bitmessage-js/lib/crypto.js
2015-01-22 03:14:21 +03:00

175 lines
5.2 KiB
JavaScript

/**
* Isomorphic Bitmessage crypto module. Reexports platform-dependent
* implementations and and also some common routines.
* @module bitmessage/crypto
*/
"use strict";
var eccrypto = require("eccrypto");
var assert = require("./_util").assert;
var platform = require("./platform");
var promise = platform.promise;
/**
* Calculate SHA-1 hash.
* @param {Buffer} buf - Input data
* @return {Buffer} Resulting hash.
* @function
* @static
*/
var sha1 = exports.sha1 = platform.sha1;
/**
* Calculate SHA-256 hash.
* @param {Buffer} buf - Input data
* @return {Buffer} Resulting hash.
* @function
*/
exports.sha256 = platform.sha256;
/**
* Calculate SHA-512 hash.
* @param {Buffer} buf - Input data
* @return {Buffer} Resulting hash.
* @function
*/
exports.sha512 = platform.sha512;
/**
* Calculate RIPEMD-160 hash.
* @param {Buffer} buf - Input data
* @return {Buffer} Resulting hash.
* @function
*/
exports.ripemd160 = platform.ripemd160;
/**
* Generate cryptographically strong pseudo-random data.
* @param {number} size - Number of bytes
* @return {Buffer} Buffer with random data.
* @function
*/
exports.randomBytes = platform.randomBytes;
/**
* Generate new random private key.
* @return {Buffer} New private key.
*/
exports.getPrivate = function() {
return platform.randomBytes(32);
};
/**
* Generate public key for the given private key.
* @param {Buffer} privateKey - A 32-byte private key
* @return {Buffer} A 65-byte (uncompressed) public key.
* @function
*/
exports.getPublic = eccrypto.getPublic;
/**
* Sign message using ecdsa-with-sha1 scheme.
* @param {Buffer} privateKey - A 32-byte private key
* @msg {Buffer} msg - The message being signed
* @return {Promise.<Buffer>} A promise that contains signature in DER
* format when fulfilled.
*/
exports.sign = function(privateKey, msg) {
var hash = sha1(msg);
return eccrypto.sign(privateKey, hash);
};
/**
* Verify signature using ecdsa-with-sha1 scheme.
* @param {Buffer} publicKey - A 65-byte public key
* @msg {Buffer} msg - The message being verified
* @param {Buffer} sig - The signature in DER format
* @return {Promise.<undefined>} A promise that resolves on correct
* signature and rejects on bad key or signature.
*/
exports.verify = function(publicKey, msg, sig) {
var hash = sha1(msg);
return eccrypto.verify(publicKey, hash, sig);
};
var SECP256K1_TYPE = 714;
// We define this structure here to avoid circular imports. However we
// rexport and document it in `structs` module for consistency.
var encrypted = exports.encrypted = {
decode: function(buf) {
assert(buf.length >= 118, "Buffer is too small");
assert(buf.readUInt16BE(16, true) === SECP256K1_TYPE, "Bad curve type");
assert(buf.readUInt16BE(18, true) === 32, "Bad Rx length");
assert(buf.readUInt16BE(52, true) === 32, "Bad Ry length");
var iv = new Buffer(16);
buf.copy(iv, 0, 0, 16);
var ephemPublicKey = new Buffer(65);
ephemPublicKey[0] = 0x04;
buf.copy(ephemPublicKey, 1, 20, 52);
buf.copy(ephemPublicKey, 33, 54, 86);
// NOTE(Kagami): We do copy instead of slice to protect against
// possible source buffer modification by user.
var ciphertext = new Buffer(buf.length - 118);
buf.copy(ciphertext, 0, 86, buf.length - 32);
var mac = new Buffer(32);
buf.copy(mac, 0, buf.length - 32);
return {
iv: iv,
ephemPublicKey: ephemPublicKey,
ciphertext: ciphertext,
mac: mac,
};
},
encode: function(opts) {
assert(opts.iv.length === 16, "Bad IV");
assert(opts.ephemPublicKey.length === 65, "Bad public key");
assert(opts.mac.length === 32, "Bad MAC");
// 16 + 2 + 2 + 32 + 2 + 32 + ? + 32
var buf = new Buffer(118 + opts.ciphertext.length);
opts.iv.copy(buf);
buf.writeUInt16BE(SECP256K1_TYPE, 16, true); // Curve type
buf.writeUInt16BE(32, 18, true); // Rx length
opts.ephemPublicKey.copy(buf, 20, 1, 33); // Rx
buf.writeUInt16BE(32, 52, true); // Ry length
opts.ephemPublicKey.copy(buf, 54, 33); // Ry
opts.ciphertext.copy(buf, 86);
opts.mac.copy(buf, 86 + opts.ciphertext.length);
return buf;
},
};
/**
* Encrypt message for given recepient's public key.
* @param {Buffer} publicKeyTo - Recipient's public key (65 bytes)
* @param {Buffer} msg - The message being encrypted
* @param {?{?iv: Buffer, ?ephemPrivateKey: Buffer}} opts - You may also
* specify initialization vector (16 bytes) and ephemeral private key
* (32 bytes) to get deterministic results.
* @return {Promise.<Buffer>} - A promise that resolves with the buffer
* in `encrypted` format successful encryption and rejects on failure.
*/
exports.encrypt = function(publicKeyTo, msg, opts) {
return eccrypto.encrypt(publicKeyTo, msg, opts).then(function(encObj) {
return encrypted.encode(encObj);
});
};
/**
* Decrypt message using given private key.
* @param {Buffer} privateKey - A 32-byte private key of recepient of
* the mesage
* @param {Buffer} buf - encrypted data
* @return {Promise.<Buffer>} - A promise that resolves with the
* plaintext on successful decryption and rejects on failure.
*/
exports.decrypt = function(privateKey, buf) {
return new promise(function(resolve) {
var encObj = encrypted.decode(buf);
resolve(eccrypto.decrypt(privateKey, encObj));
});
};