Specify messages as hex and fix bug in ed25519 signing

2025-12-02 18:15:56 +00:00 · 2015-10-14 12:17:55 -07:00
parent 1b44bb068b
commit 98c42c200b
7 changed files with 26 additions and 21 deletions
--- a/packages/ripple-keypairs/.travis.yml
+++ b/packages/ripple-keypairs/.travis.yml
@@ -1,7 +0,0 @@
-language: node_js
-node_js:
- '0.12'
-script:
- npm test --coverage
- npm run-script codecov
- npm run-script lint
--- a/packages/ripple-keypairs/README.md
+++ b/packages/ripple-keypairs/README.md
@@ -17,14 +17,14 @@ deriveKeypair(seed: string) -> {privateKey: string, publicKey: string}
 Derive a public and private key from a seed. The keys are represented as 33-byte hexadecimal strings.

 ```
-sign(message: string, privateKey: string) -> string
+sign(messageHex: string, privateKey: string) -> string
 ```
-Sign an arbitrary message with a private key. Returns the signature as a hexadecimal string.
+Sign an arbitrary hex-encoded message with a private key. Returns the signature as a hexadecimal string.

 ```
-verify(message: string, signature: string, publicKey: string) -> boolean
+verify(messageHex: string, signature: string, publicKey: string) -> boolean
 ```
-Verify a signature for a given message and public key. Returns true if the signature is valid, false otherwise.
+Verify a signature for a given hex-encoded message and public key. Returns true if the signature is valid, false otherwise.

 ```
 deriveAddress(publicKey: string) -> string
--- a/packages/ripple-keypairs/circle.yml
+++ b/packages/ripple-keypairs/circle.yml
@@ -0,0 +1,3 @@
+machine:
+  node:
+    version: 0.12.0
--- a/packages/ripple-keypairs/package.json
+++ b/packages/ripple-keypairs/package.json
@@ -1,6 +1,6 @@
 {
  "name": "ripple-keypairs",
-  "version": "0.9.0",
+  "version": "0.10.0",
  "description": "ripple key pairs",
  "files": [
    "distrib/npm/*",
--- a/packages/ripple-keypairs/src/index.js
+++ b/packages/ripple-keypairs/src/index.js
@@ -52,6 +52,9 @@ const ed25519 = {
    return {privateKey, publicKey};
  },
  sign: function(message, privateKey) {
+    // caution: Ed25519.sign interprets all strings as hex, stripping
+    // any non-hex characters without warning
+    assert(Array.isArray(message), 'message must be array of octets');
    return bytesToHex(Ed25519.sign(
      message, hexToBytes(privateKey).slice(1)).toBytes());
  },
@@ -78,14 +81,14 @@ function getAlgorithmFromKey(key) {
    'ed25519' : 'ecdsa-secp256k1';
 }

-function sign(message, privateKey) {
+function sign(messageHex, privateKey) {
  const algorithm = getAlgorithmFromKey(privateKey);
-  return select(algorithm).sign(message, privateKey);
+  return select(algorithm).sign(hexToBytes(messageHex), privateKey);
 }

-function verify(message, signature, publicKey) {
+function verify(messageHex, signature, publicKey) {
  const algorithm = getAlgorithmFromKey(publicKey);
-  return select(algorithm).verify(message, signature, publicKey);
+  return select(algorithm).verify(hexToBytes(messageHex), signature, publicKey);
 }

 function deriveAddressFromBytes(publicKeyBytes) {
--- a/packages/ripple-keypairs/test/api-test.js
+++ b/packages/ripple-keypairs/test/api-test.js
@@ -53,7 +53,9 @@ describe('api', () => {

  it('sign - secp256k1', () => {
    const privateKey = fixtures.secp256k1.keypair.privateKey;
-    const signature = api.sign(fixtures.secp256k1.message, privateKey);
+    const message = fixtures.secp256k1.message;
+    const messageHex = (new Buffer(message, 'utf8')).toString('hex');
+    const signature = api.sign(messageHex, privateKey);
    assert.strictEqual(signature, fixtures.secp256k1.signature);
  });

@@ -61,12 +63,15 @@ describe('api', () => {
    const signature = fixtures.secp256k1.signature;
    const publicKey = fixtures.secp256k1.keypair.publicKey;
    const message = fixtures.secp256k1.message;
-    assert(api.verify(message, signature, publicKey));
+    const messageHex = (new Buffer(message, 'utf8')).toString('hex');
+    assert(api.verify(messageHex, signature, publicKey));
  });

  it('sign - ed25519', () => {
    const privateKey = fixtures.ed25519.keypair.privateKey;
-    const signature = api.sign(fixtures.ed25519.message, privateKey);
+    const message = fixtures.ed25519.message;
+    const messageHex = (new Buffer(message, 'utf8')).toString('hex');
+    const signature = api.sign(messageHex, privateKey);
    assert.strictEqual(signature, fixtures.ed25519.signature);
  });

@@ -74,7 +79,8 @@ describe('api', () => {
    const signature = fixtures.ed25519.signature;
    const publicKey = fixtures.ed25519.keypair.publicKey;
    const message = fixtures.ed25519.message;
-    assert(api.verify(message, signature, publicKey));
+    const messageHex = (new Buffer(message, 'utf8')).toString('hex');
+    assert(api.verify(messageHex, signature, publicKey));
  });

  it('deriveNodeAddress', () => {
--- a/packages/ripple-keypairs/test/fixtures/api.json
+++ b/packages/ripple-keypairs/test/fixtures/api.json
@@ -17,6 +17,6 @@
    },
    "address": "rLUEXYuLiQptky37CqLcm9USQpPiz5rkpD",
    "message": "test message",
-    "signature": "D9AB88033EFAFFBADF3AF5854885A0B42DAA91B94B64B10EB1C1BE376C0F452A93F31B13CEF00049FB36317B2E9E5ADBAD38040E71C17B01F01A2FB3EA30CD0F"
+    "signature": "CB199E1BFD4E3DAA105E4832EEDFA36413E1F44205E4EFB9E27E826044C21E3E2E848BBC8195E8959BADF887599B7310AD1B7047EF11B682E0D068F73749750E"
  }
 }