rm ECSignature, add script.signature instead

Author: dcousens

src/ecdsa.js

@@ -4,7 +4,6 @@ var typeforce = require('typeforce')
 var types = require('./types')
 
 var BigInteger = require('bigi')
-var ECSignature = require('./ecsignature')
 
 var ZERO = Buffer.alloc(1, 0)
 var ONE = Buffer.alloc(1, 1)
@@ -102,7 +101,10 @@ function sign (hash, d) {
     s = n.subtract(s)
   }
 
-  return new ECSignature(r, s)
+  return {
+    r: r,
+    s: s
+  }
 }
 
 function verify (hash, signature, Q) {

src/ecsignature.js

@@ -8,7 +8,6 @@ for (var key in templates) {
 module.exports = {
   Block: require('./block'),
   ECPair: require('./ecpair'),
-  ECSignature: require('./ecsignature'),
   HDNode: require('./hdnode'),
   Transaction: require('./transaction'),
   TransactionBuilder: require('./transaction_builder'),

src/index.js

@@ -206,6 +206,7 @@ module.exports = {
   toStack: toStack,
 
   number: require('./script_number'),
+  signature: require('./script_signature'),
 
   isCanonicalPubKey: isCanonicalPubKey,
   isCanonicalSignature: isCanonicalSignature,

src/script.js

@@ -0,0 +1,51 @@
+var bip66 = require('bip66')
+var BigInteger = require('bigi')
+var typeforce = require('typeforce')
+var types = require('./types')
+
+// BIP62: 1 byte hashType flag (only 0x01, 0x02, 0x03, 0x81, 0x82 and 0x83 are allowed)
+function decode (buffer) {
+  var hashType = buffer.readUInt8(buffer.length - 1)
+  var hashTypeMod = hashType & ~0x80
+  if (hashTypeMod <= 0 || hashTypeMod >= 4) throw new Error('Invalid hashType ' + hashType)
+
+  var decode = bip66.decode(buffer.slice(0, -1))
+
+  return {
+    signature: {
+      r: BigInteger.fromDERInteger(decode.r),
+      s: BigInteger.fromDERInteger(decode.s)
+    },
+    hashType: hashType
+  }
+}
+
+function fromRSBuffer (buffer) {
+  typeforce(types.BufferN(64), buffer)
+
+  var r = BigInteger.fromBuffer(buffer.slice(0, 32))
+  var s = BigInteger.fromBuffer(buffer.slice(32, 64))
+  return { r: r, s: s }
+}
+
+function encode (signature, hashType) {
+  var hashTypeMod = hashType & ~0x80
+  if (hashTypeMod <= 0 || hashTypeMod >= 4) throw new Error('Invalid hashType ' + hashType)
+
+  var hashTypeBuffer = new Buffer(1)
+  hashTypeBuffer.writeUInt8(hashType, 0)
+
+  var r = new Buffer(signature.r.toDERInteger())
+  var s = new Buffer(signature.s.toDERInteger())
+
+  return Buffer.concat([
+    bip66.encode(r, s),
+    hashTypeBuffer
+  ])
+}
+
+module.exports = {
+  fromRSBuffer,
+  decode: decode,
+  encode: encode
+}

src/script_signature.js

@@ -12,7 +12,6 @@ var SIGNABLE = [btemplates.types.P2PKH, btemplates.types.P2PK, btemplates.types.
 var P2SH = SIGNABLE.concat([btemplates.types.P2WPKH, btemplates.types.P2WSH])
 
 var ECPair = require('./ecpair')
-var ECSignature = require('./ecsignature')
 var Transaction = require('./transaction')
 
 function supportedType (type) {
@@ -190,7 +189,7 @@ function fixMultisigOrder (input, transaction, vin) {
       if (!signature) return false
 
       // TODO: avoid O(n) hashForSignature
-      var parsed = ECSignature.parseScriptSignature(signature)
+      var parsed = bscript.signature.decode(signature)
       var hash = transaction.hashForSignature(vin, input.redeemScript, parsed.hashType)
 
       // skip if signature does not match pubKey
@@ -717,9 +716,9 @@ TransactionBuilder.prototype.sign = function (vin, keyPair, redeemScript, hashTy
     )) throw new Error('BIP143 rejects uncompressed public keys in P2WPKH or P2WSH')
 
     var signature = keyPair.sign(signatureHash)
-    if (Buffer.isBuffer(signature)) signature = ECSignature.fromRSBuffer(signature)
+    if (Buffer.isBuffer(signature)) signature = bscript.signature.fromRSBuffer(signature)
 
-    input.signatures[i] = signature.toScriptSignature(hashType)
+    input.signatures[i] = bscript.signature.encode(signature, hashType)
     return true
   })
 

src/transaction_builder.js

@@ -198,13 +198,14 @@ describe('Bitcoin-core', function () {
     })
   })
 
-  describe('ECSignature.parseScriptSignature', function () {
+  describe('script.signature.decode', function () {
     sigCanonical.forEach(function (hex) {
       var buffer = Buffer.from(hex, 'hex')
 
       it('can parse ' + hex, function () {
-        var parsed = bitcoin.ECSignature.parseScriptSignature(buffer)
-        var actual = parsed.signature.toScriptSignature(parsed.hashType)
+        var parsed = bitcoin.script.signature.decode(buffer)
+        var actual = bitcoin.script.signature.encode(parsed.signature, parsed.hashType)
+
         assert.strictEqual(actual.toString('hex'), hex)
       })
     })
@@ -218,7 +219,7 @@ describe('Bitcoin-core', function () {
 
       it('throws on ' + description, function () {
         assert.throws(function () {
-          bitcoin.ECSignature.parseScriptSignature(buffer)
+          bitcoin.script.signature.decode(buffer)
         }, /Expected DER (integer|sequence)|(R|S) value (excessively padded|is negative)|(R|S|DER sequence) length is (zero|too short|too long|invalid)|Invalid hashType/)
       })
     })

test/bitcoin.core.js

@@ -2,17 +2,31 @@
 
 var assert = require('assert')
 var bcrypto = require('../src/crypto')
+var bscript = require('../src/script')
 var ecdsa = require('../src/ecdsa')
 var hoodwink = require('hoodwink')
 
 var BigInteger = require('bigi')
-var ECSignature = require('../src/ecsignature')
 
 var curve = ecdsa.__curve
 
 var fixtures = require('./fixtures/ecdsa.json')
 
 describe('ecdsa', function () {
+  function fromRaw (signature) {
+    return {
+      r: new BigInteger(signature.r, 16),
+      s: new BigInteger(signature.s, 16)
+    }
+  }
+
+  function toRaw (signature) {
+    return {
+      r: signature.r.toHex(),
+      s: signature.s.toHex()
+    }
+  }
+
   describe('deterministicGenerateK', function () {
     function checkSig () {
       return true
@@ -80,9 +94,9 @@ describe('ecdsa', function () {
       it('produces a deterministic signature for "' + f.message + '"', function () {
         var d = BigInteger.fromHex(f.d)
         var hash = bcrypto.sha256(f.message)
-        var signature = ecdsa.sign(hash, d).toDER()
+        var signature = ecdsa.sign(hash, d)
 
-        assert.strictEqual(signature.toString('hex'), f.signature)
+        assert.deepEqual(toRaw(signature), f.signature)
       })
     })
 
@@ -101,7 +115,7 @@ describe('ecdsa', function () {
       it('verifies a valid signature for "' + f.message + '"', function () {
         var d = BigInteger.fromHex(f.d)
         var H = bcrypto.sha256(f.message)
-        var signature = ECSignature.fromDER(Buffer.from(f.signature, 'hex'))
+        var signature = fromRaw(f.signature)
         var Q = curve.G.multiply(d)
 
         assert(ecdsa.verify(H, signature, Q))
@@ -112,14 +126,7 @@ describe('ecdsa', function () {
       it('fails to verify with ' + f.description, function () {
         var H = bcrypto.sha256(f.message)
         var d = BigInteger.fromHex(f.d)
-
-        var signature
-        if (f.signature) {
-          signature = ECSignature.fromDER(Buffer.from(f.signature, 'hex'))
-        } else if (f.signatureRaw) {
-          signature = new ECSignature(new BigInteger(f.signatureRaw.r, 16), new BigInteger(f.signatureRaw.s, 16))
-        }
-
+        var signature = fromRaw(f.signature)
         var Q = curve.G.multiply(d)
 
         assert.strictEqual(ecdsa.verify(H, signature, Q), false)