Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
options.encryptedSecret = typeof options.encryptedSecret !== "undefined" ? options.encryptedSecret : self.encryptedSecret;
if (options.secret) {
self.secret = options.secret;
}
if (options.primaryPrivateKey) {
throw new blocktrail.WalletDecryptError("specifying primaryPrivateKey has been deprecated");
}
if (options.primarySeed) {
self.primarySeed = options.primarySeed;
} else if (options.secret) {
try {
self.primarySeed = new Buffer(
CryptoJS.AES.decrypt(CryptoJS.format.OpenSSL.parse(options.encryptedPrimarySeed), self.secret).toString(CryptoJS.enc.Utf8), 'base64');
if (!self.primarySeed.length) {
throw new Error();
}
} catch (e) {
throw new blocktrail.WalletDecryptError("Failed to decrypt primarySeed");
}
} else {
// avoid conflicting options
if (options.passphrase && options.password) {
throw new blocktrail.WalletCreateError("Can't specify passphrase and password");
}
// normalize passphrase/password
options.passphrase = options.passphrase || options.password;
try {
console.log(err);
var userData = req.body;
if (obj)
if (obj.hasOwnProperty("adminPass")) {
if (obj.adminPass === userData.adminPass)
isAdminPasswordModified = false;
if (obj.loginPassword === userData.loginPassword)
isPrivateLoginPasswordModified = false;
}
if (userData.repositoryType === "private") {
shell.cd("..");
shell.exec('pwd', {
silent: false
}).stdout;
var isRepoCloned = shell.exec('git clone https://"' + userData.user + ":" + encodeURIComponent(CryptoJS.AES.decrypt(userData.password.toString(), userData.user).toString(CryptoJS.enc.Utf8)) + "@" + userData.repositoryURL.slice(8) + '" repoFolder', {
silent: false
}).stdout;
if (!isRepoCloned.includes("failed")){
shell.cd("repoFolder");
shell.exec('git config --global credential.helper store', {
silent: false
}).stdout;
shell.cd("../vocol/");
shell.exec('pwd', {
silent: false
}).stdout;
if (isAdminPasswordModified || isPrivateLoginPasswordModified) {
if (isPrivateLoginPasswordModified)
export const decrypt = (str: string) => {
const s1 = str.slice(0, 16);
const s2 = str.slice(str.length - 16, str.length);
const key = str.slice(16, str.length - 16);
return crypto.AES.decrypt(key, s1 + s2).toString(crypto.enc.Utf8);
};
decrypt: function (encryptedData, password) {
try {
let decryptedData = cryptoJS.AES.decrypt(encryptedData, password).toString(cryptoJS.enc.Utf8);
return decryptedData;
} catch (error) {
throw new Error('Couldn\'t decrypt the data');
}
}
}
encryptSerializedWallet = (wallet) => {
const { password } = this.state;
const ciphertext = CryptoJS.AES.encrypt(wallet, password);
const ciphertextString = ciphertext.toString();
this.props.encryptSerializedWallet(ciphertextString);
return ciphertextString;
}
export const AesEncrypt = (data, keyArray, ivArray) => {
const encrypted = CryptoJS.AES.encrypt(data, keyArray, { iv: ivArray });
const based64 = encrypted.ciphertext.toString(CryptoJS.enc.Base64);
return base64ToWordArray(based64);
};
export const decrypt = async (file, key) => {
var eKey = await getKey(key);
incrementProgress();
var zip = await JSZip.loadAsync(file);
var metadata = JSON.parse(await zip.file(".meta").async("string"));
var content = await zip.file("file").async("base64");
incrementProgress();
try {
var decrypted = await CryptoJS.AES.decrypt(content, eKey).toString(CryptoJS.enc.Utf8);
} catch {
return {
file: null,
error: "key-incorrect-or-corrupted",
name: null
};
}
incrementProgress();
var sha256HashEncrypted = await getSHA256(content);
var sha256HashUnencrypted = await getSHA256(decrypted);
incrementProgress();
if (await CryptoJS.AES.decrypt(metadata.sha256Before, eKey).toString(CryptoJS.enc.Utf8) === sha256HashUnencrypted && await CryptoJS.AES.decrypt(metadata.sha256After, eKey).toString(CryptoJS.enc.Utf8) === sha256HashEncrypted) {
incrementProgress();
var name = await CryptoJS.AES.decrypt(metadata.filename, eKey).toString(CryptoJS.enc.Utf8);
incrementProgress();
var blob = b64toBlob(decrypted);
const response = await request({
url: 'https://bytebin.lucko.me/' + pasteID,
resolveWithFullResponse: true,
});
if (response && response.statusCode !== 200) {
throw new Error(
'Error when trying to retrieve payload from Pastebin, you may try to use the backup method provided in the verification page or just rest for a while and try again.\n' +
'Status code: ' +
(response && response.statusCode)
);
}
let payload;
try {
payload = JSON.parse(CryptoJS.AES.decrypt(response.body, ctx.message.from.id.toString()).toString(CryptoJS.enc.Utf8));
} catch (error) {
payload = JSON.parse(CryptoJS.AES.decrypt(response.body, 'Public Invitation').toString(CryptoJS.enc.Utf8));
}
if (!payload || !payload.jwt || !payload.gresponse) {
throw new Error();
}
return await verifyUser(payload, ctx);
} catch (err) {
let msg = 'Invalid data from Pastebin, please try again later or use the backup method provided in the verification page.';
if (err.__proto__.toString() === 'Error' && err.message) {
if (err.message === 'Malformed UTF-8 data') {
msg =
"You can't verify account for another person. \nIf you sure you are now trying to verify yourself account instead of others, please try to use the backup method shown in verify page or just rest for a while and try again.";
} else if (err.message === '404 - "Invalid path"') {
decryptBKP(enval: string, pass: string) {
try {
const dek = CryptoJS.AES.decrypt(enval, pass);
return dek.toString(CryptoJS.enc.Utf8);
} catch (e) {
return 'error not json';
}
}
function getEncryptedPermissionsR5(
permissions,
encryptionKey,
generateRandomWordArray
) {
const cipher = CryptoJS.lib.WordArray.create(
[lsbFirstWord(permissions), 0xffffffff, 0x54616462],
12
).concat(generateRandomWordArray(4));
const options = {
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.NoPadding
};
return CryptoJS.AES.encrypt(cipher, encryptionKey, options).ciphertext;
}