Encrypted encode/decode

README.md

@@ -25,13 +25,13 @@ API documentation is available [here](https://bitchan.github.io/bitmessage/docs/
   - [ ] ECIES
   - [ ] AES-256-CBC
   - [ ] HMAC-SHA-256
-- [ ] Common structures
+- [x] Common structures
   - [x] message
   - [x] var_int
   - [x] var_str
   - [x] var_int_list
   - [x] net_addr
-  - [ ] encrypted
+  - [x] encrypted
   - [x] message encodings
   - [x] service features
   - [x] pubkey features

lib/structs.js

@@ -3,6 +3,7 @@
  * @see {@link https://bitmessage.org/wiki/Protocol_specification#Common_structures}
  * @module bitmessage/structs
  */
+// TODO(Kagami): Find a way how to document object params properly.
 
 "use strict";
 
@@ -59,7 +60,10 @@ var message = exports.message = {
     assert(payloadLength <= 262144, "Payload is too big");
     var checksum = buf.slice(20, 24);
     var length = 24 + payloadLength;
-    var payload = buf.slice(24, length);
+    // NOTE(Kagami): We do copy instead of slice to protect against
+    // possible source buffer modification by user.
+    var payload = new Buffer(payloadLength);
+    buf.copy(payload, 0, 24, length);
     assert(bufferEqual(checksum, getmsgchecksum(payload)), "Bad checkum");
     var rest = buf.slice(length);
     return {command: command, payload: payload, length: length, rest: rest};
@@ -347,10 +351,9 @@ exports.net_addr = {
   /**
    * Decode `net_addr`.
    * @param {Buffer} buf - A buffer that contains encoded `net_addr`
-   * @param {?{short: boolean}} opts - Decode options
+   * @param {?Object} opts - Decode options
    * @return {Object} Decoded `net_addr` structure.
    */
-  // TODO(Kagami): Document options and structure.
   decode: function(buf, opts) {
     var short = !!(opts || {}).short;
     var res = {};
@@ -381,7 +384,6 @@ exports.net_addr = {
    * `net_addr` used in version message
    * @return {Buffer} Encoded `net_addr`.
    */
-  // TODO(Kagami): Document options.
   encode: function(opts) {
     // Be aware of `Buffer.slice` quirk in browserify:
     // <http://git.io/lNZF1A> (does not modify parent buffer's memory in
@@ -407,6 +409,67 @@ exports.net_addr = {
   },
 };
 
+var SECP256K1_TYPE = 714;
+
+/**
+ * Encrypted payload.
+ * @see {@link https://bitmessage.org/wiki/Protocol_specification#Encrypted_payload}
+ * @namespace
+ */
+exports.encrypted = {
+  /**
+   * Decode encrypted payload.
+   * @param {Buffer} buf - A buffer that contains encrypted payload
+   * @return {Object} Decoded encrypted structure.
+   */
+  decode: function(buf) {
+    assert(buf.length >= 118, "Buffer is too small");
+    assert(buf.readUInt16BE(16, true) === SECP256K1_TYPE, "Bad curve type");
+    assert(buf.readUInt16BE(18, true) === 32, "Bad Rx length");
+    assert(buf.readUInt16BE(52, true) === 32, "Bad Ry length");
+    var iv = new Buffer(16);
+    buf.copy(iv, 0, 0, 16);
+    var ephemPublicKey = new Buffer(65);
+    ephemPublicKey[0] = 0x04;
+    buf.copy(ephemPublicKey, 1, 20, 52);
+    buf.copy(ephemPublicKey, 33, 54, 86);
+    // NOTE(Kagami): We do copy instead of slice to protect against
+    // possible source buffer modification by user.
+    var cipherText = new Buffer(buf.length - 118);
+    buf.copy(cipherText, 0, 86, buf.length - 32);
+    var mac = new Buffer(32);
+    buf.copy(mac, 0, buf.length - 32);
+    return {
+      iv: iv,
+      ephemPublicKey: ephemPublicKey,
+      cipherText: cipherText,
+      mac: mac,
+    };
+  },
+
+  /**
+   * Encode `encrypted`.
+   * @param {Object} opts - Encode options
+   * @return {Buffer} Encoded encrypted payload.
+   */
+  encode: function(opts) {
+    assert(opts.iv.length === 16, "Bad IV");
+    assert(opts.ephemPublicKey.length === 65, "Bad public key");
+    assert(opts.mac.length === 32, "Bad MAC");
+    // 16 + 2 + 2 + 32 + 2 + 32 + ? + 32
+    var buf = new Buffer(118 + opts.cipherText.length);
+    opts.iv.copy(buf);
+    buf.writeUInt16BE(SECP256K1_TYPE, 16, true);  // Curve type
+    buf.writeUInt16BE(32, 18, true);  // Rx length
+    opts.ephemPublicKey.copy(buf, 20, 1, 33);  // Rx
+    buf.writeUInt16BE(32, 52, true);  // Ry length
+    opts.ephemPublicKey.copy(buf, 54, 33);  // Ry
+    opts.cipherText.copy(buf, 86);
+    opts.mac.copy(buf, 86 + opts.cipherText.length);
+    return buf;
+  },
+};
+
 /**
  * Message encodings. Extends {@link var_int} by adding known encoding type
  * constants.

test.js

@@ -3,6 +3,7 @@ var allTests = typeof window === "undefined" ?
                !!process.env.ALL_TESTS :
                window.ALL_TESTS;
 
+var bufferEqual = require("buffer-equal");
 var bmcrypto = require("./lib/crypto");
 var bitmessage = require("./lib");
 var structs = bitmessage.structs;
@@ -11,6 +12,7 @@ var var_int = structs.var_int;
 var var_str = structs.var_str;
 var var_int_list = structs.var_int_list;
 var net_addr = structs.net_addr;
+var encrypted = structs.encrypted;
 var messageEncodings = structs.messageEncodings;
 var serviceFeatures = structs.serviceFeatures;
 var pubkeyFeatures = structs.pubkeyFeatures;
@@ -209,6 +211,30 @@ describe("Common structures", function() {
     });
   });
 
+  describe("Encrypted", function() {
+    it("should encode and decode", function() {
+      var iv = Buffer(16);
+      var ephemPublicKey = Buffer(65);
+      ephemPublicKey[0] = 0x04;
+      var cipherText = Buffer("test");
+      var mac = Buffer(32);
+      var inopts = {
+        iv: iv,
+        ephemPublicKey: ephemPublicKey,
+        cipherText: cipherText,
+        mac: mac,
+      };
+
+      var encoded = encrypted.encode(inopts);
+      expect(encoded.length).to.equal(122);
+      var outopts = encrypted.decode(encoded);
+      expect(bufferEqual(iv, outopts.iv)).to.be.true;
+      expect(bufferEqual(ephemPublicKey, outopts.ephemPublicKey)).to.be.true;
+      expect(cipherText.toString()).to.equal("test");
+      expect(bufferEqual(mac, outopts.mac)).to.be.true;
+    });
+  });
+
   describe("Message encodings", function() {
     it("should decode", function() {
       expect(messageEncodings.decode(Buffer([2])).value).to.equal(messageEncodings.SIMPLE);