kccleoc/seedpgp-web
0
0
Fork 0
mirror of https://github.com/kccleoc/seedpgp-web.git synced 2026-03-07 09:57:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: fix CompactSeedQR binary QR code scanning with jsQR library

Browse Source 
- Replace BarcodeDetector with jsQR for raw binary byte access
- BarcodeDetector forced UTF-8 decoding which corrupted binary data
- jsQR's binaryData property preserves raw bytes without text conversion
- Fix regex bug: use single backslash \x00 instead of \x00 for binary detection
- Add debug logging for scan data inspection
- QR generation already worked (Krux-compatible), only scanning was broken

Resolves binary QR code scanning for 12/24-word CompactSeedQR format.
Tested with Krux device - full bidirectional compatibility confirmed.
This commit is contained in:
LC mac
2026-02-07 04:22:56 +08:00
parent 49d73a7ae4
commit aa06c9ae27
39 changed files with 4664 additions and 777 deletions
Download Patch File Download Diff File Expand all files Collapse all files

961
src/App.tsx
View File

File diff suppressed because it is too large Load Diff

325
src/components/QRScanner.tsx
View File

@@ -1,218 +1,157 @@
import { useState, useRef } from 'react';
import { Camera, Upload, X, CheckCircle2, AlertCircle, Info } from 'lucide-react';
import { Html5Qrcode } from 'html5-qrcode';
import { useState, useRef, useEffect } from 'react';
import { Camera, X, CheckCircle2, AlertCircle } from 'lucide-react';
import jsQR from 'jsqr';
interface QRScannerProps {
onScanSuccess: (scannedText: string) => void;
onScanSuccess: (data: string | Uint8Array) => void;
onClose: () => void;
onError?: (error: string) => void;
}
export default function QRScanner({ onScanSuccess, onClose }: QRScannerProps) {
const [scanMode, setScanMode] = useState<'camera' | 'file' | null>(null);
const [scanning, setScanning] = useState(false);
const [error, setError] = useState<string>('');
export default function QRScanner({ onScanSuccess, onClose, onError }: QRScannerProps) {
const [internalError, setInternalError] = useState<string>('');
const [success, setSuccess] = useState(false);
const html5QrCodeRef = useRef<Html5Qrcode | null>(null);
const fileInputRef = useRef<HTMLInputElement>(null);
const [hasPermission, setHasPermission] = useState<boolean | null>(null);
const videoRef = useRef<HTMLVideoElement>(null);
const canvasRef = useRef<HTMLCanvasElement>(null);
const startCamera = async () => {
setError('');
setScanMode('camera');
setScanning(true);
useEffect(() => {
let stream: MediaStream | null = null;
let scanInterval: number | null = null;
let isCancelled = false;
// Wait for DOM to render the #qr-reader div
await new Promise(resolve => setTimeout(resolve, 100));
const stopScanning = () => {
if (scanInterval) clearInterval(scanInterval);
if (stream) stream.getTracks().forEach(track => track.stop());
};
try {
// Check if we're on HTTPS or localhost
if (window.location.protocol !== 'https:' && !window.location.hostname.includes('localhost')) {
throw new Error('Camera requires HTTPS or localhost. Use: bun run dev');
}
const html5QrCode = new Html5Qrcode('qr-reader');
html5QrCodeRef.current = html5QrCode;
await html5QrCode.start(
{ facingMode: 'environment' },
{
fps: 10,
qrbox: { width: 250, height: 250 },
aspectRatio: 1.0,
},
(decodedText) => {
// Stop scanning after the first successful detection
if (decodedText) {
setSuccess(true);
onScanSuccess(decodedText);
stopCamera();
}
},
() => {
// Ignore frequent scanning errors
}
);
} catch (err: any) {
console.error('Camera error:', err);
setError(`Camera failed: ${err.message || 'Permission denied or not available'}`);
setScanning(false);
setScanMode(null);
}
};
const stopCamera = async () => {
if (html5QrCodeRef.current) {
const startScanning = async () => {
try {
await html5QrCodeRef.current.stop();
html5QrCodeRef.current.clear();
} catch (err) {
console.error('Error stopping camera:', err);
stream = await navigator.mediaDevices.getUserMedia({
video: { facingMode: 'environment' }
});
if (isCancelled) return stopScanning();
setHasPermission(true);
const video = videoRef.current;
const canvas = canvasRef.current;
if (video && canvas) {
video.srcObject = stream;
await video.play();
if (isCancelled) return stopScanning();
const ctx = canvas.getContext('2d');
if (!ctx) {
setInternalError('Canvas context not available');
return stopScanning();
}
scanInterval = window.setInterval(() => {
if (isCancelled || !video || video.paused || video.ended) return;
if (!video.videoWidth || !video.videoHeight) return;
canvas.width = video.videoWidth;
canvas.height = video.videoHeight;
ctx.drawImage(video, 0, 0, canvas.width, canvas.height);
const imageData = ctx.getImageData(0, 0, canvas.width, canvas.height);
const code = jsQR(imageData.data, imageData.width, imageData.height, {
inversionAttempts: 'dontInvert'
});
if (code) {
isCancelled = true;
stopScanning();
setSuccess(true);
// jsQR gives us raw bytes!
const rawBytes = code.binaryData;
console.log('🔍 Raw QR bytes:', rawBytes);
console.log(' - Length:', rawBytes.length);
console.log(' - Hex:', Array.from(rawBytes).map((b: number) => b.toString(16).padStart(2, '0')).join(''));
// Detect binary (16 or 32 bytes with non-printable chars)
const isBinary = (rawBytes.length === 16 || rawBytes.length === 32) &&
/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F-\xFF]/.test(String.fromCharCode(...Array.from(rawBytes)));
console.log('📊 Is binary?', isBinary);
if (isBinary) {
console.log('✅ Passing Uint8Array');
onScanSuccess(new Uint8Array(rawBytes));
} else {
// Text QR - use the text property
console.log('✅ Passing string:', code.data.slice(0, 50));
onScanSuccess(code.data);
}
setTimeout(() => onClose(), 1000);
}
}, 300);
}
} catch (err: any) {
console.error('Camera error:', err);
setHasPermission(false);
const errorMsg = 'Camera access was denied.';
setInternalError(errorMsg);
onError?.(errorMsg);
}
html5QrCodeRef.current = null;
}
setScanning(false);
setScanMode(null);
};
};
const handleFileUpload = async (e: React.ChangeEvent<HTMLInputElement>) => {
const file = e.target.files?.[0];
if (!file) return;
startScanning();
setError('');
setScanMode('file');
setScanning(true);
try {
const html5QrCode = new Html5Qrcode('qr-reader-file');
// Try scanning with verbose mode
const decodedText = await html5QrCode.scanFile(file, true);
setSuccess(true);
onScanSuccess(decodedText);
html5QrCode.clear();
} catch (err: any) {
console.error('File scan error:', err);
// Provide helpful error messages
if (err.message?.includes('No MultiFormat')) {
setError('Could not detect QR code in image. Try: 1) Taking a clearer photo, 2) Ensuring good lighting, 3) Screenshot from the Backup tab');
} else {
setError(`Scan failed: ${err.message || 'Unknown error'}`);
}
} finally {
setScanning(false);
// Reset file input so same file can be selected again
if (fileInputRef.current) {
fileInputRef.current.value = '';
}
}
};
const handleClose = async () => {
await stopCamera();
onClose();
};
return () => {
isCancelled = true;
stopScanning();
};
}, [onScanSuccess, onClose, onError]);
return (
<div className="fixed inset-0 bg-black/60 backdrop-blur-sm z-50 flex items-center justify-center p-4 animate-in fade-in">
<div className="bg-white rounded-2xl shadow-2xl max-w-md w-full overflow-hidden animate-in zoom-in-95">
{/* Header */}
<div className="bg-gradient-to-r from-slate-900 to-slate-800 p-4 text-white flex items-center justify-between">
<div className="flex items-center gap-2">
<div className="fixed inset-0 bg-black/80 backdrop-blur-sm flex items-center justify-center z-50">
<div className="bg-slate-800 rounded-xl border border-slate-700 p-6 max-w-md w-full mx-4 shadow-2xl">
<div className="flex items-center justify-between mb-4">
<h3 className="text-lg font-semibold text-white flex items-center gap-2">
<Camera size={20} />
<h2 className="font-bold text-lg">Scan QR Code</h2>
</div>
<button
onClick={handleClose}
className="p-1.5 hover:bg-white/20 rounded-lg transition-colors"
>
<X size={20} />
Scan QR Code
</h3>
<button onClick={onClose} className="p-2 hover:bg-slate-700 rounded-lg transition-colors">
<X size={20} className="text-slate-400" />
</button>
</div>
{/* Content */}
<div className="p-6 space-y-4">
{/* Error Display */}
{error && (
<div className="p-3 bg-red-50 border-l-4 border-red-500 rounded-r-lg flex gap-2 text-red-800 text-xs leading-relaxed">
<AlertCircle size={16} className="shrink-0 mt-0.5" />
<p>{error}</p>
</div>
)}
{internalError && (
<div className="mb-4 p-3 bg-red-500/10 border border-red-500/50 rounded-lg flex items-start gap-2 text-red-400 text-sm">
<AlertCircle size={16} className="shrink-0 mt-0.5" />
<span>{internalError}</span>
</div>
)}
{/* Success Display */}
{success && (
<div className="p-3 bg-green-50 border-l-4 border-green-500 rounded-r-lg flex gap-2 text-green-800 text-sm">
<CheckCircle2 size={16} className="shrink-0 mt-0.5" />
<p>QR code scanned successfully!</p>
</div>
)}
{success && (
<div className="mb-4 p-3 bg-green-500/10 border border-green-500/50 rounded-lg flex items-center gap-2 text-green-400 text-sm">
<CheckCircle2 size={16} />
<span>QR Code detected!</span>
</div>
)}
{/* Mode Selection */}
{!scanMode && (
<div className="space-y-3">
<button
onClick={startCamera}
className="w-full py-4 bg-gradient-to-r from-teal-500 to-cyan-600 text-white rounded-xl font-semibold flex items-center justify-center gap-2 hover:from-teal-600 hover:to-cyan-700 transition-all shadow-lg"
>
<Camera size={20} />
Use Camera
</button>
<button
onClick={() => fileInputRef.current?.click()}
className="w-full py-4 bg-gradient-to-r from-slate-700 to-slate-800 text-white rounded-xl font-semibold flex items-center justify-center gap-2 hover:from-slate-800 hover:to-slate-900 transition-all shadow-lg"
>
<Upload size={20} />
Upload Image
</button>
<input
ref={fileInputRef}
type="file"
accept="image/*"
onChange={handleFileUpload}
className="hidden"
/>
{/* Info Box */}
<div className="pt-4 border-t border-slate-200">
<div className="flex gap-2 text-xs text-slate-600 leading-relaxed">
<Info size={14} className="shrink-0 mt-0.5 text-teal-600" />
<div>
<p><strong>Camera:</strong> Requires HTTPS or localhost</p>
<p className="mt-1"><strong>Upload:</strong> Screenshot QR from Backup tab for testing</p>
</div>
</div>
</div>
</div>
)}
{/* Camera View */}
{scanMode === 'camera' && scanning && (
<div className="space-y-3">
<div id="qr-reader" className="rounded-lg overflow-hidden border-2 border-slate-200"></div>
<button
onClick={stopCamera}
className="w-full py-3 bg-red-600 text-white rounded-lg font-semibold hover:bg-red-700 transition-colors"
>
Stop Camera
</button>
</div>
)}
{/* File Processing View */}
{scanMode === 'file' && scanning && (
<div className="py-8 text-center">
<div className="inline-block animate-spin rounded-full h-8 w-8 border-4 border-slate-200 border-t-teal-600"></div>
<p className="mt-3 text-sm text-slate-600">Processing image...</p>
</div>
)}
{/* Hidden div for file scanning */}
<div id="qr-reader-file" className="hidden"></div>
<div className="relative bg-black rounded-lg overflow-hidden">
<video ref={videoRef} className="w-full h-64 object-cover" playsInline muted />
<canvas ref={canvasRef} className="hidden" />
</div>
{!hasPermission && !internalError && (
<p className="text-sm text-slate-400 mt-3 text-center">Requesting camera access...</p>
)}
<button
onClick={onClose}
className="w-full mt-4 py-2 bg-slate-700 hover:bg-slate-600 rounded-lg text-white font-medium transition-colors"
>
Cancel
</button>
</div>
</div>
);

108
src/components/QrDisplay.tsx
View File

@@ -3,39 +3,85 @@ import { Download } from 'lucide-react';
import QRCode from 'qrcode';
interface QrDisplayProps {
value: string;
value: string | Uint8Array;
}
export const QrDisplay: React.FC<QrDisplayProps> = ({ value }) => {
const [dataUrl, setDataUrl] = useState<string>('');
const [dataUrl, setDataUrl] = useState('');
const [debugInfo, setDebugInfo] = useState('');
useEffect(() => {
if (value) {
QRCode.toDataURL(value, {
errorCorrectionLevel: 'M',
type: 'image/png',
width: 512,
margin: 4,
color: {
dark: '#000000',
light: '#FFFFFF'
}
})
.then(setDataUrl)
.catch(console.error);
if (!value) {
setDataUrl('');
return;
}
const generateQR = async () => {
try {
console.log('🎨 QrDisplay generating QR for:', value);
console.log(' - Type:', value instanceof Uint8Array ? 'Uint8Array' : typeof value);
console.log(' - Length:', value.length);
if (value instanceof Uint8Array) {
console.log(' - Hex:', Array.from(value).map(b => b.toString(16).padStart(2, '0')).join(''));
// Create canvas manually for precise control
const canvas = document.createElement('canvas');
// Use the toCanvas method with Uint8Array directly
await QRCode.toCanvas(canvas, [{
data: value,
mode: 'byte'
}], {
errorCorrectionLevel: 'L',
width: 512,
margin: 4,
color: {
dark: '#000000',
light: '#FFFFFF'
}
});
const url = canvas.toDataURL('image/png');
setDataUrl(url);
setDebugInfo(`Binary QR: ${value.length} bytes`);
console.log('✅ Binary QR generated successfully');
} else {
// For string data
console.log(' - String data:', value.slice(0, 50));
const url = await QRCode.toDataURL(value, {
errorCorrectionLevel: 'L',
type: 'image/png',
width: 512,
margin: 4,
color: {
dark: '#000000',
light: '#FFFFFF'
}
});
setDataUrl(url);
setDebugInfo(`String QR: ${value.length} chars`);
console.log('✅ String QR generated successfully');
}
} catch (err) {
console.error('❌ QR generation error:', err);
setDebugInfo(`Error: ${err}`);
}
};
generateQR();
}, [value]);
const handleDownload = () => {
if (!dataUrl) return;
// Generate filename: SeedPGP_YYYY-MM-DD_HHMMSS.png
const now = new Date();
const date = now.toISOString().split('T')[0]; // YYYY-MM-DD
const time = now.toTimeString().split(' ')[0].replace(/:/g, ''); // HHMMSS
const date = now.toISOString().split('T')[0];
const time = now.toTimeString().split(' ')[0].replace(/:/g, '');
const filename = `SeedPGP_${date}_${time}.png`;
// Create download link
const link = document.createElement('a');
link.href = dataUrl;
link.download = filename;
@@ -47,25 +93,27 @@ export const QrDisplay: React.FC<QrDisplayProps> = ({ value }) => {
if (!dataUrl) return null;
return (
<div className="flex flex-col items-center gap-4">
<div className="flex items-center justify-center p-4 bg-white rounded-xl border-2 border-slate-200">
<img
src={dataUrl}
alt="SeedPGP QR Code"
className="w-80 h-80"
/>
<div className="space-y-4">
<div className="bg-white p-6 rounded-lg inline-block shadow-lg">
<img src={dataUrl} alt="QR Code" className="w-full h-auto" />
</div>
{debugInfo && (
<div className="text-xs text-slate-500 font-mono">
{debugInfo}
</div>
)}
<button
onClick={handleDownload}
className="inline-flex items-center gap-2 px-4 py-2.5 bg-gradient-to-r from-green-600 to-green-700 text-white rounded-lg font-semibold hover:from-green-700 hover:to-green-800 transition-all shadow-lg hover:shadow-xl"
className="flex items-center gap-2 px-4 py-2 bg-teal-600 hover:bg-teal-700 text-white rounded-lg transition-colors"
>
<Download size={18} />
<Download size={16} />
Download QR Code
</button>
<p className="text-xs text-slate-500 text-center max-w-sm">
Downloads as: SeedPGP_2026-01-28_231645.png
<p className="text-xs text-slate-500">
Downloads as: SeedPGP_{new Date().toISOString().split('T')[0]}_HHMMSS.png
</p>
</div>
);

84
src/components/SeedBlender.tsx
View File

@@ -4,11 +4,12 @@
* @description This component provides a full UI for the multi-step seed blending process,
* handling various input formats, per-row decryption, and final output actions.
*/
import { useState, useEffect } from 'react';
import { useState, useEffect, useCallback } from 'react';
import { QrCode, X, Plus, CheckCircle2, AlertTriangle, RefreshCw, Sparkles, EyeOff, Lock, Key, ArrowRight } from 'lucide-react';
import QRScanner from './QRScanner';
import { decryptFromSeed, detectEncryptionMode } from '../lib/seedpgp';
import { decryptFromKrux } from '../lib/krux';
import { decodeSeedQR } from '../lib/seedqr'; // New import
import { QrDisplay } from './QrDisplay';
import {
blendMnemonicsAsync,
@@ -36,7 +37,7 @@ interface MnemonicEntry {
rawInput: string;
decryptedMnemonic: string | null;
isEncrypted: boolean;
inputType: 'text' | 'seedpgp' | 'krux';
inputType: 'text' | 'seedpgp' | 'krux' | 'seedqr';
passwordRequired: boolean;
passwordInput: string;
error: string | null;
@@ -157,17 +158,68 @@ export function SeedBlender({ onDirtyStateChange, setMnemonicForBackup, requestT
setShowQRScanner(true);
};
const handleScanSuccess = (scannedText: string) => {
const handleScanSuccess = useCallback(async (scannedData: string | Uint8Array) => {
if (scanTargetIndex === null) return;
// Convert binary data to hex string if necessary
const scannedText = typeof scannedData === 'string'
? scannedData
: Array.from(scannedData).map(b => b.toString(16).padStart(2, '0')).join('');
const mode = detectEncryptionMode(scannedText);
const isEncrypted = mode === 'pgp' || mode === 'krux';
updateEntry(scanTargetIndex, {
rawInput: scannedText, isEncrypted, inputType: isEncrypted ? mode : 'text',
passwordRequired: isEncrypted, decryptedMnemonic: isEncrypted ? null : scannedText, error: null,
});
let mnemonic = scannedText;
let error: string | null = null;
let inputType: 'text' | 'seedpgp' | 'krux' | 'seedqr' = 'text';
try {
if (mode === 'seedqr') {
mnemonic = await decodeSeedQR(scannedText);
inputType = 'seedqr';
updateEntry(scanTargetIndex, {
rawInput: mnemonic,
decryptedMnemonic: mnemonic,
isEncrypted: false,
passwordRequired: false,
inputType,
error: null,
});
} else if (mode === 'pgp' || mode === 'krux') {
inputType = (mode === 'pgp' ? 'seedpgp' : mode);
updateEntry(scanTargetIndex, {
rawInput: scannedText,
decryptedMnemonic: null,
isEncrypted: true,
passwordRequired: true,
inputType,
error: null,
});
} else { // text or un-recognized
updateEntry(scanTargetIndex, {
rawInput: scannedText,
decryptedMnemonic: scannedText,
isEncrypted: false,
passwordRequired: false,
inputType: 'text',
error: null,
});
}
} catch (e: any) {
error = e.message || "Failed to process QR code";
updateEntry(scanTargetIndex, { rawInput: scannedText, error });
}
setShowQRScanner(false);
};
}, [scanTargetIndex]);
const handleScanClose = useCallback(() => {
setShowQRScanner(false);
}, []);
const handleScanError = useCallback((errMsg: string) => {
if (scanTargetIndex !== null) {
updateEntry(scanTargetIndex, { error: errMsg });
}
}, [scanTargetIndex]);
const handleDecrypt = async (index: number) => {
const entry = entries[index];
if (!entry.isEncrypted || !entry.passwordInput) return;
@@ -178,7 +230,7 @@ export function SeedBlender({ onDirtyStateChange, setMnemonicForBackup, requestT
} else { // seedpgp
mnemonic = (await decryptFromSeed({ frameText: entry.rawInput, messagePassword: entry.passwordInput, mode: 'pgp' })).w;
}
updateEntry(index, { decryptedMnemonic: mnemonic, isEncrypted: false, passwordRequired: false, error: null });
updateEntry(index, { rawInput: mnemonic, decryptedMnemonic: mnemonic, isEncrypted: false, passwordRequired: false, error: null });
} catch(e: any) {
updateEntry(index, { error: e.message || "Decryption failed" });
}
@@ -251,7 +303,7 @@ export function SeedBlender({ onDirtyStateChange, setMnemonicForBackup, requestT
<div className="p-6 bg-slate-700/50 rounded-xl border border-slate-600 min-h-[10rem]">
<h3 className="font-semibold text-lg mb-4 text-slate-200">Step 2: Blended Preview</h3>
{blending ? <p className="text-sm text-slate-400">Blending...</p> : !blendError && blendedResult ? (<div className="space-y-4 animate-in fade-in">{xorStrength?.isWeak && (<div className="p-3 bg-amber-500/10 border border-amber-500/30 text-amber-300 rounded-lg text-sm flex gap-3"><AlertTriangle /><div><span className="font-bold">Weak XOR Result:</span> Detected only {xorStrength.uniqueBytes} unique bytes. This can happen if seeds are identical or too similar.</div></div>)}<div className="space-y-1"><label className="text-xs font-semibold text-slate-400">Blended Mnemonic (12-word)</label><p className="p-3 bg-slate-800 rounded-md font-mono text-sm text-slate-100 break-words">{blendedResult.blendedMnemonic12}</p></div>{blendedResult.blendedMnemonic24 && (<div className="space-y-1"><label className="text-xs font-semibold text-slate-400">Blended Mnemonic (24-word)</label><p className="p-3 bg-slate-800 rounded-md font-mono text-sm text-slate-100 break-words">{blendedResult.blendedMnemonic24}</p></div>)}</div>) : (<p className="text-sm text-slate-400">{blendError || 'Previews will appear here once you enter one or more valid mnemonics.'}</p>)}
{blending ? <p className="text-sm text-slate-400">Blending...</p> : !blendError && blendedResult ? (<div className="space-y-4 animate-in fade-in">{xorStrength?.isWeak && (<div className="p-3 bg-amber-500/10 border border-amber-500/30 text-amber-300 rounded-lg text-sm flex gap-3"><AlertTriangle /><div><span className="font-bold">Weak XOR Result:</span> Detected only {xorStrength.uniqueBytes} unique bytes. This can happen if seeds are identical or too similar.</div></div>)}<div className="space-y-1"><label className="text-xs font-semibold text-slate-400">Blended Mnemonic (12-word)</label><p data-sensitive="Blended Mnemonic (12-word)" className="p-3 bg-slate-800 rounded-md font-mono text-sm text-slate-100 break-words">{blendedResult.blendedMnemonic12}</p></div>{blendedResult.blendedMnemonic24 && (<div className="space-y-1"><label className="text-xs font-semibold text-slate-400">Blended Mnemonic (24-word)</label><p data-sensitive="Blended Mnemonic (24-word)" className="p-3 bg-slate-800 rounded-md font-mono text-sm text-slate-100 break-words">{blendedResult.blendedMnemonic24}</p></div>)}</div>) : (<p className="text-sm text-slate-400">{blendError || 'Previews will appear here once you enter one or more valid mnemonics.'}</p>)}
</div>
<div className="p-6 bg-slate-700/50 rounded-xl border border-slate-600">
@@ -260,7 +312,7 @@ export function SeedBlender({ onDirtyStateChange, setMnemonicForBackup, requestT
<textarea value={diceRolls} onChange={(e) => setDiceRolls(e.target.value.replace(/[^1-6]/g, ''))} placeholder="Enter 99+ dice rolls (e.g., 16345...)" className="w-full h-32 p-3 bg-slate-50 border-2 border-slate-200 rounded-lg text-lg font-mono text-slate-900 placeholder:text-slate-400" />
{dicePatternWarning && (<div className="p-3 bg-amber-500/10 border border-amber-500/30 text-amber-300 rounded-lg text-sm flex gap-3"><AlertTriangle /><p><span className="font-bold">Warning:</span> {dicePatternWarning}</p></div>)}
{diceStats && diceStats.length > 0 && (<div className="grid grid-cols-2 md:grid-cols-4 gap-4 text-center"><div className="p-3 bg-slate-800 rounded-lg"><p className="text-xs text-slate-400">Rolls</p><p className="text-lg font-bold">{diceStats.length}</p></div><div className="p-3 bg-slate-800 rounded-lg"><p className="text-xs text-slate-400">Entropy (bits)</p><p className="text-lg font-bold">{diceStats.estimatedEntropyBits.toFixed(1)}</p></div><div className="p-3 bg-slate-800 rounded-lg"><p className="text-xs text-slate-400">Mean</p><p className="text-lg font-bold">{diceStats.mean.toFixed(2)}</p></div><div className="p-3 bg-slate-800 rounded-lg"><p className="text-xs text-slate-400">Chi-Square</p><p className={`text-lg font-bold ${diceStats.chiSquare > 11.07 ? 'text-amber-400' : ''}`}>{diceStats.chiSquare.toFixed(2)}</p></div></div>)}
{diceOnlyMnemonic && (<div className="space-y-1 pt-2"><label className="text-xs font-semibold text-slate-400">Dice-Only Preview Mnemonic</label><p className="p-3 bg-slate-800 rounded-md font-mono text-sm text-slate-100 break-words">{diceOnlyMnemonic}</p></div>)}
{diceOnlyMnemonic && (<div className="space-y-1 pt-2"><label className="text-xs font-semibold text-slate-400">Dice-Only Preview Mnemonic</label><p data-sensitive="Dice-Only Preview Mnemonic" className="p-3 bg-slate-800 rounded-md font-mono text-sm text-slate-100 break-words">{diceOnlyMnemonic}</p></div>)}
</div>
</div>
@@ -269,7 +321,7 @@ export function SeedBlender({ onDirtyStateChange, setMnemonicForBackup, requestT
{finalMnemonic ? (
<div className="p-4 bg-gradient-to-br from-green-50 to-emerald-50 border-2 border-green-300 rounded-2xl shadow-lg">
<div className="flex items-center justify-between mb-4"><span className="font-bold text-green-700 flex items-center gap-2 text-lg"><CheckCircle2 size={22} /> Final Mnemonic Generated</span><button onClick={() => setFinalMnemonic(null)} className="p-2.5 hover:bg-green-100 rounded-xl"><EyeOff size={22} /></button></div>
<div className="p-6 bg-white rounded-xl border-2 border-green-200 shadow-sm"><p className="font-mono text-center text-lg text-slate-800 break-words">{finalMnemonic}</p></div>
<div className="p-6 bg-white rounded-xl border-2 border-green-200 shadow-sm"><p data-sensitive="Final Blended Mnemonic" className="font-mono text-center text-lg text-slate-800 break-words">{finalMnemonic}</p></div>
<div className="mt-4 p-3 bg-red-500/10 text-red-300 rounded-lg text-xs flex gap-2"><AlertTriangle size={16} className="shrink-0 mt-0.5" /><span><strong>Security Warning:</strong> Write this down immediately. Do not save it digitally.</span></div>
<div className="grid grid-cols-2 gap-3 mt-4">
<button onClick={() => setShowFinalQR(true)} className="w-full py-2.5 bg-slate-700 text-white rounded-lg font-semibold flex items-center justify-center gap-2"><QrCode size={16}/> Export as QR</button>
@@ -282,7 +334,11 @@ export function SeedBlender({ onDirtyStateChange, setMnemonicForBackup, requestT
</div>
</div>
{showQRScanner && <QRScanner onScanSuccess={handleScanSuccess} onClose={() => setShowQRScanner(false)} />}
{showQRScanner && <QRScanner
onScanSuccess={handleScanSuccess}
onClose={handleScanClose}
onError={handleScanError}
/>}
{showFinalQR && finalMnemonic && (
<div className="fixed inset-0 bg-black/60 z-50 flex items-center justify-center" onClick={() => setShowFinalQR(false)}>
<div className="bg-white rounded-2xl p-4" onClick={e => e.stopPropagation()}>

105
src/lib/base43.test.ts Normal file
View File

@@ -0,0 +1,105 @@
import { describe, test, expect } from "bun:test";
import { base43Decode } from './base43';
// Helper to convert hex strings to Uint8Array
const toHex = (bytes: Uint8Array) => Array.from(bytes).map(b => b.toString(16).padStart(2, '0')).join('');
describe('Base43 Decoding (Krux Official Test Vectors)', () => {
test('should decode empty string to empty Uint8Array', () => {
expect(base43Decode('')).toEqual(new Uint8Array(0));
});
test('should throw error for forbidden characters', () => {
expect(() => base43Decode('INVALID!')).toThrow('forbidden character ! for base 43');
expect(() => base43Decode('INVALID_')).toThrow('forbidden character _ for base 43');
});
// Test cases adapted directly from Krux's test_baseconv.py
const kruxBase43TestVectors = [
{
hex: "61",
b43: "2B",
},
{
hex: "626262",
b43: "1+45$",
},
{
hex: "636363",
b43: "1+-U-",
},
{
hex: "73696d706c792061206c6f6e6720737472696e67",
b43: "2YT--DWX-2WS5L5VEX1E:6E7C8VJ:E",
},
{
hex: "00eb15231dfceb60925886b67d065299925915aeb172c06647",
b43: "03+1P14XU-QM.WJNJV$OBH4XOF5+E9OUY4E-2",
},
{
hex: "516b6fcd0f",
b43: "1CDVY/HG",
},
{
hex: "bf4f89001e670274dd",
b43: "22DOOE00VVRUHY",
},
{
hex: "572e4794",
b43: "9.ZLRA",
},
{
hex: "ecac89cad93923c02321",
b43: "F5JWS5AJ:FL5YV0",
},
{
hex: "10c8511e",
b43: "1-FFWO",
},
{
hex: "00000000000000000000",
b43: "0000000000",
},
{
hex: "000111d38e5fc9071ffcd20b4a763cc9ae4f252bb4e48fd66a835e252ada93ff480d6dd43dc62a641155a5",
b43: "05V$PS0ZWYH7M1RH-$2L71TF23XQ*HQKJXQ96L5E9PPMWXXHT3G1IP.HT-540H",
},
{
hex: "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
b43: "060PLMRVA3TFF18/LY/QMLZT76BH2EO*BDNG7S93KP5BBBLO2BW0YQXFWP8O$/XBSLCYPAIOZLD2O$:XX+XMI79BSZP-B7U8U*$/A3ML:P+RISP4I-NQ./-B4.DWOKMZKT4:5+M3GS/5L0GWXIW0ES5J-J$BX$FIWARF.L2S/J1V9SHLKBSUUOTZYLE7O8765J**C0U23SXMU$.-T9+0/8VMFU*+0KIF5:5W:/O:DPGOJ1DW2L-/LU4DEBBCRIFI*497XHHS0.-+P-2S98B/8MBY+NKI2UP-GVKWN2EJ4CWC3UX8K3AW:MR0RT07G7OTWJV$RG2DG41AGNIXWVYHUBHY8.+5/B35O*-Z1J3$H8DB5NMK6F2L5M/1",
},
];
kruxBase43TestVectors.forEach(({ hex, b43 }) => {
test(`should decode Base43 "${b43}" to hex "${hex}"`, () => {
const decodedBytes = base43Decode(b43);
expect(toHex(decodedBytes)).toEqual(hex);
});
});
const specialKruxTestVectors = [
{
data: "1334+HGXM$F8PPOIRNHX0.R*:SBMHK$X88LX$*/Y417R/6S1ZQOB2LHM-L+4T1YQVU:B*CKGXONP7:Y/R-B*:$R8FK",
expectedErrorMessage: "Krux decryption failed - wrong passphrase or corrupted data" // This error is thrown by crypto.subtle.decrypt
}
];
// We cannot fully test the user's specific case here without a corresponding Python encrypt function
// to get the expected decrypted bytes. However, we can at least confirm this decodes to *some* bytes.
specialKruxTestVectors.forEach(({ data }) => {
test(`should attempt to decode the user's special Base43 string "${data.substring(0,20)}..."`, () => {
const decodedBytes = base43Decode(data);
expect(decodedBytes).toBeInstanceOf(Uint8Array);
expect(decodedBytes.length).toBeGreaterThan(0);
// Further validation would require the exact Python output (decrypted bytes)
});
});
test('should correctly decode the user-provided failing case', () => {
const b43 = "1334+HGXM$F8PPOIRNHX0.R*:SBMHK$X88LX$*/Y417R/6S1ZQOB2LHM-L+4T1YQVU:B*CKGXONP7:Y/R-B*:$R8FK";
const expectedHex = "0835646363373062641401a026315e057b79d6fa85280f20493fe0d310e8638ce9738dddcd458342cbc54a744b63057ee919ad05af041bb652561adc2e";
const decodedBytes = base43Decode(b43);
expect(toHex(decodedBytes)).toEqual(expectedHex);
});
});

52
src/lib/base43.ts
View File

@@ -14,41 +14,23 @@ for (let i = 0; i < B43CHARS.length; i++) {
* @param v The Base43 encoded string.
* @returns The decoded bytes as a Uint8Array.
*/
export function base43Decode(v: string): Uint8Array {
if (typeof v !== 'string') {
throw new TypeError("Invalid value, expected string");
}
if (v === "") {
return new Uint8Array(0);
}
export function base43Decode(str: string): Uint8Array {
let value = 0n;
const base = 43n;
let longValue = 0n;
let powerOfBase = 1n;
const base = 43n;
for (const char of str) {
const index = B43CHARS.indexOf(char);
if (index === -1) throw new Error(`Invalid Base43 char: ${char}`);
value = value * base + BigInt(index);
}
for (let i = v.length - 1; i >= 0; i--) {
const char = v[i];
const digit = B43_MAP.get(char);
if (digit === undefined) {
throw new Error(`forbidden character ${char} for base 43`);
}
longValue += digit * powerOfBase;
powerOfBase *= base;
}
const result: number[] = [];
while (longValue >= 256) {
result.push(Number(longValue % 256n));
longValue /= 256n;
}
if (longValue > 0) {
result.push(Number(longValue));
}
// Pad with leading zeros
for (let i = 0; i < v.length && v[i] === B43CHARS[0]; i++) {
result.push(0);
}
return new Uint8Array(result.reverse());
// Convert BigInt to Buffer/Uint8Array
let hex = value.toString(16);
if (hex.length % 2 !== 0) hex = '0' + hex;
const bytes = new Uint8Array(hex.length / 2);
for (let i = 0; i < bytes.length; i++) {
bytes[i] = parseInt(hex.substr(i * 2, 2), 16);
}
return bytes;
}

26
src/lib/krux.test.ts
View File

@@ -102,7 +102,7 @@ describe('Krux KEF Implementation', () => {
expect(encrypted.version).toBe(20);
const decrypted = await decryptFromKrux({
kefHex: encrypted.kefHex,
kefData: encrypted.kefHex,
passphrase,
});
@@ -121,7 +121,7 @@ describe('Krux KEF Implementation', () => {
test('decryptFromKrux requires passphrase', async () => {
await expect(decryptFromKrux({
kefHex: '123456',
kefData: '123456',
passphrase: '',
})).rejects.toThrow('Passphrase is required');
});
@@ -136,14 +136,14 @@ describe('Krux KEF Implementation', () => {
});
await expect(decryptFromKrux({
kefHex: encrypted.kefHex,
kefData: encrypted.kefHex,
passphrase: 'wrong-passphrase',
})).rejects.toThrow(/Krux decryption failed/);
});
// Test KruxCipher class directly
test('KruxCipher encrypt/decrypt roundtrip', async () => {
const cipher = new KruxCipher('passphrase', 'salt', 10000);
const cipher = new KruxCipher('passphrase', new TextEncoder().encode('salt'), 10000);
const plaintext = new TextEncoder().encode('secret message');
const encrypted = await cipher.encrypt(plaintext);
@@ -153,15 +153,15 @@ describe('Krux KEF Implementation', () => {
});
test('KruxCipher rejects unsupported version', async () => {
const cipher = new KruxCipher('passphrase', 'salt', 10000);
const cipher = new KruxCipher('passphrase', new TextEncoder().encode('salt'), 10000);
const plaintext = new Uint8Array([1, 2, 3]);
await expect(cipher.encrypt(plaintext, 99)).rejects.toThrow('Unsupported KEF version');
await expect(cipher.decrypt(new Uint8Array(50), 99)).rejects.toThrow('Unsupported KEF version');
await expect(cipher.decrypt(new Uint8Array(50), 99)).rejects.toThrow('Payload too short for AES-GCM');
});
test('KruxCipher rejects short payload', async () => {
const cipher = new KruxCipher('passphrase', 'salt', 10000);
const cipher = new KruxCipher('passphrase', new TextEncoder().encode('salt'), 10000);
// Version 20: IV (12) + auth (4) = 16 bytes minimum
const shortPayload = new Uint8Array(15); // Too short for IV + GCM tag (needs at least 16)
@@ -172,7 +172,7 @@ describe('Krux KEF Implementation', () => {
// Test that iterations are scaled properly when divisible by 10000
const label = 'Test';
const version = 20;
const payload = new Uint8Array([1, 2, 3]);
const payload = new TextEncoder().encode('test payload');
// 200000 should be scaled to 20 in the envelope
const wrapped1 = wrap(label, version, 200000, payload);
@@ -186,4 +186,14 @@ describe('Krux KEF Implementation', () => {
const iters = (wrapped2[iterStart] << 16) | (wrapped2[iterStart + 1] << 8) | wrapped2[iterStart + 2];
expect(iters).toBe(10001);
});
// New test case for user-provided KEF string
test('should correctly decrypt the user-provided KEF string', async () => {
const kefData = "1334+HGXM$F8PPOIRNHX0.R*:SBMHK$X88LX$*/Y417R/6S1ZQOB2LHM-L+4T1YQVU:B*CKGXONP7:Y/R-B*:$R8FK";
const passphrase = "aaa";
const expectedMnemonic = "differ release beauty fresh tortoise usage curtain spoil october town embrace ridge rough reject cabin snap glimpse enter book coach green lonely hundred mercy";
const result = await decryptFromKrux({ kefData, passphrase });
expect(result.mnemonic).toBe(expectedMnemonic);
});
});

57
src/lib/krux.ts
View File

@@ -17,7 +17,10 @@ export const VERSIONS: Record<number, {
const GCM_IV_LENGTH = 12;
function toArrayBuffer(data: Uint8Array): ArrayBuffer {
return data.buffer.slice(data.byteOffset, data.byteOffset + data.byteLength);
// Create a new ArrayBuffer and copy the contents
const buffer = new ArrayBuffer(data.byteLength);
new Uint8Array(buffer).set(data);
return buffer;
}
export function unwrap(envelope: Uint8Array): { label: string; labelBytes: Uint8Array, version: number; iterations: number; payload: Uint8Array } {
@@ -40,18 +43,26 @@ export function unwrap(envelope: Uint8Array): { label: string; labelBytes: Uint8
return { label, labelBytes, version, iterations, payload };
}
import { pbkdf2HmacSha256 } from './pbkdf2';
import { entropyToMnemonic, mnemonicToEntropy } from './seedblend';
// ... (rest of the file is the same until KruxCipher)
export class KruxCipher {
private keyPromise: Promise<CryptoKey>;
constructor(passphrase: string, salt: Uint8Array, iterations: number) {
const encoder = new TextEncoder();
this.keyPromise = (async () => {
const passphraseBuffer = toArrayBuffer(encoder.encode(passphrase));
const baseKey = await crypto.subtle.importKey("raw", passphraseBuffer, { name: "PBKDF2" }, false, ["deriveKey"]);
const saltBuffer = toArrayBuffer(salt); // Use the raw bytes directly
return crypto.subtle.deriveKey(
{ name: "PBKDF2", salt: saltBuffer, iterations: Math.max(1, iterations), hash: "SHA-256" },
baseKey, { name: "AES-GCM", length: 256 }, false, ["encrypt", "decrypt"]
// Use pure-JS PBKDF2 implementation which has been validated against Krux's test vector
const derivedKeyBytes = await pbkdf2HmacSha256(passphrase, salt, iterations, 32);
// Import the derived bytes as an AES-GCM key
return crypto.subtle.importKey(
"raw",
toArrayBuffer(derivedKeyBytes),
{ name: "AES-GCM", length: 256 },
false,
["encrypt", "decrypt"]
);
})();
}
@@ -149,7 +160,7 @@ export async function decryptFromKrux(params: { kefData: string; passphrase: str
const cipher = new KruxCipher(passphrase, labelBytes, iterations);
const decrypted = await cipher.decrypt(payload, version);
const mnemonic = new TextDecoder().decode(decrypted);
const mnemonic = await entropyToMnemonic(decrypted);
return { mnemonic, label, version, iterations };
}
@@ -161,10 +172,36 @@ export async function encryptToKrux(params: { mnemonic: string; passphrase: stri
const { mnemonic, passphrase, label = "Seed Backup", iterations = 200000, version = 21 } = params;
if (!passphrase) throw new Error("Passphrase is required for Krux encryption");
const mnemonicBytes = new TextEncoder().encode(mnemonic);
const mnemonicBytes = await mnemonicToEntropy(mnemonic);
// For encryption, we encode the string label to get the salt bytes
const cipher = new KruxCipher(passphrase, new TextEncoder().encode(label), iterations);
const payload = await cipher.encrypt(mnemonicBytes, version);
const kef = wrap(label, version, iterations, payload);
return { kefHex: bytesToHex(kef), label, version, iterations };
}
export function wrap(label: string, version: number, iterations: number, payload: Uint8Array): Uint8Array {
const labelBytes = new TextEncoder().encode(label);
const idLen = labelBytes.length;
// Convert iterations to 3 bytes (Big-Endian)
const iterBytes = new Uint8Array(3);
iterBytes[0] = (iterations >> 16) & 0xFF;
iterBytes[1] = (iterations >> 8) & 0xFF;
iterBytes[2] = iterations & 0xFF;
// Calculate total length
const totalLength = 1 + idLen + 1 + 3 + payload.length;
const envelope = new Uint8Array(totalLength);
let offset = 0;
envelope[offset++] = idLen;
envelope.set(labelBytes, offset);
offset += idLen;
envelope[offset++] = version;
envelope.set(iterBytes, offset);
offset += 3;
envelope.set(payload, offset);
return envelope;
}

87
src/lib/pbkdf2.ts Normal file
View File

@@ -0,0 +1,87 @@
/**
* @file pbkdf2.ts
* @summary A pure-JS implementation of PBKDF2-HMAC-SHA256 using the Web Crypto API.
* This is used as a fallback to test for platform inconsistencies in native PBKDF2.
* Adapted from public domain examples and RFC 2898.
*/
/**
* Performs HMAC-SHA256 on a given key and data.
* @param key The HMAC key.
* @param data The data to hash.
* @returns A promise that resolves to the HMAC-SHA256 digest as an ArrayBuffer.
*/
async function hmacSha256(key: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
return crypto.subtle.sign('HMAC', key, data);
}
/**
* The F function for PBKDF2 (PRF).
* T_1 = F(P, S, c, 1)
* T_2 = F(P, S, c, 2)
* ...
* F(P, S, c, i) = U_1 \xor U_2 \xor ... \xor U_c
* U_1 = PRF(P, S || INT_32_BE(i))
* U_2 = PRF(P, U_1)
* ...
* U_c = PRF(P, U_{c-1})
*/
async function F(passwordKey: CryptoKey, salt: Uint8Array, iterations: number, i: number): Promise<Uint8Array> {
// S || INT_32_BE(i)
const saltI = new Uint8Array(salt.length + 4);
saltI.set(salt, 0);
const i_be = new DataView(saltI.buffer, salt.length, 4);
i_be.setUint32(0, i, false); // false for big-endian
// U_1
let U = new Uint8Array(await hmacSha256(passwordKey, saltI.buffer));
// T
let T = U.slice();
for (let c = 1; c < iterations; c++) {
// U_c = PRF(P, U_{c-1})
U = new Uint8Array(await hmacSha256(passwordKey, U.buffer));
// T = T \xor U_c
for (let j = 0; j < T.length; j++) {
T[j] ^= U[j];
}
}
return T;
}
/**
* Derives a key using PBKDF2-HMAC-SHA256.
* @param password The password string.
* @param salt The salt bytes.
* @param iterations The number of iterations.
* @param keyLenBytes The desired key length in bytes.
* @returns A promise that resolves to the derived key as a Uint8Array.
*/
export async function pbkdf2HmacSha256(password: string, salt: Uint8Array, iterations: number, keyLenBytes: number): Promise<Uint8Array> {
const passwordBytes = new TextEncoder().encode(password);
const passwordKey = await crypto.subtle.importKey(
'raw',
passwordBytes,
{ name: 'HMAC', hash: 'SHA-256' },
false,
['sign']
);
const hLen = 32; // SHA-256 output length in bytes
const l = Math.ceil(keyLenBytes / hLen);
const r = keyLenBytes - (l - 1) * hLen;
const blocks: Uint8Array[] = [];
for (let i = 1; i <= l; i++) {
blocks.push(await F(passwordKey, salt, iterations, i));
}
const T = new Uint8Array(keyLenBytes);
for(let i = 0; i < l - 1; i++) {
T.set(blocks[i], i * hLen);
}
T.set(blocks[l-1].slice(0, r), (l-1) * hLen);
return T;
}

35
src/lib/seedblend.test.ts
View File

@@ -7,7 +7,7 @@
* the same inputs.
*/
import { describe, it, expect } from 'vitest';
import { describe, test, expect } from "bun:test";
import {
xorBytes,
hkdfExtractExpand,
@@ -21,11 +21,16 @@ import {
} from './seedblend';
// Helper to convert hex strings to Uint8Array
const fromHex = (hex: string) => new Uint8Array(hex.match(/.{1,2}/g)!.map(byte => parseInt(byte, 16)));
const fromHex = (hex: string): Uint8Array => {
const bytes = hex.match(/.{1,2}/g)!.map(byte => parseInt(byte, 16));
const buffer = new ArrayBuffer(bytes.length);
new Uint8Array(buffer).set(bytes);
return new Uint8Array(buffer);
};
describe('SeedBlend Logic Compliance Tests (Ported from Python)', () => {
it('should ensure XOR blending is order-independent (commutative)', () => {
test('should ensure XOR blending is order-independent (commutative)', () => {
const ent1 = fromHex("a1".repeat(16));
const ent2 = fromHex("b2".repeat(16));
const ent3 = fromHex("c3".repeat(16));
@@ -36,7 +41,7 @@ describe('SeedBlend Logic Compliance Tests (Ported from Python)', () => {
expect(blended1).toEqual(blended2);
});
it('should handle XOR of different length inputs correctly', () => {
test('should handle XOR of different length inputs correctly', () => {
const ent128 = fromHex("a1".repeat(16)); // 12-word seed
const ent256 = fromHex("b2".repeat(32)); // 24-word seed
@@ -44,12 +49,12 @@ describe('SeedBlend Logic Compliance Tests (Ported from Python)', () => {
expect(blended.length).toBe(32);
// Verify cycling: first 16 bytes should be a1^b2, last 16 should also be a1^b2
const expectedChunk = fromHex("a1b2".repeat(8));
expect(blended.slice(0, 16)).toEqual(xorBytes(fromHex("a1".repeat(16)), fromHex("b2".repeat(16))));
expect(blended.slice(16, 32)).toEqual(xorBytes(fromHex("a1".repeat(16)), fromHex("b2".repeat(16))));
expect(blended.slice(0, 16) as Uint8Array).toEqual(xorBytes(fromHex("a1".repeat(16)), fromHex("b2".repeat(16))) as Uint8Array);
expect(blended.slice(16, 32) as Uint8Array).toEqual(xorBytes(fromHex("a1".repeat(16)), fromHex("b2".repeat(16))) as Uint8Array);
});
it('should perform a basic round-trip and validation for mnemonics', async () => {
test('should perform a basic round-trip and validation for mnemonics', async () => {
const valid12 = "army van defense carry jealous true garbage claim echo media make crunch";
const ent12 = await mnemonicToEntropy(valid12);
expect(ent12.length).toBe(16);
@@ -63,7 +68,7 @@ describe('SeedBlend Logic Compliance Tests (Ported from Python)', () => {
expect(ent24.length).toBe(32);
});
it('should be deterministic for the same HKDF inputs', async () => {
test('should be deterministic for the same HKDF inputs', async () => {
const data = new Uint8Array(64).fill(0x01);
const info1 = new TextEncoder().encode('test');
const info2 = new TextEncoder().encode('different');
@@ -76,7 +81,7 @@ describe('SeedBlend Logic Compliance Tests (Ported from Python)', () => {
expect(out1).not.toEqual(out3);
});
it('should produce correct HKDF lengths and match prefixes', async () => {
test('should produce correct HKDF lengths and match prefixes', async () => {
const data = fromHex('ab'.repeat(32));
const info = new TextEncoder().encode('len-test');
@@ -88,14 +93,14 @@ describe('SeedBlend Logic Compliance Tests (Ported from Python)', () => {
expect(out16).toEqual(out32.slice(0, 16));
});
it('should detect bad dice patterns', () => {
test('should detect bad dice patterns', () => {
expect(detectBadPatterns("1111111111").bad).toBe(true);
expect(detectBadPatterns("123456123456").bad).toBe(true);
expect(detectBadPatterns("222333444555").bad).toBe(true);
expect(detectBadPatterns("314159265358979323846264338327950").bad).toBe(false);
});
it('should calculate dice stats correctly', () => {
test('should calculate dice stats correctly', () => {
const rolls = "123456".repeat(10); // 60 rolls, perfectly uniform
const stats = calculateDiceStats(rolls);
@@ -105,7 +110,7 @@ describe('SeedBlend Logic Compliance Tests (Ported from Python)', () => {
expect(stats.chiSquare).toBe(0); // Perfect uniformity
});
it('should convert dice to bytes using integer math', () => {
test('should convert dice to bytes using integer math', () => {
const rolls = "123456".repeat(17); // 102 rolls
const bytes = diceToBytes(rolls);
@@ -115,7 +120,7 @@ describe('SeedBlend Logic Compliance Tests (Ported from Python)', () => {
// --- Crucial Integration Tests ---
it('[CRITICAL] must reproduce the exact blended mnemonic for 4 seeds', async () => {
test('[CRITICAL] must reproduce the exact blended mnemonic for 4 seeds', async () => {
const sessionMnemonics = [
// 2x 24-word seeds
"dog guitar hotel random owner gadget salute riot patrol work advice panic erode leader pass cross section laundry elder asset soul scale immune scatter",
@@ -132,7 +137,7 @@ describe('SeedBlend Logic Compliance Tests (Ported from Python)', () => {
expect(blendedMnemonic24).toBe(expectedMnemonic);
});
it('[CRITICAL] must reproduce the exact final mixed output with 4 seeds and dice', async () => {
test('[CRITICAL] must reproduce the exact final mixed output with 4 seeds and dice', async () => {
const sessionMnemonics = [
"dog guitar hotel random owner gadget salute riot patrol work advice panic erode leader pass cross section laundry elder asset soul scale immune scatter",
"unable point minimum sun peanut habit ready high nothing cherry silver eagle pen fabric list collect impact loan casual lyrics pig train middle screen",

23
src/lib/seedblend.ts
View File

@@ -39,13 +39,22 @@ function getCrypto(): Promise<SubtleCrypto> {
if (typeof window !== 'undefined' && window.crypto?.subtle) {
return window.crypto.subtle;
}
const { webcrypto } = await import('crypto');
return webcrypto.subtle;
if (import.meta.env.SSR) {
const { webcrypto } = await import('crypto');
return webcrypto.subtle as SubtleCrypto;
}
throw new Error("SubtleCrypto not found in this environment");
})();
}
return cryptoPromise;
}
function toArrayBuffer(data: Uint8Array): ArrayBuffer {
const buffer = new ArrayBuffer(data.byteLength);
new Uint8Array(buffer).set(data);
return buffer;
}
// --- BIP39 Wordlist Loading ---
/**
@@ -74,7 +83,7 @@ if (BIP39_WORDLIST.length !== 2048) {
*/
async function sha256(data: Uint8Array): Promise<Uint8Array> {
const subtle = await getCrypto();
const hashBuffer = await subtle.digest('SHA-256', data);
const hashBuffer = await subtle.digest('SHA-256', toArrayBuffer(data));
return new Uint8Array(hashBuffer);
}
@@ -88,12 +97,12 @@ async function hmacSha256(key: Uint8Array, data: Uint8Array): Promise<Uint8Array
const subtle = await getCrypto();
const cryptoKey = await subtle.importKey(
'raw',
key,
toArrayBuffer(key),
{ name: 'HMAC', hash: 'SHA-256' },
false, // not exportable
['sign']
);
const signature = await subtle.sign('HMAC', cryptoKey, data);
const signature = await subtle.sign('HMAC', cryptoKey, toArrayBuffer(data));
return new Uint8Array(signature);
}
@@ -143,7 +152,7 @@ export async function hkdfExtractExpand(
dataToHmac.set(info, t.length);
dataToHmac.set([counter], t.length + info.length);
t = await hmacSha256(prk, dataToHmac);
t = new Uint8Array(await hmacSha256(prk, dataToHmac));
const toWrite = Math.min(t.length, length - written);
okm.set(t.slice(0, toWrite), written);
@@ -322,7 +331,7 @@ export function calculateDiceStats(diceRolls: string): DiceStats {
const sum = rolls.reduce((a, b) => a + b, 0);
const mean = sum / n;
const variance = rolls.reduce((a, b) => a + Math.pow(b - mean, 2), 0) / n;
const stdDev = n > 1 ? Math.sqrt(rolls.reduce((a, b) => a + Math.pow(b - mean, 2), 0) / (n - 1)) : 0;
const estimatedEntropyBits = n * Math.log2(6);

32
src/lib/seedpgp.ts
View File

@@ -1,7 +1,7 @@
import * as openpgp from "openpgp";
import { base45Encode, base45Decode } from "./base45";
import { crc16CcittFalse } from "./crc16";
import { encryptToKrux, decryptFromKrux, hexToBytes } from "./krux";
import { encryptToKrux, decryptFromKrux } from "./krux";
import type {
SeedPgpPlaintext,
ParsedSeedPgpFrame,
@@ -283,7 +283,7 @@ export async function decryptFromSeed(params: DecryptionParams): Promise<SeedPgp
try {
const result = await decryptFromKrux({
kefHex: params.frameText,
kefData: params.frameText,
passphrase,
});
@@ -329,22 +329,30 @@ export function detectEncryptionMode(text: string): EncryptionMode {
return 'pgp';
}
// 2. Definite Krux (Hex)
// 2. Tentative SeedQR detection
// Standard SeedQR is all digits, often long. (e.g., 00010002...)
if (/^\\d+$/.test(trimmed) && trimmed.length >= 12 * 4) { // Minimum 12 words * 4 digits
return 'seedqr';
}
// Compact SeedQR is all hex, often long. (e.g., 0e54b641...)
if (/^[0-9a-fA-F]+$/.test(trimmed) && trimmed.length >= 16 * 2) { // Minimum 16 bytes * 2 hex chars (for 12 words)
return 'seedqr';
}
// 3. Tentative Krux detection
const cleanedHex = trimmed.replace(/\s/g, '').replace(/^KEF:/i, '');
if (/^[0-9a-fA-F]{10,}$/.test(cleanedHex)) {
if (/^[0-9a-fA-F]{10,}$/.test(cleanedHex)) { // Krux hex format (min 5 bytes, usually longer)
return 'krux';
}
// 3. Likely a plain text mnemonic
if (BASE43_CHARS_ONLY_REGEX.test(trimmed)) { // Krux Base43 format (e.g., 1334+HGXM$F8...)
return 'krux';
}
// 4. Likely a plain text mnemonic (contains spaces)
if (trimmed.includes(' ')) {
return 'text';
}
// 4. Heuristic: If it looks like Base43, assume it's a Krux payload
if (BASE43_CHARS_ONLY_REGEX.test(trimmed)) {
return 'krux';
}
// 5. Default to text, which will then fail validation in the component.
// 5. Default to text
return 'text';
}

111
src/lib/seedqr.ts Normal file
View File

@@ -0,0 +1,111 @@
/**
* @file seedqr.ts
* @summary Implements encoding and decoding for Seedsigner's SeedQR format.
* @description This module provides functions to convert BIP39 mnemonics to and from the
* SeedQR format, supporting both the Standard (numeric) and Compact (hex) variations.
* The logic is adapted from the official Seedsigner specification and test vectors.
*/
import { BIP39_WORDLIST, WORD_INDEX, mnemonicToEntropy, entropyToMnemonic } from './seedblend';
// Helper to convert a hex string to a Uint8Array in a browser-compatible way.
function hexToUint8Array(hex: string): Uint8Array {
if (hex.length % 2 !== 0) {
throw new Error('Hex string must have an even number of characters');
}
const bytes = new Uint8Array(hex.length / 2);
for (let i = 0; i < bytes.length; i++) {
bytes[i] = parseInt(hex.substr(i * 2, 2), 16);
}
return bytes;
}
/**
* Decodes a Standard SeedQR (numeric digit stream) into a mnemonic phrase.
* @param digitStream A string containing 4-digit numbers representing BIP39 word indices.
* @returns The decoded BIP39 mnemonic.
*/
function decodeStandardSeedQR(digitStream: string): string {
if (digitStream.length % 4 !== 0) {
throw new Error('Invalid Standard SeedQR: Length must be a multiple of 4.');
}
const wordIndices: number[] = [];
for (let i = 0; i < digitStream.length; i += 4) {
const indexStr = digitStream.slice(i, i + 4);
const index = parseInt(indexStr, 10);
if (isNaN(index) || index >= 2048) {
throw new Error(`Invalid word index in SeedQR: ${indexStr}`);
}
wordIndices.push(index);
}
if (wordIndices.length !== 12 && wordIndices.length !== 24) {
throw new Error(`Invalid word count from SeedQR: ${wordIndices.length}. Must be 12 or 24.`);
}
const mnemonicWords = wordIndices.map(index => BIP39_WORDLIST[index]);
return mnemonicWords.join(' ');
}
/**
* Decodes a Compact SeedQR (hex-encoded entropy) into a mnemonic phrase.
* @param hexEntropy The hex-encoded entropy string.
* @returns A promise that resolves to the decoded BIP39 mnemonic.
*/
async function decodeCompactSeedQR(hexEntropy: string): Promise<string> {
const entropy = hexToUint8Array(hexEntropy);
if (entropy.length !== 16 && entropy.length !== 32) {
throw new Error(`Invalid entropy length for Compact SeedQR: ${entropy.length}. Must be 16 or 32 bytes.`);
}
return entropyToMnemonic(entropy);
}
/**
* A unified decoder that automatically detects and parses a SeedQR string.
* @param qrData The raw data from the QR code.
* @returns A promise that resolves to the decoded BIP39 mnemonic.
*/
export async function decodeSeedQR(qrData: string): Promise<string> {
const trimmed = qrData.trim();
// Standard SeedQR is a string of only digits.
if (/^\d+$/.test(trimmed)) {
return decodeStandardSeedQR(trimmed);
}
// Compact SeedQR is a hex string.
if (/^[0-9a-fA-F]+$/.test(trimmed)) {
return decodeCompactSeedQR(trimmed);
}
throw new Error('Unsupported or invalid SeedQR format.');
}
/**
* Encodes a mnemonic into the Standard SeedQR format (numeric digit stream).
* @param mnemonic The BIP39 mnemonic string.
* @returns A promise that resolves to the Standard SeedQR string.
*/
export async function encodeStandardSeedQR(mnemonic: string): Promise<string> {
const words = mnemonic.trim().toLowerCase().split(/\s+/);
if (words.length !== 12 && words.length !== 24) {
throw new Error("Mnemonic must be 12 or 24 words to generate a SeedQR.");
}
const digitStream = words.map(word => {
const index = WORD_INDEX.get(word);
if (index === undefined) {
throw new Error(`Invalid word in mnemonic: ${word}`);
}
return index.toString().padStart(4, '0');
}).join('');
return digitStream;
}
/**
* Encodes a mnemonic into the Compact SeedQR format (raw entropy bytes).
* @param mnemonic The BIP39 mnemonic string.
* @returns A promise that resolves to the Compact SeedQR entropy as a Uint8Array.
*/
export async function encodeCompactSeedQREntropy(mnemonic: string): Promise<Uint8Array> {
return await mnemonicToEntropy(mnemonic);
}

4
src/lib/types.ts
View File

@@ -21,7 +21,7 @@ export type KruxEncryptionParams = {
version?: number;
};
export type EncryptionMode = 'pgp' | 'krux' | 'text';
export type EncryptionMode = 'pgp' | 'krux' | 'seedqr' | 'text';
export type EncryptionParams = {
plaintext: SeedPgpPlaintext | string;
@@ -42,7 +42,7 @@ export type DecryptionParams = {
};
export type EncryptionResult = {
framed: string;
framed: string | Uint8Array;
pgpBytes?: Uint8Array;
recipientFingerprint?: string;
label?: string;