diff --git a/lib/client/Verifier.js b/lib/client/Verifier.js index 1fbbb47..fdb7f2c 100644 --- a/lib/client/Verifier.js +++ b/lib/client/Verifier.js @@ -1,15 +1,14 @@ var $ = require('preconditions').singleton(); var _ = require('lodash'); -var Bitcore = require('bitcore'); var BitcoinUtils = require('../bitcoinutils') function Verifier(opts) {}; Verifier.checkAddress = function(data, address) { var local = BitcoinUtils.deriveAddress(data.publicKeyRing, address.path, data.m, data.network); - if (local.address != address.address || JSON.stringify(local.publicKeys)!= JSON.stringify(address.publicKeys)) - return cb('Server sent a fake address.'); + return (local.address == address.address + && JSON.stringify(local.publicKeys) == JSON.stringify(address.publicKeys)); }; module.exports = Verifier; diff --git a/lib/client/api.js b/lib/client/api.js index 9ffd70a..b13c361 100644 --- a/lib/client/api.js +++ b/lib/client/api.js @@ -10,6 +10,7 @@ log.debug = log.verbose; var Bitcore = require('bitcore') var SignUtils = require('../signutils'); var Verifier = require('./verifier'); +var ServerCompromissedError = require('./servercompromissederror') var BASE_URL = 'http://localhost:3001/copay/api'; @@ -53,6 +54,7 @@ function API(opts) { } this.storage = opts.storage; this.verbose = !!opts.verbose; + this.request = request || opts.request; if (this.verbose) { log.level = 'debug'; } @@ -93,7 +95,7 @@ API.prototype._doRequest = function(method, url, args, data, cb) { json: true, }; log.verbose('Request Args', util.inspect(args)); - request(args, function(err, res, body) { + this.request(args, function(err, res, body) { log.verbose('Response:', err, body); if (err) return cb(err); @@ -101,6 +103,7 @@ API.prototype._doRequest = function(method, url, args, data, cb) { _parseError(body); return cb('Request error'); } + return cb(null, body); }); }; @@ -289,7 +292,9 @@ API.prototype.createAddress = function(cb) { if (data.publicKeyRing.length != data.n) return cb('Wallet Incomplete, cannot derive address.') - Verifier.checkAddress(data, address); + if (!Verifier.checkAddress(data, address)) { + return cb(new ServerCompromissedError('Server sent fake address')); + } return cb(null, address); }); diff --git a/lib/client/filestorage.js b/lib/client/filestorage.js index 27fe3d4..257cf76 100644 --- a/lib/client/filestorage.js +++ b/lib/client/filestorage.js @@ -6,17 +6,18 @@ function FileStorage(opts) { throw new Error('Please set the config filename'); } this.filename = opts.filename; + this.fs = opts.fs || fs; }; FileStorage.prototype.save = function(data) { - fs.writeFileSync(this.filename, JSON.stringify(data)); + this.fs.writeFileSync(this.filename, JSON.stringify(data)); }; FileStorage.prototype.load = function() { try { - return JSON.parse(fs.readFileSync(this.filename)); - } catch (ex) {} + return JSON.parse(this.fs.readFileSync(this.filename)); + } catch (ex) {}; }; diff --git a/test/integration.js b/test/integration/server.js similarity index 99% rename from test/integration.js rename to test/integration/server.js index c525c2b..85b6438 100644 --- a/test/integration.js +++ b/test/integration/server.js @@ -10,15 +10,15 @@ var levelup = require('levelup'); var memdown = require('memdown'); var Bitcore = require('bitcore'); -var Utils = require('../lib/utils'); -var SignUtils = require('../lib/signutils'); -var Storage = require('../lib/storage'); +var Utils = require('../../lib/utils'); +var SignUtils = require('../../lib/signutils'); +var Storage = require('../../lib/storage'); -var Wallet = require('../lib/model/wallet'); -var Address = require('../lib/model/address'); -var Copayer = require('../lib/model/copayer'); -var CopayServer = require('../lib/server'); -var TestData = require('./testdata'); +var Wallet = require('../../lib/model/wallet'); +var Address = require('../../lib/model/address'); +var Copayer = require('../../lib/model/copayer'); +var CopayServer = require('../../lib/server'); +var TestData = require('../testdata'); var helpers = {};