lukechilds
/
bitcoinjs-lib
mirror of https://github.com/lukechilds/bitcoinjs-lib.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge pull request #181 from dcousens/mesnet 

Message signing and altcoins
hk-custom-address
Wei Lu 11 years ago
parent
fe5ac4dde2 6eb167b2c8
commit
aafbe46b35
5 changed files with 70 additions and 63 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 31
      src/message.js
  2. 6
      src/networks.js
  3. 9
      test/ecdsa.js
  4. 11
      test/fixtures/message.js
  5. 76
      test/message.js

31
src/message.js
View File

@ -3,25 +3,27 @@ var Address = require('./address')
var bufferutils = require('./bufferutils')
var crypto = require('./crypto')
var ecdsa = require('./ecdsa')
var ECPubKey = require('./ecpubkey')
var networks = require('./networks')
// FIXME: incompatible with other networks (Litecoin etc)
var MAGIC_PREFIX = new Buffer('\x18Bitcoin Signed Message:\n')
var Address = require('./address')
var ECPubKey = require('./ecpubkey')
function magicHash(message) {
function magicHash(message, network) {
var magicPrefix = new Buffer(network.magicPrefix)
var messageBuffer = new Buffer(message)
var lengthBuffer = new Buffer(bufferutils.varIntSize(messageBuffer.length))
bufferutils.writeVarInt(lengthBuffer, messageBuffer.length, 0)
var buffer = Buffer.concat([
MAGIC_PREFIX, lengthBuffer, messageBuffer
magicPrefix, lengthBuffer, messageBuffer
])
return crypto.hash256(buffer)
}
// TODO: parameterize compression instead of using ECKey.compressed
function sign(key, message) {
var hash = magicHash(message)
function sign(key, message, network) {
network = network || networks.bitcoin
var hash = magicHash(message, network)
var sig = ecdsa.parseSig(key.sign(hash))
var i = ecdsa.calcPubKeyRecoveryParam(key.pub.Q, sig.r, sig.s, hash)
@ -36,17 +38,20 @@ function sign(key, message) {
return Buffer.concat([new Buffer([i]), rB, sB], 65)
}
// FIXME: stricter API?
function verify(address, sig, message) {
// TODO: network could be implied from address
function verify(address, compactSig, message, network) {
if (typeof address === 'string') {
address = Address.fromBase58Check(address)
}
sig = ecdsa.parseSigCompact(sig)
network = network || networks.bitcoin
var pubKey = new ECPubKey(ecdsa.recoverPubKey(sig.r, sig.s, magicHash(message), sig.i))
pubKey.compressed = !!(sig.i & 4)
var hash = magicHash(message, network)
var sig = ecdsa.parseSigCompact(compactSig)
var Q = ecdsa.recoverPubKey(sig.r, sig.s, hash, sig.i)
var compressed = !!(sig.i & 4)
var pubKey = new ECPubKey(Q, compressed)
return pubKey.getAddress(address.version).toString() === address.toString()
}

6
src/networks.js
View File

@ -2,6 +2,7 @@
// Dogecoin BIP32 is a proposed standard: https://bitcointalk.org/index.php?topic=409731
module.exports = {
bitcoin: {
magicPrefix: '\x18Bitcoin Signed Message:\n',
bip32: {
pub: 0x0488b21e,
priv: 0x0488ade4
@ -11,6 +12,7 @@ module.exports = {
wif: 0x80
},
dogecoin: {
magicPrefix: '\x19Dogecoin Signed Message:\n',
bip32: {
pub: 0x02facafd,
priv: 0x02fac398
@ -20,6 +22,7 @@ module.exports = {
wif: 0x9e
},
litecoin: {
magicPrefix: '\x19Litecoin Signed Message:\n',
bip32: {
pub: 0x019da462,
priv: 0x019d9cfe
@ -29,6 +32,7 @@ module.exports = {
wif: 0xb0
},
testnet: {
magicPrefix: '\x18Bitcoin Signed Message:\n',
bip32: {
pub: 0x043587cf,
priv: 0x04358394
@ -37,4 +41,4 @@ module.exports = {
scriptHash: 0xc4,
wif: 0xef
}
}
}

9
test/ecdsa.js
View File

@ -1,6 +1,8 @@
var assert = require('assert')
var crypto = require('../src/crypto')
var ecdsa = require('../src/ecdsa')
var message = require('../src/message')
var networks = require('../src/networks')
var sec = require('../src/sec')
var ecparams = sec("secp256k1")
@ -8,7 +10,6 @@ var ecparams = sec("secp256k1")
var BigInteger = require('bigi')
var ECKey = require('../src/eckey')
var ECPubKey = require('../src/ecpubkey')
var Message = require('../src/message')
var fixtures = require('./fixtures/ecdsa.js')
@ -27,10 +28,12 @@ describe('ecdsa', function() {
describe('recoverPubKey', function() {
it('succesfully recovers a public key', function() {
var addr = 'mgQK8S6CfSXKjPmnujArSmVxafeJfrZsa3'
var signature = new Buffer('H0PG6+PUo96UPTJ/DVj8aBU5it+Nuli4YdsLuTMvfJxoHH9Jb7jYTQXCCOX2jrTChD5S1ic3vCrUQHdmB5/sEQY=', 'base64')
var obj = ecdsa.parseSigCompact(signature)
var pubKey = new ECPubKey(ecdsa.recoverPubKey(obj.r, obj.s, Message.magicHash('1111'), obj.i))
var hash = message.magicHash('1111', networks.bitcoin)
var pubKey = new ECPubKey(ecdsa.recoverPubKey(obj.r, obj.s, hash, obj.i))
assert.equal(pubKey.toHex(), '02e8fcf4d749b35879bc1f3b14b49e67ab7301da3558c5a9b74a54f1e6339c334c')
})

11
test/fixtures/message.js
View File

@ -1,12 +1,19 @@
module.exports = {
magicHash: [
{
network: 'bitcoin',
message: '',
hash256: '80e795d4a4caadd7047af389d9f7f220562feb6196032e2131e10563352c4bcc'
magicHash: '80e795d4a4caadd7047af389d9f7f220562feb6196032e2131e10563352c4bcc'
},
{
network: 'bitcoin',
message: 'Vires is Numeris',
hash256: 'f8a5affbef4a3241b19067aa694562f64f513310817297089a8929a930f4f933'
magicHash: 'f8a5affbef4a3241b19067aa694562f64f513310817297089a8929a930f4f933'
},
{
network: 'dogecoin',
message: 'Vires is Numeris',
magicHash: 'c0963d20d0accd0ea0df6c1020bf85a7e629a40e7b5363f2c3e9dcafd5638f12'
}
]
}

76
test/message.js
View File

@ -1,25 +1,26 @@
var assert = require('assert')
var networks = require('../src/networks')
var BigInteger = require('bigi')
var ECKey = require('../src/eckey')
var Message = require('../src/message')
var fixtures = require('./fixtures/message')
describe('Message', function() {
var msg
var message
beforeEach(function() {
msg = 'vires is numeris'
message = 'vires is numeris'
})
describe('magicHash', function() {
it('matches the test vectors', function() {
fixtures.magicHash.forEach(function(f) {
var actual = Message.magicHash(f.message)
var expected = f.hash256
var network = networks[f.network]
var actual = Message.magicHash(f.message, network)
assert.equal(actual.toString('hex'), expected)
assert.equal(actual.toString('hex'), f.magicHash)
})
})
})
@ -31,65 +32,52 @@ describe('Message', function() {
addr = '16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM' // uncompressed
caddr = '1PMycacnJaSqwwJqjawXBErnLsZ7RkXUAs' // compressed
sig = new Buffer('1bc25ac0fb503abc9bad23f558742740fafaec1f52deaaf106b9759a5ce84c93921c4a669c5ec3dfeb7e2d7d177a2f49db407900874f6de2f701a4c16783776d8d', 'hex')
csig = new Buffer('1fc25ac0fb503abc9bad23f558742740fafaec1f52deaaf106b9759a5ce84c93921c4a669c5ec3dfeb7e2d7d177a2f49db407900874f6de2f701a4c16783776d8d', 'hex')
sig = new Buffer('G8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0=', 'base64')
csig = new Buffer('H8JawPtQOrybrSP1WHQnQPr67B9S3qrxBrl1mlzoTJOSHEpmnF7D3+t+LX0Xei9J20B5AIdPbeL3AaTBZ4N3bY0=', 'base64')
})
it('can verify a signed message', function() {
assert.ok(Message.verify(addr, sig, msg))
assert.ok(Message.verify(caddr, csig, msg))
assert.ok(Message.verify(addr, sig, message))
})
it('will fail for the wrong message', function() {
assert.ok(!Message.verify(addr, sig, 'foobar'))
assert.ok(!Message.verify(caddr, csig, 'foobar'))
})
it('will fail for the wrong public key', function() {
assert.ok(!Message.verify('1MsHWS1BnwMc3tLE8G35UXsS58fKipzB7a', sig, msg))
assert.ok(!Message.verify('1Q1pE5vPGEEMqRcVRMbtBK842Y6Pzo6nK9', csig, msg))
it('will fail for the wrong address', function() {
assert.ok(!Message.verify('1MsHWS1BnwMc3tLE8G35UXsS58fKipzB7a', sig, message))
})
it('supports alternate network addresses', function() {
var taddr = 'mxnQZKxSKjzaMgrdXzk35rif3u62TLDrg9'
var tsig = new Buffer('IGucnrTku3KLCCHUMwq9anawfrlN8RK1HWMN+10LhsHJeysBdWfj5ohJcS/+oqrlVFNvEgbgEeAQUL6r3sZwnj8=', 'base64')
assert.ok(Message.verify(taddr, tsig, msg))
assert.ok(!Message.verify(taddr, tsig, 'foobar'))
it('does not cross verify (compressed/uncompressed)', function() {
assert.ok(!Message.verify(addr, csig, message))
assert.ok(!Message.verify(caddr, sig, message))
})
it('does not cross verify (compressed/uncompressed)', function() {
assert.ok(!Message.verify(addr, csig, msg))
assert.ok(!Message.verify(caddr, sig, msg))
it('supports alternate networks', function() {
var dogeaddr = 'DFpN6QqFfUm3gKNaxN6tNcab1FArL9cZLE'
var dogesig = new Buffer('H6k+dZwJ8oOei3PCSpdj603fDvhlhQ+sqaFNIDvo/bI+Xh6zyIKGzZpyud6YhZ1a5mcrwMVtTWL+VXq/hC5Zj7s=', 'base64')
assert.ok(Message.verify(dogeaddr, dogesig, message, networks.dogecoin))
})
})
describe('signing', function() {
describe('using the uncompressed public key', function(){
it('gives same signature as a compressed public key', function() {
var key = ECKey.makeRandom(false) // uncompressed
var sig = Message.sign(key, msg)
var compressedKey = new ECKey(key.D, true) // compressed clone
var csig = Message.sign(compressedKey, msg)
var addr = key.pub.getAddress()
var caddr = compressedKey.pub.getAddress()
assert.ok(Message.verify(addr, sig, msg))
assert.ok(Message.verify(caddr, csig, msg))
assert.notDeepEqual(sig.slice(0, 2), csig.slice(0, 2)) // unequal compression flags
assert.deepEqual(sig.slice(2), csig.slice(2)) // equal signatures
})
it('gives matching signatures irrespective of point compression', function() {
var privKey = new ECKey(BigInteger.ONE, false)
var compressedKey = new ECKey(privKey.D, true)
var sig = Message.sign(privKey, message)
var csig = Message.sign(compressedKey, message)
assert.notDeepEqual(sig.slice(0, 2), csig.slice(0, 2)) // unequal compression flags
assert.deepEqual(sig.slice(2), csig.slice(2)) // equal signatures
})
describe('testnet address', function(){
it('works', function(){
var key = ECKey.makeRandom()
var sig = Message.sign(key, msg)
it('supports alternate networks', function() {
var privKey = new ECKey(BigInteger.ONE)
var signature = Message.sign(privKey, message, networks.dogecoin)
var addr = key.pub.getAddress(networks.testnet.pubKeyHash)
assert(Message.verify(addr, sig, msg))
})
assert.equal(signature.toString('base64'), 'H6k+dZwJ8oOei3PCSpdj603fDvhlhQ+sqaFNIDvo/bI+Xh6zyIKGzZpyud6YhZ1a5mcrwMVtTWL+VXq/hC5Zj7s=')
})
})
})

Write Preview
Loading…
Cancel
Save