hxhxhx/Onlife
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Onlife/node_modules/ethereumjs-wallet/src/thirdparty.ts

280 lines
8.2 KiB
TypeScript
Raw Normal View History

init
2025-04-19 15:38:48 +08:00
import * as crypto from 'crypto'
import { keccak256, sha256, toBuffer } from 'ethereumjs-util'
import { scrypt } from 'scrypt-js'
import Wallet from './index'
const utf8 = require('utf8')
const aesjs = require('aes-js')
function runCipherBuffer(cipher: crypto.Cipher | crypto.Decipher, data: Buffer): Buffer {
return Buffer.concat([cipher.update(data), cipher.final()])
}
// evp_kdf
export interface EvpKdfOpts {
count: number
keysize: number
ivsize: number
digest: string
}
const evpKdfDefaults: EvpKdfOpts = {
count: 1,
keysize: 16,
ivsize: 16,
digest: 'md5',
}
function mergeEvpKdfOptsWithDefaults(opts?: Partial<EvpKdfOpts>): EvpKdfOpts {
if (!opts) {
return evpKdfDefaults
}
return {
count: opts.count || evpKdfDefaults.count,
keysize: opts.keysize || evpKdfDefaults.keysize,
ivsize: opts.ivsize || evpKdfDefaults.ivsize,
digest: opts.digest || evpKdfDefaults.digest,
}
}
/*
* opts:
* - digest - digest algorithm, defaults to md5
* - count - hash iterations
* - keysize - desired key size
* - ivsize - desired IV size
*
* Algorithm form https://www.openssl.org/docs/manmaster/crypto/EVP_BytesToKey.html
*
* FIXME: not optimised at all
*/
function evp_kdf(data: Buffer, salt: Buffer, opts?: Partial<EvpKdfOpts>) {
const params = mergeEvpKdfOptsWithDefaults(opts)
// A single EVP iteration, returns `D_i`, where block equlas to `D_(i-1)`
function iter(block: Buffer) {
let hash = crypto.createHash(params.digest)
hash.update(block)
hash.update(data)
hash.update(salt)
block = hash.digest()
for (let i = 1, len = params.count; i < len; i++) {
hash = crypto.createHash(params.digest)
hash.update(block)
block = hash.digest()
}
return block
}
const ret: Buffer[] = []
let i = 0
while (Buffer.concat(ret).length < params.keysize + params.ivsize) {
ret[i] = iter(i === 0 ? Buffer.alloc(0) : ret[i - 1])
i++
}
const tmp = Buffer.concat(ret)
return {
key: tmp.slice(0, params.keysize),
iv: tmp.slice(params.keysize, params.keysize + params.ivsize),
}
}
// http://stackoverflow.com/questions/25288311/cryptojs-aes-pattern-always-ends-with
function decodeCryptojsSalt(input: string): { ciphertext: Buffer; salt?: Buffer } {
const ciphertext = Buffer.from(input, 'base64')
if (ciphertext.slice(0, 8).toString() === 'Salted__') {
return {
salt: ciphertext.slice(8, 16),
ciphertext: ciphertext.slice(16),
}
}
return { ciphertext }
}
// {
// "address": "0x169aab499b549eac087035e640d3f7d882ef5e2d",
// "encrypted": true,
// "locked": true,
// "hash": "342f636d174cc1caa49ce16e5b257877191b663e0af0271d2ea03ac7e139317d",
// "private": "U2FsdGVkX19ZrornRBIfl1IDdcj6S9YywY8EgOeOtLj2DHybM/CHL4Jl0jcwjT+36kDnjj+qEfUBu6J1mGQF/fNcD/TsAUgGUTEUEOsP1CKDvNHfLmWLIfxqnYHhHsG5",
// "public": "U2FsdGVkX19EaDNK52q7LEz3hL/VR3dYW5VcoP04tcVKNS0Q3JINpM4XzttRJCBtq4g22hNDrOR8RWyHuh3nPo0pRSe9r5AUfEiCLaMBAhI16kf2KqCA8ah4brkya9ZLECdIl0HDTMYfDASBnyNXd87qodt46U0vdRT3PppK+9hsyqP8yqm9kFcWqMHktqubBE937LIU0W22Rfw6cJRwIw=="
// }
export interface EtherWalletOptions {
address: string
encrypted: boolean
locked: boolean
hash: string
private: string
public: string
}
/*
* Third Party API: Import a wallet generated by EtherWallet
* This wallet format is created by https://github.com/SilentCicero/ethereumjs-accounts
* and used on https://www.myetherwallet.com/
*/
export function fromEtherWallet(input: string | EtherWalletOptions, password: string): Wallet {
const json: EtherWalletOptions = typeof input === 'object' ? input : JSON.parse(input)
let privateKey: Buffer
if (!json.locked) {
if (json.private.length !== 64) {
throw new Error('Invalid private key length')
}
privateKey = Buffer.from(json.private, 'hex')
} else {
if (typeof password !== 'string') {
throw new Error('Password required')
}
if (password.length < 7) {
throw new Error('Password must be at least 7 characters')
}
// the "encrypted" version has the low 4 bytes
// of the hash of the address appended
const hash = json.encrypted ? json.private.slice(0, 128) : json.private
// decode openssl ciphertext + salt encoding
const cipher = decodeCryptojsSalt(hash)
if (!cipher.salt) {
throw new Error('Unsupported EtherWallet key format')
}
// derive key/iv using OpenSSL EVP as implemented in CryptoJS
const evp = evp_kdf(Buffer.from(password), cipher.salt, { keysize: 32, ivsize: 16 })
const decipher = crypto.createDecipheriv('aes-256-cbc', evp.key, evp.iv)
privateKey = runCipherBuffer(decipher, Buffer.from(cipher.ciphertext))
// NOTE: yes, they've run it through UTF8
privateKey = Buffer.from(utf8.decode(privateKey.toString()), 'hex')
}
const wallet = new Wallet(privateKey)
if (wallet.getAddressString() !== json.address) {
throw new Error('Invalid private key or address')
}
return wallet
}
/**
* Third Party API: Import a brain wallet used by Ether.Camp
*/
export function fromEtherCamp(passphrase: string): Wallet {
return new Wallet(keccak256(Buffer.from(passphrase)))
}
/**
* Third Party API: Import a wallet from a KryptoKit seed
*/
export async function fromKryptoKit(entropy: string, password: string): Promise<Wallet> {
function kryptoKitBrokenScryptSeed(buf: Buffer) {
// js-scrypt calls `Buffer.from(String(salt), 'utf8')` on the seed even though it is a buffer
//
// The `buffer`` implementation used does the below transformation (doesn't matches the current version):
// https://github.com/feross/buffer/blob/67c61181b938b17d10dbfc0a545f713b8bd59de8/index.js
function decodeUtf8Char(str: string) {
try {
return decodeURIComponent(str)
} catch (err) {
return String.fromCharCode(0xfffd) // UTF 8 invalid char
}
}
let res = '',
tmp = ''
for (let i = 0; i < buf.length; i++) {
if (buf[i] <= 0x7f) {
res += decodeUtf8Char(tmp) + String.fromCharCode(buf[i])
tmp = ''
} else {
tmp += '%' + buf[i].toString(16)
}
}
return Buffer.from(res + decodeUtf8Char(tmp))
}
if (entropy[0] === '#') {
entropy = entropy.slice(1)
}
const type = entropy[0]
entropy = entropy.slice(1)
let privateKey: Buffer
if (type === 'd') {
privateKey = sha256(toBuffer(entropy))
} else if (type === 'q') {
if (typeof password !== 'string') {
throw new Error('Password required')
}
const encryptedSeed = sha256(Buffer.from(entropy.slice(0, 30)))
const checksum = entropy.slice(30, 46)
const salt = kryptoKitBrokenScryptSeed(encryptedSeed)
const aesKey = await scrypt(Buffer.from(password, 'utf8'), salt, 16384, 8, 1, 32)
/* FIXME: try to use `crypto` instead of `aesjs`
// NOTE: ECB doesn't use the IV, so it can be anything
var decipher = crypto.createDecipheriv("aes-256-ecb", aesKey, Buffer.from(0))
// FIXME: this is a clear abuse, but seems to match how ECB in aesjs works
privKey = Buffer.concat([
decipher.update(encryptedSeed).slice(0, 16),
decipher.update(encryptedSeed).slice(0, 16),
])
*/
const decipher = new aesjs.ModeOfOperation.ecb(aesKey)
/* decrypt returns an Uint8Array, perhaps there is a better way to concatenate */
privateKey = Buffer.concat([
Buffer.from(decipher.decrypt(encryptedSeed.slice(0, 16))),
Buffer.from(decipher.decrypt(encryptedSeed.slice(16, 32))),
])
if (checksum.length > 0) {
if (checksum !== sha256(sha256(privateKey)).slice(0, 8).toString('hex')) {
throw new Error('Failed to decrypt input - possibly invalid passphrase')
}
}
} else {
throw new Error('Unsupported or invalid entropy type')
}
return new Wallet(privateKey)
}
/**
* Third Party API: Import a brain wallet used by Quorum Wallet
*/
export function fromQuorumWallet(passphrase: string, userid: string): Wallet {
if (passphrase.length < 10) {
throw new Error('Passphrase must be at least 10 characters')
}
if (userid.length < 10) {
throw new Error('User id must be at least 10 characters')
}
const merged = passphrase + userid
const seed = crypto.pbkdf2Sync(merged, merged, 2000, 32, 'sha256')
return new Wallet(seed)
}
const Thirdparty = {
fromEtherWallet,
fromEtherCamp,
fromKryptoKit,
fromQuorumWallet,
}
export default Thirdparty
Reference in New Issue Copy Permalink