bitcoinjs-lib/src/message.js

/// Implements Bitcoin's feature for signing arbitrary messages.

var SHA256 = require('crypto-js/sha256');
var ecdsa = require('./ecdsa');
var convert = require('./convert');

var Message = {};

Message.magicPrefix = "Bitcoin Signed Message:\n";

Message.makeMagicMessage = function (message) {
  var magicBytes = convert.stringToBytes(Message.magicPrefix);
  var messageBytes = convert.stringToBytes(message);

  var buffer = [];
  buffer = buffer.concat(convert.numToVarInt(magicBytes.length));
  buffer = buffer.concat(magicBytes);
  buffer = buffer.concat(convert.numToVarInt(messageBytes.length));
  buffer = buffer.concat(messageBytes);

  return buffer;
};

Message.getHash = function (message) {
  var buffer = Message.makeMagicMessage(message);
  return convert.wordArrayToBytes(SHA256(SHA256(convert.bytesToWordArray(buffer))));
};

Message.signMessage = function (key, message) {
  var hash = Message.getHash(message);

  var sig = key.sign(hash);

  var obj = ecdsa.parseSig(sig);

  var i = ecdsa.calcPubkeyRecoveryParam(key, obj.r, obj.s, hash);

  i += 27;
  if (key.compressed) i += 4;

  var rBa = obj.r.toByteArrayUnsigned();
  var sBa = obj.s.toByteArrayUnsigned();

  // Pad to 32 bytes per value
  while (rBa.length < 32) rBa.unshift(0);
  while (sBa.length < 32) sBa.unshift(0);

  sig = [i].concat(rBa).concat(sBa);

  return convert.bytesToHex(sig);
};

Message.verifyMessage = function (address, sig, message) {
  sig = convert.hexToBytes(sig);
  sig = ecdsa.parseSigCompact(sig);

  var hash = Message.getHash(message);

  var isCompressed = !!(sig.i & 4);
  var pubKey = ecdsa.recoverPubKey(sig.r, sig.s, hash, sig.i);
  pubKey.compressed = isCompressed;

  var expectedAddress = pubKey.getAddress().toString();

  return (address === expectedAddress);
};

module.exports = Message;
port message to common.js style and add tests 2013-03-02 18:28:13 +01:00			`/// Implements Bitcoin's feature for signing arbitrary messages.`

migrate crypto-js to 3.1.2 2014-03-08 06:02:40 +01:00			`var SHA256 = require('crypto-js/sha256');`
port message to common.js style and add tests 2013-03-02 18:28:13 +01:00			`var ecdsa = require('./ecdsa');`
move convert methods from util to convert 2014-03-11 02:52:48 +01:00			`var convert = require('./convert');`
port message to common.js style and add tests 2013-03-02 18:28:13 +01:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`var Message = {};`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`Message.magicPrefix = "Bitcoin Signed Message:\n";`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`Message.makeMagicMessage = function (message) {`
move convert methods from util to convert 2014-03-11 02:52:48 +01:00			`var magicBytes = convert.stringToBytes(Message.magicPrefix);`
			`var messageBytes = convert.stringToBytes(message);`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`var buffer = [];`
move convert methods from util to convert 2014-03-11 02:52:48 +01:00			`buffer = buffer.concat(convert.numToVarInt(magicBytes.length));`
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`buffer = buffer.concat(magicBytes);`
move convert methods from util to convert 2014-03-11 02:52:48 +01:00			`buffer = buffer.concat(convert.numToVarInt(messageBytes.length));`
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`buffer = buffer.concat(messageBytes);`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`return buffer;`
			`};`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`Message.getHash = function (message) {`
			`var buffer = Message.makeMagicMessage(message);`
move convert methods from util to convert 2014-03-11 02:52:48 +01:00			`return convert.wordArrayToBytes(SHA256(SHA256(convert.bytesToWordArray(buffer))));`
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`};`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
Determine whether key is compressed from the key itself. ref #61 2014-03-11 18:26:40 +01:00			`Message.signMessage = function (key, message) {`
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`var hash = Message.getHash(message);`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`var sig = key.sign(hash);`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
port message to common.js style and add tests 2013-03-02 18:28:13 +01:00			`var obj = ecdsa.parseSig(sig);`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
Fix signing with compressed keys calcPubkeyRecoveryParam always assumed a non-compressed key, and was comparing the address generated from a non-compressed public key against the original address generated from the compressed public key. This commit fixes it by passing the entire pubkey object, and configuring the generated address to use the same compressed setting as the original one. 2013-11-28 20:01:55 +01:00			`var i = ecdsa.calcPubkeyRecoveryParam(key, obj.r, obj.s, hash);`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`i += 27;`
Determine whether key is compressed from the key itself. ref #61 2014-03-11 18:26:40 +01:00			`if (key.compressed) i += 4;`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`var rBa = obj.r.toByteArrayUnsigned();`
			`var sBa = obj.s.toByteArrayUnsigned();`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`// Pad to 32 bytes per value`
			`while (rBa.length < 32) rBa.unshift(0);`
			`while (sBa.length < 32) sBa.unshift(0);`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`sig = [i].concat(rBa).concat(sBa);`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
move convert methods from util to convert 2014-03-11 02:52:48 +01:00			`return convert.bytesToHex(sig);`
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`};`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`Message.verifyMessage = function (address, sig, message) {`
move convert methods from util to convert 2014-03-11 02:52:48 +01:00			`sig = convert.hexToBytes(sig);`
port message to common.js style and add tests 2013-03-02 18:28:13 +01:00			`sig = ecdsa.parseSigCompact(sig);`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`var hash = Message.getHash(message);`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`var isCompressed = !!(sig.i & 4);`
port message to common.js style and add tests 2013-03-02 18:28:13 +01:00			`var pubKey = ecdsa.recoverPubKey(sig.r, sig.s, hash, sig.i);`
Add whether pubkey recovered from sig is compressed. close #61 2014-03-11 18:28:04 +01:00			`pubKey.compressed = isCompressed;`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
Changes to new version-less ECKey API 2014-03-22 08:17:54 +01:00			`var expectedAddress = pubKey.getAddress().toString();`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`return (address === expectedAddress);`
			`};`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`module.exports = Message;`