Home Explore Help
Sign In
mmgen
/
mmgen-wallet
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 92019c7a9c
Branches Tags
mmgen-wallet
/
mmgen
/
altcoin
/
util.py

util.py 2.6 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283 
  1. #!/usr/bin/env python3
    2. 

  2. #
    3. 

  3. # MMGen Wallet, a terminal-based cryptocurrency wallet
    4. 

  4. # Copyright (C)2013-2025 The MMGen Project <mmgen@tuta.io>
    5. 

  5. # Licensed under the GNU General Public License, Version 3:
    6. 

  6. #   https://www.gnu.org/licenses
    7. 

  7. # Public project repositories:
    8. 

  8. #   https://github.com/mmgen/mmgen-wallet
    9. 

  9. #   https://gitlab.com/mmgen/mmgen-wallet
    10. 

  10. 

  11. """
    12. 

  12. altcoin.util: various altcoin-related utilities
    13. 

  13. """
    14. 

  14. 

  15. from ..util import die
    16. 

  16. 

  17. def decrypt_keystore(data, passwd, *, mac_algo=None, mac_params={}):
    18. 

  18. 	"""
    19. 

  19. 	Decrypt the encrypted data in a cross-chain keystore
    20. 

  20. 	Returns the decrypted data as a bytestring
    21. 

  21. 	"""
    22. 

  22. 

  23. 	cdata = data['crypto']
    24. 

  24. 	parms = cdata['kdfparams']
    25. 

  25. 

  26. 	valid_kdfs = ['scrypt', 'pbkdf2']
    27. 

  27. 	valid_ciphers = ['aes-128-ctr', 'aes-256-ctr']
    28. 

  28. 

  29. 	if (kdf := cdata['kdf']) not in valid_kdfs:
    30. 

  30. 		die(1, f'unsupported key derivation function {kdf!r} (must be one of {valid_kdfs})')
    31. 

  31. 

  32. 	if (cipher := cdata['cipher']) not in valid_ciphers:
    33. 

  33. 		die(1, f'unsupported cipher {cipher!r} (must be one of {valid_ciphers})')
    34. 

  34. 

  35. 	# Derive encryption key from password:
    36. 

  36. 	if kdf == 'scrypt':
    37. 

  37. 		if not mac_algo:
    38. 

  38. 			die(1, 'the ‘mac_algo’ parameter is required for scrypt kdf')
    39. 

  39. 		from hashlib import scrypt
    40. 

  40. 		hashed_pw = scrypt(
    41. 

  41. 			password = passwd,
    42. 

  42. 			salt     = bytes.fromhex(parms['salt']),
    43. 

  43. 			n        = parms['n'],
    44. 

  44. 			r        = parms['r'],
    45. 

  45. 			p        = parms['p'],
    46. 

  46. 			maxmem   = 0,
    47. 

  47. 			dklen    = parms['dklen'])
    48. 

  48. 	elif kdf == 'pbkdf2':
    49. 

  49. 		if (prf := parms.get('prf')) != 'hmac-sha256':
    50. 

  50. 			die(1, f"unsupported hash function {prf!r} (must be 'hmac-sha256')")
    51. 

  51. 		from cryptography.hazmat.primitives import hashes
    52. 

  52. 		from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
    53. 

  53. 		hashed_pw = PBKDF2HMAC(
    54. 

  54. 			algorithm  = hashes.SHA256(),
    55. 

  55. 			length     = parms['dklen'],
    56. 

  56. 			salt       = bytes.fromhex(parms['salt']),
    57. 

  57. 			iterations = parms['c']
    58. 

  58. 		).derive(passwd)
    59. 

  59. 		# see:
    60. 

  60. 		#   https://github.com/xchainjs/xchainjs-lib.git
    61. 

  61. 		#   https://github.com/xchainjs/foundry-primitives-js.git
    62. 

  62. 		from hashlib import blake2b
    63. 

  63. 		mac_algo = mac_algo or blake2b
    64. 

  64. 		mac_params = mac_params or {'digest_size': 32}
    65. 

  65. 

  66. 	mac = mac_algo(
    67. 

  67. 		hashed_pw[16:32] + bytes.fromhex(cdata['ciphertext']),
    68. 

  68. 		**mac_params
    69. 

  69. 	).digest().hex()
    70. 

  70. 

  71. 	if mac != cdata['mac']:
    72. 

  72. 		die(1, 'incorrect password')
    73. 

  73. 

  74. 	# Decrypt data:
    75. 

  75. 	from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
    76. 

  76. 	from cryptography.hazmat.backends import default_backend
    77. 

  77. 	cipher_len = int(cipher.split('-')[1]) // 8
    78. 

  78. 	c = Cipher(
    79. 

  79. 		algorithms.AES(hashed_pw[:cipher_len]),
    80. 

  80. 		modes.CTR(bytes.fromhex(cdata['cipherparams']['iv'])),
    81. 

  81. 		backend = default_backend())
    82. 

  82. 	encryptor = c.encryptor()
    83. 

  83. 	return encryptor.update(bytes.fromhex(cdata['ciphertext'])) + encryptor.finalize()
    84.