Skip to content
Snippets Groups Projects

add Auth Encrypted WIF feature

Merged add Auth Encrypted WIF feature
Tortue95:auth_ewif into master
Merged Moul requested to merge Tortue95:auth_ewif into master
Compare
and
4 files
+ 154
53
Compare changes
  • Side-by-side
  • Inline
Files
4
src/auth.py
+ 125
4
from tools import *
from tools import *
 
import nacl.encoding
 
import nacl.signing
 
import nacl.hash
 
import scrypt
 
import pyaes
import getpass
import getpass
import os
import os
@@ -24,7 +29,8 @@ def generate_auth_file(c):
@@ -24,7 +29,8 @@ def generate_auth_file(c):
seed = auth_method(c)
seed = auth_method(c)
with open(file, "w") as f:
with open(file, "w") as f:
f.write(seed)
f.write(seed)
print("Authfile generated for the public key: ", get_publickey_from_seed(seed))
print("Authfile generated for the public key: ",
 
get_publickey_from_seed(seed))
def auth_by_auth_file(c):
def auth_by_auth_file(c):
@@ -56,6 +62,7 @@ def auth_by_seed():
@@ -56,6 +62,7 @@ def auth_by_seed():
def auth_by_scrypt(c):
def auth_by_scrypt(c):
salt = input("Please enter your Scrypt Salt (Secret identifier): ")
salt = input("Please enter your Scrypt Salt (Secret identifier): ")
password = getpass.getpass("Please enter your Scrypt password (masked): ")
password = getpass.getpass("Please enter your Scrypt password (masked): ")
 
if c.contains_definitions('n') and c.contains_definitions('r') and c.contains_definitions('p'):
if c.contains_definitions('n') and c.contains_definitions('r') and c.contains_definitions('p'):
n, r, p = c.get_definition('n'), c.get_definition('r'), c.get_definition('p')
n, r, p = c.get_definition('n'), c.get_definition('r'), c.get_definition('p')
if n.isnumeric() and r.isnumeric() and p.isnumeric():
if n.isnumeric() and r.isnumeric() and p.isnumeric():
@@ -75,6 +82,120 @@ def auth_by_scrypt(c):
@@ -75,6 +82,120 @@ def auth_by_scrypt(c):
def auth_by_wif():
def auth_by_wif():
wif = input("Please enter your WIF address: ")
wif = input("Please enter your WIF or Encrypted WIF address: ")
seed = get_seed_from_wif(wif)
return seed
regex = re.compile('^[1-9A-HJ-NP-Za-km-z]*$')
 
if not re.search(regex, wif):
 
print("Error: the format of WIF is invalid")
 
exit(1)
 
 
wif_bytes = b58_decode(wif)
 
fi = wif_bytes[0:1]
 
 
if fi == b'\x01':
 
return get_seed_from_wifv1(wif)
 
elif fi == b'\x02':
 
password = getpass.getpass("Please enter the " +
 
"password of WIF (masked): ")
 
return get_seed_from_ewifv1(wif, password)
 
 
print("Error: the format of WIF is invalid or unknown")
 
exit(1)
 
 
 
def get_seed_from_scrypt(salt, password, N=4096, r=16, p=1):
 
seed = scrypt.hash(password, salt, N, r, p, 32)
 
seedhex = nacl.encoding.HexEncoder.encode(seed).decode("utf-8")
 
return seedhex
 
 
 
def get_seed_from_wifv1(wif):
 
regex = re.compile('^[1-9A-HJ-NP-Za-km-z]*$')
 
if not re.search(regex, wif):
 
print("Error: the format of WIF is invalid")
 
exit(1)
 
 
wif_bytes = b58_decode(wif)
 
if len(wif_bytes) != 35:
 
print("Error: the size of WIF is invalid")
 
exit(1)
 
 
checksum_from_wif = wif_bytes[-2:]
 
fi = wif_bytes[0:1]
 
seed = wif_bytes[1:-2]
 
seed_fi = wif_bytes[0:-2]
 
 
if fi != b'\x01':
 
print("Error: It's not a WIF format")
 
exit(1)
 
 
# checksum control
 
checksum = nacl.hash.sha256(
 
nacl.hash.sha256(seed_fi, nacl.encoding.RawEncoder),
 
nacl.encoding.RawEncoder)[0:2]
 
if checksum_from_wif != checksum:
 
print("Error: bad checksum of the WIF")
 
exit(1)
 
 
seedhex = nacl.encoding.HexEncoder.encode(seed).decode("utf-8")
 
return seedhex
 
 
 
def get_seed_from_ewifv1(ewif, password):
 
regex = re.compile('^[1-9A-HJ-NP-Za-km-z]*$')
 
if not re.search(regex, ewif):
 
print("Error: the format of EWIF is invalid")
 
exit(1)
 
 
wif_bytes = b58_decode(ewif)
 
if len(wif_bytes) != 39:
 
print("Error: the size of EWIF is invalid")
 
exit(1)
 
 
wif_no_checksum = wif_bytes[0:-2]
 
checksum_from_ewif = wif_bytes[-2:]
 
fi = wif_bytes[0:1]
 
salt = wif_bytes[1:5]
 
encryptedhalf1 = wif_bytes[5:21]
 
encryptedhalf2 = wif_bytes[21:37]
 
 
if fi != b'\x02':
 
print("Error: It's not a EWIF format")
 
exit(1)
 
 
# Checksum Control
 
checksum = nacl.hash.sha256(
 
nacl.hash.sha256(wif_no_checksum, nacl.encoding.RawEncoder),
 
nacl.encoding.RawEncoder)[0:2]
 
if checksum_from_ewif != checksum:
 
print("Error: bad checksum of EWIF address")
 
exit(1)
 
 
# SCRYPT
 
password = password.encode("utf-8")
 
scrypt_seed = scrypt.hash(password, salt, 16384, 8, 8, 64)
 
derivedhalf1 = scrypt_seed[0:32]
 
derivedhalf2 = scrypt_seed[32:64]
 
 
# AES
 
aes = pyaes.AESModeOfOperationECB(derivedhalf2)
 
decryptedhalf1 = aes.decrypt(encryptedhalf1)
 
decryptedhalf2 = aes.decrypt(encryptedhalf2)
 
 
# XOR
 
seed1 = xor_bytes(decryptedhalf1, derivedhalf1[0:16])
 
seed2 = xor_bytes(decryptedhalf2, derivedhalf1[16:32])
 
seed = seed1+seed2
 
seedhex = nacl.encoding.HexEncoder.encode(seed).decode("utf-8")
 
 
# Password Control
 
salt_from_seed = nacl.hash.sha256(
 
nacl.hash.sha256(
 
b58_decode(get_publickey_from_seed(seedhex)),
 
nacl.encoding.RawEncoder),
 
nacl.encoding.RawEncoder)[0:4]
 
if salt_from_seed != salt:
 
print("Error: bad Password of EWIF address")
 
exit(1)
 
 
return seedhex