From 84f823ec311b33d815314adf0e0c91aea7538dd2 Mon Sep 17 00:00:00 2001 From: morizon Date: Sat, 7 Oct 2023 15:48:56 +0800 Subject: [PATCH 1/5] fix: bip39 generate mnemonic strength to 256 --- packages/engine/src/index.ts | 4 ++-- packages/engine/src/secret/index.test.ts | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/engine/src/index.ts b/packages/engine/src/index.ts index b35dbf6e370..92931aa0cf7 100644 --- a/packages/engine/src/index.ts +++ b/packages/engine/src/index.ts @@ -206,7 +206,7 @@ class Engine { @backgroundMethod() generateMnemonic(): Promise { - return Promise.resolve(bip39.generateMnemonic()); + return Promise.resolve(bip39.generateMnemonic(256)); } @backgroundMethod() @@ -372,7 +372,7 @@ class Engine { await this.validator.validatePasswordStrength(password); const [usedMnemonic] = await Promise.all([ - this.validator.validateMnemonic(mnemonic || bip39.generateMnemonic()), + this.validator.validateMnemonic(mnemonic || bip39.generateMnemonic(256)), this.validator.validateHDWalletNumber(), ]); diff --git a/packages/engine/src/secret/index.test.ts b/packages/engine/src/secret/index.test.ts index a3f781ec1f4..3f8efff0926 100644 --- a/packages/engine/src/secret/index.test.ts +++ b/packages/engine/src/secret/index.test.ts @@ -781,7 +781,7 @@ test('Basic mnemonic & seed tests', () => { }); test('Mnemonic generation', () => { - const mnemonic = bip39.generateMnemonic(); + const mnemonic = bip39.generateMnemonic(256); const rs = revealableSeedFromMnemonic(mnemonic, password); expect( mnemonicFromEntropy(rs.entropyWithLangPrefixed, password), From e751a73b7d9c92faa534418ee81e408e6a65cc0b Mon Sep 17 00:00:00 2001 From: morizon Date: Sat, 7 Oct 2023 17:15:20 +0800 Subject: [PATCH 2/5] fix: web crypto polyfill --- development/webpackTools.js | 4 ++- packages/app/metro.config.js | 4 ++- packages/ext/development/nextWebpack.js | 4 ++- packages/kit-bg/src/BackgroundApi.ts | 2 ++ .../src/modules3rdParty/cross-crypto/index.js | 16 +++++++++++ .../cross-crypto/index.native.js | 4 +++ .../modules3rdParty/cross-crypto/verify.ts | 28 +++++++++++++++++++ packages/shared/src/polyfills/index.ts | 5 +++- packages/shared/src/utils/assertUtils.ts | 4 ++- 9 files changed, 66 insertions(+), 5 deletions(-) create mode 100644 packages/shared/src/modules3rdParty/cross-crypto/index.js create mode 100644 packages/shared/src/modules3rdParty/cross-crypto/index.native.js create mode 100644 packages/shared/src/modules3rdParty/cross-crypto/verify.ts diff --git a/development/webpackTools.js b/development/webpackTools.js index f3fa0b446b7..8d4b8cd86c3 100644 --- a/development/webpackTools.js +++ b/development/webpackTools.js @@ -335,7 +335,9 @@ function normalizeConfig({ config.resolve.fallback = { ...config.resolve.fallback, - 'crypto': require.resolve('crypto-browserify'), + 'crypto': require.resolve( + '../packages/shared/src/modules3rdParty/cross-crypto', + ), 'stream': require.resolve('stream-browserify'), 'path': false, 'https': false, diff --git a/packages/app/metro.config.js b/packages/app/metro.config.js index a5ac76e907a..f02893eb3ac 100644 --- a/packages/app/metro.config.js +++ b/packages/app/metro.config.js @@ -25,7 +25,9 @@ config.resolver.extraNodeModules = { fs: require.resolve('react-native-level-fs'), path: require.resolve('path-browserify'), stream: require.resolve('readable-stream'), - crypto: require.resolve('react-native-crypto'), + 'crypto': require.resolve( + '@onekeyhq/shared/src/modules3rdParty/cross-crypto/index.native.js', + ), http: require.resolve('stream-http'), https: require.resolve('https-browserify'), net: require.resolve('react-native-tcp-socket'), diff --git a/packages/ext/development/nextWebpack.js b/packages/ext/development/nextWebpack.js index f1ad51c99e2..86cdb027698 100644 --- a/packages/ext/development/nextWebpack.js +++ b/packages/ext/development/nextWebpack.js @@ -24,7 +24,9 @@ function nextWebpack( config.resolve = config.resolve || {}; config.resolve.fallback = { ...config.resolve.fallback, - 'crypto': require.resolve('crypto-browserify'), + 'crypto': require.resolve( + '../../../packages/shared/src/modules3rdParty/cross-crypto', + ), 'stream': require.resolve('stream-browserify'), 'path': false, 'https': false, diff --git a/packages/kit-bg/src/BackgroundApi.ts b/packages/kit-bg/src/BackgroundApi.ts index cbc9bb61733..d0861e16c8b 100644 --- a/packages/kit-bg/src/BackgroundApi.ts +++ b/packages/kit-bg/src/BackgroundApi.ts @@ -1,5 +1,7 @@ /* eslint-disable new-cap */ /* eslint-disable @typescript-eslint/no-unsafe-member-access */ + +// eslint-disable-next-line import/order import { Engine } from '@onekeyhq/engine'; import BackgroundApiBase from './BackgroundApiBase'; diff --git a/packages/shared/src/modules3rdParty/cross-crypto/index.js b/packages/shared/src/modules3rdParty/cross-crypto/index.js new file mode 100644 index 00000000000..e00cfd5ec21 --- /dev/null +++ b/packages/shared/src/modules3rdParty/cross-crypto/index.js @@ -0,0 +1,16 @@ +const crypto = require('crypto-browserify'); + +const nativeCrypto = global.crypto; +if (nativeCrypto) { + nativeCrypto.randomBytes = nativeCrypto.randomBytes || crypto.randomBytes; + crypto.getRandomValues = + crypto.getRandomValues || nativeCrypto.getRandomValues; +} +crypto.$$isOneKeyShim = true; +nativeCrypto.$$isOneKeyShim = true; + +if (process.env.NODE_ENV !== 'production') { + console.log('crypto-browserify polyfilled', crypto, nativeCrypto); +} + +module.exports = crypto; diff --git a/packages/shared/src/modules3rdParty/cross-crypto/index.native.js b/packages/shared/src/modules3rdParty/cross-crypto/index.native.js new file mode 100644 index 00000000000..ea2e26ab2d7 --- /dev/null +++ b/packages/shared/src/modules3rdParty/cross-crypto/index.native.js @@ -0,0 +1,4 @@ +// require.resolve('react-native-crypto') +// react-native-quick-crypto +// react-native-get-random-values +// react-native-randombytes diff --git a/packages/shared/src/modules3rdParty/cross-crypto/verify.ts b/packages/shared/src/modules3rdParty/cross-crypto/verify.ts new file mode 100644 index 00000000000..c2c2290d498 --- /dev/null +++ b/packages/shared/src/modules3rdParty/cross-crypto/verify.ts @@ -0,0 +1,28 @@ +import assert from 'assert'; +import * as crypto from 'crypto'; + +const nativeCrypto = global.crypto; + +// @ts-ignore +assert.ok(nativeCrypto.$$isOneKeyShim, 'nativeCrypto is not polyfilled'); +// @ts-ignore +assert.ok(crypto.$$isOneKeyShim, 'crypto is not polyfilled'); + +assert.equal( + // eslint-disable-next-line @typescript-eslint/unbound-method + nativeCrypto.getRandomValues, + // @ts-ignore + crypto.getRandomValues, + 'getRandomValues is matched', +); + +assert.equal( + // @ts-ignore + nativeCrypto.randomBytes, + crypto.randomBytes, + 'randomBytes is matched', +); + +if (process.env.NODE_ENV !== 'production') { + console.log('cross-crypto verify success!'); +} diff --git a/packages/shared/src/polyfills/index.ts b/packages/shared/src/polyfills/index.ts index 33ad1d7fc97..75f9d1dbaf1 100644 --- a/packages/shared/src/polyfills/index.ts +++ b/packages/shared/src/polyfills/index.ts @@ -1,6 +1,9 @@ -// eslint-disable-next-line import/order +/* eslint-disable import/order */ import './polyfillsPlatform'; +// eslint-disable-next-line import/order +import '../modules3rdParty/cross-crypto/verify'; + import { normalizeRequestLibs } from '../request/normalize'; import timerUtils from '../utils/timerUtils'; diff --git a/packages/shared/src/utils/assertUtils.ts b/packages/shared/src/utils/assertUtils.ts index 2b2e973242f..e70c0b54517 100644 --- a/packages/shared/src/utils/assertUtils.ts +++ b/packages/shared/src/utils/assertUtils.ts @@ -1,3 +1,5 @@ +import assert from 'assert'; + type ErrorType = undefined | string | Error; const check = (statement: any, orError?: ErrorType) => { @@ -25,4 +27,4 @@ const checkIsUndefined = (something: any, orError?: ErrorType) => { ); }; -export { check, checkIsDefined, checkIsUndefined }; +export { assert, check, checkIsDefined, checkIsUndefined }; From 391f9a3bac32392d1510620fa8009777082e9081 Mon Sep 17 00:00:00 2001 From: morizon Date: Sat, 7 Oct 2023 18:36:17 +0800 Subject: [PATCH 3/5] fix: native crypto polyfill --- packages/engine/package.json | 2 +- .../src/modules3rdParty/cross-crypto/index.js | 19 ++++++++---- .../cross-crypto/index.native.js | 29 +++++++++++++++++-- .../modules3rdParty/cross-crypto/verify.ts | 14 ++++----- yarn.lock | 11 ++++++- 5 files changed, 58 insertions(+), 17 deletions(-) diff --git a/packages/engine/package.json b/packages/engine/package.json index 92ab72b9c68..51fd5c194a8 100644 --- a/packages/engine/package.json +++ b/packages/engine/package.json @@ -51,7 +51,7 @@ "bech32": "^2.0.0", "bignumber.js": "^9.0.1", "bip32": "^4.0.0", - "bip39": "^3.0.4", + "bip39": "^3.1.0", "bitcoinforkjs": "git+https://github.com/OneKeyHQ/bitcoinjs-lib.git#feat/remove-npm-lock", "bitcoinjs-message": "^2.2.0", "bs58check": "^2.1.2", diff --git a/packages/shared/src/modules3rdParty/cross-crypto/index.js b/packages/shared/src/modules3rdParty/cross-crypto/index.js index e00cfd5ec21..b2d442ee5cb 100644 --- a/packages/shared/src/modules3rdParty/cross-crypto/index.js +++ b/packages/shared/src/modules3rdParty/cross-crypto/index.js @@ -1,16 +1,23 @@ const crypto = require('crypto-browserify'); -const nativeCrypto = global.crypto; -if (nativeCrypto) { - nativeCrypto.randomBytes = nativeCrypto.randomBytes || crypto.randomBytes; +// **** for test only +// if (process.env.NODE_ENV !== 'production') { +// const getRandomValuesOld = global.crypto.getRandomValues; +// global.crypto.getRandomValues = function (...args) { +// return getRandomValuesOld.apply(global.crypto, args); +// }; +// } + +if (global.crypto) { + global.crypto.randomBytes = global.crypto.randomBytes || crypto.randomBytes; crypto.getRandomValues = - crypto.getRandomValues || nativeCrypto.getRandomValues; + crypto.getRandomValues || global.crypto.getRandomValues; } crypto.$$isOneKeyShim = true; -nativeCrypto.$$isOneKeyShim = true; +global.crypto.$$isOneKeyShim = true; if (process.env.NODE_ENV !== 'production') { - console.log('crypto-browserify polyfilled', crypto, nativeCrypto); + console.log('crypto-browserify polyfilled', crypto, global.crypto); } module.exports = crypto; diff --git a/packages/shared/src/modules3rdParty/cross-crypto/index.native.js b/packages/shared/src/modules3rdParty/cross-crypto/index.native.js index ea2e26ab2d7..c335c478f09 100644 --- a/packages/shared/src/modules3rdParty/cross-crypto/index.native.js +++ b/packages/shared/src/modules3rdParty/cross-crypto/index.native.js @@ -1,4 +1,29 @@ -// require.resolve('react-native-crypto') +// react-native-crypto // react-native-quick-crypto // react-native-get-random-values -// react-native-randombytes +// react-native-randombytes (deprecated) + +if (global.crypto && global.crypto.getRandomValues) { + delete global.crypto.getRandomValues; +} +// shim global.crypto.getRandomValues +require('react-native-get-random-values'); + +const crypto = require('react-native-crypto'); + +const { randomBytes } = require('@noble/hashes/utils'); + +// re-assign randomBytes from global.crypto.getRandomValues +crypto.randomBytes = randomBytes; +crypto.getRandomValues = + crypto.getRandomValues || global.crypto.getRandomValues; +global.crypto.randomBytes = global.crypto.randomBytes || crypto.randomBytes; + +crypto.$$isOneKeyShim = true; +global.crypto.$$isOneKeyShim = true; + +if (process.env.NODE_ENV !== 'production') { + console.log('react-native-crypto polyfilled', crypto, global.crypto); +} + +module.exports = crypto; diff --git a/packages/shared/src/modules3rdParty/cross-crypto/verify.ts b/packages/shared/src/modules3rdParty/cross-crypto/verify.ts index c2c2290d498..281154ebcdc 100644 --- a/packages/shared/src/modules3rdParty/cross-crypto/verify.ts +++ b/packages/shared/src/modules3rdParty/cross-crypto/verify.ts @@ -1,26 +1,26 @@ import assert from 'assert'; import * as crypto from 'crypto'; -const nativeCrypto = global.crypto; +const globalCrypto = global.crypto; // @ts-ignore -assert.ok(nativeCrypto.$$isOneKeyShim, 'nativeCrypto is not polyfilled'); +assert.ok(globalCrypto?.$$isOneKeyShim, 'nativeCrypto is not polyfilled'); // @ts-ignore -assert.ok(crypto.$$isOneKeyShim, 'crypto is not polyfilled'); +assert.ok(crypto?.$$isOneKeyShim, 'crypto is not polyfilled'); assert.equal( // eslint-disable-next-line @typescript-eslint/unbound-method - nativeCrypto.getRandomValues, + globalCrypto.getRandomValues, // @ts-ignore crypto.getRandomValues, - 'getRandomValues is matched', + 'getRandomValues is not matched', ); assert.equal( // @ts-ignore - nativeCrypto.randomBytes, + globalCrypto.randomBytes, crypto.randomBytes, - 'randomBytes is matched', + 'randomBytes is not matched', ); if (process.env.NODE_ENV !== 'production') { diff --git a/yarn.lock b/yarn.lock index ddbc10691b3..ebb00fa72d9 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6597,7 +6597,7 @@ __metadata: bech32: ^2.0.0 bignumber.js: ^9.0.1 bip32: ^4.0.0 - bip39: ^3.0.4 + bip39: ^3.1.0 bitcoinforkjs: "git+https://github.com/OneKeyHQ/bitcoinjs-lib.git#feat/remove-npm-lock" bitcoinjs-message: ^2.2.0 bs58check: ^2.1.2 @@ -13288,6 +13288,15 @@ __metadata: languageName: node linkType: hard +"bip39@npm:^3.1.0": + version: 3.1.0 + resolution: "bip39@npm:3.1.0" + dependencies: + "@noble/hashes": ^1.2.0 + checksum: 1224e763ffc6b097052ed8abd57f0e521ad6d31f1645be0d0a15f4417c13f8461f00e47e9cf7c8c784bd533f4fb1ee3ab020f258c7df45ee5dc722b4b0336cfc + languageName: node + linkType: hard + "bip66@npm:^1.1.0, bip66@npm:^1.1.5": version: 1.1.5 resolution: "bip66@npm:1.1.5" From 6a2efd45402c9dcd1c1615552e91e79cce4a28bd Mon Sep 17 00:00:00 2001 From: morizon Date: Sat, 7 Oct 2023 18:48:48 +0800 Subject: [PATCH 4/5] fix: lint --- development/webpackTools.js | 2 +- packages/ext/development/nextWebpack.js | 2 +- packages/shared/src/modules3rdParty/cross-crypto/verify.ts | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/development/webpackTools.js b/development/webpackTools.js index 8d4b8cd86c3..c801f47abc1 100644 --- a/development/webpackTools.js +++ b/development/webpackTools.js @@ -336,7 +336,7 @@ function normalizeConfig({ config.resolve.fallback = { ...config.resolve.fallback, 'crypto': require.resolve( - '../packages/shared/src/modules3rdParty/cross-crypto', + '@onekeyhq/shared/src/modules3rdParty/cross-crypto/index.js', ), 'stream': require.resolve('stream-browserify'), 'path': false, diff --git a/packages/ext/development/nextWebpack.js b/packages/ext/development/nextWebpack.js index 86cdb027698..60371859681 100644 --- a/packages/ext/development/nextWebpack.js +++ b/packages/ext/development/nextWebpack.js @@ -25,7 +25,7 @@ function nextWebpack( config.resolve.fallback = { ...config.resolve.fallback, 'crypto': require.resolve( - '../../../packages/shared/src/modules3rdParty/cross-crypto', + '@onekeyhq/shared/src/modules3rdParty/cross-crypto/index.js', ), 'stream': require.resolve('stream-browserify'), 'path': false, diff --git a/packages/shared/src/modules3rdParty/cross-crypto/verify.ts b/packages/shared/src/modules3rdParty/cross-crypto/verify.ts index 281154ebcdc..9500c10b183 100644 --- a/packages/shared/src/modules3rdParty/cross-crypto/verify.ts +++ b/packages/shared/src/modules3rdParty/cross-crypto/verify.ts @@ -4,7 +4,7 @@ import * as crypto from 'crypto'; const globalCrypto = global.crypto; // @ts-ignore -assert.ok(globalCrypto?.$$isOneKeyShim, 'nativeCrypto is not polyfilled'); +assert.ok(globalCrypto?.$$isOneKeyShim, 'global crypto is not polyfilled'); // @ts-ignore assert.ok(crypto?.$$isOneKeyShim, 'crypto is not polyfilled'); From 2ef44a8190041eaf464f2bab50ffcaf4e59bbbf4 Mon Sep 17 00:00:00 2001 From: morizon Date: Sat, 7 Oct 2023 20:50:25 +0800 Subject: [PATCH 5/5] fix: lint --- .../src/modules3rdParty/cross-crypto/index.js | 16 ++++++++-------- .../modules3rdParty/cross-crypto/index.native.js | 8 ++++++++ 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/packages/shared/src/modules3rdParty/cross-crypto/index.js b/packages/shared/src/modules3rdParty/cross-crypto/index.js index b2d442ee5cb..e8d35df92fd 100644 --- a/packages/shared/src/modules3rdParty/cross-crypto/index.js +++ b/packages/shared/src/modules3rdParty/cross-crypto/index.js @@ -1,12 +1,12 @@ -const crypto = require('crypto-browserify'); +if (process.env.NODE_ENV !== 'production') { + const getRandomValuesOld = global.crypto.getRandomValues; + global.crypto.getRandomValues = function (...args) { + console.log('------------ call global.crypto.getRandomValues (web)'); + return getRandomValuesOld.apply(global.crypto, args); + }; +} -// **** for test only -// if (process.env.NODE_ENV !== 'production') { -// const getRandomValuesOld = global.crypto.getRandomValues; -// global.crypto.getRandomValues = function (...args) { -// return getRandomValuesOld.apply(global.crypto, args); -// }; -// } +const crypto = require('crypto-browserify'); if (global.crypto) { global.crypto.randomBytes = global.crypto.randomBytes || crypto.randomBytes; diff --git a/packages/shared/src/modules3rdParty/cross-crypto/index.native.js b/packages/shared/src/modules3rdParty/cross-crypto/index.native.js index c335c478f09..d9c046f238d 100644 --- a/packages/shared/src/modules3rdParty/cross-crypto/index.native.js +++ b/packages/shared/src/modules3rdParty/cross-crypto/index.native.js @@ -9,6 +9,14 @@ if (global.crypto && global.crypto.getRandomValues) { // shim global.crypto.getRandomValues require('react-native-get-random-values'); +if (process.env.NODE_ENV !== 'production') { + const getRandomValuesOld = global.crypto.getRandomValues; + global.crypto.getRandomValues = function (...args) { + console.log('------------ call global.crypto.getRandomValues (native)'); + return getRandomValuesOld.apply(global.crypto, args); + }; +} + const crypto = require('react-native-crypto'); const { randomBytes } = require('@noble/hashes/utils');