bitcoinjs-lib/src/message.js

/// Implements Bitcoin's feature for signing arbitrary messages.

var Address = require('./address')
var convert = require('./convert')
var crypto = require('./crypto')
var ecdsa = require('./ecdsa')
var ECPubKey = require('./eckey').ECPubKey

// FIXME: magicHash is incompatible with other magic messages
var magicBytes = convert.stringToBytes('Bitcoin Signed Message:\n')

function magicHash(message) {
  var messageBytes = convert.stringToBytes(message)

  var buffer = [].concat(
    convert.numToVarInt(magicBytes.length),
    magicBytes,
    convert.numToVarInt(messageBytes.length),
    messageBytes
  )

  return crypto.hash256(buffer)
}

// TODO: parameterize compression instead of using ECKey.compressed
function sign(key, message) {
  var hash = magicHash(message)
  var sig = key.sign(hash)
  var obj = ecdsa.parseSig(sig)
  var i = ecdsa.calcPubKeyRecoveryParam(key.pub.Q, obj.r, obj.s, hash)

  i += 27
  if (key.pub.compressed) {
    i += 4
  }

  var rBa = obj.r.toByteArrayUnsigned()
  var sBa = obj.s.toByteArrayUnsigned()

  // Pad to 32 bytes per value
  while (rBa.length < 32) rBa.unshift(0);
  while (sBa.length < 32) sBa.unshift(0);

  sig = [i].concat(rBa, sBa)

  return sig
}

function verify(address, sig, message) {
  sig = ecdsa.parseSigCompact(sig)

  var pubKey = new ECPubKey(ecdsa.recoverPubKey(sig.r, sig.s, magicHash(message), sig.i))
  pubKey.compressed = !!(sig.i & 4)

  address = new Address(address)
  return pubKey.getAddress(address.version).toString() === address.toString()
}

module.exports = {
  magicHash: magicHash,
  sign: sign,
  verify: verify
}
port message to common.js style and add tests 2013-03-02 18:28:13 +01:00			`/// Implements Bitcoin's feature for signing arbitrary messages.`

Adds version support to Message.verifyMessage 2014-03-28 06:20:46 +01:00			`var Address = require('./address')`
Cleaning up message.js 2014-03-27 02:00:08 +01:00			`var convert = require('./convert')`
Migrates all usage of crypto-js/sha256 to ./crypto 2014-04-08 14:13:03 +02:00			`var crypto = require('./crypto')`
Adds version support to Message.verifyMessage 2014-03-28 06:20:46 +01:00			`var ecdsa = require('./ecdsa')`
Removes circular dependancy of ECKey 2014-03-29 07:44:03 +01:00			`var ECPubKey = require('./eckey').ECPubKey`
port message to common.js style and add tests 2013-03-02 18:28:13 +01:00
Changes Message.Message function names to Message. 2014-03-28 20:03:43 +01:00			`// FIXME: magicHash is incompatible with other magic messages`
			`var magicBytes = convert.stringToBytes('Bitcoin Signed Message:\n')`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
Changes Message.Message function names to Message. 2014-03-28 20:03:43 +01:00			`function magicHash(message) {`
Cleaning up message.js 2014-03-27 02:00:08 +01:00			`var messageBytes = convert.stringToBytes(message)`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
Changes Message.Message function names to Message. 2014-03-28 20:03:43 +01:00			`var buffer = [].concat(`
Cleaning up message.js 2014-03-27 02:00:08 +01:00			`convert.numToVarInt(magicBytes.length),`
			`magicBytes,`
			`convert.numToVarInt(messageBytes.length),`
			`messageBytes`
			`)`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
Migrates all usage of crypto-js/sha256 to ./crypto 2014-04-08 14:13:03 +02:00			`return crypto.hash256(buffer)`
Cleaning up message.js 2014-03-27 02:00:08 +01:00			`}`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
Changes Message.Message function names to Message. 2014-03-28 20:03:43 +01:00			`// TODO: parameterize compression instead of using ECKey.compressed`
			`function sign(key, message) {`
			`var hash = magicHash(message)`
Cleaning up message.js 2014-03-27 02:00:08 +01:00			`var sig = key.sign(hash)`
			`var obj = ecdsa.parseSig(sig)`
Migrates ECKey to stricter API 2014-04-17 11:08:16 +02:00			`var i = ecdsa.calcPubKeyRecoveryParam(key.pub.Q, obj.r, obj.s, hash)`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
Cleaning up message.js 2014-03-27 02:00:08 +01:00			`i += 27`
Migrates ECKey to stricter API 2014-04-17 11:08:16 +02:00			`if (key.pub.compressed) {`
Cleaning up message.js 2014-03-27 02:00:08 +01:00			`i += 4`
			`}`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
Cleaning up message.js 2014-03-27 02:00:08 +01:00			`var rBa = obj.r.toByteArrayUnsigned()`
			`var sBa = obj.s.toByteArrayUnsigned()`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
start to split into node commonjs style modules - no longer is the global Bitcoin used for modules - cleaner and more maintainable code - add more tests 2013-02-17 06:39:15 +01:00			`// Pad to 32 bytes per value`
cosmetic standardization [closes #56] 2014-03-31 05:47:47 +02:00			`while (rBa.length < 32) rBa.unshift(0);`
			`while (sBa.length < 32) sBa.unshift(0);`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
Cleaning up message.js 2014-03-27 02:00:08 +01:00			`sig = [i].concat(rBa, sBa)`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
Now using Bytes consistently for signatures 2014-03-28 20:05:07 +01:00			`return sig`
Cleaning up message.js 2014-03-27 02:00:08 +01:00			`}`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
Changes Message.Message function names to Message. 2014-03-28 20:03:43 +01:00			`function verify(address, sig, message) {`
Now using Bytes consistently for signatures 2014-03-28 20:05:07 +01:00			`sig = ecdsa.parseSigCompact(sig)`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
Merge branch 'msgvers-patch2' of github.com:dcousens/bitcoinjs-lib into dcousens-msgvers-patch2 Conflicts: src/message.js 2014-03-31 04:08:25 +02:00			`var pubKey = new ECPubKey(ecdsa.recoverPubKey(sig.r, sig.s, magicHash(message), sig.i))`
Migrates ECKey to stricter API 2014-04-17 11:08:16 +02:00			`pubKey.compressed = !!(sig.i & 4)`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
Adds version support to Message.verifyMessage 2014-03-28 06:20:46 +01:00			`address = new Address(address)`
Changes Message.Message function names to Message. 2014-03-28 20:03:43 +01:00			`return pubKey.getAddress(address.version).toString() === address.toString()`
Cleaning up message.js 2014-03-27 02:00:08 +01:00			`}`
Implement Bitcoin's method for arbitrary message signatures. 2012-08-16 00:25:06 +02:00
Changes Message.Message function names to Message. 2014-03-28 20:03:43 +01:00			`module.exports = {`
			`magicHash: magicHash,`
			`sign: sign,`
			`verify: verify`
			`}`