From 6938c8f8cc8f2689a83ac49ddf92f6b335f31aeb Mon Sep 17 00:00:00 2001
From: Daniel Cousens <github@dcousens.com>
Date: Tue, 6 Jan 2015 15:12:34 +1100
Subject: [PATCH] ecdsa: add default checkSig, to be removed in 2.0.0
---
src/ecdsa.js | 28 +++++++++++++++++++++++++++-
test/ecdsa.js | 11 +++++++++++
2 files changed, 38 insertions(+), 1 deletion(-)
diff --git a/src/ecdsa.js b/src/ecdsa.js
index d330add..e337feb 100644
--- a/src/ecdsa.js
+++ b/src/ecdsa.js
@@ -12,7 +12,33 @@ var ONE = new Buffer([1])
function deterministicGenerateK(curve, hash, d, checkSig) {
typeForce('Buffer', hash)
typeForce('BigInteger', d)
- typeForce('Function', checkSig)
+// typeForce('Function', checkSig)
+
+ // FIXME: remove in 2.0.0
+ if (typeof checkSig !== 'function') {
+ console.warn('deterministicGenerateK requires a checkSig callback in 2.0.0, see #337 for more information')
+
+ checkSig = function(k) {
+ var G = curve.G
+ var n = curve.n
+ var e = BigInteger.fromBuffer(hash)
+
+ var Q = G.multiply(k)
+
+ if (curve.isInfinity(Q))
+ return false
+
+ var r = Q.affineX.mod(n)
+ if (r.signum() === 0)
+ return false
+
+ var s = k.modInverse(n).multiply(e.add(d.multiply(r))).mod(n)
+ if (s.signum() === 0)
+ return false
+
+ return true
+ }
+ }
// sanity check
assert.equal(hash.length, 32, 'Hash must be 256 bit')
diff --git a/test/ecdsa.js b/test/ecdsa.js
index b0d13f2..b953977 100644
--- a/test/ecdsa.js
+++ b/test/ecdsa.js
@@ -27,6 +27,17 @@ describe('ecdsa', function() {
})
})
+ // FIXME: remove in 2.0.0
+ fixtures.valid.ecdsa.forEach(function(f) {
+ it('(deprecated) for \"' + f.message + '\"', function() {
+ var d = BigInteger.fromHex(f.d)
+ var h1 = crypto.sha256(f.message)
+
+ var k = ecdsa.deterministicGenerateK(curve, h1, d) // default checkSig
+ assert.equal(k.toHex(), f.k)
+ })
+ })
+
it('loops until an appropriate k value is found', sinon.test(function() {
this.mock(BigInteger).expects('fromBuffer')
.exactly(3)