Merge pull request #187 from dcousens/messagefixtures

Improved message fixtures and data driven testing

src/ecdsa.js

@@ -64,15 +64,16 @@ function verifyRaw(ecparams, e, r, s, Q) {
   var n = ecparams.getN()
   var G = ecparams.getG()
 
-  if (r.compareTo(BigInteger.ONE) < 0 || r.compareTo(n) >= 0) {
+  if (r.signum() === 0 || r.compareTo(n) >= 0) {
     return false
   }
 
-  if (s.compareTo(BigInteger.ONE) < 0 || s.compareTo(n) >= 0) {
+  if (s.signum() === 0 || s.compareTo(n) >= 0) {
     return false
   }
 
   var c = s.modInverse(n)
+
   var u1 = e.multiply(c).mod(n)
   var u2 = r.multiply(c).mod(n)
 

test/ecdsa.js

@@ -62,7 +62,7 @@ describe('ecdsa', function() {
   })
 
   describe('verifyRaw', function() {
-    it('matches the test vectors', function() {
+    it('verifies valid signatures', function() {
       fixtures.valid.forEach(function(f) {
         var D = BigInteger.fromHex(f.D)
         var Q = ecparams.getG().multiply(D)
@@ -74,6 +74,18 @@ describe('ecdsa', function() {
         assert(ecdsa.verifyRaw(ecparams, e, r, s, Q))
       })
     })
+
+    fixtures.invalid.verifyRaw.forEach(function(f) {
+      it('fails to verify with ' + f.description, function() {
+        var D = BigInteger.fromHex(f.D)
+        var e = BigInteger.fromHex(f.e)
+        var r = new BigInteger(f.signature.r)
+        var s = new BigInteger(f.signature.s)
+        var Q = ecparams.getG().multiply(D)
+
+        assert.equal(ecdsa.verifyRaw(ecparams, e, r, s, Q), false)
+      })
+    })
   })
 
   describe('serializeSig', function() {

test/fixtures/ecdsa.json

@@ -1,7 +1,7 @@
 {
   "valid": [
     {
-      "D": "0000000000000000000000000000000000000000000000000000000000000001",
+      "D": "01",
       "k": "ec633bd56a5774a0940cb97e27a9e4e51dc94af737596a0c5cbb3d30332d92a5",
       "message": "Everything should be made as simple as possible, but not simpler.",
       "compact": "1f33a69cd2065432a30f3d1ce4eb0d59b8ab58c74f27c41a7fdb5696ad4e6108c96f807982866f785d3f6418d24163ddae117b7db4d5fdf0071de069fa54342262",
@@ -132,6 +132,53 @@
         "description": "Sequence too long",
         "hex": "30080304ffffffff0304ffffffffffffff"
       }
+    ],
+    "verifyRaw": [
+      {
+        "description": "The wrong signature",
+        "D": "01",
+        "e": "06ef2b193b83b3d701f765f1db34672ab84897e1252343cc2197829af3a30456",
+        "signature": {
+          "r": "38341707918488238920692284707283974715538935465589664377561695343399725051885",
+          "s": "3180566392414476763164587487324397066658063772201694230600609996154610926757"
+        }
+      },
+      {
+        "description": "Invalid r value (== 0)",
+        "D": "01",
+        "e": "01",
+        "signature": {
+          "r": "00",
+          "s": "02"
+        }
+      },
+      {
+        "description": "Invalid r value (>= n)",
+        "D": "01",
+        "e": "01",
+        "signature": {
+          "r": "fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141",
+          "s": "02"
+        }
+      },
+      {
+        "description": "Invalid s value (== 0)",
+        "D": "01",
+        "e": "01",
+        "signature": {
+          "r": "02",
+          "s": "00"
+        }
+      },
+      {
+        "description": "Invalid s value (>= n)",
+        "D": "01",
+        "e": "01",
+        "signature": {
+          "r": "02",
+          "s": "fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141"
+        }
+      }
     ]
   }
 }

test/fixtures/message.json

@@ -1,19 +1,86 @@
 {
-  "magicHash": [
+  "valid": {
-    {
+    "magicHash": [
-      "network": "bitcoin",
+      {
-      "message": "",
+        "network": "bitcoin",
-      "magicHash": "80e795d4a4caadd7047af389d9f7f220562feb6196032e2131e10563352c4bcc"
+        "message": "",
-    },
+        "magicHash": "80e795d4a4caadd7047af389d9f7f220562feb6196032e2131e10563352c4bcc"
-    {
+      },
-      "network": "bitcoin",
+      {
-      "message": "Vires is Numeris",
+        "network": "bitcoin",
-      "magicHash": "f8a5affbef4a3241b19067aa694562f64f513310817297089a8929a930f4f933"
+        "message": "Vires is Numeris",
-    },
+        "magicHash": "f8a5affbef4a3241b19067aa694562f64f513310817297089a8929a930f4f933"
-    {
+      },
-      "network": "dogecoin",
+      {
-      "message": "Vires is Numeris",
+        "network": "dogecoin",
-      "magicHash": "c0963d20d0accd0ea0df6c1020bf85a7e629a40e7b5363f2c3e9dcafd5638f12"
+        "message": "Vires is Numeris",
-    }
+        "magicHash": "c0963d20d0accd0ea0df6c1020bf85a7e629a40e7b5363f2c3e9dcafd5638f12"
-  ]
+      }
+    ],
+    "verify": [
+      {
+        "message": "vires is numeris",
+        "network": "bitcoin",
+        "address": "16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM",
+        "signature": "G8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0=",
+        "compressed": {
+          "address": "1PMycacnJaSqwwJqjawXBErnLsZ7RkXUAs",
+          "signature": "H8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
+        }
+      },
+      {
+        "message": "vires is numeris",
+        "network": "dogecoin",
+        "address": "DFpN6QqFfUm3gKNaxN6tNcab1FArL9cZLE",
+        "signature": "H6k+dZwJ8oOei3PCSpdj603fDvhlhQ+sqaFNIDvo/bI+Xh6zyIKGzZpyud6YhZ1a5mcrwMVtTWL+VXq/hC5Zj7s="
+      }
+    ],
+    "signing": [
+      {
+        "description": "gives equal r, s values irrespective of point compression",
+        "message": "vires is numeris",
+        "network": "bitcoin",
+        "D": "1",
+        "signature": "HF8nHqFr3K2UKYahhX3soVeoW8W1ECNbr0wfck7lzyXjCS5Q16Ek45zyBuy1Fiy9sTPKVgsqqOuPvbycuVSSVl8=",
+        "compressed": {
+          "signature": "IF8nHqFr3K2UKYahhX3soVeoW8W1ECNbr0wfck7lzyXjCS5Q16Ek45zyBuy1Fiy9sTPKVgsqqOuPvbycuVSSVl8="
+        }
+      },
+      {
+        "description": "supports alternative networks",
+        "message": "vires is numeris",
+        "network": "dogecoin",
+        "D": "1",
+        "signature": "G6k+dZwJ8oOei3PCSpdj603fDvhlhQ+sqaFNIDvo/bI+Xh6zyIKGzZpyud6YhZ1a5mcrwMVtTWL+VXq/hC5Zj7s="
+      }
+    ]
+  },
+  "invalid": {
+    "verify": [
+      {
+        "description": "will fail for the wrong message",
+        "message": "foobar",
+        "address": "16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM",
+        "signature": "G8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
+      },
+      {
+        "description": "will fail for the wrong address",
+        "message": "vires is numeris",
+        "address": "1111111111111111111114oLvT2",
+        "signature": "H8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
+      },
+      {
+        "description": "does not cross verify (uncompressed address, compressed signature)",
+        "message": "vires is numeris",
+        "address": "16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM",
+        "signature": "H8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
+      },
+      {
+        "description": "does not cross verify (compressed address, uncompressed signature)",
+        "message": "vires is numeris",
+        "address": "1PMycacnJaSqwwJqjawXBErnLsZ7RkXUAs",
+        "signature": "G8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0="
+      }
+    ]
+  }
 }

test/message.js

@@ -8,15 +8,9 @@ var Message = require('../src/message')
 var fixtures = require('./fixtures/message.json')
 
 describe('Message', function() {
-  var message
-
-  beforeEach(function() {
-    message = 'vires is numeris'
-  })
-
   describe('magicHash', function() {
     it('matches the test vectors', function() {
-      fixtures.magicHash.forEach(function(f) {
+      fixtures.valid.magicHash.forEach(function(f) {
         var network = networks[f.network]
         var actual = Message.magicHash(f.message, network)
 
@@ -26,58 +20,45 @@ describe('Message', function() {
   })
 
   describe('verify', function() {
-    var addr, sig, caddr, csig
+    it('verifies a valid signature', function() {
+      fixtures.valid.verify.forEach(function(f) {
+        var network = networks[f.network]
 
-    beforeEach(function() {
+        var signature = new Buffer(f.signature, 'base64')
-      addr = '16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM' // uncompressed
+        assert.ok(Message.verify(f.address, signature, f.message, network))
-      caddr = '1PMycacnJaSqwwJqjawXBErnLsZ7RkXUAs' // compressed
 
-      sig = new Buffer('G8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0=', 'base64')
+        if (f.compressed) {
-      csig = new Buffer('H8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0=', 'base64')
+          var compressedSignature = new Buffer(f.compressed.signature, 'base64')
+
+          assert.ok(Message.verify(f.compressed.address, compressedSignature, f.message, network))
+        }
+      })
     })
 
-    it('can verify a signed message', function() {
+    fixtures.invalid.verify.forEach(function(f) {
-      assert.ok(Message.verify(addr, sig, message))
+      it(f.description, function() {
-    })
+        var signature = new Buffer(f.signature, 'base64')
-
+        assert.ok(!Message.verify(f.address, signature, f.message))
-    it('will fail for the wrong message', function() {
+      })
-      assert.ok(!Message.verify(addr, sig, 'foobar'))
-    })
-
-    it('will fail for the wrong address', function() {
-      assert.ok(!Message.verify('1MsHWS1BnwMc3tLE8G35UXsS58fKipzB7a', sig, message))
-    })
-
-    it('does not cross verify (compressed/uncompressed)', function() {
-      assert.ok(!Message.verify(addr, csig, message))
-      assert.ok(!Message.verify(caddr, sig, message))
-    })
-
-    it('supports alternate networks', function() {
-      var dogeaddr = 'DFpN6QqFfUm3gKNaxN6tNcab1FArL9cZLE'
-      var dogesig = new Buffer('H6k+dZwJ8oOei3PCSpdj603fDvhlhQ+sqaFNIDvo/bI+Xh6zyIKGzZpyud6YhZ1a5mcrwMVtTWL+VXq/hC5Zj7s=', 'base64')
-
-      assert.ok(Message.verify(dogeaddr, dogesig, message, networks.dogecoin))
     })
   })
 
   describe('signing', function() {
-    it('gives matching signatures irrespective of point compression', function() {
+    fixtures.valid.signing.forEach(function(f) {
-      var privKey = new ECKey(BigInteger.ONE, false)
+      it(f.description, function() {
-      var compressedKey = new ECKey(privKey.D, true)
+        var network = networks[f.network]
 
-      var sig = Message.sign(privKey, message)
+        var privKey = new ECKey(new BigInteger(f.D), false)
-      var csig = Message.sign(compressedKey, message)
+        var signature = Message.sign(privKey, f.message, network)
+        assert.equal(signature.toString('base64'), f.signature)
 
-      assert.notDeepEqual(sig.slice(0, 2), csig.slice(0, 2)) // unequal compression flags
+        if (f.compressed) {
-      assert.deepEqual(sig.slice(2), csig.slice(2)) // equal signatures
+          var compressedPrivKey = new ECKey(new BigInteger(f.D))
-    })
+          var compressedSignature = Message.sign(compressedPrivKey, f.message)
 
-    it('supports alternate networks', function() {
+          assert.equal(compressedSignature.toString('base64'), f.compressed.signature)
-      var privKey = new ECKey(BigInteger.ONE)
+        }
-      var signature = Message.sign(privKey, message, networks.dogecoin)
+      })
-
-      assert.equal(signature.toString('base64'), 'H6k+dZwJ8oOei3PCSpdj603fDvhlhQ+sqaFNIDvo/bI+Xh6zyIKGzZpyud6YhZ1a5mcrwMVtTWL+VXq/hC5Zj7s=')
     })
   })
 })