2014-08-09 17:43:24 -07:00
|
|
|
var ECDSA = require('../lib/ecdsa');
|
|
|
|
|
var Hash = require('../lib/hash');
|
2014-08-29 14:18:56 -07:00
|
|
|
var Keypair = require('../lib/keypair');
|
2014-08-09 17:43:24 -07:00
|
|
|
var Privkey = require('../lib/privkey');
|
|
|
|
|
var Pubkey = require('../lib/pubkey');
|
2014-08-09 19:42:25 -07:00
|
|
|
var Signature = require('../lib/signature');
|
2014-08-19 17:15:54 -07:00
|
|
|
var BN = require('../lib/bn');
|
2014-08-09 17:43:24 -07:00
|
|
|
var point = require('../lib/point');
|
|
|
|
|
var should = require('chai').should();
|
|
|
|
|
|
2014-08-14 08:32:47 -07:00
|
|
|
describe("ECDSA", function() {
|
2014-08-09 17:43:24 -07:00
|
|
|
|
|
|
|
|
it('should create a blank ecdsa', function() {
|
|
|
|
|
var ecdsa = new ECDSA();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
var ecdsa = new ECDSA();
|
2014-08-20 10:52:26 -07:00
|
|
|
ecdsa.hashbuf = Hash.sha256(new Buffer('test data'));
|
2014-09-02 16:36:21 -07:00
|
|
|
ecdsa.keypair = new Keypair();
|
|
|
|
|
ecdsa.keypair.privkey = new Privkey({bn: BN().fromBuffer(new Buffer('fee0a1f7afebf9d2a5a80c0c98a31c709681cce195cbcd06342b517970c0be1e', 'hex'))});
|
|
|
|
|
ecdsa.keypair.pubkey = new Pubkey({
|
2014-08-28 17:41:38 -07:00
|
|
|
point: point(BN().fromBuffer(new Buffer('ac242d242d23be966085a2b2b893d989f824e06c9ad0395a8a52f055ba39abb2', 'hex')),
|
|
|
|
|
BN().fromBuffer(new Buffer('4836ab292c105a711ed10fcfd30999c31ff7c02456147747e03e739ad527c380', 'hex')))
|
|
|
|
|
});
|
2014-08-19 17:15:54 -07:00
|
|
|
|
2014-08-28 16:07:28 -07:00
|
|
|
describe('#set', function() {
|
|
|
|
|
|
|
|
|
|
it('should set hashbuf', function() {
|
|
|
|
|
should.exist(ECDSA().set({hashbuf: ecdsa.hashbuf}).hashbuf);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
2014-08-19 17:15:54 -07:00
|
|
|
describe('#calci', function() {
|
|
|
|
|
|
|
|
|
|
it('should calculate i', function() {
|
|
|
|
|
ecdsa.randomK();
|
|
|
|
|
ecdsa.sign();
|
|
|
|
|
ecdsa.calci();
|
|
|
|
|
should.exist(ecdsa.sig.i);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should calulate this known i', function() {
|
2014-08-20 10:52:26 -07:00
|
|
|
var hashbuf = Hash.sha256(new Buffer('some data'));
|
2014-08-19 17:15:54 -07:00
|
|
|
var r = BN('71706645040721865894779025947914615666559616020894583599959600180037551395766', 10);
|
|
|
|
|
var s = BN('109412465507152403114191008482955798903072313614214706891149785278625167723646', 10);
|
|
|
|
|
var ecdsa = new ECDSA();
|
2014-09-02 16:36:21 -07:00
|
|
|
ecdsa.keypair = new Keypair();
|
|
|
|
|
ecdsa.keypair.privkey = Privkey();
|
|
|
|
|
ecdsa.keypair.privkey.bn = BN().fromBuffer(Hash.sha256(new Buffer('test')));
|
|
|
|
|
ecdsa.keypair.privkey2pubkey();
|
2014-08-20 10:52:26 -07:00
|
|
|
ecdsa.hashbuf = hashbuf;
|
2014-08-28 16:38:21 -07:00
|
|
|
ecdsa.sig = new Signature({r: r, s: s});
|
2014-08-19 17:15:54 -07:00
|
|
|
|
|
|
|
|
ecdsa.calci();
|
|
|
|
|
ecdsa.sig.i.should.equal(1);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
});
|
2014-08-09 17:43:24 -07:00
|
|
|
|
2014-08-09 19:42:25 -07:00
|
|
|
describe('#fromString', function() {
|
|
|
|
|
|
|
|
|
|
it('should to a round trip with to string', function() {
|
|
|
|
|
var str = ecdsa.toString();
|
|
|
|
|
var ecdsa2 = new ECDSA();
|
|
|
|
|
ecdsa2.fromString(str);
|
2014-08-20 10:52:26 -07:00
|
|
|
should.exist(ecdsa.hashbuf);
|
2014-09-02 16:36:21 -07:00
|
|
|
should.exist(ecdsa.keypair);
|
2014-08-09 19:42:25 -07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('#randomK', function() {
|
|
|
|
|
|
|
|
|
|
it('should generate a new random k when called twice in a row', function() {
|
|
|
|
|
ecdsa.randomK();
|
|
|
|
|
var k1 = ecdsa.k;
|
|
|
|
|
ecdsa.randomK();
|
|
|
|
|
var k2 = ecdsa.k;
|
|
|
|
|
(k1.cmp(k2) === 0).should.equal(false);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should generate a random k that is (almost always) greater than this relatively small number', function() {
|
|
|
|
|
ecdsa.randomK();
|
|
|
|
|
var k1 = ecdsa.k;
|
2014-08-19 17:15:54 -07:00
|
|
|
var k2 = BN(Math.pow(2, 32)).mul(BN(Math.pow(2, 32))).mul(BN(Math.pow(2, 32)));
|
2014-08-09 19:42:25 -07:00
|
|
|
k2.gt(k1).should.equal(false);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
2014-08-19 17:15:54 -07:00
|
|
|
describe('#sig2pubkey', function() {
|
|
|
|
|
|
|
|
|
|
it('should calculate the correct public key', function() {
|
|
|
|
|
ecdsa.k = BN('114860389168127852803919605627759231199925249596762615988727970217268189974335', 10);
|
|
|
|
|
ecdsa.sign();
|
|
|
|
|
ecdsa.sig.i = 1;
|
|
|
|
|
var pubkey = ecdsa.sig2pubkey();
|
2014-09-02 16:36:21 -07:00
|
|
|
pubkey.point.eq(ecdsa.keypair.pubkey.point).should.equal(true);
|
2014-08-19 17:15:54 -07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
2014-08-09 19:42:25 -07:00
|
|
|
describe('#sigError', function() {
|
|
|
|
|
|
|
|
|
|
it('should return an error if the hash is invalid', function() {
|
|
|
|
|
var ecdsa = new ECDSA();
|
|
|
|
|
ecdsa.sigError().should.equal('Invalid hash');
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should return an error if the pubkey is invalid', function() {
|
|
|
|
|
var ecdsa = new ECDSA();
|
2014-08-20 10:52:26 -07:00
|
|
|
ecdsa.hashbuf = Hash.sha256(new Buffer('test'));
|
2014-08-09 22:47:32 -07:00
|
|
|
ecdsa.sigError().indexOf("Invalid pubkey").should.equal(0);
|
2014-08-09 19:42:25 -07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should return an error if r, s are invalid', function() {
|
|
|
|
|
var ecdsa = new ECDSA();
|
2014-08-20 10:52:26 -07:00
|
|
|
ecdsa.hashbuf = Hash.sha256(new Buffer('test'));
|
2014-08-09 22:47:32 -07:00
|
|
|
var pk = new Pubkey();
|
|
|
|
|
pk.fromDER(new Buffer('041ff0fe0f7b15ffaa85ff9f4744d539139c252a49710fb053bb9f2b933173ff9a7baad41d04514751e6851f5304fd243751703bed21b914f6be218c0fa354a341', 'hex'));
|
2014-09-02 16:36:21 -07:00
|
|
|
ecdsa.keypair = new Keypair();
|
|
|
|
|
ecdsa.keypair.pubkey = pk;
|
2014-08-09 19:42:25 -07:00
|
|
|
ecdsa.sig = new Signature();
|
2014-08-19 17:15:54 -07:00
|
|
|
ecdsa.sig.r = BN(0);
|
|
|
|
|
ecdsa.sig.s = BN(0);
|
2014-08-09 22:47:32 -07:00
|
|
|
ecdsa.sigError().should.equal("r and s not in range");
|
2014-08-09 19:42:25 -07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should return an error if the signature is incorrect', function() {
|
|
|
|
|
ecdsa.sig = new Signature();
|
|
|
|
|
ecdsa.sig.fromString('3046022100e9915e6236695f093a4128ac2a956c40ed971531de2f4f41ba05fac7e2bd019c02210094e6a4a769cc7f2a8ab3db696c7cd8d56bcdbfff860a8c81de4bc6a798b90827');
|
2014-08-19 17:15:54 -07:00
|
|
|
ecdsa.sig.r = ecdsa.sig.r.add(BN(1));
|
2014-08-09 19:42:25 -07:00
|
|
|
ecdsa.sigError().should.equal("Invalid signature");
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('#sign', function() {
|
|
|
|
|
|
|
|
|
|
it('should create a valid signature', function() {
|
|
|
|
|
ecdsa.randomK();
|
|
|
|
|
ecdsa.sign();
|
|
|
|
|
ecdsa.verify().should.equal(true);
|
|
|
|
|
});
|
|
|
|
|
|
2014-09-16 11:33:49 -07:00
|
|
|
it('should should throw an error if hashbuf is not 32 bytes', function() {
|
|
|
|
|
var ecdsa2 = ECDSA().set({
|
|
|
|
|
hashbuf: ecdsa.hashbuf.slice(0, 31),
|
|
|
|
|
keypair: ecdsa.keypair
|
|
|
|
|
});
|
|
|
|
|
ecdsa2.randomK();
|
|
|
|
|
(function() {
|
|
|
|
|
ecdsa2.sign();
|
|
|
|
|
}).should.throw('hashbuf must be a 32 byte buffer');
|
|
|
|
|
});
|
|
|
|
|
|
2014-08-09 19:42:25 -07:00
|
|
|
});
|
|
|
|
|
|
2014-08-09 17:43:24 -07:00
|
|
|
describe('#signRandomK', function() {
|
|
|
|
|
|
|
|
|
|
it('should produce a signature', function() {
|
|
|
|
|
ecdsa.signRandomK();
|
|
|
|
|
should.exist(ecdsa.sig);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
2014-08-09 19:42:25 -07:00
|
|
|
describe('#toString', function() {
|
|
|
|
|
|
|
|
|
|
it('should convert this to a string', function() {
|
|
|
|
|
var str = ecdsa.toString();
|
|
|
|
|
(typeof str === 'string').should.equal(true);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
2014-08-09 17:43:24 -07:00
|
|
|
describe('#verify', function() {
|
|
|
|
|
|
|
|
|
|
it('should verify a signature that was just signed', function() {
|
2014-08-09 19:42:25 -07:00
|
|
|
ecdsa.sig = new Signature();
|
|
|
|
|
ecdsa.sig.fromString('3046022100e9915e6236695f093a4128ac2a956c40ed971531de2f4f41ba05fac7e2bd019c02210094e6a4a769cc7f2a8ab3db696c7cd8d56bcdbfff860a8c81de4bc6a798b90827');
|
|
|
|
|
ecdsa.verify().should.equal(true);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should verify this known good signature', function() {
|
2014-08-09 17:43:24 -07:00
|
|
|
ecdsa.signRandomK();
|
|
|
|
|
ecdsa.verify().should.equal(true);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
2014-09-16 11:34:28 -07:00
|
|
|
describe('@sign', function() {
|
|
|
|
|
|
|
|
|
|
it('should produce a signature', function() {
|
|
|
|
|
var sig = ECDSA.sign(ecdsa.hashbuf, ecdsa.keypair);
|
|
|
|
|
(sig instanceof Signature).should.equal(true);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('@verify', function() {
|
|
|
|
|
|
|
|
|
|
it('should verify a valid signature, and unverify an invalid signature', function() {
|
|
|
|
|
var sig = ECDSA.sign(ecdsa.hashbuf, ecdsa.keypair);
|
|
|
|
|
ECDSA.verify(ecdsa.hashbuf, sig, ecdsa.keypair.pubkey).should.equal(true);
|
|
|
|
|
var fakesig = Signature(sig.r.add(1), sig.s);
|
|
|
|
|
ECDSA.verify(ecdsa.hashbuf, fakesig, ecdsa.keypair.pubkey).should.equal(false);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
2014-08-09 17:43:24 -07:00
|
|
|
});
|
