SecureBitChat/securebit-chat
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix: replace modulo with bitwise mask in crypto random

Browse Source
This commit is contained in:
lockbitchat
2025-10-20 01:02:07 -04:00
parent 63a19e6a4c
commit a7a5861e0a
3 changed files with 38 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
dist/app-boot.js vendored
View File

@@ -8198,36 +8198,24 @@ var EnhancedSecureWebRTCManager = class _EnhancedSecureWebRTCManager {
if (!Number.isInteger(min) || !Number.isInteger(max)) {
throw new Error("getSafeRandomInt requires integer min and max");
}
if (min >= max) {
throw new Error("min must be less than max");
}
const range = max - min + 1;
if (range <= 0) throw new Error("Invalid range");
if (range <= 256) {
const threshold2 = 256 - 256 % range;
let randomValue2;
do {
randomValue2 = crypto.getRandomValues(new Uint8Array(1))[0];
} while (randomValue2 >= threshold2);
return min + randomValue2 % range;
}
if (range <= 65536) {
const maxValue = 65536;
const threshold2 = maxValue - maxValue % range;
let randomValue2;
do {
const randomBytes = crypto.getRandomValues(new Uint8Array(2));
randomValue2 = randomBytes[0] << 8 | randomBytes[1];
} while (randomValue2 >= threshold2);
return min + randomValue2 % range;
}
const maxUint32 = 4294967296;
const threshold = maxUint32 - maxUint32 % range;
const bitsNeeded = Math.ceil(Math.log2(range));
const bytesNeeded = Math.ceil(bitsNeeded / 8);
const mask = (1 << bitsNeeded) - 1;
let randomValue;
do {
const randomBytes = crypto.getRandomValues(new Uint8Array(4));
randomValue = (randomBytes[0] << 24 | randomBytes[1] << 16 | randomBytes[2] << 8 | randomBytes[3]) >>> 0;
} while (randomValue >= threshold);
return min + randomValue % range;
const randomBytes = crypto.getRandomValues(new Uint8Array(bytesNeeded));
randomValue = 0;
for (let i = 0; i < bytesNeeded; i++) {
randomValue = randomValue * 256 + randomBytes[i];
}
randomValue = randomValue & mask;
} while (randomValue >= range);
return min + randomValue;
}
// Safe helper: unbiased float in [minFloat, maxFloat] with scale
getSafeRandomFloat(minFloat, maxFloat, scale = 1e3) {
if (typeof minFloat !== "number" || typeof maxFloat !== "number") {
throw new Error("getSafeRandomFloat requires numeric min and max");
@@ -8240,12 +8228,10 @@ var EnhancedSecureWebRTCManager = class _EnhancedSecureWebRTCManager {
const intVal = this.getSafeRandomInt(minInt, maxInt);
return intVal / scale;
}
// Generate fingerprint mask
generateFingerprintMask() {
const mask = {
timingOffset: this.getSafeRandomInt(0, 1500),
sizeVariation: this.getSafeRandomFloat(0.75, 1.25, 1e3),
// изменен scale
noisePattern: Array.from(crypto.getRandomValues(new Uint8Array(64))),
headerVariations: [
"X-Client-Version",
@@ -8262,7 +8248,6 @@ var EnhancedSecureWebRTCManager = class _EnhancedSecureWebRTCManager {
],
noiseIntensity: this.getSafeRandomInt(50, 150),
sizeMultiplier: this.getSafeRandomFloat(0.75, 1.25, 1e3),
// изменен scale
timingVariation: this.getSafeRandomInt(100, 1100)
};
return mask;

6
dist/app-boot.js.map vendored
View File

File diff suppressed because one or more lines are too long

57
src/network/EnhancedSecureWebRTCManager.js
View File

@@ -4486,45 +4486,31 @@ this._secureLog('info', '🔒 Enhanced Mutex system fully initialized and valida
if (!Number.isInteger(min) || !Number.isInteger(max)) {
throw new Error('getSafeRandomInt requires integer min and max');
}
if (min >= max) {
throw new Error('min must be less than max');
}
const range = max - min + 1;
if (range <= 0) throw new Error('Invalid range');
if (range <= 256) {
const threshold = 256 - (256 % range);
let randomValue;
do {
randomValue = crypto.getRandomValues(new Uint8Array(1))[0];
} while (randomValue >= threshold);
return min + (randomValue % range);
}
if (range <= 65536) {
const maxValue = 65536;
const threshold = maxValue - (maxValue % range);
let randomValue;
do {
const randomBytes = crypto.getRandomValues(new Uint8Array(2));
randomValue = (randomBytes[0] << 8) | randomBytes[1];
} while (randomValue >= threshold);
return min + (randomValue % range);
}
const maxUint32 = 0x100000000; // 2^32
const threshold = maxUint32 - (maxUint32 % range);
const bitsNeeded = Math.ceil(Math.log2(range));
const bytesNeeded = Math.ceil(bitsNeeded / 8);
const mask = (1 << bitsNeeded) - 1;
let randomValue;
do {
const randomBytes = crypto.getRandomValues(new Uint8Array(4));
randomValue = ((randomBytes[0] << 24) |
(randomBytes[1] << 16) |
(randomBytes[2] << 8) |
randomBytes[3]) >>> 0;
} while (randomValue >= threshold);
return min + (randomValue % range);
const randomBytes = crypto.getRandomValues(new Uint8Array(bytesNeeded));
randomValue = 0;
for (let i = 0; i < bytesNeeded; i++) {
randomValue = (randomValue * 256) + randomBytes[i];
}
randomValue = randomValue & mask;
} while (randomValue >= range);
return min + randomValue;
}
// Safe helper: unbiased float in [minFloat, maxFloat] with scale
getSafeRandomFloat(minFloat, maxFloat, scale = 1000) {
if (typeof minFloat !== 'number' || typeof maxFloat !== 'number') {
throw new Error('getSafeRandomFloat requires numeric min and max');
@@ -4539,18 +4525,17 @@ this._secureLog('info', '🔒 Enhanced Mutex system fully initialized and valida
return intVal / scale;
}
// Generate fingerprint mask
generateFingerprintMask() {
const mask = {
timingOffset: this.getSafeRandomInt(0, 1500),
sizeVariation: this.getSafeRandomFloat(0.75, 1.25, 1000), // изменен scale
sizeVariation: this.getSafeRandomFloat(0.75, 1.25, 1000),
noisePattern: Array.from(crypto.getRandomValues(new Uint8Array(64))),
headerVariations: [
'X-Client-Version', 'X-Session-ID', 'X-Request-ID', 'X-Timestamp', 'X-Signature',
'X-Secure', 'X-Encrypted', 'X-Protected', 'X-Safe', 'X-Anonymous', 'X-Private'
],
noiseIntensity: this.getSafeRandomInt(50, 150),
sizeMultiplier: this.getSafeRandomFloat(0.75, 1.25, 1000), // изменен scale
sizeMultiplier: this.getSafeRandomFloat(0.75, 1.25, 1000),
timingVariation: this.getSafeRandomInt(100, 1100)
};
return mask;