Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
SRP6JavascriptClientSession.prototype.computeU = function(Astr, Bstr) {
"use strict";
//console.log("SRP6JavascriptClientSession.prototype.computeU");
this.check(Astr, "Astr");
this.check(Bstr, "Bstr");
/* jshint ignore:start */
var output = this.H(Astr+Bstr);
//console.log("js raw u:"+output);
var u = new BigInteger(""+output,16);
//console.log("js u:"+this.toHex(u));
if( BigInteger.ZERO.equals(u) ) {
throw new Error("SRP6Exception bad shared public value 'u' as u==0");
}
return u;
/* jshint ignore:end */
};
SRP6JavascriptServerSession.prototype.computeU = function(Astr, Bstr) {
"use strict";
//console.log("SRP6JavascriptServerSession.prototype.computeU");
this.check(Astr, "Astr");
this.check(Bstr, "Bstr");
/* jshint ignore:start */
var output = this.H(Astr+Bstr);
//console.log("js raw u:"+output);
var u = new BigInteger(""+output,16);
//console.log("js u:"+this.toHex(u));
if( BigInteger.ZERO.equals(u) ) {
throw new Error("SRP6Exception bad shared public value 'u' as u==0");
}
return u;
/* jshint ignore:end */
};
this.check(s, "s");
//console.log("s:" + s);
this.check(BB, "BB");
//console.log("BB:" + BB);
if( this.state !== this.STEP_1 ) {
throw new Error("IllegalStateException not in state STEP_1");
}
// this is checked when passed to computeSessionKey
this.B = this.fromHex(BB);
var ZERO = null;
/* jshint ignore:start */
ZERO = BigInteger.ZERO;
/* jshint ignore:end */
if (this.B.mod(this.N()).equals(ZERO)) {
throw new Error("SRP6Exception bad server public value 'B' as B == 0 (mod N)");
}
//console.log("k:" + this.k);
// this is checked when passed to computeSessionKey
var x = this.generateX(s, this.I, this.P);
//console.log("x:" + x);
// blank the password as there is no reason to keep it around in memory.
this.P = null;
//console.log("N:"+this.toHex(this.N).toString(16));
function secp192k1() {
// p = 2^192 - 2^32 - 2^12 - 2^8 - 2^7 - 2^6 - 2^3 - 1
var p = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37");
var a = BigInteger.ZERO;
var b = fromHex("3");
//byte[] S = null;
var n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D");
var h = BigInteger.ONE;
var curve = new ECCurveFp(p, a, b);
var G = curve.decodePointHex("04"
+ "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D"
+ "9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D");
return new X9ECParameters(curve, G, n, h);
}
let q;
let p;
do {
q = await Utils.getBigPrimeAsync(primeBits - 1);
p = q.shiftLeft(1).add(BigInt.ONE);
} while (!p.isProbablePrime());
let g;
do {
// Avoid g=2 because of Bleichenbacher's attack
g = await Utils.getRandomBigIntAsync(new BigInt('3'), p);
} while (
g.modPowInt(2, p).equals(BigInt.ONE) ||
g.modPow(q, p).equals(BigInt.ONE) ||
// g|p-1
p.subtract(BigInt.ONE).remainder(g).equals(BigInt.ZERO) ||
// g^(-1)|p-1 (evades Khadir's attack)
p.subtract(BigInt.ONE).remainder(g.modInverse(p)).equals(BigInt.ZERO)
);
// Generate private key
const x = await Utils.getRandomBigIntAsync(
Utils.BIG_TWO,
p.subtract(BigInt.ONE)
);
// Generate public key
const y = g.modPow(x, p);
return new ElGamal(p, g, y, x);
}
function secp160k1() {
// p = 2^160 - 2^32 - 2^14 - 2^12 - 2^9 - 2^8 - 2^7 - 2^3 - 2^2 - 1
var p = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73");
var a = BigInteger.ZERO;
var b = fromHex("7");
//byte[] S = null;
var n = fromHex("0100000000000000000001B8FA16DFAB9ACA16B6B3");
var h = BigInteger.ONE;
var curve = new ECCurveFp(p, a, b);
var G = curve.decodePointHex("04"
+ "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB"
+ "938CF935318FDCED6BC28286531733C3F03C4FEE");
return new X9ECParameters(curve, G, n, h);
}
function pointFpEquals(other) {
if(other == this) return true;
if(this.isInfinity()) return other.isInfinity();
if(other.isInfinity()) return this.isInfinity();
var u, v;
// u = Y2 * Z1 - Y1 * Z2
u = other.y.toBigInteger().multiply(this.z).subtract(this.y.toBigInteger().multiply(other.z)).mod(this.curve.q);
if(!u.equals(BigInteger.ZERO)) return false;
// v = X2 * Z1 - X1 * Z2
v = other.x.toBigInteger().multiply(this.z).subtract(this.x.toBigInteger().multiply(other.z)).mod(this.curve.q);
return v.equals(BigInteger.ZERO);
}
function pointFpAdd(b) {
if(this.isInfinity()) return b;
if(b.isInfinity()) return this;
// u = Y2 * Z1 - Y1 * Z2
var u = b.y.toBigInteger().multiply(this.z).subtract(this.y.toBigInteger().multiply(b.z)).mod(this.curve.q);
// v = X2 * Z1 - X1 * Z2
var v = b.x.toBigInteger().multiply(this.z).subtract(this.x.toBigInteger().multiply(b.z)).mod(this.curve.q);
if(BigInteger.ZERO.equals(v)) {
if(BigInteger.ZERO.equals(u)) {
return this.twice(); // this == b, so double
}
return this.curve.getInfinity(); // this = -b, so infinity
}
var THREE = new BigInteger("3");
var x1 = this.x.toBigInteger();
var y1 = this.y.toBigInteger();
var x2 = b.x.toBigInteger();
var y2 = b.y.toBigInteger();
var v2 = v.square();
var v3 = v2.multiply(v);
var x1v2 = x1.multiply(v2);
var zu2 = u.square().multiply(this.z);
do {
q = await Utils.getBigPrimeAsync(primeBits - 1);
p = q.shiftLeft(1).add(BigInt.ONE);
} while (!p.isProbablePrime());
let g;
do {
// Avoid g=2 because of Bleichenbacher's attack
g = await Utils.getRandomBigIntAsync(new BigInt('3'), p);
} while (
g.modPowInt(2, p).equals(BigInt.ONE) ||
g.modPow(q, p).equals(BigInt.ONE) ||
// g|p-1
p.subtract(BigInt.ONE).remainder(g).equals(BigInt.ZERO) ||
// g^(-1)|p-1 (evades Khadir's attack)
p.subtract(BigInt.ONE).remainder(g.modInverse(p)).equals(BigInt.ZERO)
);
// Generate private key
const x = await Utils.getRandomBigIntAsync(
Utils.BIG_TWO,
p.subtract(BigInt.ONE)
);
// Generate public key
const y = g.modPow(x, p);
return new ElGamal(p, g, y, x);
}
function generateSecretKey(session, packet) {
const cipherPublicKey = packet.readString();
const sharedKey = HabboEncryption.calculateDiffieHellmanSharedKey(cipherPublicKey);
if (sharedKey.equals(BigInteger.ZERO)) {
return;
}
session.enableRC4(sharedKey.toByteArray());
session.sendPacket(new CompleteDiffieHandshakeComposer(HabboEncryption.PublicKey.toString()));
}