
+ var xA = "0881382CDB87660C6DC13E614938D5B9C8B2F248581CC5E31B35454397FCE50E";
+ var xB = "7D62A7E3EF36DE617B13D1AFB82C780D83A23BD4EE6705645121F371F546A53D";
+
+ // public keys we calculated before
+ var yA = "2E9380C8323AF97545BC4941DEB0EC37" +
+ "42C62FE0ECE824A6ABDBE66C59BEE0242911BFB967235CEB" +
+ "A35AE13E4EC752BE630B92DC4BDE2847A9C62CB815274542" +
+ "1FB7EB60A63C0FE9159FCCE726CE7CD8523D7450667EF840" +
+ "E4919121EB5F01C8C9B0D3D648A93BFB75689E8244AC134A" +
+ "F544711CE79A02DCC34226684780DDDCB498594106C37F5B" +
+ "C79856487AF5AB022A2E5E42F09897C1A85A11EA0212AF04" +
+ "D9B4CEBC937C3C1A3E15A8A0342E337615C84E7FE3B8B9B8" +
+ "7FB1E73A15AF12A30D746E06DFC34F290D797CE51AA13AA7" +
+ "85BF6658AFF5E4B093003CBEAF665B3C2E113A3A4E905269" +
+ "341DC0711426685F4EF37E868A8126FF3F2279B57CA67E29";
+
+ var yB = "575F0351BD2B1B817448BDF87A6C362C" +
+ "1E289D3903A30B9832C5741FA250363E7ACBC7F77F3DACBC" +
+ "1F131ADD8E03367EFF8FBBB3E1C5784424809B25AFE4D226" +
+ "2A1A6FD2FAB64105CA30A674E07F7809852088632FC04923" +
+ "3791AD4EDD083A978B883EE618BC5E0DD047415F2D95E683" +
+ "CF14826B5FBE10D3CE41C6C120C78AB20008C698BF7F0BCA" +
+ "B9D7F407BED0F43AFB2970F57F8D12043963E66DDD320D59" +
+ "9AD9936C8F44137C08B180EC5E985CEBE186F3D549677E80" +
+ "607331EE17AF3380A725B0782317D7DD43F59D7AF9568A9B" +
+ "B63A84D365F92244ED120988219302F42924C7CA90B89D24" +
+ "F71B0AB697823D7DEB1AFF5B0E8E4A45D49F7F53757E1913";
+
+ // key we expect to calculate
+ var Z = "86C70BF8D0BB81BB01078A17219CB7D2" +
+ "7203DB2A19C877F1D1F19FD7D77EF22546A68F005AD52DC8" +
+ "4553B78FC60330BE51EA7C0672CAC1515E4B35C047B9A551" +
+ "B88F39DC26DA14A09EF74774D47C762DD177F9ED5BC2F11E" +
+ "52C879BD95098504CD9EECD8A8F9B3EFBD1F008AC5853097" +
+ "D9D1837F2B18F77CD7BE01AF80A7C7B5EA3CA54CC02D0C11" +
+ "6FEE3F95BB87399385875D7E86747E676E728938ACBFF709" +
+ "8E05BE4DCFB24052B83AEFFB14783F029ADBDE7F53FAE920" +
+ "84224090E007CEE94D4BF2BACE9FFD4B57D2AF7C724D0CAA" +
+ "19BF0501F6F17B4AA10F425E3EA76080B4B9D6B3CEFEA115" +
+ "B2CEB8789BB8A3B0EA87FEBE63B6C8F846EC6DB0C26C5D7C";
+
+ equal(starbase.crypto.dh.generate_sharedsecret(xA, yB), Z, "1st example ok");
+ equal(starbase.crypto.dh.generate_sharedsecret(xB, yA), Z, "2nd example ok");
+
+});
+
+
+});
+</script>
+
+</head>
+<body>
+ <h1 id="qunit-header">Starbase Crypto Unit Test</h1>
+ <h2 id="qunit-banner"></h2>
+ <div id="qunit-testrunner-toolbar"></div>
+ <h2 id="qunit-userAgent"></h2>
+ <ol id="qunit-tests"></ol>
+ <div id="qunit-fixture">test markup, will be hidden</div>
+</body>
+</html>
View
42 doc/overview.txt
@@ -1,28 +1,28 @@
-The starbase system allowes encrypted message exchange trough a server that
+The starbase system allows encrypted message exchange trough a server that
can not read the exchanged messages.
-* marks secondary aims, which are not ment to be implemented in the prototype,
+* marks secondary aims, which are not meant to be implemented in the prototype,
but are thought of, to be implemented later on.
-Ones starbase home server can entierly be used as a plain data storage server,
-where business logic is fetched from an indipendent source.*
+Ones starbase home server can entirely be used as a plain data storage server,
+where business logic is fetched from an independent source.*
-Encryption and handling of personal data is done entierly on client side.
+Encryption and handling of personal data is done entirely on client side.
The first implementation should work over http.
-Therefore on client side javascript is used and on the server side there is
+Therefore on client side JavaScript is used and on the server side there is
python. (python because its for girls).
Principle of the dead drop
A client is responsible for delivering its messages to the receivers home
server,
-and the client is responsible for fetchiing received messages from the
+and the client is responsible for fetching received messages from the
own home server.
partitions of a home server
The home server consists of two partitions. The first partition is the users
-encrypted blob (encrypted user blob struct), and the second partition contains
-for the admin readable business data and enrypted messages which are stored
+encrypted blob (encrypted datablob), and the second partition contains
+for the admin readable business data and encrypted messages which are stored
for its user to be picked up.
authorizing people to drop messages at ones home server
@@ -31,33 +31,35 @@ allow everyone to drop messages at ones home server.
sending a friend request
A friend request is a special message that is allowed to be dropped at the
-receiptiens home server when a captcha, which is send from the receiptiens
+recipients home server when a captcha, which is send from the recipients
home server, is filled out right.
Diffie-Hellman
While sending a friend request the first part of a Diffie-Hellman-Key-Exchange
-is sent. Also the auth key is send.
+is sent. Also the accesstoken is sent.
Accepting a friend request
-With the received auth key, one is allowed to drop a message at the requesters
-home server and leave the second part of the Diffie-Hellman-Key-Exchange.
+With the received accesstoken, one is allowed to drop a message at the
+requesters home server and leave the second part of the
+Diffie-Hellman-Key-Exchange.
The friendship is established. Trough the Diffie-Hellman-Key-Exchange there is
-a common secret, which from now on is used to encrypt data synchronous.
+a sharedsecret, which from now on is used to encrypt data synchronous.
connecting to own home server
-The auth key generated from ones password authorizes one to fetch and write ones blob.
+The authkey generated from ones password authorizes one to fetch and write ones
+datablob.
read message
- When connecting to ones home server, messages in the inbox are moved to the inbox
-within the encrypted_user_blob_struct.
+ When connecting to ones home server, messages in the inbox are moved to the
+inbox within the datablob.
connecting to a foreign home server
-The known access token authorizes one to drop a encrypted message at a foreign
+The known accesstoken authorizes one to drop a encrypted message at a foreign
home server.
send message
- When sending a message, it is encrypted with the shared secret of the
-receiptient and stored at the receptients home server.
+ When sending a message, it is encrypted with the sharedsecret of the
+recipient and stored at the recipients home server.
View
29 doc/wording.txt
@@ -0,0 +1,29 @@
+This document describes the wording for certain important items. These labels
+should be used throughout the project to avoid confusion and to simplify the
+discussion.
+
+datablob:
+an encrypted blob that contains all the data the user and user application
+requires to function, stores messages (sent, received) friends lists,
+accesstokens etc.
+
+accesstoken:
+a string used by friends to drop messages at a users inbox, specified by the
+user and transmitted to the friend
+
+authkey:
+a string used by a user to authenticate himself to the server, so that the
+server sends the user the datablob, it is derived from the password
+
+sharedsecret:
+a string used by two friends to encrypt their communication, the sharedsecret
+is established through a diffie hellman key exchange
+
+privatekey:
+a string used to de- and encrypt the datablob, it is derived from the password
+
+password:
+a string specified by the user, from this string the authkey and the privatekey
+is derived
+
+
View
1 newuser/starbase
View
0 newuser/default.sql → server/default.sql
File renamed without changes.
View
0 newuser/newuser.py → server/newuser.py
File renamed without changes.
View
12 server/server.py
@@ -1,5 +1,6 @@
import ConfigParser
+import sqlite3
from werkzeug.wrappers import Response, Request
from werkzeug.routing import Map, Rule
@@ -35,7 +36,10 @@ def dispatch_request(self, request):
# only proceed if user exists
if not self.user_exists(values['user']):
raise NotFound()
-
+
+ self.db = \
+ sqlite3.connect(self.user_data_folder + values['user'] + '.sql')
+
return getattr(self, 'on_' + endpoint)(request, **values)
except HTTPException, e:
return e
@@ -56,6 +60,8 @@ def on_default(self, request, user):
return Response("on_default " + user)
def on_load_data(self, request, user):
+ print request
+ print request.form['authkey']
return Response("load_data")
def on_store_data(self, request, user):
@@ -81,6 +87,10 @@ def user_exists(self, user):
print user_database
return file_exists(user_database)
+ def user_authenticate(self, authkey):
+ db.execute('SELECT autkey FROM admin WHERE authkey = ?', (authkey))
+ print db
+
def create_app():
app = starbase()

0 comments on commit 9fc9387

Please sign in to comment.
Something went wrong with that request. Please try again.