ecdsa: parseSigCompact use Buffer API

parseSigCompact also now returns the correct recovert parameter without the need to subtract the compression bit. This makes it easier to use.
11 years ago · a3f691bf7c
3 changed files with 20 additions and 20 deletions
--- a/src/ecdsa.js
+++ b/src/ecdsa.js
@ -209,23 +209,26 @@ var ecdsa = {
    return buffer
  },

-  parseSigCompact: function (sig) {
-    if (sig.length !== 65) {
-      throw new Error("Signature has the wrong length")
-    }
+  parseSigCompact: function (buffer) {
+    assert.equal(buffer.length, 65, 'Invalid signature length')
+    var i = buffer.readUInt8(0) - 27

-    // Signature is prefixed with a type byte storing three bits of
-    // information.
-    var i = sig[0] - 27
-    if (i < 0 || i > 7) {
-      throw new Error("Invalid signature type")
-    }
+    // At most 3 bits
+    assert.equal(i, i & 7, 'Invalid signature type')
+    var compressed = !!(i & 4)

-    var n = ecparams.getN()
-    var r = BigInteger.fromBuffer(sig.slice(1, 33)).mod(n)
-    var s = BigInteger.fromBuffer(sig.slice(33, 65)).mod(n)
+    // Recovery param only
+    i = i & 3

-    return {r: r, s: s, i: i}
+    var r = BigInteger.fromBuffer(buffer.slice(1, 33))
+    var s = BigInteger.fromBuffer(buffer.slice(33))
+
+    return {
+      r: r,
+      s: s,
+      i: i,
+      compressed: compressed
+    }
  },

  /**
--- a/src/message.js
+++ b/src/message.js
@ -41,9 +41,8 @@ function verify(address, compactSig, message, network) {
  var hash = magicHash(message, network)
  var sig = ecdsa.parseSigCompact(compactSig)
  var Q = ecdsa.recoverPubKey(sig.r, sig.s, hash, sig.i)
-  var compressed = !!(sig.i & 4)

-  var pubKey = new ECPubKey(Q, compressed)
+  var pubKey = new ECPubKey(Q, sig.compressed)
  return pubKey.getAddress(address.version).toString() === address.toString()
 }

--- a/test/ecdsa.js
+++ b/test/ecdsa.js
@ -134,10 +134,8 @@ describe('ecdsa', function() {

        assert.equal(signature.r.toString(), f.signature.r)
        assert.equal(signature.s.toString(), f.signature.s)
-
-        //TODO
-//        assert.equal(signature.i, f.signature.i)
-//        assert.equal(signature.compressed, f.publicKey.compressed)
+        assert.equal(signature.i, f.signature.i)
+        assert.equal(signature.compressed, f.signature.compressed)
      })
    })