UNPKG

7.02 kBJavaScriptView Raw
1const crypto = require('crypto');
2const rlp = require('rlp');
3const keccak = require('keccak');
4const secp256k1 = require('secp256k1');
5// const scryptJs = require('scrypt.js'); // ^0.3.0. cause it's depends on python, might cause some problems
6
7// ----------------------------------------------------------------------------
8/**
9 * sha3
10 *
11 * @param buffer {Buffer}
12 * @return {Buffer}
13 *
14 * @example
15 * > sha3(Buffer.from(''))
16 <Buffer c5 d2 46 01 86 f7 23 3c 92 7e 7d b2 dc c7 03 c0 e5 00 b6 53 ca 82 27 3b 7b fa d8 04 5d 85 a4 70>
17 */
18function sha3(buffer) {
19 return keccak('keccak256').update(buffer).digest();
20}
21
22/**
23 * rlp encode
24 *
25 * > replace zero as empty
26 *
27 * @param array {Buffer[]}
28 * @return {Buffer}
29 *
30 * @example
31 * > rlpEncode([0, 1, 2].map(v => Buffer.from([v])))
32 <Buffer c3 80 01 02>
33 * > rlpEncode([1, 2].map(v => Buffer.from([v])))
34 <Buffer c3 80 01 02>
35 */
36function rlpEncode(array) {
37 const zero = Buffer.from('00', 'hex');
38 const empty = Buffer.from('', 'hex');
39
40 return rlp.encode(array.map(v => (v.equals(zero) ? empty : v)));
41}
42
43// ----------------------------------------------------------------------------
44/**
45 * gen a random buffer with `size` bytes.
46 *
47 * > Note: call `crypto.randomBytes`
48 *
49 * @param size {number}
50 * @return {Buffer}
51 *
52 * @example
53 * > randomBuffer(0)
54 <Buffer >
55 * > randomBuffer(1)
56 <Buffer 33>
57 * > randomBuffer(1)
58 <Buffer 5a>
59 */
60function randomBuffer(size) {
61 return crypto.randomBytes(size);
62}
63
64/**
65 * Gen a random PrivateKey buffer.
66 *
67 * @param entropy {Buffer}
68 * @return {Buffer}
69 *
70 * @example
71 * > randomPrivateKey()
72 <Buffer 23 fb 3b 2b 1f c9 36 8c a4 8e 5b dc c7 a9 e2 bd 67 81 43 3b f2 3a cc da da ff a9 dd dd b6 08 d4>
73 * > randomPrivateKey()
74 <Buffer e7 5b 68 fb f9 50 19 94 07 80 d5 13 2e 40 a7 f9 a1 b0 5d 72 c8 86 ca d1 c6 59 cd a6 bf 37 cb 73>
75
76 * @example
77 * > entropy = randomBuffer(32)
78 * > randomPrivateKey(entropy)
79 <Buffer 57 90 e8 3d 16 10 02 b9 a4 33 87 e1 6b cd 40 7e f7 22 b1 d8 94 ae 98 bf 76 a4 56 fb b6 0c 4b 4a>
80 * > randomPrivateKey(entropy) // same `entropy`
81 <Buffer 89 44 ef 31 d4 9c d0 25 9f b0 de 61 99 12 4a 21 57 43 d4 4b af ae ef ae e1 3a ba 05 c3 e6 ad 21>
82 */
83function randomPrivateKey(entropy = randomBuffer(32)) {
84 if (!(Buffer.isBuffer(entropy) && entropy.length === 32)) {
85 throw new Error(`entropy must be 32 length Buffer, got "${typeof entropy}"`);
86 }
87
88 const inner = sha3(Buffer.concat([randomBuffer(32), entropy]));
89 const middle = Buffer.concat([randomBuffer(32), inner, randomBuffer(32)]);
90 return sha3(middle);
91}
92
93/**
94 * Get address by public key.
95 *
96 * @param publicKey {Buffer}
97 * @return {Buffer}
98 *
99 * @example
100 * > privateKeyToAddress(Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1]))
101 <Buffer 4c 6f a3 22 12 5f a3 1a 42 cb dd a8 73 0d 4c f0 20 0d 72 db>
102 */
103function publicKeyToAddress(publicKey) {
104 return sha3(publicKey).slice(-20);
105}
106
107/**
108 * Get address by private key.
109 *
110 * @param privateKey {Buffer}
111 * @return {Buffer}
112 *
113 * @example
114 * > privateKeyToAddress(Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1]))
115 <Buffer 0d b9 e0 02 85 67 52 28 8b ef 47 60 fa 67 94 ec 83 a8 53 b9>
116 */
117function privateKeyToAddress(privateKey) {
118 const publicKey = secp256k1.publicKeyCreate(privateKey, false).slice(1);
119 return publicKeyToAddress(publicKey);
120}
121
122/**
123 * Sign ecdsa
124 *
125 * @param hash {Buffer}
126 * @param privateKey {Buffer}
127 * @return {object} ECDSA signature object.
128 * - r {Buffer}
129 * - s {Buffer}
130 * - v {number}
131 *
132 * @example
133 * > privateKey = Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1]);
134 * > buffer32 = Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31])
135 * > ecdsaSign(buffer32, privateKey)
136 {
137 r: <Buffer 21 ab b4 c3 fd 51 75 81 e6 c7 e7 e0 7f 40 4f a2 2c ba 8d 8f 71 27 0b 29 58 42 b8 3c 44 b5 a4 c6>,
138 s: <Buffer 08 59 7b 69 8f 8f 3c c2 ba 0b 45 ee a7 7f 55 29 ad f9 5c a5 51 41 e7 9b 56 53 77 3d 00 5d 18 58>,
139 v: 0
140 }
141 */
142function ecdsaSign(hash, privateKey) {
143 const sig = secp256k1.sign(hash, privateKey);
144 return {
145 r: sig.signature.slice(0, 32),
146 s: sig.signature.slice(32, 64),
147 v: sig.recovery,
148 };
149}
150
151/**
152 * Recover ecdsa
153 *
154 * @param hash {Buffer}
155 * @param options {object}
156 * @param options.r {Buffer}
157 * @param options.s {Buffer}
158 * @param options.v {number}
159 * @return {Buffer} publicKey
160 *
161 * @example
162 * > privateKey = Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1])
163 * > buffer32 = Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31])
164 * > privateKeyToAddress(privateKey)
165 <Buffer 0d b9 e0 02 85 67 52 28 8b ef 47 60 fa 67 94 ec 83 a8 53 b9>
166 * > publicKeyToAddress(ecdsaRecover(buffer32, ecdsaSign(buffer32, privateKey)))
167 <Buffer 0d b9 e0 02 85 67 52 28 8b ef 47 60 fa 67 94 ec 83 a8 53 b9>
168 */
169function ecdsaRecover(hash, { r, s, v }) {
170 const senderPublic = secp256k1.recover(hash, Buffer.concat([r, s]), v);
171 return secp256k1.publicKeyConvert(senderPublic, false).slice(1);
172}
173
174// ----------------------------------------------------------------------------
175// /**
176// * @param key {Buffer}
177// * @param password {Buffer}
178// * @return {object} Encrypt info
179// * - salt {Buffer}
180// * - iv {Buffer}
181// * - cipher {Buffer}
182// * - mac {Buffer}
183// */
184// function encrypt(key, password) {
185// const salt = randomBuffer(32);
186// const iv = randomBuffer(16);
187// const derived = scryptJs(password, salt, 8192, 8, 1, 32);
188// const cipher = crypto.createCipheriv('aes-128-ctr', derived.slice(0, 16), iv).update(key);
189// const mac = sha3(Buffer.concat([derived.slice(16, 32), cipher]));
190// return { salt, iv, cipher, mac };
191// }
192
193// /**
194// * @param options
195// * @param options.salt {Buffer}
196// * @param options.iv {Buffer}
197// * @param options.cipher {Buffer}
198// * @param options.mac {Buffer}
199// * @param password {Buffer}
200// * @return {Buffer}
201// */
202// function decrypt({ salt, iv, cipher, mac }, password) {
203// const derived = scryptJs(password, salt, 8192, 8, 1, 32);
204// if (!sha3(Buffer.concat([derived.slice(16, 32), cipher])).equals(mac)) {
205// throw new Error('Key derivation failed, possibly wrong password!');
206// }
207// return crypto.createDecipheriv('aes-128-ctr', derived.slice(0, 16), iv).update(cipher);
208// }
209
210// ----------------------------------------------------------------------------
211module.exports = {
212 sha3,
213 rlpEncode,
214
215 randomBuffer,
216 randomPrivateKey,
217 publicKeyToAddress,
218 privateKeyToAddress,
219 ecdsaSign,
220 ecdsaRecover,
221
222 // encrypt,
223 // decrypt,
224};