Is there way to recognize wrong passphrase? - Githubissues

bitcoinjs / bip38

BIP38 is a standard process to encrypt Bitcoin and crypto currency private keys that is less susceptible to brute force attacks thus protecting the user.

http://cryptocoinjs.com/modules/currency/bip38/

MIT License

208 stars 100 forks source link

Is there way to recognize wrong passphrase? #11

Closed grabus closed 9 years ago

grabus commented 9 years ago

When I use wrong passphrase decrypt() returns wif which is correct, because I can generate public address from that wif. But address is wrong, because passphrase is wrong.

Is there way to recognize wrong passphrase?

jprichardson commented 9 years ago

Under https://github.com/cryptocoinjs/bip38#decryptencryptedkey-passhprase, this:

note: To check for an invalid password, you'll want to generate the public address from the output of the decrypt() function. If it doesn't equal the expected address or the address checksum, then chances are, it's an invalid password. The reason that this logic was not included is because it would have required a lot of dependencies: ECKey and Address. Currently, ECKey is pretty heavy on dependencies.

i.e....

Generate the WIF output from decrypt().
Compute address from WIF
Verify address checksum matches checksum on the encrypted key (input to decrypt()).

grabus commented 9 years ago

I get it now, thanks!

something like this:

let hex = Bitcoin.base58check.decode(encryptedKey),
  checksum = Bitcoin.crypto.sha256(Bitcoin.crypto.sha256(address)),
  passwordWrong = checksum[0] != hex[3] || checksum[1] != hex[4] || checksum[2] != hex[5] || checksum[3] != hex[6]

console.log(`password is ${ passwordWrong ? 'incorrect' : 'correct' }`)

jprichardson commented 9 years ago

Closing since this appears to be resolved.