Add more input checkings
This commit is contained in:
parent
69745567ff
commit
4351c28a6c
|
@ -78,6 +78,8 @@ var getPublic = exports.getPublic = function(privateKey) {
|
||||||
exports.sign = function(privateKey, msg) {
|
exports.sign = function(privateKey, msg) {
|
||||||
return new Promise(function(resolve) {
|
return new Promise(function(resolve) {
|
||||||
assert(privateKey.length === 32, "Bad private key");
|
assert(privateKey.length === 32, "Bad private key");
|
||||||
|
assert(msg.length > 0, "Message should not be empty");
|
||||||
|
assert(msg.length <= 32, "Message is too long");
|
||||||
resolve(new Buffer(ec.sign(msg, privateKey, {canonical: true}).toDER()));
|
resolve(new Buffer(ec.sign(msg, privateKey, {canonical: true}).toDER()));
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
@ -86,6 +88,8 @@ exports.verify = function(publicKey, msg, sig) {
|
||||||
return new Promise(function(resolve, reject) {
|
return new Promise(function(resolve, reject) {
|
||||||
assert(publicKey.length === 65, "Bad public key");
|
assert(publicKey.length === 65, "Bad public key");
|
||||||
assert(publicKey[0] === 4, "Bad public key");
|
assert(publicKey[0] === 4, "Bad public key");
|
||||||
|
assert(msg.length > 0, "Message should not be empty");
|
||||||
|
assert(msg.length <= 32, "Message is too long");
|
||||||
if (ec.verify(msg, sig, publicKey)) {
|
if (ec.verify(msg, sig, publicKey)) {
|
||||||
resolve();
|
resolve();
|
||||||
} else {
|
} else {
|
||||||
|
|
4
index.js
4
index.js
|
@ -81,6 +81,8 @@ function padMsg(msg) {
|
||||||
*/
|
*/
|
||||||
exports.sign = function(privateKey, msg) {
|
exports.sign = function(privateKey, msg) {
|
||||||
return new promise(function(resolve) {
|
return new promise(function(resolve) {
|
||||||
|
assert(msg.length > 0, "Message should not be empty");
|
||||||
|
assert(msg.length <= 32, "Message is too long");
|
||||||
resolve(secp256k1.sign(privateKey, padMsg(msg)));
|
resolve(secp256k1.sign(privateKey, padMsg(msg)));
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
@ -95,6 +97,8 @@ exports.sign = function(privateKey, msg) {
|
||||||
*/
|
*/
|
||||||
exports.verify = function(publicKey, msg, sig) {
|
exports.verify = function(publicKey, msg, sig) {
|
||||||
return new promise(function(resolve, reject) {
|
return new promise(function(resolve, reject) {
|
||||||
|
assert(msg.length > 0, "Message should not be empty");
|
||||||
|
assert(msg.length <= 32, "Message is too long");
|
||||||
if (secp256k1.verify(publicKey, padMsg(msg), sig) === 1) {
|
if (secp256k1.verify(publicKey, padMsg(msg), sig) === 1) {
|
||||||
resolve();
|
resolve();
|
||||||
} else {
|
} else {
|
||||||
|
|
22
test.js
22
test.js
|
@ -93,6 +93,28 @@ describe("ECDSA", function() {
|
||||||
return eccrypto.verify(publicKey, shortMsg, sig);
|
return eccrypto.verify(publicKey, shortMsg, sig);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it("shouldn't sign and verify messages longer than 32 bytes", function(done) {
|
||||||
|
var longMsg = Buffer(40);
|
||||||
|
var someSig = Buffer("304402204737396b697e5a3400e3aedd203d8be89879f97708647252bd0c17752ff4c8f302201d52ef234de82ce0719679fa220334c83b80e21b8505a781d32d94a27d9310aa", "hex");
|
||||||
|
eccrypto.sign(privateKey, longMsg).catch(function() {
|
||||||
|
eccrypto.verify(privateKey, longMsg, someSig).catch(function(e) {
|
||||||
|
expect(e.message).to.not.match(/bad signature/i);
|
||||||
|
done();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
it("shouldn't sign and verify empty messages", function(done) {
|
||||||
|
var emptyMsg = Buffer(0);
|
||||||
|
var someSig = Buffer("304402204737396b697e5a3400e3aedd203d8be89879f97708647252bd0c17752ff4c8f302201d52ef234de82ce0719679fa220334c83b80e21b8505a781d32d94a27d9310aa", "hex");
|
||||||
|
eccrypto.sign(privateKey, emptyMsg).catch(function() {
|
||||||
|
eccrypto.verify(publicKey, emptyMsg, someSig).catch(function(e) {
|
||||||
|
expect(e.message).to.not.match(/bad signature/i);
|
||||||
|
done();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe("ECDH", function() {
|
describe("ECDH", function() {
|
||||||
|
|
Loading…
Reference in New Issue
Block a user