nifty-wallet/app/scripts/lib/encryptor.js

var ethUtil = require('ethereumjs-util')

module.exports = {

  // Simple encryption methods:
  encrypt,
  decrypt,

  // More advanced encryption methods:
  keyFromPassword,
  encryptWithKey,
  decryptWithKey,

  // Buffer <-> String methods
  convertArrayBufferViewtoString,
  convertStringToArrayBufferView,

  // Buffer <-> Hex string methods
  serializeBufferForStorage,
  serializeBufferFromStorage,

  // Buffer <-> base64 string methods
  encodeBufferToBase64,
  decodeBase64ToBuffer,
}

// Takes a Pojo, returns encrypted text.
function encrypt (password, dataObj) {
  return keyFromPassword(password)
  .then(function (passwordDerivedKey) {
    return encryptWithKey(passwordDerivedKey, dataObj)
  })
}

function encryptWithKey (key, dataObj) {
  var data = JSON.stringify(dataObj)
  var dataBuffer = convertStringToArrayBufferView(data)
  var vector = global.crypto.getRandomValues(new Uint8Array(16))

  return global.crypto.subtle.encrypt({
    name: 'AES-GCM',
    iv: vector,
  }, key, dataBuffer).then(function(buf){
    var buffer = new Uint8Array(buf)
    var vectorStr = serializeBufferForStorage(vector)
    return serializeBufferForStorage(buffer) + vectorStr
  })
}

// Takes encrypted text, returns the restored Pojo.
function decrypt (password, text) {
  return keyFromPassword(password)
  .then(function (key) {
    return decryptWithKey(key, text)
  })
}

function decryptWithKey (key, text) {
  const parts = text.split('0x')
  const encryptedData = serializeBufferFromStorage(parts[1])
  const vector = serializeBufferFromStorage(parts[2])
  return crypto.subtle.decrypt({name: 'AES-GCM', iv: vector}, key, encryptedData)
  .then(function(result){
    const decryptedData = new Uint8Array(result)
    const decryptedStr = convertArrayBufferViewtoString(decryptedData)
    const decryptedObj = JSON.parse(decryptedStr)
    return decryptedObj
  })
}

function convertStringToArrayBufferView (str) {
  var bytes = new Uint8Array(str.length)
  for (var i = 0; i < str.length; i++) {
    bytes[i] = str.charCodeAt(i)
  }

  return bytes
}

function convertArrayBufferViewtoString (buffer) {
  var str = ''
  for (var i = 0; i < buffer.byteLength; i++) {
    str += String.fromCharCode(buffer[i])
  }

  return str
}

function keyFromPassword (password) {
  var passBuffer = convertStringToArrayBufferView(password)
  return global.crypto.subtle.digest('SHA-256', passBuffer)
  .then(function (passHash){
    return global.crypto.subtle.importKey('raw', passHash, {name: 'AES-GCM'}, false, ['encrypt', 'decrypt'])
  })
}

function serializeBufferFromStorage (str) {
  str = ethUtil.stripHexPrefix(str)
  var buf = new Uint8Array(str.length / 2)
  for (var i = 0; i < str.length; i += 2) {
    var seg = str.substr(i, 2)
    buf[i / 2] = parseInt(seg, 16)
  }
  return buf
}

// Should return a string, ready for storage, in hex format.
function serializeBufferForStorage (buffer) {
  var result = '0x'
  var len = buffer.length || buffer.byteLength
  for (var i = 0; i < len; i++) {
    result += unprefixedHex(buffer[i])
  }
  return result
}

function unprefixedHex (num) {
  var hex = num.toString(16)
  while (hex.length < 2) {
    hex = '0' + hex
  }
  return hex
}

function encodeBufferToBase64 (buf) {
  var b64encoded = btoa(String.fromCharCode.apply(null, buf))
  return b64encoded
}

function decodeBase64ToBuffer (base64) {
  var u8_2 = new Uint8Array(atob(b64encoded).split("")
  .map(function(c) {
    return c.charCodeAt(0)
  }))
}
Got basic encryptor working 2016-10-14 15:59:07 -07:00			`var ethUtil = require('ethereumjs-util')`
Began adding browser-native encryptor module Added new Qunit build process that will browserify the contents of `test/integration/lib` into the QUnit browser, allowing much more modular testing, including unit testing of our modules in our target browsers. Made a basic unit test file of this form for the new encryptor module, which fails miserably because I've only just begun to work with it. I've started with this blog post as a starting point, and will be adjusting it to our needs from there: http://qnimate.com/passphrase-based-encryption-using-web-cryptography-api/ 2016-10-12 20:03:14 -07:00
			`module.exports = {`
Fixed vector usage in encryptor 2016-10-14 16:26:44 -07:00
			`// Simple encryption methods:`
Began adding browser-native encryptor module Added new Qunit build process that will browserify the contents of `test/integration/lib` into the QUnit browser, allowing much more modular testing, including unit testing of our modules in our target browsers. Made a basic unit test file of this form for the new encryptor module, which fails miserably because I've only just begun to work with it. I've started with this blog post as a starting point, and will be adjusting it to our needs from there: http://qnimate.com/passphrase-based-encryption-using-web-cryptography-api/ 2016-10-12 20:03:14 -07:00			`encrypt,`
			`decrypt,`
Fixed vector usage in encryptor 2016-10-14 16:26:44 -07:00
			`// More advanced encryption methods:`
Began adding browser-native encryptor module Added new Qunit build process that will browserify the contents of `test/integration/lib` into the QUnit browser, allowing much more modular testing, including unit testing of our modules in our target browsers. Made a basic unit test file of this form for the new encryptor module, which fails miserably because I've only just begun to work with it. I've started with this blog post as a starting point, and will be adjusting it to our needs from there: http://qnimate.com/passphrase-based-encryption-using-web-cryptography-api/ 2016-10-12 20:03:14 -07:00			`keyFromPassword,`
Got encrypting working, not yet decrypting 2016-10-14 13:21:00 -07:00			`encryptWithKey,`
			`decryptWithKey,`
Fixed vector usage in encryptor 2016-10-14 16:26:44 -07:00
			`// Buffer <-> String methods`
			`convertArrayBufferViewtoString,`
			`convertStringToArrayBufferView,`

			`// Buffer <-> Hex string methods`
Got basic encryptor working 2016-10-14 15:59:07 -07:00			`serializeBufferForStorage,`
			`serializeBufferFromStorage,`
Linted & added salting to vault 2016-10-20 11:33:18 -07:00
			`// Buffer <-> base64 string methods`
			`encodeBufferToBase64,`
			`decodeBase64ToBuffer,`
Began adding browser-native encryptor module Added new Qunit build process that will browserify the contents of `test/integration/lib` into the QUnit browser, allowing much more modular testing, including unit testing of our modules in our target browsers. Made a basic unit test file of this form for the new encryptor module, which fails miserably because I've only just begun to work with it. I've started with this blog post as a starting point, and will be adjusting it to our needs from there: http://qnimate.com/passphrase-based-encryption-using-web-cryptography-api/ 2016-10-12 20:03:14 -07:00			`}`

			`// Takes a Pojo, returns encrypted text.`
			`function encrypt (password, dataObj) {`
Got encrypting working, not yet decrypting 2016-10-14 13:21:00 -07:00			`return keyFromPassword(password)`
			`.then(function (passwordDerivedKey) {`
			`return encryptWithKey(passwordDerivedKey, dataObj)`
			`})`
			`}`

			`function encryptWithKey (key, dataObj) {`
Began adding browser-native encryptor module Added new Qunit build process that will browserify the contents of `test/integration/lib` into the QUnit browser, allowing much more modular testing, including unit testing of our modules in our target browsers. Made a basic unit test file of this form for the new encryptor module, which fails miserably because I've only just begun to work with it. I've started with this blog post as a starting point, and will be adjusting it to our needs from there: http://qnimate.com/passphrase-based-encryption-using-web-cryptography-api/ 2016-10-12 20:03:14 -07:00			`var data = JSON.stringify(dataObj)`
Got encrypting working, not yet decrypting 2016-10-14 13:21:00 -07:00			`var dataBuffer = convertStringToArrayBufferView(data)`
Fixed vector usage in encryptor 2016-10-14 16:26:44 -07:00			`var vector = global.crypto.getRandomValues(new Uint8Array(16))`
Got encrypting working, not yet decrypting 2016-10-14 13:21:00 -07:00
			`return global.crypto.subtle.encrypt({`
			`name: 'AES-GCM',`
Linted 2016-10-14 16:28:08 -07:00			`iv: vector,`
Got basic encryptor working 2016-10-14 15:59:07 -07:00			`}, key, dataBuffer).then(function(buf){`
			`var buffer = new Uint8Array(buf)`
Fixed vector usage in encryptor 2016-10-14 16:26:44 -07:00			`var vectorStr = serializeBufferForStorage(vector)`
			`return serializeBufferForStorage(buffer) + vectorStr`
Began adding browser-native encryptor module Added new Qunit build process that will browserify the contents of `test/integration/lib` into the QUnit browser, allowing much more modular testing, including unit testing of our modules in our target browsers. Made a basic unit test file of this form for the new encryptor module, which fails miserably because I've only just begun to work with it. I've started with this blog post as a starting point, and will be adjusting it to our needs from there: http://qnimate.com/passphrase-based-encryption-using-web-cryptography-api/ 2016-10-12 20:03:14 -07:00			`})`
			`}`

			`// Takes encrypted text, returns the restored Pojo.`
			`function decrypt (password, text) {`
Got encrypting working, not yet decrypting 2016-10-14 13:21:00 -07:00			`return keyFromPassword(password)`
			`.then(function (key) {`
			`return decryptWithKey(key, text)`
			`})`
			`}`
Began adding browser-native encryptor module Added new Qunit build process that will browserify the contents of `test/integration/lib` into the QUnit browser, allowing much more modular testing, including unit testing of our modules in our target browsers. Made a basic unit test file of this form for the new encryptor module, which fails miserably because I've only just begun to work with it. I've started with this blog post as a starting point, and will be adjusting it to our needs from there: http://qnimate.com/passphrase-based-encryption-using-web-cryptography-api/ 2016-10-12 20:03:14 -07:00
Got encrypting working, not yet decrypting 2016-10-14 13:21:00 -07:00			`function decryptWithKey (key, text) {`
Fixed vector usage in encryptor 2016-10-14 16:26:44 -07:00			`const parts = text.split('0x')`
			`const encryptedData = serializeBufferFromStorage(parts[1])`
			`const vector = serializeBufferFromStorage(parts[2])`
Linted 2016-10-14 16:28:08 -07:00			`return crypto.subtle.decrypt({name: 'AES-GCM', iv: vector}, key, encryptedData)`
Got encrypting working, not yet decrypting 2016-10-14 13:21:00 -07:00			`.then(function(result){`
			`const decryptedData = new Uint8Array(result)`
Got basic encryptor working 2016-10-14 15:59:07 -07:00			`const decryptedStr = convertArrayBufferViewtoString(decryptedData)`
Got encrypting working, not yet decrypting 2016-10-14 13:21:00 -07:00			`const decryptedObj = JSON.parse(decryptedStr)`
			`return decryptedObj`
			`})`
Began adding browser-native encryptor module Added new Qunit build process that will browserify the contents of `test/integration/lib` into the QUnit browser, allowing much more modular testing, including unit testing of our modules in our target browsers. Made a basic unit test file of this form for the new encryptor module, which fails miserably because I've only just begun to work with it. I've started with this blog post as a starting point, and will be adjusting it to our needs from there: http://qnimate.com/passphrase-based-encryption-using-web-cryptography-api/ 2016-10-12 20:03:14 -07:00			`}`

			`function convertStringToArrayBufferView (str) {`
			`var bytes = new Uint8Array(str.length)`
			`for (var i = 0; i < str.length; i++) {`
			`bytes[i] = str.charCodeAt(i)`
			`}`

			`return bytes`
			`}`

			`function convertArrayBufferViewtoString (buffer) {`
			`var str = ''`
			`for (var i = 0; i < buffer.byteLength; i++) {`
			`str += String.fromCharCode(buffer[i])`
			`}`

			`return str`
			`}`

			`function keyFromPassword (password) {`
Got encrypting working, not yet decrypting 2016-10-14 13:21:00 -07:00			`var passBuffer = convertStringToArrayBufferView(password)`
			`return global.crypto.subtle.digest('SHA-256', passBuffer)`
			`.then(function (passHash){`
			`return global.crypto.subtle.importKey('raw', passHash, {name: 'AES-GCM'}, false, ['encrypt', 'decrypt'])`
Began adding browser-native encryptor module Added new Qunit build process that will browserify the contents of `test/integration/lib` into the QUnit browser, allowing much more modular testing, including unit testing of our modules in our target browsers. Made a basic unit test file of this form for the new encryptor module, which fails miserably because I've only just begun to work with it. I've started with this blog post as a starting point, and will be adjusting it to our needs from there: http://qnimate.com/passphrase-based-encryption-using-web-cryptography-api/ 2016-10-12 20:03:14 -07:00			`})`
			`}`

Got basic encryptor working 2016-10-14 15:59:07 -07:00			`function serializeBufferFromStorage (str) {`
			`str = ethUtil.stripHexPrefix(str)`
Linted 2016-10-14 16:28:08 -07:00			`var buf = new Uint8Array(str.length / 2)`
			`for (var i = 0; i < str.length; i += 2) {`
Got basic encryptor working 2016-10-14 15:59:07 -07:00			`var seg = str.substr(i, 2)`
Linted 2016-10-14 16:28:08 -07:00			`buf[i / 2] = parseInt(seg, 16)`
Got basic encryptor working 2016-10-14 15:59:07 -07:00			`}`
			`return buf`
			`}`

			`// Should return a string, ready for storage, in hex format.`
			`function serializeBufferForStorage (buffer) {`
			`var result = '0x'`
			`var len = buffer.length \|\| buffer.byteLength`
			`for (var i = 0; i < len; i++) {`
			`result += unprefixedHex(buffer[i])`
			`}`
			`return result`
			`}`

			`function unprefixedHex (num) {`
			`var hex = num.toString(16)`
			`while (hex.length < 2) {`
			`hex = '0' + hex`
			`}`
			`return hex`
			`}`
Linted & added salting to vault 2016-10-20 11:33:18 -07:00
			`function encodeBufferToBase64 (buf) {`
			`var b64encoded = btoa(String.fromCharCode.apply(null, buf))`
			`return b64encoded`
			`}`

			`function decodeBase64ToBuffer (base64) {`
			`var u8_2 = new Uint8Array(atob(b64encoded).split("")`
			`.map(function(c) {`
			`return c.charCodeAt(0)`
			`}))`
			`}`