Merge pull request #456 from bitcoinjs/nomessage

Remove message module
2016-10-06 10:44:44 -05:00 · 2016-10-06 10:44:44 -05:00 · 038c0f08d2
commit 038c0f08d2
parent 80b1b50155 de6671ecaa
9 changed files with 5 additions and 437 deletions
--- a/README.md
+++ b/README.md
@ -100,11 +100,9 @@ The below examples are implemented as integration tests, they should be very eas
 - [Generate a random address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L9)
 - [Generate a address from a SHA256 hash](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L20)
- [Generate a address and WIF for Litecoin](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L30)
+- [Generate a address and WIF for Litecoin](https://github.com/bitcoin/bitcoinjs-lib/blob/master/test/integration/basic.js#L29)
- [Import an address via WIF](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L44)
+- [Import an address via WIF](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L43)
- [Create a Transaction](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L51)
+- [Create a Transaction](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L50)
 - [Sign a Bitcoin message](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/advanced.js#L8)
 - [Verify a Bitcoin message](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/advanced.js#L16)
 - [Create an OP RETURN transaction](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/advanced.js#L24)
 - [Create a 2-of-3 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L9)
 - [Spend from a 2-of-4 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L25)
--- a/src/ecdsa.js
+++ b/src/ecdsa.js
@ -154,93 +154,8 @@ function verify (hash, signature, Q) {
  return v.equals(r)
 }
 /**
  * Recover a public key from a signature.
  *
  * See SEC 1: Elliptic Curve Cryptography, section 4.1.6, "Public
  * Key Recovery Operation".
  *
  * http://www.secg.org/download/aid-780/sec1-v2.pdf
  */
 function recoverPubKey (e, signature, i) {
  typeforce(types.tuple(
    types.BigInt,
    types.ECSignature,
    types.UInt2
  ), arguments)
  var n = secp256k1.n
  var G = secp256k1.G
  var r = signature.r
  var s = signature.s
  if (r.signum() <= 0 || r.compareTo(n) >= 0) throw new Error('Invalid r value')
  if (s.signum() <= 0 || s.compareTo(n) >= 0) throw new Error('Invalid s value')
  // A set LSB signifies that the y-coordinate is odd
  var isYOdd = i & 1
  // The more significant bit specifies whether we should use the
  // first or second candidate key.
  var isSecondKey = i >> 1
  // 1.1 Let x = r + jn
  var x = isSecondKey ? r.add(n) : r
  var R = secp256k1.pointFromX(isYOdd, x)
  // 1.4 Check that nR is at infinity
  var nR = R.multiply(n)
  if (!secp256k1.isInfinity(nR)) throw new Error('nR is not a valid curve point')
  // Compute r^-1
  var rInv = r.modInverse(n)
  // Compute -e from e
  var eNeg = e.negate().mod(n)
  // 1.6.1 Compute Q = r^-1 (sR -  eG)
  //               Q = r^-1 (sR + -eG)
  var Q = R.multiplyTwo(s, G, eNeg).multiply(rInv)
  secp256k1.validate(Q)
  return Q
 }
 /**
  * Calculate pubkey extraction parameter.
  *
  * When extracting a pubkey from a signature, we have to
  * distinguish four different cases. Rather than putting this
  * burden on the verifier, Bitcoin includes a 2-bit value with the
  * signature.
  *
  * This function simply tries all four cases and returns the value
  * that resulted in a successful pubkey recovery.
  */
 function calcPubKeyRecoveryParam (e, signature, Q) {
  typeforce(types.tuple(
    types.BigInt,
    types.ECSignature,
    types.ECPoint
  ), arguments)
  for (var i = 0; i < 4; i++) {
    var Qprime = recoverPubKey(e, signature, i)
    // 1.6.2 Verify Q
    if (Qprime.equals(Q)) {
      return i
    }
  }
  throw new Error('Unable to find valid recovery factor')
 }
 module.exports = {
  calcPubKeyRecoveryParam: calcPubKeyRecoveryParam,
  deterministicGenerateK: deterministicGenerateK,
  recoverPubKey: recoverPubKey,
  sign: sign,
  verify: verify,
--- a/src/index.js
+++ b/src/index.js
@ -9,7 +9,6 @@ module.exports = {
  address: require('./address'),
  bufferutils: require('./bufferutils'),
  crypto: require('./crypto'),
  message: require('./message'),
  networks: require('./networks'),
  opcodes: require('./opcodes.json'),
  script: require('./script')
--- a/src/message.js
+++ b/src/message.js
@ -1,54 +0,0 @@
 var bufferutils = require('./bufferutils')
 var bcrypto = require('./crypto')
 var ecdsa = require('./ecdsa')
 var networks = require('./networks')
 var BigInteger = require('bigi')
 var ECPair = require('./ecpair')
 var ECSignature = require('./ecsignature')
 function magicHash (message, network) {
  var messagePrefix = new Buffer(network.messagePrefix)
  var messageBuffer = new Buffer(message)
  var lengthBuffer = bufferutils.varIntBuffer(messageBuffer.length)
  var buffer = Buffer.concat([messagePrefix, lengthBuffer, messageBuffer])
  return bcrypto.hash256(buffer)
 }
 function sign (keyPair, message, network) {
  network = network || networks.bitcoin
  var hash = magicHash(message, network)
  var signature = keyPair.sign(hash)
  var e = BigInteger.fromBuffer(hash)
  var i = ecdsa.calcPubKeyRecoveryParam(e, signature, keyPair.Q)
  return signature.toCompact(i, keyPair.compressed)
 }
 function verify (address, signature, message, network) {
  if (!Buffer.isBuffer(signature)) {
    signature = new Buffer(signature, 'base64')
  }
  network = network || networks.bitcoin
  var hash = magicHash(message, network)
  var parsed = ECSignature.parseCompact(signature)
  var e = BigInteger.fromBuffer(hash)
  var Q = ecdsa.recoverPubKey(e, parsed.signature, parsed.i)
  var keyPair = new ECPair(null, Q, {
    compressed: parsed.compressed,
    network: network
  })
  return keyPair.getAddress() === address
 }
 module.exports = {
  magicHash: magicHash,
  sign: sign,
  verify: verify
 }
--- a/test/ecdsa.js
+++ b/test/ecdsa.js
@ -3,8 +3,6 @@
 var assert = require('assert')
 var bcrypto = require('../src/crypto')
 var ecdsa = require('../src/ecdsa')
 var message = require('../src/message')
 var networks = require('../src/networks')
 var sinon = require('sinon')
 var BigInteger = require('bigi')
@ -83,55 +81,6 @@ describe('ecdsa', function () {
    })
  })
  describe('recoverPubKey', function () {
    fixtures.valid.ecdsa.forEach(function (f) {
      it('recovers the pubKey for ' + f.d, function () {
        var d = BigInteger.fromHex(f.d)
        var Q = curve.G.multiply(d)
        var signature = ECSignature.fromDER(new Buffer(f.signature, 'hex'))
        var h1 = bcrypto.sha256(f.message)
        var e = BigInteger.fromBuffer(h1)
        var Qprime = ecdsa.recoverPubKey(e, signature, f.i)
        assert(Qprime.equals(Q))
      })
    })
    describe('with i ∈ {0,1,2,3}', function () {
      var hash = message.magicHash('1111', networks.bitcoin)
      var e = BigInteger.fromBuffer(hash)
      var signatureBuffer = new Buffer('INcvXVVEFyIfHLbDX+xoxlKFn3Wzj9g0UbhObXdMq+YMKC252o5RHFr0/cKdQe1WsBLUBi4morhgZ77obDJVuV0=', 'base64')
      var signature = ECSignature.parseCompact(signatureBuffer).signature
      var points = [
        '03e3a8c44a8bf712f1fbacee274fb19c0239b1a9e877eff0075ea335f2be8ff380',
        '0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798',
        '03d49e765f0bc27525c51a1b98fb1c99dacd59abe85a203af90f758260550b56c5',
        '027eea09d46ac7fb6aa2e96f9c576677214ffdc238eb167734a9b39d1eb4c3d30d'
      ]
      points.forEach(function (expectedHex, i) {
        it('recovers an expected point for i of ' + i, function () {
          var Qprime = ecdsa.recoverPubKey(e, signature, i)
          var QprimeHex = Qprime.getEncoded().toString('hex')
          assert.strictEqual(QprimeHex, expectedHex)
        })
      })
    })
    fixtures.invalid.recoverPubKey.forEach(function (f) {
      it('throws on ' + f.description + ' (' + f.exception + ')', function () {
        var e = BigInteger.fromHex(f.e)
        var signature = new ECSignature(new BigInteger(f.signatureRaw.r, 16), new BigInteger(f.signatureRaw.s, 16))
        assert.throws(function () {
          ecdsa.recoverPubKey(e, signature, f.i)
        }, new RegExp(f.exception))
      })
    })
  })
  describe('sign', function () {
    fixtures.valid.ecdsa.forEach(function (f) {
      it('produces a deterministic signature for "' + f.message + '"', function () {
--- a/test/fixtures/ecdsa.json
+++ b/test/fixtures/ecdsa.json
@ -125,78 +125,6 @@
    ]
  },
  "invalid": {
    "recoverPubKey": [
      {
        "description": "Invalid r value (< 0)",
        "exception": "Invalid r value",
        "e": "01",
        "signatureRaw": {
          "r": "-01",
          "s": "02"
        },
        "i": 0
      },
      {
        "description": "Invalid r value (== 0)",
        "exception": "Invalid r value",
        "e": "01",
        "signatureRaw": {
          "r": "00",
          "s": "02"
        },
        "i": 0
      },
      {
        "description": "Invalid s value (< 0)",
        "exception": "Invalid s value",
        "e": "01",
        "signatureRaw": {
          "r": "02",
          "s": "-01"
        },
        "i": 0
      },
      {
        "description": "Invalid s value (== 0)",
        "exception": "Invalid s value",
        "e": "01",
        "signatureRaw": {
          "r": "02",
          "s": "00"
        },
        "i": 0
      },
      {
        "description": "Invalid r value (nR is infinity)",
        "exception": "nR is not a valid curve point",
        "e": "01",
        "signatureRaw": {
          "r": "fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364140",
          "s": "01"
        },
        "i": 0
      },
      {
        "description": "Invalid curve point",
        "exception": "Point is not on the curve",
        "e": "01",
        "signatureRaw": {
          "r": "4b3b4ca85a86c47a098a223fffffffff",
          "s": "01"
        },
        "i": 0
      },
      {
        "description": "Invalid i value (> 3)",
        "exception": "Expected property \"2\" of type UInt2, got Number 4",
        "e": "01",
        "signatureRaw": {
          "r": "00",
          "s": "02"
        },
        "i": 4
      }
    ],
    "verify": [
      {
        "description": "The wrong signature",
--- a/test/fixtures/message.json
+++ b/test/fixtures/message.json
@ -1,86 +0,0 @@
 {
  "valid": {
    "magicHash": [
      {
        "network": "bitcoin",
        "message": "",
        "magicHash": "80e795d4a4caadd7047af389d9f7f220562feb6196032e2131e10563352c4bcc"
      },
      {
        "network": "bitcoin",
        "message": "Vires is Numeris",
        "magicHash": "f8a5affbef4a3241b19067aa694562f64f513310817297089a8929a930f4f933"
      },
      {
        "network": "dogecoin",
        "message": "Vires is Numeris",
        "magicHash": "c0963d20d0accd0ea0df6c1020bf85a7e629a40e7b5363f2c3e9dcafd5638f12"
      }
    ],
    "verify": [
      {
        "message": "vires is numeris",
        "network": "bitcoin",
        "address": "16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM",
        "signature": "G8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0=",
        "compressed": {
          "address": "1PMycacnJaSqwwJqjawXBErnLsZ7RkXUAs",
          "signature": "H8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
        }
      },
      {
        "message": "vires is numeris",
        "network": "dogecoin",
        "address": "DFpN6QqFfUm3gKNaxN6tNcab1FArL9cZLE",
        "signature": "H6k+dZwJ8oOei3PCSpdj603fDvhlhQ+sqaFNIDvo/bI+Xh6zyIKGzZpyud6YhZ1a5mcrwMVtTWL+VXq/hC5Zj7s="
      }
    ],
    "signing": [
      {
        "description": "gives equal r, s values irrespective of point compression",
        "message": "vires is numeris",
        "network": "bitcoin",
        "d": "1",
        "signature": "HF8nHqFr3K2UKYahhX3soVeoW8W1ECNbr0wfck7lzyXjCS5Q16Ek45zyBuy1Fiy9sTPKVgsqqOuPvbycuVSSVl8=",
        "compressed": {
          "signature": "IF8nHqFr3K2UKYahhX3soVeoW8W1ECNbr0wfck7lzyXjCS5Q16Ek45zyBuy1Fiy9sTPKVgsqqOuPvbycuVSSVl8="
        }
      },
      {
        "description": "supports alternative networks",
        "message": "vires is numeris",
        "network": "dogecoin",
        "d": "1",
        "signature": "G6k+dZwJ8oOei3PCSpdj603fDvhlhQ+sqaFNIDvo/bI+Xh6zyIKGzZpyud6YhZ1a5mcrwMVtTWL+VXq/hC5Zj7s="
      }
    ]
  },
  "invalid": {
    "verify": [
      {
        "description": "will fail for the wrong message",
        "message": "foobar",
        "address": "16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM",
        "signature": "G8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
      },
      {
        "description": "will fail for the wrong address",
        "message": "vires is numeris",
        "address": "1111111111111111111114oLvT2",
        "signature": "H8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
      },
      {
        "description": "does not cross verify (uncompressed address, compressed signature)",
        "message": "vires is numeris",
        "address": "16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM",
        "signature": "H8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
      },
      {
        "description": "does not cross verify (compressed address, uncompressed signature)",
        "message": "vires is numeris",
        "address": "1PMycacnJaSqwwJqjawXBErnLsZ7RkXUAs",
        "signature": "G8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
      }
    ]
  }
 }
--- a/test/integration/advanced.js
+++ b/test/integration/advanced.js
@ -1,28 +1,11 @@
 /* global describe, it */
 var assert = require('assert')
 var bitcoin = require('../../')
 var blockchain = require('./_blockchain')
 describe('bitcoinjs-lib (advanced)', function () {
-  it('can sign a Bitcoin message', function () {
+  it('can create an OP_RETURN transaction', function (done) {
-    var keyPair = bitcoin.ECPair.fromWIF('5KYZdUEo39z3FPrtuX2QbbwGnNP5zTd7yyr2SC1j299sBCnWjss')
+    this.timeout(20000)
    var message = 'This is an example of a signed message.'
    var signature = bitcoin.message.sign(keyPair, message)
    assert.strictEqual(signature.toString('base64'), 'G9L5yLFjti0QTHhPyFrZCT1V/MMnBtXKmoiKDZ78NDBjERki6ZTQZdSMCtkgoNmp17By9ItJr8o7ChX0XxY91nk=')
  })
  it('can verify a Bitcoin message', function () {
    var address = '1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN'
    var signature = 'HJLQlDWLyb1Ef8bQKEISzFbDAKctIlaqOpGbrk3YVtRsjmC61lpE5ErkPRUFtDKtx98vHFGUWlFhsh3DiW6N0rE'
    var message = 'This is an example of a signed message.'
    assert(bitcoin.message.verify(address, signature, message))
  })
  it('can create a transaction using OP_RETURN', function (done) {
    this.timeout(30000)
    var network = bitcoin.networks.testnet
    var keyPair = bitcoin.ECPair.makeRandom({ network: network })
--- a/test/message.js
+++ b/test/message.js
@ -1,64 +0,0 @@
 /* global describe, it */
 var assert = require('assert')
 var message = require('../src/message')
 var networks = require('../src/networks')
 var BigInteger = require('bigi')
 var ECPair = require('../src/ecpair')
 var fixtures = require('./fixtures/message.json')
 describe('message', function () {
  describe('magicHash', function () {
    fixtures.valid.magicHash.forEach(function (f) {
      it('produces the correct magicHash for "' + f.message + '" (' + f.network + ')', function () {
        var network = networks[f.network]
        var actual = message.magicHash(f.message, network)
        assert.strictEqual(actual.toString('hex'), f.magicHash)
      })
    })
  })
  describe('verify', function () {
    fixtures.valid.verify.forEach(function (f) {
      it('verifies a valid signature for "' + f.message + '" (' + f.network + ')', function () {
        var network = networks[f.network]
        assert(message.verify(f.address, f.signature, f.message, network))
        if (f.compressed) {
          assert(message.verify(f.compressed.address, f.compressed.signature, f.message, network))
        }
      })
    })
    fixtures.invalid.verify.forEach(function (f) {
      it(f.description, function () {
        assert(!message.verify(f.address, f.signature, f.message))
      })
    })
  })
  describe('signing', function () {
    fixtures.valid.signing.forEach(function (f) {
      it(f.description, function () {
        var network = networks[f.network]
        var keyPair = new ECPair(new BigInteger(f.d), null, {
          compressed: false
        })
        var signature = message.sign(keyPair, f.message, network)
        assert.strictEqual(signature.toString('base64'), f.signature)
        if (f.compressed) {
          var compressedPrivKey = new ECPair(new BigInteger(f.d))
          var compressedSignature = message.sign(compressedPrivKey, f.message)
          assert.strictEqual(compressedSignature.toString('base64'), f.compressed.signature)
        }
      })
    })
  })
 })