2014-12-13 19:56:14 +01:00
|
|
|
/**
|
2015-01-03 11:29:22 +01:00
|
|
|
* Isomorphic Bitmessage crypto module. Reexports platform-dependent
|
2015-01-31 12:51:35 +01:00
|
|
|
* implementations and also some common routines.
|
2014-12-18 17:47:18 +01:00
|
|
|
* @module bitmessage/crypto
|
2014-12-13 19:56:14 +01:00
|
|
|
*/
|
|
|
|
|
|
|
|
"use strict";
|
|
|
|
|
2014-12-27 16:17:41 +01:00
|
|
|
var eccrypto = require("eccrypto");
|
2015-01-22 01:00:58 +01:00
|
|
|
var assert = require("./_util").assert;
|
2015-01-03 11:29:22 +01:00
|
|
|
var platform = require("./platform");
|
2014-12-26 18:17:01 +01:00
|
|
|
|
2015-02-01 14:10:03 +01:00
|
|
|
var PPromise = platform.Promise;
|
2015-01-22 01:00:58 +01:00
|
|
|
|
2015-01-03 11:29:22 +01:00
|
|
|
/**
|
2015-01-16 16:35:40 +01:00
|
|
|
* Calculate SHA-1 hash.
|
2015-01-03 11:29:22 +01:00
|
|
|
* @param {Buffer} buf - Input data
|
2015-01-03 15:52:27 +01:00
|
|
|
* @return {Buffer} Resulting hash.
|
2015-01-03 11:29:22 +01:00
|
|
|
* @function
|
2015-01-22 01:00:58 +01:00
|
|
|
* @static
|
2015-01-03 11:29:22 +01:00
|
|
|
*/
|
2015-01-22 01:00:58 +01:00
|
|
|
var sha1 = exports.sha1 = platform.sha1;
|
2015-01-03 11:29:22 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Calculate SHA-256 hash.
|
|
|
|
* @param {Buffer} buf - Input data
|
2015-01-03 15:52:27 +01:00
|
|
|
* @return {Buffer} Resulting hash.
|
2015-01-03 11:29:22 +01:00
|
|
|
* @function
|
|
|
|
*/
|
|
|
|
exports.sha256 = platform.sha256;
|
|
|
|
|
2015-01-16 16:35:40 +01:00
|
|
|
/**
|
|
|
|
* Calculate SHA-512 hash.
|
|
|
|
* @param {Buffer} buf - Input data
|
|
|
|
* @return {Buffer} Resulting hash.
|
|
|
|
* @function
|
|
|
|
*/
|
|
|
|
exports.sha512 = platform.sha512;
|
|
|
|
|
2015-01-03 11:29:22 +01:00
|
|
|
/**
|
|
|
|
* Calculate RIPEMD-160 hash.
|
|
|
|
* @param {Buffer} buf - Input data
|
2015-01-03 15:52:27 +01:00
|
|
|
* @return {Buffer} Resulting hash.
|
2015-01-03 11:29:22 +01:00
|
|
|
* @function
|
|
|
|
*/
|
|
|
|
exports.ripemd160 = platform.ripemd160;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Generate cryptographically strong pseudo-random data.
|
|
|
|
* @param {number} size - Number of bytes
|
|
|
|
* @return {Buffer} Buffer with random data.
|
|
|
|
* @function
|
|
|
|
*/
|
|
|
|
exports.randomBytes = platform.randomBytes;
|
2014-12-27 16:17:41 +01:00
|
|
|
|
|
|
|
/**
|
2015-02-10 15:59:49 +01:00
|
|
|
* Generate a new random private key.
|
2014-12-27 16:17:41 +01:00
|
|
|
* @return {Buffer} New private key.
|
|
|
|
*/
|
|
|
|
exports.getPrivate = function() {
|
2015-01-03 11:29:22 +01:00
|
|
|
return platform.randomBytes(32);
|
2014-12-27 16:17:41 +01:00
|
|
|
};
|
|
|
|
|
2014-12-30 18:00:28 +01:00
|
|
|
/**
|
2015-01-15 23:43:15 +01:00
|
|
|
* Generate public key for the given private key.
|
|
|
|
* @param {Buffer} privateKey - A 32-byte private key
|
|
|
|
* @return {Buffer} A 65-byte (uncompressed) public key.
|
2014-12-30 18:00:28 +01:00
|
|
|
* @function
|
|
|
|
*/
|
2014-12-27 16:17:41 +01:00
|
|
|
exports.getPublic = eccrypto.getPublic;
|
2015-01-22 01:00:58 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Sign message using ecdsa-with-sha1 scheme.
|
|
|
|
* @param {Buffer} privateKey - A 32-byte private key
|
2015-01-31 12:51:35 +01:00
|
|
|
* @param {Buffer} msg - The message being signed
|
2015-01-22 01:00:58 +01:00
|
|
|
* @return {Promise.<Buffer>} A promise that contains signature in DER
|
|
|
|
* format when fulfilled.
|
|
|
|
*/
|
|
|
|
exports.sign = function(privateKey, msg) {
|
|
|
|
var hash = sha1(msg);
|
|
|
|
return eccrypto.sign(privateKey, hash);
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Verify signature using ecdsa-with-sha1 scheme.
|
|
|
|
* @param {Buffer} publicKey - A 65-byte public key
|
2015-01-31 12:51:35 +01:00
|
|
|
* @param {Buffer} msg - The message being verified
|
2015-01-22 01:00:58 +01:00
|
|
|
* @param {Buffer} sig - The signature in DER format
|
2015-02-10 15:59:49 +01:00
|
|
|
* @return {Promise.<null>} A promise that resolves on correct signature
|
|
|
|
* and rejects on bad key or signature.
|
2015-01-22 01:00:58 +01:00
|
|
|
*/
|
|
|
|
exports.verify = function(publicKey, msg, sig) {
|
|
|
|
var hash = sha1(msg);
|
|
|
|
return eccrypto.verify(publicKey, hash, sig);
|
|
|
|
};
|
|
|
|
|
|
|
|
var SECP256K1_TYPE = 714;
|
|
|
|
|
|
|
|
// We define this structure here to avoid circular imports. However we
|
|
|
|
// rexport and document it in `structs` module for consistency.
|
|
|
|
var encrypted = exports.encrypted = {
|
|
|
|
decode: function(buf) {
|
|
|
|
assert(buf.length >= 118, "Buffer is too small");
|
|
|
|
assert(buf.readUInt16BE(16, true) === SECP256K1_TYPE, "Bad curve type");
|
|
|
|
assert(buf.readUInt16BE(18, true) === 32, "Bad Rx length");
|
|
|
|
assert(buf.readUInt16BE(52, true) === 32, "Bad Ry length");
|
2023-01-03 05:17:21 +01:00
|
|
|
var iv = Buffer.alloc(16);
|
2015-01-22 01:00:58 +01:00
|
|
|
buf.copy(iv, 0, 0, 16);
|
2023-01-03 05:17:21 +01:00
|
|
|
var ephemPublicKey = Buffer.alloc(70);
|
2023-01-03 04:02:21 +01:00
|
|
|
buf.copy(ephemPublicKey, 0, 16, 86);
|
2015-01-22 01:00:58 +01:00
|
|
|
// NOTE(Kagami): We do copy instead of slice to protect against
|
|
|
|
// possible source buffer modification by user.
|
2023-01-03 05:17:21 +01:00
|
|
|
var ciphertext = Buffer.alloc(buf.length - 118);
|
2015-01-22 01:00:58 +01:00
|
|
|
buf.copy(ciphertext, 0, 86, buf.length - 32);
|
2023-01-03 05:17:21 +01:00
|
|
|
var mac = Buffer.alloc(32);
|
2015-01-22 01:00:58 +01:00
|
|
|
buf.copy(mac, 0, buf.length - 32);
|
|
|
|
return {
|
|
|
|
iv: iv,
|
|
|
|
ephemPublicKey: ephemPublicKey,
|
|
|
|
ciphertext: ciphertext,
|
|
|
|
mac: mac,
|
|
|
|
};
|
|
|
|
},
|
|
|
|
|
|
|
|
encode: function(opts) {
|
|
|
|
assert(opts.iv.length === 16, "Bad IV");
|
2023-01-03 04:02:21 +01:00
|
|
|
assert(opts.ephemPublicKey.length === 70, "Bad public key");
|
|
|
|
assert(
|
|
|
|
opts.ephemPublicKey.readUInt16BE(0, true) === SECP256K1_TYPE,
|
|
|
|
"Bad curve type");
|
2015-01-22 01:00:58 +01:00
|
|
|
assert(opts.mac.length === 32, "Bad MAC");
|
2023-01-03 04:02:21 +01:00
|
|
|
return Buffer.concat(
|
|
|
|
[opts.iv, opts.ephemPublicKey, opts.ciphertext, opts.mac]);
|
2015-01-22 01:00:58 +01:00
|
|
|
},
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Encrypt message for given recepient's public key.
|
|
|
|
* @param {Buffer} publicKeyTo - Recipient's public key (65 bytes)
|
|
|
|
* @param {Buffer} msg - The message being encrypted
|
2015-02-10 19:22:13 +01:00
|
|
|
* @param {Object=} opts - You may also specify initialization vector
|
|
|
|
* and ephemeral private key to get deterministic results
|
|
|
|
* @param {Buffer} opts.iv - Initialization vector (16 bytes)
|
|
|
|
* @param {Buffer} opts.ephemPrivateKey - Ephemeral private key (32
|
|
|
|
* bytes)
|
|
|
|
* @return {Promise.<Buffer>} A promise that resolves with the buffer in
|
|
|
|
* `encrypted` format successful encryption and rejects on failure.
|
2015-01-22 01:00:58 +01:00
|
|
|
*/
|
|
|
|
exports.encrypt = function(publicKeyTo, msg, opts) {
|
|
|
|
return eccrypto.encrypt(publicKeyTo, msg, opts).then(function(encObj) {
|
|
|
|
return encrypted.encode(encObj);
|
|
|
|
});
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Decrypt message using given private key.
|
|
|
|
* @param {Buffer} privateKey - A 32-byte private key of recepient of
|
|
|
|
* the mesage
|
2015-01-31 12:51:35 +01:00
|
|
|
* @param {Buffer} buf - Encrypted data
|
2015-02-10 19:22:13 +01:00
|
|
|
* @return {Promise.<Buffer>} A promise that resolves with the plaintext
|
|
|
|
* on successful decryption and rejects on failure.
|
2015-01-22 01:00:58 +01:00
|
|
|
*/
|
|
|
|
exports.decrypt = function(privateKey, buf) {
|
2015-02-01 14:10:03 +01:00
|
|
|
return new PPromise(function(resolve) {
|
2015-01-22 01:00:58 +01:00
|
|
|
var encObj = encrypted.decode(buf);
|
|
|
|
resolve(eccrypto.decrypt(privateKey, encObj));
|
|
|
|
});
|
|
|
|
};
|