Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
if (Utils.isEmpty(privateKeyHex)){
throw new Error("private key must be not empty")
}
const salt = Cryp.randomBytes(32);
const iv = Cryp.randomBytes(16);
const cipherAlg = Config.iris.keystore.cipherAlg;
const kdf = Config.iris.keystore.kdf;
const address = this.import(privateKeyHex).address;
const kdfparams = {
dklen: 32,
salt: salt.toString("hex"),
c: Config.iris.keystore.c,
prf: "hmac-sha256"
};
const derivedKey = Cryp.pbkdf2Sync(Buffer.from(password), salt, kdfparams.c, kdfparams.dklen, "sha256");
const cipher = Cryp.createCipheriv(cipherAlg, derivedKey.slice(0, 16), iv);
if (!cipher) {
throw new Error("Unsupported cipher")
}
const cipherBuffer = Buffer.concat([cipher.update(Buffer.from(privateKeyHex, "hex")), cipher.final()]);
const bufferValue = Buffer.concat([derivedKey.slice(16, 32), cipherBuffer]);
let hashCiper = Cryp.createHash("sha256");
hashCiper.update(bufferValue);
const mac = hashCiper.digest().toString("hex");
return {
version: "1",
id: UUID.v4({
random: Cryp.randomBytes(16)
}),
address: address,
importKeystore(keystore, password){
if (Utils.isEmpty(password) || password.length < 8){
throw new Error("password's length must be greater than 8")
}
if (Utils.isEmpty(keystore)){
throw new Error("keystore file must be not empty")
}
const kdfparams = keystore.crypto.kdfparams;
if (kdfparams.prf !== "hmac-sha256") {
throw new Error("Unsupported parameters to PBKDF2")
}
const derivedKey = Cryp.pbkdf2Sync(Buffer.from(password), Buffer.from(kdfparams.salt, "hex"), kdfparams.c, kdfparams.dklen, "sha256");
const ciphertext = Buffer.from(keystore.crypto.ciphertext, "hex");
const bufferValue = Buffer.concat([derivedKey.slice(16, 32), ciphertext]);
let hashCiper = Cryp.createHash("sha256");
hashCiper.update(bufferValue);
const mac = hashCiper.digest().toString("hex");
if (mac !==keystore.crypto.mac){
throw new Error("wrong password")
}
const decipher = Cryp.createDecipheriv(keystore.crypto.cipher, derivedKey.slice(0, 16), Buffer.from(keystore.crypto.cipherparams.iv, "hex"));
const privateKey = Buffer.concat([decipher.update(ciphertext), decipher.final()]).toString("hex");
return this.import(privateKey.toUpperCase())
}
}