Press n or j to go to the next uncovered block, b, p or k for the previous block.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 | 1x 1x 1x 1x 1x 1x 1x 3x 3x 1x 1x 1x 2x 2x 2x 1x 1x 2x 2x 2x 2x 2x 2x 2x 2x 2x 2x 2x 4x 4x 4x 4x 4x 4x 4x 4x 4x 4x 4x 2x 2x 2x 2x 2x 2x 2x 2x 2x 2x 2x 2x 2x 2x 1x 1x 1x 4x 4x 4x 2x 2x 1x | import { validateMnemonic, mnemonicToEntropy, entropyToMnemonic } from 'bip39'; import { randomBytes, GetRandomBytes } from './cryptoRandom'; import { createSha2Hash } from './sha2Hash'; import { createHmacSha256 } from './hmacSha256'; import { createCipher } from './aesCipher'; import { createPbkdf2 } from './pbkdf2'; import { TriplesecDecryptSignature } from './cryptoUtils'; /** * Encrypt a raw mnemonic phrase to be password protected * @param {string} phrase - Raw mnemonic phrase * @param {string} password - Password to encrypt mnemonic with * @return {Promise<Buffer>} The encrypted phrase * @private * @ignore * */ export async function encryptMnemonic( phrase: string, password: string, opts?: { getRandomBytes?: GetRandomBytes; } ): Promise<Buffer> { // hex encoded mnemonic string let mnemonicEntropy: string; try { // must be bip39 mnemonic mnemonicEntropy = mnemonicToEntropy(phrase); } catch (error) { console.error('Invalid mnemonic phrase provided'); console.error(error); throw new Error('Not a valid bip39 mnemonic'); } // normalize plaintext to fixed length byte string const plaintextNormalized = Buffer.from(mnemonicEntropy, 'hex'); // AES-128-CBC with SHA256 HMAC const pbkdf2 = await createPbkdf2(); let salt: Buffer; if (opts && opts.getRandomBytes) { salt = opts.getRandomBytes(16); } else { salt = randomBytes(16); } const keysAndIV = await pbkdf2.derive(password, salt, 100000, 48, 'sha512'); const encKey = keysAndIV.slice(0, 16); const macKey = keysAndIV.slice(16, 32); const iv = keysAndIV.slice(32, 48); const cipher = await createCipher(); const cipherText = await cipher.encrypt( 'aes-128-cbc', encKey, iv, plaintextNormalized ); const hmacPayload = Buffer.concat([salt, cipherText]); const hmacSha256 = await createHmacSha256(); const hmacDigest = await hmacSha256.digest(macKey, hmacPayload); const payload = Buffer.concat([salt, hmacDigest, cipherText]); return payload; } // Used to distinguish bad password during decrypt vs invalid format class PasswordError extends Error {} /** * @ignore */ async function decryptMnemonicBuffer( dataBuffer: Buffer, password: string ): Promise<string> { const salt = dataBuffer.slice(0, 16); const hmacSig = dataBuffer.slice(16, 48); // 32 bytes const cipherText = dataBuffer.slice(48); const hmacPayload = Buffer.concat([salt, cipherText]); const pbkdf2 = await createPbkdf2(); const keysAndIV = await pbkdf2.derive(password, salt, 100000, 48, 'sha512'); const encKey = keysAndIV.slice(0, 16); const macKey = keysAndIV.slice(16, 32); const iv = keysAndIV.slice(32, 48); const decipher = await createCipher(); const decryptedResult = await decipher.decrypt( 'aes-128-cbc', encKey, iv, cipherText ); const hmacSha256 = await createHmacSha256(); const hmacDigest = await hmacSha256.digest(macKey, hmacPayload); // hash both hmacSig and hmacDigest so string comparison time // is uncorrelated to the ciphertext const sha2Hash = await createSha2Hash(); const hmacSigHash = await sha2Hash.digest(hmacSig); const hmacDigestHash = await sha2Hash.digest(hmacDigest); Iif (!hmacSigHash.equals(hmacDigestHash)) { // not authentic throw new PasswordError('Wrong password (HMAC mismatch)'); } let mnemonic: string; try { mnemonic = entropyToMnemonic(decryptedResult); } catch (error) { console.error('Error thrown by `entropyToMnemonic`'); console.error(error); throw new PasswordError('Wrong password (invalid plaintext)'); } Iif (!validateMnemonic(mnemonic)) { throw new PasswordError('Wrong password (invalid plaintext)'); } return mnemonic; } /** * Decrypt legacy triplesec keys * @param {Buffer} dataBuffer - The encrypted key * @param {String} password - Password for data * @return {Promise<Buffer>} Decrypted seed * @private * @ignore */ function decryptLegacy( dataBuffer: Buffer, password: string, triplesecDecrypt: TriplesecDecryptSignature ): Promise<Buffer> { return new Promise<Buffer>((resolve, reject) => { Iif (!triplesecDecrypt) { reject(new Error('The `triplesec.decrypt` function must be provided')); } triplesecDecrypt( { key: Buffer.from(password), data: dataBuffer }, (err, plaintextBuffer) => { if (!err) { resolve(plaintextBuffer); } else { reject(err); } } ); }); } /** * Decrypt an encrypted mnemonic phrase with a password. * Legacy triplesec encrypted payloads are also supported. * @param data - Buffer or hex-encoded string of the encrypted mnemonic * @param password - Password for data * @return the raw mnemonic phrase * @private * @ignore */ export async function decryptMnemonic( data: string | Buffer, password: string, triplesecDecrypt?: TriplesecDecryptSignature ) { const dataBuffer = Buffer.isBuffer(data) ? data : Buffer.from(data, 'hex'); try { return await decryptMnemonicBuffer(dataBuffer, password); } catch (err) { Iif (err instanceof PasswordError) { throw err; } const data = await decryptLegacy(dataBuffer, password, triplesecDecrypt); return data.toString(); } } |