Merge pull request #456 from bitcoinjs/nomessage

Remove message module
2016-10-06 10:44:44 -05:00 · 2016-10-06 10:44:44 -05:00 · 038c0f08d2
commit 038c0f08d2
parent 80b1b50155 de6671ecaa
9 changed files with 5 additions and 437 deletions
--- a/README.md
+++ b/README.md
@ -100,11 +100,9 @@ The below examples are implemented as integration tests, they should be very eas

 - [Generate a random address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L9)
 - [Generate a address from a SHA256 hash](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L20)
- [Generate a address and WIF for Litecoin](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L30)
- [Import an address via WIF](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L44)
- [Create a Transaction](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L51)
- [Sign a Bitcoin message](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/advanced.js#L8)
- [Verify a Bitcoin message](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/advanced.js#L16)
+- [Generate a address and WIF for Litecoin](https://github.com/bitcoin/bitcoinjs-lib/blob/master/test/integration/basic.js#L29)
+- [Import an address via WIF](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L43)
+- [Create a Transaction](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/basic.js#L50)
 - [Create an OP RETURN transaction](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/advanced.js#L24)
 - [Create a 2-of-3 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L9)
 - [Spend from a 2-of-4 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L25)
--- a/src/ecdsa.js
+++ b/src/ecdsa.js
@ -154,93 +154,8 @@ function verify (hash, signature, Q) {
  return v.equals(r)
 }

-/**
-  * Recover a public key from a signature.
-  *
-  * See SEC 1: Elliptic Curve Cryptography, section 4.1.6, "Public
-  * Key Recovery Operation".
-  *
-  * http://www.secg.org/download/aid-780/sec1-v2.pdf
-  */
-function recoverPubKey (e, signature, i) {
-  typeforce(types.tuple(
-    types.BigInt,
-    types.ECSignature,
-    types.UInt2
-  ), arguments)
-
-  var n = secp256k1.n
-  var G = secp256k1.G
-  var r = signature.r
-  var s = signature.s
-
-  if (r.signum() <= 0 || r.compareTo(n) >= 0) throw new Error('Invalid r value')
-  if (s.signum() <= 0 || s.compareTo(n) >= 0) throw new Error('Invalid s value')
-
-  // A set LSB signifies that the y-coordinate is odd
-  var isYOdd = i & 1
-
-  // The more significant bit specifies whether we should use the
-  // first or second candidate key.
-  var isSecondKey = i >> 1
-
-  // 1.1 Let x = r + jn
-  var x = isSecondKey ? r.add(n) : r
-  var R = secp256k1.pointFromX(isYOdd, x)
-
-  // 1.4 Check that nR is at infinity
-  var nR = R.multiply(n)
-  if (!secp256k1.isInfinity(nR)) throw new Error('nR is not a valid curve point')
-
-  // Compute r^-1
-  var rInv = r.modInverse(n)
-
-  // Compute -e from e
-  var eNeg = e.negate().mod(n)
-
-  // 1.6.1 Compute Q = r^-1 (sR -  eG)
-  //               Q = r^-1 (sR + -eG)
-  var Q = R.multiplyTwo(s, G, eNeg).multiply(rInv)
-
-  secp256k1.validate(Q)
-
-  return Q
-}
-
-/**
-  * Calculate pubkey extraction parameter.
-  *
-  * When extracting a pubkey from a signature, we have to
-  * distinguish four different cases. Rather than putting this
-  * burden on the verifier, Bitcoin includes a 2-bit value with the
-  * signature.
-  *
-  * This function simply tries all four cases and returns the value
-  * that resulted in a successful pubkey recovery.
-  */
-function calcPubKeyRecoveryParam (e, signature, Q) {
-  typeforce(types.tuple(
-    types.BigInt,
-    types.ECSignature,
-    types.ECPoint
-  ), arguments)
-
-  for (var i = 0; i < 4; i++) {
-    var Qprime = recoverPubKey(e, signature, i)
-
-    // 1.6.2 Verify Q
-    if (Qprime.equals(Q)) {
-      return i
-    }
-  }
-
-  throw new Error('Unable to find valid recovery factor')
-}
-
 module.exports = {
-  calcPubKeyRecoveryParam: calcPubKeyRecoveryParam,
  deterministicGenerateK: deterministicGenerateK,
-  recoverPubKey: recoverPubKey,
  sign: sign,
  verify: verify,

--- a/src/index.js
+++ b/src/index.js
@ -9,7 +9,6 @@ module.exports = {
  address: require('./address'),
  bufferutils: require('./bufferutils'),
  crypto: require('./crypto'),
-  message: require('./message'),
  networks: require('./networks'),
  opcodes: require('./opcodes.json'),
  script: require('./script')
--- a/src/message.js
+++ b/src/message.js
@ -1,54 +0,0 @@
-var bufferutils = require('./bufferutils')
-var bcrypto = require('./crypto')
-var ecdsa = require('./ecdsa')
-var networks = require('./networks')
-
-var BigInteger = require('bigi')
-var ECPair = require('./ecpair')
-var ECSignature = require('./ecsignature')
-
-function magicHash (message, network) {
-  var messagePrefix = new Buffer(network.messagePrefix)
-  var messageBuffer = new Buffer(message)
-  var lengthBuffer = bufferutils.varIntBuffer(messageBuffer.length)
-
-  var buffer = Buffer.concat([messagePrefix, lengthBuffer, messageBuffer])
-  return bcrypto.hash256(buffer)
-}
-
-function sign (keyPair, message, network) {
-  network = network || networks.bitcoin
-
-  var hash = magicHash(message, network)
-  var signature = keyPair.sign(hash)
-  var e = BigInteger.fromBuffer(hash)
-  var i = ecdsa.calcPubKeyRecoveryParam(e, signature, keyPair.Q)
-
-  return signature.toCompact(i, keyPair.compressed)
-}
-
-function verify (address, signature, message, network) {
-  if (!Buffer.isBuffer(signature)) {
-    signature = new Buffer(signature, 'base64')
-  }
-
-  network = network || networks.bitcoin
-
-  var hash = magicHash(message, network)
-  var parsed = ECSignature.parseCompact(signature)
-  var e = BigInteger.fromBuffer(hash)
-  var Q = ecdsa.recoverPubKey(e, parsed.signature, parsed.i)
-
-  var keyPair = new ECPair(null, Q, {
-    compressed: parsed.compressed,
-    network: network
-  })
-
-  return keyPair.getAddress() === address
-}
-
-module.exports = {
-  magicHash: magicHash,
-  sign: sign,
-  verify: verify
-}
--- a/test/ecdsa.js
+++ b/test/ecdsa.js
@ -3,8 +3,6 @@
 var assert = require('assert')
 var bcrypto = require('../src/crypto')
 var ecdsa = require('../src/ecdsa')
-var message = require('../src/message')
-var networks = require('../src/networks')
 var sinon = require('sinon')

 var BigInteger = require('bigi')
@ -83,55 +81,6 @@ describe('ecdsa', function () {
    })
  })

-  describe('recoverPubKey', function () {
-    fixtures.valid.ecdsa.forEach(function (f) {
-      it('recovers the pubKey for ' + f.d, function () {
-        var d = BigInteger.fromHex(f.d)
-        var Q = curve.G.multiply(d)
-        var signature = ECSignature.fromDER(new Buffer(f.signature, 'hex'))
-        var h1 = bcrypto.sha256(f.message)
-        var e = BigInteger.fromBuffer(h1)
-        var Qprime = ecdsa.recoverPubKey(e, signature, f.i)
-
-        assert(Qprime.equals(Q))
-      })
-    })
-
-    describe('with i ∈ {0,1,2,3}', function () {
-      var hash = message.magicHash('1111', networks.bitcoin)
-      var e = BigInteger.fromBuffer(hash)
-
-      var signatureBuffer = new Buffer('INcvXVVEFyIfHLbDX+xoxlKFn3Wzj9g0UbhObXdMq+YMKC252o5RHFr0/cKdQe1WsBLUBi4morhgZ77obDJVuV0=', 'base64')
-      var signature = ECSignature.parseCompact(signatureBuffer).signature
-      var points = [
-        '03e3a8c44a8bf712f1fbacee274fb19c0239b1a9e877eff0075ea335f2be8ff380',
-        '0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798',
-        '03d49e765f0bc27525c51a1b98fb1c99dacd59abe85a203af90f758260550b56c5',
-        '027eea09d46ac7fb6aa2e96f9c576677214ffdc238eb167734a9b39d1eb4c3d30d'
-      ]
-
-      points.forEach(function (expectedHex, i) {
-        it('recovers an expected point for i of ' + i, function () {
-          var Qprime = ecdsa.recoverPubKey(e, signature, i)
-          var QprimeHex = Qprime.getEncoded().toString('hex')
-
-          assert.strictEqual(QprimeHex, expectedHex)
-        })
-      })
-    })
-
-    fixtures.invalid.recoverPubKey.forEach(function (f) {
-      it('throws on ' + f.description + ' (' + f.exception + ')', function () {
-        var e = BigInteger.fromHex(f.e)
-        var signature = new ECSignature(new BigInteger(f.signatureRaw.r, 16), new BigInteger(f.signatureRaw.s, 16))
-
-        assert.throws(function () {
-          ecdsa.recoverPubKey(e, signature, f.i)
-        }, new RegExp(f.exception))
-      })
-    })
-  })
-
  describe('sign', function () {
    fixtures.valid.ecdsa.forEach(function (f) {
      it('produces a deterministic signature for "' + f.message + '"', function () {
--- a/test/fixtures/ecdsa.json
+++ b/test/fixtures/ecdsa.json
@ -125,78 +125,6 @@
    ]
  },
  "invalid": {
-    "recoverPubKey": [
-      {
-        "description": "Invalid r value (< 0)",
-        "exception": "Invalid r value",
-        "e": "01",
-        "signatureRaw": {
-          "r": "-01",
-          "s": "02"
-        },
-        "i": 0
-      },
-      {
-        "description": "Invalid r value (== 0)",
-        "exception": "Invalid r value",
-        "e": "01",
-        "signatureRaw": {
-          "r": "00",
-          "s": "02"
-        },
-        "i": 0
-      },
-      {
-        "description": "Invalid s value (< 0)",
-        "exception": "Invalid s value",
-        "e": "01",
-        "signatureRaw": {
-          "r": "02",
-          "s": "-01"
-        },
-        "i": 0
-      },
-      {
-        "description": "Invalid s value (== 0)",
-        "exception": "Invalid s value",
-        "e": "01",
-        "signatureRaw": {
-          "r": "02",
-          "s": "00"
-        },
-        "i": 0
-      },
-      {
-        "description": "Invalid r value (nR is infinity)",
-        "exception": "nR is not a valid curve point",
-        "e": "01",
-        "signatureRaw": {
-          "r": "fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364140",
-          "s": "01"
-        },
-        "i": 0
-      },
-      {
-        "description": "Invalid curve point",
-        "exception": "Point is not on the curve",
-        "e": "01",
-        "signatureRaw": {
-          "r": "4b3b4ca85a86c47a098a223fffffffff",
-          "s": "01"
-        },
-        "i": 0
-      },
-      {
-        "description": "Invalid i value (> 3)",
-        "exception": "Expected property \"2\" of type UInt2, got Number 4",
-        "e": "01",
-        "signatureRaw": {
-          "r": "00",
-          "s": "02"
-        },
-        "i": 4
-      }
-    ],
    "verify": [
      {
        "description": "The wrong signature",
--- a/test/fixtures/message.json
+++ b/test/fixtures/message.json
@ -1,86 +0,0 @@
-{
-  "valid": {
-    "magicHash": [
-      {
-        "network": "bitcoin",
-        "message": "",
-        "magicHash": "80e795d4a4caadd7047af389d9f7f220562feb6196032e2131e10563352c4bcc"
-      },
-      {
-        "network": "bitcoin",
-        "message": "Vires is Numeris",
-        "magicHash": "f8a5affbef4a3241b19067aa694562f64f513310817297089a8929a930f4f933"
-      },
-      {
-        "network": "dogecoin",
-        "message": "Vires is Numeris",
-        "magicHash": "c0963d20d0accd0ea0df6c1020bf85a7e629a40e7b5363f2c3e9dcafd5638f12"
-      }
-    ],
-    "verify": [
-      {
-        "message": "vires is numeris",
-        "network": "bitcoin",
-        "address": "16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM",
-        "signature": "G8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0=",
-        "compressed": {
-          "address": "1PMycacnJaSqwwJqjawXBErnLsZ7RkXUAs",
-          "signature": "H8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
-        }
-      },
-      {
-        "message": "vires is numeris",
-        "network": "dogecoin",
-        "address": "DFpN6QqFfUm3gKNaxN6tNcab1FArL9cZLE",
-        "signature": "H6k+dZwJ8oOei3PCSpdj603fDvhlhQ+sqaFNIDvo/bI+Xh6zyIKGzZpyud6YhZ1a5mcrwMVtTWL+VXq/hC5Zj7s="
-      }
-    ],
-    "signing": [
-      {
-        "description": "gives equal r, s values irrespective of point compression",
-        "message": "vires is numeris",
-        "network": "bitcoin",
-        "d": "1",
-        "signature": "HF8nHqFr3K2UKYahhX3soVeoW8W1ECNbr0wfck7lzyXjCS5Q16Ek45zyBuy1Fiy9sTPKVgsqqOuPvbycuVSSVl8=",
-        "compressed": {
-          "signature": "IF8nHqFr3K2UKYahhX3soVeoW8W1ECNbr0wfck7lzyXjCS5Q16Ek45zyBuy1Fiy9sTPKVgsqqOuPvbycuVSSVl8="
-        }
-      },
-      {
-        "description": "supports alternative networks",
-        "message": "vires is numeris",
-        "network": "dogecoin",
-        "d": "1",
-        "signature": "G6k+dZwJ8oOei3PCSpdj603fDvhlhQ+sqaFNIDvo/bI+Xh6zyIKGzZpyud6YhZ1a5mcrwMVtTWL+VXq/hC5Zj7s="
-      }
-    ]
-  },
-  "invalid": {
-    "verify": [
-      {
-        "description": "will fail for the wrong message",
-        "message": "foobar",
-        "address": "16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM",
-        "signature": "G8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
-      },
-      {
-        "description": "will fail for the wrong address",
-        "message": "vires is numeris",
-        "address": "1111111111111111111114oLvT2",
-        "signature": "H8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
-      },
-      {
-        "description": "does not cross verify (uncompressed address, compressed signature)",
-        "message": "vires is numeris",
-        "address": "16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM",
-        "signature": "H8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
-      },
-      {
-        "description": "does not cross verify (compressed address, uncompressed signature)",
-        "message": "vires is numeris",
-        "address": "1PMycacnJaSqwwJqjawXBErnLsZ7RkXUAs",
-        "signature": "G8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
-      }
-    ]
-  }
-}
--- a/test/integration/advanced.js
+++ b/test/integration/advanced.js
@ -1,28 +1,11 @@
 /* global describe, it */

-var assert = require('assert')
 var bitcoin = require('../../')
 var blockchain = require('./_blockchain')

 describe('bitcoinjs-lib (advanced)', function () {
-  it('can sign a Bitcoin message', function () {
-    var keyPair = bitcoin.ECPair.fromWIF('5KYZdUEo39z3FPrtuX2QbbwGnNP5zTd7yyr2SC1j299sBCnWjss')
-    var message = 'This is an example of a signed message.'
-
-    var signature = bitcoin.message.sign(keyPair, message)
-    assert.strictEqual(signature.toString('base64'), 'G9L5yLFjti0QTHhPyFrZCT1V/MMnBtXKmoiKDZ78NDBjERki6ZTQZdSMCtkgoNmp17By9ItJr8o7ChX0XxY91nk=')
-  })
-
-  it('can verify a Bitcoin message', function () {
-    var address = '1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN'
-    var signature = 'HJLQlDWLyb1Ef8bQKEISzFbDAKctIlaqOpGbrk3YVtRsjmC61lpE5ErkPRUFtDKtx98vHFGUWlFhsh3DiW6N0rE'
-    var message = 'This is an example of a signed message.'
-
-    assert(bitcoin.message.verify(address, signature, message))
-  })
-
-  it('can create a transaction using OP_RETURN', function (done) {
-    this.timeout(30000)
+  it('can create an OP_RETURN transaction', function (done) {
+    this.timeout(20000)

    var network = bitcoin.networks.testnet
    var keyPair = bitcoin.ECPair.makeRandom({ network: network })
--- a/test/message.js
+++ b/test/message.js
@ -1,64 +0,0 @@
-/* global describe, it */
-
-var assert = require('assert')
-var message = require('../src/message')
-var networks = require('../src/networks')
-
-var BigInteger = require('bigi')
-var ECPair = require('../src/ecpair')
-
-var fixtures = require('./fixtures/message.json')
-
-describe('message', function () {
-  describe('magicHash', function () {
-    fixtures.valid.magicHash.forEach(function (f) {
-      it('produces the correct magicHash for "' + f.message + '" (' + f.network + ')', function () {
-        var network = networks[f.network]
-        var actual = message.magicHash(f.message, network)
-
-        assert.strictEqual(actual.toString('hex'), f.magicHash)
-      })
-    })
-  })
-
-  describe('verify', function () {
-    fixtures.valid.verify.forEach(function (f) {
-      it('verifies a valid signature for "' + f.message + '" (' + f.network + ')', function () {
-        var network = networks[f.network]
-
-        assert(message.verify(f.address, f.signature, f.message, network))
-
-        if (f.compressed) {
-          assert(message.verify(f.compressed.address, f.compressed.signature, f.message, network))
-        }
-      })
-    })
-
-    fixtures.invalid.verify.forEach(function (f) {
-      it(f.description, function () {
-        assert(!message.verify(f.address, f.signature, f.message))
-      })
-    })
-  })
-
-  describe('signing', function () {
-    fixtures.valid.signing.forEach(function (f) {
-      it(f.description, function () {
-        var network = networks[f.network]
-
-        var keyPair = new ECPair(new BigInteger(f.d), null, {
-          compressed: false
-        })
-        var signature = message.sign(keyPair, f.message, network)
-        assert.strictEqual(signature.toString('base64'), f.signature)
-
-        if (f.compressed) {
-          var compressedPrivKey = new ECPair(new BigInteger(f.d))
-          var compressedSignature = message.sign(compressedPrivKey, f.message)
-
-          assert.strictEqual(compressedSignature.toString('base64'), f.compressed.signature)
-        }
-      })
-    })
-  })
-})