support hybrid keys. see indutny/elliptic#91.

2016-05-25 02:42:33 -07:00 · 2016-05-25 02:42:33 -07:00 · 77d7916f1e
commit 77d7916f1e
parent 2738a4ed5d
1 changed files with 36 additions and 16 deletions
--- a/lib/bcoin/ec.js
+++ b/lib/bcoin/ec.js
@ -120,6 +120,8 @@ ec.rand = function rand(min, max) {
 */

 ec.verify = function verify(msg, sig, key, historical, high) {
+  var hybrid, result;
+
  if (key.getPublicKey)
    key = key.getPublicKey();

@ -140,28 +142,46 @@ ec.verify = function verify(msg, sig, key, historical, high) {
  if (historical)
    sig = ec.normalizeLength(sig);

-  try {
-    if (secp256k1) {
-      // secp256k1 fails on high s values. This is
-      // bad for verifying historical data.
-      if (high)
-        sig = ec.toLowS(sig);
+  if (secp256k1) {
+    // secp256k1 fails on high s values. This is
+    // bad for verifying historical data.
+    if (high)
+      sig = ec.toLowS(sig);

+    try {
      // Import from DER.
      sig = secp256k1.signatureImport(sig);
-
-      return secp256k1.verify(msg, sig, key);
+      result = secp256k1.verify(msg, sig, key);
+    } catch (e) {
+      result = false;
    }

-    // Make elliptic mimic secp256k1's
-    // failure with high S values.
-    if (!high && !ec.isLowS(sig))
-      return false;
-
-    return ec.elliptic.verify(msg, sig, key);
-  } catch (e) {
-    return false;
+    return result;
  }
+
+  // Make elliptic mimic secp256k1's
+  // failure with high S values.
+  if (!high && !ec.isLowS(sig))
+    return false;
+
+  // Elliptic does not support
+  // openssl's "hybrid" keys yet.
+  if (key[0] === 0x06 || key[0] === 0x07) {
+    hybrid = key[0];
+    key[0] = 0x04;
+  }
+
+  try {
+    result = ec.elliptic.verify(msg, sig, key);
+  } catch (e) {
+    result = false;
+  }
+
+  // Reset the byte if we need to.
+  if (hybrid != null)
+    key[0] = hybrid;
+
+  return result;
 };

 /**