-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathunbox.js
161 lines (130 loc) · 3.56 KB
/
unbox.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
const increment = require('increment-buffer')
const isBuffer = require('is-buffer')
const through = require('through2')
/* eslint-disable camelcase */
const {
crypto_secretbox_NONCEBYTES,
crypto_secretbox_KEYBYTES,
crypto_secretbox_MACBYTES,
crypto_secretbox_open_easy,
} = require('./sodium')
const kBoxHeaderSize = 2 + (2 * crypto_secretbox_MACBYTES)
/**
* "Unboxes" or decrypts a buffer from a 32-byte encryption key and
* a 24-byte nonce.
*
* @public
* @param {Object} opts
* @param {?(Buffer)} opts.secret
* @param {?(Buffer)} opts.nonce
* @param {?(Buffer)} opts.key
* @return {Buffer}
* @throws TypeError
*/
function unbox(buffer, opts) {
if (!opts || 'object' !== typeof opts) {
throw new TypeError('crypto.unbox: Expecting object.')
}
const { secret } = opts
let { nonce, key } = opts
if (isBuffer(secret) && secret.length >= crypto_secretbox_KEYBYTES) {
key = secret.slice(0, crypto_secretbox_KEYBYTES)
nonce = isBuffer(opts.nonce)
? opts.nonce
: secret.slice(crypto_secretbox_KEYBYTES)
}
if (false === isBuffer(nonce)) {
throw new TypeError('crypto.unbox: Expecting nonce.')
}
if (false === isBuffer(key)) {
throw new TypeError('crypto.unbox: Expecting secret key.')
}
nonce = nonce.slice(0, crypto_secretbox_NONCEBYTES)
key = key.slice(0, crypto_secretbox_KEYBYTES)
const nonces = [ copy(nonce), increment(copy(nonce)) ]
const header = Buffer.allocUnsafe(2 + crypto_secretbox_MACBYTES)
crypto_secretbox_open_easy(
header,
buffer.slice(0, 2 + (2 * crypto_secretbox_MACBYTES)),
nonces[0],
key
)
if (0 === Buffer.compare(header, zeroes(header.length))) {
return null
}
const length = header.readUInt16BE(0)
const combined = Buffer.concat([
// MAC
header.slice(2, crypto_secretbox_MACBYTES + header.length),
// body
buffer.slice(crypto_secretbox_MACBYTES + header.length),
])
const unboxed = Buffer.alloc(length)
// unbox combined
crypto_secretbox_open_easy(
unboxed,
combined,
nonces[1],
key
)
return Object.assign(unboxed, { nonce })
}
/**
* Creates a transform stream that "unboxes" messages written to it.
*
* @public
* @param {Object} opts
* @param {?(Buffer)} opts.secret
* @param {?(Buffer)} opts.nonce
* @param {?(Buffer)} opts.key
* @return {Stream}
* @throws TypeError
*/
function createUnboxStream(opts) {
if (!opts || 'object' !== typeof opts) {
throw new TypeError('crypto.box: Expecting object.')
}
// create new reference
/* eslint-disable-next-line no-param-reassign */
opts = { ...opts }
if (false === isBuffer(opts.nonce)) {
throw new TypeError('crypto.createUnboxStream: Expecting nonce.')
}
const backlog = []
Object.assign(opts, { nonce: copy(opts.nonce) })
return through(transform)
function transform(chunk, enc, done) {
// group packets together
if (kBoxHeaderSize === chunk.length) {
backlog.push(chunk)
} else if (backlog.length) {
const head = backlog.shift()
const body = chunk
const combined = Buffer.concat([ head, body ])
const unboxed = unbox(combined, opts)
increment(opts.nonce)
increment(opts.nonce)
this.push(unboxed)
} else {
const unboxed = unbox(chunk, opts)
increment(opts.nonce)
increment(opts.nonce)
this.push(unboxed)
}
done(null)
}
}
function zeroes(n) {
const z = Buffer.allocUnsafe(n)
z.fill(0)
return z
}
function copy(x) {
const y = Buffer.allocUnsafe(x.length)
x.copy(y, 0, 0, x.length)
return y
}
module.exports = {
createUnboxStream,
unbox,
}