Comparing version 0.0.14 to 0.0.15
@@ -8,9 +8,11 @@ var bigi = require('bigi'), | ||
transaction = require('./steemit/operations').transaction, | ||
signature = require('./steemit/signature'), | ||
keyPrivate = require('./steemit/key_private'); | ||
operations = require('./protocol/operations'), | ||
Signature = require('./protocol/signature'), | ||
KeyPrivate = require('./protocol/types/key-private'); | ||
var Auth = {}; | ||
var transaction = operations.transaction; | ||
var signed_transaction = operations.signed_transaction; | ||
Auth.verify = function(name, password, auths){ | ||
Auth.verify = function (name, password, auths) { | ||
var hasKey = false; | ||
@@ -22,3 +24,3 @@ var roles = []; | ||
var pubKeys = this.generateKeys(name, password, roles); | ||
roles.forEach(function(role){ | ||
roles.forEach(function (role) { | ||
if (auths[role][0][0] === pubKeys[role]) { | ||
@@ -31,5 +33,5 @@ hasKey = true; | ||
Auth.generateKeys = function(name, password, roles){ | ||
Auth.generateKeys = function (name, password, roles) { | ||
var pubKeys = {}; | ||
roles.forEach(function(role){ | ||
roles.forEach(function (role) { | ||
var seed = name + role + password; | ||
@@ -41,3 +43,3 @@ var brainKey = seed.trim().split(/[\t\n\v\f\r ]+/).join(' '); | ||
var point = new Point(toPubKey.curve, toPubKey.x, toPubKey.y, toPubKey.z); | ||
var pubBuf = point.getEncoded(toPubKey.compressed); | ||
var pubBuf = point.getEncoded(toPubKey.compressed); | ||
var checksum = crypto.createHash('rmd160').update(pubBuf).digest(); | ||
@@ -50,5 +52,5 @@ var addy = Buffer.concat([pubBuf, checksum.slice(0, 4)]); | ||
Auth.getPrivateKeys = function(name, password, roles){ | ||
Auth.getPrivateKeys = function (name, password, roles) { | ||
var privKeys = {}; | ||
roles.forEach(function(role){ | ||
roles.forEach(function (role) { | ||
privKeys[role] = this.toWif(name, password, role); | ||
@@ -59,7 +61,5 @@ }.bind(this)); | ||
Auth.isWif = function(privWif){ | ||
Auth.isWif = function (privWif) { | ||
var isWif = false; | ||
var bufWif = new Buffer(bs58.decode(privWif)); | ||
//var version = bufWif.readUInt8(0); | ||
//assert.equal(0x80, version, `Expected version ${0x80}, instead got ${version}`); | ||
var privKey = bufWif.slice(0, -4); | ||
@@ -76,3 +76,3 @@ var checksum = bufWif.slice(-4); | ||
Auth.toWif = function(name, password, role){ | ||
Auth.toWif = function (name, password, role) { | ||
var seed = name + role + password; | ||
@@ -89,9 +89,8 @@ var brainKey = seed.trim().split(/[\t\n\v\f\r ]+/).join(' '); | ||
Auth.wifIsValid = function(privWif, pubWif){ | ||
Auth.wifIsValid = function (privWif, pubWif) { | ||
return (this.wifToPublic(privWif) == pubWif); | ||
}; | ||
Auth.wifToPublic = function(privWif){ | ||
var k = new keyPrivate(); | ||
var pubWif = k.fromWif(privWif); | ||
Auth.wifToPublic = function (privWif) { | ||
var pubWif = KeyPrivate.fromWif(privWif); | ||
pubWif = pubWif.toPublic().toString(); | ||
@@ -101,15 +100,19 @@ return pubWif; | ||
Auth.signTransaction = function (trx, keys) { | ||
var signatures = []; | ||
if (trx.signatures) { | ||
signatures = [].concat(trx.signatures); | ||
} | ||
Auth.signTransaction = function(trx, keys) { | ||
trx.signatures = []; | ||
var cid = new Buffer('0000000000000000000000000000000000000000000000000000000000000000', 'hex'); | ||
var cid = new Buffer('0000000000000000000000000000000000000000000000000000000000000000', 'hex'); | ||
var buf = transaction.toBuffer(trx); | ||
var Signature = new signature(); | ||
for (var key in keys) { | ||
var sig = Signature.signBuffer(Buffer.concat([cid, buf]), keys[key]); | ||
trx.signatures.push(sig.toBuffer().toString('hex')) | ||
signatures.push(sig.toBuffer()) | ||
} | ||
return trx; | ||
return signed_transaction.toObject(Object.assign(trx, { signatures: signatures })) | ||
}; | ||
module.exports = Auth; |
{ | ||
"name": "steemauth", | ||
"version": "0.0.14", | ||
"version": "0.0.15", | ||
"description": "", | ||
@@ -35,4 +35,8 @@ "main": "index.js", | ||
"Fabien (https://github.com/adcpm)", | ||
"KaptainKrayola (https://github.com/KaptainKrayola)" | ||
] | ||
"KaptainKrayola (https://github.com/KaptainKrayola)", | ||
"Nilesh Suthar (https://github.com/nil1511)" | ||
], | ||
"devDependencies": { | ||
"steem": "^0.3.17" | ||
} | ||
} |
33
test.js
@@ -1,9 +0,11 @@ | ||
var steemAuth = require('./lib/steemauth'); | ||
var steemAuth = require('./lib/steemauth'), | ||
steem = require('steem'); | ||
var username = process.env.STEEM_USERNAME; | ||
var password = process.env.STEEM_PASSWORD; | ||
var pubWif = process.env.STEEM_POSTING_PUBLIC_WIF; | ||
var privWif = process.env.STEEM_POSTING_PRIVATE_WIF; | ||
var username = process.env.STEEM_USERNAME, | ||
password = process.env.STEEM_PASSWORD, | ||
pubWif = process.env.STEEM_POSTING_PUBLIC_WIF, | ||
privWif = process.env.STEEM_POSTING_PRIVATE_WIF, | ||
memoKey = process.env.STEEM_MEMOKEY_PUBLIC; | ||
var isValid = steemAuth.verify(username, password, {posting: [[pubWif, 1]]}); | ||
var isValid = steemAuth.verify(username, password, { posting: [[pubWif, 1]] }); | ||
console.log(isValid); | ||
@@ -14,6 +16,19 @@ | ||
var toWif = steemAuth.toWif(username, password, 'posting'); | ||
console.log(toWif); | ||
var ownerWif = steemAuth.toWif(username, password, 'owner'); | ||
var memoKeyWif = steemAuth.toWif(username, password, 'memokey'); | ||
var wifIsValid = steemAuth.wifIsValid(privWif, pubWif); | ||
console.log(wifIsValid); | ||
console.log(wifIsValid); | ||
var owner, active, posting, | ||
jsonMetadata = {'profile': { 'name': 'Steem.js'}}; | ||
steem.broadcast.accountUpdate(ownerWif, username, undefined, undefined, undefined, memoKey, jsonMetadata, function (err, result) { | ||
console.log(err, result); | ||
}); | ||
steem.broadcast.vote(privWif, username, 'metrox', 'do-you-need-to-wear-a-bikini-to-swim-with-the-whales', 10000, function(err, result) { | ||
console.log(err, result); | ||
}); |
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
88220
1
18
2473
1