Merge branch 'msgvers-patch2' of github.com:dcousens/bitcoinjs-lib into dcousens-msgvers-patch2
Conflicts: src/message.js
This commit is contained in:
commit
161127d65a
3 changed files with 71 additions and 67 deletions
|
@ -6,33 +6,27 @@ var ecdsa = require('./ecdsa')
|
||||||
var ECPubKey = require('./eckey').ECPubKey
|
var ECPubKey = require('./eckey').ECPubKey
|
||||||
var SHA256 = require('crypto-js/sha256')
|
var SHA256 = require('crypto-js/sha256')
|
||||||
|
|
||||||
var Message = {}
|
// FIXME: magicHash is incompatible with other magic messages
|
||||||
|
var magicBytes = convert.stringToBytes('Bitcoin Signed Message:\n')
|
||||||
|
|
||||||
Message.magicPrefix = "Bitcoin Signed Message:\n"
|
function magicHash(message) {
|
||||||
|
|
||||||
Message.makeMagicMessage = function (message) {
|
|
||||||
var magicBytes = convert.stringToBytes(Message.magicPrefix)
|
|
||||||
var messageBytes = convert.stringToBytes(message)
|
var messageBytes = convert.stringToBytes(message)
|
||||||
|
|
||||||
return [].concat(
|
var buffer = [].concat(
|
||||||
convert.numToVarInt(magicBytes.length),
|
convert.numToVarInt(magicBytes.length),
|
||||||
magicBytes,
|
magicBytes,
|
||||||
convert.numToVarInt(messageBytes.length),
|
convert.numToVarInt(messageBytes.length),
|
||||||
messageBytes
|
messageBytes
|
||||||
)
|
)
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
Message.getHash = function (message) {
|
|
||||||
var buffer = Message.makeMagicMessage(message)
|
|
||||||
return convert.wordArrayToBytes(SHA256(SHA256(convert.bytesToWordArray(buffer))))
|
return convert.wordArrayToBytes(SHA256(SHA256(convert.bytesToWordArray(buffer))))
|
||||||
}
|
}
|
||||||
|
|
||||||
Message.signMessage = function (key, message) {
|
// TODO: parameterize compression instead of using ECKey.compressed
|
||||||
var hash = Message.getHash(message)
|
function sign(key, message) {
|
||||||
|
var hash = magicHash(message)
|
||||||
var sig = key.sign(hash)
|
var sig = key.sign(hash)
|
||||||
var obj = ecdsa.parseSig(sig)
|
var obj = ecdsa.parseSig(sig)
|
||||||
|
|
||||||
var i = ecdsa.calcPubKeyRecoveryParam(key.getPub().pub, obj.r, obj.s, hash)
|
var i = ecdsa.calcPubKeyRecoveryParam(key.getPub().pub, obj.r, obj.s, hash)
|
||||||
|
|
||||||
i += 27
|
i += 27
|
||||||
|
@ -49,21 +43,22 @@ Message.signMessage = function (key, message) {
|
||||||
|
|
||||||
sig = [i].concat(rBa, sBa)
|
sig = [i].concat(rBa, sBa)
|
||||||
|
|
||||||
return convert.bytesToHex(sig)
|
return sig
|
||||||
}
|
}
|
||||||
|
|
||||||
Message.verifyMessage = function (address, sig, message) {
|
function verify(address, sig, message) {
|
||||||
sig = ecdsa.parseSigCompact(convert.hexToBytes(sig))
|
sig = ecdsa.parseSigCompact(sig)
|
||||||
|
|
||||||
var hash = Message.getHash(message)
|
|
||||||
|
|
||||||
|
var pubKey = new ECPubKey(ecdsa.recoverPubKey(sig.r, sig.s, magicHash(message), sig.i))
|
||||||
var isCompressed = !!(sig.i & 4)
|
var isCompressed = !!(sig.i & 4)
|
||||||
var pubKey = new ECPubKey(ecdsa.recoverPubKey(sig.r, sig.s, hash, sig.i))
|
|
||||||
pubKey.compressed = isCompressed
|
pubKey.compressed = isCompressed
|
||||||
|
|
||||||
// Compare address to expected address
|
|
||||||
address = new Address(address)
|
address = new Address(address)
|
||||||
return address.toString() === pubKey.getAddress(address.version).toString()
|
return pubKey.getAddress(address.version).toString() === address.toString()
|
||||||
}
|
}
|
||||||
|
|
||||||
module.exports = Message
|
module.exports = {
|
||||||
|
magicHash: magicHash,
|
||||||
|
sign: sign,
|
||||||
|
verify: verify
|
||||||
|
}
|
||||||
|
|
|
@ -9,11 +9,8 @@ describe('ecdsa', function() {
|
||||||
it('succesfully recovers a public key', function() {
|
it('succesfully recovers a public key', function() {
|
||||||
var addr = 'mgQK8S6CfSXKjPmnujArSmVxafeJfrZsa3'
|
var addr = 'mgQK8S6CfSXKjPmnujArSmVxafeJfrZsa3'
|
||||||
var signature = convert.base64ToBytes('H0PG6+PUo96UPTJ/DVj8aBU5it+Nuli4YdsLuTMvfJxoHH9Jb7jYTQXCCOX2jrTChD5S1ic3vCrUQHdmB5/sEQY=')
|
var signature = convert.base64ToBytes('H0PG6+PUo96UPTJ/DVj8aBU5it+Nuli4YdsLuTMvfJxoHH9Jb7jYTQXCCOX2jrTChD5S1ic3vCrUQHdmB5/sEQY=')
|
||||||
var sighex = convert.bytesToHex(signature)
|
|
||||||
|
|
||||||
var hash = Message.getHash('1111')
|
|
||||||
var obj = ecdsa.parseSigCompact(signature)
|
var obj = ecdsa.parseSigCompact(signature)
|
||||||
var pubKey = new ECPubKey(ecdsa.recoverPubKey(obj.r, obj.s, hash, obj.i))
|
var pubKey = new ECPubKey(ecdsa.recoverPubKey(obj.r, obj.s, Message.magicHash('1111'), obj.i))
|
||||||
|
|
||||||
assert.equal(pubKey.toHex(true), '02e8fcf4d749b35879bc1f3b14b49e67ab7301da3558c5a9b74a54f1e6339c334c')
|
assert.equal(pubKey.toHex(true), '02e8fcf4d749b35879bc1f3b14b49e67ab7301da3558c5a9b74a54f1e6339c334c')
|
||||||
})
|
})
|
||||||
|
|
|
@ -1,69 +1,81 @@
|
||||||
var assert = require('assert');
|
var assert = require('assert')
|
||||||
var Message = require('../src/message')
|
var convert = require('../').convert
|
||||||
var convert = require('../src/convert')
|
|
||||||
var ECKey = require('../src/eckey').ECKey
|
var ECKey = require('../src/eckey').ECKey
|
||||||
var testnet = require('../src/network.js').testnet.addressVersion
|
var Message = require('../').Message
|
||||||
|
var testnet = require('../').network.testnet.addressVersion
|
||||||
|
|
||||||
describe('Message', function() {
|
describe('Message', function() {
|
||||||
var msg
|
var msg
|
||||||
|
|
||||||
beforeEach(function(){
|
beforeEach(function() {
|
||||||
msg = 'vires is numeris'
|
msg = 'vires is numeris'
|
||||||
})
|
})
|
||||||
|
|
||||||
describe('verifyMessage', function(){
|
describe('verify', function() {
|
||||||
it('works for mainnet address, messaged signed with uncompressed key', function() {
|
var addr, sig, caddr, csig
|
||||||
var addr = '16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM';
|
|
||||||
var sig = '1bc25ac0fb503abc9bad23f558742740fafaec1f52deaaf106b9759a5ce84c93921c4a669c5ec3dfeb7e2d7d177a2f49db407900874f6de2f701a4c16783776d8d'
|
beforeEach(function() {
|
||||||
assert.ok(Message.verifyMessage(addr, sig, msg));
|
addr = '16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM' // uncompressed
|
||||||
verifyNegativeCases(addr, sig, msg)
|
caddr = '1PMycacnJaSqwwJqjawXBErnLsZ7RkXUAs' // compressed
|
||||||
|
|
||||||
|
sig = convert.hexToBytes('1bc25ac0fb503abc9bad23f558742740fafaec1f52deaaf106b9759a5ce84c93921c4a669c5ec3dfeb7e2d7d177a2f49db407900874f6de2f701a4c16783776d8d')
|
||||||
|
csig = convert.hexToBytes('1fc25ac0fb503abc9bad23f558742740fafaec1f52deaaf106b9759a5ce84c93921c4a669c5ec3dfeb7e2d7d177a2f49db407900874f6de2f701a4c16783776d8d')
|
||||||
})
|
})
|
||||||
|
|
||||||
it('works for testnet address, message signed with compressed key', function() {
|
it('can verify a signed message', function() {
|
||||||
var addr = 'mgdnNWji2bXYSi7E9c1DQBSp64kCemaS7V'
|
assert.ok(Message.verify(addr, sig, msg))
|
||||||
var sig = '1feece860e952253ddf465cd1c5aea76ab16287aee093be6f67d196c39f5075436f0407a4e50694e6956c06108fab8608debf9554d75e57c110f7c512a6eb15d0a'
|
assert.ok(Message.verify(caddr, csig, msg))
|
||||||
|
|
||||||
assert(Message.verifyMessage(addr, sig, msg))
|
|
||||||
verifyNegativeCases(addr, sig, msg)
|
|
||||||
})
|
})
|
||||||
|
|
||||||
function verifyNegativeCases(addr, sig, msg){
|
it('will fail for the wrong message', function() {
|
||||||
var wrongMsg = 'vires in numeris'
|
assert.ok(!Message.verify(addr, sig, 'foobar'))
|
||||||
assert.ok(!Message.verifyMessage(addr, sig, wrongMsg));
|
assert.ok(!Message.verify(caddr, csig, 'foobar'))
|
||||||
|
})
|
||||||
|
|
||||||
var wrongAddress = new ECKey(null).getAddress()
|
it('will fail for the wrong public key', function() {
|
||||||
assert.ok(!Message.verifyMessage(wrongAddress, sig, msg));
|
assert.ok(!Message.verify('1MsHWS1BnwMc3tLE8G35UXsS58fKipzB7a', sig, msg))
|
||||||
}
|
assert.ok(!Message.verify('1Q1pE5vPGEEMqRcVRMbtBK842Y6Pzo6nK9', csig, msg))
|
||||||
|
})
|
||||||
|
|
||||||
|
it('supports alternate network addresses', function() {
|
||||||
|
var taddr = 'mxnQZKxSKjzaMgrdXzk35rif3u62TLDrg9'
|
||||||
|
var tsig = convert.base64ToBytes('IGucnrTku3KLCCHUMwq9anawfrlN8RK1HWMN+10LhsHJeysBdWfj5ohJcS/+oqrlVFNvEgbgEeAQUL6r3sZwnj8=')
|
||||||
|
|
||||||
|
assert.ok(Message.verify(taddr, tsig, msg))
|
||||||
|
assert.ok(!Message.verify(taddr, tsig, 'foobar'))
|
||||||
|
})
|
||||||
|
|
||||||
|
it('does not cross verify (compressed/uncompressed)', function() {
|
||||||
|
assert.ok(!Message.verify(addr, csig, msg))
|
||||||
|
assert.ok(!Message.verify(caddr, sig, msg))
|
||||||
|
})
|
||||||
})
|
})
|
||||||
|
|
||||||
describe('signMessage', function() {
|
describe('signing', function() {
|
||||||
describe('uncompressed key', function(){
|
describe('using the uncompressed public key', function(){
|
||||||
it('works', function(){
|
it('gives same signature as a compressed public key', function() {
|
||||||
var key = new ECKey(null)
|
var key = new ECKey(null) // uncompressed
|
||||||
var sig = Message.signMessage(key, msg);
|
var sig = Message.sign(key, msg)
|
||||||
|
|
||||||
var addr = key.getAddress()
|
var compressedKey = new ECKey(key, true) // compressed clone
|
||||||
assert(Message.verifyMessage(addr, sig, msg));
|
var csig = Message.sign(compressedKey, msg) // FIXME: bad compression support
|
||||||
})
|
|
||||||
})
|
|
||||||
|
|
||||||
describe('compressed key', function(){
|
var addr = key.getPub().getAddress()
|
||||||
it('works', function(){
|
var caddr = compressedKey.getPub().getAddress()
|
||||||
var key = new ECKey(null, true)
|
assert.ok(Message.verify(addr, sig, msg))
|
||||||
var sig = Message.signMessage(key, msg);
|
assert.ok(Message.verify(caddr, csig, msg))
|
||||||
|
assert.notDeepEqual(sig.slice(0, 2), csig.slice(0, 2)) // unequal compression flags
|
||||||
var addr = key.getAddress()
|
assert.deepEqual(sig.slice(2), csig.slice(2)) // equal signatures
|
||||||
assert(Message.verifyMessage(addr, sig, msg));
|
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
|
||||||
describe('testnet address', function(){
|
describe('testnet address', function(){
|
||||||
it('works', function(){
|
it('works', function(){
|
||||||
var key = new ECKey(null)
|
var key = new ECKey(null)
|
||||||
var sig = Message.signMessage(key, msg);
|
var sig = Message.sign(key, msg)
|
||||||
|
|
||||||
var addr = key.getAddress(testnet)
|
var addr = key.getAddress(testnet)
|
||||||
assert(Message.verifyMessage(addr, sig, msg));
|
assert(Message.verify(addr, sig, msg))
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
|
Loading…
Reference in a new issue