diff --git a/lib/bitauth.js b/lib/bitauth.js index 5de5aa6..c567319 100644 --- a/lib/bitauth.js +++ b/lib/bitauth.js @@ -69,17 +69,17 @@ BitAuth.getPublicKeyFromPrivateKey = function(privkey) { BitAuth.getSinFromPublicKey = function(pubkey) { // sha256 hash the pubkey - var pubHash = (new hashjs.sha256()).update(new Buffer(pubkey, 'hex')).digest('hex'); + var pubHash = (new hashjs.sha256()).update(pubkey, 'hex').digest('hex'); // get the ripemd160 hash of the pubkey - var pubRipe = (new hashjs.ripemd160()).update(new Buffer(pubHash, 'hex')).digest('hex'); + var pubRipe = (new hashjs.ripemd160()).update(pubHash, 'hex').digest('hex'); // add the version var pubPrefixed = '0f02'+pubRipe; // two rounds of hashing to generate the checksum - var hash1 = (new hashjs.sha256()).update(new Buffer(pubPrefixed, 'hex')).digest('hex'); - var checksumTotal = (new hashjs.sha256()).update(new Buffer(hash1, 'hex')).digest('hex'); + var hash1 = (new hashjs.sha256()).update(pubPrefixed, 'hex').digest('hex'); + var checksumTotal = (new hashjs.sha256()).update(hash1, 'hex').digest('hex'); // slice the hash to arrive at the checksum var checksum = checksumTotal.slice(0,8); @@ -102,7 +102,7 @@ BitAuth.getSinFromPublicKey = function(pubkey) { * @returns {String} signature - A DER signature in hex */ BitAuth.sign = function(data, privkey) { - var hash = (new hashjs.sha256()).update(new Buffer(data)).digest('hex'); + var hash = (new hashjs.sha256()).update(data).digest('hex'); var signature = ecdsa.sign(hash, privkey); var hexsignature = signature.toDER('hex'); return hexsignature; @@ -117,7 +117,7 @@ BitAuth.sign = function(data, privkey) { * @returns {Function|Boolean} - If the signature is valid */ BitAuth.verifySignature = function(data, pubkey, hexsignature, callback) { - var hash = (new hashjs.sha256()).update(new Buffer(data)).digest('hex'); + var hash = (new hashjs.sha256()).update(data).digest('hex'); var signature = new Buffer(hexsignature, 'hex'); var valid = ecdsa.verify(hash, signature, pubkey); if ( callback ){ @@ -136,8 +136,15 @@ BitAuth.verifySignature = function(data, pubkey, hexsignature, callback) { */ BitAuth.validateSin = function(sin, callback) { - var decoded = bs58.decode(sin); - var pubWithChecksum = new Buffer(decoded, 'hex').toString('hex'); + try { + var pubWithChecksum = new Buffer(bs58.decode(sin), 'hex').toString('hex'); + } catch( err ) { + if ( callback ) { + return callback( err ); + } else { + return false; + } + } // check the version if ( pubWithChecksum.slice(0, 4) != '0f02' ) { @@ -152,8 +159,8 @@ BitAuth.validateSin = function(sin, callback) { var pubPrefixed = pubWithChecksum.slice(0, pubWithChecksum.length-8); // two rounds of hashing to generate the checksum - var hash1 = (new hashjs.sha256()).update(new Buffer(pubPrefixed, 'hex')).digest('hex'); - var checksumTotal = (new hashjs.sha256()).update(new Buffer(hash1, 'hex')).digest('hex'); + var hash1 = (new hashjs.sha256()).update(pubPrefixed, 'hex').digest('hex'); + var checksumTotal = (new hashjs.sha256()).update(hash1, 'hex').digest('hex'); // check the checksum if ( checksumTotal.slice(0,8) == checksum ) { diff --git a/package.json b/package.json index 522c6ad..d0185c1 100644 --- a/package.json +++ b/package.json @@ -21,6 +21,7 @@ ], "scripts": { "make-dist": "sh scripts/make-dist.sh", + "postinstall": "npm run make-dist", "test": "mocha test/*.js --reporter spec" }, "main": "index.js", diff --git a/test/test.bitauth.js b/test/test.bitauth.js index 8149c51..81b27f0 100644 --- a/test/test.bitauth.js +++ b/test/test.bitauth.js @@ -134,12 +134,18 @@ describe('bitauth', function() { describe('#validateSinFalse', function() { - it('should validate the sin as false', function(done) { + it('should validate the sin as false because of bad checksum', function(done) { var valid = bitauth.validateSin(sinbad); should.equal(false, valid); done(); }); + it('should validate the sin as false because of non-base58', function(done) { + var valid = bitauth.validateSin('not#base!58'); + should.equal(false, valid); + done(); + }); + }); describe('#validateSinCallback', function() {