bitcoinjs-lib/src/message.js

57 lines
1.5 KiB
JavaScript
Raw Normal View History

/// Implements Bitcoin's feature for signing arbitrary messages.
var Address = require('./address')
2014-05-04 16:37:18 +10:00
var BufferExt = require('./buffer')
var crypto = require('./crypto')
var ecdsa = require('./ecdsa')
2014-03-29 17:44:03 +11:00
var ECPubKey = require('./eckey').ECPubKey
2014-05-04 16:37:18 +10:00
// FIXME: incompatible with other networks (Litecoin etc)
var magicBuffer = new Buffer('\x18Bitcoin Signed Message:\n')
function magicHash(message) {
2014-05-04 16:37:18 +10:00
var mB = new Buffer(message)
var mVI = new Buffer(BufferExt.varIntSize(mB.length))
BufferExt.writeVarInt(mVI, mB.length, 0)
2014-05-04 16:37:18 +10:00
var buffer = Buffer.concat([magicBuffer, mVI, mB])
return crypto.hash256(buffer)
2014-03-26 21:00:08 -04:00
}
// TODO: parameterize compression instead of using ECKey.compressed
function sign(key, message) {
var hash = magicHash(message)
2014-04-24 07:22:10 +10:00
var sig = ecdsa.parseSig(key.sign(hash))
var i = ecdsa.calcPubKeyRecoveryParam(key.pub.Q, sig.r, sig.s, hash)
2014-03-26 21:00:08 -04:00
i += 27
2014-04-17 19:08:16 +10:00
if (key.pub.compressed) {
2014-03-26 21:00:08 -04:00
i += 4
}
var rB = sig.r.toBuffer(32)
var sB = sig.s.toBuffer(32)
2014-04-24 07:22:10 +10:00
return Buffer.concat([new Buffer([i]), rB, sB], 65)
2014-03-26 21:00:08 -04:00
}
// FIXME: stricter API?
function verify(address, sig, message) {
if (typeof address === 'string') {
address = Address.fromBase58Check(address)
}
sig = ecdsa.parseSigCompact(sig)
var pubKey = new ECPubKey(ecdsa.recoverPubKey(sig.r, sig.s, magicHash(message), sig.i))
2014-04-17 19:08:16 +10:00
pubKey.compressed = !!(sig.i & 4)
return pubKey.getAddress(address.version).toString() === address.toString()
2014-03-26 21:00:08 -04:00
}
module.exports = {
magicHash: magicHash,
sign: sign,
verify: verify
}