The way the library passes args down is really stupid. It sticks various args on "this" (the "radius" package object) so it doesn't have to pass the args around as function parameters. This was causing and issue because the encode_without_secret method was setting this.no_secret = true (which indicates to _crypt_field that it shouldn't try to decrypt anything), but encode wasn't unsetting that, it was skipping the password encrypt and crashing later because of it. Double fix it by having encode unset no_password, and by making decrypt_field consume no_secret rather than _crypt_field (so it can't affect encrypt_field anymore).
Fix bug where Event-Timestamp cannot write to buffer because date.getTime()/1000 is not an integer.
Message-Authenticator is an HMAC, improving security over the normal authenticator. node-radius will now add it to messages while encoding when appropriate, and verify it in messages when decoding. I will update README with more details.
You can use this to verify a response packet. For example, if you send an Accounting-Request, after receiving the Accounting-Response you should use verify_response to make sure the response's authenticator is correct (i.e. the other side knows the shared secret).
Now the special case is for Access-Request, and everything else behaves as Accounting did previously. Access-Request's authenticator is random, and to the best of my knowledge all other Request types just use the normal checksum authenticator (since there is no password), so when decoded "Request" types (other than "Access-Request") validate the authenticator accordingly. Similarly, when encoding packets, only use the create the random authenticator for "Access-Requests", and for everything else calculate the regular checksum (if you use prepare_response, the checksum will properly be over the request packet's authenticator).
For simple packets you can pass the attributes as an array or as a hash. This will only work if you do not have vendor specific attributes and the order of the attributes does not matter for your packet. If you have nested attributes this will throw an exception. It is still recommended that you use the array style as that will work in all cases.