UNPKG

js-conflux-sdk/src/utils/sign.js

Version:

6.51 kBJavaScriptView Raw

1const crypto = require('crypto');
2const keccak = require('keccak');
3const secp256k1 = require('secp256k1');
4// const scryptJs = require('scrypt.js'); // ^0.3.0. cause it's depends on python, might cause some problems
5
6// ----------------------------------------------------------------------------
7/**
8 * sha3
9 *
10 * @param buffer {Buffer}
11 * @return {Buffer}
12 *
13 * @example
14 * > sha3(Buffer.from(''))
15 <Buffer c5 d2 46 01 86 f7 23 3c 92 7e 7d b2 dc c7 03 c0 e5 00 b6 53 ca 82 27 3b 7b fa d8 04 5d 85 a4 70>
16 */
17function sha3(buffer) {
18  return keccak('keccak256').update(buffer).digest();
19}
20
21// ----------------------------------------------------------------------------
22/**
23 * gen a random buffer with `size` bytes.
24 *
25 * > Note: call `crypto.randomBytes`
26 *
27 * @param size {number}
28 * @return {Buffer}
29 *
30 * @example
31 * > randomBuffer(0)
32 <Buffer >
33 * > randomBuffer(1)
34 <Buffer 33>
35 * > randomBuffer(1)
36 <Buffer 5a>
37 */
38function randomBuffer(size) {
39  return crypto.randomBytes(size);
40}
41
42/**
43 * Gen a random PrivateKey buffer.
44 *
45 * @param entropy {Buffer}
46 * @return {Buffer}
47 *
48 * @example
49 * > randomPrivateKey()
50 <Buffer 23 fb 3b 2b 1f c9 36 8c a4 8e 5b dc c7 a9 e2 bd 67 81 43 3b f2 3a cc da da ff a9 dd dd b6 08 d4>
51 * > randomPrivateKey()
52 <Buffer e7 5b 68 fb f9 50 19 94 07 80 d5 13 2e 40 a7 f9 a1 b0 5d 72 c8 86 ca d1 c6 59 cd a6 bf 37 cb 73>
53
54 * @example
55 * > entropy = randomBuffer(32)
56 * > randomPrivateKey(entropy)
57 <Buffer 57 90 e8 3d 16 10 02 b9 a4 33 87 e1 6b cd 40 7e f7 22 b1 d8 94 ae 98 bf 76 a4 56 fb b6 0c 4b 4a>
58 * > randomPrivateKey(entropy) // same `entropy`
59 <Buffer 89 44 ef 31 d4 9c d0 25 9f b0 de 61 99 12 4a 21 57 43 d4 4b af ae ef ae e1 3a ba 05 c3 e6 ad 21>
60 */
61function randomPrivateKey(entropy = randomBuffer(32)) {
62  if (!(Buffer.isBuffer(entropy) && entropy.length === 32)) {
63    throw new Error(`entropy must be 32 length Buffer, got "${typeof entropy}"`);
64  }
65
66  const inner = sha3(Buffer.concat([randomBuffer(32), entropy]));
67  const middle = Buffer.concat([randomBuffer(32), inner, randomBuffer(32)]);
68  return sha3(middle);
69}
70
71/**
72 * Get address by public key.
73 *
74 * @param publicKey {Buffer}
75 * @return {Buffer}
76 *
77 * @example
78 * > privateKeyToAddress(Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1]))
79 <Buffer 4c 6f a3 22 12 5f a3 1a 42 cb dd a8 73 0d 4c f0 20 0d 72 db>
80 */
81function publicKeyToAddress(publicKey) {
82  return sha3(publicKey).slice(-20);
83}
84
85/**
86 * Get address by private key.
87 *
88 * @param privateKey {Buffer}
89 * @return {Buffer}
90 *
91 * @example
92 * > privateKeyToAddress(Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1]))
93 <Buffer 0d b9 e0 02 85 67 52 28 8b ef 47 60 fa 67 94 ec 83 a8 53 b9>
94 */
95function privateKeyToAddress(privateKey) {
96  const publicKey = secp256k1.publicKeyCreate(privateKey, false).slice(1);
97  return publicKeyToAddress(publicKey);
98}
99
100/**
101 * Sign ecdsa
102 *
103 * @param hash {Buffer}
104 * @param privateKey {Buffer}
105 * @return {object} ECDSA signature object.
106 * - r {Buffer}
107 * - s {Buffer}
108 * - v {number}
109 *
110 * @example
111 * > privateKey = Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1]);
112 * > buffer32 = Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31])
113 * > ecdsaSign(buffer32, privateKey)
114 {
115  r: <Buffer 21 ab b4 c3 fd 51 75 81 e6 c7 e7 e0 7f 40 4f a2 2c ba 8d 8f 71 27 0b 29 58 42 b8 3c 44 b5 a4 c6>,
116  s: <Buffer 08 59 7b 69 8f 8f 3c c2 ba 0b 45 ee a7 7f 55 29 ad f9 5c a5 51 41 e7 9b 56 53 77 3d 00 5d 18 58>,
117  v: 0
118 }
119 */
120function ecdsaSign(hash, privateKey) {
121  const sig = secp256k1.sign(hash, privateKey);
122  return {
123    r: sig.signature.slice(0, 32),
124    s: sig.signature.slice(32, 64),
125    v: sig.recovery,
126  };
127}
128
129/**
130 * Recover ecdsa
131 *
132 * @param hash {Buffer}
133 * @param options {object}
134 * @param options.r {Buffer}
135 * @param options.s {Buffer}
136 * @param options.v {number}
137 * @return {Buffer} publicKey
138 *
139 * @example
140 * > privateKey = Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1])
141 * > buffer32 = Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31])
142 * > privateKeyToAddress(privateKey)
143 <Buffer 0d b9 e0 02 85 67 52 28 8b ef 47 60 fa 67 94 ec 83 a8 53 b9>
144 * > publicKeyToAddress(ecdsaRecover(buffer32, ecdsaSign(buffer32, privateKey)))
145 <Buffer 0d b9 e0 02 85 67 52 28 8b ef 47 60 fa 67 94 ec 83 a8 53 b9>
146 */
147function ecdsaRecover(hash, { r, s, v }) {
148  const senderPublic = secp256k1.recover(hash, Buffer.concat([r, s]), v);
149  return secp256k1.publicKeyConvert(senderPublic, false).slice(1);
150}
151
152// ----------------------------------------------------------------------------
153// /**
154//  * @param key {Buffer}
155//  * @param password {Buffer}
156//  * @return {object} Encrypt info
157//  * - salt {Buffer}
158//  * - iv {Buffer}
159//  * - cipher {Buffer}
160//  * - mac {Buffer}
161//  */
162// function encrypt(key, password) {
163//   const salt = randomBuffer(32);
164//   const iv = randomBuffer(16);
165//   const derived = scryptJs(password, salt, 8192, 8, 1, 32);
166//   const cipher = crypto.createCipheriv('aes-128-ctr', derived.slice(0, 16), iv).update(key);
167//   const mac = sha3(Buffer.concat([derived.slice(16, 32), cipher]));
168//   return { salt, iv, cipher, mac };
169// }
170
171// /**
172//  * @param options
173//  * @param options.salt {Buffer}
174//  * @param options.iv {Buffer}
175//  * @param options.cipher {Buffer}
176//  * @param options.mac {Buffer}
177//  * @param password {Buffer}
178//  * @return {Buffer}
179//  */
180// function decrypt({ salt, iv, cipher, mac }, password) {
181//   const derived = scryptJs(password, salt, 8192, 8, 1, 32);
182//   if (!sha3(Buffer.concat([derived.slice(16, 32), cipher])).equals(mac)) {
183//     throw new Error('Key derivation failed, possibly wrong password!');
184//   }
185//   return crypto.createDecipheriv('aes-128-ctr', derived.slice(0, 16), iv).update(cipher);
186// }
187
188// ----------------------------------------------------------------------------
189module.exports = {
190  sha3,
191  randomBuffer,
192  randomPrivateKey,
193  publicKeyToAddress,
194  privateKeyToAddress,
195  ecdsaSign,
196  ecdsaRecover,
197  // encrypt,
198  // decrypt,
199};

1	`const crypto = require('crypto');`
2	`const keccak = require('keccak');`
3	`const secp256k1 = require('secp256k1');`
4	`// const scryptJs = require('scrypt.js'); // ^0.3.0. cause it's depends on python, might cause some problems`
5
6	`// ----------------------------------------------------------------------------`
7	`/**`
8	`* sha3`
9	`*`
10	`* @param buffer {Buffer}`
11	`* @return {Buffer}`
12	`*`
13	`* @example`
14	`* > sha3(Buffer.from(''))`
15	`<Buffer c5 d2 46 01 86 f7 23 3c 92 7e 7d b2 dc c7 03 c0 e5 00 b6 53 ca 82 27 3b 7b fa d8 04 5d 85 a4 70>`
16	`*/`
17	`function sha3(buffer) {`
18	`return keccak('keccak256').update(buffer).digest();`
19	`}`
20
21	`// ----------------------------------------------------------------------------`
22	`/**`
23	* gen a random buffer with `size` bytes.
24	`*`
25	* > Note: call `crypto.randomBytes`
26	`*`
27	`* @param size {number}`
28	`* @return {Buffer}`
29	`*`
30	`* @example`
31	`* > randomBuffer(0)`
32	`<Buffer >`
33	`* > randomBuffer(1)`
34	`<Buffer 33>`
35	`* > randomBuffer(1)`
36	`<Buffer 5a>`
37	`*/`
38	`function randomBuffer(size) {`
39	`return crypto.randomBytes(size);`
40	`}`
41
42	`/**`
43	`* Gen a random PrivateKey buffer.`
44	`*`
45	`* @param entropy {Buffer}`
46	`* @return {Buffer}`
47	`*`
48	`* @example`
49	`* > randomPrivateKey()`
50	`<Buffer 23 fb 3b 2b 1f c9 36 8c a4 8e 5b dc c7 a9 e2 bd 67 81 43 3b f2 3a cc da da ff a9 dd dd b6 08 d4>`
51	`* > randomPrivateKey()`
52	`<Buffer e7 5b 68 fb f9 50 19 94 07 80 d5 13 2e 40 a7 f9 a1 b0 5d 72 c8 86 ca d1 c6 59 cd a6 bf 37 cb 73>`
53
54	`* @example`
55	`* > entropy = randomBuffer(32)`
56	`* > randomPrivateKey(entropy)`
57	`<Buffer 57 90 e8 3d 16 10 02 b9 a4 33 87 e1 6b cd 40 7e f7 22 b1 d8 94 ae 98 bf 76 a4 56 fb b6 0c 4b 4a>`
58	* > randomPrivateKey(entropy) // same `entropy`
59	`<Buffer 89 44 ef 31 d4 9c d0 25 9f b0 de 61 99 12 4a 21 57 43 d4 4b af ae ef ae e1 3a ba 05 c3 e6 ad 21>`
60	`*/`
61	`function randomPrivateKey(entropy = randomBuffer(32)) {`
62	`if (!(Buffer.isBuffer(entropy) && entropy.length === 32)) {`
63	throw new Error(`entropy must be 32 length Buffer, got "${typeof entropy}"`);
64	`}`
65
66	`const inner = sha3(Buffer.concat([randomBuffer(32), entropy]));`
67	`const middle = Buffer.concat([randomBuffer(32), inner, randomBuffer(32)]);`
68	`return sha3(middle);`
69	`}`
70
71	`/**`
72	`* Get address by public key.`
73	`*`
74	`* @param publicKey {Buffer}`
75	`* @return {Buffer}`
76	`*`
77	`* @example`
78	`* > privateKeyToAddress(Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1]))`
79	`<Buffer 4c 6f a3 22 12 5f a3 1a 42 cb dd a8 73 0d 4c f0 20 0d 72 db>`
80	`*/`
81	`function publicKeyToAddress(publicKey) {`
82	`return sha3(publicKey).slice(-20);`
83	`}`
84
85	`/**`
86	`* Get address by private key.`
87	`*`
88	`* @param privateKey {Buffer}`
89	`* @return {Buffer}`
90	`*`
91	`* @example`
92	`* > privateKeyToAddress(Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1]))`
93	`<Buffer 0d b9 e0 02 85 67 52 28 8b ef 47 60 fa 67 94 ec 83 a8 53 b9>`
94	`*/`
95	`function privateKeyToAddress(privateKey) {`
96	`const publicKey = secp256k1.publicKeyCreate(privateKey, false).slice(1);`
97	`return publicKeyToAddress(publicKey);`
98	`}`
99
100	`/**`
101	`* Sign ecdsa`
102	`*`
103	`* @param hash {Buffer}`
104	`* @param privateKey {Buffer}`
105	`* @return {object} ECDSA signature object.`
106	`* - r {Buffer}`
107	`* - s {Buffer}`
108	`* - v {number}`
109	`*`
110	`* @example`
111	`* > privateKey = Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1]);`
112	`* > buffer32 = Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31])`
113	`* > ecdsaSign(buffer32, privateKey)`
114	`{`
115	`r: <Buffer 21 ab b4 c3 fd 51 75 81 e6 c7 e7 e0 7f 40 4f a2 2c ba 8d 8f 71 27 0b 29 58 42 b8 3c 44 b5 a4 c6>,`
116	`s: <Buffer 08 59 7b 69 8f 8f 3c c2 ba 0b 45 ee a7 7f 55 29 ad f9 5c a5 51 41 e7 9b 56 53 77 3d 00 5d 18 58>,`
117	`v: 0`
118	`}`
119	`*/`
120	`function ecdsaSign(hash, privateKey) {`
121	`const sig = secp256k1.sign(hash, privateKey);`
122	`return {`
123	`r: sig.signature.slice(0, 32),`
124	`s: sig.signature.slice(32, 64),`
125	`v: sig.recovery,`
126	`};`
127	`}`
128
129	`/**`
130	`* Recover ecdsa`
131	`*`
132	`* @param hash {Buffer}`
133	`* @param options {object}`
134	`* @param options.r {Buffer}`
135	`* @param options.s {Buffer}`
136	`* @param options.v {number}`
137	`* @return {Buffer} publicKey`
138	`*`
139	`* @example`
140	`* > privateKey = Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1])`
141	`* > buffer32 = Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31])`
142	`* > privateKeyToAddress(privateKey)`
143	`<Buffer 0d b9 e0 02 85 67 52 28 8b ef 47 60 fa 67 94 ec 83 a8 53 b9>`
144	`* > publicKeyToAddress(ecdsaRecover(buffer32, ecdsaSign(buffer32, privateKey)))`
145	`<Buffer 0d b9 e0 02 85 67 52 28 8b ef 47 60 fa 67 94 ec 83 a8 53 b9>`
146	`*/`
147	`function ecdsaRecover(hash, { r, s, v }) {`
148	`const senderPublic = secp256k1.recover(hash, Buffer.concat([r, s]), v);`
149	`return secp256k1.publicKeyConvert(senderPublic, false).slice(1);`
150	`}`
151
152	`// ----------------------------------------------------------------------------`
153	`// /**`
154	`// * @param key {Buffer}`
155	`// * @param password {Buffer}`
156	`// * @return {object} Encrypt info`
157	`// * - salt {Buffer}`
158	`// * - iv {Buffer}`
159	`// * - cipher {Buffer}`
160	`// * - mac {Buffer}`
161	`// */`
162	`// function encrypt(key, password) {`
163	`// const salt = randomBuffer(32);`
164	`// const iv = randomBuffer(16);`
165	`// const derived = scryptJs(password, salt, 8192, 8, 1, 32);`
166	`// const cipher = crypto.createCipheriv('aes-128-ctr', derived.slice(0, 16), iv).update(key);`
167	`// const mac = sha3(Buffer.concat([derived.slice(16, 32), cipher]));`
168	`// return { salt, iv, cipher, mac };`
169	`// }`
170
171	`// /**`
172	`// * @param options`
173	`// * @param options.salt {Buffer}`
174	`// * @param options.iv {Buffer}`
175	`// * @param options.cipher {Buffer}`
176	`// * @param options.mac {Buffer}`
177	`// * @param password {Buffer}`
178	`// * @return {Buffer}`
179	`// */`
180	`// function decrypt({ salt, iv, cipher, mac }, password) {`
181	`// const derived = scryptJs(password, salt, 8192, 8, 1, 32);`
182	`// if (!sha3(Buffer.concat([derived.slice(16, 32), cipher])).equals(mac)) {`
183	`// throw new Error('Key derivation failed, possibly wrong password!');`
184	`// }`
185	`// return crypto.createDecipheriv('aes-128-ctr', derived.slice(0, 16), iv).update(cipher);`
186	`// }`
187
188	`// ----------------------------------------------------------------------------`
189	`module.exports = {`
190	`sha3,`
191	`randomBuffer,`
192	`randomPrivateKey,`
193	`publicKeyToAddress,`
194	`privateKeyToAddress,`
195	`ecdsaSign,`
196	`ecdsaRecover,`
197	`// encrypt,`
198	`// decrypt,`
199	`};`