tweb/public/1.be65fe07ae68c59d9fe4.worker.js.map


			
				
					
						
						
						
							
							
							{"version":3,"sources":["webpack:///./src/lib/crypto/srp.ts"],"names":["error","makePasswordHash","password","client_salt","server_salt","clientSaltString","i","length","String","fromCharCode","buffer","sha256Hash","hash","pbkdf2","Uint8Array","computeSRP","state","isNew","algo","new_algo","current_algo","p","B","srp_B","g","pw_hash","salt1","salt2","x","padArray","arr","len","fill","Array","concat","slice","pForHash","gForHash","b_for_hash","v","flipper","out","k","k_v","is_good_mod_exp_first","modexp","prime","diff","Math","floor","g_b","a","a_for_hash","u","secure_random","A","s","generate_and_check_random","ux","a_ux","S","K","h1","h2","buff","M1","_","srp_id"],"mappings":"geASY,YAAO,MAAO,IAAUA,OAI7B,SAAeC,EAAiBC,EAAkBC,EAAyBC,G,yCAChF,IAAIC,EAAmB,GACvB,IAAI,IAAIC,EAAI,EAAGA,EAAIH,EAAYI,OAAQD,IAAKD,GAAoBG,OAAOC,aAAaN,EAAYG,IAEhG,IAAII,QAAoB,IAAaC,WAAWN,EAAmBH,EAAWG,GAG9EK,EAAS,YAAcN,EAAaM,EAAQN,GAE5CM,QAAe,IAAaC,WAAWD,GAGvC,IAAIE,QAAa,IAAaC,OAAO,IAAIC,WAAWJ,GAASP,EAAa,KAQ1E,OALAS,EAAO,YAAcR,EAAaQ,EAAMR,GAExCM,QAAe,IAAaC,WAAWC,GAGhCF,KAGF,SAAeK,EAAWb,EAAkBc,EAAwBC,G,yCACzE,MAAMC,EAAQD,EAAQD,EAAMG,SAAWH,EAAMI,aAGvCC,EAAI,YAAW,YAAWH,EAAKG,GAAI,IACnCC,EAAI,YAAW,YAAWN,EAAMO,OAAQ,IACxCC,EAAI,YAAWN,EAAKM,EAAG,GAAI,KAyB3BC,QAAgBxB,EAAiBC,EAAU,IAAIY,WAAWI,EAAKQ,OAAQ,IAAIZ,WAAWI,EAAKS,QAC3FC,EAAI,YAAW,YAAW,IAAId,WAAWW,IAAW,IAIpDI,EAAW,SAASC,EAAYC,EAAaC,EAAO,GACxD,OAAOC,MAAMF,GAAKC,KAAKA,GAAME,OAAOJ,GAAKK,OAAOJ,IAG5CK,EAAWP,EAAS,YAAa,YAAWR,EAAG,KAAM,KACrDgB,EAAWR,EAAS,YAAa,YAAWL,EAAG,KAAM,KACrDc,EAAaT,EAAS,YAAa,YAAWP,EAAG,KAAM,KAMvDiB,EAAI,YAAOf,EAAGI,EAAGP,GAEjBmB,EAAWV,IACf,MAAMW,EAAM,IAAI3B,WAAWgB,EAAIvB,QAC/B,IAAI,IAAID,EAAI,EAAGA,EAAIwB,EAAIvB,OAAQD,GAAK,EAClCmC,EAAInC,GAAKwB,EAAIxB,EAAI,GACjBmC,EAAInC,EAAI,GAAKwB,EAAIxB,EAAI,GACrBmC,EAAInC,EAAI,GAAKwB,EAAIxB,EAAI,GACrBmC,EAAInC,EAAI,GAAKwB,EAAIxB,GAGnB,OAAOmC,GAIT,GAAGxB,EAAO,CAER,OAAOY,EADO,YAAa,YAAWU,EAAG,KAC2B,KAKtE,IAAIG,QAAe,IAAa/B,WAAW,YAAayB,EAAUC,IAClEK,EAAI,YAAW,YAAW,IAAI5B,WAAW4B,IAAK,IAK9C,MAAMC,EAAM,YAAI,YAAKD,EAAGH,GAAIlB,GAMtBuB,EAAwB,CAACC,EAAaC,KAC1C,MAAMC,EAAO,YAAID,EAAOD,GAGxB,QAAG,YAASE,IACV,YAAQA,GAHkB,MAI1B,YAAQF,GAJkB,MAK1BG,KAAKC,OAAO,YAAQJ,GAAU,GAAK,GAJZ,MAiC3B,IAWIK,GAXA,EAACC,EAAC,WAAEC,EAAU,EAAEC,QAxBc,KAAW,EAAD,gCAC1C,OAAY,CACV,MAAMF,EAAI,YAAW,YAAWX,EAAQxB,EAAMsC,gBAAiB,IAOzDC,EAAI,YAAO/B,EAAG2B,EAAG9B,GAEvB,GAAGuB,EAAsBW,EAAGlC,GAAI,CAC9B,MAAM+B,EAAa,YAAa,YAAWG,EAAG,KAExCC,QAAe,IAAa7C,WAChC,YAAa,IAAIG,WAAWsC,GAAa,IAAItC,WAAWwB,KACpDe,EAAI,YAAW,YAAW,IAAIvC,WAAW0C,IAAK,IACpD,IAAI,YAAOH,KAAO,YAASA,GACzB,MAAO,CAACF,IAAGC,aAAYC,UAMAI,GAexBP,EAHH,YAAQ5B,EAAGqB,GAGFrB,EADL,YAAIA,EAAGD,GAEf6B,EAAM,YAAI,YAAIA,EAAKP,GAAMtB,GASzB,IAAIqC,EAAK,YAAKL,EAAGzB,GAEb+B,EAAO,YAAIR,EAAGO,GACdE,EAAI,YAAOV,EAAKS,EAAMtC,GAEtBwC,QAAU,IAAalD,WAAWkB,EAAS,YAAa,YAAW+B,EAAG,KAAM,MAI5EE,QAAW,IAAanD,WAAWyB,GACnC2B,QAAW,IAAapD,WAAW0B,GACvCyB,EAAK,YAAS,IAAIhD,WAAWgD,GAAK,IAAIhD,WAAWiD,IAEjD,IAAIC,EAAO,YAAcF,QACjB,IAAanD,WAAWO,EAAKQ,aAC7B,IAAaf,WAAWO,EAAKS,OACnCyB,EACAd,EACAuB,GAGEI,QAAgB,IAAatD,WAAWqD,GAW5C,MATU,CACRE,EAAG,wBACHC,OAAQnD,EAAMmD,OACdZ,EAAG,IAAIzC,WAAWsC,GAClBa,GAAI,IAAInD,WAAWmD","file":"1.be65fe07ae68c59d9fe4.worker.js","sourcesContent":["import CryptoWorker from \"../crypto/cryptoworker\";\r\nimport {str2bigInt, isZero,\r\n  bigInt2str, powMod, int2bigInt, mult, mod, sub, bitSize, negative, add, greater} from '../../vendor/leemon';\r\n\r\nimport {logger, LogLevels} from '../logger';\r\nimport { AccountPassword, PasswordKdfAlgo } from \"../../layer\";\r\nimport { bufferConcats, bytesToHex, bytesFromHex, bufferConcat, bytesXor } from \"../../helpers/bytes\";\r\n//import { MOUNT_CLASS_TO } from \"../../config/debug\";\r\n\r\nconst log = logger('SRP', LogLevels.error);\r\n\r\n//MOUNT_CLASS_TO && Object.assign(MOUNT_CLASS_TO, {str2bigInt, bigInt2str, int2bigInt});\r\n\r\nexport async function makePasswordHash(password: string, client_salt: Uint8Array, server_salt: Uint8Array): Promise<number[]> {\r\n  let clientSaltString = '';\r\n  for(let i = 0; i < client_salt.length; i++) clientSaltString += String.fromCharCode(client_salt[i]);\r\n  \r\n  let buffer: any = await CryptoWorker.sha256Hash(clientSaltString + password + clientSaltString);\r\n  //log('encoded 1', bytesToHex(new Uint8Array(buffer)));\r\n\r\n  buffer = bufferConcats(server_salt, buffer, server_salt);\r\n\r\n  buffer = await CryptoWorker.sha256Hash(buffer);\r\n  //log('encoded 2', buffer, bytesToHex(new Uint8Array(buffer)));\r\n\r\n  let hash = await CryptoWorker.pbkdf2(new Uint8Array(buffer), client_salt, 100000);\r\n  //log('encoded 3', hash, bytesToHex(new Uint8Array(hash)));\r\n\r\n  hash = bufferConcats(server_salt, hash, server_salt);\r\n\r\n  buffer = await CryptoWorker.sha256Hash(hash);\r\n  //log('got password hash:', buffer, bytesToHex(new Uint8Array(buffer)));\r\n\r\n  return buffer;\r\n}\r\n\r\nexport async function computeSRP(password: string, state: AccountPassword, isNew: boolean) {\r\n  const algo = (isNew ? state.new_algo : state.current_algo) as PasswordKdfAlgo.passwordKdfAlgoSHA256SHA256PBKDF2HMACSHA512iter100000SHA256ModPow;\r\n  //console.log('computeSRP:', password, state, isNew, algo);\r\n\r\n  const p = str2bigInt(bytesToHex(algo.p), 16);\r\n  const B = str2bigInt(bytesToHex(state.srp_B), 16);\r\n  const g = int2bigInt(algo.g, 32, 256);\r\n\r\n  //log('p', bigInt2str(p, 16));\r\n  //log('B', bigInt2str(B, 16));\r\n\r\n  /* if(B.compareTo(BigInteger.ZERO) < 0) {\r\n    console.error('srp_B < 0')\r\n  }\r\n\r\n  if(B.compareTo(p) <= 0) {\r\n    console.error('srp_B <= p');\r\n  } */\r\n\r\n  /* let check_prime_and_good = (bytes: any, g: number) => {\r\n    let good_prime = 'c71caeb9c6b1c9048e6c522f70f13f73980d40238e3e21c14934d037563d930f48198a0aa7c14058229493d22530f4dbfa336f6e0ac925139543aed44cce7c3720fd51f69458705ac68cd4fe6b6b13abdc9746512969328454f18faf8c595f642477fe96bb2a941d5bcd1d4ac8cc49880708fa9b378e3c4f3a9060bee67cf9a4a4a695811051907e162753b56b0f6b410dba74d8a84b2a14b3144e0ef1284754fd17ed950d5965b4b9dd46582db1178d169c6bc465b0d6ff9ca3928fef5b9ae4e418fc15e83ebea0f87fa9ff5eed70050ded2849f47bf959d956850ce929851f0d8115f635b105ee2e4e15d04b2454bf6f4fadf034b10403119cd8e3b92fcc5b';\r\n    \r\n    if(bytesToHex(bytes) === good_prime && [3, 4, 5, 7].indexOf(g) !== -1) {\r\n      return true;\r\n    }\r\n\r\n    // TO-DO check_prime_and_good_check\r\n  }; */\r\n\r\n  //check_prime_and_good(algo.p, g);\r\n\r\n  const pw_hash = await makePasswordHash(password, new Uint8Array(algo.salt1), new Uint8Array(algo.salt2));\r\n  const x = str2bigInt(bytesToHex(new Uint8Array(pw_hash)), 16);\r\n\r\n  //log('computed pw_hash:', pw_hash, x, bytesToHex(new Uint8Array(pw_hash)));\r\n\r\n  const padArray = function(arr: any[], len: number, fill = 0) {\r\n    return Array(len).fill(fill).concat(arr).slice(-len);\r\n  };\r\n\r\n  const pForHash = padArray(bytesFromHex(bigInt2str(p, 16)), 256);\r\n  const gForHash = padArray(bytesFromHex(bigInt2str(g, 16)), 256); // like uint8array\r\n  const b_for_hash = padArray(bytesFromHex(bigInt2str(B, 16)), 256);\r\n\r\n  /* log(bytesToHex(pForHash));\r\n  log(bytesToHex(gForHash));\r\n  log(bytesToHex(b_for_hash)); */\r\n\r\n  const v = powMod(g, x, p);\r\n\r\n  const flipper = (arr: Uint8Array | number[]) => {\r\n    const out = new Uint8Array(arr.length);\r\n    for(let i = 0; i < arr.length; i += 4) {\r\n      out[i] = arr[i + 3];\r\n      out[i + 1] = arr[i + 2];\r\n      out[i + 2] = arr[i + 1];\r\n      out[i + 3] = arr[i];\r\n    }\r\n  \r\n    return out;\r\n  };\r\n\r\n  // * https://core.telegram.org/api/srp#setting-a-new-2fa-password\r\n  if(isNew) {\r\n    const bytes = bytesFromHex(bigInt2str(v, 16));\r\n    return padArray(/* (isBigEndian ? bytes.reverse() : bytes) */bytes, 256);\r\n  }\r\n\r\n  //log('g_x', bigInt2str(g_x, 16));\r\n\r\n  let k: any = await CryptoWorker.sha256Hash(bufferConcat(pForHash, gForHash));\r\n  k = str2bigInt(bytesToHex(new Uint8Array(k)), 16);\r\n\r\n  //log('k', bigInt2str(k, 16));\r\n\r\n  // kg_x = (k * g_x) % p\r\n  const k_v = mod(mult(k, v), p);\r\n\r\n  // good\r\n\r\n  //log('kg_x', bigInt2str(kg_x, 16));\r\n\r\n  const is_good_mod_exp_first = (modexp: any, prime: any) => {\r\n    const diff = sub(prime, modexp);\r\n    const min_diff_bits_count = 2048 - 64;\r\n    const max_mod_exp_size = 256;\r\n    if(negative(diff) ||\r\n      bitSize(diff) < min_diff_bits_count || \r\n      bitSize(modexp) < min_diff_bits_count || \r\n      Math.floor((bitSize(modexp) + 7) / 8) > max_mod_exp_size)\r\n        return false;\r\n    return true;\r\n  };\r\n\r\n  const generate_and_check_random = async() => {\r\n    while(true) {\r\n      const a = str2bigInt(bytesToHex(flipper(state.secure_random)), 16);\r\n      //const a = str2bigInt('9153faef8f2bb6da91f6e5bc96bc00860a530a572a0f45aac0842b4602d711f8bda8d59fb53705e4ae3e31a3c4f0681955425f224297b8e9efd898fec22046debb7ba8a0bcf2be1ada7b100424ea318fdcef6ccfe6d7ab7d978c0eb76a807d4ab200eb767a22de0d828bc53f42c5a35c2df6e6ceeef9a3487aae8e9ef2271f2f6742e83b8211161fb1a0e037491ab2c2c73ad63c8bd1d739de1b523fe8d461270cedcf240de8da75f31be4933576532955041dc5770c18d3e75d0b357df9da4a5c8726d4fced87d15752400883dc57fa1937ac17608c5446c4774dcd123676d683ce3a1ab9f7e020ca52faafc99969822717c8e07ea383d5fb1a007ba0d170cb', 16);\r\n\r\n      //console.log('ITERATION');\r\n\r\n      //log('g a p', bigInt2str(g, 16), bigInt2str(a, 16), bigInt2str(p, 16));\r\n\r\n      const A = powMod(g, a, p);\r\n      //log('A MODPOW', bigInt2str(A, 16));\r\n      if(is_good_mod_exp_first(A, p)) {\r\n        const a_for_hash = bytesFromHex(bigInt2str(A, 16));\r\n\r\n        const s: any = await CryptoWorker.sha256Hash(\r\n          bufferConcat(new Uint8Array(a_for_hash), new Uint8Array(b_for_hash)));\r\n        const u = str2bigInt(bytesToHex(new Uint8Array(s)), 16);\r\n        if(!isZero(u) && !negative(u))\r\n          return {a, a_for_hash, u};\r\n      } \r\n    }\r\n  }\r\n    \r\n\r\n  let {a, a_for_hash, u} = await generate_and_check_random();\r\n\r\n  /* log('a', bigInt2str(a, 16));\r\n  log('a_for_hash', bytesToHex(a_for_hash));\r\n  log('u', bigInt2str(u, 16)); */\r\n\r\n  // g_b = (B - kg_x) % p\r\n  /* log('B - kg_x', bigInt2str(sub(B, kg_x), 16));\r\n  log('subtract', bigInt2str(B, 16), bigInt2str(kg_x, 16));\r\n  log('B - kg_x', bigInt2str(sub(B, kg_x), 16)); */\r\n\r\n  let g_b;\r\n  if(!greater(B, k_v)) {\r\n    //log('negative');\r\n    g_b = add(B, p);\r\n  } else g_b = B;\r\n  g_b = mod(sub(g_b, k_v), p);\r\n  /* let g_b = sub(B, kg_x);\r\n  if(negative(g_b)) g_b = add(g_b, p); */\r\n  \r\n  //log('g_b', bigInt2str(g_b, 16));\r\n\r\n  /* if(!is_good_mod_exp_first(g_b, p))\r\n    throw new Error('bad g_b'); */\r\n\r\n  let ux = mult(u, x);\r\n  //log('u and x multiply', bigInt2str(u, 16), bigInt2str(x, 16), bigInt2str(ux, 16));\r\n  let a_ux = add(a, ux);\r\n  let S = powMod(g_b, a_ux, p);\r\n\r\n  let K = await CryptoWorker.sha256Hash(padArray(bytesFromHex(bigInt2str(S, 16)), 256));\r\n\r\n  //log('K', bytesToHex(K), new Uint32Array(new Uint8Array(K).buffer));\r\n\r\n  let h1 = await CryptoWorker.sha256Hash(pForHash);\r\n  let h2 = await CryptoWorker.sha256Hash(gForHash);\r\n  h1 = bytesXor(new Uint8Array(h1), new Uint8Array(h2));\r\n\r\n  let buff = bufferConcats(h1, \r\n    await CryptoWorker.sha256Hash(algo.salt1),\r\n    await CryptoWorker.sha256Hash(algo.salt2),\r\n    a_for_hash,\r\n    b_for_hash,\r\n    K\r\n  );\r\n\r\n  let M1: any = await CryptoWorker.sha256Hash(buff);\r\n\r\n  let out = {\r\n    _: 'inputCheckPasswordSRP', \r\n    srp_id: state.srp_id, \r\n    A: new Uint8Array(a_for_hash), \r\n    M1: new Uint8Array(M1) \r\n  };\r\n\r\n\r\n  //log('out', bytesToHex(out.A), bytesToHex(out.M1));\r\n  return out;\r\n  \r\n  /* console.log(gForHash, pForHash, bForHash); */\r\n}\r\n"],"sourceRoot":""}
						
						
					
				
				
					
						Reference in New Issue
					
					View Git Blame
					Copy Permalink