From b9b1df2a3e64be1df33130886c452d45bfa62f40 Mon Sep 17 00:00:00 2001
From: Daniel Cousens <github@dcousens.com>
Date: Thu, 19 Oct 2017 11:03:27 +1100
Subject: [PATCH] use safe-buffer

---
 lib/hdkey.js       | 11 ++++++-----
 package.json       |  1 +
 test/hdkey.test.js | 13 +++++++------
 3 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/lib/hdkey.js b/lib/hdkey.js
index eba25e6..77e1a44 100644
--- a/lib/hdkey.js
+++ b/lib/hdkey.js
@@ -1,9 +1,10 @@
 var assert = require('assert')
+var Buffer = require('safe-buffer').Buffer
 var crypto = require('crypto')
 var cs = require('coinstring')
 var secp256k1 = require('secp256k1')
 
-var MASTER_SECRET = new Buffer('Bitcoin seed')
+var MASTER_SECRET = Buffer.from('Bitcoin seed', 'utf8')
 var HARDENED_OFFSET = 0x80000000
 var LEN = 78
 
@@ -57,7 +58,7 @@ Object.defineProperty(HDKey.prototype, 'publicKey', {
 
 Object.defineProperty(HDKey.prototype, 'privateExtendedKey', {
   get: function () {
-    if (this._privateKey) return cs.encode(serialize(this, this.versions.private, Buffer.concat([new Buffer([0]), this.privateKey])))
+    if (this._privateKey) return cs.encode(serialize(this, this.versions.private, Buffer.concat([Buffer.alloc(1, 0), this.privateKey])))
     else return null
   }
 })
@@ -94,7 +95,7 @@ HDKey.prototype.derive = function (path) {
 
 HDKey.prototype.deriveChild = function (index) {
   var isHardened = index >= HARDENED_OFFSET
-  var indexBuffer = new Buffer(4)
+  var indexBuffer = Buffer.allocUnsafe(4)
   indexBuffer.writeUInt32BE(index, 0)
 
   var data
@@ -103,7 +104,7 @@ HDKey.prototype.deriveChild = function (index) {
     assert(this.privateKey, 'Could not derive hardened child key')
 
     var pk = this.privateKey
-    var zb = new Buffer([0])
+    var zb = Buffer.alloc(1, 0)
     pk = Buffer.concat([zb, pk])
 
     // data = 0x00 || ser256(kpar) || ser32(index)
@@ -203,7 +204,7 @@ HDKey.fromJSON = function (obj) {
 
 function serialize (hdkey, version, key) {
   // => version(4) || depth(1) || fingerprint(4) || index(4) || chain(32) || key(33)
-  var buffer = new Buffer(LEN)
+  var buffer = Buffer.allocUnsafe(LEN)
 
   buffer.writeUInt32BE(version, 0)
   buffer.writeUInt8(hdkey.depth, 4)
diff --git a/package.json b/package.json
index 660804c..6787452 100644
--- a/package.json
+++ b/package.json
@@ -34,6 +34,7 @@
   },
   "dependencies": {
     "coinstring": "^2.0.0",
+    "safe-buffer": "^5.1.1",
     "secp256k1": "^3.0.1"
   },
   "scripts": {
diff --git a/test/hdkey.test.js b/test/hdkey.test.js
index 9839a7a..7c4bb10 100644
--- a/test/hdkey.test.js
+++ b/test/hdkey.test.js
@@ -1,5 +1,6 @@
 var assert = require('assert')
 var BigInteger = require('bigi')
+var Buffer = require('safe-buffer').Buffer
 var ecurve = require('ecurve')
 var secureRandom = require('secure-random')
 var curve = ecurve.getCurveByName('secp256k1')
@@ -13,7 +14,7 @@ describe('hdkey', function () {
   describe('+ fromMasterSeed', function () {
     fixtures.valid.forEach(function (f) {
       it('should properly derive the chain path: ' + f.path, function () {
-        var hdkey = HDKey.fromMasterSeed(new Buffer(f.seed, 'hex'))
+        var hdkey = HDKey.fromMasterSeed(Buffer.from(f.seed, 'hex'))
         var childkey = hdkey.derive(f.path)
 
         assert.equal(childkey.privateExtendedKey, f.private)
@@ -22,7 +23,7 @@ describe('hdkey', function () {
 
       describe('> ' + f.path + ' toJSON() / fromJSON()', function () {
         it('should return an object read for JSON serialization', function () {
-          var hdkey = HDKey.fromMasterSeed(new Buffer(f.seed, 'hex'))
+          var hdkey = HDKey.fromMasterSeed(Buffer.from(f.seed, 'hex'))
           var childkey = hdkey.derive(f.path)
 
           var obj = {
@@ -44,7 +45,7 @@ describe('hdkey', function () {
     it('should throw an error if incorrect key size', function () {
       var hdkey = new HDKey()
       assert.throws(function () {
-        hdkey.privateKey = new Buffer([1, 2, 3, 4])
+        hdkey.privateKey = Buffer.from([1, 2, 3, 4])
       }, /key must be 32/)
     })
   })
@@ -53,7 +54,7 @@ describe('hdkey', function () {
     it('should throw an error if incorrect key size', function () {
       assert.throws(function () {
         var hdkey = new HDKey()
-        hdkey.publicKey = new Buffer([1, 2, 3, 4])
+        hdkey.publicKey = Buffer.from([1, 2, 3, 4])
       }, /key must be 33 or 65/)
     })
 
@@ -126,7 +127,7 @@ describe('hdkey', function () {
   describe('> when private key integer is less than 32 bytes', function () {
     it('should work', function () {
       var seed = '000102030405060708090a0b0c0d0e0f'
-      var masterKey = HDKey.fromMasterSeed(new Buffer(seed, 'hex'))
+      var masterKey = HDKey.fromMasterSeed(Buffer.from(seed, 'hex'))
 
       var newKey = masterKey.derive("m/44'/6'/4'")
       var expected = 'xprv9ymoag6W7cR6KBcJzhCM6qqTrb3rRVVwXKzwNqp1tDWcwierEv3BA9if3ARHMhMPh9u2jNoutcgpUBLMfq3kADDo7LzfoCnhhXMRGX3PXDx'
@@ -153,7 +154,7 @@ describe('hdkey', function () {
   describe('> when private key is null', function () {
     it('privateExtendedKey should return null and not throw', function () {
       var seed = '000102030405060708090a0b0c0d0e0f'
-      var masterKey = HDKey.fromMasterSeed(new Buffer(seed, 'hex'))
+      var masterKey = HDKey.fromMasterSeed(Buffer.from(seed, 'hex'))
 
       assert.ok(masterKey.privateExtendedKey, 'xpriv is truthy')
       masterKey._privateKey = null