Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
getPhrase() {
if (this.phrase)
return this.phrase;
// Include the first `ENT / 32` bits
// of the hash (the checksum).
const wbits = this.bits + (this.bits / 32);
// Get entropy and checksum.
const entropy = this.getEntropy();
const chk = sha256.digest(entropy);
// Append the hash to the entropy to
// make things easy when grabbing
// the checksum bits.
const size = Math.ceil(wbits / 8);
const data = Buffer.allocUnsafe(size);
entropy.copy(data, 0);
chk.copy(data, entropy.length);
// Build the mnemonic by reading
// 11 bit indexes from the entropy.
const list = Mnemonic.getWordlist(this.language);
let phrase = [];
for (let i = 0; i < wbits / 11; i++) {
let index = 0;
this.network = options.node.network;
this.logger = options.node.logger;
this.port = this.network.walletPort;
if (options.logger != null) {
assert(typeof options.logger === 'object');
this.logger = options.logger;
}
if (options.apiKey != null) {
assert(typeof options.apiKey === 'string',
'API key must be a string.');
assert(options.apiKey.length <= 255,
'API key must be under 255 bytes.');
this.apiKey = options.apiKey;
this.apiHash = sha256.digest(Buffer.from(this.apiKey, 'ascii'));
}
if (options.adminToken != null) {
if (typeof options.adminToken === 'string') {
assert(options.adminToken.length === 64,
'Admin token must be a 32 byte hex string.');
const token = Buffer.from(options.adminToken, 'hex');
assert(token.length === 32,
'Admin token must be a 32 byte hex string.');
this.adminToken = token;
} else {
assert(Buffer.isBuffer(options.adminToken),
'Admin token must be a hex string or buffer.');
assert(options.adminToken.length === 32,
'Admin token must be 32 bytes.');
this.adminToken = options.adminToken;
key.type = keyTypes.GOO;
key.n = EMPTY;
key.e = EMPTY;
key.C1 = C1;
key.nonce = SHA256.zero;
key.tweak = s_prime;
return [s_prime, key];
}
case keyTypes.P256: {
let tweak;
do {
tweak = SHA256.digest(random.randomBytes(64));
} while (!p256.privateKeyVerify(tweak));
const key = this.clone();
key.point = p256.publicKeyTweakMul(this.point, tweak);
key.nonce = SHA3.digest(tweak);
key.tweak = tweak;
return [tweak, key];
}
case keyTypes.ED25519: {
const raw = SHA256.digest(random.randomBytes(64));
const tweak = ed25519.scalarClamp(raw);
const key = this.clone();
timeout: 600 * 1000
});
const raw = req.buffer();
if (!sha256.digest(raw).equals(checksum))
throw new Error(`Invalid checksum: ${base}`);
await fs.writeFile(file, raw);
return raw;
}
const raw = await fs.readFile(file);
if (!sha256.digest(raw).equals(checksum))
throw new Error(`Invalid checksum: ${base}`);
return raw;
}
bw.writeU32(this.leaves.length);
for (const hashes of this.leaves) {
assert(hashes.length <= 255);
bw.writeU8(hashes.length);
for (const hash of hashes)
bw.writeBytes(hash);
}
const raw = bw.render();
await fs.writeFile(TREE_FILE, raw);
return [total, sha256.digest(raw)];
}
function combsToC(name, bits, modulus, json) {
const hash = SHA256.digest(modulus).toString('hex');
const suffix = bits == null ? '' : `_${bits}`;
const def = name.toUpperCase() + suffix;
const len = json.length;
const lines = [];
lines.push(HEADER);
lines.push(`static const goo_precombs_t GOO_COMB_${def} = {`);
lines.push(` .hash = "${hash}",`);
lines.push(` .size = ${len},`);
lines.push(' .items = {');
for (const item of json)
combItemToC(lines, item);
let i = MAX_LEN - json.length;
this.logger = options.node.logger;
this.port = this.network.rpcPort;
if (options.logger != null) {
assert(typeof options.logger === 'object');
this.logger = options.logger;
}
if (options.apiKey != null) {
assert(typeof options.apiKey === 'string',
'API key must be a string.');
assert(options.apiKey.length <= 255,
'API key must be under 256 bytes.');
this.apiKey = options.apiKey;
this.apiHash = sha256.digest(Buffer.from(this.apiKey, 'ascii'));
}
if (options.noAuth != null) {
assert(typeof options.noAuth === 'boolean');
this.noAuth = options.noAuth;
}
if (options.cors != null) {
assert(typeof options.cors === 'boolean');
this.cors = options.cors;
}
if (options.prefix != null) {
assert(typeof options.prefix === 'string');
this.prefix = options.prefix;
this.keyFile = path.join(this.prefix, 'key.pem');
const file = Path.resolve(BUILD_DIR, ...path);
const base = Path.basename(file);
if (!(await fs.exists(file))) {
const url = `${GITHUB_URL}/${path.join("/")}`;
const req = await request({
url,
limit: 50 << 20,
timeout: 600 * 1000
});
const raw = req.buffer();
if (!sha256.digest(raw).equals(checksum))
throw new Error(`Invalid checksum: ${base}`);
await fs.writeFile(file, raw);
return raw;
}
const raw = await fs.readFile(file);
if (!sha256.digest(raw).equals(checksum))
throw new Error(`Invalid checksum: ${base}`);
return raw;
}
initSymmetric(protocolName) {
assert(typeof protocolName === 'string');
const empty = ZERO_KEY;
const proto = Buffer.from(protocolName, 'ascii');
this.digest = sha256.digest(proto);
this.chain = this.digest;
this.initKey(empty);
return this;
}
socket.hook('auth', (...args) => {
if (socket.channel('auth'))
throw new Error('Already authed.');
if (!this.options.noAuth) {
const valid = new Validator(args);
const key = valid.str(0, '');
if (key.length > 255)
throw new Error('Invalid API key.');
const data = Buffer.from(key, 'utf8');
const hash = sha256.digest(data);
if (!safeEqual(hash, this.options.apiHash))
throw new Error('Invalid API key.');
}
socket.join('auth');
this.logger.info('Successful auth from %s.', socket.host);
this.handleAuth(socket);
return null;
});
}