Merge pull request #38 from planetarium/replace-keccak-256

fix: replace keccak256 with @noble/hashes
planetarium · May 16, 2024 · dc0453b · dc0453b
2 parents f88f9d5 + 57484cd
commit dc0453b
Show file tree

Hide file tree

Showing 9 changed files with 21 additions and 30 deletions.
diff --git a/background/package.json b/background/package.json
@@ -10,6 +10,7 @@
     "test": "jest --coverage --detectOpenHandles"
   },
   "dependencies": {
+    "@noble/hashes": "^1.4.0",
     "@planetarium/account": "~4.4.2",
     "@planetarium/bencodex": "0.2.2",
     "@planetarium/tx": "^4.4.2",
@@ -19,7 +20,6 @@
     "core-js": "^3.6.5",
     "decimal.js": "^10.4.3",
     "ethers": "^5.5.1",
-    "keccak256": "^1.0.3",
     "nanoid": "^5.0.7",
     "web3": "^1.6.0"
   },

diff --git a/background/src/utils/aes256.js b/background/src/utils/aes256.js
@@ -1,9 +1,9 @@
 // const crypto = require('crypto')
-import keccak256 from "keccak256"
+import { keccak_256 } from "@noble/hashes/sha3"
 const IV_LENGTH = 16
 export default {
     encrypt: async (text, passphrase) => {
-        const key = await window.crypto.subtle.importKey("raw", Buffer.from(keccak256(passphrase)), {name: 'AES-CBC'}, true, ['encrypt', 'decrypt']);
+        const key = await window.crypto.subtle.importKey("raw", Buffer.from(keccak_256(passphrase)), {name: 'AES-CBC'}, true, ['encrypt', 'decrypt']);
         const iv = window.crypto.getRandomValues(new Uint8Array(IV_LENGTH));
         const encrypted = await window.crypto.subtle.encrypt({
             name: 'AES-CBC',
@@ -21,7 +21,7 @@ export default {
         const textParts = text.split(':')
         const iv = Buffer.from(textParts.shift(), 'hex')
         const encryptedText = Buffer.from(textParts.join(':'), 'hex')
-        const key = await window.crypto.subtle.importKey("raw", Buffer.from(keccak256(passphrase)), {name: 'AES-CBC'}, true, ['encrypt', 'decrypt']);
+        const key = await window.crypto.subtle.importKey("raw", Buffer.from(keccak_256(passphrase)), {name: 'AES-CBC'}, true, ['encrypt', 'decrypt']);
         const decrypted = await window.crypto.subtle.decrypt({
             name: 'AES-CBC',
             iv,

diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
diff --git a/popup/package.json b/popup/package.json
@@ -10,6 +10,7 @@
   },
   "dependencies": {
     "@mdi/font": "^5.9.55",
+    "@noble/hashes": "^1.4.0",
     "@vue/vue3-jest": "27",
     "axios": "^0.21.4",
     "bencodex": "^0.1.2",
@@ -18,7 +19,6 @@
     "countup.js": "^2.8.0",
     "eccrypto": "^1.1.6",
     "ethers": "^6.12.1",
-    "keccak256": "^1.0.6",
     "moment": "^2.30.1",
     "underscore": "^1.13.6",
     "vue": "3",

diff --git a/popup/src/api/background.js b/popup/src/api/background.js
@@ -10,7 +10,7 @@ const callBackground = function(action, method, params = []) {
                     if (res.error == 'NotSignedIn') {
                         location.reload()
                     } else {
-                        console.log('error callBackground', res)
+                        console.log('error callBackground', action, method, params, res)
                         reject(res.error)
                     }
                 } else {

diff --git a/popup/src/components/AccountManager.vue b/popup/src/components/AccountManager.vue
@@ -103,7 +103,7 @@ import AccountSelector from "@/components/buttons/AccountSelector.vue";
 import CopyBtn from "@/components/buttons/CopyBtn.vue";
 
 import rule from "@/utils/rules"
-import keccak256 from "keccak256";
+import { keccak_256 } from "@noble/hashes/sha3";
 import t from "@/utils/i18n"
 import utils from "@/utils/utils";
 import { Wallet } from "ethers";
@@ -261,7 +261,7 @@ export default {
             if (this.pkview.dialog && this.pkview.password) {
                 try {
                     this.pkview.loading = true
-                    let passphrase = keccak256(this.pkview.password).toString('hex')
+                    let passphrase = Buffer.from(keccak_256(this.pkview.password)).toString('hex')
                     let pk = await this.$store.dispatch('Account/getPrivateKey', {
                         address: this.account.address,
                         passphrase: passphrase

diff --git a/popup/src/utils/aes256.js b/popup/src/utils/aes256.js
@@ -1,12 +1,12 @@
 const crypto = require('crypto')
-import keccak256 from "keccak256"
+import { keccak_256 } from "@noble/hashes/sha3"
 const IV_LENGTH = 16
 export default {
     encrypt: (text, passphrase) => {
         const iv = crypto.randomBytes(IV_LENGTH)
         const cipher = crypto.createCipheriv(
             'aes-256-cbc',
-            Buffer.from(keccak256(passphrase)),
+            Buffer.from(keccak_256(passphrase)),
             iv,
         )
         const encrypted = cipher.update(text)
@@ -23,7 +23,7 @@ export default {
         const encryptedText = Buffer.from(textParts.join(':'), 'hex')
         const decipher = crypto.createDecipheriv(
             'aes-256-cbc',
-            Buffer.from(keccak256(passphrase)),
+            Buffer.from(keccak_256(passphrase)),
             iv,
         )
         const decrypted = decipher.update(encryptedText)

diff --git a/popup/src/views/Initiate.vue b/popup/src/views/Initiate.vue
@@ -52,7 +52,7 @@
 <script>
 import rules from "@/utils/rules"
 import t from "@/utils/i18n"
-import keccak256 from "keccak256"
+import { keccak_256 } from "@noble/hashes/sha3"
 import _ from "underscore"
 import InitiateHeader from "@/components/InitiateHeader.vue";
 
@@ -98,7 +98,7 @@ export default {
         t,
         async initiate() {
             if ((await this.$refs['form'].validate()).valid && this.isValidPassword) {
-                let passphrase = keccak256(this.pass1).toString('hex')
+                let passphrase = Buffer.from(keccak_256(this.pass1)).toString('hex')
                 this.$router.replace({
                   name: 'initiateMnemonic',
                   params: {

diff --git a/popup/src/views/Login.vue b/popup/src/views/Login.vue
@@ -37,7 +37,7 @@
 
 <script>
 import { mapGetters } from "vuex";
-import keccak256 from "keccak256"
+import { keccak_256 } from "@noble/hashes/sha3"
 import InitiateHeader from "@/components/InitiateHeader.vue";
 import t from "@/utils/i18n";
 
@@ -68,7 +68,7 @@ export default {
             this.loginError = null
             try {
                 if (this.password) {
-                    let passphrase = keccak256(this.password).toString('hex')
+                    let passphrase = Buffer.from(keccak_256(this.password)).toString('hex')
                     if (await this.$store.dispatch('Account/isValidPassphrase', passphrase)) {
                         await this.$store.dispatch('Account/setPassphrase', passphrase)
                         await this.$store.dispatch('Account/loadAccounts')