[Pkg-javascript-commits] [node-diffie-hellman] 28/88: less self generation tests, better mimic the node api, and check the primes
Bastien Roucariès
rouca at moszumanska.debian.org
Thu May 4 10:19:14 UTC 2017
This is an automated email from the git hooks/post-receive script.
rouca pushed a commit to branch master
in repository node-diffie-hellman.
commit 90bcb11aa3c94b47b29b5ed4fce087354c4a2009
Author: Calvin Metcalf <calvin.metcalf at state.ma.us>
Date: Sun Nov 16 14:22:50 2014 -0500
less self generation tests, better mimic the node api, and check the primes
---
dh.js | 82 +++++++++++++++++++++++++++++++++++++++++++++++++++++---
generatePrime.js | 4 +--
inject.js | 32 ++++++++++++++++------
test.js | 45 ++++++++++++++++++++++++-------
4 files changed, 141 insertions(+), 22 deletions(-)
diff --git a/dh.js b/dh.js
index c76864e..ec93aed 100644
--- a/dh.js
+++ b/dh.js
@@ -1,5 +1,12 @@
var BN = require('bn.js');
-
+var MillerRabin = require('miller-rabin');
+var millerRabin = new MillerRabin();
+var TWENTYFOUR = new BN(24);
+var ELEVEN = new BN(11);
+var TEN = new BN(10);
+var THREE = new BN(3);
+var SEVEN = new BN(7);
+var primes = require('./generatePrime');
module.exports = DH;
function setPublicKey(pub, enc) {
enc = enc || 'utf8';
@@ -15,15 +22,84 @@ function setPrivateKey(priv, enc) {
}
this._priv = new BN(priv);
}
-function DH(prime, crypto, malleable) {
- this.setGenerator(new Buffer([2]));
+var primeCache = {};
+function checkPrime(prime, generator) {
+ var gen = generator.toString('hex');
+ var hex = [gen, prime.toString(16)].join('_');
+ if (hex in primeCache) {
+ return primeCache[hex];
+ }
+ var error = 0;
+
+ if (prime.isEven() ||
+ !primes.simpleSieve ||
+ !primes.fermatTest(prime) ||
+ !millerRabin.test(prime)) {
+ //not a prime so +1
+ error += 1;
+
+ if (gen === '02' || gen === '05') {
+ // we'd be able to check the generator
+ // it would fail so +8
+ error += 8;
+ } else {
+ //we wouldn't be able to test the generator
+ // so +4
+ error += 4;
+ }
+ primeCache[hex] = error;
+ return error;
+ }
+ if (!millerRabin.test(prime.shrn(1))) {
+ //not a safe prime
+ error += 2;
+ }
+ var gen = generator.toString('hex');
+ var rem;
+ switch (gen) {
+ case '02':
+ if (prime.mod(TWENTYFOUR).cmp(ELEVEN)) {
+ // unsuidable generator
+ error += 8;
+ }
+ break;
+ case '05':
+ rem = prime.mod(TEN);
+ if (rem.cmp(THREE) && rem.cmp(SEVEN)) {
+ // prime mod 10 needs to equal 3 or 7
+ error += 8;
+ }
+ break;
+ default:
+ error += 4;
+ }
+ primeCache[hex] = error;
+ return error;
+}
+function defineError (self, error) {
+ try {
+ Object.defineProperty(self, 'verifyError', {
+ enumerable: true,
+ value: error,
+ writable: false
+ });
+ } catch(e) {
+ self.verifyError = error;
+ }
+}
+function DH(prime, generator,crypto, malleable) {
+ this.setGenerator(generator);
this.__prime = new BN(prime);
this._prime = BN.mont(this.__prime);
this._pub = void 0;
this._priv = void 0;
+
if (malleable) {
this.setPublicKey = setPublicKey;
this.setPrivateKey = setPrivateKey;
+ defineError(this, checkPrime(this.__prime, generator));
+ } else {
+ defineError(this, 8);
}
this._makeNum = function makeNum() {
return crypto.randomBytes(192);
diff --git a/generatePrime.js b/generatePrime.js
index 44be34e..cc97c43 100644
--- a/generatePrime.js
+++ b/generatePrime.js
@@ -1,6 +1,7 @@
module.exports = findPrime;
-
+findPrime.simpleSieve = simpleSieve;
+findPrime.fermatTest = fermatTest;
var BN = require('bn.js');
var TWENTYFOUR = new BN(24);
var MillerRabin = require('miller-rabin');
@@ -96,7 +97,6 @@ function findPrime(bits, crypto) {
continue;
}
if (millerRabin.test(num)) {
- console.log('found in', runs);
return num;
}
num.iadd(TWENTYFOUR);
diff --git a/inject.js b/inject.js
index 6261e38..49eb8f0 100644
--- a/inject.js
+++ b/inject.js
@@ -2,17 +2,33 @@ var primes = require('./primes.json');
var DH = require('./dh');
var generatePrime = require('./generatePrime');
module.exports = function (crypto, exports) {
- exports.getDiffieHellman = function (mod) {
- return new DH(new Buffer(primes[mod].prime, 'hex'), crypto);
- };
- exports.createDiffieHellman = function (prime, enc) {
+ exports.DiffieHellmanGroup =
+ exports.createDiffieHellmanGroup =
+ exports.getDiffieHellman = DiffieHellmanGroup;
+ function DiffieHellmanGroup(mod) {
+ return new DH(new Buffer(primes[mod].prime, 'hex'),
+ new Buffer(primes[mod].gen, 'hex'), crypto);
+ }
+ exports.createDiffieHellman = exports.DiffieHellman = DiffieHellman;
+ function DiffieHellman(prime, enc, generator, genc) {
if (typeof prime === 'number') {
- return new DH(generatePrime(prime, crypto), crypto, true);
+ return new DH(generatePrime(prime, crypto), new Buffer([2]), crypto, true);
+ }
+ if (Buffer.isBuffer(enc) ||
+ (typeof enc === 'string' && ['hex', 'binary', 'base64'].indexOf(enc) === -1)) {
+ genc = generator;
+ generator = enc
+ enc = void 0;
}
- enc = enc || 'utf8';
+ enc = enc || 'binary';
+ genc = genc || 'binary';
+ generator = generator || new Buffer([2]);
if (!Buffer.isBuffer(prime)) {
prime = new Buffer(prime, enc);
}
- return new DH(prime, crypto, true);
+ if (!Buffer.isBuffer(generator)) {
+ generator = new Buffer(generator, genc);
+ }
+ return new DH(prime, generator, crypto, true);
};
-};
\ No newline at end of file
+}
\ No newline at end of file
diff --git a/test.js b/test.js
index 5f14f2c..19d7928 100644
--- a/test.js
+++ b/test.js
@@ -9,6 +9,8 @@ var mods = [
var lens = [
64, 65, 128, 384, 512, 1024,
192, 224, 256];
+ var lens2 = [
+ 64, 65, 128];
function run(i) {
mods.forEach(function (mod) {
test(mod + ' run ' + i, function (t){
@@ -83,14 +85,39 @@ function bylen2(t) {
test('create primes', function (t) {
var f = bylen(t);
- lens.forEach(f);
+ lens2.forEach(f);
});
-// test('create primes other way', function (t) {
-// var f = bylen2(t);
-// lens.forEach(f);
-// });
-// var i = 0;
-// while (++i < 2) {
-// run(i);
-// }
\ No newline at end of file
+test('create primes other way', function (t) {
+ var f = bylen2(t);
+ lens.forEach(f);
+ });
+var i = 0;
+while (++i < 2) {
+ run(i);
+}
+function isNode10() {
+ return process.version && process.version.split('.').length === 3 && parseInt(process.version.split('.')[1], 10) <= 10;
+}
+if (!isNode10()) {
+ test('check errors', function (t) {
+ t.plan(5);
+ var p1 = new Buffer('db10e7f61adcc193', 'hex');
+ var p2 = new Buffer('db10e7f61adcc194', 'hex');
+ var dh1 = myCrypto.createDiffieHellman(p1);
+ var dh2 = nodeCrypto.createDiffieHellman(p1);
+ t.equals(dh1.verifyError, dh2.verifyError, 'same error for good prime');
+ dh1 = myCrypto.createDiffieHellman(p2);
+ dh2 = nodeCrypto.createDiffieHellman(p2);
+ t.equals(dh1.verifyError, dh2.verifyError, 'same error for bad prime');
+ dh1 = myCrypto.createDiffieHellman(p2, new Buffer([7]));
+ dh2 = nodeCrypto.createDiffieHellman(p2, new Buffer([7]));
+ t.equals(dh1.verifyError, dh2.verifyError, 'same error for bad prime non testable generator');
+ dh1 = myCrypto.createDiffieHellman(p1.toString('hex'), 'hex', new Buffer([5]));
+ dh2 = nodeCrypto.createDiffieHellman(p1.toString('hex'), 'hex', new Buffer([5]));
+ t.equals(dh1.verifyError, dh2.verifyError, 'same error for good prime wrong generator');
+ dh1 = myCrypto.createDiffieHellman(p1, new Buffer([11]).toString('hex'), 'hex');
+ dh2 = nodeCrypto.createDiffieHellman(p1, new Buffer([11]).toString('hex'), 'hex');
+ t.equals(dh1.verifyError, dh2.verifyError, 'same error for good prime non testable generator');
+ });
+}
\ No newline at end of file
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-javascript/node-diffie-hellman.git
More information about the Pkg-javascript-commits
mailing list