2018-06-13 22:39:39 +03:00
|
|
|
'use strict';
|
|
|
|
|
2018-07-17 08:44:04 +03:00
|
|
|
|
2018-06-23 03:30:50 +03:00
|
|
|
|
2018-06-17 23:32:57 +03:00
|
|
|
import { getAddress } from './address';
|
2018-07-13 03:11:32 +03:00
|
|
|
|
2018-07-17 08:44:04 +03:00
|
|
|
import { arrayify, hexlify, hexZeroPad, splitSignature } from './bytes';
|
|
|
|
import { hashMessage } from './hash';
|
2018-06-17 23:32:57 +03:00
|
|
|
import { keccak256 } from './keccak256';
|
2018-06-17 23:47:28 +03:00
|
|
|
import { defineReadOnly } from './properties';
|
2018-06-15 11:18:17 +03:00
|
|
|
|
2018-07-16 10:27:49 +03:00
|
|
|
import { Arrayish, Signature } from './types';
|
|
|
|
|
2018-06-17 23:47:28 +03:00
|
|
|
import * as errors from './errors';
|
2018-06-15 11:18:17 +03:00
|
|
|
|
2018-06-17 23:32:57 +03:00
|
|
|
|
2018-06-15 11:18:17 +03:00
|
|
|
export class KeyPair {
|
|
|
|
|
|
|
|
readonly privateKey: string;
|
|
|
|
|
|
|
|
readonly publicKey: string;
|
|
|
|
readonly compressedPublicKey: string;
|
|
|
|
|
|
|
|
readonly publicKeyBytes: Uint8Array;
|
|
|
|
|
|
|
|
constructor(privateKey: Arrayish) {
|
2018-06-23 03:30:50 +03:00
|
|
|
let keyPair = curve.keyFromPrivate(arrayify(privateKey));
|
2018-06-15 11:18:17 +03:00
|
|
|
|
|
|
|
defineReadOnly(this, 'privateKey', hexlify(keyPair.priv.toArray('be', 32)));
|
|
|
|
defineReadOnly(this, 'publicKey', '0x' + keyPair.getPublic(false, 'hex'));
|
|
|
|
defineReadOnly(this, 'compressedPublicKey', '0x' + keyPair.getPublic(true, 'hex'));
|
|
|
|
defineReadOnly(this, 'publicKeyBytes', keyPair.getPublic().encode(null, true));
|
|
|
|
}
|
|
|
|
|
|
|
|
sign(digest: Arrayish): Signature {
|
2018-06-23 03:30:50 +03:00
|
|
|
let keyPair = curve.keyFromPrivate(arrayify(this.privateKey));
|
2018-06-15 11:18:17 +03:00
|
|
|
let signature = keyPair.sign(arrayify(digest), {canonical: true});
|
|
|
|
return {
|
|
|
|
recoveryParam: signature.recoveryParam,
|
2018-06-18 12:42:41 +03:00
|
|
|
r: hexZeroPad('0x' + signature.r.toString(16), 32),
|
|
|
|
s: hexZeroPad('0x' + signature.s.toString(16), 32),
|
2018-06-17 23:32:57 +03:00
|
|
|
v: 27 + signature.recoveryParam
|
2018-06-15 11:18:17 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
export function recoverPublicKey(digest: Arrayish, signature: Signature): string {
|
|
|
|
let sig = {
|
|
|
|
r: arrayify(signature.r),
|
|
|
|
s: arrayify(signature.s)
|
|
|
|
};
|
2018-06-17 23:32:57 +03:00
|
|
|
return '0x' + curve.recoverPubKey(arrayify(digest), sig, signature.recoveryParam).encode('hex', false);
|
2018-06-15 11:18:17 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
export function computePublicKey(key: Arrayish, compressed?: boolean): string {
|
|
|
|
|
|
|
|
let bytes = arrayify(key);
|
|
|
|
|
|
|
|
if (bytes.length === 32) {
|
|
|
|
let keyPair: KeyPair = new KeyPair(bytes);
|
|
|
|
if (compressed) {
|
|
|
|
return keyPair.compressedPublicKey;
|
|
|
|
}
|
|
|
|
return keyPair.publicKey;
|
|
|
|
|
|
|
|
} else if (bytes.length === 33) {
|
|
|
|
if (compressed) { return hexlify(bytes); }
|
|
|
|
return '0x' + curve.keyFromPublic(bytes).getPublic(false, 'hex');
|
|
|
|
|
|
|
|
} else if (bytes.length === 65) {
|
|
|
|
if (!compressed) { return hexlify(bytes); }
|
|
|
|
return '0x' + curve.keyFromPublic(bytes).getPublic(true, 'hex');
|
|
|
|
}
|
|
|
|
|
|
|
|
errors.throwError('invalid public or private key', errors.INVALID_ARGUMENT, { arg: 'key', value: '[REDACTED]' });
|
|
|
|
return null;
|
|
|
|
}
|
2018-06-13 22:39:39 +03:00
|
|
|
|
2018-06-17 23:32:57 +03:00
|
|
|
export function recoverAddress(digest: Arrayish, signature: Signature): string {
|
|
|
|
return computeAddress(recoverPublicKey(digest, signature));
|
|
|
|
}
|
|
|
|
|
|
|
|
export function computeAddress(key: string): string {
|
|
|
|
// Strip off the leading "0x04"
|
|
|
|
let publicKey = '0x' + computePublicKey(key).slice(4);
|
|
|
|
return getAddress('0x' + keccak256(publicKey).substring(26));
|
|
|
|
}
|
2018-07-17 08:44:04 +03:00
|
|
|
|
|
|
|
|
|
|
|
export function verifyMessage(message: Arrayish | string, signature: Signature | string): string {
|
|
|
|
let sig = splitSignature(signature);
|
|
|
|
let digest = hashMessage(message);
|
|
|
|
|
|
|
|
return recoverAddress(
|
|
|
|
digest,
|
|
|
|
{
|
|
|
|
r: sig.r,
|
|
|
|
s: sig.s,
|
|
|
|
recoveryParam: sig.recoveryParam
|
|
|
|
}
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
// !!!!!! IMPORTANT !!!!!!!!
|
|
|
|
//
|
|
|
|
// This import MUST be at the bottom, otehrwise browserify executes several imports
|
|
|
|
// BEFORE they are exported, resulting in undefined
|
|
|
|
|
|
|
|
import { ec as EC } from 'elliptic';
|
|
|
|
const curve = new EC('secp256k1');
|
|
|
|
|
|
|
|
export const N = '0x' + curve.n.toString(16);
|