PHP WebShell
Текущая директория: /opt/BitGoJS/modules/sdk-core/dist/src/bitgo
Просмотр файла: ecdh.js
"use strict";
/**
* @prettier
*
* Utility methods for Ellipic-Curve Diffie-Hellman (ECDH) shared secret generation
*
* > Elliptic-curve Diffie–Hellman (ECDH) is a key agreement protocol that allows two parties, each having an
* > elliptic-curve public–private key pair, to establish a shared secret over an insecure channel.
* > This shared secret may be directly used as a key, or to derive another key. The key, or the derived key, can then
* > be used to encrypt subsequent communications using a symmetric-key cipher. It is a variant of the Diffie–Hellman
* > protocol using elliptic-curve cryptography.
*
* https://en.wikipedia.org/wiki/Elliptic-curve_Diffie%E2%80%93Hellman
*/
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
})();
Object.defineProperty(exports, "__esModule", { value: true });
exports.getSharedSecret = getSharedSecret;
exports.signMessageWithDerivedEcdhKey = signMessageWithDerivedEcdhKey;
exports.verifyEcdhSignature = verifyEcdhSignature;
const assert = __importStar(require("assert"));
const secp256k1 = __importStar(require("secp256k1"));
const utxo_lib_1 = require("@bitgo/utxo-lib");
/**
* Calculate the Elliptic Curve Diffie Hellman
* @param privateKey HDNode of private key
* @param publicKey [neutered] HDNode of public key
* @returns Buffer public key buffer that can be used as shared secret (see note)
*/
function getSharedSecret(privateKey, publicKey) {
function isBIP32Interface(k) {
return k.constructor.name === 'BIP32';
}
function isECPairInterface(k) {
return k.constructor.name === 'ECPair';
}
if (isBIP32Interface(privateKey)) {
if (!privateKey.privateKey) {
throw new Error(`privateNode must be private key`);
}
privateKey = privateKey.privateKey;
}
else if (isECPairInterface(privateKey)) {
if (privateKey.privateKey === undefined || !Buffer.isBuffer(privateKey.privateKey)) {
throw new Error(`unexpected ECPair`);
}
privateKey = privateKey.privateKey;
}
if (!Buffer.isBuffer(publicKey)) {
publicKey = publicKey.publicKey;
}
if (!Buffer.isBuffer(privateKey) || !Buffer.isBuffer(publicKey)) {
throw new Error(`invalid state`);
}
assert.strictEqual(privateKey.length, 32);
assert.strictEqual(publicKey.length, 33);
// FIXME(BG-34386): we should use `secp256k1.ecdh()` in the future
// see discussion here https://github.com/bitcoin-core/secp256k1/issues/352
const buffer = Buffer.from(secp256k1.publicKeyTweakMul(publicKey, privateKey))
// remove leading parity bit
.slice(1);
assert.strictEqual(buffer.length, 32);
return buffer;
}
/**
Signs a message using a given ecdh xprv at a given path
*/
function signMessageWithDerivedEcdhKey(message, xprv, path) {
return utxo_lib_1.bip32.fromBase58(xprv).derivePath(path).sign(Buffer.from(message));
}
/**
Verifies if a message was signed using the given ecdh key
@param message message to verify
@param signature hex encoded signature used to sign the message
@param ecdhXpub pubkey/derived pubkey of ecdh keychain used to sign
*/
function verifyEcdhSignature(message, signature, ecdhXpub) {
const ecPairInterface = utxo_lib_1.ECPair.fromPublicKey(ecdhXpub);
return ecPairInterface.verify(Buffer.from(message), Buffer.from(signature, 'hex'));
}
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZWNkaC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9iaXRnby9lY2RoLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQTs7Ozs7Ozs7Ozs7O0dBWUc7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBWUgsMENBd0NDO0FBS0Qsc0VBRUM7QUFRRCxrREFHQztBQXBFRCwrQ0FBaUM7QUFDakMscURBQXVDO0FBQ3ZDLDhDQUFpRjtBQUVqRjs7Ozs7R0FLRztBQUNILFNBQWdCLGVBQWUsQ0FDN0IsVUFBcUQsRUFDckQsU0FBa0M7SUFFbEMsU0FBUyxnQkFBZ0IsQ0FBQyxDQUFNO1FBQzlCLE9BQU8sQ0FBQyxDQUFDLFdBQVcsQ0FBQyxJQUFJLEtBQUssT0FBTyxDQUFDO0lBQ3hDLENBQUM7SUFDRCxTQUFTLGlCQUFpQixDQUFDLENBQU07UUFDL0IsT0FBTyxDQUFDLENBQUMsV0FBVyxDQUFDLElBQUksS0FBSyxRQUFRLENBQUM7SUFDekMsQ0FBQztJQUNELElBQUksZ0JBQWdCLENBQUMsVUFBVSxDQUFDLEVBQUUsQ0FBQztRQUNqQyxJQUFJLENBQUMsVUFBVSxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBQzNCLE1BQU0sSUFBSSxLQUFLLENBQUMsaUNBQWlDLENBQUMsQ0FBQztRQUNyRCxDQUFDO1FBQ0QsVUFBVSxHQUFHLFVBQVUsQ0FBQyxVQUFVLENBQUM7SUFDckMsQ0FBQztTQUFNLElBQUksaUJBQWlCLENBQUMsVUFBVSxDQUFDLEVBQUUsQ0FBQztRQUN6QyxJQUFJLFVBQVUsQ0FBQyxVQUFVLEtBQUssU0FBUyxJQUFJLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxVQUFVLENBQUMsVUFBVSxDQUFDLEVBQUUsQ0FBQztZQUNuRixNQUFNLElBQUksS0FBSyxDQUFDLG1CQUFtQixDQUFDLENBQUM7UUFDdkMsQ0FBQztRQUNELFVBQVUsR0FBRyxVQUFVLENBQUMsVUFBVSxDQUFDO0lBQ3JDLENBQUM7SUFFRCxJQUFJLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDO1FBQ2hDLFNBQVMsR0FBRyxTQUFTLENBQUMsU0FBUyxDQUFDO0lBQ2xDLENBQUM7SUFFRCxJQUFJLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQztRQUNoRSxNQUFNLElBQUksS0FBSyxDQUFDLGVBQWUsQ0FBQyxDQUFDO0lBQ25DLENBQUM7SUFFRCxNQUFNLENBQUMsV0FBVyxDQUFDLFVBQVUsQ0FBQyxNQUFNLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFDMUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxTQUFTLENBQUMsTUFBTSxFQUFFLEVBQUUsQ0FBQyxDQUFDO0lBRXpDLGtFQUFrRTtJQUNsRSw0RkFBNEY7SUFDNUYsTUFBTSxNQUFNLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsaUJBQWlCLENBQUMsU0FBUyxFQUFFLFVBQVUsQ0FBQyxDQUFDO1FBQzVFLDRCQUE0QjtTQUMzQixLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDWixNQUFNLENBQUMsV0FBVyxDQUFDLE1BQU0sQ0FBQyxNQUFNLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFDdEMsT0FBTyxNQUFNLENBQUM7QUFDaEIsQ0FBQztBQUVEOztHQUVHO0FBQ0gsU0FBZ0IsNkJBQTZCLENBQUMsT0FBZSxFQUFFLElBQVksRUFBRSxJQUFZO0lBQ3ZGLE9BQU8sZ0JBQUssQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUM7QUFDNUUsQ0FBQztBQUVEOzs7OztHQUtHO0FBQ0gsU0FBZ0IsbUJBQW1CLENBQUMsT0FBZSxFQUFFLFNBQWlCLEVBQUUsUUFBZ0I7SUFDdEYsTUFBTSxlQUFlLEdBQUcsaUJBQU0sQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLENBQUM7SUFDdkQsT0FBTyxlQUFlLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxTQUFTLEVBQUUsS0FBSyxDQUFDLENBQUMsQ0FBQztBQUNyRixDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLyoqXG4gKiBAcHJldHRpZXJcbiAqXG4gKiBVdGlsaXR5IG1ldGhvZHMgZm9yIEVsbGlwaWMtQ3VydmUgRGlmZmllLUhlbGxtYW4gKEVDREgpIHNoYXJlZCBzZWNyZXQgZ2VuZXJhdGlvblxuICpcbiAqID4gRWxsaXB0aWMtY3VydmUgRGlmZmll4oCTSGVsbG1hbiAoRUNESCkgaXMgYSBrZXkgYWdyZWVtZW50IHByb3RvY29sIHRoYXQgYWxsb3dzIHR3byBwYXJ0aWVzLCBlYWNoIGhhdmluZyBhblxuICogPiBlbGxpcHRpYy1jdXJ2ZSBwdWJsaWPigJNwcml2YXRlIGtleSBwYWlyLCB0byBlc3RhYmxpc2ggYSBzaGFyZWQgc2VjcmV0IG92ZXIgYW4gaW5zZWN1cmUgY2hhbm5lbC5cbiAqID4gVGhpcyBzaGFyZWQgc2VjcmV0IG1heSBiZSBkaXJlY3RseSB1c2VkIGFzIGEga2V5LCBvciB0byBkZXJpdmUgYW5vdGhlciBrZXkuIFRoZSBrZXksIG9yIHRoZSBkZXJpdmVkIGtleSwgY2FuIHRoZW5cbiAqID4gYmUgdXNlZCB0byBlbmNyeXB0IHN1YnNlcXVlbnQgY29tbXVuaWNhdGlvbnMgdXNpbmcgYSBzeW1tZXRyaWMta2V5IGNpcGhlci4gSXQgaXMgYSB2YXJpYW50IG9mIHRoZSBEaWZmaWXigJNIZWxsbWFuXG4gKiA+IHByb3RvY29sIHVzaW5nIGVsbGlwdGljLWN1cnZlIGNyeXB0b2dyYXBoeS5cbiAqXG4gKiBodHRwczovL2VuLndpa2lwZWRpYS5vcmcvd2lraS9FbGxpcHRpYy1jdXJ2ZV9EaWZmaWUlRTIlODAlOTNIZWxsbWFuXG4gKi9cblxuaW1wb3J0ICogYXMgYXNzZXJ0IGZyb20gJ2Fzc2VydCc7XG5pbXBvcnQgKiBhcyBzZWNwMjU2azEgZnJvbSAnc2VjcDI1NmsxJztcbmltcG9ydCB7IEVDUGFpckludGVyZmFjZSwgQklQMzJJbnRlcmZhY2UsIGJpcDMyLCBFQ1BhaXIgfSBmcm9tICdAYml0Z28vdXR4by1saWInO1xuXG4vKipcbiAqIENhbGN1bGF0ZSB0aGUgRWxsaXB0aWMgQ3VydmUgRGlmZmllIEhlbGxtYW5cbiAqIEBwYXJhbSBwcml2YXRlS2V5IEhETm9kZSBvZiBwcml2YXRlIGtleVxuICogQHBhcmFtIHB1YmxpY0tleSBbbmV1dGVyZWRdIEhETm9kZSBvZiBwdWJsaWMga2V5XG4gKiBAcmV0dXJucyBCdWZmZXIgcHVibGljIGtleSBidWZmZXIgdGhhdCBjYW4gYmUgdXNlZCBhcyBzaGFyZWQgc2VjcmV0IChzZWUgbm90ZSlcbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGdldFNoYXJlZFNlY3JldChcbiAgcHJpdmF0ZUtleTogQklQMzJJbnRlcmZhY2UgfCBFQ1BhaXJJbnRlcmZhY2UgfCBCdWZmZXIsXG4gIHB1YmxpY0tleTogQklQMzJJbnRlcmZhY2UgfCBCdWZmZXJcbik6IEJ1ZmZlciB7XG4gIGZ1bmN0aW9uIGlzQklQMzJJbnRlcmZhY2UoazogYW55KTogayBpcyBCSVAzMkludGVyZmFjZSB7XG4gICAgcmV0dXJuIGsuY29uc3RydWN0b3IubmFtZSA9PT0gJ0JJUDMyJztcbiAgfVxuICBmdW5jdGlvbiBpc0VDUGFpckludGVyZmFjZShrOiBhbnkpOiBrIGlzIEVDUGFpckludGVyZmFjZSB7XG4gICAgcmV0dXJuIGsuY29uc3RydWN0b3IubmFtZSA9PT0gJ0VDUGFpcic7XG4gIH1cbiAgaWYgKGlzQklQMzJJbnRlcmZhY2UocHJpdmF0ZUtleSkpIHtcbiAgICBpZiAoIXByaXZhdGVLZXkucHJpdmF0ZUtleSkge1xuICAgICAgdGhyb3cgbmV3IEVycm9yKGBwcml2YXRlTm9kZSBtdXN0IGJlIHByaXZhdGUga2V5YCk7XG4gICAgfVxuICAgIHByaXZhdGVLZXkgPSBwcml2YXRlS2V5LnByaXZhdGVLZXk7XG4gIH0gZWxzZSBpZiAoaXNFQ1BhaXJJbnRlcmZhY2UocHJpdmF0ZUtleSkpIHtcbiAgICBpZiAocHJpdmF0ZUtleS5wcml2YXRlS2V5ID09PSB1bmRlZmluZWQgfHwgIUJ1ZmZlci5pc0J1ZmZlcihwcml2YXRlS2V5LnByaXZhdGVLZXkpKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoYHVuZXhwZWN0ZWQgRUNQYWlyYCk7XG4gICAgfVxuICAgIHByaXZhdGVLZXkgPSBwcml2YXRlS2V5LnByaXZhdGVLZXk7XG4gIH1cblxuICBpZiAoIUJ1ZmZlci5pc0J1ZmZlcihwdWJsaWNLZXkpKSB7XG4gICAgcHVibGljS2V5ID0gcHVibGljS2V5LnB1YmxpY0tleTtcbiAgfVxuXG4gIGlmICghQnVmZmVyLmlzQnVmZmVyKHByaXZhdGVLZXkpIHx8ICFCdWZmZXIuaXNCdWZmZXIocHVibGljS2V5KSkge1xuICAgIHRocm93IG5ldyBFcnJvcihgaW52YWxpZCBzdGF0ZWApO1xuICB9XG5cbiAgYXNzZXJ0LnN0cmljdEVxdWFsKHByaXZhdGVLZXkubGVuZ3RoLCAzMik7XG4gIGFzc2VydC5zdHJpY3RFcXVhbChwdWJsaWNLZXkubGVuZ3RoLCAzMyk7XG5cbiAgLy8gRklYTUUoQkctMzQzODYpOiB3ZSBzaG91bGQgdXNlIGBzZWNwMjU2azEuZWNkaCgpYCBpbiB0aGUgZnV0dXJlXG4gIC8vICAgICAgICAgICAgICAgICAgc2VlIGRpc2N1c3Npb24gaGVyZSBodHRwczovL2dpdGh1Yi5jb20vYml0Y29pbi1jb3JlL3NlY3AyNTZrMS9pc3N1ZXMvMzUyXG4gIGNvbnN0IGJ1ZmZlciA9IEJ1ZmZlci5mcm9tKHNlY3AyNTZrMS5wdWJsaWNLZXlUd2Vha011bChwdWJsaWNLZXksIHByaXZhdGVLZXkpKVxuICAgIC8vIHJlbW92ZSBsZWFkaW5nIHBhcml0eSBiaXRcbiAgICAuc2xpY2UoMSk7XG4gIGFzc2VydC5zdHJpY3RFcXVhbChidWZmZXIubGVuZ3RoLCAzMik7XG4gIHJldHVybiBidWZmZXI7XG59XG5cbi8qKlxuIFNpZ25zIGEgbWVzc2FnZSB1c2luZyBhIGdpdmVuIGVjZGggeHBydiBhdCBhIGdpdmVuIHBhdGhcbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIHNpZ25NZXNzYWdlV2l0aERlcml2ZWRFY2RoS2V5KG1lc3NhZ2U6IHN0cmluZywgeHBydjogc3RyaW5nLCBwYXRoOiBzdHJpbmcpOiBCdWZmZXIge1xuICByZXR1cm4gYmlwMzIuZnJvbUJhc2U1OCh4cHJ2KS5kZXJpdmVQYXRoKHBhdGgpLnNpZ24oQnVmZmVyLmZyb20obWVzc2FnZSkpO1xufVxuXG4vKipcbiBWZXJpZmllcyBpZiBhIG1lc3NhZ2Ugd2FzIHNpZ25lZCB1c2luZyB0aGUgZ2l2ZW4gZWNkaCBrZXlcbiBAcGFyYW0gbWVzc2FnZSBtZXNzYWdlIHRvIHZlcmlmeVxuIEBwYXJhbSBzaWduYXR1cmUgaGV4IGVuY29kZWQgc2lnbmF0dXJlIHVzZWQgdG8gc2lnbiB0aGUgbWVzc2FnZVxuIEBwYXJhbSBlY2RoWHB1YiBwdWJrZXkvZGVyaXZlZCBwdWJrZXkgb2YgZWNkaCBrZXljaGFpbiB1c2VkIHRvIHNpZ25cbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIHZlcmlmeUVjZGhTaWduYXR1cmUobWVzc2FnZTogc3RyaW5nLCBzaWduYXR1cmU6IHN0cmluZywgZWNkaFhwdWI6IEJ1ZmZlcik6IGJvb2xlYW4ge1xuICBjb25zdCBlY1BhaXJJbnRlcmZhY2UgPSBFQ1BhaXIuZnJvbVB1YmxpY0tleShlY2RoWHB1Yik7XG4gIHJldHVybiBlY1BhaXJJbnRlcmZhY2UudmVyaWZ5KEJ1ZmZlci5mcm9tKG1lc3NhZ2UpLCBCdWZmZXIuZnJvbShzaWduYXR1cmUsICdoZXgnKSk7XG59XG4iXX0=Выполнить команду
Для локальной разработки. Не используйте в интернете!