@digitaldefiance/ecies-lib 1.1.23 → 1.1.24

package/src/services/ecies/signature.ts

@@ -0,0 +1,93 @@
+import { secp256k1 } from '@noble/curves/secp256k1.js';
+import { sha256 } from '@noble/hashes/sha2.js';
+import { SignatureString, SignatureUint8Array } from '../../types';
+import { uint8ArrayToHex } from '../../utils';
+import { EciesCryptoCore } from './crypto-core';
+
+/**
+ * Browser-compatible ECDSA signature operations
+ */
+export class EciesSignature {
+  private readonly cryptoCore: EciesCryptoCore;
+
+  constructor(cryptoCore: EciesCryptoCore) {
+    this.cryptoCore = cryptoCore;
+  }
+
+  /**
+   * Sign arbitrary binary data with a secp256k1 private key.
+   * Returns 64 bytes: [r(32) | s(32)]
+   */
+  public signMessage(
+    privateKey: Uint8Array,
+    data: Uint8Array,
+  ): SignatureUint8Array {
+    const hash = sha256(data);
+    // Use deterministic signatures (RFC 6979) for consistency
+    const signature = secp256k1.sign(hash, privateKey, {
+      format: 'compact',
+      extraEntropy: false,
+    });
+    return signature as SignatureUint8Array;
+  }
+
+  /**
+   * Verify signature (64 bytes: [r|s]) over arbitrary binary data against a public key.
+   */
+  public verifyMessage(
+    publicKey: Uint8Array,
+    data: Uint8Array,
+    signature: SignatureUint8Array,
+  ): boolean {
+    try {
+      if (!signature || signature.length !== 64) return false;
+      const hash = sha256(data);
+      const normalizedPublicKey = this.cryptoCore.normalizePublicKey(publicKey);
+
+      // Try direct verification first
+      try {
+        const directResult = secp256k1.verify(
+          signature,
+          hash,
+          normalizedPublicKey,
+        );
+        if (directResult) return true;
+      } catch {
+        // Continue to alternative verification methods
+      }
+
+      // If direct verification fails, the signature might be from a different library
+      // that uses different nonce generation. Since we can't make @noble/curves
+      // verify signatures from ethereumjs-util directly, we'll return false here.
+      // The calling code should handle cross-platform verification at a higher level.
+
+      return false;
+    } catch (err) {
+      console.error('Signature verification failed:', err);
+      return false;
+    }
+  }
+
+  /**
+   * Convert signature string to signature Uint8Array
+   */
+  public signatureStringToSignatureUint8Array(
+    signatureString: SignatureString,
+  ): SignatureUint8Array {
+    const cleanHex = signatureString.replace(/^0x/, '');
+    const result = new Uint8Array(cleanHex.length / 2);
+    for (let i = 0; i < cleanHex.length; i += 2) {
+      result[i / 2] = parseInt(cleanHex.substring(i, i + 2), 16);
+    }
+    return result as SignatureUint8Array;
+  }
+
+  /**
+   * Convert signature buffer to signature string
+   */
+  public signatureUint8ArrayToSignatureString(
+    signatureArray: SignatureUint8Array,
+  ): SignatureString {
+    return uint8ArrayToHex(signatureArray) as SignatureString;
+  }
+}

package/src/services/ecies/single-recipient.ts

@@ -0,0 +1,340 @@
+import { IECIESConstants } from '../../interfaces/ecies-consts';
+import { Constants } from '../../constants';
+import {
+  EciesEncryptionType,
+  EciesEncryptionTypeEnum,
+} from '../../enumerations/ecies-encryption-type';
+import { IECIESConfig } from '../../interfaces/ecies-config';
+import { AESGCMService } from '../aes-gcm';
+
+import { EciesCryptoCore } from './crypto-core';
+import { IDecryptionResult, ISingleEncryptedParsedHeader } from './interfaces';
+import { EciesComponentId, getEciesI18nEngine } from '../../i18n-setup';
+import { EciesStringKey } from '../../enumerations';
+
+/**
+ * Browser-compatible single recipient ECIES encryption/decryption
+ */
+export class EciesSingleRecipient {
+  protected readonly cryptoCore: EciesCryptoCore;
+  protected readonly config: IECIESConfig;
+  protected readonly eciesConsts: IECIESConstants;
+
+  constructor(config: IECIESConfig, eciesParams: IECIESConstants = Constants.ECIES) {
+    this.config = config;
+    this.eciesConsts = eciesParams;
+    this.cryptoCore = new EciesCryptoCore(config, this.eciesConsts);
+  }
+
+  /**
+   * Encrypt a message for a single recipient
+   */
+  public async encrypt(
+    encryptSimple: boolean,
+    receiverPublicKey: Uint8Array,
+    message: Uint8Array,
+    preamble: Uint8Array = new Uint8Array(0),
+  ): Promise<Uint8Array> {
+    const encryptionType: EciesEncryptionType = encryptSimple
+      ? 'simple'
+      : 'single';
+    const encryptionTypeArray = new Uint8Array([
+      encryptionType === 'simple'
+        ? this.eciesConsts.ENCRYPTION_TYPE.SIMPLE
+        : this.eciesConsts.ENCRYPTION_TYPE.SINGLE,
+    ]);
+
+    if (message.length > this.eciesConsts.MAX_RAW_DATA_SIZE) {
+      const engine = getEciesI18nEngine();
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_MessageLengthExceedsMaximumAllowedSizeTemplate, {messageLength: message.length }));
+    }
+
+    // Generate ephemeral key pair
+    const ephemeralPrivateKey = this.cryptoCore.generatePrivateKey();
+    const ephemeralPublicKey =
+      this.cryptoCore.getPublicKey(ephemeralPrivateKey);
+
+    // Compute shared secret
+    const normalizedReceiverPublicKey =
+      this.cryptoCore.normalizePublicKey(receiverPublicKey);
+    const sharedSecret = this.cryptoCore.computeSharedSecret(
+      ephemeralPrivateKey,
+      normalizedReceiverPublicKey,
+    );
+
+    // Use first 32 bytes as symmetric key
+    const symKey = sharedSecret.slice(0, this.eciesConsts.SYMMETRIC.KEY_SIZE);
+
+    // Encrypt using AES-GCM
+    const encryptResult = await AESGCMService.encrypt(message, symKey, true, this.eciesConsts);
+    const { encrypted, iv } = encryptResult;
+    const authTag = encryptResult.tag;
+
+    if (!authTag) {
+      const engine = getEciesI18nEngine();
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_AuthenticationTagIsRequiredForECIESEncryption));
+    }
+
+    // Add length prefix for single mode
+    const lengthArray =
+      encryptionType === 'simple' ? new Uint8Array(0) : new Uint8Array(8);
+
+    if (encryptionType === 'single') {
+      const view = new DataView(lengthArray.buffer);
+      view.setBigUint64(0, BigInt(message.length), false); // big-endian
+    }
+
+    // Format: [preamble] | type (1) | ephemeralPublicKey (65) | iv (16) | authTag (16) | length (8) | encryptedData
+    const result = new Uint8Array(
+      preamble.length +
+        encryptionTypeArray.length +
+        ephemeralPublicKey.length +
+        iv.length +
+        authTag.length +
+        lengthArray.length +
+        encrypted.length,
+    );
+
+    let offset = 0;
+    result.set(preamble, offset);
+    offset += preamble.length;
+    result.set(encryptionTypeArray, offset);
+    offset += encryptionTypeArray.length;
+    result.set(ephemeralPublicKey, offset);
+    offset += ephemeralPublicKey.length;
+    result.set(iv, offset);
+    offset += iv.length;
+    result.set(authTag, offset);
+    offset += authTag.length;
+    result.set(lengthArray, offset);
+    offset += lengthArray.length;
+    result.set(encrypted, offset);
+
+    return result;
+  }
+
+  /**
+   * Parse encrypted message header
+   */
+  public parseEncryptedMessage(
+    encryptionType: EciesEncryptionTypeEnum | undefined,
+    data: Uint8Array,
+    preambleSize: number = 0,
+    options?: { dataLength?: number },
+  ): {
+    header: ISingleEncryptedParsedHeader;
+    data: Uint8Array;
+    remainder: Uint8Array;
+  } {
+    // Read encryption type from first byte after preamble
+    const actualEncryptionTypeByte = data[preambleSize];
+    let actualEncryptionType: EciesEncryptionTypeEnum;
+    const engine = getEciesI18nEngine();
+
+    switch (actualEncryptionTypeByte) {
+      case this.eciesConsts.ENCRYPTION_TYPE.SIMPLE:
+        actualEncryptionType = EciesEncryptionTypeEnum.Simple;
+        break;
+      case this.eciesConsts.ENCRYPTION_TYPE.SINGLE:
+        actualEncryptionType = EciesEncryptionTypeEnum.Single;
+        break;
+      case this.eciesConsts.ENCRYPTION_TYPE.MULTIPLE:
+        throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_MultipleEncryptionTypeNotSupportedInSingleRecipientMode));
+      default:
+        // convert the encryption type byte to hex
+        const encryptionTypeHex = actualEncryptionTypeByte.toString(16).padStart(2, '0');
+        throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_InvalidEncryptionTypeTemplate, { encryptionType: encryptionTypeHex }));
+    }
+
+    if (
+      encryptionType !== undefined &&
+      actualEncryptionType !== encryptionType
+    ) {
+      const engine = getEciesI18nEngine();
+      throw new Error(
+        engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_EncryptionTypeMismatchTemplate, { encryptionType, actualEncryptionType }),
+      );
+    }
+
+    const includeLengthAndCrc =
+      actualEncryptionType === EciesEncryptionTypeEnum.Single;
+    const requiredSize = includeLengthAndCrc
+      ? this.eciesConsts.SINGLE.FIXED_OVERHEAD_SIZE
+      : this.eciesConsts.SIMPLE.FIXED_OVERHEAD_SIZE;
+
+    if (data.length < requiredSize) {
+      const engine = getEciesI18nEngine();
+      throw new Error(
+        engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_DataTooShortTemplate, { requiredSize, dataLength: data.length }),
+      );
+    }
+
+    let offset = preambleSize;
+    const preamble = data.slice(0, preambleSize);
+
+    // Skip encryption type byte
+    offset += 1;
+
+    // Extract header components
+    const ephemeralPublicKey = data.slice(
+      offset,
+      offset + this.eciesConsts.PUBLIC_KEY_LENGTH,
+    );
+    offset += this.eciesConsts.PUBLIC_KEY_LENGTH;
+
+    const normalizedKey =
+      this.cryptoCore.normalizePublicKey(ephemeralPublicKey);
+
+    const iv = data.slice(offset, offset + this.eciesConsts.IV_SIZE);
+    offset += this.eciesConsts.IV_SIZE;
+
+    const authTag = data.slice(offset, offset + this.eciesConsts.AUTH_TAG_SIZE);
+    offset += this.eciesConsts.AUTH_TAG_SIZE;
+    // Extract length for single mode
+    const dataLengthArray = includeLengthAndCrc
+      ? data.slice(offset, offset + this.eciesConsts.SINGLE.DATA_LENGTH_SIZE)
+      : new Uint8Array(0);
+
+    if (includeLengthAndCrc) {
+      offset += this.eciesConsts.SINGLE.DATA_LENGTH_SIZE;
+    }
+
+    const dataLength = includeLengthAndCrc
+      ? Number(
+          new DataView(
+            dataLengthArray.buffer,
+            dataLengthArray.byteOffset,
+            dataLengthArray.byteLength,
+          ).getBigUint64(0, false),
+        )
+      : options?.dataLength ?? -1;
+
+    if (
+      includeLengthAndCrc &&
+      options?.dataLength !== undefined &&
+      dataLength !== options.dataLength
+    ) {
+      const engine = getEciesI18nEngine();
+      throw new Error(
+        engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_DataLengthMismatchTemplate, { expectedDataLength: dataLength, receivedDataLength: options.dataLength }),
+      );
+    }
+
+    // No CRC in Single encryption (AES-GCM provides authentication)
+
+    // For single mode, read all remaining data as encrypted data
+    // The dataLength represents the original message length, not encrypted length
+    const encryptedData = data.slice(offset);
+
+    const remainder = new Uint8Array(0);
+
+    // No CRC validation needed (AES-GCM provides authentication)
+
+    return {
+      header: {
+        encryptionType: actualEncryptionType,
+        ephemeralPublicKey: normalizedKey,
+        iv,
+        authTag,
+        dataLength,
+        headerSize: includeLengthAndCrc
+          ? this.eciesConsts.SINGLE.FIXED_OVERHEAD_SIZE
+          : this.eciesConsts.SIMPLE.FIXED_OVERHEAD_SIZE,
+      },
+      data: encryptedData,
+      remainder,
+    };
+  }
+
+  /**
+   * Decrypt with header
+   */
+  public async decryptWithHeader(
+    encryptionType: EciesEncryptionTypeEnum | undefined,
+    privateKey: Uint8Array,
+    encryptedData: Uint8Array,
+    preambleSize: number = 0,
+    options?: { dataLength?: number },
+  ): Promise<Uint8Array> {
+    const result = await this.decryptWithHeaderEx(
+      encryptionType,
+      privateKey,
+      encryptedData,
+      preambleSize,
+      options,
+    );
+    return result.decrypted;
+  }
+
+  /**
+   * Extended decrypt with header that returns additional info
+   */
+  public async decryptWithHeaderEx(
+    encryptionType: EciesEncryptionTypeEnum | undefined,
+    privateKey: Uint8Array,
+    encryptedData: Uint8Array,
+    preambleSize: number = 0,
+    options?: { dataLength?: number },
+  ): Promise<IDecryptionResult> {
+    const { data, header } = this.parseEncryptedMessage(
+      encryptionType,
+      encryptedData,
+      preambleSize,
+      options,
+    );
+
+    const decrypted = await this.decryptWithComponents(
+      privateKey,
+      header.ephemeralPublicKey,
+      header.iv,
+      header.authTag,
+      data,
+    );
+
+    return {
+      decrypted,
+      consumedBytes: preambleSize + header.headerSize + data.length,
+    };
+  }
+
+  /**
+   * Decrypt with individual components
+   */
+  public async decryptWithComponents(
+    privateKey: Uint8Array,
+    ephemeralPublicKey: Uint8Array,
+    iv: Uint8Array,
+    authTag: Uint8Array,
+    encrypted: Uint8Array,
+  ): Promise<Uint8Array> {
+    // Normalize ephemeral public key
+    const normalizedEphemeralKey =
+      this.cryptoCore.normalizePublicKey(ephemeralPublicKey);
+
+    // Compute shared secret
+    const sharedSecret = this.cryptoCore.computeSharedSecret(
+      privateKey,
+      normalizedEphemeralKey,
+    );
+
+    // Use first 32 bytes as symmetric key
+    const symKey = sharedSecret.slice(0, this.eciesConsts.SYMMETRIC.KEY_SIZE);
+
+    // Combine encrypted data with auth tag for AES-GCM
+    const encryptedWithTag = AESGCMService.combineEncryptedDataAndTag(
+      encrypted,
+      authTag,
+    );
+
+    // Decrypt
+    return await AESGCMService.decrypt(iv, encryptedWithTag, symKey, true, this.eciesConsts);
+  }
+
+  private arraysEqual(a: Uint8Array, b: Uint8Array): boolean {
+    if (a.length !== b.length) return false;
+    for (let i = 0; i < a.length; i++) {
+      if (a[i] !== b[i]) return false;
+    }
+    return true;
+  }
+}

package/{dist/services/index.d.ts → src/services/index.ts}

@@ -3,4 +3,3 @@ export * from './ecies';
 export * from './password-login';
 export * from './pbkdf2';
 export * from './xor';
-//# sourceMappingURL=index.d.ts.map

package/src/services/password-login.ts

@@ -0,0 +1,228 @@
+import { Wallet } from '@ethereumjs/wallet';
+import { EciesEncryptionTypeEnum } from '../enumerations/ecies-encryption-type';
+import { Pbkdf2ProfileEnum } from '../enumerations/pbkdf2-profile';
+import { SecureString } from '../secure-string';
+import { hexToUint8Array, uint8ArrayToHex } from '../utils';
+import { AESGCMService } from './aes-gcm';
+import { ECIESService } from './ecies/service';
+import { Pbkdf2Service } from './pbkdf2';
+import { EciesStringKey, PasswordLoginErrorTypeEnum } from '../enumerations';
+import { buildReasonMap, CoreLanguageCode, PluginI18nEngine, PluginTranslatableGenericError, PluginTypedHandleableError } from '@digitaldefiance/i18n-lib';
+import { IECIESConstants } from '../interfaces/ecies-consts';
+import { Constants } from '../constants';
+import { EciesComponentId } from '../i18n-setup';
+
+
+export class PasswordLoginService<TLanguage extends CoreLanguageCode = CoreLanguageCode> {
+  protected readonly eciesService: ECIESService;
+  protected readonly pbkdf2Service: Pbkdf2Service<TLanguage>;
+  protected readonly engine: PluginI18nEngine<TLanguage>;
+  protected readonly eciesConsts: IECIESConstants;
+  public static readonly privateKeyStorageKey = 'encryptedPrivateKey';
+  public static readonly saltStorageKey = 'passwordLoginSalt';
+  public static readonly encryptedMnemonicStorageKey = 'encryptedMnemonic';
+  public static readonly profileStorageKey = 'pbkdf2Profile';
+
+  constructor(eciesService: ECIESService, pbkdf2Service: Pbkdf2Service<TLanguage>, engine: PluginI18nEngine<TLanguage>, eciesParams: IECIESConstants = Constants.ECIES) {
+    this.eciesService = eciesService;
+    this.pbkdf2Service = pbkdf2Service;
+    this.engine = engine;
+    this.eciesConsts = eciesParams;
+  }
+
+  public async createPasswordLoginBundle(
+    mnemonic: SecureString,
+    password: SecureString,
+    profile: Pbkdf2ProfileEnum = Pbkdf2ProfileEnum.BROWSER_PASSWORD,
+  ): Promise<{
+    salt: Uint8Array;
+    encryptedPrivateKey: Uint8Array;
+    encryptedMnemonic: Uint8Array;
+    wallet: Wallet;
+  }> {
+    const { wallet } = this.eciesService.walletAndSeedFromMnemonic(mnemonic);
+
+    const derivedKey =
+      await this.pbkdf2Service.deriveKeyFromPasswordWithProfileAsync(
+        password.valueAsUint8Array,
+        profile,
+      );
+
+    // Encrypt private key with derived key
+    const privateKeyBytes = wallet.getPrivateKey();
+    const { encrypted, iv, tag } = await AESGCMService.encrypt(
+      privateKeyBytes,
+      derivedKey.hash,
+      true,
+    );
+    if (!tag) {
+      throw new PluginTranslatableGenericError(EciesComponentId, EciesStringKey.Error_Utils_EncryptionFailedNoAuthTag);
+    }
+    const encryptedPrivateKey = AESGCMService.combineIvTagAndEncryptedData(
+      iv,
+      encrypted,
+      tag,
+    );
+
+    // now use the public key to encrypt the mnemonic and store it
+    const encryptedMnemonic = await this.eciesService.encrypt(
+      EciesEncryptionTypeEnum.Simple,
+      [{ publicKey: wallet.getPublicKey() }],
+      mnemonic.valueAsUint8Array,
+    );
+
+    return {
+      salt: derivedKey.salt,
+      encryptedPrivateKey: encryptedPrivateKey,
+      encryptedMnemonic: encryptedMnemonic,
+      wallet,
+    };
+  }
+
+  /**
+   * Set up password login by deriving a key from the password and using it to encrypt
+   * @param mnemonic The user's mnemonic
+   * @param password The user's password
+   */
+  public async setupPasswordLoginLocalStorageBundle(
+    mnemonic: SecureString,
+    password: SecureString,
+    profile: Pbkdf2ProfileEnum = Pbkdf2ProfileEnum.BROWSER_PASSWORD,
+  ): Promise<Wallet> {
+    const { salt, encryptedPrivateKey, encryptedMnemonic, wallet } =
+      await this.createPasswordLoginBundle(mnemonic, password, profile);
+
+    // store the salt and encrypted private key in local storage
+    try {
+      localStorage.setItem(
+        PasswordLoginService.saltStorageKey,
+        uint8ArrayToHex(salt),
+      );
+      localStorage.setItem(
+        PasswordLoginService.privateKeyStorageKey,
+        uint8ArrayToHex(encryptedPrivateKey),
+      );
+      localStorage.setItem(
+        PasswordLoginService.encryptedMnemonicStorageKey,
+        uint8ArrayToHex(encryptedMnemonic),
+      );
+      localStorage.setItem(
+        PasswordLoginService.profileStorageKey,
+        profile,
+      );
+    } catch (error) {
+      throw new PluginTypedHandleableError<typeof PasswordLoginErrorTypeEnum, EciesStringKey, TLanguage>(this.engine, EciesComponentId, PasswordLoginErrorTypeEnum.FailedToStoreLoginData, buildReasonMap<typeof PasswordLoginErrorTypeEnum, EciesStringKey>(PasswordLoginErrorTypeEnum, ['Error', 'PasswordLoginError']), new Error(), { cause: error instanceof Error ? error : undefined });
+    }
+    return wallet;
+  }
+
+  public async getWalletAndMnemonicFromEncryptedPasswordBundle(
+    salt: Uint8Array,
+    encryptedPrivateKey: Uint8Array,
+    encryptedMnemonic: Uint8Array,
+    password: SecureString,
+    profile: Pbkdf2ProfileEnum = Pbkdf2ProfileEnum.BROWSER_PASSWORD,
+  ): Promise<{ wallet: Wallet; mnemonic: SecureString }> {
+    if (!salt || !encryptedPrivateKey || !encryptedMnemonic) {
+     throw new PluginTypedHandleableError<typeof PasswordLoginErrorTypeEnum, EciesStringKey, TLanguage>(this.engine, EciesComponentId, PasswordLoginErrorTypeEnum.PasswordLoginNotSetUp, buildReasonMap<typeof PasswordLoginErrorTypeEnum, EciesStringKey>(PasswordLoginErrorTypeEnum, ['Error', 'PasswordLoginError']), new Error());
+    }
+
+    const derivedKey =
+      await this.pbkdf2Service.deriveKeyFromPasswordWithProfileAsync(
+        password.valueAsUint8Array,
+        profile,
+        salt,
+      );
+
+    // Decrypt private key with derived key
+    const { iv, encryptedDataWithTag } = AESGCMService.splitEncryptedData(
+      encryptedPrivateKey,
+      true,
+      this.eciesConsts,
+    );
+    const privateKeyBytes = await AESGCMService.decrypt(
+      iv,
+      encryptedDataWithTag,
+      derivedKey.hash,
+      true,
+      this.eciesConsts,
+    );
+
+    const wallet = Wallet.fromPrivateKey(privateKeyBytes);
+
+    // now decrypt the mnemonic
+    const decryptedMnemonic =
+      await this.eciesService.decryptSimpleOrSingleWithHeader(
+        true,
+        wallet.getPrivateKey(),
+        encryptedMnemonic,
+      );
+
+    return { wallet, mnemonic: new SecureString(decryptedMnemonic) };
+  }
+
+  /**
+   * Recover wallet and mnemonic from password
+   * @param password The user's password
+   * @returns The user's wallet and mnemonic
+   */
+  public async getWalletAndMnemonicFromLocalStorageBundle(
+    password: SecureString,
+  ): Promise<{ wallet: Wallet; mnemonic: SecureString }> {
+    const saltHex = localStorage.getItem(PasswordLoginService.saltStorageKey);
+    const encryptedPrivateKeyHex = localStorage.getItem(
+      PasswordLoginService.privateKeyStorageKey,
+    );
+    const encryptedMnemonicHex = localStorage.getItem(
+      PasswordLoginService.encryptedMnemonicStorageKey,
+    );
+    const profileStr = localStorage.getItem(PasswordLoginService.profileStorageKey);
+
+    if (
+      !saltHex ||
+      !encryptedPrivateKeyHex ||
+      !encryptedMnemonicHex ||
+      saltHex === '' ||
+      encryptedPrivateKeyHex === '' ||
+      encryptedMnemonicHex === ''
+    ) {
+      throw new PluginTypedHandleableError<typeof PasswordLoginErrorTypeEnum, EciesStringKey, TLanguage>(this.engine, EciesComponentId, PasswordLoginErrorTypeEnum.PasswordLoginNotSetUp, buildReasonMap<typeof PasswordLoginErrorTypeEnum, EciesStringKey>(PasswordLoginErrorTypeEnum, ['Error', 'PasswordLoginError']), new Error());
+    }
+
+    const salt = hexToUint8Array(saltHex);
+    const encryptedPrivateKey = hexToUint8Array(encryptedPrivateKeyHex);
+    const encryptedMnemonic = hexToUint8Array(encryptedMnemonicHex);
+    const profile = (profileStr as Pbkdf2ProfileEnum) || Pbkdf2ProfileEnum.BROWSER_PASSWORD;
+
+    return await this.getWalletAndMnemonicFromEncryptedPasswordBundle(
+      salt,
+      encryptedPrivateKey,
+      encryptedMnemonic,
+      password,
+      profile,
+    );
+  }
+
+  /**
+   *
+   * @returns True if password login is set up (i.e. salt and encrypted private key are in local storage)
+   */
+  public static isPasswordLoginSetup(): boolean {
+    const saltHex = localStorage.getItem(PasswordLoginService.saltStorageKey);
+    const encryptedPrivateKeyHex = localStorage.getItem(
+      PasswordLoginService.privateKeyStorageKey,
+    );
+    const encryptedMnemonicHex = localStorage.getItem(
+      PasswordLoginService.encryptedMnemonicStorageKey,
+    );
+
+    return !!(
+      saltHex &&
+      encryptedPrivateKeyHex &&
+      encryptedMnemonicHex &&
+      saltHex !== '' &&
+      encryptedPrivateKeyHex !== '' &&
+      encryptedMnemonicHex !== ''
+    );
+  }
+}