Commit graph

67 commits

Author SHA1 Message Date
Daniel Cousens
08876fc065 ecdsa: ecurve 0.10.0 2014-06-26 00:52:33 +10:00
Daniel Cousens
776656df8b ecdsa: adhere strictly to RFC6979
The previous impl. was in breach of the following section:

> Please note that when k is generated from T, the result of bits2int is
> compared to q, not reduced modulo q. If the value is not between 1 and
> q-1, the process loops.
> Performing a simple modular reduction would induce biases that would be
> detrimental to signature security.
2014-06-26 00:35:45 +10:00
Daniel Cousens
f42993297c ecurve: upgrade to 0.9.0 2014-06-16 15:47:41 +10:00
Daniel Cousens
eb3d9a25f7 ecdsa: moved all signature encoding to ECSignature 2014-06-16 15:47:41 +10:00
Daniel Cousens
1a41ea8801 ecdsa: add more extensive tests for recoverPubKey 2014-06-15 00:40:21 +10:00
Daniel Cousens
402fa0d85d ecdsa: amend recoverPubKey SEC comments 2014-06-15 00:40:21 +10:00
Daniel Cousens
4f8040f8d4 ecdsa: add invalid test fixtures for recoverPubKey 2014-06-15 00:40:21 +10:00
Daniel Cousens
4ce9015f3b use ecurve instead of custom ec 2014-06-10 17:58:13 +10:00
Daniel Cousens
eb3a6bcb31 all: rename D to d as per SEC convention 2014-06-07 18:24:16 +10:00
Daniel Cousens
b10e96cbff ecdsa: serializeSig should return a Buffer 2014-05-30 17:54:33 +10:00
Daniel Cousens
6cfa729dae ecdsa: fix missing exceptions 2014-05-29 15:42:52 +10:00
Daniel Cousens
58fd12e66d ecdsa: always use signature object 2014-05-24 16:25:38 +10:00
Daniel Cousens
bd1a08bfa1 ecdsa: use signum() over compareTo 2014-05-24 14:33:25 +10:00
Daniel Cousens
cd326921bc bigi: upgrade to 1.1.0 2014-05-24 00:51:56 +10:00
Daniel Cousens
087ca551f5 ecdsa: fix indentation 2014-05-24 00:48:31 +10:00
Daniel Cousens
d05d661aea ecdsa: use standard declarative notation for functions 2014-05-24 00:48:31 +10:00
Daniel Cousens
bcfd62fdb5 ecdsa: remove implicit ecparams 2014-05-24 00:48:31 +10:00
Daniel Cousens
2dec1375a1 ecdsa: use (r, s) values directly 2014-05-24 00:48:31 +10:00
Daniel Cousens
8d7408202f ecdsa: consistent parameter ordering 2014-05-24 00:48:31 +10:00
Daniel Cousens
abe65b8d4a ecdsa: use shamirs trick 2014-05-24 00:48:20 +10:00
Daniel Cousens
5ec9504ed6 ecdsa: opt for shiftRight, pow and square
In the given situations, these offer better readability, or in the case
of shiftRight, a substantial performance increase.
2014-05-22 12:33:47 +10:00
Daniel Cousens
7d89ff427c ecdsa: comment cleanup 2014-05-22 12:33:47 +10:00
Daniel Cousens
0865f09d20 ec/dsa: extract P_OVER_FOUR as a curve specific constant
This actually resolves a possible bug if multiple ecparams were used
(aka different values for P_OVER_FOUR, but only the cached was used).
2014-05-22 12:33:47 +10:00
Daniel Cousens
d14b08efd1 ec/dsa: recovery param now used consistently
Also added an assertion rather than massaging the input.
2014-05-22 12:32:28 +10:00
Daniel Cousens
a3f691bf7c ecdsa: parseSigCompact use Buffer API
parseSigCompact also now returns the correct recovert parameter without
the need to subtract the compression bit.
This makes it easier to use.
2014-05-18 17:52:49 +10:00
Daniel Cousens
f7c7265d64 ecdsa: parseSig now uses buffer API 2014-05-18 17:52:49 +10:00
Daniel Cousens
4c7108d561 ecdsa: add serializeSigCompact and tests
This also adds tests for all other ECDSA serialize/parsing functions.
The k, r, s and D values were sourced from test vectors on
https://bitcointalk.org/index.php?topic=285142.40 .

The compact signatures (aka, i values) were generated from bitcoinjslib, but they
are straight forward anyway.
2014-05-18 17:52:49 +10:00
Daniel Cousens
b208a6ab78 crypto/ecdsa: moves HmacSHA256 to crypto 2014-05-18 17:52:49 +10:00
Wei Lu
af1f121fd4 upgrade bigi & remove monkey patching 2014-05-03 10:04:54 +08:00
Daniel Cousens
89cf731ac7 Adds assertion messages 2014-04-26 02:37:48 +10:00
Daniel Cousens
c3e9d568c5 Adds RFC6979 test vectors and fixes ecdsa.sign/detGenK 2014-04-26 02:17:28 +10:00
ethers
1c8f135d9c assertion message 2014-04-24 23:29:12 -07:00
Daniel Cousens
bc37e65014 Enforces Array input for deterministicGenerateK 2014-04-23 06:28:00 +10:00
Daniel Cousens
ae60e6eb95 Replacse JSBN with bigi 2014-04-22 02:19:30 +10:00
Daniel Cousens
96ebb65099 Removes ecdsa.getBigRandom 2014-04-22 02:04:56 +10:00
GreenAddress.it
d7c2e4d5a5 Uses low 's' values for signatures 2014-04-17 06:05:41 +02:00
Daniel Cousens
56336b9c2b Removes use of convert module 2014-04-17 04:16:51 +10:00
Daniel Cousens
6de94856e3 Makes ECDSA capitalization consistent 2014-04-09 04:11:13 +10:00
Wei Lu
93fe1b4c78 cosmetic standardization
[closes #56]
2014-03-31 11:47:47 +08:00
Daniel Cousens
10dea421d5 Removes circular dependancy of ECKey 2014-03-29 17:50:50 +11:00
Daniel Cousens
bfc5924522 Compression is irrelevant in comparison 2014-03-29 17:31:27 +11:00
Daniel Cousens
669a58bbf8 Removes unnecessary SHA256 calculations 2014-03-29 17:27:10 +11:00
Daniel Cousens
f580516c06 Removes unused variables 2014-03-24 06:22:26 +11:00
Daniel Cousens
b40374e332 Changes to new version-less ECKey API 2014-03-22 19:12:26 +11:00
Wei Lu
b7861e4336 replace jsbn's rng with module secure-random
This uses window.crypto.getRandomValues on browser
and crypto.randomBytes on node
2014-03-20 17:19:06 +08:00
Wei Lu
3d6b66e811 move convert methods from util to convert 2014-03-11 09:52:48 +08:00
Wei Lu
a281a5ab53 migrate crypto-js to 3.1.2 2014-03-09 09:49:24 +08:00
Wei Lu
bde9b13b15 remove isArray shim
[closes #40]
2014-03-03 11:27:19 +08:00
Andreas Brekken
c3fbd63c84 Fix bad Bitcoin.Crypto reference in ecdsa.js 2014-01-10 16:47:35 +07:00
Vitalik Buterin
6edea532ba merge 2014-01-04 13:28:27 -05:00