@steemit/steem-js 0.7.11 → 1.0.0

package/lib/auth/ecc/src/ecdsa.js

@@ -1,219 +0,0 @@
-'use strict';
-
-var assert = require('assert'); // from github.com/bitcoinjs/bitcoinjs-lib from github.com/cryptocoinjs/ecdsa
-var crypto = require('./hash');
-var enforceType = require('./enforce_types');
-
-var BigInteger = require('bigi');
-var ECSignature = require('./ecsignature');
-
-// https://tools.ietf.org/html/rfc6979#section-3.2
-function deterministicGenerateK(curve, hash, d, checkSig, nonce) {
-
-  enforceType('Buffer', hash);
-  enforceType(BigInteger, d);
-
-  if (nonce) {
-    hash = crypto.sha256(Buffer.concat([hash, new Buffer(nonce)]));
-  }
-
-  // sanity check
-  assert.equal(hash.length, 32, 'Hash must be 256 bit');
-
-  var x = d.toBuffer(32);
-  var k = new Buffer(32);
-  var v = new Buffer(32);
-
-  // Step B
-  v.fill(1);
-
-  // Step C
-  k.fill(0);
-
-  // Step D
-  k = crypto.HmacSHA256(Buffer.concat([v, new Buffer([0]), x, hash]), k);
-
-  // Step E
-  v = crypto.HmacSHA256(v, k);
-
-  // Step F
-  k = crypto.HmacSHA256(Buffer.concat([v, new Buffer([1]), x, hash]), k);
-
-  // Step G
-  v = crypto.HmacSHA256(v, k);
-
-  // Step H1/H2a, ignored as tlen === qlen (256 bit)
-  // Step H2b
-  v = crypto.HmacSHA256(v, k);
-
-  var T = BigInteger.fromBuffer(v);
-
-  // Step H3, repeat until T is within the interval [1, n - 1]
-  while (T.signum() <= 0 || T.compareTo(curve.n) >= 0 || !checkSig(T)) {
-    k = crypto.HmacSHA256(Buffer.concat([v, new Buffer([0])]), k);
-    v = crypto.HmacSHA256(v, k);
-
-    // Step H1/H2a, again, ignored as tlen === qlen (256 bit)
-    // Step H2b again
-    v = crypto.HmacSHA256(v, k);
-
-    T = BigInteger.fromBuffer(v);
-  }
-
-  return T;
-}
-
-function sign(curve, hash, d, nonce) {
-
-  var e = BigInteger.fromBuffer(hash);
-  var n = curve.n;
-  var G = curve.G;
-
-  var r, s;
-  var k = deterministicGenerateK(curve, hash, d, function (k) {
-    // find canonically valid signature
-    var Q = G.multiply(k);
-
-    if (curve.isInfinity(Q)) return false;
-
-    r = Q.affineX.mod(n);
-    if (r.signum() === 0) return false;
-
-    s = k.modInverse(n).multiply(e.add(d.multiply(r))).mod(n);
-    if (s.signum() === 0) return false;
-
-    return true;
-  }, nonce);
-
-  var N_OVER_TWO = n.shiftRight(1);
-
-  // enforce low S values, see bip62: 'low s values in signatures'
-  if (s.compareTo(N_OVER_TWO) > 0) {
-    s = n.subtract(s);
-  }
-
-  return new ECSignature(r, s);
-}
-
-function verifyRaw(curve, e, signature, Q) {
-  var n = curve.n;
-  var G = curve.G;
-
-  var r = signature.r;
-  var s = signature.s;
-
-  // 1.4.1 Enforce r and s are both integers in the interval [1, n − 1]
-  if (r.signum() <= 0 || r.compareTo(n) >= 0) return false;
-  if (s.signum() <= 0 || s.compareTo(n) >= 0) return false;
-
-  // c = s^-1 mod n
-  var c = s.modInverse(n);
-
-  // 1.4.4 Compute u1 = es^−1 mod n
-  //               u2 = rs^−1 mod n
-  var u1 = e.multiply(c).mod(n);
-  var u2 = r.multiply(c).mod(n);
-
-  // 1.4.5 Compute R = (xR, yR) = u1G + u2Q
-  var R = G.multiplyTwo(u1, Q, u2);
-
-  // 1.4.5 (cont.) Enforce R is not at infinity
-  if (curve.isInfinity(R)) return false;
-
-  // 1.4.6 Convert the field element R.x to an integer
-  var xR = R.affineX;
-
-  // 1.4.7 Set v = xR mod n
-  var v = xR.mod(n);
-
-  // 1.4.8 If v = r, output "valid", and if v != r, output "invalid"
-  return v.equals(r);
-}
-
-function verify(curve, hash, signature, Q) {
-  // 1.4.2 H = Hash(M), already done by the user
-  // 1.4.3 e = H
-  var e = BigInteger.fromBuffer(hash);
-  return verifyRaw(curve, e, signature, Q);
-}
-
-/**
-  * Recover a public key from a signature.
-  *
-  * See SEC 1: Elliptic Curve Cryptography, section 4.1.6, "Public
-  * Key Recovery Operation".
-  *
-  * http://www.secg.org/download/aid-780/sec1-v2.pdf
-  */
-function recoverPubKey(curve, e, signature, i) {
-  assert.strictEqual(i & 3, i, 'Recovery param is more than two bits');
-
-  var n = curve.n;
-  var G = curve.G;
-
-  var r = signature.r;
-  var s = signature.s;
-
-  assert(r.signum() > 0 && r.compareTo(n) < 0, 'Invalid r value');
-  assert(s.signum() > 0 && s.compareTo(n) < 0, 'Invalid s value');
-
-  // A set LSB signifies that the y-coordinate is odd
-  var isYOdd = i & 1;
-
-  // The more significant bit specifies whether we should use the
-  // first or second candidate key.
-  var isSecondKey = i >> 1;
-
-  // 1.1 Let x = r + jn
-  var x = isSecondKey ? r.add(n) : r;
-  var R = curve.pointFromX(isYOdd, x);
-
-  // 1.4 Check that nR is at infinity
-  var nR = R.multiply(n);
-  assert(curve.isInfinity(nR), 'nR is not a valid curve point');
-
-  // Compute -e from e
-  var eNeg = e.negate().mod(n);
-
-  // 1.6.1 Compute Q = r^-1 (sR -  eG)
-  //               Q = r^-1 (sR + -eG)
-  var rInv = r.modInverse(n);
-
-  var Q = R.multiplyTwo(s, G, eNeg).multiply(rInv);
-  curve.validate(Q);
-
-  return Q;
-}
-
-/**
-  * Calculate pubkey extraction parameter.
-  *
-  * When extracting a pubkey from a signature, we have to
-  * distinguish four different cases. Rather than putting this
-  * burden on the verifier, Bitcoin includes a 2-bit value with the
-  * signature.
-  *
-  * This function simply tries all four cases and returns the value
-  * that resulted in a successful pubkey recovery.
-  */
-function calcPubKeyRecoveryParam(curve, e, signature, Q) {
-  for (var i = 0; i < 4; i++) {
-    var Qprime = recoverPubKey(curve, e, signature, i);
-
-    // 1.6.2 Verify Q
-    if (Qprime.equals(Q)) {
-      return i;
-    }
-  }
-
-  throw new Error('Unable to find valid recovery factor');
-}
-
-module.exports = {
-  calcPubKeyRecoveryParam: calcPubKeyRecoveryParam,
-  deterministicGenerateK: deterministicGenerateK,
-  recoverPubKey: recoverPubKey,
-  sign: sign,
-  verify: verify,
-  verifyRaw: verifyRaw
-};

package/lib/auth/ecc/src/ecsignature.js

@@ -1,128 +0,0 @@
-'use strict';
-
-var assert = require('assert'); // from https://github.com/bitcoinjs/bitcoinjs-lib
-var enforceType = require('./enforce_types');
-
-var BigInteger = require('bigi');
-
-function ECSignature(r, s) {
-  enforceType(BigInteger, r);
-  enforceType(BigInteger, s);
-
-  this.r = r;
-  this.s = s;
-}
-
-// Import operations
-ECSignature.parseCompact = function (buffer) {
-  assert.equal(buffer.length, 65, 'Invalid signature length');
-  var i = buffer.readUInt8(0) - 27;
-
-  // At most 3 bits
-  assert.equal(i, i & 7, 'Invalid signature parameter');
-  var compressed = !!(i & 4);
-
-  // Recovery param only
-  i = i & 3;
-
-  var r = BigInteger.fromBuffer(buffer.slice(1, 33));
-  var s = BigInteger.fromBuffer(buffer.slice(33));
-
-  return {
-    compressed: compressed,
-    i: i,
-    signature: new ECSignature(r, s)
-  };
-};
-
-ECSignature.fromDER = function (buffer) {
-  assert.equal(buffer.readUInt8(0), 0x30, 'Not a DER sequence');
-  assert.equal(buffer.readUInt8(1), buffer.length - 2, 'Invalid sequence length');
-  assert.equal(buffer.readUInt8(2), 0x02, 'Expected a DER integer');
-
-  var rLen = buffer.readUInt8(3);
-  assert(rLen > 0, 'R length is zero');
-
-  var offset = 4 + rLen;
-  assert.equal(buffer.readUInt8(offset), 0x02, 'Expected a DER integer (2)');
-
-  var sLen = buffer.readUInt8(offset + 1);
-  assert(sLen > 0, 'S length is zero');
-
-  var rB = buffer.slice(4, offset);
-  var sB = buffer.slice(offset + 2);
-  offset += 2 + sLen;
-
-  if (rLen > 1 && rB.readUInt8(0) === 0x00) {
-    assert(rB.readUInt8(1) & 0x80, 'R value excessively padded');
-  }
-
-  if (sLen > 1 && sB.readUInt8(0) === 0x00) {
-    assert(sB.readUInt8(1) & 0x80, 'S value excessively padded');
-  }
-
-  assert.equal(offset, buffer.length, 'Invalid DER encoding');
-  var r = BigInteger.fromDERInteger(rB);
-  var s = BigInteger.fromDERInteger(sB);
-
-  assert(r.signum() >= 0, 'R value is negative');
-  assert(s.signum() >= 0, 'S value is negative');
-
-  return new ECSignature(r, s);
-};
-
-// FIXME: 0x00, 0x04, 0x80 are SIGHASH_* boundary constants, importing Transaction causes a circular dependency
-ECSignature.parseScriptSignature = function (buffer) {
-  var hashType = buffer.readUInt8(buffer.length - 1);
-  var hashTypeMod = hashType & ~0x80;
-
-  assert(hashTypeMod > 0x00 && hashTypeMod < 0x04, 'Invalid hashType');
-
-  return {
-    signature: ECSignature.fromDER(buffer.slice(0, -1)),
-    hashType: hashType
-  };
-};
-
-// Export operations
-ECSignature.prototype.toCompact = function (i, compressed) {
-  if (compressed) i += 4;
-  i += 27;
-
-  var buffer = new Buffer(65);
-  buffer.writeUInt8(i, 0);
-
-  this.r.toBuffer(32).copy(buffer, 1);
-  this.s.toBuffer(32).copy(buffer, 33);
-
-  return buffer;
-};
-
-ECSignature.prototype.toDER = function () {
-  var rBa = this.r.toDERInteger();
-  var sBa = this.s.toDERInteger();
-
-  var sequence = [];
-
-  // INTEGER
-  sequence.push(0x02, rBa.length);
-  sequence = sequence.concat(rBa);
-
-  // INTEGER
-  sequence.push(0x02, sBa.length);
-  sequence = sequence.concat(sBa);
-
-  // SEQUENCE
-  sequence.unshift(0x30, sequence.length);
-
-  return new Buffer(sequence);
-};
-
-ECSignature.prototype.toScriptSignature = function (hashType) {
-  var hashTypeBuffer = new Buffer(1);
-  hashTypeBuffer.writeUInt8(hashType, 0);
-
-  return Buffer.concat([this.toDER(), hashTypeBuffer]);
-};
-
-module.exports = ECSignature;

package/lib/auth/ecc/src/enforce_types.js

@@ -1,49 +0,0 @@
-'use strict';
-
-module.exports = function enforce(type, value) {
-  // Copied from https://github.com/bitcoinjs/bitcoinjs-lib
-  switch (type) {
-    case 'Array':
-      {
-        if (Array.isArray(value)) return;
-        break;
-      }
-
-    case 'Boolean':
-      {
-        if (typeof value === 'boolean') return;
-        break;
-      }
-
-    case 'Buffer':
-      {
-        if (Buffer.isBuffer(value)) return;
-        break;
-      }
-
-    case 'Number':
-      {
-        if (typeof value === 'number') return;
-        break;
-      }
-
-    case 'String':
-      {
-        if (typeof value === 'string') return;
-        break;
-      }
-
-    default:
-      {
-        if (getName(value.constructor) === getName(type)) return;
-      }
-  }
-
-  throw new TypeError('Expected ' + (getName(type) || type) + ', got ' + value);
-};
-
-function getName(fn) {
-  // Why not fn.name: https://kangax.github.io/compat-table/es6/#function_name_property
-  var match = fn.toString().match(/function (.*?)\(/);
-  return match ? match[1] : null;
-}

package/lib/auth/ecc/src/hash.js

@@ -1,67 +0,0 @@
-'use strict';
-
-var _createHash = require('create-hash');
-
-var _createHash2 = _interopRequireDefault(_createHash);
-
-var _createHmac = require('create-hmac');
-
-var _createHmac2 = _interopRequireDefault(_createHmac);
-
-function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
-
-/** @arg {string|Buffer} data
-    @arg {string} [digest = null] - 'hex', 'binary' or 'base64'
-    @return {string|Buffer} - Buffer when digest is null, or string
-*/
-function sha1(data, encoding) {
-    return (0, _createHash2.default)('sha1').update(data).digest(encoding);
-}
-
-/** @arg {string|Buffer} data
-    @arg {string} [digest = null] - 'hex', 'binary' or 'base64'
-    @return {string|Buffer} - Buffer when digest is null, or string
-*/
-function sha256(data, encoding) {
-    return (0, _createHash2.default)('sha256').update(data).digest(encoding);
-}
-
-/** @arg {string|Buffer} data
-    @arg {string} [digest = null] - 'hex', 'binary' or 'base64'
-    @return {string|Buffer} - Buffer when digest is null, or string
-*/
-function sha512(data, encoding) {
-    return (0, _createHash2.default)('sha512').update(data).digest(encoding);
-}
-
-function HmacSHA256(buffer, secret) {
-    return (0, _createHmac2.default)('sha256', secret).update(buffer).digest();
-}
-
-function ripemd160(data) {
-    return (0, _createHash2.default)('rmd160').update(data).digest();
-}
-
-// function hash160(buffer) {
-//   return ripemd160(sha256(buffer))
-// }
-// 
-// function hash256(buffer) {
-//   return sha256(sha256(buffer))
-// }
-
-// 
-// function HmacSHA512(buffer, secret) {
-//   return crypto.createHmac('sha512', secret).update(buffer).digest()
-// }
-
-module.exports = {
-    sha1: sha1,
-    sha256: sha256,
-    sha512: sha512,
-    HmacSHA256: HmacSHA256,
-    ripemd160: ripemd160
-    // hash160: hash160,
-    // hash256: hash256,
-    // HmacSHA512: HmacSHA512
-};

package/lib/auth/ecc/src/key_private.js

@@ -1,212 +0,0 @@
-'use strict';
-
-var _createClass = function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ("value" in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; }();
-
-function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } }
-
-var ecurve = require('ecurve');
-var Point = ecurve.Point;
-var secp256k1 = ecurve.getCurveByName('secp256k1');
-var BigInteger = require('bigi');
-var base58 = require('bs58');
-var assert = require('assert');
-var hash = require('./hash');
-var PublicKey = require('./key_public');
-
-var G = secp256k1.G;
-var n = secp256k1.n;
-
-var PrivateKey = function () {
-
-    /**
-        @private see static functions
-        @param {BigInteger}
-    */
-    function PrivateKey(d) {
-        _classCallCheck(this, PrivateKey);
-
-        this.d = d;
-    }
-
-    _createClass(PrivateKey, [{
-        key: 'toWif',
-        value: function toWif() {
-            var private_key = this.toBuffer();
-            // checksum includes the version
-            private_key = Buffer.concat([new Buffer([0x80]), private_key]);
-            var checksum = hash.sha256(private_key);
-            checksum = hash.sha256(checksum);
-            checksum = checksum.slice(0, 4);
-            var private_wif = Buffer.concat([private_key, checksum]);
-            return base58.encode(private_wif);
-        }
-
-        /** Alias for {@link toWif} */
-
-    }, {
-        key: 'toString',
-        value: function toString() {
-            return this.toWif();
-        }
-
-        /**
-            @return {Point}
-        */
-
-    }, {
-        key: 'toPublicKeyPoint',
-        value: function toPublicKeyPoint() {
-            var Q;
-            return Q = secp256k1.G.multiply(this.d);
-        }
-    }, {
-        key: 'toPublic',
-        value: function toPublic() {
-            if (this.public_key) {
-                return this.public_key;
-            }
-            return this.public_key = PublicKey.fromPoint(this.toPublicKeyPoint());
-        }
-    }, {
-        key: 'toBuffer',
-        value: function toBuffer() {
-            return this.d.toBuffer(32);
-        }
-
-        /** ECIES */
-
-    }, {
-        key: 'get_shared_secret',
-        value: function get_shared_secret(public_key) {
-            public_key = toPublic(public_key);
-            var KB = public_key.toUncompressed().toBuffer();
-            var KBP = Point.fromAffine(secp256k1, BigInteger.fromBuffer(KB.slice(1, 33)), // x
-            BigInteger.fromBuffer(KB.slice(33, 65)) // y
-            );
-            var r = this.toBuffer();
-            var P = KBP.multiply(BigInteger.fromBuffer(r));
-            var S = P.affineX.toBuffer({ size: 32 });
-            // SHA512 used in ECIES
-            return hash.sha512(S);
-        }
-
-        // /** ECIES (does not always match the Point.fromAffine version above) */
-        // get_shared_secret(public_key){
-        //     public_key = toPublic(public_key)
-        //     var P = public_key.Q.multiply( this.d );
-        //     var S = P.affineX.toBuffer({size: 32});
-        //     // ECIES, adds an extra sha512
-        //     return hash.sha512(S);
-        // }
-
-        /** @throws {Error} - overflow of the key could not be derived */
-
-    }, {
-        key: 'child',
-        value: function child(offset) {
-            offset = Buffer.concat([this.toPublicKey().toBuffer(), offset]);
-            offset = hash.sha256(offset);
-            var c = BigInteger.fromBuffer(offset);
-
-            if (c.compareTo(n) >= 0) throw new Error("Child offset went out of bounds, try again");
-
-            var derived = this.d.add(c); //.mod(n)
-
-            if (derived.signum() === 0) throw new Error("Child offset derived to an invalid key, try again");
-
-            return new PrivateKey(derived);
-        }
-
-        // toByteBuffer() {
-        //     var b = new ByteBuffer(ByteBuffer.DEFAULT_CAPACITY, ByteBuffer.LITTLE_ENDIAN);
-        //     this.appendByteBuffer(b);
-        //     return b.copy(0, b.offset);
-        // }
-
-    }, {
-        key: 'toHex',
-        value: function toHex() {
-            return this.toBuffer().toString('hex');
-        }
-    }, {
-        key: 'toPublicKey',
-        value: function toPublicKey() {
-            return this.toPublic();
-        }
-
-        /* </helper_functions> */
-
-    }], [{
-        key: 'fromBuffer',
-        value: function fromBuffer(buf) {
-            if (!Buffer.isBuffer(buf)) {
-                throw new Error("Expecting paramter to be a Buffer type");
-            }
-            if (32 !== buf.length) {
-                console.log('WARN: Expecting 32 bytes, instead got ' + buf.length + ', stack trace:', new Error().stack);
-            }
-            if (buf.length === 0) {
-                throw new Error("Empty buffer");
-            }
-            return new PrivateKey(BigInteger.fromBuffer(buf));
-        }
-
-        /** @arg {string} seed - any length string.  This is private, the same seed produces the same private key every time.  */
-
-    }, {
-        key: 'fromSeed',
-        value: function fromSeed(seed) {
-            // generate_private_key
-            if (!(typeof seed === 'string')) {
-                throw new Error('seed must be of type string');
-            }
-            return PrivateKey.fromBuffer(hash.sha256(seed));
-        }
-    }, {
-        key: 'isWif',
-        value: function isWif(text) {
-            try {
-                this.fromWif(text);
-                return true;
-            } catch (e) {
-                return false;
-            }
-        }
-
-        /**
-            @throws {AssertError|Error} parsing key
-            @return {string} Wallet Import Format (still a secret, Not encrypted)
-        */
-
-    }, {
-        key: 'fromWif',
-        value: function fromWif(_private_wif) {
-            var private_wif = new Buffer(base58.decode(_private_wif));
-            var version = private_wif.readUInt8(0);
-            assert.equal(0x80, version, 'Expected version ' + 0x80 + ', instead got ' + version);
-            // checksum includes the version
-            var private_key = private_wif.slice(0, -4);
-            var checksum = private_wif.slice(-4);
-            var new_checksum = hash.sha256(private_key);
-            new_checksum = hash.sha256(new_checksum);
-            new_checksum = new_checksum.slice(0, 4);
-            if (checksum.toString() !== new_checksum.toString()) throw new Error('Invalid WIF key (checksum miss-match)');
-
-            private_key = private_key.slice(1);
-            return PrivateKey.fromBuffer(private_key);
-        }
-    }, {
-        key: 'fromHex',
-        value: function fromHex(hex) {
-            return PrivateKey.fromBuffer(new Buffer(hex, 'hex'));
-        }
-    }]);
-
-    return PrivateKey;
-}();
-
-module.exports = PrivateKey;
-
-var toPublic = function toPublic(data) {
-    return data == null ? data : data.Q ? data : PublicKey.fromStringOrThrow(data);
-};