Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- function getRandom( min, max ) {
- if( min > max ) {
- return( -1 );
- }
- if( min == max ) {
- return( min );
- }
- return( min + parseInt( Math.random() * ( max-min+1 ) ) );
- }
- /*
- Synchronous xmlHttpRequest/POST:
- */
- function xmlhttpPost(url, params) {
- var xmlHttp = null;
- try {
- // Mozilla, Opera, Safari sowie Internet Explorer (ab v7)
- xmlHttp = new XMLHttpRequest();
- } catch(e) {
- try {
- // MS Internet Explorer (ab v6)
- xmlHttp = new ActiveXObject("Microsoft.XMLHTTP");
- } catch(e) {
- try {
- // MS Internet Explorer (ab v5)
- xmlHttp = new ActiveXObject("Msxml2.XMLHTTP");
- } catch(e) {
- xmlHttp = null;
- }
- }
- }
- if (xmlHttp) {
- xmlHttp.open('POST', url, false);
- xmlHttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
- xmlHttp.setRequestHeader("Content-length", params.length);
- xmlHttp.setRequestHeader("Connection", "close");
- xmlHttp.send(params);
- return xmlHttp.responseText;
- } else {
- return false;
- }
- }
- /*
- INPUTS (Oakley Group 2)
- */
- p = "FFFFFFFF"+ "FFFFFFFF"+ "C90FDAA2"+ "2168C234"+ "C4C6628B"+ "80DC1CD1"+
- "29024E08"+ "8A67CC74"+ "020BBEA6"+ "3B139B22"+ "514A0879"+ "8E3404DD"+
- "EF9519B3"+ "CD3A431B"+ "302B0A6D"+ "F25F1437"+ "4FE1356D"+ "6D51C245"+
- "E485B576"+ "625E7EC6"+ "F44C42E9"+ "A637ED6B"+ "0BFF5CB6"+ "F406B7ED"+
- "EE386BFB"+ "5A899FA5"+ "AE9F2411"+ "7C4B1FE6"+ "49286651"+ "ECE65381"+
- "FFFFFFFF"+ "FFFFFFFF";
- g = "2";
- function send() {
- document.getElementById("success").style.display = "none";
- msgwdw = document.getElementById("messageWindow");
- if (msgwdw == null) {
- debug = false;
- } else {
- debug = true;
- }
- frmSubject = document.getElementById("subject").value;
- frmFrom = document.getElementById("senderName").value;
- // generate random r
- randomValue = new Clipperz.ByteArray();
- iv = new Clipperz.ByteArray();
- ctr = "";
- c = (128/8)
- for (i=0; i<c ; i++) {
- randomValue.appendByte(getRandom(0, 255));
- iv.appendByte(getRandom(0, 255));
- }
- for (i = 0; i < 8; i++) {
- ctr += getRandom(48, 57)
- }
- if (debug) msgwdw.innerHTML = "<strong>Own random:</strong><br /> "+randomValue.toHexString()+"<br />";
- // calculate dhU = g^r mod p
- pB = new Clipperz.Crypto.BigInt(p,16);
- gB = new Clipperz.Crypto.BigInt(g,10);
- randomB = new Clipperz.Crypto.BigInt(randomValue.toHexString(),16);
- dhUB = gB.powerModule(randomB, pB);
- // Send dhU and reqeust dhS
- dhSx = xmlhttpPost("securecontactform_rcv_en.jsp","type=getDH&dhU="+dhUB.asString(16)+"&ctr="+ctr+"&name="+frmFrom+"&subject="+frmSubject);
- if (debug) msgwdw.innerHTML = msgwdw.innerHTML+"<strong>Sent dhU:</strong><br /> 0x"+dhUB.asString(16)+"<br />";
- // calculate k = dhS^r mod p
- dhSB = new Clipperz.Crypto.BigInt(dhSx, 16);
- dhSB = new Clipperz.Crypto.BigInt("0x"+dhSx, 16);
- if (debug) msgwdw.innerHTML = msgwdw.innerHTML+"<strong>Received dhS:</strong><br /> 0x"+dhSB.asString(16)+"<br />";
- dhB = dhSB.powerModule(randomB, pB);
- dh = "0x"+dhB.asString(16);
- if (debug) msgwdw.innerHTML = msgwdw.innerHTML+"<strong>dh:</strong><br /> 0x"+dhB.asString(16)+"<br />";
- kS = dh.substr(0,34)
- // encryypt message c = aes(m,k) (128bit, mode: ofb)
- key = new Clipperz.ByteArray(kS,16);
- if (debug) msgwdw.innerHTML = msgwdw.innerHTML+"<strong>AES key:</strong><br /> "+kS+"<br />";
- plainText = document.getElementById("message").value;
- if (debug) msgwdw.innerHTML = msgwdw.innerHTML+"<strong>Plaintext:</strong><br /> "+plainText+"<br />";
- plainByte = new Clipperz.ByteArray(plainText);
- for (i=(plainByte.length() % 16); i<16 && i != 0;i++) {
- plainByte.appendByte("0");
- }
- numBlocks = Math.ceil(plainByte.length()/16)
- ivOrig = iv.clone();
- encPlain = new Clipperz.ByteArray();
- for (i = 0; i < numBlocks; i++) {
- iv = new Clipperz.ByteArray(
- Clipperz.Crypto.AES.encryptBlock(new Clipperz.Crypto.AES.Key({key:key}),
- iv.arrayValues()));
- for (j=0; j<16; j++) {
- encPlain.appendByte(iv.byteAtIndex(j) ^ plainByte.byteAtIndex((i*16)+j));
- }
- }
- //Send encrypted message
- xmlhttpPost("securecontactform_rcv_en.jsp","type=recvMsg&msg="+encPlain.toHexString().substr(2)+"&iv="+ivOrig.toHexString().substr(2));
- if (debug) msgwdw.innerHTML = msgwdw.innerHTML+"<strong>Sent encrypted message: </strong><br />"+numBlocks+"Blocks/ "+encPlain.length()+"Bytes/ "+encPlain.toHexString()+"<br />";
- document.getElementById("success").style.display = "inline";
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement