changes encryption of pkr to airgapped

10 years ago · 9a70047852
3 changed files with 33 additions and 16 deletions
--- a/lib/client/api.js
+++ b/lib/client/api.js
@ -113,7 +113,7 @@ API.prototype._tryToCompleteFromServer = function(data, cb) {
 API.prototype._tryToComplete = function(opts, data, cb) {
  if (opts.pkr) {
-    var pkr = _decryptMessage(opts.pkr, data.sharedEncryptingKey);
+    var pkr = _decryptMessage(opts.pkr,WalletUtils.privateKeyToAESKey(data.roPrivKey));
    if (!pkr) 
      return cb('Could not complete wallet');
@ -219,7 +219,7 @@ API.prototype._initData = function(network, walletPrivKey, m, n) {
  var xPubKey = (new Bitcore.HDPublicKey(xPrivKey)).toString();
  var roPrivKey = xPrivKey.derive('m/1/0').privateKey;
  var rwPrivKey = xPrivKey.derive('m/1/1').privateKey;
-  var sharedEncryptingKey = Bitcore.crypto.Hash.sha256(walletPrivKey.toBuffer()).slice(0, 16).toString('base64');
+  var sharedEncryptingKey = WalletUtils.privateKeyToAESKey(walletPrivKey);
  var copayerId = WalletUtils.xPubToCopayerId(xPubKey);
  var data = {
@ -650,9 +650,8 @@ API.prototype.getEncryptedPublicKeyRing = function(cb) {
  this._loadAndCheck({}, function(err, data) {
    if (err) return cb(err);
    var pkr = JSON.stringify(data.publicKeyRing);
-    return cb(null, _encryptMessage(pkr, data.sharedEncryptingKey));
+    return cb(null, _encryptMessage(pkr, WalletUtils.privateKeyToAESKey(data.roPrivKey)));
  });
 };
--- a/lib/walletutils.js
+++ b/lib/walletutils.js
@ -138,4 +138,9 @@ WalletUtils.decryptMessage = function(cyphertextJson, encryptingKey) {
  return sjcl.decrypt(key, cyphertextJson);
 };
 WalletUtils.privateKeyToAESKey = function(privKey) {
  var pk = Bitcore.PrivateKey.fromString(privKey);
  return Bitcore.crypto.Hash.sha256(pk.toBuffer()).slice(0, 16).toString('base64');
 };
 module.exports = WalletUtils;
--- a/test/integration/clientApi.js
+++ b/test/integration/clientApi.js
@ -519,14 +519,25 @@ describe('client API ', function() {
          };
          clients[1].sendTxProposal(opts, function(err, x) {
            should.not.exist(err);
-            clients[1].getTxProposals({
+
            // Create the proxy, ro, connected, device (2)
            clients[0].export({
              access: 'readonly'
            }, function(err, str) {
              should.not.exist(err);
              clients[2].import(str, function(err, wallet) {
                should.not.exist(err);
                clients[2].getTxProposals({
                  getRawTxps: true
                }, function(err, txs, rawTxps) {
                  should.not.exist(err);
-              clients[1].getEncryptedPublicKeyRing(function(err, pkr) {
+                  clients[2].getEncryptedPublicKeyRing(function(err, pkr) {
                    should.not.exist(err);
                    // Back to the air gapped
                    //
                    // Will trigger _tryToComplete and use pkr
                    // then, needs pkr to verify the txps
                    clients[0].parseTxProposals({
@ -542,6 +553,8 @@ describe('client API ', function() {
            });
          });
        });
      });
    });
    it('should be able export signatures and sign later from a ro client',
      function(done) {
        helpers.createAndJoinWallet(clients, 1, 1, function(err, w) {