add extra validation to prevent invalid public keys being used. (as per issue 39)
This commit is contained in:
parent
c276998687
commit
27c9bff17e
1 changed files with 15 additions and 12 deletions
27
js/coin.js
27
js/coin.js
|
@ -278,20 +278,23 @@
|
|||
|
||||
/* decompress an compressed public key */
|
||||
coinjs.pubkeydecompress = function(pubkey) {
|
||||
var curve = EllipticCurve.getSECCurveByName("secp256k1");
|
||||
try {
|
||||
var pt = curve.curve.decodePointHex(pubkey);
|
||||
var x = pt.getX().toBigInteger();
|
||||
var y = pt.getY().toBigInteger();
|
||||
if((typeof(pubkey) == 'string') && pubkey.match(/^[a-f0-9]+$/i)){
|
||||
var curve = EllipticCurve.getSECCurveByName("secp256k1");
|
||||
try {
|
||||
var pt = curve.curve.decodePointHex(pubkey);
|
||||
var x = pt.getX().toBigInteger();
|
||||
var y = pt.getY().toBigInteger();
|
||||
|
||||
var publicKeyBytes = EllipticCurve.integerToBytes(x, 32);
|
||||
publicKeyBytes = publicKeyBytes.concat(EllipticCurve.integerToBytes(y,32));
|
||||
publicKeyBytes.unshift(0x04);
|
||||
return Crypto.util.bytesToHex(publicKeyBytes);
|
||||
} catch (e) {
|
||||
// console.log(e);
|
||||
return false;
|
||||
var publicKeyBytes = EllipticCurve.integerToBytes(x, 32);
|
||||
publicKeyBytes = publicKeyBytes.concat(EllipticCurve.integerToBytes(y,32));
|
||||
publicKeyBytes.unshift(0x04);
|
||||
return Crypto.util.bytesToHex(publicKeyBytes);
|
||||
} catch (e) {
|
||||
// console.log(e);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
coinjs.testdeterministicK = function() {
|
||||
|
|
Loading…
Reference in a new issue