Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
//----------- yz-fix add
if(match2&&match2[1]===match2[3]){// add
match2.pop()
}else{
match2=null
}
//------------
decrypted = new Buffer(match2[2].replace(/[\r\n]/g, ''), 'base64')
} else {
var suite = 'aes' + match[1]
var iv = new Buffer(match[2], 'hex')
var cipherText = new Buffer(match[3].replace(/[\r\n]/g, ''), 'base64')
var cipherKey = evp(password, iv.slice(0, 8), parseInt(match[1], 10)).key
var out = []
var cipher = ciphers.createDecipheriv(suite, cipherKey, iv)
out.push(cipher.update(cipherText))
out.push(cipher.final())
decrypted = Buffer.concat(out)
}
var tag = key.match(startRegex)[1]
return {
tag: tag,
data: decrypted
}
}
var passFactor
if (hasLotSeq) {
var hashTarget = Buffer.concat([preFactor, ownerEntropy])
passFactor = hash256(hashTarget)
} else {
passFactor = preFactor
}
var passInt = BigInteger.fromBuffer(passFactor)
var passPoint = curve.G.multiply(passInt).getEncoded(true)
var seedBPass = scrypt(passPoint, Buffer.concat([addressHash, ownerEntropy]), 1024, 1, 1, 64)
var derivedHalf1 = seedBPass.slice(0, 32)
var derivedHalf2 = seedBPass.slice(32, 64)
var decipher = aes.createDecipheriv('aes-256-ecb', derivedHalf2, Buffer.alloc(0))
decipher.setAutoPadding(false)
decipher.end(encryptedPart2)
var decryptedPart2 = decipher.read()
var tmp = xor(decryptedPart2, derivedHalf1.slice(16, 32))
var seedBPart2 = tmp.slice(8, 16)
var decipher2 = aes.createDecipheriv('aes-256-ecb', derivedHalf2, Buffer.alloc(0))
decipher2.setAutoPadding(false)
decipher2.write(encryptedPart1) // first 8 bytes
decipher2.end(tmp.slice(0, 8)) // last 8 bytes
var seedBPart1 = xor(decipher2.read(), derivedHalf1.slice(0, 16))
var seedB = Buffer.concat([seedBPart1, seedBPart2], 24)
var factorB = BigInteger.fromBuffer(hash256(seedB))
var flagByte = buffer.readUInt8(2)
var compressed = flagByte === 0xe0
if (!compressed && flagByte !== 0xc0) throw new Error('Invalid BIP38 compression flag')
var N = scryptParams.N
var r = scryptParams.r
var p = scryptParams.p
var salt = buffer.slice(3, 7)
var scryptBuf = scrypt(passphrase, salt, N, r, p, 64, progressCallback)
var derivedHalf1 = scryptBuf.slice(0, 32)
var derivedHalf2 = scryptBuf.slice(32, 64)
var privKeyBuf = buffer.slice(7, 7 + 32)
var decipher = aes.createDecipheriv('aes-256-ecb', derivedHalf2, NULL)
decipher.setAutoPadding(false)
decipher.end(privKeyBuf)
var plainText = decipher.read()
var privateKey = xor(derivedHalf1, plainText)
// verify salt matches address
var d = BigInteger.fromBuffer(privateKey)
var address = getAddress(d, compressed)
var checksum = hash256(address).slice(0, 4)
assert.deepStrictEqual(salt, checksum)
return {
privateKey: privateKey,
compressed: compressed
}
function cryptoJsDecrypt(message, key, iv) {
assert(message, "Missing cipher text")
message = toBinaryBuffer(message)
const decipher = crypto.createDecipheriv('aes-256-cbc', key, iv)
// decipher.setAutoPadding(true)
message = Buffer.concat([decipher.update(message), decipher.final()])
return message
}
function decrypt (data, password) {
var salt = data.algorithm.decrypt.kde.kdeparams.salt
var iters = parseInt(data.algorithm.decrypt.kde.kdeparams.iters.toString(), 10)
var algo = aesid[data.algorithm.decrypt.cipher.algo.join('.')]
var iv = data.algorithm.decrypt.cipher.iv
var cipherText = data.subjectPrivateKey
var keylen = parseInt(algo.split('-')[1], 10) / 8
var key = compat.pbkdf2Sync(password, salt, iters, keylen)
var cipher = ciphers.createDecipheriv(algo, key, iv)
var out = []
out.push(cipher.update(cipherText))
out.push(cipher.final())
return Buffer.concat(out)
}
function decrypt (data, password) {
var salt = data.algorithm.decrypt.kde.kdeparams.salt
var iters = parseInt(data.algorithm.decrypt.kde.kdeparams.iters.toString(), 10)
var algo = aesid[data.algorithm.decrypt.cipher.algo.join('.')]
var iv = data.algorithm.decrypt.cipher.iv
var cipherText = data.subjectPrivateKey
var keylen = parseInt(algo.split('-')[1], 10) / 8
var key = compat.pbkdf2Sync(password, salt, iters, keylen)
var cipher = ciphers.createDecipheriv(algo, key, iv)
var out = []
out.push(cipher.update(cipherText))
out.push(cipher.final())
return Buffer.concat(out)
}
function decrypt (data, password) {
var salt = data.algorithm.decrypt.kde.kdeparams.salt
var iters = parseInt(data.algorithm.decrypt.kde.kdeparams.iters.toString(), 10)
var algo = aesid[data.algorithm.decrypt.cipher.algo.join('.')]
var iv = data.algorithm.decrypt.cipher.iv
var cipherText = data.subjectPrivateKey
var keylen = parseInt(algo.split('-')[1], 10) / 8
var key = compat.pbkdf2Sync(password, salt, iters, keylen, 'sha1')
var cipher = ciphers.createDecipheriv(algo, key, iv)
var out = []
out.push(cipher.update(cipherText))
out.push(cipher.final())
return Buffer.concat(out)
}
module.exports = function (okey, password) {
var key = okey.toString()
var match = key.match(findProc)
var decrypted
if (!match) {
var match2 = key.match(fullRegex)
decrypted = new Buffer(match2[2].replace(/[\r\n]/g, ''), 'base64')
} else {
var suite = 'aes' + match[1]
var iv = new Buffer(match[2], 'hex')
var cipherText = new Buffer(match[3].replace(/[\r\n]/g, ''), 'base64')
var cipherKey = evp(password, iv.slice(0, 8), parseInt(match[1], 10)).key
var out = []
var cipher = ciphers.createDecipheriv(suite, cipherKey, iv)
out.push(cipher.update(cipherText))
out.push(cipher.final())
decrypted = Buffer.concat(out)
}
var tag = key.match(startRegex)[1]
return {
tag: tag,
data: decrypted
}
}
module.exports = function (okey, password) {
var key = okey.toString()
var match = key.match(findProc)
var decrypted
if (!match) {
var match2 = key.match(fullRegex)
decrypted = new Buffer(match2[2].replace(/[\r\n]/g, ''), 'base64')
} else {
var suite = 'aes' + match[1]
var iv = Buffer.from(match[2], 'hex')
var cipherText = Buffer.from(match[3].replace(/[\r\n]/g, ''), 'base64')
var cipherKey = evp(password, iv.slice(0, 8), parseInt(match[1], 10)).key
var out = []
var cipher = ciphers.createDecipheriv(suite, cipherKey, iv)
out.push(cipher.update(cipherText))
out.push(cipher.final())
decrypted = Buffer.concat(out)
}
var tag = key.match(startRegex)[1]
return {
tag: tag,
data: decrypted
}
}
module.exports = function (okey, password) {
var key = okey.toString()
var match = key.match(findProc)
var decrypted
if (!match) {
var match2 = key.match(fullRegex)
decrypted = new Buffer(match2[2].replace(/[\r\n]/g, ''), 'base64')
} else {
var suite = 'aes' + match[1]
var iv = new Buffer(match[2], 'hex')
var cipherText = new Buffer(match[3].replace(/[\r\n]/g, ''), 'base64')
var cipherKey = evp(password, iv.slice(0, 8), parseInt(match[1], 10)).key
var out = []
var cipher = ciphers.createDecipheriv(suite, cipherKey, iv)
out.push(cipher.update(cipherText))
out.push(cipher.final())
decrypted = Buffer.concat(out)
}
var tag = key.match(startRegex)[1]
return {
tag: tag,
data: decrypted
}
}