Merge pull request #26 from leapwallet/update/encryption-library

Update/encryption library
leapwallet · Jun 13, 2024 · 1f54e15 · 1f54e15
2 parents 08c1875 + 143c5cf
commit 1f54e15
Show file tree

Hide file tree

Showing 4 changed files with 80 additions and 70 deletions.
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@leapwallet/leap-keychain",
-  "version": "0.2.4-beta.2",
+  "version": "0.2.5-beta.0",
   "description": "A javascript library for crypto key management",
   "scripts": {
     "test": "jest",
@@ -51,15 +51,16 @@
     "@ethersproject/bytes": "5.7.0",
     "@ethersproject/hdnode": "5.7.0",
     "@ethersproject/wallet": "5.7.0",
+    "@noble/ciphers": "0.5.3",
     "@noble/hashes": "1.1.5",
     "@noble/secp256k1": "1.7.0",
+    "@scure/base": "1.1.6",
     "@scure/bip32": "1.1.1",
     "base64-js": "1.5.1",
     "bech32": "2.0.0",
     "bip32": "2.0.6",
     "bip39": "3.0.4",
     "cosmjs-types": "0.6.1",
-    "crypto-js": "4.1.1",
     "ethereumjs-util": "7.1.5",
     "typedi": "0.10.0",
     "uuid": "9.0.0"

diff --git a/src/encryption-utils/encryption-utils.ts b/src/encryption-utils/encryption-utils.ts
@@ -1,41 +1,70 @@
-import CryptoJS from 'crypto-js';
+//import CryptoJS from 'crypto-js';
+import { cbc } from '@noble/ciphers/aes';
+import { pbkdf2 } from '@noble/hashes/pbkdf2';
+import { randomBytes } from '@noble/ciphers/webcrypto';
+import { sha1 } from '@noble/hashes/sha1';
+import { base64, hex } from '@scure/base';
 
 const keySize = 256;
 
 const new_iterations = 10_000;
 
-export const encrypt = (msg: string, pass: string, iterations?: number): string => {
-  const salt = CryptoJS.lib.WordArray.random(128 / 8);
+// export const encrypt = (msg: string, pass: string, iterations?: number): string => {
+//   const salt = CryptoJS.lib.WordArray.random(128 / 8);
+//
+//   const key = CryptoJS.PBKDF2(pass, salt, {
+//     keySize: keySize / 32,
+//     iterations: iterations ?? new_iterations,
+//   });
+//
+//   const iv = CryptoJS.lib.WordArray.random(128 / 8);
+//
+//   const encrypted = CryptoJS.AES.encrypt(msg, key, {
+//     iv: iv,
+//     padding: CryptoJS.pad.Pkcs7,
+//     mode: CryptoJS.mode.CBC,
+//   });
+//
+//   return salt.toString() + iv.toString() + encrypted.toString();
+// };
+//
+// export const decrypt = (transitmessage: string, pass: string, iterations?: number): string => {
+//   const salt = CryptoJS.enc.Hex.parse(transitmessage.substr(0, 32));
+//   const iv = CryptoJS.enc.Hex.parse(transitmessage.substr(32, 32));
+//   const encrypted = transitmessage.substring(64);
+//
+//   const key = CryptoJS.PBKDF2(pass, salt, {
+//     keySize: keySize / 32,
+//     iterations: iterations ?? new_iterations,
+//   });
+//
+//   return CryptoJS.AES.decrypt(encrypted, key, {
+//     iv: iv,
+//     padding: CryptoJS.pad.Pkcs7,
+//     mode: CryptoJS.mode.CBC,
+//   }).toString(CryptoJS.enc.Utf8);
+// };
 
-  const key = CryptoJS.PBKDF2(pass, salt, {
-    keySize: keySize / 32,
-    iterations: iterations ?? new_iterations,
-  });
-
-  const iv = CryptoJS.lib.WordArray.random(128 / 8);
-
-  const encrypted = CryptoJS.AES.encrypt(msg, key, {
-    iv: iv,
-    padding: CryptoJS.pad.Pkcs7,
-    mode: CryptoJS.mode.CBC,
-  });
-
-  return salt.toString() + iv.toString() + encrypted.toString();
+export const encrypt = (msg: string, pass: string, iterations?: number) => {
+  const salt = randomBytes(128 / 8);
+  const key = pbkdf2(sha1, pass, salt, { c: iterations ?? new_iterations, dkLen: keySize / 8 });
+  const iv = randomBytes(128 / 8);
+  const stream = cbc(key, iv);
+  const encoder = new TextEncoder();
+  const encrypted = stream.encrypt(encoder.encode(msg));
+  const saltString = hex.encode(salt);
+  const ivString = hex.encode(iv);
+  const encryptedString = base64.encode(encrypted);
+  return saltString + ivString + encryptedString;
 };
 
 export const decrypt = (transitmessage: string, pass: string, iterations?: number): string => {
-  const salt = CryptoJS.enc.Hex.parse(transitmessage.substr(0, 32));
-  const iv = CryptoJS.enc.Hex.parse(transitmessage.substr(32, 32));
-  const encrypted = transitmessage.substring(64);
-
-  const key = CryptoJS.PBKDF2(pass, salt, {
-    keySize: keySize / 32,
-    iterations: iterations ?? new_iterations,
-  });
+  const salt = hex.decode(transitmessage.substring(0, 32));
+  const iv = hex.decode(transitmessage.substring(32, 64));
+  const encrypted = base64.decode(transitmessage.substring(64));
 
-  return CryptoJS.AES.decrypt(encrypted, key, {
-    iv: iv,
-    padding: CryptoJS.pad.Pkcs7,
-    mode: CryptoJS.mode.CBC,
-  }).toString(CryptoJS.enc.Utf8);
+  const key = pbkdf2(sha1, pass, salt, { c: iterations ?? new_iterations, dkLen: keySize / 8 });
+  const stream = cbc(key, iv);
+  const decrypted = stream.decrypt(encrypted);
+  return new TextDecoder().decode(decrypted);
 };
diff --git a/tests/encryption-utils.test.ts b/tests/encryption-utils.test.ts
@@ -1,10 +1,17 @@
 import { decrypt, encrypt } from '../src';
 
 describe('encryption-utils', () => {
-  test('encrypt-decrypt', () => {
+  test('encrypt-decrypt-2', () => {
     const originalMessage = 'Hello World';
     const cipher = encrypt(originalMessage, 'password');
     const plain = decrypt(cipher, 'password');
     expect(plain).toBe(originalMessage);
   });
+
+  test('test with non ascii characters', () => {
+    const originalMessage = 'Hello World! 🐸';
+    const cipher = encrypt(originalMessage, 'password');
+    const plain = decrypt(cipher, 'password');
+    expect(plain).toBe(originalMessage);
+  });
 });
diff --git a/yarn.lock b/yarn.lock
@@ -833,6 +833,11 @@
     "@jridgewell/resolve-uri" "3.1.0"
     "@jridgewell/sourcemap-codec" "1.4.14"
 
+"@noble/[email protected]":
+  version "0.5.3"
+  resolved "https://registry.yarnpkg.com/@noble/ciphers/-/ciphers-0.5.3.tgz#48b536311587125e0d0c1535f73ec8375cd76b23"
+  integrity sha512-B0+6IIHiqEs3BPMT0hcRmHvEj2QHOLu+uwt+tqDDeVd0oyVzh7BPrDcPjRnV1PV/5LaknXJJQvOuRGR0zQJz+w==
+
 "@noble/[email protected]", "@noble/hashes@~1.1.3":
   version "1.1.5"
   resolved "https://registry.yarnpkg.com/@noble/hashes/-/hashes-1.1.5.tgz#1a0377f3b9020efe2fae03290bd2a12140c95c11"
@@ -917,6 +922,11 @@
   resolved "https://registry.yarnpkg.com/@protobufjs/utf8/-/utf8-1.1.0.tgz#a777360b5b39a1a2e5106f8e858f2fd2d060c570"
   integrity sha512-Vvn3zZrhQZkkBE8LSuW3em98c0FwgO4nxzv6OdSxPKJIEKY2bGbHn+mhGIPerzI4twdxaP8/0+06HBpwf345Lw==
 
+"@scure/[email protected]":
+  version "1.1.6"
+  resolved "https://registry.yarnpkg.com/@scure/base/-/base-1.1.6.tgz#8ce5d304b436e4c84f896e0550c83e4d88cb917d"
+  integrity sha512-ok9AWwhcgYuGG3Zfhyqg+zwl+Wn5uE+dwC0NV/2qQkx4dABbb/bx96vWu8NSj+BNjjSjno+JRYRjle1jV08k3g==
+
 "@scure/base@~1.1.0":
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/@scure/base/-/base-1.1.1.tgz#ebb651ee52ff84f420097055f4bf46cfba403938"
@@ -1621,13 +1631,6 @@ create-hmac@^1.1.4, create-hmac@^1.1.7:
     safe-buffer "^5.0.1"
     sha.js "^2.4.8"
 
-[email protected]:
-  version "3.1.5"
-  resolved "https://registry.yarnpkg.com/cross-fetch/-/cross-fetch-3.1.5.tgz#e1389f44d9e7ba767907f7af8454787952ab534f"
-  integrity sha512-lvb1SBsI0Z7GDwmuid+mU3kWVBwTVUbe7S0H52yaaAdQOXq2YktTCZdlAcNKFzE6QtRz0snpw9bNiPeOIkkQvw==
-  dependencies:
-    node-fetch "2.6.7"
-
 cross-spawn@^7.0.2, cross-spawn@^7.0.3:
   version "7.0.3"
   resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.3.tgz#f73a85b9d5d41d045551c177e2882d4ac85728a6"
@@ -1637,11 +1640,6 @@ cross-spawn@^7.0.2, cross-spawn@^7.0.3:
     shebang-command "^2.0.0"
     which "^2.0.1"
 
-[email protected]:
-  version "4.1.1"
-  resolved "https://registry.yarnpkg.com/crypto-js/-/crypto-js-4.1.1.tgz#9e485bcf03521041bd85844786b83fb7619736cf"
-  integrity sha512-o2JlM7ydqd3Qk9CA0L4NL6mTzU2sdx96a+oOfPu8Mkl/PK51vSyoi8/rQ8NknZtk44vq15lmhAj9CIAGwgeWKw==
-
 debug@^4.1.0, debug@^4.1.1, debug@^4.3.2:
   version "4.3.4"
   resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.4.tgz#1319f6579357f2338d3337d2cdd4914bb5dcc865"
@@ -2901,13 +2899,6 @@ node-addon-api@^2.0.0:
   resolved "https://registry.yarnpkg.com/node-addon-api/-/node-addon-api-2.0.2.tgz#432cfa82962ce494b132e9d72a15b29f71ff5d32"
   integrity sha512-Ntyt4AIXyaLIuMHF6IOoTakB3K+RWxwtsHNRxllEoA6vPwP9o4866g6YWDLUdnucilZhmkxiHwHr11gAENw+QA==
 
-[email protected]:
-  version "2.6.7"
-  resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.7.tgz#24de9fba827e3b4ae44dc8b20256a379160052ad"
-  integrity sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==
-  dependencies:
-    whatwg-url "^5.0.0"
-
 node-gyp-build@^4.2.0:
   version "4.5.0"
   resolved "https://registry.yarnpkg.com/node-gyp-build/-/node-gyp-build-4.5.0.tgz#7a64eefa0b21112f89f58379da128ac177f20e40"
@@ -3455,11 +3446,6 @@ to-regex-range@^5.0.1:
   dependencies:
     is-number "^7.0.0"
 
-tr46@~0.0.3:
-  version "0.0.3"
-  resolved "https://registry.yarnpkg.com/tr46/-/tr46-0.0.3.tgz#8184fd347dac9cdc185992f3a6622e14b9d9ab6a"
-  integrity sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==
-
 [email protected]:
   version "28.0.5"
   resolved "https://registry.yarnpkg.com/ts-jest/-/ts-jest-28.0.5.tgz#31776f768fba6dfc8c061d488840ed0c8eeac8b9"
@@ -3595,19 +3581,6 @@ walker@^1.0.8:
   dependencies:
     makeerror "1.0.12"
 
-webidl-conversions@^3.0.0:
-  version "3.0.1"
-  resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-3.0.1.tgz#24534275e2a7bc6be7bc86611cc16ae0a5654871"
-  integrity sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==
-
-whatwg-url@^5.0.0:
-  version "5.0.0"
-  resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-5.0.0.tgz#966454e8765462e37644d3626f6742ce8b70965d"
-  integrity sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==
-  dependencies:
-    tr46 "~0.0.3"
-    webidl-conversions "^3.0.0"
-
 which@^2.0.1:
   version "2.0.2"
   resolved "https://registry.yarnpkg.com/which/-/which-2.0.2.tgz#7c6a8dd0a636a0327e10b59c9286eee93f3f51b1"