secrets.js

import secrets from "../lib/secrets";
import { encryptMessage } from "./signingUtilities";
import { encodeResponse } from "./appUtility";
import { getSliceRange } from "./numberUtilities";

/** Initialize
 */
export const initSecrets = (bits, rngType) => secrets.init(bits, rngType);

export const setRNG = rngType => secrets.setRNG(rngType);
export const getSecretsConfig = () => secrets.getConfig();

/**
 * Function generates a random bits length string, and output it in hexadecimal format
 *
 * @param {number} bits
 * @returns {string} hex
 */
export const generateSecret = bits => secrets.random(bits);

/**
 * Divide a secret expressed in hexadecimal form into numShares number of shares, requiring that threshold number of shares be present for reconstructing the secret
 *
 * @param {string} secret
 * @param {number} numShares
 * @param {number} threshold
 * @param {number} [padLength=128]
 * @returns {array}
 */
export const divideSecretToShares = (
  secret,
  numShares,
  threshold,
  padLength = 128
) => secrets.share(secret, numShares, threshold, padLength);

/**
 * Reconstructs a secret from shares
 *
 * @param {array} shares
 * @returns {string}
 */
export const combineSecret = shares => secrets.combine(shares);

export const encryptShare = async (share, publicKey) =>
  await encryptMessage(share, publicKey, "secretPart");

/** Account Recovery key management */

export const getSecretThreshold = sharesNumber =>
  sharesNumber === 3 ? 2 : parseInt(sharesNumber / 2);

export const generateRecoveryKey = () => {
  const recoveryKey = generateSecret(512);
  return recoveryKey;
};

export const getRecoveryKeyShares = (recoveryKey, sharesNumber) => {
  const threshold = getSecretThreshold(sharesNumber);
  return divideSecretToShares(recoveryKey, sharesNumber, threshold);
};

export const checkRecoveryKeyCombine = (recoveryKey, recoveryKeyShares) => {
  let checkKey;
  if (recoveryKeyShares.length > 1) {
    const { beginIndex, endIndex } = getSliceRange(recoveryKeyShares.length);
    checkKey = combineSecret(recoveryKeyShares.slice(beginIndex, endIndex));
    if (checkKey !== recoveryKey) {
      return encodeResponse("400", "", "First sanity check failed");
    }
    checkKey = combineSecret(recoveryKeyShares.slice(0, 1));
    if (checkKey === recoveryKey) {
      return encodeResponse("400", "", "Second sanity check failed");
    }
  }
  checkKey = combineSecret(recoveryKeyShares);
  if (checkKey !== recoveryKey) {
    return encodeResponse("400", "", "Third sanity check failed");
  }

  return encodeResponse("200", "", "Check passed");
};