Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
function makeLegacyAuthToken(challengeText: string, signerKeyHex: string): string {
// only sign specific legacy auth challenges.
let parsedChallenge
try {
parsedChallenge = JSON.parse(challengeText)
} catch (err) {
throw new Error('Failed in parsing legacy challenge text from the gaia hub.')
}
if (parsedChallenge[0] === 'gaiahub'
&& parsedChallenge[3] === 'blockstack_storage_please_sign') {
const signer = hexStringToECPair(signerKeyHex
+ (signerKeyHex.length === 64 ? '01' : ''))
const digest = bjsCrypto.sha256(Buffer.from(challengeText))
const signatureBuffer = signer.sign(digest)
const signatureWithHash = script.signature.encode(
signatureBuffer, Transaction.SIGHASH_NONE)
// We only want the DER encoding so remove the sighash version byte at the end.
// See: https://github.com/bitcoinjs/bitcoinjs-lib/issues/1241#issuecomment-428062912
const signature = signatureWithHash.toString('hex').slice(0, -2)
const publickey = getPublicKeyFromPrivate(signerKeyHex)
const token = Buffer.from(JSON.stringify(
{ publickey, signature }
)).toString('base64')
return token
} else {
throw new Error('Failed to connect to legacy gaia hub. If you operate this hub, please update.')
privatelyNamedChild(name) {
if (name.length === 0) {
throw new Error('Name must be at least one character long')
}
const entropy = hashing.sha256(
Buffer.concat([
this.privateKey(),
new Buffer(name)
])
)
return this.child(entropy)
}
}
profileComponents.map((data) => {
const derivationEntropy = hashing.sha256(
Buffer.concat([
privateKeychain.privateKey(),
new Buffer(JSON.stringify(data))
])
)
const privateChildKeychain = privateKeychain.child(derivationEntropy),
privateKey = privateChildKeychain.privateKey('hex'),
publicKey = privateChildKeychain.publicKeychain().publicKey('hex')
const subject = {publicKey: publicKey}
let token = signToken(data, privateKey, subject, null, signingAlgorithm),
tokenRecord = wrapToken(token)
tokenRecord.parentPublicKey = parentPublicKey
tokenRecord.derivationEntropy = derivationEntropy.toString('hex')
publiclyNamedChild(name) {
if (name.length === 0) {
throw new Error('Name must be at least one character long')
}
const entropy = hashing.sha256(
Buffer.concat([
this.publicKey(),
new Buffer(name)
])
)
return this.child(entropy)
}
}
export function hash128(buff: Buffer) {
return Buffer.from(bjsCrypto.sha256(buff).slice(0, 16))
}
export function hash160(buff: Buffer) {
const sha256 = bjsCrypto.sha256(buff)
return (new RIPEMD160()).update(sha256).digest()
}