BigInt in ActionScript 3.0

Recently I have been working on an ActionScript 3.0 (aka Adobe AIR) implementation of SSH for my PlayBook. Why? you may ask. Well, partly for the hell of it, partly to learn AIR/ActionScript (a bit of a grotesque language, but that’s for another post)), and partly because there isn’t one available at this time and I want to be able to admin some boxen from wherever I happen to be.

Unfortunately, the PlayBook currently doesn’t make its crypto APIs available to the public via ActionScript. Which is annoying. Not to be put off however, I cast around for some alternatives.

There are some ActionScript crypt libraries already out there (notably AS3Crypto: http://code.google.com/p/as3crypto/) however unfortuately that doesn’t support Diffie-Hellman. So, back to first principles…

My maths is veeeery rusty though, and rather than re-invent the wheel regarding “g^x mod p” etc, I looked around for a BigInt library. Again, AS3Crypto has some support, however their version of the above operation only works if x is an int – hardly useful when x is a big-ass secret ideally some 512+ bits long.

Eventually my eyes lighted on http://www.leemon.com. Leemon Baird has implemented BigInt in JavaScript, and it seemed to fit. Fancying one more challenge, I took that code, and ported it to AS3.

The .js implementation handles bigInt’s as arrays. However, as it’s .js, there’s no typesafe-ness. So I added that, wrapping it into a class (BigInt). The internals are a bit disgusting, as I have ultimately created a private property ‘val’ which is an array, which all the private leemon-methods operate on.

Thus far it seems to work – Diffie Hellman completes correctly in my SSH implementation, and 3DES works. It’s entirely possible that I’ve introduced some bugs however – if anyone has any bigInt test cases they’d like me to run against, I’m more than willing.

Anyway, I now release this library to the world. Do (or not) as you see fit. The file is being hosted in my public dropbox (www.dropbox.com) as there’s no way to host .as or .txt files on wordpress (bad wordpress!).

Enjoy! And please let me know if you use it.

The code can be found here: http://dl.dropbox.com/u/26653792/BigInt.as

About these ads

10 thoughts on “BigInt in ActionScript 3.0

  1. Great job, thanks a lot! I’m quite new to serious cryptography but I wanted to implement Diffie-Hellman in AS and so came across your BigInt library. But now I’m having problmes during the very first steps. I can’t seem to generate a prime with more than 22 bits. Do you think it might be possibe to have a peek at your D-H code?

    • Absolutely. It can be found here: http://dl.dropbox.com/u/26653792/DiffieHellman.as

      It’s a bit gross I’m afraid – I hadn’t gotten around to cleaning it up. The main methods you’ll want are getE() and getK() – not much to them. I’ve only implemented a couple of specific prime/generators – just enough for SSH. My prime generation for the actual key is done elsewhere, and I can’t seem to find the code that does it.

      If you could share some sample code, I’m happy to try to debug, but it’ll be in 2-3 weeks time (just about to travel for work). Which BigInt method are you using to generate the prime? I presume randTruePrime()? What happens when k>22 (i.e. more than 22 bits)? It’s entirely possible I made an error when porting the library.

      • Wow, that was quick. Thank you!

        Yes, I used randTruePrime()
        and actually it happens with k>20

        what I get is a null-Object reference
        at BigInt$/copyInt_()[C:\dev\flash\classes\BigInt.as:1115]

        With k<=20 it spits out primes like a charm, though!

        If I understood what you're doing there, I'd try to fix it myself, but I don't :)
        Please no hurry, this is a non-work fun project for some crypto-geeks ;)

        Travel Safely!

  2. Great work, I’m using your BigInt class and the as3Crypto library to exchange (D-H) keys and encrypt (AES) AMF traffic with a java backend.

    I had a small snag with the “private static function millerRabin_(x:Array,b:Array):Boolean” to generate some random primes. It tried to reference the val field of the Array’s passed in. I modified it just use the passed in arrays, this seemed to work fine.

    • Apologies – I’ve stopped using Dropbox and completely forgot about my public links. I’ll upload to github and will comment again when done. Will try to do it today sometime.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s