suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changed mpi interface to a more sane variant - openpgp

Browse Source 
methods MUST return openpgp_type_mpi, using BigIntegers
is prohibited as otherwise the wrapper has no point.
This commit is contained in:
Michal Kolodziej 2013-04-24 10:46:43 +02:00
parent 6d45a19f88
commit 530a9a0c69
7 changed files with 315 additions and 349 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

380
resources/openpgp.js
View File

@ -3670,25 +3670,33 @@ function normal_cfb_decrypt(blockcipherencryptfn, block_size, key, ciphertext, i
* if elgamal encryption an array of two openpgp_type_mpi is returned; otherwise null
*/
function openpgp_crypto_asymetricEncrypt(algo, publicMPIs, data) {
switch(algo) {
case 1: // RSA (Encrypt or Sign) [HAC]
case 2: // RSA Encrypt-Only [HAC]
case 3: // RSA Sign-Only [HAC]
var rsa = new RSA();
var n = publicMPIs[0].toBigInteger();
var e = publicMPIs[1].toBigInteger();
var m = data.toBigInteger();
return [rsa.encrypt(m,e,n)];
case 16: // Elgamal (Encrypt-Only) [ELGAMAL] [HAC]
var elgamal = new Elgamal();
var p = publicMPIs[0].toBigInteger();
var g = publicMPIs[1].toBigInteger();
var y = publicMPIs[2].toBigInteger();
var m = data.toBigInteger();
return elgamal.encrypt(m,g,p,y);
default:
return null;
}
var result = (function() {
switch(algo) {
case 1: // RSA (Encrypt or Sign) [HAC]
case 2: // RSA Encrypt-Only [HAC]
case 3: // RSA Sign-Only [HAC]
var rsa = new RSA();
var n = publicMPIs[0].toBigInteger();
var e = publicMPIs[1].toBigInteger();
var m = data.toBigInteger();
return [rsa.encrypt(m,e,n)];
case 16: // Elgamal (Encrypt-Only) [ELGAMAL] [HAC]
var elgamal = new Elgamal();
var p = publicMPIs[0].toBigInteger();
var g = publicMPIs[1].toBigInteger();
var y = publicMPIs[2].toBigInteger();
var m = data.toBigInteger();
return elgamal.encrypt(m,g,p,y);
default:
return [];
}
})();
return result.map(function(bn) {
var mpi = new openpgp_type_mpi();
mpi.fromBigInteger(bn);
return mpi;
});
}
/**
@ -3700,32 +3708,37 @@ function openpgp_crypto_asymetricEncrypt(algo, publicMPIs, data) {
* @param {openpgp_type_mpi[]} secretMPIs Algorithm dependent multiprecision integers
* of the private key used
* @param {openpgp_type_mpi} data Data to be encrypted as MPI
* @return {BigInteger} returns a big integer containing the decrypted data; otherwise null
* @return {openpgp_type_mpi} returns a big integer containing the decrypted data; otherwise null
*/
function openpgp_crypto_asymetricDecrypt(algo, publicMPIs, secretMPIs, dataMPIs) {
switch(algo) {
case 1: // RSA (Encrypt or Sign) [HAC]
case 2: // RSA Encrypt-Only [HAC]
case 3: // RSA Sign-Only [HAC]
var rsa = new RSA();
var d = secretMPIs[0].toBigInteger();
var p = secretMPIs[1].toBigInteger();
var q = secretMPIs[2].toBigInteger();
var u = secretMPIs[3].toBigInteger();
var m = dataMPIs[0].toBigInteger();
return rsa.decrypt(m, d, p, q, u);
case 16: // Elgamal (Encrypt-Only) [ELGAMAL] [HAC]
var elgamal = new Elgamal();
var x = secretMPIs[0].toBigInteger();
var c1 = dataMPIs[0].toBigInteger();
var c2 = dataMPIs[1].toBigInteger();
var p = publicMPIs[0].toBigInteger();
return elgamal.decrypt(c1,c2,p,x);
default:
return null;
}
var bn = (function() {
switch(algo) {
case 1: // RSA (Encrypt or Sign) [HAC]
case 2: // RSA Encrypt-Only [HAC]
case 3: // RSA Sign-Only [HAC]
var rsa = new RSA();
var d = secretMPIs[0].toBigInteger();
var p = secretMPIs[1].toBigInteger();
var q = secretMPIs[2].toBigInteger();
var u = secretMPIs[3].toBigInteger();
var m = dataMPIs[0].toBigInteger();
return rsa.decrypt(m, d, p, q, u);
case 16: // Elgamal (Encrypt-Only) [ELGAMAL] [HAC]
var elgamal = new Elgamal();
var x = secretMPIs[0].toBigInteger();
var c1 = dataMPIs[0].toBigInteger();
var c2 = dataMPIs[1].toBigInteger();
var p = publicMPIs[0].toBigInteger();
return elgamal.decrypt(c1,c2,p,x);
default:
return null;
}
})();
var result = new openpgp_type_mpi();
result.fromBigInteger(bn);
return result;
}
/**
@ -12509,9 +12522,7 @@ function openpgp_packet_public_key_encrypted_session_key() {
}
this.version = bytes[0].charCodeAt();
this.public_key_id.read_packet(bytes, 1);
this.public_key_algorithm = bytes[9].charCodeAt();
var i = 10;
@ -12522,16 +12533,15 @@ function openpgp_packet_public_key_encrypted_session_key() {
case openpgp.publickey.rsa_encrypt_sign:
this.encrypted = [];
this.encrypted[0] = new openpgp_type_mpi();
this.encrypted[0].read(bytes, i, bytes.length - i);
this.encrypted[0].read(bytes.substr(i));
break;
case openpgp.publickey.elgamal:
this.encrypted = [];
this.encrypted[0] = new openpgp_type_mpi();
this.encrypted[0].read(bytes, i, bytes.length - i);
i += this.encrypted[0].packetLength;
i += this.encrypted[0].read(bytes.substr(i));
this.encrypted[1] = new openpgp_type_mpi();
this.encrypted[1].read(bytes, i, bytes.length - i);
this.encrypted[1].read(bytes.substr(i));
break;
default:
@ -12567,7 +12577,7 @@ function openpgp_packet_public_key_encrypted_session_key() {
result += String.fromCharCode(this.public_key_algorithm);
for ( var i = 0; i < this.encrypted.length; i++) {
result += this.encrypted[i].toBin();
result += this.encrypted[i].write()
}
return result;
@ -12582,20 +12592,14 @@ function openpgp_packet_public_key_encrypted_session_key() {
data += String.fromCharCode((checksum) & 0xFF);
var mpi = new openpgp_type_mpi();
mpi.fromBytes(openpgp_encoding_eme_pkcs1_encode(
data,
public_key_mpi[0].byteLength()));
var encrypted = openpgp_crypto_asymetricEncrypt(
this.encrypted = openpgp_crypto_asymetricEncrypt(
this.public_key_algorithm,
public_key_mpi,
mpi.create(openpgp_encoding_eme_pkcs1_encode(data,
public_key_mpi[0].mpiByteLength)));
// TODO: fix this - make openpgp_crypto_ interfaces uniform
this.encrypted = encrypted.map(function(k) {
var mpi = new openpgp_type_mpi;
var b = k.toMPI();
mpi.read(b, 0, b.length);
return mpi;
});
mpi);
}
/**
@ -12613,16 +12617,16 @@ function openpgp_packet_public_key_encrypted_session_key() {
this.public_key_algorithm,
public_key_mpi,
private_key_mpi,
this.encrypted).toMPI();
this.encrypted).toBytes();
var checksum = ((result.charCodeAt(result.length - 2) << 8) + result
.charCodeAt(result.length - 1));
var checksum = ((result.charCodeAt(result.length - 2) << 8)
+ result.charCodeAt(result.length - 1));
var decoded = openpgp_encoding_eme_pkcs1_decode(
result.substring(2, result.length - 2),
public_key_mpi[0].getByteLength());
result,
public_key_mpi[0].byteLength());
var key = decoded.substring(1);
var key = decoded.substring(1, decoded.length - 2);
if(checksum != util.calc_checksum(key)) {
util.print_error("Checksum mismatch");
@ -13005,6 +13009,111 @@ function openpgp_packet_symmetrically_encrypted() {
// License along with this library; if not, write to the Free Software
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
// Hint: We hold our MPIs as an array of octets in big endian format preceeding a two
// octet scalar: MPI: [a,b,c,d,e,f]
// - MPI size: (a << 8) | b
// - MPI = c | d << 8 | e << ((MPI.length -2)*8) | f ((MPI.length -2)*8)
/**
* @class
* @classdescImplementation of type MPI (RFC4880 3.2)
* Multiprecision integers (also called MPIs) are unsigned integers used
* to hold large integers such as the ones used in cryptographic
* calculations.
* An MPI consists of two pieces: a two-octet scalar that is the length
* of the MPI in bits followed by a string of octets that contain the
* actual integer.
*/
function openpgp_type_mpi() {
/** An implementation dependent integer */
this.data = null;
/**
* Parsing function for a mpi (RFC 4880 3.2).
* @param {String} input Payload of mpi data
* @param {Integer} position Position to start reading from the input
* string
* @param {Integer} len Length of the packet or the remaining length of
* input at position
* @return {openpgp_type_mpi} Object representation
*/
this.read = function(bytes) {
var bits = (bytes[0].charCodeAt() << 8) | bytes[1].charCodeAt();
// Additional rules:
//
// The size of an MPI is ((MPI.length + 7) / 8) + 2 octets.
//
// The length field of an MPI describes the length starting from its
// most significant non-zero bit. Thus, the MPI [00 02 01] is not
// formed correctly. It should be [00 01 01].
// TODO: Verification of this size method! This size calculation as
// specified above is not applicable in JavaScript
var bytelen = Math.ceil(bits / 8);
var raw = bytes.substr(2, bytelen);
this.fromBytes(raw);
return 2 + bytelen;
}
this.fromBytes = function(bytes) {
this.data = new BigInteger(util.hexstrdump(bytes), 16);
}
this.toBytes = function() {
return this.write().substr(2);
}
this.byteLength = function() {
return this.toBytes().length;
}
/**
* Converts the mpi object to a string as specified in RFC4880 3.2
* @return {String} mpi Byte representation
*/
this.write = function() {
return this.data.toMPI();
}
this.toBigInteger = function() {
return this.data.clone();
}
this.fromBigInteger = function(bn) {
this.data = bn.clone();
}
/**
* Generates debug output (pretty print)
* @return {String} String which gives some information about the mpi
*/
this.toString = function() {
var r = " MPI("+this.mpiBitLength+"b/"+this.mpiByteLength+"B) : 0x";
r+=util.hexstrdump(this.MPI);
return r+'\n';
}
}
// GPG4Browsers - An OpenPGP implementation in javascript
// Copyright (C) 2011 Recurity Labs GmbH
//
// This library is free software; you can redistribute it and/or
// modify it under the terms of the GNU Lesser General Public
// License as published by the Free Software Foundation; either
// version 2.1 of the License, or (at your option) any later version.
//
// This library is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
// Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public
// License along with this library; if not, write to the Free Software
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
/**
* @class
* @classdesc Implementation of type key id (RFC4880 3.3)
@ -13014,6 +13123,10 @@ function openpgp_packet_symmetrically_encrypted() {
formed.
*/
function openpgp_type_keyid() {
var bytes = '';
for(var i = 0; i < 8; i++)
bytes += String.fromCharCode(0);
/**
* Parsing method for a key id
* @param {String} input Input to read the key id from
@ -13054,141 +13167,6 @@ function openpgp_type_keyid() {
// License along with this library; if not, write to the Free Software
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
// Hint: We hold our MPIs as an array of octets in big endian format preceeding a two
// octet scalar: MPI: [a,b,c,d,e,f]
// - MPI size: (a << 8) | b
// - MPI = c | d << 8 | e << ((MPI.length -2)*8) | f ((MPI.length -2)*8)
/**
* @class
* @classdescImplementation of type MPI (RFC4880 3.2)
* Multiprecision integers (also called MPIs) are unsigned integers used
* to hold large integers such as the ones used in cryptographic
* calculations.
* An MPI consists of two pieces: a two-octet scalar that is the length
* of the MPI in bits followed by a string of octets that contain the
* actual integer.
*/
function openpgp_type_mpi() {
this.MPI = null;
this.mpiBitLength = null;
this.mpiByteLength = null;
this.data = null;
/**
* Parsing function for a mpi (RFC 4880 3.2).
* @param {String} input Payload of mpi data
* @param {Integer} position Position to start reading from the input
* string
* @param {Integer} len Length of the packet or the remaining length of
* input at position
* @return {openpgp_type_mpi} Object representation
*/
function read(input, position, len) {
var mypos = position;
this.mpiBitLength = (input[mypos++].charCodeAt() << 8) | input[mypos++].charCodeAt();
// Additional rules:
//
// The size of an MPI is ((MPI.length + 7) / 8) + 2 octets.
//
// The length field of an MPI describes the length starting from its
// most significant non-zero bit. Thus, the MPI [00 02 01] is not
// formed correctly. It should be [00 01 01].
// TODO: Verification of this size method! This size calculation as
// specified above is not applicable in JavaScript
this.mpiByteLength = (this.mpiBitLength - (this.mpiBitLength % 8)) / 8;
if (this.mpiBitLength % 8 != 0)
this.mpiByteLength++;
this.MPI = input.substring(mypos,mypos+this.mpiByteLength);
this.data = input.substring(position, position+2+this.mpiByteLength);
this.packetLength = this.mpiByteLength +2;
return this;
}
/**
* Generates debug output (pretty print)
* @return {String} String which gives some information about the mpi
*/
function toString() {
var r = " MPI("+this.mpiBitLength+"b/"+this.mpiByteLength+"B) : 0x";
r+=util.hexstrdump(this.MPI);
return r+'\n';
}
/**
* Converts the mpi to an BigInteger object
* @return {BigInteger}
*/
function getBigInteger() {
return new BigInteger(util.hexstrdump(this.MPI),16);
}
function getBits(num) {
for (var i = 0; i < 9; i++)
if (num >> i == 0)
return i;
}
/**
* Gets the length of the mpi in bytes
* @return {Integer} Mpi byte length
*/
function getByteLength() {
return this.mpiByteLength;
}
/**
* Creates an mpi from the specified string
* @param {String} data Data to read the mpi from
* @return {openpgp_type_mpi}
*/
function create(data) {
this.MPI = data;
this.mpiBitLength = (data.length -1) *8 + getBits(data.charCodeAt(0));
this.mpiByteLength = data.length;
return this;
}
/**
* Converts the mpi object to a string as specified in RFC4880 3.2
* @return {String} mpi Byte representation
*/
function toBin() {
var result = String.fromCharCode((this.mpiBitLength >> 8) & 0xFF);
result += String.fromCharCode(this.mpiBitLength & 0xFF);
result += this.MPI;
return result;
}
this.read = read;
this.toBigInteger = getBigInteger;
this.toString = toString;
this.create = create;
this.toBin = toBin;
this.getByteLength = getByteLength;
}
// GPG4Browsers - An OpenPGP implementation in javascript
// Copyright (C) 2011 Recurity Labs GmbH
//
// This library is free software; you can redistribute it and/or
// modify it under the terms of the GNU Lesser General Public
// License as published by the Free Software Foundation; either
// version 2.1 of the License, or (at your option) any later version.
//
// This library is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
// Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public
// License along with this library; if not, write to the Free Software
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
/**
* @class
* @classdesc Implementation of the String-to-key specifier (RFC4880 3.7)

18
resources/openpgp.min.js vendored
View File

@ -107,8 +107,8 @@ function openpgp_cfb_decrypt(b,a,c,d,e){util.print_debug("resync:"+e);var f=Arra
k.join("");if(e){for(h=0;h<a;h++)f[h]=d.charCodeAt(h+2);j=a+2}else{for(h=0;h<a;h++)f[h]=d.charCodeAt(h);j=a}for(;j<d.length;j+=a){g=b(f,c);for(h=0;h<a&&h+j<d.length;h++)f[h]=d.charCodeAt(j+h),k.push(String.fromCharCode(g[h]^f[h]))}return k.join("")}
function normal_cfb_encrypt(b,a,c,d,e){for(var f="",f="",g=0,h=[],j=[],f=e.substring(0,a);d.length>a*g;){for(var e=b(f,c),f=d.substring(g*a,g*a+a),k=0;k<f.length;k++)j.push(String.fromCharCode(f.charCodeAt(k)^e[k]));f=j.join("");j=[];h.push(f);g++}return h.join("")}
function normal_cfb_decrypt(b,a,c,d,e){var f="",g=0,h=[];if(null==e)for(e=0;e<a;e++)f+=String.fromCharCode(0);else f=e.substring(0,a);for(;d.length>a*g;){for(var j=b(f,c),f=d.substring(g*a+0,g*a+a+0),e=0;e<f.length;e++)h.push(String.fromCharCode(f.charCodeAt(e)^j[e]));g++}return h.join("")}
function openpgp_crypto_asymetricEncrypt(b,a,c){switch(b){case 1:case 2:case 3:var b=new RSA,d=a[0].toBigInteger(),a=a[1].toBigInteger(),c=c.toBigInteger();return[b.encrypt(c,a,d)];case 16:var b=new Elgamal,d=a[0].toBigInteger(),e=a[1].toBigInteger(),a=a[2].toBigInteger(),c=c.toBigInteger();return b.encrypt(c,e,d,a);default:return null}}
function openpgp_crypto_asymetricDecrypt(b,a,c,d){switch(b){case 1:case 2:case 3:var b=new RSA,e=c[0].toBigInteger(),a=c[1].toBigInteger(),f=c[2].toBigInteger(),c=c[3].toBigInteger(),d=d[0].toBigInteger();return b.decrypt(d,e,a,f,c);case 16:return b=new Elgamal,c=c[0].toBigInteger(),e=d[0].toBigInteger(),d=d[1].toBigInteger(),a=a[0].toBigInteger(),b.decrypt(e,d,a,c);default:return null}}
function openpgp_crypto_asymetricEncrypt(b,a,c){return function(){switch(b){case 1:case 2:case 3:var d=new RSA,e=a[0].toBigInteger(),f=a[1].toBigInteger(),g=c.toBigInteger();return[d.encrypt(g,f,e)];case 16:var d=new Elgamal,e=a[0].toBigInteger(),f=a[1].toBigInteger(),h=a[2].toBigInteger(),g=c.toBigInteger();return d.encrypt(g,f,e,h);default:return[]}}().map(function(a){var b=new openpgp_type_mpi;b.fromBigInteger(a);return b})}
function openpgp_crypto_asymetricDecrypt(b,a,c,d){var e=function(){switch(b){case 1:case 2:case 3:var e=new RSA,f=c[0].toBigInteger(),j=c[1].toBigInteger(),k=c[2].toBigInteger(),l=c[3].toBigInteger(),m=d[0].toBigInteger();return e.decrypt(m,f,j,k,l);case 16:return e=new Elgamal,f=c[0].toBigInteger(),k=d[0].toBigInteger(),l=d[1].toBigInteger(),j=a[0].toBigInteger(),e.decrypt(k,l,j,f);default:return null}}(),f=new openpgp_type_mpi;f.fromBigInteger(e);return f}
function openpgp_crypto_getPrefixRandom(b){switch(b){case 2:case 3:case 4:return openpgp_crypto_getRandomBytes(8);case 7:case 8:case 9:case 10:return openpgp_crypto_getRandomBytes(16);default:return null}}
function openpgp_crypto_MDCSystemBytes(b,a,c){util.print_debug_hexstr_dump("openpgp_crypto_symmetricDecrypt:\nencrypteddata:",c);switch(b){case 0:return c;case 2:return openpgp_cfb_mdc(desede,8,a,c,openpgp_cfb);case 3:return openpgp_cfb_mdc(cast5_encrypt,8,a,c);case 4:return openpgp_cfb_mdc(BFencrypt,8,a,c);case 7:case 8:case 9:return openpgp_cfb_mdc(AESencrypt,16,keyExpansion(a),c);case 10:return openpgp_cfb_mdc(TFencrypt,16,a,c);case 1:util.print_error(""+(1==b?"IDEA Algorithm not implemented":
"Twofish Algorithm not implemented"))}return null}function openpgp_crypto_generateSessionKey(b){return openpgp_crypto_getRandomBytes(openpgp_crypto_getKeyLength(b))}function openpgp_crypto_getKeyLength(b){switch(b){case 2:case 8:return 24;case 3:case 4:case 7:return 16;case 9:case 10:return 32}return null}
@ -444,10 +444,10 @@ g+j);d+=j;g+=j;break}j=g}else b++,d=a[b++].charCodeAt()<<24|a[b++].charCodeAt()<
return{packet:k,offset:b+d}};this.type={reserved:0,public_key_encrypted_session_key:1,signature:2,sym_encrypted_session_key:3,one_pass_signature:4,secret_key:5,public_key:6,secret_subkey:7,compressed:8,symmetrically_encrypted:9,marker:10,literal:11,trust:12,userid:13,public_subkey:14,user_attribute:17,sym_encrypted_integrity_protected:18,modification_detection_code:19}}var openpgp_packet=new _openpgp_packet;
function openpgp_packetlist(){this.length=0;this.read=function(b){this.packets=[];for(var a=0;a<b.length;){var c=openpgp_packet.read_packet(b,a,b.length-a),a=c.offset;this.push(c.packet)}};this.write=function(){for(var b="",a=0;a<this.length;a++)var c=this[a].write(),b=b+openpgp_packet.write_packet_header(this[a].tag,c.length),b=b+c;return b};this.push=function(b){this[this.length]=b;this.length++}}
function openpgp_packet_public_key_encrypted_session_key(){this.tag=1;this.version=3;this.public_key_id=new openpgp_type_keyid;this.public_key_algorithm=openpgp.publickey.rsa_encrypt_sign;this.symmetric_key=null;this.symmetric_algorithm=openpgp.symmetric.plaintext;this.encrypted=[];this.read=function(b){if(10>b.length)return util.print_error("openpgp.packet.encryptedsessionkey.js\ninvalid length"),null;this.version=b[0].charCodeAt();this.public_key_id.read_packet(b,1);this.public_key_algorithm=b[9].charCodeAt();
var a=10;switch(this.public_key_algorithm){case openpgp.publickey.rsa_encrypt:case openpgp.publickey.rsa_encrypt_sign:this.encrypted=[];this.encrypted[0]=new openpgp_type_mpi;this.encrypted[0].read(b,a,b.length-a);break;case openpgp.publickey.elgamal:this.encrypted=[];this.encrypted[0]=new openpgp_type_mpi;this.encrypted[0].read(b,a,b.length-a);a+=this.encrypted[0].packetLength;this.encrypted[1]=new openpgp_type_mpi;this.encrypted[1].read(b,a,b.length-a);break;default:util.print_error("openpgp.packet.encryptedsessionkey.js\nunknown public key packet algorithm type "+
this.public_key_algorithm)}};this.write=function(){for(var b=String.fromCharCode(this.version),b=b+this.public_key_id.bytes,b=b+String.fromCharCode(this.public_key_algorithm),a=0;a<this.encrypted.length;a++)b+=this.encrypted[a].toBin();return b};this.encrypt=function(b){var a=String.fromCharCode(this.symmetric_algorithm),a=a+this.symmetric_key,c=util.calc_checksum(this.symmetric_key),a=a+String.fromCharCode(c>>8&255),a=a+String.fromCharCode(c&255),c=new openpgp_type_mpi;this.encrypted=openpgp_crypto_asymetricEncrypt(this.public_key_algorithm,
b,c.create(openpgp_encoding_eme_pkcs1_encode(a,b[0].mpiByteLength))).map(function(a){var b=new openpgp_type_mpi,a=a.toMPI();b.read(a,0,a.length);return b})};this.decrypt=function(b,a){var c=openpgp_crypto_asymetricDecrypt(this.public_key_algorithm,b,a,this.encrypted).toMPI(),d=(c.charCodeAt(c.length-2)<<8)+c.charCodeAt(c.length-1),c=openpgp_encoding_eme_pkcs1_decode(c.substring(2,c.length-2),b[0].getByteLength()),e=c.substring(1);d!=util.calc_checksum(e)?util.print_error("Checksum mismatch"):(this.symmetric_key=
e,this.symmetric_algorithm=c.charCodeAt(0))};this.toString=function(){for(var b="5.1. Public-Key Encrypted Session Key Packets (Tag 1)\n KeyId: "+this.keyId.toString()+"\n length: "+this.packetLength+"\n version:"+this.version+"\n pubAlgUs:"+this.publicKeyAlgorithmUsed+"\n",a=0;a<this.encrypted.length;a++)b+=this.encrypted[a].toString();return b}}
var a=10;switch(this.public_key_algorithm){case openpgp.publickey.rsa_encrypt:case openpgp.publickey.rsa_encrypt_sign:this.encrypted=[];this.encrypted[0]=new openpgp_type_mpi;this.encrypted[0].read(b.substr(a));break;case openpgp.publickey.elgamal:this.encrypted=[];this.encrypted[0]=new openpgp_type_mpi;a+=this.encrypted[0].read(b.substr(a));this.encrypted[1]=new openpgp_type_mpi;this.encrypted[1].read(b.substr(a));break;default:util.print_error("openpgp.packet.encryptedsessionkey.js\nunknown public key packet algorithm type "+
this.public_key_algorithm)}};this.write=function(){for(var b=String.fromCharCode(this.version),b=b+this.public_key_id.bytes,b=b+String.fromCharCode(this.public_key_algorithm),a=0;a<this.encrypted.length;a++)b+=this.encrypted[a].write();return b};this.encrypt=function(b){var a=String.fromCharCode(this.symmetric_algorithm),a=a+this.symmetric_key,c=util.calc_checksum(this.symmetric_key),a=a+String.fromCharCode(c>>8&255),a=a+String.fromCharCode(c&255),c=new openpgp_type_mpi;c.fromBytes(openpgp_encoding_eme_pkcs1_encode(a,
b[0].byteLength()));this.encrypted=openpgp_crypto_asymetricEncrypt(this.public_key_algorithm,b,c)};this.decrypt=function(b,a){var c=openpgp_crypto_asymetricDecrypt(this.public_key_algorithm,b,a,this.encrypted).toBytes(),d=(c.charCodeAt(c.length-2)<<8)+c.charCodeAt(c.length-1),c=openpgp_encoding_eme_pkcs1_decode(c,b[0].byteLength()),e=c.substring(1,c.length-2);d!=util.calc_checksum(e)?util.print_error("Checksum mismatch"):(this.symmetric_key=e,this.symmetric_algorithm=c.charCodeAt(0))};this.toString=
function(){for(var b="5.1. Public-Key Encrypted Session Key Packets (Tag 1)\n KeyId: "+this.keyId.toString()+"\n length: "+this.packetLength+"\n version:"+this.version+"\n pubAlgUs:"+this.publicKeyAlgorithmUsed+"\n",a=0;a<this.encrypted.length;a++)b+=this.encrypted[a].toString();return b}}
function openpgp_packet_sym_encrypted_integrity_protected(){this.tag=18;this.version=1;this.encrypted=null;this.modification=!1;this.packets=new openpgp_packetlist;this.read=function(b){this.version=b[0].charCodeAt();if(1!=this.version)return util.print_error("openpgp.packet.encryptedintegrityprotecteddata.js\nunknown encrypted integrity protected data packet version: "+this.version+"hex:"+util.hexstrdump(b)),null;this.encrypted=b.substr(1)};this.write=function(){return String.fromCharCode(this.version)+
this.encrypted};this.encrypt=function(b,a){var c=this.packets.write(),d=openpgp_crypto_getPrefixRandom(b),e=d+d.charAt(d.length-2)+d.charAt(d.length-1),c=c+String.fromCharCode(211),c=c+String.fromCharCode(20);util.print_debug_hexstr_dump("data to be hashed:",e+c);c+=str_sha1(e+c);util.print_debug_hexstr_dump("hash:",c.substring(c.length-20,c.length));this.encrypted=openpgp_crypto_symmetricEncrypt(d,b,a,c,!1).substring(0,e.length+c.length)};this.decrypt=function(b,a){var c=openpgp_crypto_symmetricDecrypt(b,
a,this.encrypted,!1);this.hash=str_sha1(openpgp_crypto_MDCSystemBytes(b,a,this.encrypted)+c.substring(0,c.length-20));util.print_debug_hexstr_dump("calc hash = ",this.hash);this.packets.read(c.substr(0,c.length-22));if(this.hash!=c.substr(c.length-20,20))this.packets=null,util.print_error("Decryption stopped: discovered a modification of encrypted data.")};this.toString=function(){var b="";openpgp.config.debug&&(b=" data: Bytes ["+util.hexstrdump(this.encrypted)+"]");return"5.13. Sym. Encrypted Integrity Protected Data Packet (Tag 18)\n\n version: "+
@ -455,9 +455,9 @@ this.version+"\n"+b}}
function openpgp_packet_sym_encrypted_session_key(){this.tag=3;this.algorithm=this.private_algorithm=openpgp.symmetric.plaintext;this.encrypted=null;this.s2k=new openpgp_type_s2k;this.read=function(b){this.version=b[0].charCodeAt();this.private_algorithm=b[1].charCodeAt();this.s2k.read(b,2);var a=this.s2k.length+2;if(a<b.length)this.encrypted=b.substr(a)};this.decrypt=function(b){var a=openpgp_crypto_getKeyLength(this.private_algorithm),b=this.s2k.produce_key(b,a);null==this.encrypted?(this.key=b,
this.algorithm=this.private_algorithm):(b=openpgp_crypto_symmetricDecrypt(this.private_algorithm,b,this.encrypted,!0),this.algorithm=b[0].keyCodeAt(),this.key=b.substr(1))};this.toString=function(){return"5.3 Symmetric-Key Encrypted Session Key Packets (Tag 3)\n KeyId: "+this.keyId.toString()+"\n length: "+this.packetLength+"\n version:"+this.version+"\n symKeyA:"+this.symmetricKeyAlgorithmUsed+"\n s2k: "+this.s2k+"\n"}}
function openpgp_packet_symmetrically_encrypted(){this.tag=9;this.encrypted=null;this.packets=new openpgp_packetlist;this.read=function(b){this.encrypted=b};this.write=function(){return this.encrypted};this.decrypt=function(b,a){this.packets.read(openpgp_crypto_symmetricDecrypt(b,a,this.encrypted,!0))};this.encrypt=function(b,a){var c=this.packets.write();this.encrypted=openpgp_crypto_symmetricEncrypt(openpgp_crypto_getPrefixRandom(b),b,a,c,!0)};this.toString=function(){return"5.7. Symmetrically Encrypted Data Packet (Tag 9)\n Used symmetric algorithm: "+
this.algorithmType+"\n encrypted data: Bytes ["+util.hexstrdump(this.encryptedData)+"]\n"}}function openpgp_type_keyid(){this.read_packet=function(b,a){this.bytes=b.substring(a,a+8);return this};this.toString=function(){return util.hexstrdump(this.bytes)}}
function openpgp_type_mpi(){this.data=this.mpiByteLength=this.mpiBitLength=this.MPI=null;this.read=function(b,a){var c=a;this.mpiBitLength=b[c++].charCodeAt()<<8|b[c++].charCodeAt();this.mpiByteLength=(this.mpiBitLength-this.mpiBitLength%8)/8;0!=this.mpiBitLength%8&&this.mpiByteLength++;this.MPI=b.substring(c,c+this.mpiByteLength);this.data=b.substring(a,a+2+this.mpiByteLength);this.packetLength=this.mpiByteLength+2;return this};this.toBigInteger=function(){return new BigInteger(util.hexstrdump(this.MPI),
16)};this.toString=function(){var b=" MPI("+this.mpiBitLength+"b/"+this.mpiByteLength+"B) : 0x",b=b+util.hexstrdump(this.MPI);return b+"\n"};this.create=function(b){this.MPI=b;var a=8*(b.length-1),c;a:for(var d=b.charCodeAt(0),e=0;9>e;e++)if(0==d>>e){c=e;break a}this.mpiBitLength=a+c;this.mpiByteLength=b.length;return this};this.toBin=function(){var b=String.fromCharCode(this.mpiBitLength>>8&255),b=b+String.fromCharCode(this.mpiBitLength&255);return b+=this.MPI};this.getByteLength=function(){return this.mpiByteLength}}
this.algorithmType+"\n encrypted data: Bytes ["+util.hexstrdump(this.encryptedData)+"]\n"}}
function openpgp_type_mpi(){this.data=null;this.read=function(b){var a=b[0].charCodeAt()<<8|b[1].charCodeAt(),a=Math.ceil(a/8);this.fromBytes(b.substr(2,a));return 2+a};this.fromBytes=function(b){this.data=new BigInteger(util.hexstrdump(b),16)};this.toBytes=function(){return this.write().substr(2)};this.byteLength=function(){return this.toBytes().length};this.write=function(){return this.data.toMPI()};this.toBigInteger=function(){return this.data.clone()};this.fromBigInteger=function(b){this.data=
b.clone()};this.toString=function(){var b=" MPI("+this.mpiBitLength+"b/"+this.mpiByteLength+"B) : 0x",b=b+util.hexstrdump(this.MPI);return b+"\n"}}function openpgp_type_keyid(){for(var b="",a=0;8>a;a++)b+=String.fromCharCode(0);this.read_packet=function(a,b){this.bytes=a.substring(b,b+8);return this};this.toString=function(){return util.hexstrdump(this.bytes)}}
function openpgp_type_s2k(){this.read=function(b,a){var c=a;this.type=b[c++].charCodeAt();switch(this.type){case 0:this.hashAlgorithm=b[c++].charCodeAt();this.s2kLength=1;break;case 1:this.hashAlgorithm=b[c++].charCodeAt();this.saltValue=b.substring(c,c+8);c+=8;this.s2kLength=9;break;case 3:this.hashAlgorithm=b[c++].charCodeAt();this.saltValue=b.substring(c,c+8);c+=8;this.EXPBIAS=6;var d=b[c++].charCodeAt();this.count=16+(d&15)<<(d>>4)+this.EXPBIAS;this.s2kLength=10;break;case 101:"GNU"==b.substring(c+
1,c+4)?(this.hashAlgorithm=b[c++].charCodeAt(),c+=3,d=1E3+b[c++].charCodeAt(),1001==d?(this.type=d,this.s2kLength=5):util.print_error("unknown s2k gnu protection mode! "+this.type)):util.print_error("unknown s2k type! "+this.type);break;default:util.print_error("unknown s2k type! "+this.type)}this.packetLength=c-a;return this};this.write=function(b,a,c,d,e){this.type=b;if(3==this.type)this.saltValue=d,this.hashAlgorithm=a,this.count=16+(e&15)<<(e>>4)+6,this.s2kLength=10;return this.produce_key(c)};
this.produce_key=function(b,a){var b=util.encode_utf8(b),c;if(0==this.type)c=openpgp_crypto_hashData(this.hashAlgorithm,b);else if(1==this.type)c=openpgp_crypto_hashData(this.hashAlgorithm,this.saltValue+b);else if(3==this.type){c=[];for(c[0]=this.saltValue+b;c.length*(this.saltValue+b).length<this.count;)c.push(this.saltValue+b);c=c.join("");c.length>this.count&&(c=c.substr(0,this.count));c=a&&(24==a||32==a)?openpgp_crypto_hashData(this.hashAlgorithm,c)+openpgp_crypto_hashData(this.hashAlgorithm,

97
src/ciphers/openpgp.crypto.js
View File

@ -27,25 +27,33 @@
* if elgamal encryption an array of two openpgp_type_mpi is returned; otherwise null
*/
function openpgp_crypto_asymetricEncrypt(algo, publicMPIs, data) {
switch(algo) {
case 1: // RSA (Encrypt or Sign) [HAC]
case 2: // RSA Encrypt-Only [HAC]
case 3: // RSA Sign-Only [HAC]
var rsa = new RSA();
var n = publicMPIs[0].toBigInteger();
var e = publicMPIs[1].toBigInteger();
var m = data.toBigInteger();
return [rsa.encrypt(m,e,n)];
case 16: // Elgamal (Encrypt-Only) [ELGAMAL] [HAC]
var elgamal = new Elgamal();
var p = publicMPIs[0].toBigInteger();
var g = publicMPIs[1].toBigInteger();
var y = publicMPIs[2].toBigInteger();
var m = data.toBigInteger();
return elgamal.encrypt(m,g,p,y);
default:
return null;
}
var result = (function() {
switch(algo) {
case 1: // RSA (Encrypt or Sign) [HAC]
case 2: // RSA Encrypt-Only [HAC]
case 3: // RSA Sign-Only [HAC]
var rsa = new RSA();
var n = publicMPIs[0].toBigInteger();
var e = publicMPIs[1].toBigInteger();
var m = data.toBigInteger();
return [rsa.encrypt(m,e,n)];
case 16: // Elgamal (Encrypt-Only) [ELGAMAL] [HAC]
var elgamal = new Elgamal();
var p = publicMPIs[0].toBigInteger();
var g = publicMPIs[1].toBigInteger();
var y = publicMPIs[2].toBigInteger();
var m = data.toBigInteger();
return elgamal.encrypt(m,g,p,y);
default:
return [];
}
})();
return result.map(function(bn) {
var mpi = new openpgp_type_mpi();
mpi.fromBigInteger(bn);
return mpi;
});
}
/**
@ -57,32 +65,37 @@ function openpgp_crypto_asymetricEncrypt(algo, publicMPIs, data) {
* @param {openpgp_type_mpi[]} secretMPIs Algorithm dependent multiprecision integers
* of the private key used
* @param {openpgp_type_mpi} data Data to be encrypted as MPI
* @return {BigInteger} returns a big integer containing the decrypted data; otherwise null
* @return {openpgp_type_mpi} returns a big integer containing the decrypted data; otherwise null
*/
function openpgp_crypto_asymetricDecrypt(algo, publicMPIs, secretMPIs, dataMPIs) {
switch(algo) {
case 1: // RSA (Encrypt or Sign) [HAC]
case 2: // RSA Encrypt-Only [HAC]
case 3: // RSA Sign-Only [HAC]
var rsa = new RSA();
var d = secretMPIs[0].toBigInteger();
var p = secretMPIs[1].toBigInteger();
var q = secretMPIs[2].toBigInteger();
var u = secretMPIs[3].toBigInteger();
var m = dataMPIs[0].toBigInteger();
return rsa.decrypt(m, d, p, q, u);
case 16: // Elgamal (Encrypt-Only) [ELGAMAL] [HAC]
var elgamal = new Elgamal();
var x = secretMPIs[0].toBigInteger();
var c1 = dataMPIs[0].toBigInteger();
var c2 = dataMPIs[1].toBigInteger();
var p = publicMPIs[0].toBigInteger();
return elgamal.decrypt(c1,c2,p,x);
default:
return null;
}
var bn = (function() {
switch(algo) {
case 1: // RSA (Encrypt or Sign) [HAC]
case 2: // RSA Encrypt-Only [HAC]
case 3: // RSA Sign-Only [HAC]
var rsa = new RSA();
var d = secretMPIs[0].toBigInteger();
var p = secretMPIs[1].toBigInteger();
var q = secretMPIs[2].toBigInteger();
var u = secretMPIs[3].toBigInteger();
var m = dataMPIs[0].toBigInteger();
return rsa.decrypt(m, d, p, q, u);
case 16: // Elgamal (Encrypt-Only) [ELGAMAL] [HAC]
var elgamal = new Elgamal();
var x = secretMPIs[0].toBigInteger();
var c1 = dataMPIs[0].toBigInteger();
var c2 = dataMPIs[1].toBigInteger();
var p = publicMPIs[0].toBigInteger();
return elgamal.decrypt(c1,c2,p,x);
default:
return null;
}
})();
var result = new openpgp_type_mpi();
result.fromBigInteger(bn);
return result;
}
/**

39
src/packet/public_key_encrypted_session_key.js
View File

@ -60,9 +60,7 @@ function openpgp_packet_public_key_encrypted_session_key() {
}
this.version = bytes[0].charCodeAt();
this.public_key_id.read_packet(bytes, 1);
this.public_key_algorithm = bytes[9].charCodeAt();
var i = 10;
@ -73,16 +71,15 @@ function openpgp_packet_public_key_encrypted_session_key() {
case openpgp.publickey.rsa_encrypt_sign:
this.encrypted = [];
this.encrypted[0] = new openpgp_type_mpi();
this.encrypted[0].read(bytes, i, bytes.length - i);
this.encrypted[0].read(bytes.substr(i));
break;
case openpgp.publickey.elgamal:
this.encrypted = [];
this.encrypted[0] = new openpgp_type_mpi();
this.encrypted[0].read(bytes, i, bytes.length - i);
i += this.encrypted[0].packetLength;
i += this.encrypted[0].read(bytes.substr(i));
this.encrypted[1] = new openpgp_type_mpi();
this.encrypted[1].read(bytes, i, bytes.length - i);
this.encrypted[1].read(bytes.substr(i));
break;
default:
@ -118,7 +115,7 @@ function openpgp_packet_public_key_encrypted_session_key() {
result += String.fromCharCode(this.public_key_algorithm);
for ( var i = 0; i < this.encrypted.length; i++) {
result += this.encrypted[i].toBin();
result += this.encrypted[i].write()
}
return result;
@ -133,20 +130,14 @@ function openpgp_packet_public_key_encrypted_session_key() {
data += String.fromCharCode((checksum) & 0xFF);
var mpi = new openpgp_type_mpi();
mpi.fromBytes(openpgp_encoding_eme_pkcs1_encode(
data,
public_key_mpi[0].byteLength()));
var encrypted = openpgp_crypto_asymetricEncrypt(
this.encrypted = openpgp_crypto_asymetricEncrypt(
this.public_key_algorithm,
public_key_mpi,
mpi.create(openpgp_encoding_eme_pkcs1_encode(data,
public_key_mpi[0].mpiByteLength)));
// TODO: fix this - make openpgp_crypto_ interfaces uniform
this.encrypted = encrypted.map(function(k) {
var mpi = new openpgp_type_mpi;
var b = k.toMPI();
mpi.read(b, 0, b.length);
return mpi;
});
mpi);
}
/**
@ -164,16 +155,16 @@ function openpgp_packet_public_key_encrypted_session_key() {
this.public_key_algorithm,
public_key_mpi,
private_key_mpi,
this.encrypted).toMPI();
this.encrypted).toBytes();
var checksum = ((result.charCodeAt(result.length - 2) << 8) + result
.charCodeAt(result.length - 1));
var checksum = ((result.charCodeAt(result.length - 2) << 8)
+ result.charCodeAt(result.length - 1));
var decoded = openpgp_encoding_eme_pkcs1_decode(
result.substring(2, result.length - 2),
public_key_mpi[0].getByteLength());
result,
public_key_mpi[0].byteLength());
var key = decoded.substring(1);
var key = decoded.substring(1, decoded.length - 2);
if(checksum != util.calc_checksum(key)) {
util.print_error("Checksum mismatch");

106
src/type/openpgp.type.mpi.js → src/type/mpi.js
View File

@ -31,10 +31,9 @@
* actual integer.
*/
function openpgp_type_mpi() {
this.MPI = null;
this.mpiBitLength = null;
this.mpiByteLength = null;
/** An implementation dependent integer */
this.data = null;
/**
* Parsing function for a mpi (RFC 4880 3.2).
* @param {String} input Payload of mpi data
@ -44,10 +43,8 @@ function openpgp_type_mpi() {
* input at position
* @return {openpgp_type_mpi} Object representation
*/
function read(input, position, len) {
var mypos = position;
this.mpiBitLength = (input[mypos++].charCodeAt() << 8) | input[mypos++].charCodeAt();
this.read = function(bytes) {
var bits = (bytes[0].charCodeAt() << 8) | bytes[1].charCodeAt();
// Additional rules:
//
@ -59,77 +56,50 @@ function openpgp_type_mpi() {
// TODO: Verification of this size method! This size calculation as
// specified above is not applicable in JavaScript
this.mpiByteLength = (this.mpiBitLength - (this.mpiBitLength % 8)) / 8;
if (this.mpiBitLength % 8 != 0)
this.mpiByteLength++;
var bytelen = Math.ceil(bits / 8);
this.MPI = input.substring(mypos,mypos+this.mpiByteLength);
this.data = input.substring(position, position+2+this.mpiByteLength);
this.packetLength = this.mpiByteLength +2;
return this;
}
/**
* Generates debug output (pretty print)
* @return {String} String which gives some information about the mpi
*/
function toString() {
var r = " MPI("+this.mpiBitLength+"b/"+this.mpiByteLength+"B) : 0x";
r+=util.hexstrdump(this.MPI);
return r+'\n';
}
/**
* Converts the mpi to an BigInteger object
* @return {BigInteger}
*/
function getBigInteger() {
return new BigInteger(util.hexstrdump(this.MPI),16);
var raw = bytes.substr(2, bytelen);
this.fromBytes(raw);
return 2 + bytelen;
}
function getBits(num) {
for (var i = 0; i < 9; i++)
if (num >> i == 0)
return i;
this.fromBytes = function(bytes) {
this.data = new BigInteger(util.hexstrdump(bytes), 16);
}
/**
* Gets the length of the mpi in bytes
* @return {Integer} Mpi byte length
*/
function getByteLength() {
return this.mpiByteLength;
this.toBytes = function() {
return this.write().substr(2);
}
/**
* Creates an mpi from the specified string
* @param {String} data Data to read the mpi from
* @return {openpgp_type_mpi}
*/
function create(data) {
this.MPI = data;
this.mpiBitLength = (data.length -1) *8 + getBits(data.charCodeAt(0));
this.mpiByteLength = data.length;
return this;
this.byteLength = function() {
return this.toBytes().length;
}
/**
* Converts the mpi object to a string as specified in RFC4880 3.2
* @return {String} mpi Byte representation
*/
function toBin() {
var result = String.fromCharCode((this.mpiBitLength >> 8) & 0xFF);
result += String.fromCharCode(this.mpiBitLength & 0xFF);
result += this.MPI;
return result;
this.write = function() {
return this.data.toMPI();
}
this.toBigInteger = function() {
return this.data.clone();
}
this.fromBigInteger = function(bn) {
this.data = bn.clone();
}
/**
* Generates debug output (pretty print)
* @return {String} String which gives some information about the mpi
*/
this.toString = function() {
var r = " MPI("+this.mpiBitLength+"b/"+this.mpiByteLength+"B) : 0x";
r+=util.hexstrdump(this.MPI);
return r+'\n';
}
this.read = read;
this.toBigInteger = getBigInteger;
this.toString = toString;
this.create = create;
this.toBin = toBin;
this.getByteLength = getByteLength;
}

4
src/type/openpgp.type.keyid.js
View File

@ -24,6 +24,10 @@
formed.
*/
function openpgp_type_keyid() {
var bytes = '';
for(var i = 0; i < 8; i++)
bytes += String.fromCharCode(0);
/**
* Parsing method for a key id
* @param {String} input Input to read the key id from

20
test/general/packet.js
View File

@ -38,6 +38,8 @@ unittests.register("Packet testing", function() {
enc.packets.push(literal);
enc.encrypt(algo, key);
msg.push(enc);
var msg2 = new openpgp_packetlist();
msg2.read(msg.write());
@ -82,16 +84,22 @@ unittests.register("Packet testing", function() {
key = rsa.generate(512, "10001")
var key = [[key.d.toMPI(), key.p.toMPI(), key.q.toMPI(), key.u.toMPI()],
[key.n.toMPI(), key.ee.toMPI()]];
var key = [
[key.d, key.p, key.q, key.u],
[key.n, key.ee]];
key = key.map(function(k) {
return k.map(function(v) {
return k.map(function(bn) {
var mpi = new openpgp_type_mpi();
mpi.read(v, 0, v.length);
mpi.fromBigInteger(bn);
return mpi;
});
});
var mpi = new openpgp_type_mpi();
mpi.fromBigInteger(key[0][1].data);
mpi.read(mpi.write());
var enc = new openpgp_packet_public_key_encrypted_session_key(),
msg = new openpgp_packetlist(),
msg2 = new openpgp_packetlist();
@ -113,6 +121,8 @@ unittests.register("Packet testing", function() {
msg2[0].symmetric_algorithm == enc.symmetric_algorithm);
}];
tests.reverse();
var results = [];
for(var i in tests) {
@ -121,4 +131,4 @@ unittests.register("Packet testing", function() {
return results;
})
});