bitcoinjs-lib/test/ecdsa.js

171 lines
5.2 KiB
JavaScript
Raw Normal View History

2014-03-28 18:24:23 +01:00
var assert = require('assert')
var crypto = require('../src/crypto')
var ecdsa = require('../src/ecdsa')
2014-05-16 07:39:17 +02:00
var message = require('../src/message')
var networks = require('../src/networks')
2014-05-13 08:35:07 +02:00
2014-05-03 04:04:54 +02:00
var BigInteger = require('bigi')
2014-03-28 18:24:23 +01:00
2014-06-07 08:24:27 +02:00
var ecurve = require('ecurve')
var curve = ecurve.getCurveByName('secp256k1')
2014-05-18 11:47:39 +02:00
var fixtures = require('./fixtures/ecdsa.json')
2014-03-28 18:24:23 +01:00
describe('ecdsa', function() {
describe('deterministicGenerateK', function() {
fixtures.valid.forEach(function(f) {
it('determines k for \"' + f.message + '\"', function() {
var d = BigInteger.fromHex(f.d)
var h1 = crypto.sha256(f.message)
2014-06-07 08:24:27 +02:00
var k = ecdsa.deterministicGenerateK(curve, h1, d)
assert.equal(k.toHex(), f.k)
})
})
})
2014-03-28 18:24:23 +01:00
describe('recoverPubKey', function() {
it('succesfully recovers a public key', function() {
var d = BigInteger.ONE
var signature = new Buffer('INcvXVVEFyIfHLbDX+xoxlKFn3Wzj9g0UbhObXdMq+YMKC252o5RHFr0/cKdQe1WsBLUBi4morhgZ77obDJVuV0=', 'base64')
2014-05-16 07:39:17 +02:00
2014-06-07 08:24:27 +02:00
var Q = curve.params.G.multiply(d)
2014-05-16 07:39:17 +02:00
var hash = message.magicHash('1111', networks.bitcoin)
2014-05-10 14:30:29 +02:00
var e = BigInteger.fromBuffer(hash)
2014-05-24 08:25:38 +02:00
var parsed = ecdsa.parseSigCompact(signature)
2014-05-16 07:39:17 +02:00
2014-06-07 08:24:27 +02:00
var Qprime = ecdsa.recoverPubKey(curve, e, parsed.signature, parsed.i)
assert(Q.equals(Qprime))
2014-03-28 18:24:23 +01:00
})
})
describe('sign', function() {
fixtures.valid.forEach(function(f) {
it('produces a deterministic signature for \"' + f.message + '\"', function() {
var d = BigInteger.fromHex(f.d)
var hash = crypto.sha256(f.message)
2014-06-07 08:24:27 +02:00
var signature = ecdsa.sign(curve, hash, d)
2014-05-24 08:25:38 +02:00
assert.equal(signature.r.toString(), f.signature.r)
assert.equal(signature.s.toString(), f.signature.s)
})
})
it('should sign with low S value', function() {
var hash = crypto.sha256('Vires in numeris')
2014-06-07 08:24:27 +02:00
var sig = ecdsa.sign(curve, hash, BigInteger.ONE)
// See BIP62 for more information
2014-06-07 08:24:27 +02:00
var N_OVER_TWO = curve.params.n.shiftRight(1)
2014-05-10 14:38:05 +02:00
assert(sig.s.compareTo(N_OVER_TWO) <= 0)
})
})
describe('verifyRaw', function() {
fixtures.valid.forEach(function(f) {
it('verifies a valid signature for \"' + f.message + '\"', function() {
var d = BigInteger.fromHex(f.d)
2014-06-07 08:24:27 +02:00
var Q = curve.params.G.multiply(d)
2014-05-24 08:25:38 +02:00
var signature = {
r: new BigInteger(f.signature.r),
s: new BigInteger(f.signature.s)
}
var e = BigInteger.fromBuffer(crypto.sha256(f.message))
2014-06-07 08:24:27 +02:00
assert(ecdsa.verifyRaw(curve, e, signature, Q))
})
})
2014-05-24 05:40:20 +02:00
fixtures.invalid.verifyRaw.forEach(function(f) {
it('fails to verify with ' + f.description, function() {
var d = BigInteger.fromHex(f.d)
2014-05-24 05:40:20 +02:00
var e = BigInteger.fromHex(f.e)
2014-05-24 08:25:38 +02:00
var signature = {
r: new BigInteger(f.signature.r),
s: new BigInteger(f.signature.s)
}
2014-06-07 08:24:27 +02:00
var Q = curve.params.G.multiply(d)
2014-05-24 05:40:20 +02:00
2014-06-07 08:24:27 +02:00
assert.equal(ecdsa.verifyRaw(curve, e, signature, Q), false)
2014-05-24 05:40:20 +02:00
})
})
})
describe('serializeSig', function() {
it('encodes a DER signature', function() {
fixtures.valid.forEach(function(f) {
2014-05-24 08:25:38 +02:00
var signature = {
r: new BigInteger(f.signature.r),
s: new BigInteger(f.signature.s)
}
2014-05-24 08:25:38 +02:00
var signature = new Buffer(ecdsa.serializeSig(signature))
assert.equal(signature.toString('hex'), f.DER)
})
})
})
describe('parseSig', function() {
it('decodes the correct signature', function() {
fixtures.valid.forEach(function(f) {
var buffer = new Buffer(f.DER, 'hex')
var signature = ecdsa.parseSig(buffer)
assert.equal(signature.r.toString(), f.signature.r)
assert.equal(signature.s.toString(), f.signature.s)
})
})
fixtures.invalid.DER.forEach(function(f) {
2014-05-29 07:42:12 +02:00
it('throws on ' + f.hex, function() {
var buffer = new Buffer(f.hex, 'hex')
assert.throws(function() {
ecdsa.parseSig(buffer)
2014-05-29 07:42:12 +02:00
}, new RegExp(f.exception))
})
})
})
describe('serializeSigCompact', function() {
2014-05-29 07:42:12 +02:00
fixtures.valid.forEach(function(f) {
it('encodes ' + f.compact.hex + ' correctly', function() {
2014-05-24 08:25:38 +02:00
var signature = {
r: new BigInteger(f.signature.r),
s: new BigInteger(f.signature.s)
}
var i = f.compact.i
var compressed = f.compact.compressed
var signature = ecdsa.serializeSigCompact(signature, i, compressed)
assert.equal(signature.toString('hex'), f.compact.hex)
})
})
})
describe('parseSigCompact', function() {
2014-05-29 07:42:12 +02:00
fixtures.valid.forEach(function(f) {
it('decodes ' + f.compact.hex + ' correctly', function() {
2014-05-24 08:25:38 +02:00
var buffer = new Buffer(f.compact.hex, 'hex')
var parsed = ecdsa.parseSigCompact(buffer)
2014-05-24 08:25:38 +02:00
assert.equal(parsed.signature.r.toString(), f.signature.r)
assert.equal(parsed.signature.s.toString(), f.signature.s)
assert.equal(parsed.i, f.compact.i)
assert.equal(parsed.compressed, f.compact.compressed)
})
})
fixtures.invalid.compact.forEach(function(f) {
2014-05-29 07:42:12 +02:00
it('throws on ' + f.hex, function() {
var buffer = new Buffer(f.hex, 'hex')
assert.throws(function() {
ecdsa.parseSigCompact(buffer)
2014-05-29 07:42:12 +02:00
}, new RegExp(f.exception))
})
})
})
2014-03-28 18:24:23 +01:00
})