Merge pull request #456 from bitcoinjs/nomessage

Remove message module
This commit is contained in:
JP Richardson 2016-10-06 10:44:44 -05:00 committed by GitHub
commit 038c0f08d2
9 changed files with 5 additions and 437 deletions

View file

@ -100,11 +100,9 @@ The below examples are implemented as integration tests, they should be very eas
- [Generate a random address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L9) - [Generate a random address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L9)
- [Generate a address from a SHA256 hash](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L20) - [Generate a address from a SHA256 hash](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L20)
- [Generate a address and WIF for Litecoin](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L30) - [Generate a address and WIF for Litecoin](https://github.com/bitcoin/bitcoinjs-lib/blob/master/test/integration/basic.js#L29)
- [Import an address via WIF](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L44) - [Import an address via WIF](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L43)
- [Create a Transaction](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L51) - [Create a Transaction](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L50)
- [Sign a Bitcoin message](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/advanced.js#L8)
- [Verify a Bitcoin message](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/advanced.js#L16)
- [Create an OP RETURN transaction](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/advanced.js#L24) - [Create an OP RETURN transaction](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/advanced.js#L24)
- [Create a 2-of-3 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L9) - [Create a 2-of-3 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L9)
- [Spend from a 2-of-4 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L25) - [Spend from a 2-of-4 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L25)

View file

@ -154,93 +154,8 @@ function verify (hash, signature, Q) {
return v.equals(r) return v.equals(r)
} }
/**
* Recover a public key from a signature.
*
* See SEC 1: Elliptic Curve Cryptography, section 4.1.6, "Public
* Key Recovery Operation".
*
* http://www.secg.org/download/aid-780/sec1-v2.pdf
*/
function recoverPubKey (e, signature, i) {
typeforce(types.tuple(
types.BigInt,
types.ECSignature,
types.UInt2
), arguments)
var n = secp256k1.n
var G = secp256k1.G
var r = signature.r
var s = signature.s
if (r.signum() <= 0 || r.compareTo(n) >= 0) throw new Error('Invalid r value')
if (s.signum() <= 0 || s.compareTo(n) >= 0) throw new Error('Invalid s value')
// A set LSB signifies that the y-coordinate is odd
var isYOdd = i & 1
// The more significant bit specifies whether we should use the
// first or second candidate key.
var isSecondKey = i >> 1
// 1.1 Let x = r + jn
var x = isSecondKey ? r.add(n) : r
var R = secp256k1.pointFromX(isYOdd, x)
// 1.4 Check that nR is at infinity
var nR = R.multiply(n)
if (!secp256k1.isInfinity(nR)) throw new Error('nR is not a valid curve point')
// Compute r^-1
var rInv = r.modInverse(n)
// Compute -e from e
var eNeg = e.negate().mod(n)
// 1.6.1 Compute Q = r^-1 (sR - eG)
// Q = r^-1 (sR + -eG)
var Q = R.multiplyTwo(s, G, eNeg).multiply(rInv)
secp256k1.validate(Q)
return Q
}
/**
* Calculate pubkey extraction parameter.
*
* When extracting a pubkey from a signature, we have to
* distinguish four different cases. Rather than putting this
* burden on the verifier, Bitcoin includes a 2-bit value with the
* signature.
*
* This function simply tries all four cases and returns the value
* that resulted in a successful pubkey recovery.
*/
function calcPubKeyRecoveryParam (e, signature, Q) {
typeforce(types.tuple(
types.BigInt,
types.ECSignature,
types.ECPoint
), arguments)
for (var i = 0; i < 4; i++) {
var Qprime = recoverPubKey(e, signature, i)
// 1.6.2 Verify Q
if (Qprime.equals(Q)) {
return i
}
}
throw new Error('Unable to find valid recovery factor')
}
module.exports = { module.exports = {
calcPubKeyRecoveryParam: calcPubKeyRecoveryParam,
deterministicGenerateK: deterministicGenerateK, deterministicGenerateK: deterministicGenerateK,
recoverPubKey: recoverPubKey,
sign: sign, sign: sign,
verify: verify, verify: verify,

View file

@ -9,7 +9,6 @@ module.exports = {
address: require('./address'), address: require('./address'),
bufferutils: require('./bufferutils'), bufferutils: require('./bufferutils'),
crypto: require('./crypto'), crypto: require('./crypto'),
message: require('./message'),
networks: require('./networks'), networks: require('./networks'),
opcodes: require('./opcodes.json'), opcodes: require('./opcodes.json'),
script: require('./script') script: require('./script')

View file

@ -1,54 +0,0 @@
var bufferutils = require('./bufferutils')
var bcrypto = require('./crypto')
var ecdsa = require('./ecdsa')
var networks = require('./networks')
var BigInteger = require('bigi')
var ECPair = require('./ecpair')
var ECSignature = require('./ecsignature')
function magicHash (message, network) {
var messagePrefix = new Buffer(network.messagePrefix)
var messageBuffer = new Buffer(message)
var lengthBuffer = bufferutils.varIntBuffer(messageBuffer.length)
var buffer = Buffer.concat([messagePrefix, lengthBuffer, messageBuffer])
return bcrypto.hash256(buffer)
}
function sign (keyPair, message, network) {
network = network || networks.bitcoin
var hash = magicHash(message, network)
var signature = keyPair.sign(hash)
var e = BigInteger.fromBuffer(hash)
var i = ecdsa.calcPubKeyRecoveryParam(e, signature, keyPair.Q)
return signature.toCompact(i, keyPair.compressed)
}
function verify (address, signature, message, network) {
if (!Buffer.isBuffer(signature)) {
signature = new Buffer(signature, 'base64')
}
network = network || networks.bitcoin
var hash = magicHash(message, network)
var parsed = ECSignature.parseCompact(signature)
var e = BigInteger.fromBuffer(hash)
var Q = ecdsa.recoverPubKey(e, parsed.signature, parsed.i)
var keyPair = new ECPair(null, Q, {
compressed: parsed.compressed,
network: network
})
return keyPair.getAddress() === address
}
module.exports = {
magicHash: magicHash,
sign: sign,
verify: verify
}

View file

@ -3,8 +3,6 @@
var assert = require('assert') var assert = require('assert')
var bcrypto = require('../src/crypto') var bcrypto = require('../src/crypto')
var ecdsa = require('../src/ecdsa') var ecdsa = require('../src/ecdsa')
var message = require('../src/message')
var networks = require('../src/networks')
var sinon = require('sinon') var sinon = require('sinon')
var BigInteger = require('bigi') var BigInteger = require('bigi')
@ -83,55 +81,6 @@ describe('ecdsa', function () {
}) })
}) })
describe('recoverPubKey', function () {
fixtures.valid.ecdsa.forEach(function (f) {
it('recovers the pubKey for ' + f.d, function () {
var d = BigInteger.fromHex(f.d)
var Q = curve.G.multiply(d)
var signature = ECSignature.fromDER(new Buffer(f.signature, 'hex'))
var h1 = bcrypto.sha256(f.message)
var e = BigInteger.fromBuffer(h1)
var Qprime = ecdsa.recoverPubKey(e, signature, f.i)
assert(Qprime.equals(Q))
})
})
describe('with i ∈ {0,1,2,3}', function () {
var hash = message.magicHash('1111', networks.bitcoin)
var e = BigInteger.fromBuffer(hash)
var signatureBuffer = new Buffer('INcvXVVEFyIfHLbDX+xoxlKFn3Wzj9g0UbhObXdMq+YMKC252o5RHFr0/cKdQe1WsBLUBi4morhgZ77obDJVuV0=', 'base64')
var signature = ECSignature.parseCompact(signatureBuffer).signature
var points = [
'03e3a8c44a8bf712f1fbacee274fb19c0239b1a9e877eff0075ea335f2be8ff380',
'0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798',
'03d49e765f0bc27525c51a1b98fb1c99dacd59abe85a203af90f758260550b56c5',
'027eea09d46ac7fb6aa2e96f9c576677214ffdc238eb167734a9b39d1eb4c3d30d'
]
points.forEach(function (expectedHex, i) {
it('recovers an expected point for i of ' + i, function () {
var Qprime = ecdsa.recoverPubKey(e, signature, i)
var QprimeHex = Qprime.getEncoded().toString('hex')
assert.strictEqual(QprimeHex, expectedHex)
})
})
})
fixtures.invalid.recoverPubKey.forEach(function (f) {
it('throws on ' + f.description + ' (' + f.exception + ')', function () {
var e = BigInteger.fromHex(f.e)
var signature = new ECSignature(new BigInteger(f.signatureRaw.r, 16), new BigInteger(f.signatureRaw.s, 16))
assert.throws(function () {
ecdsa.recoverPubKey(e, signature, f.i)
}, new RegExp(f.exception))
})
})
})
describe('sign', function () { describe('sign', function () {
fixtures.valid.ecdsa.forEach(function (f) { fixtures.valid.ecdsa.forEach(function (f) {
it('produces a deterministic signature for "' + f.message + '"', function () { it('produces a deterministic signature for "' + f.message + '"', function () {

View file

@ -125,78 +125,6 @@
] ]
}, },
"invalid": { "invalid": {
"recoverPubKey": [
{
"description": "Invalid r value (< 0)",
"exception": "Invalid r value",
"e": "01",
"signatureRaw": {
"r": "-01",
"s": "02"
},
"i": 0
},
{
"description": "Invalid r value (== 0)",
"exception": "Invalid r value",
"e": "01",
"signatureRaw": {
"r": "00",
"s": "02"
},
"i": 0
},
{
"description": "Invalid s value (< 0)",
"exception": "Invalid s value",
"e": "01",
"signatureRaw": {
"r": "02",
"s": "-01"
},
"i": 0
},
{
"description": "Invalid s value (== 0)",
"exception": "Invalid s value",
"e": "01",
"signatureRaw": {
"r": "02",
"s": "00"
},
"i": 0
},
{
"description": "Invalid r value (nR is infinity)",
"exception": "nR is not a valid curve point",
"e": "01",
"signatureRaw": {
"r": "fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364140",
"s": "01"
},
"i": 0
},
{
"description": "Invalid curve point",
"exception": "Point is not on the curve",
"e": "01",
"signatureRaw": {
"r": "4b3b4ca85a86c47a098a223fffffffff",
"s": "01"
},
"i": 0
},
{
"description": "Invalid i value (> 3)",
"exception": "Expected property \"2\" of type UInt2, got Number 4",
"e": "01",
"signatureRaw": {
"r": "00",
"s": "02"
},
"i": 4
}
],
"verify": [ "verify": [
{ {
"description": "The wrong signature", "description": "The wrong signature",

View file

@ -1,86 +0,0 @@
{
"valid": {
"magicHash": [
{
"network": "bitcoin",
"message": "",
"magicHash": "80e795d4a4caadd7047af389d9f7f220562feb6196032e2131e10563352c4bcc"
},
{
"network": "bitcoin",
"message": "Vires is Numeris",
"magicHash": "f8a5affbef4a3241b19067aa694562f64f513310817297089a8929a930f4f933"
},
{
"network": "dogecoin",
"message": "Vires is Numeris",
"magicHash": "c0963d20d0accd0ea0df6c1020bf85a7e629a40e7b5363f2c3e9dcafd5638f12"
}
],
"verify": [
{
"message": "vires is numeris",
"network": "bitcoin",
"address": "16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM",
"signature": "G8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0=",
"compressed": {
"address": "1PMycacnJaSqwwJqjawXBErnLsZ7RkXUAs",
"signature": "H8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
}
},
{
"message": "vires is numeris",
"network": "dogecoin",
"address": "DFpN6QqFfUm3gKNaxN6tNcab1FArL9cZLE",
"signature": "H6k+dZwJ8oOei3PCSpdj603fDvhlhQ+sqaFNIDvo/bI+Xh6zyIKGzZpyud6YhZ1a5mcrwMVtTWL+VXq/hC5Zj7s="
}
],
"signing": [
{
"description": "gives equal r, s values irrespective of point compression",
"message": "vires is numeris",
"network": "bitcoin",
"d": "1",
"signature": "HF8nHqFr3K2UKYahhX3soVeoW8W1ECNbr0wfck7lzyXjCS5Q16Ek45zyBuy1Fiy9sTPKVgsqqOuPvbycuVSSVl8=",
"compressed": {
"signature": "IF8nHqFr3K2UKYahhX3soVeoW8W1ECNbr0wfck7lzyXjCS5Q16Ek45zyBuy1Fiy9sTPKVgsqqOuPvbycuVSSVl8="
}
},
{
"description": "supports alternative networks",
"message": "vires is numeris",
"network": "dogecoin",
"d": "1",
"signature": "G6k+dZwJ8oOei3PCSpdj603fDvhlhQ+sqaFNIDvo/bI+Xh6zyIKGzZpyud6YhZ1a5mcrwMVtTWL+VXq/hC5Zj7s="
}
]
},
"invalid": {
"verify": [
{
"description": "will fail for the wrong message",
"message": "foobar",
"address": "16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM",
"signature": "G8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
},
{
"description": "will fail for the wrong address",
"message": "vires is numeris",
"address": "1111111111111111111114oLvT2",
"signature": "H8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
},
{
"description": "does not cross verify (uncompressed address, compressed signature)",
"message": "vires is numeris",
"address": "16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM",
"signature": "H8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
},
{
"description": "does not cross verify (compressed address, uncompressed signature)",
"message": "vires is numeris",
"address": "1PMycacnJaSqwwJqjawXBErnLsZ7RkXUAs",
"signature": "G8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
}
]
}
}

View file

@ -1,28 +1,11 @@
/* global describe, it */ /* global describe, it */
var assert = require('assert')
var bitcoin = require('../../') var bitcoin = require('../../')
var blockchain = require('./_blockchain') var blockchain = require('./_blockchain')
describe('bitcoinjs-lib (advanced)', function () { describe('bitcoinjs-lib (advanced)', function () {
it('can sign a Bitcoin message', function () { it('can create an OP_RETURN transaction', function (done) {
var keyPair = bitcoin.ECPair.fromWIF('5KYZdUEo39z3FPrtuX2QbbwGnNP5zTd7yyr2SC1j299sBCnWjss') this.timeout(20000)
var message = 'This is an example of a signed message.'
var signature = bitcoin.message.sign(keyPair, message)
assert.strictEqual(signature.toString('base64'), 'G9L5yLFjti0QTHhPyFrZCT1V/MMnBtXKmoiKDZ78NDBjERki6ZTQZdSMCtkgoNmp17By9ItJr8o7ChX0XxY91nk=')
})
it('can verify a Bitcoin message', function () {
var address = '1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN'
var signature = 'HJLQlDWLyb1Ef8bQKEISzFbDAKctIlaqOpGbrk3YVtRsjmC61lpE5ErkPRUFtDKtx98vHFGUWlFhsh3DiW6N0rE'
var message = 'This is an example of a signed message.'
assert(bitcoin.message.verify(address, signature, message))
})
it('can create a transaction using OP_RETURN', function (done) {
this.timeout(30000)
var network = bitcoin.networks.testnet var network = bitcoin.networks.testnet
var keyPair = bitcoin.ECPair.makeRandom({ network: network }) var keyPair = bitcoin.ECPair.makeRandom({ network: network })

View file

@ -1,64 +0,0 @@
/* global describe, it */
var assert = require('assert')
var message = require('../src/message')
var networks = require('../src/networks')
var BigInteger = require('bigi')
var ECPair = require('../src/ecpair')
var fixtures = require('./fixtures/message.json')
describe('message', function () {
describe('magicHash', function () {
fixtures.valid.magicHash.forEach(function (f) {
it('produces the correct magicHash for "' + f.message + '" (' + f.network + ')', function () {
var network = networks[f.network]
var actual = message.magicHash(f.message, network)
assert.strictEqual(actual.toString('hex'), f.magicHash)
})
})
})
describe('verify', function () {
fixtures.valid.verify.forEach(function (f) {
it('verifies a valid signature for "' + f.message + '" (' + f.network + ')', function () {
var network = networks[f.network]
assert(message.verify(f.address, f.signature, f.message, network))
if (f.compressed) {
assert(message.verify(f.compressed.address, f.compressed.signature, f.message, network))
}
})
})
fixtures.invalid.verify.forEach(function (f) {
it(f.description, function () {
assert(!message.verify(f.address, f.signature, f.message))
})
})
})
describe('signing', function () {
fixtures.valid.signing.forEach(function (f) {
it(f.description, function () {
var network = networks[f.network]
var keyPair = new ECPair(new BigInteger(f.d), null, {
compressed: false
})
var signature = message.sign(keyPair, f.message, network)
assert.strictEqual(signature.toString('base64'), f.signature)
if (f.compressed) {
var compressedPrivKey = new ECPair(new BigInteger(f.d))
var compressedSignature = message.sign(compressedPrivKey, f.message)
assert.strictEqual(compressedSignature.toString('base64'), f.compressed.signature)
}
})
})
})
})