From 08876fc065646d3bbbebc7e64777d950c47fd24c Mon Sep 17 00:00:00 2001 From: Daniel Cousens Date: Sat, 21 Jun 2014 22:33:26 +1000 Subject: [PATCH] ecdsa: ecurve 0.10.0 --- package.json | 2 +- src/ecdsa.js | 21 ++------------------- 2 files changed, 3 insertions(+), 20 deletions(-) diff --git a/package.json b/package.json index b7e7523..5e38867 100644 --- a/package.json +++ b/package.json @@ -71,7 +71,7 @@ "dependencies": { "bigi": "1.1.0", "crypto-js": "3.1.2-3", - "ecurve": "0.9.0", + "ecurve": "0.10.0", "secure-random": "0.2.1" } } diff --git a/src/ecdsa.js b/src/ecdsa.js index 5a0ee2c..9c4d538 100644 --- a/src/ecdsa.js +++ b/src/ecdsa.js @@ -116,8 +116,7 @@ function recoverPubKey(curve, e, signature, i) { var s = signature.s // A set LSB signifies that the y-coordinate is odd - // By reduction, the y-coordinate is even if it is clear - var isYEven = !(i & 1) + var isYOdd = i & 1 // The more significant bit specifies whether we should use the // first or second candidate key. @@ -125,28 +124,12 @@ function recoverPubKey(curve, e, signature, i) { var n = curve.n var G = curve.G - var p = curve.p - var a = curve.a - var b = curve.b - - // We precalculate (p + 1) / 4 where p is the field order - if (!curve.P_OVER_FOUR) { - curve.P_OVER_FOUR = p.add(BigInteger.ONE).shiftRight(2) - } // 1.1 Let x = r + jn var x = isSecondKey ? r.add(n) : r - - // 1.2, 1.3 Convert x to a point R using routine specified in Section 2.3.4 - var alpha = x.pow(3).add(a.multiply(x)).add(b).mod(p) - var beta = alpha.modPow(curve.P_OVER_FOUR, p) - - // If beta is even, but y isn't, or vice versa, then convert it, - // otherwise we're done and y == beta. - var y = (beta.isEven() ^ isYEven) ? p.subtract(beta) : beta + var R = curve.pointFromX(isYOdd, x) // 1.4 Check that nR is at infinity - var R = Point.fromAffine(curve, x, y) var nR = R.multiply(n) assert(curve.isInfinity(nR), 'nR is not a valid curve point')