1
0
mirror of https://github.com/danog/fast-srp.git synced 2024-11-30 04:19:18 +01:00

Optimized from/to Buffer and from/to BigInteger transitions

This commit is contained in:
Zarmack Tanen 2015-09-10 11:15:18 +02:00
parent bb14e766d0
commit c44264be7e

View File

@ -27,11 +27,6 @@ function assert_(val, msg) {
function padTo(n, len) {
assertIsBuffer(n, "n");
var padding = len - n.length;
/*
console.log("n = " + n.toString('hex'));
console.log("n.length = " + n.length);
console.log("len = " + len);
*/
assert_(padding > -1, "Negative padding. Very uncomfortable.");
var result = new Buffer(len);
result.fill(0, 0, padding);
@ -42,7 +37,6 @@ function padTo(n, len) {
function padToN(number, params) {
assertIsBigInteger(number);
//! return padTo(number.toBuffer(), params.N_length_bits/8);
var n = number.toString(16).length % 2 != 0 ? "0" + number.toString(16) : number.toString(16);
return padTo(new Buffer(n, 'hex'), params.N_length_bits / 8);
}
@ -57,10 +51,9 @@ function padToH(number, params) {
else if (params.hash === "sha512")
hashlen_bits = 512;
else
throw Error("cannot determine length of hash '"+params.hash+"'");
throw Error("cannot determine length of hash '" +params.hash + "'");
//! return padTo(number.toBuffer(), hashlen_bits / 8);
return padTo(new Buffer(number.toString(16), 'hex'), hashlen_bits / 8);
return padTo(new Buffer(number, 'hex'), hashlen_bits / 8);
}
function assertIsBuffer(arg, argname) {
@ -103,7 +96,6 @@ function getx(params, salt, I, P) {
.update(salt)
.update(hashIP)
.digest();
//! return bignum.fromBuffer(hashX);
return(new BigInteger(hashX));
};
@ -129,7 +121,6 @@ function computeVerifier(params, salt, I, P) {
assertIsBuffer(salt, "salt (salt)");
assertIsBuffer(I, "identity (I)");
assertIsBuffer(P, "password (P)");
//* var v_num = params.g.powm(getx(params, salt, I, P), params.N);
var v_num = params.g.modPow(getx(params, salt, I, P), params.N);
return padToN(v_num, params);
};
@ -148,7 +139,7 @@ function getk(params) {
.update(padToN(params.N, params))
.update(padToN(params.g, params))
.digest();
return(new BigInteger(k_buf.toString('hex'), 16));
return(new BigInteger(k_buf));
};
/*
@ -195,7 +186,6 @@ function getB(params, k, v, b) {
assertIsBigInteger(k);
assertIsBigInteger(b);
var N = params.N;
//* var r = k.mul(v).add(params.g.powm(b, N)).mod(N);
var r = k.multiply(v).add(params.g.modPow(b, N)).mod(N);
return padToN(r, params);
};
@ -215,11 +205,9 @@ function getB(params, k, v, b) {
*/
function getA(params, a_num) {
assertIsBigInteger(a_num);
//! if (Math.ceil(a_num.bitLength() / 8) < 256/8) {
if (Math.ceil(a_num.toString(16).length / 2) < 32) {
console.warn("getA: client key length", a_num.bitLength(), "is less than the recommended 256 bits");
}
//* return padToN(params.g.powm(a_num, params.N), params);
return padToN(params.g.modPow(a_num, params.N), params);
};
@ -244,7 +232,7 @@ function getu(params, A, B) {
.update(A).update(B)
.digest();
//! return bignum.fromBuffer(u_buf);
return(new BigInteger(u_buf.toString('hex'), 16));
return(new BigInteger(u_buf));
};
/*
@ -267,13 +255,11 @@ function client_getS(params, k_num, x_num, a_num, B_num, u_num) {
assertIsBigInteger(a_num);
assertIsBigInteger(B_num);
assertIsBigInteger(u_num);
var g = params.g;
var N = params.N;
// if (zero.greater(B_num) || N.lesser(B_num))
// var g = params.g;
// var N = params.N;
if((zero.compareTo(B_num) > 0) && (N.compareTo(B_num) < 0))
throw new Error("invalid server-supplied 'B', must be 1..N-1");
//* var S_num = B_num.sub(k_num.mul(g.powm(x_num, N))).powm(a_num.add(u_num.mul(x_num)), N).mod(N);
var S_num = B_num.subtract(k_num.multiply(g.modPow(x_num, N))).modPow(a_num.add(u_num.multiply(x_num)), N).mod(N);
var S_num = B_num.subtract(k_num.multiply(params.g.modPow(x_num, params.N))).modPow(a_num.add(u_num.multiply(x_num)), params.N).mod(params.N);
return padToN(S_num, params);
};
@ -362,8 +348,7 @@ function Client(params, salt_buf, identity_buf, password_buf, secret1_buf) {
this._private = { params: params,
k_num: getk(params),
x_num: getx(params, salt_buf, identity_buf, password_buf),
//! a_num: bignum.fromBuffer(secret1_buf) };
a_num: new BigInteger(secret1_buf.toString('hex'), 16) };
a_num: new BigInteger(secret1_buf) };
this._private.A_buf = getA(params, this._private.a_num);
}
@ -373,10 +358,8 @@ Client.prototype = {
},
setB: function setB(B_buf) {
var p = this._private;
//! var B_num = bignum.fromBuffer(B_buf);
var B_num = new BigInteger(B_buf.toString('hex'), 16);
var B_num = new BigInteger(B_buf);
var u_num = getu(p.params, p.A_buf, B_buf);
// console.log(util.inspect(p));
var S_buf_x = client_getS(p.params, p.k_num, p.x_num, p.a_num, B_num, u_num);
p.K_buf = getK(p.params, S_buf_x);
p.M1_buf = getM1(p.params, p.A_buf, B_buf, S_buf_x);
@ -408,10 +391,8 @@ function Server(params, verifier_buf, secret2_buf) {
assertIsBuffer(secret2_buf, "secret2");
this._private = { params: params,
k_num: getk(params),
//! b_num: bignum.fromBuffer(secret2_buf),
//! v_num: bignum.fromBuffer(verifier_buf) };
b_num: new BigInteger(secret2_buf.toString('hex'), 16),
v_num: new BigInteger(verifier_buf.toString('hex'), 16) };
b_num: new BigInteger(secret2_buf),
v_num: new BigInteger(verifier_buf) };
this._private.B_buf = getB(params, this._private.k_num,
this._private.v_num, this._private.b_num);
@ -423,8 +404,7 @@ Server.prototype = {
},
setA: function setA(A_buf) {
var p = this._private;
//! var A_num = bignum.fromBuffer(A_buf);
var A_num = new BigInteger(A_buf.toString('hex'), 16);
var A_num = new BigInteger(A_buf);
var u_num = getu(p.params, A_buf, p.B_buf);
var S_buf = server_getS(p.params, p.v_num, A_num, p.b_num, u_num);
p.K_buf = getK(p.params, S_buf);