shamir-mnemonic-ts 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +71 -0
- package/dist/cipher.d.ts +3 -0
- package/dist/cipher.d.ts.map +1 -0
- package/dist/cipher.js +91 -0
- package/dist/cipher.js.map +1 -0
- package/dist/constants.d.ts +41 -0
- package/dist/constants.d.ts.map +1 -0
- package/dist/constants.js +45 -0
- package/dist/constants.js.map +1 -0
- package/dist/index.d.ts +6 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +23 -0
- package/dist/index.js.map +1 -0
- package/dist/recovery.d.ts +18 -0
- package/dist/recovery.d.ts.map +1 -0
- package/dist/recovery.js +126 -0
- package/dist/recovery.js.map +1 -0
- package/dist/rs1024.d.ts +5 -0
- package/dist/rs1024.d.ts.map +1 -0
- package/dist/rs1024.js +50 -0
- package/dist/rs1024.js.map +1 -0
- package/dist/shamir.d.ts +36 -0
- package/dist/shamir.d.ts.map +1 -0
- package/dist/shamir.js +448 -0
- package/dist/shamir.js.map +1 -0
- package/dist/share.d.ts +39 -0
- package/dist/share.d.ts.map +1 -0
- package/dist/share.js +194 -0
- package/dist/share.js.map +1 -0
- package/dist/src/cipher.js +90 -0
- package/dist/src/constants.js +44 -0
- package/dist/src/index.js +22 -0
- package/dist/src/recovery.js +127 -0
- package/dist/src/rs1024.js +55 -0
- package/dist/src/shamir.js +486 -0
- package/dist/src/share.js +196 -0
- package/dist/src/utils.js +97 -0
- package/dist/src/wordlist.js +136 -0
- package/dist/test-manual.js +78 -0
- package/dist/utils.d.ts +7 -0
- package/dist/utils.d.ts.map +1 -0
- package/dist/utils.js +39 -0
- package/dist/utils.js.map +1 -0
- package/dist/wordlist.d.ts +4 -0
- package/dist/wordlist.d.ts.map +1 -0
- package/dist/wordlist.js +1069 -0
- package/dist/wordlist.js.map +1 -0
- package/package.json +44 -0
package/dist/share.js
ADDED
|
@@ -0,0 +1,194 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.Share = void 0;
|
|
37
|
+
const rs1024 = __importStar(require("./rs1024"));
|
|
38
|
+
const wordlist = __importStar(require("./wordlist"));
|
|
39
|
+
const constants_1 = require("./constants");
|
|
40
|
+
const utils_1 = require("./utils");
|
|
41
|
+
function _intToWordIndices(value, length) {
|
|
42
|
+
/** Converts an integer value to a list of base 1024 indices in big endian order. */
|
|
43
|
+
return Array.from((0, utils_1.intToIndices)(value, length, constants_1.RADIX_BITS));
|
|
44
|
+
}
|
|
45
|
+
function _intFromWordIndices(indices) {
|
|
46
|
+
/** Converts a list of base 1024 indices in big endian order to an integer value. */
|
|
47
|
+
let value = 0;
|
|
48
|
+
for (const index of indices) {
|
|
49
|
+
value = value * constants_1.RADIX + index;
|
|
50
|
+
}
|
|
51
|
+
return value;
|
|
52
|
+
}
|
|
53
|
+
function _customizationString(extendable) {
|
|
54
|
+
return extendable ? constants_1.CUSTOMIZATION_STRING_EXTENDABLE : constants_1.CUSTOMIZATION_STRING_ORIG;
|
|
55
|
+
}
|
|
56
|
+
class Share {
|
|
57
|
+
constructor(identifier, extendable, iterationExponent, groupIndex, groupThreshold, groupCount, index, memberThreshold, value) {
|
|
58
|
+
this.identifier = identifier;
|
|
59
|
+
this.extendable = extendable;
|
|
60
|
+
this.iterationExponent = iterationExponent;
|
|
61
|
+
this.groupIndex = groupIndex;
|
|
62
|
+
this.groupThreshold = groupThreshold;
|
|
63
|
+
this.groupCount = groupCount;
|
|
64
|
+
this.index = index;
|
|
65
|
+
this.memberThreshold = memberThreshold;
|
|
66
|
+
this.value = value;
|
|
67
|
+
}
|
|
68
|
+
commonParameters() {
|
|
69
|
+
/** Return values that uniquely identify a matching set of shares. */
|
|
70
|
+
return {
|
|
71
|
+
identifier: this.identifier,
|
|
72
|
+
extendable: this.extendable,
|
|
73
|
+
iterationExponent: this.iterationExponent,
|
|
74
|
+
groupThreshold: this.groupThreshold,
|
|
75
|
+
groupCount: this.groupCount,
|
|
76
|
+
};
|
|
77
|
+
}
|
|
78
|
+
groupParameters() {
|
|
79
|
+
/** Return values that uniquely identify shares belonging to the same group. */
|
|
80
|
+
return {
|
|
81
|
+
identifier: this.identifier,
|
|
82
|
+
extendable: this.extendable,
|
|
83
|
+
iterationExponent: this.iterationExponent,
|
|
84
|
+
groupIndex: this.groupIndex,
|
|
85
|
+
groupThreshold: this.groupThreshold,
|
|
86
|
+
groupCount: this.groupCount,
|
|
87
|
+
memberThreshold: this.memberThreshold,
|
|
88
|
+
};
|
|
89
|
+
}
|
|
90
|
+
_encodeIdExp() {
|
|
91
|
+
let idExpInt = this.identifier << (constants_1.ITERATION_EXP_LENGTH_BITS + constants_1.EXTENDABLE_FLAG_LENGTH_BITS);
|
|
92
|
+
idExpInt += (this.extendable ? 1 : 0) << constants_1.ITERATION_EXP_LENGTH_BITS;
|
|
93
|
+
idExpInt += this.iterationExponent;
|
|
94
|
+
return _intToWordIndices(idExpInt, constants_1.ID_EXP_LENGTH_WORDS);
|
|
95
|
+
}
|
|
96
|
+
_encodeShareParams() {
|
|
97
|
+
// each value is 4 bits, for 20 bits total
|
|
98
|
+
let val = this.groupIndex;
|
|
99
|
+
val <<= 4;
|
|
100
|
+
val += this.groupThreshold - 1;
|
|
101
|
+
val <<= 4;
|
|
102
|
+
val += this.groupCount - 1;
|
|
103
|
+
val <<= 4;
|
|
104
|
+
val += this.index;
|
|
105
|
+
val <<= 4;
|
|
106
|
+
val += this.memberThreshold - 1;
|
|
107
|
+
// group parameters are 2 words
|
|
108
|
+
return _intToWordIndices(val, 2);
|
|
109
|
+
}
|
|
110
|
+
words() {
|
|
111
|
+
/** Convert share data to a share mnemonic. */
|
|
112
|
+
const valueWordCount = (0, utils_1.bitsToWords)(this.value.length * 8);
|
|
113
|
+
// Convert Buffer to big-endian integer (using BigInt to handle large values)
|
|
114
|
+
let valueInt = 0n;
|
|
115
|
+
for (let i = 0; i < this.value.length; i++) {
|
|
116
|
+
valueInt = (valueInt << 8n) | BigInt(this.value[i]);
|
|
117
|
+
}
|
|
118
|
+
// Convert BigInt to number array for _intToWordIndices
|
|
119
|
+
// For very large values, we need to handle this differently
|
|
120
|
+
const valueData = [];
|
|
121
|
+
let tempValue = valueInt;
|
|
122
|
+
for (let i = 0; i < valueWordCount; i++) {
|
|
123
|
+
valueData.unshift(Number(tempValue & 1023n));
|
|
124
|
+
tempValue = tempValue >> 10n;
|
|
125
|
+
}
|
|
126
|
+
const shareData = this._encodeIdExp().concat(this._encodeShareParams()).concat(valueData);
|
|
127
|
+
const checksum = rs1024.createChecksum(shareData, _customizationString(this.extendable));
|
|
128
|
+
return Array.from(wordlist.wordsFromIndices(shareData.concat(checksum)));
|
|
129
|
+
}
|
|
130
|
+
mnemonic() {
|
|
131
|
+
/** Convert share data to a share mnemonic. */
|
|
132
|
+
return this.words().join(' ');
|
|
133
|
+
}
|
|
134
|
+
static fromMnemonic(mnemonic) {
|
|
135
|
+
/** Convert a share mnemonic to share data. */
|
|
136
|
+
const mnemonicData = wordlist.mnemonicToIndices(mnemonic);
|
|
137
|
+
if (mnemonicData.length < constants_1.MIN_MNEMONIC_LENGTH_WORDS) {
|
|
138
|
+
throw new utils_1.MnemonicError(`Invalid mnemonic length. The length of each mnemonic ` +
|
|
139
|
+
`must be at least ${constants_1.MIN_MNEMONIC_LENGTH_WORDS} words.`);
|
|
140
|
+
}
|
|
141
|
+
const paddingLen = (constants_1.RADIX_BITS * (mnemonicData.length - constants_1.METADATA_LENGTH_WORDS)) % 16;
|
|
142
|
+
if (paddingLen > 8) {
|
|
143
|
+
throw new utils_1.MnemonicError('Invalid mnemonic length.');
|
|
144
|
+
}
|
|
145
|
+
const idExpData = mnemonicData.slice(0, constants_1.ID_EXP_LENGTH_WORDS);
|
|
146
|
+
const idExpInt = _intFromWordIndices(idExpData);
|
|
147
|
+
const identifier = idExpInt >> (constants_1.EXTENDABLE_FLAG_LENGTH_BITS + constants_1.ITERATION_EXP_LENGTH_BITS);
|
|
148
|
+
const extendable = Boolean((idExpInt >> constants_1.ITERATION_EXP_LENGTH_BITS) & 1);
|
|
149
|
+
const iterationExponent = idExpInt & ((1 << constants_1.ITERATION_EXP_LENGTH_BITS) - 1);
|
|
150
|
+
if (!rs1024.verifyChecksum(mnemonicData, _customizationString(extendable))) {
|
|
151
|
+
const prefix = mnemonic.split(/\s+/).slice(0, constants_1.ID_EXP_LENGTH_WORDS + 2).join(' ');
|
|
152
|
+
throw new utils_1.MnemonicError(`Invalid mnemonic checksum for "${prefix} ...".`);
|
|
153
|
+
}
|
|
154
|
+
const shareParamsData = mnemonicData.slice(constants_1.ID_EXP_LENGTH_WORDS, constants_1.ID_EXP_LENGTH_WORDS + 2);
|
|
155
|
+
const shareParamsInt = _intFromWordIndices(shareParamsData);
|
|
156
|
+
const shareParams = Array.from((0, utils_1.intToIndices)(shareParamsInt, 5, 4));
|
|
157
|
+
const [groupIndex, groupThreshold, groupCount, index, memberThreshold,] = shareParams;
|
|
158
|
+
if (groupCount < groupThreshold) {
|
|
159
|
+
const prefix = mnemonic.split(/\s+/).slice(0, constants_1.ID_EXP_LENGTH_WORDS + 2).join(' ');
|
|
160
|
+
throw new utils_1.MnemonicError(`Invalid mnemonic "${prefix} ...". Group threshold cannot be greater than group count.`);
|
|
161
|
+
}
|
|
162
|
+
const valueData = mnemonicData.slice(constants_1.ID_EXP_LENGTH_WORDS + 2, mnemonicData.length - rs1024.CHECKSUM_LENGTH_WORDS);
|
|
163
|
+
const valueByteCount = (0, utils_1.bitsToBytes)(constants_1.RADIX_BITS * valueData.length - paddingLen);
|
|
164
|
+
// Convert word indices to BigInt (base 1024)
|
|
165
|
+
let valueInt = 0n;
|
|
166
|
+
for (const index of valueData) {
|
|
167
|
+
valueInt = valueInt * 1024n + BigInt(index);
|
|
168
|
+
}
|
|
169
|
+
// Convert BigInt to Buffer in big-endian format
|
|
170
|
+
let value;
|
|
171
|
+
try {
|
|
172
|
+
value = Buffer.allocUnsafe(valueByteCount);
|
|
173
|
+
let tempValue = valueInt;
|
|
174
|
+
for (let i = valueByteCount - 1; i >= 0; i--) {
|
|
175
|
+
value[i] = Number(tempValue & 0xffn);
|
|
176
|
+
tempValue = tempValue >> 8n;
|
|
177
|
+
}
|
|
178
|
+
if (tempValue !== 0n) {
|
|
179
|
+
const prefix = mnemonic.split(/\s+/).slice(0, constants_1.ID_EXP_LENGTH_WORDS + 2).join(' ');
|
|
180
|
+
throw new utils_1.MnemonicError(`Invalid mnemonic padding for "${prefix} ...".`);
|
|
181
|
+
}
|
|
182
|
+
}
|
|
183
|
+
catch (error) {
|
|
184
|
+
if (error instanceof utils_1.MnemonicError) {
|
|
185
|
+
throw error;
|
|
186
|
+
}
|
|
187
|
+
const prefix = mnemonic.split(/\s+/).slice(0, constants_1.ID_EXP_LENGTH_WORDS + 2).join(' ');
|
|
188
|
+
throw new utils_1.MnemonicError(`Invalid mnemonic padding for "${prefix} ...".`);
|
|
189
|
+
}
|
|
190
|
+
return new Share(identifier, extendable, iterationExponent, groupIndex, groupThreshold + 1, groupCount + 1, index, memberThreshold + 1, value);
|
|
191
|
+
}
|
|
192
|
+
}
|
|
193
|
+
exports.Share = Share;
|
|
194
|
+
//# sourceMappingURL=share.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"share.js","sourceRoot":"","sources":["../src/share.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAmC;AACnC,qDAAuC;AACvC,2CAUqB;AACrB,mCAAgF;AAIhF,SAAS,iBAAiB,CAAC,KAAa,EAAE,MAAc;IACtD,oFAAoF;IACpF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAA,oBAAY,EAAC,KAAK,EAAE,MAAM,EAAE,sBAAU,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED,SAAS,mBAAmB,CAAC,OAA4B;IACvD,oFAAoF;IACpF,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,KAAK,GAAG,KAAK,GAAG,iBAAK,GAAG,KAAK,CAAC;IAChC,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,oBAAoB,CAAC,UAAmB;IAC/C,OAAO,UAAU,CAAC,CAAC,CAAC,2CAA+B,CAAC,CAAC,CAAC,qCAAyB,CAAC;AAClF,CAAC;AAsBD,MAAa,KAAK;IAWhB,YACE,UAAkB,EAClB,UAAmB,EACnB,iBAAyB,EACzB,UAAkB,EAClB,cAAsB,EACtB,UAAkB,EAClB,KAAa,EACb,eAAuB,EACvB,KAAa;QAEb,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,iBAAiB,GAAG,iBAAiB,CAAC;QAC3C,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QACvC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;IAED,gBAAgB;QACd,qEAAqE;QACrE,OAAO;YACL,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;YACzC,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,UAAU,EAAE,IAAI,CAAC,UAAU;SAC5B,CAAC;IACJ,CAAC;IAED,eAAe;QACb,+EAA+E;QAC/E,OAAO;YACL,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;YACzC,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,eAAe,EAAE,IAAI,CAAC,eAAe;SACtC,CAAC;IACJ,CAAC;IAED,YAAY;QACV,IAAI,QAAQ,GAAG,IAAI,CAAC,UAAU,IAAI,CAAC,qCAAyB,GAAG,uCAA2B,CAAC,CAAC;QAC5F,QAAQ,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,qCAAyB,CAAC;QACnE,QAAQ,IAAI,IAAI,CAAC,iBAAiB,CAAC;QACnC,OAAO,iBAAiB,CAAC,QAAQ,EAAE,+BAAmB,CAAC,CAAC;IAC1D,CAAC;IAED,kBAAkB;QAChB,0CAA0C;QAC1C,IAAI,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC;QAC1B,GAAG,KAAK,CAAC,CAAC;QACV,GAAG,IAAI,IAAI,CAAC,cAAc,GAAG,CAAC,CAAC;QAC/B,GAAG,KAAK,CAAC,CAAC;QACV,GAAG,IAAI,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;QAC3B,GAAG,KAAK,CAAC,CAAC;QACV,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC;QAClB,GAAG,KAAK,CAAC,CAAC;QACV,GAAG,IAAI,IAAI,CAAC,eAAe,GAAG,CAAC,CAAC;QAChC,+BAA+B;QAC/B,OAAO,iBAAiB,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC;IAED,KAAK;QACH,8CAA8C;QAC9C,MAAM,cAAc,GAAG,IAAA,mBAAW,EAAC,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC1D,6EAA6E;QAC7E,IAAI,QAAQ,GAAG,EAAE,CAAC;QAClB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3C,QAAQ,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QACtD,CAAC;QACD,uDAAuD;QACvD,4DAA4D;QAC5D,MAAM,SAAS,GAAgB,EAAE,CAAC;QAClC,IAAI,SAAS,GAAG,QAAQ,CAAC;QACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,EAAE,CAAC,EAAE,EAAE,CAAC;YACxC,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC;YAC7C,SAAS,GAAG,SAAS,IAAI,GAAG,CAAC;QAC/B,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC1F,MAAM,QAAQ,GAAG,MAAM,CAAC,cAAc,CAAC,SAAS,EAAE,oBAAoB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAEzF,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC3E,CAAC;IAED,QAAQ;QACN,8CAA8C;QAC9C,OAAO,IAAI,CAAC,KAAK,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAChC,CAAC;IAED,MAAM,CAAC,YAAY,CAAC,QAAgB;QAClC,8CAA8C;QAC9C,MAAM,YAAY,GAAG,QAAQ,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAE1D,IAAI,YAAY,CAAC,MAAM,GAAG,qCAAyB,EAAE,CAAC;YACpD,MAAM,IAAI,qBAAa,CACrB,uDAAuD;gBACvD,oBAAoB,qCAAyB,SAAS,CACvD,CAAC;QACJ,CAAC;QAED,MAAM,UAAU,GAAG,CAAC,sBAAU,GAAG,CAAC,YAAY,CAAC,MAAM,GAAG,iCAAqB,CAAC,CAAC,GAAG,EAAE,CAAC;QACrF,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;YACnB,MAAM,IAAI,qBAAa,CAAC,0BAA0B,CAAC,CAAC;QACtD,CAAC;QAED,MAAM,SAAS,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,+BAAmB,CAAC,CAAC;QAC7D,MAAM,QAAQ,GAAG,mBAAmB,CAAC,SAAS,CAAC,CAAC;QAEhD,MAAM,UAAU,GAAG,QAAQ,IAAI,CAAC,uCAA2B,GAAG,qCAAyB,CAAC,CAAC;QACzF,MAAM,UAAU,GAAG,OAAO,CAAC,CAAC,QAAQ,IAAI,qCAAyB,CAAC,GAAG,CAAC,CAAC,CAAC;QACxE,MAAM,iBAAiB,GAAG,QAAQ,GAAG,CAAC,CAAC,CAAC,IAAI,qCAAyB,CAAC,GAAG,CAAC,CAAC,CAAC;QAE5E,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,YAAY,EAAE,oBAAoB,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;YAC3E,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,+BAAmB,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACjF,MAAM,IAAI,qBAAa,CACrB,kCAAkC,MAAM,QAAQ,CACjD,CAAC;QACJ,CAAC;QAED,MAAM,eAAe,GAAG,YAAY,CAAC,KAAK,CAAC,+BAAmB,EAAE,+BAAmB,GAAG,CAAC,CAAC,CAAC;QACzF,MAAM,cAAc,GAAG,mBAAmB,CAAC,eAAe,CAAC,CAAC;QAC5D,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,IAAA,oBAAY,EAAC,cAAc,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACnE,MAAM,CACJ,UAAU,EACV,cAAc,EACd,UAAU,EACV,KAAK,EACL,eAAe,EAChB,GAAG,WAAW,CAAC;QAEhB,IAAI,UAAU,GAAG,cAAc,EAAE,CAAC;YAChC,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,+BAAmB,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACjF,MAAM,IAAI,qBAAa,CACrB,qBAAqB,MAAM,4DAA4D,CACxF,CAAC;QACJ,CAAC;QAED,MAAM,SAAS,GAAG,YAAY,CAAC,KAAK,CAClC,+BAAmB,GAAG,CAAC,EACvB,YAAY,CAAC,MAAM,GAAG,MAAM,CAAC,qBAAqB,CACnD,CAAC;QACF,MAAM,cAAc,GAAG,IAAA,mBAAW,EAAC,sBAAU,GAAG,SAAS,CAAC,MAAM,GAAG,UAAU,CAAC,CAAC;QAE/E,6CAA6C;QAC7C,IAAI,QAAQ,GAAG,EAAE,CAAC;QAClB,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;YAC9B,QAAQ,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;QAC9C,CAAC;QAED,gDAAgD;QAChD,IAAI,KAAa,CAAC;QAClB,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;YAC3C,IAAI,SAAS,GAAG,QAAQ,CAAC;YACzB,KAAK,IAAI,CAAC,GAAG,cAAc,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC7C,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,SAAS,GAAG,KAAK,CAAC,CAAC;gBACrC,SAAS,GAAG,SAAS,IAAI,EAAE,CAAC;YAC9B,CAAC;YAED,IAAI,SAAS,KAAK,EAAE,EAAE,CAAC;gBACrB,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,+BAAmB,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACjF,MAAM,IAAI,qBAAa,CACrB,iCAAiC,MAAM,QAAQ,CAChD,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,qBAAa,EAAE,CAAC;gBACnC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,+BAAmB,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACjF,MAAM,IAAI,qBAAa,CACrB,iCAAiC,MAAM,QAAQ,CAChD,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,KAAK,CACd,UAAU,EACV,UAAU,EACV,iBAAiB,EACjB,UAAU,EACV,cAAc,GAAG,CAAC,EAClB,UAAU,GAAG,CAAC,EACd,KAAK,EACL,eAAe,GAAG,CAAC,EACnB,KAAK,CACN,CAAC;IACJ,CAAC;CACF;AA7MD,sBA6MC"}
|
|
@@ -0,0 +1,90 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.encrypt = encrypt;
|
|
37
|
+
exports.decrypt = decrypt;
|
|
38
|
+
var crypto = __importStar(require("crypto"));
|
|
39
|
+
var constants_1 = require("./constants");
|
|
40
|
+
var utils_1 = require("./utils");
|
|
41
|
+
function _xor(a, b) {
|
|
42
|
+
var result = Buffer.alloc(a.length);
|
|
43
|
+
for (var i = 0; i < a.length; i++) {
|
|
44
|
+
result[i] = a[i] ^ b[i];
|
|
45
|
+
}
|
|
46
|
+
return result;
|
|
47
|
+
}
|
|
48
|
+
function _roundFunction(i, passphrase, e, salt, r) {
|
|
49
|
+
/** The round function used internally by the Feistel cipher. */
|
|
50
|
+
return crypto.pbkdf2Sync(Buffer.concat([Buffer.from([i]), passphrase]), Buffer.concat([salt, r]), (constants_1.BASE_ITERATION_COUNT << e) / constants_1.ROUND_COUNT, r.length, 'sha256');
|
|
51
|
+
}
|
|
52
|
+
function _getSalt(identifier, extendable) {
|
|
53
|
+
if (extendable) {
|
|
54
|
+
return Buffer.alloc(0);
|
|
55
|
+
}
|
|
56
|
+
var identifierLen = (0, utils_1.bitsToBytes)(constants_1.ID_LENGTH_BITS);
|
|
57
|
+
var identifierBuf = Buffer.allocUnsafe(identifierLen);
|
|
58
|
+
identifierBuf.writeUIntBE(identifier, 0, identifierLen);
|
|
59
|
+
return Buffer.concat([constants_1.CUSTOMIZATION_STRING_ORIG, identifierBuf]);
|
|
60
|
+
}
|
|
61
|
+
function encrypt(masterSecret, passphrase, iterationExponent, identifier, extendable) {
|
|
62
|
+
if (masterSecret.length % 2 !== 0) {
|
|
63
|
+
throw new Error('The length of the master secret in bytes must be an even number.');
|
|
64
|
+
}
|
|
65
|
+
var l = masterSecret.slice(0, masterSecret.length / 2);
|
|
66
|
+
var r = masterSecret.slice(masterSecret.length / 2);
|
|
67
|
+
var salt = _getSalt(identifier, extendable);
|
|
68
|
+
for (var i = 0; i < constants_1.ROUND_COUNT; i++) {
|
|
69
|
+
var f = _roundFunction(i, passphrase, iterationExponent, salt, r);
|
|
70
|
+
var temp = l;
|
|
71
|
+
l = r;
|
|
72
|
+
r = _xor(temp, f);
|
|
73
|
+
}
|
|
74
|
+
return Buffer.concat([r, l]);
|
|
75
|
+
}
|
|
76
|
+
function decrypt(encryptedMasterSecret, passphrase, iterationExponent, identifier, extendable) {
|
|
77
|
+
if (encryptedMasterSecret.length % 2 !== 0) {
|
|
78
|
+
throw new Error('The length of the encrypted master secret in bytes must be an even number.');
|
|
79
|
+
}
|
|
80
|
+
var l = encryptedMasterSecret.slice(0, encryptedMasterSecret.length / 2);
|
|
81
|
+
var r = encryptedMasterSecret.slice(encryptedMasterSecret.length / 2);
|
|
82
|
+
var salt = _getSalt(identifier, extendable);
|
|
83
|
+
for (var i = constants_1.ROUND_COUNT - 1; i >= 0; i--) {
|
|
84
|
+
var f = _roundFunction(i, passphrase, iterationExponent, salt, r);
|
|
85
|
+
var temp = l;
|
|
86
|
+
l = r;
|
|
87
|
+
r = _xor(temp, f);
|
|
88
|
+
}
|
|
89
|
+
return Buffer.concat([r, l]);
|
|
90
|
+
}
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.DIGEST_INDEX = exports.SECRET_INDEX = exports.ROUND_COUNT = exports.BASE_ITERATION_COUNT = exports.MIN_MNEMONIC_LENGTH_WORDS = exports.MIN_STRENGTH_BITS = exports.METADATA_LENGTH_WORDS = exports.GROUP_PREFIX_LENGTH_WORDS = exports.CUSTOMIZATION_STRING_EXTENDABLE = exports.CUSTOMIZATION_STRING_ORIG = exports.DIGEST_LENGTH_BYTES = exports.CHECKSUM_LENGTH_WORDS = exports.MAX_SHARE_COUNT = exports.ID_EXP_LENGTH_WORDS = exports.ITERATION_EXP_LENGTH_BITS = exports.EXTENDABLE_FLAG_LENGTH_BITS = exports.ID_LENGTH_BITS = exports.RADIX = exports.RADIX_BITS = void 0;
|
|
4
|
+
var utils_1 = require("./utils");
|
|
5
|
+
exports.RADIX_BITS = 10;
|
|
6
|
+
/** The length of the radix in bits. */
|
|
7
|
+
exports.RADIX = Math.pow(2, exports.RADIX_BITS);
|
|
8
|
+
/** The number of words in the wordlist. */
|
|
9
|
+
exports.ID_LENGTH_BITS = 15;
|
|
10
|
+
/** The length of the random identifier in bits. */
|
|
11
|
+
exports.EXTENDABLE_FLAG_LENGTH_BITS = 1;
|
|
12
|
+
/** The length of the extendable backup flag in bits. */
|
|
13
|
+
exports.ITERATION_EXP_LENGTH_BITS = 4;
|
|
14
|
+
/** The length of the iteration exponent in bits. */
|
|
15
|
+
exports.ID_EXP_LENGTH_WORDS = (0, utils_1.bitsToWords)(exports.ID_LENGTH_BITS + exports.EXTENDABLE_FLAG_LENGTH_BITS + exports.ITERATION_EXP_LENGTH_BITS);
|
|
16
|
+
/** The length of the random identifier, extendable backup flag and iteration exponent in words. */
|
|
17
|
+
exports.MAX_SHARE_COUNT = 16;
|
|
18
|
+
/** The maximum number of shares that can be created. */
|
|
19
|
+
exports.CHECKSUM_LENGTH_WORDS = 3;
|
|
20
|
+
/** The length of the RS1024 checksum in words. */
|
|
21
|
+
exports.DIGEST_LENGTH_BYTES = 4;
|
|
22
|
+
/** The length of the digest of the shared secret in bytes. */
|
|
23
|
+
exports.CUSTOMIZATION_STRING_ORIG = Buffer.from('shamir', 'utf8');
|
|
24
|
+
/** The customization string used in the RS1024 checksum and in the PBKDF2 salt for
|
|
25
|
+
shares _without_ the extendable backup flag. */
|
|
26
|
+
exports.CUSTOMIZATION_STRING_EXTENDABLE = Buffer.from('shamir_extendable', 'utf8');
|
|
27
|
+
/** The customization string used in the RS1024 checksum for
|
|
28
|
+
shares _with_ the extendable backup flag. */
|
|
29
|
+
exports.GROUP_PREFIX_LENGTH_WORDS = exports.ID_EXP_LENGTH_WORDS + 1;
|
|
30
|
+
/** The length of the prefix of the mnemonic that is common to a share group. */
|
|
31
|
+
exports.METADATA_LENGTH_WORDS = exports.ID_EXP_LENGTH_WORDS + 2 + exports.CHECKSUM_LENGTH_WORDS;
|
|
32
|
+
/** The length of the mnemonic in words without the share value. */
|
|
33
|
+
exports.MIN_STRENGTH_BITS = 128;
|
|
34
|
+
/** The minimum allowed entropy of the master secret. */
|
|
35
|
+
exports.MIN_MNEMONIC_LENGTH_WORDS = exports.METADATA_LENGTH_WORDS + (0, utils_1.bitsToWords)(exports.MIN_STRENGTH_BITS);
|
|
36
|
+
/** The minimum allowed length of the mnemonic in words. */
|
|
37
|
+
exports.BASE_ITERATION_COUNT = 10000;
|
|
38
|
+
/** The minimum number of iterations to use in PBKDF2. */
|
|
39
|
+
exports.ROUND_COUNT = 4;
|
|
40
|
+
/** The number of rounds to use in the Feistel cipher. */
|
|
41
|
+
exports.SECRET_INDEX = 255;
|
|
42
|
+
/** The index of the share containing the shared secret. */
|
|
43
|
+
exports.DIGEST_INDEX = 254;
|
|
44
|
+
/** The index of the share containing the digest of the shared secret. */
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.UNDETERMINED = exports.RecoveryState = exports.MnemonicError = exports.Share = exports.RANDOM_BYTES = exports.recoverEms = exports.splitEms = exports.generateMnemonics = exports.decodeMnemonics = exports.combineMnemonics = exports.ShareGroup = exports.EncryptedMasterSecret = exports.decrypt = exports.encrypt = void 0;
|
|
4
|
+
var cipher_1 = require("./cipher");
|
|
5
|
+
Object.defineProperty(exports, "encrypt", { enumerable: true, get: function () { return cipher_1.encrypt; } });
|
|
6
|
+
Object.defineProperty(exports, "decrypt", { enumerable: true, get: function () { return cipher_1.decrypt; } });
|
|
7
|
+
var shamir_1 = require("./shamir");
|
|
8
|
+
Object.defineProperty(exports, "EncryptedMasterSecret", { enumerable: true, get: function () { return shamir_1.EncryptedMasterSecret; } });
|
|
9
|
+
Object.defineProperty(exports, "ShareGroup", { enumerable: true, get: function () { return shamir_1.ShareGroup; } });
|
|
10
|
+
Object.defineProperty(exports, "combineMnemonics", { enumerable: true, get: function () { return shamir_1.combineMnemonics; } });
|
|
11
|
+
Object.defineProperty(exports, "decodeMnemonics", { enumerable: true, get: function () { return shamir_1.decodeMnemonics; } });
|
|
12
|
+
Object.defineProperty(exports, "generateMnemonics", { enumerable: true, get: function () { return shamir_1.generateMnemonics; } });
|
|
13
|
+
Object.defineProperty(exports, "splitEms", { enumerable: true, get: function () { return shamir_1.splitEms; } });
|
|
14
|
+
Object.defineProperty(exports, "recoverEms", { enumerable: true, get: function () { return shamir_1.recoverEms; } });
|
|
15
|
+
Object.defineProperty(exports, "RANDOM_BYTES", { enumerable: true, get: function () { return shamir_1.RANDOM_BYTES; } });
|
|
16
|
+
var share_1 = require("./share");
|
|
17
|
+
Object.defineProperty(exports, "Share", { enumerable: true, get: function () { return share_1.Share; } });
|
|
18
|
+
var utils_1 = require("./utils");
|
|
19
|
+
Object.defineProperty(exports, "MnemonicError", { enumerable: true, get: function () { return utils_1.MnemonicError; } });
|
|
20
|
+
var recovery_1 = require("./recovery");
|
|
21
|
+
Object.defineProperty(exports, "RecoveryState", { enumerable: true, get: function () { return recovery_1.RecoveryState; } });
|
|
22
|
+
Object.defineProperty(exports, "UNDETERMINED", { enumerable: true, get: function () { return recovery_1.UNDETERMINED; } });
|
|
@@ -0,0 +1,127 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.RecoveryState = exports.UNDETERMINED = void 0;
|
|
4
|
+
var constants_1 = require("./constants");
|
|
5
|
+
var shamir_1 = require("./shamir");
|
|
6
|
+
var share_1 = require("./share");
|
|
7
|
+
var utils_1 = require("./utils");
|
|
8
|
+
exports.UNDETERMINED = -1;
|
|
9
|
+
var RecoveryState = /** @class */ (function () {
|
|
10
|
+
function RecoveryState() {
|
|
11
|
+
/** Object for keeping track of running Shamir recovery. */
|
|
12
|
+
this.lastShare = null;
|
|
13
|
+
this.groups = new Map();
|
|
14
|
+
this.parameters = null;
|
|
15
|
+
}
|
|
16
|
+
RecoveryState.prototype.groupPrefix = function (groupIndex) {
|
|
17
|
+
/** Return three starting words of a given group. */
|
|
18
|
+
if (!this.lastShare) {
|
|
19
|
+
throw new Error('Add at least one share first');
|
|
20
|
+
}
|
|
21
|
+
// Create a fake share with the requested group index
|
|
22
|
+
var fakeShare = new share_1.Share(this.lastShare.identifier, this.lastShare.extendable, this.lastShare.iterationExponent, groupIndex, this.lastShare.groupThreshold, this.lastShare.groupCount, this.lastShare.index, this.lastShare.memberThreshold, this.lastShare.value);
|
|
23
|
+
return fakeShare.words().slice(0, constants_1.GROUP_PREFIX_LENGTH_WORDS).join(' ');
|
|
24
|
+
};
|
|
25
|
+
RecoveryState.prototype.groupStatus = function (groupIndex) {
|
|
26
|
+
/** Return completion status of given group.
|
|
27
|
+
*
|
|
28
|
+
* Result consists of the number of shares already entered, and the threshold
|
|
29
|
+
* for recovering the group.
|
|
30
|
+
*/
|
|
31
|
+
var group = this.groups.get(groupIndex);
|
|
32
|
+
if (!group || group.isEmpty) {
|
|
33
|
+
return [0, exports.UNDETERMINED];
|
|
34
|
+
}
|
|
35
|
+
return [group.length, group.memberThreshold()];
|
|
36
|
+
};
|
|
37
|
+
RecoveryState.prototype.groupIsComplete = function (groupIndex) {
|
|
38
|
+
/** Check whether a given group is already complete. */
|
|
39
|
+
var group = this.groups.get(groupIndex);
|
|
40
|
+
return group ? group.isComplete() : false;
|
|
41
|
+
};
|
|
42
|
+
RecoveryState.prototype.groupsComplete = function () {
|
|
43
|
+
/** Return the number of groups that are already complete. */
|
|
44
|
+
if (this.parameters === null) {
|
|
45
|
+
return 0;
|
|
46
|
+
}
|
|
47
|
+
var count = 0;
|
|
48
|
+
for (var i = 0; i < this.parameters.groupCount; i++) {
|
|
49
|
+
if (this.groupIsComplete(i)) {
|
|
50
|
+
count++;
|
|
51
|
+
}
|
|
52
|
+
}
|
|
53
|
+
return count;
|
|
54
|
+
};
|
|
55
|
+
RecoveryState.prototype.isComplete = function () {
|
|
56
|
+
/** Check whether the recovery set is complete.
|
|
57
|
+
*
|
|
58
|
+
* That is, at least M groups must be complete, where M is the global threshold.
|
|
59
|
+
*/
|
|
60
|
+
if (this.parameters === null) {
|
|
61
|
+
return false;
|
|
62
|
+
}
|
|
63
|
+
return this.groupsComplete() >= this.parameters.groupThreshold;
|
|
64
|
+
};
|
|
65
|
+
RecoveryState.prototype.matches = function (share) {
|
|
66
|
+
/** Check whether the provided share matches the current set, i.e., has the same
|
|
67
|
+
* common parameters.
|
|
68
|
+
*/
|
|
69
|
+
if (this.parameters === null) {
|
|
70
|
+
return true;
|
|
71
|
+
}
|
|
72
|
+
var shareParams = share.commonParameters();
|
|
73
|
+
return (shareParams.identifier === this.parameters.identifier &&
|
|
74
|
+
shareParams.extendable === this.parameters.extendable &&
|
|
75
|
+
shareParams.iterationExponent === this.parameters.iterationExponent &&
|
|
76
|
+
shareParams.groupThreshold === this.parameters.groupThreshold &&
|
|
77
|
+
shareParams.groupCount === this.parameters.groupCount);
|
|
78
|
+
};
|
|
79
|
+
RecoveryState.prototype.addShare = function (share) {
|
|
80
|
+
/** Add a share to the recovery set. */
|
|
81
|
+
if (!this.matches(share)) {
|
|
82
|
+
throw new utils_1.MnemonicError('This mnemonic is not part of the current set. Please try again.');
|
|
83
|
+
}
|
|
84
|
+
if (!this.groups.has(share.groupIndex)) {
|
|
85
|
+
this.groups.set(share.groupIndex, new shamir_1.ShareGroup());
|
|
86
|
+
}
|
|
87
|
+
var group = this.groups.get(share.groupIndex);
|
|
88
|
+
group.add(share);
|
|
89
|
+
this.lastShare = share;
|
|
90
|
+
if (this.parameters === null) {
|
|
91
|
+
this.parameters = share.commonParameters();
|
|
92
|
+
}
|
|
93
|
+
return true;
|
|
94
|
+
};
|
|
95
|
+
RecoveryState.prototype.has = function (obj) {
|
|
96
|
+
if (!this.matches(obj)) {
|
|
97
|
+
return false;
|
|
98
|
+
}
|
|
99
|
+
if (this.groups.size === 0) {
|
|
100
|
+
return false;
|
|
101
|
+
}
|
|
102
|
+
var group = this.groups.get(obj.groupIndex);
|
|
103
|
+
return group ? group.has(obj) : false;
|
|
104
|
+
};
|
|
105
|
+
RecoveryState.prototype.recover = function (passphrase) {
|
|
106
|
+
/** Recover the master secret, given a passphrase. */
|
|
107
|
+
// Select a subset of shares which meets the thresholds.
|
|
108
|
+
var reducedGroups = new Map();
|
|
109
|
+
for (var _i = 0, _a = this.groups.entries(); _i < _a.length; _i++) {
|
|
110
|
+
var _b = _a[_i], groupIndex = _b[0], group = _b[1];
|
|
111
|
+
if (group.isComplete()) {
|
|
112
|
+
reducedGroups.set(groupIndex, group.getMinimalGroup());
|
|
113
|
+
}
|
|
114
|
+
// some groups have been added so parameters must be known
|
|
115
|
+
if (this.parameters === null) {
|
|
116
|
+
throw new Error('Parameters should be known at this point');
|
|
117
|
+
}
|
|
118
|
+
if (reducedGroups.size >= this.parameters.groupThreshold) {
|
|
119
|
+
break;
|
|
120
|
+
}
|
|
121
|
+
}
|
|
122
|
+
var encryptedMasterSecret = (0, shamir_1.recoverEms)(reducedGroups);
|
|
123
|
+
return encryptedMasterSecret.decrypt(passphrase);
|
|
124
|
+
};
|
|
125
|
+
return RecoveryState;
|
|
126
|
+
}());
|
|
127
|
+
exports.RecoveryState = RecoveryState;
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __spreadArray = (this && this.__spreadArray) || function (to, from, pack) {
|
|
3
|
+
if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {
|
|
4
|
+
if (ar || !(i in from)) {
|
|
5
|
+
if (!ar) ar = Array.prototype.slice.call(from, 0, i);
|
|
6
|
+
ar[i] = from[i];
|
|
7
|
+
}
|
|
8
|
+
}
|
|
9
|
+
return to.concat(ar || Array.prototype.slice.call(from));
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.CHECKSUM_LENGTH_WORDS = void 0;
|
|
13
|
+
exports.createChecksum = createChecksum;
|
|
14
|
+
exports.verifyChecksum = verifyChecksum;
|
|
15
|
+
var constants_1 = require("./constants");
|
|
16
|
+
Object.defineProperty(exports, "CHECKSUM_LENGTH_WORDS", { enumerable: true, get: function () { return constants_1.CHECKSUM_LENGTH_WORDS; } });
|
|
17
|
+
function _polymod(values) {
|
|
18
|
+
var GEN = [
|
|
19
|
+
0xE0E040,
|
|
20
|
+
0x1C1C080,
|
|
21
|
+
0x3838100,
|
|
22
|
+
0x7070200,
|
|
23
|
+
0xE0E0009,
|
|
24
|
+
0x1C0C2412,
|
|
25
|
+
0x38086C24,
|
|
26
|
+
0x3090FC48,
|
|
27
|
+
0x21B1F890,
|
|
28
|
+
0x3F3F120,
|
|
29
|
+
];
|
|
30
|
+
var chk = 1;
|
|
31
|
+
for (var _i = 0, values_1 = values; _i < values_1.length; _i++) {
|
|
32
|
+
var v = values_1[_i];
|
|
33
|
+
var b = chk >> 20;
|
|
34
|
+
chk = ((chk & 0xFFFFF) << 10) ^ v;
|
|
35
|
+
for (var i = 0; i < 10; i++) {
|
|
36
|
+
if ((b >> i) & 1) {
|
|
37
|
+
chk ^= GEN[i];
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
return chk;
|
|
42
|
+
}
|
|
43
|
+
function createChecksum(data, customizationString) {
|
|
44
|
+
var values = __spreadArray(__spreadArray(__spreadArray([], Array.from(customizationString), true), Array.from(data), true), Array(constants_1.CHECKSUM_LENGTH_WORDS).fill(0), true);
|
|
45
|
+
var polymod = _polymod(values) ^ 1;
|
|
46
|
+
var checksum = [];
|
|
47
|
+
for (var i = constants_1.CHECKSUM_LENGTH_WORDS - 1; i >= 0; i--) {
|
|
48
|
+
checksum.push((polymod >> (10 * i)) & 1023);
|
|
49
|
+
}
|
|
50
|
+
return checksum;
|
|
51
|
+
}
|
|
52
|
+
function verifyChecksum(data, customizationString) {
|
|
53
|
+
var values = __spreadArray(__spreadArray([], Array.from(customizationString), true), Array.from(data), true);
|
|
54
|
+
return _polymod(values) === 1;
|
|
55
|
+
}
|