-
Notifications
You must be signed in to change notification settings - Fork 0
/
crypto.js
96 lines (93 loc) · 2.99 KB
/
crypto.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
"use strict";
var nacl = require('js-nacl').instantiate()
var Int64 = require('./Int64.js')
var nonce_pad = new Buffer("minimaLT")
var crypto = {
make_keypair: function() {
var pair = nacl.crypto_box_keypair()
return {public: pair.boxPk, private: pair.boxSk}
},
shared_secret: function(theirpub, mypriv) {
return nacl.crypto_box_precompute(theirpub, mypriv).boxK
},
box: function(msgBin, nonceBin, secret) {
if (!Buffer.isBuffer(msgBin))
throw new Error("message should be a buffer")
return nacl.crypto_box_precomputed(msgBin, nonceBin, {boxK: secret})
},
unbox: function(msgBin, nonceBin, secret) {
// ommitting this check actually makes it throw
// in a way that trashes its memory management
// so all later results would be wrong
if (!Buffer.isBuffer(msgBin))
throw new Error("message should be a buffer")
return nacl.crypto_box_open_precomputed(msgBin, nonceBin, {boxK: secret})
},
boxWithKeys: function(msgBin, nonceBin, theirpub, mypriv) {
if (!Buffer.isBuffer(msgBin))
throw new Error("message should be a buffer")
return nacl.crypto_box(msgBin, nonceBin, theirpub, mypriv)
},
unboxWithKeys: function(msgBin, nonceBin, theirpub, mypriv) {
if (!Buffer.isBuffer(msgBin))
throw new Error("message should be a buffer")
return nacl.crypto_box_open(msgBin, nonceBin, theirpub, mypriv)
},
secretUnbox: function(msgBin, nonceBin, secret) {
if (!Buffer.isBuffer(msgBin))
throw new Error("message should be a buffer")
return nacl.crypto_secretbox_open(msgBin, nonceBin, secret)
},
secretBox: function(msgBin, nonceBin, secret) {
if (!Buffer.isBuffer(msgBin))
throw new Error("message should be a buffer")
return nacl.crypto_secretbox(msgBin, nonceBin, secret)
},
make_nonce: function(TID, nonce) {
var res = new Buffer(24)
// the first 8 bytes spell minimaLT for now
nonce_pad.copy(res)
TID.getBuffer().copy(res, 8)
nonce.getBuffer().copy(res, 16)
return res
},
generate_nonce: function(is_client, date) {
var x = new Int64(date)
x.shiftLeft(1)
if (is_client) x.buffer[x.offset+7] |= 1
return x
},
random_Int64: function() {
return new Int64(nacl.random_bytes(8))
},
random_UInt32: function() {
return nacl.random_bytes(4).readUInt32BE(0)
},
random_nonce: function() {
return nacl.crypto_box_random_nonce()
},
make_signing_keypair: function() {
var pair = nacl.crypto_sign_keypair()
return {public: pair.signPk, private: pair.signSk}
},
sign: function(msgBin, privKey) {
if (!Buffer.isBuffer(msgBin))
throw new Error("message should be a buffer")
return nacl.crypto_sign(msgBin, privKey)
},
verify: function(msgBin, pubKey) {
if (!Buffer.isBuffer(msgBin))
throw new Error("message should be a buffer")
return nacl.crypto_sign_open(msgBin, pubKey)
},
hashSecret: function(secret) {
// XXX: should this be scrypt/PBKDF2 instead?
return nacl.crypto_hash_sha256(secret)
},
hashPuzzle: function(r) {
// TODO: this shoud *really* be scrypt.
// thanks bitcoin.
return nacl.crypto_hash_sha256(r)
}
}
module.exports = crypto