remove unnecessary buffers, handle non-base58 chars in validateSin, and add postinstall

lib/bitauth.js

@@ -69,17 +69,17 @@ BitAuth.getPublicKeyFromPrivateKey = function(privkey) {
 BitAuth.getSinFromPublicKey = function(pubkey) {
 
   // sha256 hash the pubkey
-  var pubHash = (new hashjs.sha256()).update(new Buffer(pubkey, 'hex')).digest('hex');
+  var pubHash = (new hashjs.sha256()).update(pubkey, 'hex').digest('hex');
 
   // get the ripemd160 hash of the pubkey
-  var pubRipe = (new hashjs.ripemd160()).update(new Buffer(pubHash, 'hex')).digest('hex');
+  var pubRipe = (new hashjs.ripemd160()).update(pubHash, 'hex').digest('hex');
 
   // add the version
   var pubPrefixed = '0f02'+pubRipe;
 
   // two rounds of hashing to generate the checksum
-  var hash1 = (new hashjs.sha256()).update(new Buffer(pubPrefixed, 'hex')).digest('hex');
-  var checksumTotal = (new hashjs.sha256()).update(new Buffer(hash1, 'hex')).digest('hex');
+  var hash1 = (new hashjs.sha256()).update(pubPrefixed, 'hex').digest('hex');
+  var checksumTotal = (new hashjs.sha256()).update(hash1, 'hex').digest('hex');
 
   // slice the hash to arrive at the checksum
   var checksum = checksumTotal.slice(0,8);
@@ -102,7 +102,7 @@ BitAuth.getSinFromPublicKey = function(pubkey) {
  * @returns {String} signature - A DER signature in hex
  */
 BitAuth.sign = function(data, privkey) {
-  var hash = (new hashjs.sha256()).update(new Buffer(data)).digest('hex');
+  var hash = (new hashjs.sha256()).update(data).digest('hex');
   var signature = ecdsa.sign(hash, privkey);
   var hexsignature = signature.toDER('hex');
   return hexsignature;
@@ -117,7 +117,7 @@ BitAuth.sign = function(data, privkey) {
  * @returns {Function|Boolean} - If the signature is valid
  */
 BitAuth.verifySignature = function(data, pubkey, hexsignature, callback) {
-  var hash = (new hashjs.sha256()).update(new Buffer(data)).digest('hex');
+  var hash = (new hashjs.sha256()).update(data).digest('hex');
   var signature = new Buffer(hexsignature, 'hex');
   var valid = ecdsa.verify(hash, signature, pubkey);
   if ( callback ){
@@ -136,8 +136,15 @@ BitAuth.verifySignature = function(data, pubkey, hexsignature, callback) {
  */
 BitAuth.validateSin = function(sin, callback) {
 
-  var decoded = bs58.decode(sin);
-  var pubWithChecksum = new Buffer(decoded, 'hex').toString('hex');
+  try {
+    var pubWithChecksum = new Buffer(bs58.decode(sin), 'hex').toString('hex');
+  } catch( err ) {
+    if ( callback ) {
+      return callback( err );
+    } else {
+      return false;
+    }
+  }
 
   // check the version
   if ( pubWithChecksum.slice(0, 4) != '0f02' ) {
@@ -152,8 +159,8 @@ BitAuth.validateSin = function(sin, callback) {
   var pubPrefixed = pubWithChecksum.slice(0, pubWithChecksum.length-8);
 
   // two rounds of hashing to generate the checksum
-  var hash1 = (new hashjs.sha256()).update(new Buffer(pubPrefixed, 'hex')).digest('hex');
-  var checksumTotal = (new hashjs.sha256()).update(new Buffer(hash1, 'hex')).digest('hex');
+  var hash1 = (new hashjs.sha256()).update(pubPrefixed, 'hex').digest('hex');
+  var checksumTotal = (new hashjs.sha256()).update(hash1, 'hex').digest('hex');
 
   // check the checksum
   if ( checksumTotal.slice(0,8) == checksum ) {

package.json

@@ -21,6 +21,7 @@
   ],
   "scripts": {
     "make-dist": "sh scripts/make-dist.sh",
+    "postinstall": "npm run make-dist",
     "test": "mocha test/*.js --reporter spec"
   },
   "main": "index.js",

test/test.bitauth.js

@@ -134,12 +134,18 @@ describe('bitauth', function() {
 
   describe('#validateSinFalse', function() {
 
-    it('should validate the sin as false', function(done) {
+    it('should validate the sin as false because of bad checksum', function(done) {
       var valid = bitauth.validateSin(sinbad);
       should.equal(false, valid);
       done();
     });
 
+    it('should validate the sin as false because of non-base58', function(done) {
+      var valid = bitauth.validateSin('not#base!58');
+      should.equal(false, valid);
+      done();
+    });
+
   });
 
   describe('#validateSinCallback', function() {