LBRYCommunity/bitcoinjs-lib
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #181 from dcousens/mesnet

Browse source 
Message signing and altcoins
This commit is contained in:
Wei Lu 2014-05-19 00:12:42 +10:00
commit aafbe46b35
5 changed files with 69 additions and 62 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
src/message.js
View file

@ -3,25 +3,27 @@ var Address = require('./address')
var bufferutils = require('./bufferutils') var bufferutils = require('./bufferutils')
var crypto = require('./crypto') var crypto = require('./crypto')
var ecdsa = require('./ecdsa') var ecdsa = require('./ecdsa')
var networks = require('./networks')
var Address = require('./address')
var ECPubKey = require('./ecpubkey') var ECPubKey = require('./ecpubkey')
// FIXME: incompatible with other networks (Litecoin etc) function magicHash(message, network) {
var MAGIC_PREFIX = new Buffer('\x18Bitcoin Signed Message:\n') var magicPrefix = new Buffer(network.magicPrefix)
function magicHash(message) {
var messageBuffer = new Buffer(message) var messageBuffer = new Buffer(message)
var lengthBuffer = new Buffer(bufferutils.varIntSize(messageBuffer.length)) var lengthBuffer = new Buffer(bufferutils.varIntSize(messageBuffer.length))
bufferutils.writeVarInt(lengthBuffer, messageBuffer.length, 0) bufferutils.writeVarInt(lengthBuffer, messageBuffer.length, 0)
var buffer = Buffer.concat([ var buffer = Buffer.concat([
MAGIC_PREFIX, lengthBuffer, messageBuffer magicPrefix, lengthBuffer, messageBuffer
]) ])
return crypto.hash256(buffer) return crypto.hash256(buffer)
} }
// TODO: parameterize compression instead of using ECKey.compressed function sign(key, message, network) {
function sign(key, message) { network = network || networks.bitcoin
var hash = magicHash(message)
var hash = magicHash(message, network)
var sig = ecdsa.parseSig(key.sign(hash)) var sig = ecdsa.parseSig(key.sign(hash))
var i = ecdsa.calcPubKeyRecoveryParam(key.pub.Q, sig.r, sig.s, hash) var i = ecdsa.calcPubKeyRecoveryParam(key.pub.Q, sig.r, sig.s, hash)
@ -36,17 +38,20 @@ function sign(key, message) {
return Buffer.concat([new Buffer([i]), rB, sB], 65) return Buffer.concat([new Buffer([i]), rB, sB], 65)
} }
// FIXME: stricter API? // TODO: network could be implied from address
function verify(address, sig, message) { function verify(address, compactSig, message, network) {
if (typeof address === 'string') { if (typeof address === 'string') {
address = Address.fromBase58Check(address) address = Address.fromBase58Check(address)
} }
sig = ecdsa.parseSigCompact(sig) network = network || networks.bitcoin
var pubKey = new ECPubKey(ecdsa.recoverPubKey(sig.r, sig.s, magicHash(message), sig.i)) var hash = magicHash(message, network)
pubKey.compressed = !!(sig.i & 4) var sig = ecdsa.parseSigCompact(compactSig)
var Q = ecdsa.recoverPubKey(sig.r, sig.s, hash, sig.i)
var compressed = !!(sig.i & 4)
var pubKey = new ECPubKey(Q, compressed)
return pubKey.getAddress(address.version).toString() === address.toString() return pubKey.getAddress(address.version).toString() === address.toString()
} }

6
src/networks.js
View file

@ -2,6 +2,7 @@
// Dogecoin BIP32 is a proposed standard: https://bitcointalk.org/index.php?topic=409731 // Dogecoin BIP32 is a proposed standard: https://bitcointalk.org/index.php?topic=409731
module.exports = { module.exports = {
bitcoin: { bitcoin: {
magicPrefix: '\x18Bitcoin Signed Message:\n',
bip32: { bip32: {
pub: 0x0488b21e, pub: 0x0488b21e,
priv: 0x0488ade4 priv: 0x0488ade4
@ -11,6 +12,7 @@ module.exports = {
wif: 0x80 wif: 0x80
}, },
dogecoin: { dogecoin: {
magicPrefix: '\x19Dogecoin Signed Message:\n',
bip32: { bip32: {
pub: 0x02facafd, pub: 0x02facafd,
priv: 0x02fac398 priv: 0x02fac398
@ -20,6 +22,7 @@ module.exports = {
wif: 0x9e wif: 0x9e
}, },
litecoin: { litecoin: {
magicPrefix: '\x19Litecoin Signed Message:\n',
bip32: { bip32: {
pub: 0x019da462, pub: 0x019da462,
priv: 0x019d9cfe priv: 0x019d9cfe
@ -29,6 +32,7 @@ module.exports = {
wif: 0xb0 wif: 0xb0
}, },
testnet: { testnet: {
magicPrefix: '\x18Bitcoin Signed Message:\n',
bip32: { bip32: {
pub: 0x043587cf, pub: 0x043587cf,
priv: 0x04358394 priv: 0x04358394
@ -37,4 +41,4 @@ module.exports = {
scriptHash: 0xc4, scriptHash: 0xc4,
wif: 0xef wif: 0xef
} }
} }

9
test/ecdsa.js
View file

@ -1,6 +1,8 @@
var assert = require('assert') var assert = require('assert')
var crypto = require('../src/crypto') var crypto = require('../src/crypto')
var ecdsa = require('../src/ecdsa') var ecdsa = require('../src/ecdsa')
var message = require('../src/message')
var networks = require('../src/networks')
var sec = require('../src/sec') var sec = require('../src/sec')
var ecparams = sec("secp256k1") var ecparams = sec("secp256k1")
@ -8,7 +10,6 @@ var ecparams = sec("secp256k1")
var BigInteger = require('bigi') var BigInteger = require('bigi')
var ECKey = require('../src/eckey') var ECKey = require('../src/eckey')
var ECPubKey = require('../src/ecpubkey') var ECPubKey = require('../src/ecpubkey')
var Message = require('../src/message')
var fixtures = require('./fixtures/ecdsa.js') var fixtures = require('./fixtures/ecdsa.js')
@ -27,10 +28,12 @@ describe('ecdsa', function() {
describe('recoverPubKey', function() { describe('recoverPubKey', function() {
it('succesfully recovers a public key', function() { it('succesfully recovers a public key', function() {
var addr = 'mgQK8S6CfSXKjPmnujArSmVxafeJfrZsa3'
var signature = new Buffer('H0PG6+PUo96UPTJ/DVj8aBU5it+Nuli4YdsLuTMvfJxoHH9Jb7jYTQXCCOX2jrTChD5S1ic3vCrUQHdmB5/sEQY=', 'base64') var signature = new Buffer('H0PG6+PUo96UPTJ/DVj8aBU5it+Nuli4YdsLuTMvfJxoHH9Jb7jYTQXCCOX2jrTChD5S1ic3vCrUQHdmB5/sEQY=', 'base64')
var obj = ecdsa.parseSigCompact(signature) var obj = ecdsa.parseSigCompact(signature)
var pubKey = new ECPubKey(ecdsa.recoverPubKey(obj.r, obj.s, Message.magicHash('1111'), obj.i)) var hash = message.magicHash('1111', networks.bitcoin)
var pubKey = new ECPubKey(ecdsa.recoverPubKey(obj.r, obj.s, hash, obj.i))
assert.equal(pubKey.toHex(), '02e8fcf4d749b35879bc1f3b14b49e67ab7301da3558c5a9b74a54f1e6339c334c') assert.equal(pubKey.toHex(), '02e8fcf4d749b35879bc1f3b14b49e67ab7301da3558c5a9b74a54f1e6339c334c')
}) })

11
test/fixtures/message.js vendored
View file

@ -1,12 +1,19 @@
module.exports = { module.exports = {
magicHash: [ magicHash: [
{ {
network: 'bitcoin',
message: '', message: '',
hash256: '80e795d4a4caadd7047af389d9f7f220562feb6196032e2131e10563352c4bcc' magicHash: '80e795d4a4caadd7047af389d9f7f220562feb6196032e2131e10563352c4bcc'
}, },
{ {
network: 'bitcoin',
message: 'Vires is Numeris', message: 'Vires is Numeris',
hash256: 'f8a5affbef4a3241b19067aa694562f64f513310817297089a8929a930f4f933' magicHash: 'f8a5affbef4a3241b19067aa694562f64f513310817297089a8929a930f4f933'
},
{
network: 'dogecoin',
message: 'Vires is Numeris',
magicHash: 'c0963d20d0accd0ea0df6c1020bf85a7e629a40e7b5363f2c3e9dcafd5638f12'
} }
] ]
} }

74
test/message.js
View file

@ -1,25 +1,26 @@
var assert = require('assert') var assert = require('assert')
var networks = require('../src/networks') var networks = require('../src/networks')
var BigInteger = require('bigi')
var ECKey = require('../src/eckey') var ECKey = require('../src/eckey')
var Message = require('../src/message') var Message = require('../src/message')
var fixtures = require('./fixtures/message') var fixtures = require('./fixtures/message')
describe('Message', function() { describe('Message', function() {
var msg var message
beforeEach(function() { beforeEach(function() {
msg = 'vires is numeris' message = 'vires is numeris'
}) })
describe('magicHash', function() { describe('magicHash', function() {
it('matches the test vectors', function() { it('matches the test vectors', function() {
fixtures.magicHash.forEach(function(f) { fixtures.magicHash.forEach(function(f) {
var actual = Message.magicHash(f.message) var network = networks[f.network]
var expected = f.hash256 var actual = Message.magicHash(f.message, network)
assert.equal(actual.toString('hex'), expected) assert.equal(actual.toString('hex'), f.magicHash)
}) })
}) })
}) })
@ -31,65 +32,52 @@ describe('Message', function() {
addr = '16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM' // uncompressed addr = '16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM' // uncompressed
caddr = '1PMycacnJaSqwwJqjawXBErnLsZ7RkXUAs' // compressed caddr = '1PMycacnJaSqwwJqjawXBErnLsZ7RkXUAs' // compressed
sig = new Buffer('1bc25ac0fb503abc9bad23f558742740fafaec1f52deaaf106b9759a5ce84c93921c4a669c5ec3dfeb7e2d7d177a2f49db407900874f6de2f701a4c16783776d8d', 'hex') sig = new Buffer('G8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0=', 'base64')
csig = new Buffer('1fc25ac0fb503abc9bad23f558742740fafaec1f52deaaf106b9759a5ce84c93921c4a669c5ec3dfeb7e2d7d177a2f49db407900874f6de2f701a4c16783776d8d', 'hex') csig = new Buffer('H8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0=', 'base64')
}) })
it('can verify a signed message', function() { it('can verify a signed message', function() {
assert.ok(Message.verify(addr, sig, msg)) assert.ok(Message.verify(addr, sig, message))
assert.ok(Message.verify(caddr, csig, msg))
}) })
it('will fail for the wrong message', function() { it('will fail for the wrong message', function() {
assert.ok(!Message.verify(addr, sig, 'foobar')) assert.ok(!Message.verify(addr, sig, 'foobar'))
assert.ok(!Message.verify(caddr, csig, 'foobar'))
}) })
it('will fail for the wrong public key', function() { it('will fail for the wrong address', function() {
assert.ok(!Message.verify('1MsHWS1BnwMc3tLE8G35UXsS58fKipzB7a', sig, msg)) assert.ok(!Message.verify('1MsHWS1BnwMc3tLE8G35UXsS58fKipzB7a', sig, message))
assert.ok(!Message.verify('1Q1pE5vPGEEMqRcVRMbtBK842Y6Pzo6nK9', csig, msg))
})
it('supports alternate network addresses', function() {
var taddr = 'mxnQZKxSKjzaMgrdXzk35rif3u62TLDrg9'
var tsig = new Buffer('IGucnrTku3KLCCHUMwq9anawfrlN8RK1HWMN+10LhsHJeysBdWfj5ohJcS/+oqrlVFNvEgbgEeAQUL6r3sZwnj8=', 'base64')
assert.ok(Message.verify(taddr, tsig, msg))
assert.ok(!Message.verify(taddr, tsig, 'foobar'))
}) })
it('does not cross verify (compressed/uncompressed)', function() { it('does not cross verify (compressed/uncompressed)', function() {
assert.ok(!Message.verify(addr, csig, msg)) assert.ok(!Message.verify(addr, csig, message))
assert.ok(!Message.verify(caddr, sig, msg)) assert.ok(!Message.verify(caddr, sig, message))
})
it('supports alternate networks', function() {
var dogeaddr = 'DFpN6QqFfUm3gKNaxN6tNcab1FArL9cZLE'
var dogesig = new Buffer('H6k+dZwJ8oOei3PCSpdj603fDvhlhQ+sqaFNIDvo/bI+Xh6zyIKGzZpyud6YhZ1a5mcrwMVtTWL+VXq/hC5Zj7s=', 'base64')
assert.ok(Message.verify(dogeaddr, dogesig, message, networks.dogecoin))
}) })
}) })
describe('signing', function() { describe('signing', function() {
describe('using the uncompressed public key', function(){ it('gives matching signatures irrespective of point compression', function() {
it('gives same signature as a compressed public key', function() { var privKey = new ECKey(BigInteger.ONE, false)
var key = ECKey.makeRandom(false) // uncompressed var compressedKey = new ECKey(privKey.D, true)
var sig = Message.sign(key, msg)
var compressedKey = new ECKey(key.D, true) // compressed clone var sig = Message.sign(privKey, message)
var csig = Message.sign(compressedKey, msg) var csig = Message.sign(compressedKey, message)
var addr = key.pub.getAddress() assert.notDeepEqual(sig.slice(0, 2), csig.slice(0, 2)) // unequal compression flags
var caddr = compressedKey.pub.getAddress() assert.deepEqual(sig.slice(2), csig.slice(2)) // equal signatures
assert.ok(Message.verify(addr, sig, msg))
assert.ok(Message.verify(caddr, csig, msg))
assert.notDeepEqual(sig.slice(0, 2), csig.slice(0, 2)) // unequal compression flags
assert.deepEqual(sig.slice(2), csig.slice(2)) // equal signatures
})
}) })
describe('testnet address', function(){ it('supports alternate networks', function() {
it('works', function(){ var privKey = new ECKey(BigInteger.ONE)
var key = ECKey.makeRandom() var signature = Message.sign(privKey, message, networks.dogecoin)
var sig = Message.sign(key, msg)
var addr = key.pub.getAddress(networks.testnet.pubKeyHash) assert.equal(signature.toString('base64'), 'H6k+dZwJ8oOei3PCSpdj603fDvhlhQ+sqaFNIDvo/bI+Xh6zyIKGzZpyud6YhZ1a5mcrwMVtTWL+VXq/hC5Zj7s=')
assert(Message.verify(addr, sig, msg))
})
}) })
}) })
}) })