修改钱包核心代码, 和native端保持一致

This commit is contained in:
CounterFire2023 2023-08-17 16:57:40 +08:00
parent c4a57aeb05
commit 430c696873
8 changed files with 275 additions and 193 deletions

2
Cargo.lock generated
View File

@ -697,6 +697,7 @@ checksum = "3e75f6a532d0fd9f7f13144f392b6ad56a32696bfcd9c78f797f16bbb6f072d6"
name = "rustwallet"
version = "0.1.0"
dependencies = [
"aes-gcm",
"anyhow",
"argon2",
"base64 0.21.0",
@ -706,6 +707,7 @@ dependencies = [
"hex",
"primitive-types",
"qrcodegen",
"rand 0.8.5",
"secp256k1",
"serde",
"serde_json",

View File

@ -30,6 +30,11 @@ wasm-bindgen = "0.2.83"
qrcodegen = "1.8.0"
base64 = "0.21.0"
argon2 = { version = "0.5.0" }
aes-gcm = "0.10.1"
rand = "0.8.5"
[profile.release]
lto = true
[package.metadata.wasm-pack.profile.release]
wasm-opt = false

View File

@ -1 +1,2 @@
AR=/opt/homebrew/opt/llvm/bin/llvm-ar CC=/opt/homebrew/opt/llvm/bin/clang wasm-pack build --target web --release
# AR=/opt/homebrew/opt/llvm/bin/llvm-ar CC=/opt/homebrew/opt/llvm/bin/clang wasm-pack build --target web --release
AR=/opt/homebrew/opt/llvm/bin/llvm-ar CC=/opt/homebrew/opt/llvm/bin/clang wasm-pack build --target nodejs --release

View File

@ -7,7 +7,10 @@
use qr::qr_code::QR;
use utils::pass_utils::{hash_password, verify_password};
use secp256k1::PublicKey;
use secp256k1::SecretKey;
use std::str::FromStr;
use utils::crypto_utils::{hash_password, verify_password, zdecrypt, zencrypt};
use utils::str_utils::{base64_to_hex, hex_to_base64};
use wasm_bindgen::prelude::*;
@ -44,50 +47,31 @@ macro_rules! console_log {
}
#[wasm_bindgen]
pub fn get_public_key(
msg_key: String,
master_key: String,
second_key: Option<String>,
backup_key: Option<String>,
) -> String {
pub fn get_public_key(msg_key: String, master_key: String, second_key: String) -> String {
let rwallet = Wallet {
msg_key,
master_key,
second_key,
backup_key,
};
rwallet.get_public_key().to_string()
}
#[wasm_bindgen]
pub fn generate_sec_key(
msg_key: String,
master_key: String,
second_key: Option<String>,
backup_key: Option<String>,
) -> String {
pub fn generate_sec_key(msg_key: String, master_key: String, second_key: String) -> String {
let rwallet = Wallet {
msg_key,
master_key,
second_key,
backup_key,
};
rwallet.generate_sec_key()
}
#[wasm_bindgen]
pub fn sign(
msg_key: String,
master_key: String,
second_key: Option<String>,
backup_key: Option<String>,
msg: String,
) -> String {
pub fn sign(msg_key: String, master_key: String, second_key: String, msg: String) -> String {
let rwallet = Wallet {
msg_key,
master_key,
second_key,
backup_key,
};
let signature = rwallet.sign(msg);
let r = match signature {
@ -101,15 +85,13 @@ pub fn sign(
pub fn sign_for_tran(
msg_key: String,
master_key: String,
second_key: Option<String>,
backup_key: Option<String>,
second_key: String,
msg: String,
) -> String {
let rwallet = Wallet {
msg_key,
master_key,
second_key,
backup_key,
};
let signature = rwallet.sign_for_tran(msg);
@ -122,18 +104,12 @@ pub fn sign_for_tran(
}
#[wasm_bindgen]
pub fn wget_address(
msg_key: String,
master_key: String,
second_key: Option<String>,
backup_key: Option<String>,
) -> String {
pub fn wget_address(msg_key: String, master_key: String, second_key: String) -> String {
console_log!("wget_address: {}, {}!", msg_key, master_key);
let rwallet = Wallet {
msg_key,
master_key,
second_key,
backup_key,
};
console_log!("wallet: {:?}", rwallet);
let address = rwallet.get_address();
@ -142,64 +118,92 @@ pub fn wget_address(
}
#[wasm_bindgen]
pub fn wencrypt(
msg_key: String,
master_key: String,
second_key: Option<String>,
backup_key: Option<String>,
msg: String,
) -> String {
pub fn wencrypt(msg_key: String, master_key: String, second_key: String, msg: String) -> String {
let rwallet = Wallet {
msg_key,
master_key,
second_key,
backup_key,
};
let r = match rwallet.zencrypt(&msg) {
let pk = rwallet.get_public_key();
let r = match zencrypt(pk, &msg) {
Ok(v) => v,
Err(err) => panic!("Problem encrypt: {:?}", err),
};
r
}
#[wasm_bindgen]
pub fn wdecrypt(
msg_key: String,
master_key: String,
second_key: Option<String>,
backup_key: Option<String>,
msg: String,
) -> String {
pub fn wdecrypt(msg_key: String, master_key: String, second_key: String, msg: String) -> String {
let rwallet = Wallet {
msg_key,
master_key,
second_key,
backup_key,
};
let r = match rwallet.zdecrypt(&msg) {
let pk = rwallet.get_secret_key();
let r = match zdecrypt(pk, &msg) {
Ok(v) => v,
Err(err) => panic!("Problem encrypt: {:?}", err),
};
r
}
#[wasm_bindgen]
pub fn aes_encrypt(content: String, key: String) -> String {
let pass = utils::crypto_utils::keccak256_hash(&key);
let msg_hex = utils::crypto_utils::aes_encrypt(&content, &pass);
msg_hex
}
#[wasm_bindgen]
pub fn aes_decrypt(content: String, key: String) -> String {
let pass = utils::crypto_utils::keccak256_hash(&key);
let msg_hex = utils::crypto_utils::aes_decrypt(&content, &pass);
msg_hex
}
#[wasm_bindgen]
pub fn rencrypt(pk: String, msg: String) -> String {
let public_key = match PublicKey::from_str(&msg) {
Ok(v) => v,
Err(e) => panic!("error parse publickey: {}", e),
};
let msg_encrypt = match zencrypt(public_key, &msg) {
Ok(v) => v,
Err(err) => panic!("error encrypt: {:?}", err),
};
msg_encrypt
}
#[wasm_bindgen]
pub fn rdecrypt(sk: String, msg: String) -> String {
let private_key = match SecretKey::from_str(&sk) {
Ok(v) => v,
Err(e) => panic!("error parse publickey: {}", e),
};
let msg_decrypt = match zdecrypt(private_key, &msg) {
Ok(v) => v,
Err(err) => panic!("error encrypt: {:?}", err),
};
msg_decrypt
}
#[wasm_bindgen]
pub fn generate_qr(content: String) -> String {
QR::parse(&content)
}
#[wasm_bindgen]
pub fn str_deflate(content: String) -> String {
pub fn hex_deflate(content: String) -> String {
hex_to_base64(&content)
}
#[wasm_bindgen]
pub fn str_inflate(content: String) -> String {
pub fn hex_inflate(content: String) -> String {
base64_to_hex(&content)
}
#[wasm_bindgen]
pub fn password_hash(pass: String) -> String {
hash_password(&pass)
pub fn password_hash(pass: String, salt: String) -> String {
hash_password(&pass, &salt)
}
#[wasm_bindgen]

167
src/utils/crypto_utils.rs Normal file
View File

@ -0,0 +1,167 @@
use aes_gcm::{
aead::{generic_array::GenericArray, Aead, KeyInit},
Aes256Gcm,
};
use anyhow::Result;
use argon2::{
password_hash::{rand_core::OsRng, PasswordHash, PasswordHasher, PasswordVerifier, SaltString},
Argon2,
};
use base64::{engine::general_purpose, Engine as _};
use ecies::{decrypt, encrypt};
use rand::prelude::*;
use secp256k1::{PublicKey, SecretKey};
use std::str;
use tiny_keccak::keccak256;
pub fn random_argon2_salt() -> String {
let salt: SaltString = SaltString::generate(&mut OsRng);
salt.as_str().to_string()
}
pub fn hash_password(pass: &str, salt: &str) -> String {
// let salt: SaltString = SaltString::generate(&mut OsRng);
let salt = SaltString::from_b64(salt).expect("error parse salt");
let password = pass.as_bytes();
let password_hash: String = match Argon2::default().hash_password(password, &salt) {
Ok(v) => v.to_string(),
Err(e) => panic!("error hash password: {}", e),
};
general_purpose::STANDARD_NO_PAD.encode(&password_hash)
}
pub fn verify_password(pass: &str, password_hash: &str) -> bool {
let str_tmp = match general_purpose::STANDARD_NO_PAD.decode(password_hash) {
Ok(v) => v,
Err(e) => panic!("error decode base64 str: {}", e),
};
let s = match str::from_utf8(&str_tmp) {
Ok(v) => v,
Err(e) => panic!("Invalid UTF-8 sequence: {}", e),
};
let parsed_hash = match PasswordHash::new(&s) {
Ok(v) => v,
Err(e) => panic!("error parse password hash: {}", e),
};
let password = pass.as_bytes();
Argon2::default()
.verify_password(password, &parsed_hash)
.is_ok()
}
pub fn keccak256_hash(str: &str) -> String {
let data = str.as_bytes();
let hasher = keccak256(data);
hex::encode(&hasher)
}
pub fn hash_pass_client(str: &str) -> String {
let message = str.as_bytes();
let mut eth_message = format!("\x22cebg password pre hash:\n{}", message.len()).into_bytes();
eth_message.extend_from_slice(message);
let hasher = keccak256(&eth_message);
hex::encode(&hasher)
}
pub fn hash_pass_svr(str: &str) -> String {
let message = str.as_bytes();
let mut eth_message = format!("\x23cebg email regist:\n{}", message.len()).into_bytes();
eth_message.extend_from_slice(message);
let hasher = keccak256(&eth_message);
hex::encode(&hasher)
}
//
// This function is used to encrypt a string using AES-256-GCM algorithm
pub fn aes_encrypt(str: &str, key: &str) -> String {
// Convert the input string to bytes
let str_data = str.as_bytes();
// Decode the input key from hex to bytes and create a GenericArray object
let key = hex::decode(&key).expect("Invalid hex string");
let key = GenericArray::from_slice(&key);
// Create an AES-256-GCM cipher with the specified key
let cipher = Aes256Gcm::new(&key);
// Generate a random nonce of 96 bits (12 bytes)
let mut nonce_data = [0u8; 12];
thread_rng().fill_bytes(&mut nonce_data);
let nonce = GenericArray::from_slice(&nonce_data);
// Encrypt the data using the cipher and nonce
let ciphertext = match cipher.encrypt(nonce, str_data) {
Ok(v) => v,
Err(e) => panic!("error encrypt: {}", e),
};
// Encode the ciphertext and nonce as base64 strings
let cipher_str = general_purpose::STANDARD_NO_PAD.encode(&ciphertext);
let nonce_str = general_purpose::STANDARD_NO_PAD.encode(&nonce_data);
// Concatenate the encoded ciphertext and nonce with a period separator and return the result
nonce_str + cipher_str.as_str()
}
pub fn aes_decrypt(str: &str, key: &str) -> String {
let str_data = match general_purpose::STANDARD_NO_PAD.decode(str) {
Ok(v) => v,
Err(e) => panic!("error decode base64 str: {}", e),
};
if str_data.len() < 12 {
panic!("error decrypt: invalid data");
}
let v = 12;
let nonce_data = &str_data[..v];
let cipher_data = &str_data[v..];
let nonce = GenericArray::from_slice(&nonce_data);
let key = hex::decode(&key).expect("Invalid hex string");
let key = GenericArray::from_slice(&key);
let cipher = Aes256Gcm::new(&key);
let plaintext = match cipher.decrypt(nonce, cipher_data) {
Ok(v) => v,
Err(e) => panic!("error decrypt: {}", e),
};
let plaintext = str::from_utf8(&plaintext).expect("err convert to utf8");
plaintext.to_string()
}
// encrypt content with wallet public key
pub fn zencrypt(pk: PublicKey, msg: &str) -> Result<String> {
let pk = &pk.serialize();
let msg = msg.as_bytes();
// println!("msg before encrypt: {:?}", msg);
let msg_encrypt = match encrypt(pk, &msg) {
Ok(v) => v,
Err(e) => panic!("error encrypt content: {}", e),
};
// println!("msg after encrypt: {:?}", &msg_encrypt);
let str_encrypt = hex::encode(&msg_encrypt);
Ok(str_encrypt)
}
// decrypt content with wallet private key
pub fn zdecrypt(sk: SecretKey, msg1: &str) -> Result<String> {
let sk = sk.secret_bytes();
let mut msg: String = msg1.clone().to_string();
if msg.len() % 2 == 1 {
msg = "0".to_owned() + &msg;
}
println!("msg to decrypt: {:?}", &msg);
let msg = match hex::decode(&msg) {
Ok(v) => v,
Err(e) => panic!("error decode hex str: {}", e),
};
let msg_decrypt = match decrypt(&sk, &msg) {
Ok(v) => v,
Err(e) => panic!("error decrypt content: {}", e),
};
// println!("msg after decrypt: {:?}", &msg_decrypt);
// let msg_decrypt = hex::encode(msg_decrypt);
let str_decrypt = match str::from_utf8(&msg_decrypt) {
Ok(v) => v,
Err(e) => panic!("Invalid UTF-8 sequence: {}", e),
};
let result = str_decrypt.to_string();
Ok(result)
}

View File

@ -1,2 +1,2 @@
pub mod pass_utils;
pub mod crypto_utils;
pub mod str_utils;

View File

@ -1,36 +0,0 @@
use argon2::{
password_hash::{rand_core::OsRng, PasswordHash, PasswordHasher, PasswordVerifier, SaltString},
Argon2,
};
use base64::{engine::general_purpose, Engine as _};
use std::str;
pub fn hash_password(pass: &str) -> String {
let salt: SaltString = SaltString::generate(&mut OsRng);
let password = pass.as_bytes();
let password_hash: String = match Argon2::default().hash_password(password, &salt) {
Ok(v) => v.to_string(),
Err(e) => panic!("error hash password: {}", e),
};
general_purpose::STANDARD_NO_PAD.encode(&password_hash)
}
pub fn verify_password(pass: &str, password_hash: &str) -> bool {
let str_tmp = match general_purpose::STANDARD_NO_PAD.decode(password_hash) {
Ok(v) => v,
Err(e) => panic!("error decode base64 str: {}", e),
};
let s = match str::from_utf8(&str_tmp) {
Ok(v) => v,
Err(e) => panic!("Invalid UTF-8 sequence: {}", e),
};
let parsed_hash = match PasswordHash::new(&s) {
Ok(v) => v,
Err(e) => panic!("error parse password hash: {}", e),
};
let password = pass.as_bytes();
Argon2::default()
.verify_password(password, &parsed_hash)
.is_ok()
}

View File

@ -1,10 +1,10 @@
extern crate hex;
use crate::utils::{crypto_utils as crypro_utils, str_utils};
use anyhow::Result;
use core::fmt::Write;
use ecies::{decrypt, encrypt};
use primitive_types::{H160, H256};
use secp256k1::rand::rngs::OsRng;
// use secp256k1::rand::rngs::OsRng;
use secp256k1::{Message, PublicKey, Secp256k1, SecretKey};
use serde::{Deserialize, Serialize};
use shamir_secret_sharing::num_bigint::BigInt;
@ -13,12 +13,31 @@ use std::str;
use std::str::FromStr;
use tiny_keccak::keccak256;
pub fn generate_keypair() -> (SecretKey, PublicKey) {
let secp = Secp256k1::new();
// let mut rng = OsRng::new().expect("OsRng");
secp.generate_keypair(&mut OsRng)
// generate client key
pub fn generate_client_key(password: &str, openid: &str, salt: &str) -> String {
let password = crypro_utils::hash_pass_client(password);
let mut s = String::new();
s.push_str(&password);
s.push_str(openid);
let salt = crypro_utils::keccak256_hash(&salt);
let salt = str_utils::hex_to_base64(&salt);
let pass_hash = crypro_utils::hash_password(&s, &salt);
let key = crypro_utils::keccak256_hash(&pass_hash);
key
}
pub fn local_pass_hasher(password: &str) -> String {
let password = crypro_utils::hash_pass_client(password);
let salt = crypro_utils::random_argon2_salt();
let pass_hash = crypro_utils::hash_password(&password, &salt);
pass_hash
}
// pub fn generate_keypair() -> (SecretKey, PublicKey) {
// let secp = Secp256k1::new();
// secp.generate_keypair(&mut OsRng)
// }
pub fn public_key_address(public_key: &PublicKey) -> H160 {
let public_key = public_key.serialize_uncompressed();
debug_assert_eq!(public_key[0], 0x04);
@ -43,16 +62,16 @@ pub fn get_sss(msg: &str) -> SSS {
}
}
pub fn generate_sss_keypair(msg: &str, skey: &str) -> Vec<String> {
let secret = BigInt::parse_bytes(&skey.as_bytes(), 16).unwrap();
let sss = get_sss(msg);
let shares = sss.split(secret.clone());
let mut shares_str: Vec<String> = Vec::new();
for (_i, v) in &shares {
shares_str.push(v.to_str_radix(16));
}
shares_str
}
// pub fn generate_sss_keypair(msg: &str, skey: &str) -> Vec<String> {
// let secret = BigInt::parse_bytes(&skey.as_bytes(), 16).unwrap();
// let sss = get_sss(msg);
// let shares = sss.split(secret.clone());
// let mut shares_str: Vec<String> = Vec::new();
// for (_i, v) in &shares {
// shares_str.push(v.to_str_radix(16));
// }
// shares_str
// }
pub fn hash_message<S>(message: S) -> H256
where
@ -70,55 +89,17 @@ where
pub struct Wallet {
pub msg_key: String,
pub master_key: String,
pub second_key: Option<String>,
pub backup_key: Option<String>,
pub second_key: String,
}
impl Wallet {
pub fn new(msg: &str) -> Self {
let (secret_key, _pub_key) = generate_keypair();
let s = hex::encode(&secret_key.secret_bytes());
let shares_str = generate_sss_keypair(msg, &s);
// println!("secret key: {:?}", secret_key);
// println!("{:?}", s);
let second_key = shares_str.get(1).map(String::clone);
let backup_key = shares_str.get(2).map(String::clone);
Wallet {
msg_key: msg.to_string(),
master_key: shares_str.get(0).unwrap().to_string(),
second_key: second_key,
backup_key: backup_key,
}
}
pub fn reset_wallet(&self) -> Self {
let secret_key = self.get_secret_key();
let s = hex::encode(&secret_key.secret_bytes());
let shares_str = generate_sss_keypair(&self.msg_key, &s);
let second_key = shares_str.get(1).map(String::clone);
let backup_key = shares_str.get(2).map(String::clone);
Wallet {
msg_key: self.msg_key.clone(),
master_key: shares_str.get(0).unwrap().to_string(),
second_key: second_key,
backup_key: backup_key,
}
}
fn get_secret_key(&self) -> SecretKey {
pub fn get_secret_key(&self) -> SecretKey {
let key_str_0: &str = &self.master_key;
let key0 = BigInt::parse_bytes(&key_str_0.as_bytes(), 16).unwrap();
let kp0: (usize, BigInt) = (1, key0);
let (i, key_str_1) = match (&self.second_key, &self.backup_key) {
(Some(val), _) => (2, val),
(_, Some(val)) => (3, val),
_ => {
panic!("error generate key")
}
};
let key_str_1: &str = &self.second_key;
let key1 = BigInt::parse_bytes(&key_str_1.as_bytes(), 16).unwrap();
let kp1 = (i, key1);
let kp1 = (2, key1);
let _tmp = vec![kp0, kp1];
let sss = get_sss(&self.msg_key);
let secret_b = sss.recover(&_tmp);
@ -166,7 +147,6 @@ impl Wallet {
write!(s, "{:02x}", rv).unwrap();
Ok(s)
}
pub fn sign_for_tran<S>(&self, msg: S) -> Result<(String, i32)>
where
S: AsRef<[u8]>,
@ -185,45 +165,4 @@ impl Wallet {
let recid = _recovery_id.to_i32();
Ok((s, recid))
}
pub fn zencrypt(&self, msg: &str) -> Result<String> {
let pk = self.get_public_key();
let pk = &pk.serialize();
let msg = msg.as_bytes();
// println!("msg before encrypt: {:?}", msg);
let msg_encrypt = match encrypt(pk, &msg) {
Ok(v) => v,
Err(e) => panic!("error encrypt content: {}", e),
};
// println!("msg after encrypt: {:?}", &msg_encrypt);
let str_encrypt = hex::encode(&msg_encrypt);
Ok(str_encrypt)
}
pub fn zdecrypt(&self, msg1: &str) -> Result<String> {
let sk = self.get_secret_key();
let sk = sk.secret_bytes();
let mut msg: String = msg1.clone().to_string();
if msg.len() % 2 == 1 {
msg = "0".to_owned() + &msg;
}
println!("msg to decrypt: {:?}", &msg);
let msg = match hex::decode(&msg) {
Ok(v) => v,
Err(e) => panic!("error decode hex str: {}", e),
};
let msg_decrypt = match decrypt(&sk, &msg) {
Ok(v) => v,
Err(e) => panic!("error decrypt content: {}", e),
};
// println!("msg after decrypt: {:?}", &msg_decrypt);
// let msg_decrypt = hex::encode(msg_decrypt);
let str_decrypt = match str::from_utf8(&msg_decrypt) {
Ok(v) => v,
Err(e) => panic!("Invalid UTF-8 sequence: {}", e),
};
let result = str_decrypt.to_string();
Ok(result)
}
}