UNPKG

sic-ecies

Version:

ECIES implemented for Bitcore. fix to eos and easy to use

153 lines (128 loc) 4.3 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
'use strict'; var bitcore = require('bitcore-lib'); var eosecc = require('eosjs-ecc'); var PublicKey = bitcore.PublicKey; var PrivateKey = bitcore.PrivateKey; var Hash = bitcore.crypto.Hash; var Random = bitcore.crypto.Random; var $ = bitcore.util.preconditions; var AESCBC = require('./aescbc'); // http://en.wikipedia.org/wiki/Integrated_Encryption_Scheme var ECIES = function ECIES(opts) { if (!(this instanceof ECIES)) { return new ECIES(); } this.opts = opts || {}; }; ECIES.prototype.PrivateKey = PrivateKey; ECIES.prototype.PublicKey = function(publickey) { if (publickey.startsWith('EOS')) { return PublicKey(eosecc.PublicKey(publickey).toUncompressed().toBuffer().toString('hex')); } return PublicKey(publickey); }; ECIES.prototype.privateKey = function(privateKey) { $.checkArgument(privateKey, 'no private key provided'); this._privateKey = privateKey || null; return this; }; ECIES.prototype.publicKey = function(publicKey) { $.checkArgument(publicKey, 'no public key provided'); this._publicKey = publicKey || null; return this; }; var cachedProperty = function(name, getter) { var cachedName = '_' + name; Object.defineProperty(ECIES.prototype, name, { configurable: false, enumerable: true, get: function() { var value = this[cachedName]; if (!value) { value = this[cachedName] = getter.apply(this); } return value; } }); }; cachedProperty('Rbuf', function() { return this._privateKey.publicKey.toDER(true); }); cachedProperty('kEkM', function() { var r = this._privateKey.bn; var KB = this._publicKey.point; var P = KB.mul(r); var S = P.getX(); var Sbuf = S.toBuffer({size: 32}); return Hash.sha512(Sbuf); }); cachedProperty('kE', function() { return this.kEkM.slice(0, 32); }); cachedProperty('kM', function() { return this.kEkM.slice(32,64); }); // Encrypts the message (String or Buffer). // Optional `ivbuf` contains 16-byte Buffer to be used in AES-CBC. // By default, `ivbuf` is computed deterministically from message and private key using HMAC-SHA256. // Deterministic IV enables end-to-end test vectors for alternative implementations. // Note that identical messages have identical ciphertexts. If your protocol does not include some // kind of a sequence identifier inside the message *and* it is important to not allow attacker to learn // that message is repeated, then you should use custom IV. // For random IV, pass `Random.getRandomBuffer(16)` for the second argument. ECIES.prototype.encrypt = function(message, enpublickey, ivbuf) { this.publicKey( ECIES.prototype.PublicKey(enpublickey)); if (!Buffer.isBuffer(message)) message = new Buffer(message); if (ivbuf === undefined) { this.privateKey(PrivateKey('5KMGTsffgXXq247JWX4QQ2AicRSJfepCKP7aSZsm1hk4cW8txsg')); ivbuf = Hash.sha256hmac(message, this._privateKey.toBuffer()).slice(0,16); } var c = AESCBC.encryptCipherkey(message, this.kE, ivbuf); var d = Hash.sha256hmac(c, this.kM); if(this.opts.shortTag) d = d.slice(0,4); if(this.opts.noKey) { var encbuf = Buffer.concat([c, d]); } else { var encbuf = Buffer.concat([this.Rbuf, c, d]); } return encbuf.toString('base64'); }; ECIES.prototype.decrypt = function(encbuf, deprivatekey) { var encdata = new Buffer(encbuf, 'base64'); $.checkArgument(encdata); this.privateKey(PrivateKey(deprivatekey)); var offset = 0; var tagLength = 32; if(this.opts.shortTag) { tagLength = 4; } if(!this.opts.noKey) { var pub; switch(encdata[0]) { case 4: pub = encdata.slice(0, 65); break; case 3: case 2: pub = encdata.slice(0, 33); break; default: throw new Error('Invalid type: ' + encdata[0]); } this._publicKey = PublicKey.fromDER(pub); offset += pub.length; } var c = encdata.slice(offset, encdata.length - tagLength); var d = encdata.slice(encdata.length - tagLength, encdata.length); var d2 = Hash.sha256hmac(c, this.kM); if(this.opts.shortTag) d2 = d2.slice(0,4); var equal = true; for (var i = 0; i < d.length; i++) { equal &= (d[i] === d2[i]); } if (!equal) { throw new Error('Invalid checksum'); } return AESCBC.decryptCipherkey(c, this.kE).toString(); }; module.exports = ECIES;