add authentication via new Message core class

2014-06-26 08:49:22 -07:00 · 2014-06-26 08:49:22 -07:00 · 543c42a6a8
commit 543c42a6a8
parent a1fe7b3d7d
9 changed files with 226 additions and 23 deletions
--- a/js/models/core/Message.js
+++ b/js/models/core/Message.js
@ -0,0 +1,82 @@
+'use strict';
+
+var imports = require('soop').imports();
+var bitcore = require('bitcore');
+
+/* Encrypted, authenticated messages to be shared between copayers */
+var Message = function() {
+};
+
+Message.encode = function(topubkey, fromkey, payload) {
+  var version = new Buffer([0]);
+  var toencrypt = Buffer.concat([version, payload]);
+  var encrypted = Message._encrypt(topubkey, toencrypt);
+  var sig = Message._sign(fromkey, encrypted);
+  var encoded = {
+    pubkey: fromkey.public.toString('hex'),
+    sig: sig.toString('hex'),
+    encrypted: encrypted.toString('hex')
+  };
+  return encoded;
+};
+
+Message.decode = function(key, encoded) {
+  try {
+    var frompubkey = new Buffer(encoded.pubkey, 'hex');
+  } catch (e) {
+    throw new Error('Error decoding public key: ' + e);
+  }
+
+  try {
+    var sig = new Buffer(encoded.sig, 'hex');
+    var encrypted = new Buffer(encoded.encrypted, 'hex');
+  } catch (e) {
+    throw new Error('Error decoding data: ' + e);
+  }
+  
+  try {
+    var v = Message._verify(frompubkey, sig, encrypted);
+  } catch (e) {
+    throw new Error('Error verifying signature: ' + e);
+  }
+
+  if (!v)
+    throw new Error('Invalid signature');
+
+  try {
+    var decrypted = Message._decrypt(key.private, encrypted);
+  } catch (e) {
+    throw new Error('Cannot decrypt data: ' + e);
+  }
+
+  if (decrypted[0] !== 0)
+    throw new Error('Invalid version number');
+
+  if (decrypted.length === 0)
+    throw new Error('No data present');
+
+  var payload = decrypted.slice(1);
+  return payload;
+};
+
+Message._encrypt = function(topubkey, payload, r, iv) {
+  var encrypted = bitcore.ECIES.encrypt(topubkey, payload, r, iv);
+  return encrypted;
+};
+
+Message._decrypt = function(privkey, encrypted) {
+  var decrypted = bitcore.ECIES.decrypt(privkey, encrypted);
+  return decrypted;
+};
+
+Message._sign = function(key, payload) {
+  var sig = bitcore.Message.sign(payload, key);
+  return sig;
+};
+
+Message._verify = function(pubkey, signature, payload) {
+  var v = bitcore.Message.verifyWithPubKey(pubkey, payload, signature);
+  return v;
+};
+
+module.exports = require('soop')(Message);