secKeyStore uses key derivation functions (PBKDF2-SHA256 or scrypt) to genrate decryptionkey,uses Hash function(SHA3-256) to verfify the password and uses the symmetric ciphers (AES-128-CTR or AES-128-CBC) to derive decrypted SEC privateKey. You can export your generated key to file, copy it to your data directory's keystore, and immediately start using it in your local SEC client.
npm install @sec-block/secjs-keys
const secKeys =
Generate a SEC private key (256 bit), as well as the salt (256 bit) used by the key derivation function, and the initialization vector (128 bit) used to AES-128-CTR encrypt the key.
create is asynchronous if it is passed a callback function, and synchronous otherwise.
// optional private key and initialization vector sizes in bytes// (if params is not passed to create, secKeys.constants is used by default which is defined in ..src/index.js)const params = keyBytes: 32 ivBytes: 16// synchronousconst dk = secKeys// dk: derived keyprivateKey: <Buffer ...>iv: <Buffer ...>salt: <Buffer ...>// asynchronoussecKeys
You will need to specify a password and (optionally) a key derivation function. If unspecified, PBKDF2-SHA256 will be used to derive the AES secret key.
const password = "SECpassword"const kdf = "pbkdf2" // or "scrypt" to use the scrypt kdf
dump function is used to export key info to keystore. If a callback function is supplied as the sixth parameter to
dump, it will run asynchronously:
// Note: if options is unspecified, the values in keythereum.constants are used.const options =kdf: "pbkdf2" // key derivation functioncipher: "aes-128-ctr" // cipher function to encrypt private keykdfparams:c: 262144dklen: 32prf: "hmac-sha256"// synchronouslet keyObject = secKeys// contents of keyObject:address: "008aeeda4d805471df9b2a5b0f38a0c3bcba786b"Crypto:cipher: "aes-128-ctr"ciphertext: "5318b4d5bcd28de64ee5559e671353e16f075ecae9f99c7a79a38af5f869aa46"cipherparams:iv: "6087dab2f9fdbbfaddc31a909735c1e6"mac: "517ead924a9d0dc3124507e3393d175ce3ff7c1e96529c6c555ce9e51205e9b2"kdf: "pbkdf2"kdfparams:c: 262144dklen: 32prf: "hmac-sha256"salt: "ae3cd4e7013836a3df6bd7241b12db061dbe2c6785853cce422d148a624ce0bd"id: "e13b209c-3b2f-4327-bab0-3bef2e51630d"version: 3// asynchronoussecKeys
dump creates an object and not a JSON string. In Node, the
exportToFile method provides an easy way to export this formatted key object to file. It creates a JSON file in the
keystore sub-directory with current file-naming convention (ISO timestamp concatenated with the key's derived SEC address).
After successful key export, you will see a message like(Caution: choose the path to keystore default folder ('keystore'):
Saved to file: keystore/UTC--2018-08-22T06:13:53.359Z--008aeeda4d805471df9b2a5b0f38a0c3bcba786b
Importing a key from keystore can only be done on Node. The JSON file is parsed into an object with the same structure as
// Specify a data directory (optional: defaults to ~/.sec)const datadir = ""// Synchronousconst keyObject = secKeys// AsynchronoussecKeys
This has been tested with version 3 and version 1, but not version 2, keys. (Please send me a version 2 keystore file if you have one, so I can test it!)
To recover the plaintext private key from the key object, use
secKeys.recover. The private key is returned as a Buffer.
// synchronouslet privateKey = secKeys// privateKey:<Buffer ...>// AsynchronoussecKeys