From a6b1e8bdb0649c3a9946cb8042bbf627e9cabef9 Mon Sep 17 00:00:00 2001 From: Christopher Jeffrey Date: Thu, 18 Feb 2016 02:22:06 -0800 Subject: [PATCH] recover keys. --- lib/bcoin/script.js | 64 ++++++++++++++++++++++++++++++++++----------- 1 file changed, 49 insertions(+), 15 deletions(-) diff --git a/lib/bcoin/script.js b/lib/bcoin/script.js index 3574d513..897f0d18 100644 --- a/lib/bcoin/script.js +++ b/lib/bcoin/script.js @@ -1740,6 +1740,23 @@ script.getOuputMN = function getOuputMN(s) { return { m: 1, n: 1 }; }; +script.recoverKey = function recoverKey(sig, msg) { + var key; + + try { + key = bcoin.ecdsa.recoverPubKey(msg, sig.slice(0, -1), 0); + } catch (e) { + return; + } + + return bcoin.ecdsa.keyPair({ pub: key }).getPublic(true, 'array'); +}; + +script.guessKey = function guessKey(sig, prev, tx, i) { + var msg = tx.signatureHash(i, prev, sig[sig.length - 1]); + return script.recoverKey(sig, msg); +}; + script.isPubkey = function isPubkey(s, key) { var res; @@ -1894,7 +1911,7 @@ script.getInputType = function getInputType(s, prev) { || null; }; -script.isPubkeyInput = function isPubkeyInput(s, key, tx, i) { +script.isPubkeyInput = function isPubkeyInput(s, key, tx, index) { if (s.length !== 1) return false; @@ -1906,11 +1923,17 @@ script.isPubkeyInput = function isPubkeyInput(s, key, tx, i) { // This will only work if the script verifies. if (key) { assert(tx); - assert(i != null); - if (!script.verify(s, [key, 'checksig'], tx, i)) + assert(index != null); + if (!script.verify(s, [key, 'checksig'], tx, index)) return false; } + // if (key) { + // var recovered; + // recovered = script.guessKey(s[0], [key, 'checksig'], tx, index); + // return utils.isEqual(key, recovered || []); + // } + return true; }; @@ -1932,8 +1955,8 @@ script.isPubkeyhashInput = function isPubkeyhashInput(s, key) { return true; }; -script.isMultisigInput = function isMultisigInput(s, keys, tx, i) { - var i, o; +script.isMultisigInput = function isMultisigInput(s, keys, tx, index) { + var i, prev; // We need to rule out scripthash because // it may look like multisig. This is @@ -1959,20 +1982,31 @@ script.isMultisigInput = function isMultisigInput(s, keys, tx, i) { if (keys) { assert(keys.length >= 2); assert(tx); - assert(i != null); - o = script.createMultisig(keys, s.length - 1, keys.length); - if (!script.verify(s, o, tx, i)) + assert(index != null); + prev = script.createMultisig(keys, s.length - 1, keys.length); + if (!script.verify(s, prev, tx, index)) return false; } // We also also try to recover the keys from the signatures. - // var recovered = []; - // for (i = 1; i < s.length; i++) { - // var sig = s[i]; - // var prev = script.createMultisig(keys, s.length - 1, keys.length); - // var msg = tx.signatureHash(i, prev, s[s.length - 1]); - // var key = bcoin.ecdsa.recoverPubKey(msg, sig.slice(0, -1), 0).toArray(); - // recovered.push(key); + // if (keys) { + // var prev, recovered, j, total; + // recovered = []; + // total = 0; + // for (i = 1; i < s.length; i++) { + // prev = script.createMultisig(keys, s.length - 1, keys.length); + // recovered.push(script.guessKey(s[i], prev, tx, index) || []); + // } + // for (i = 0; i < recovered.length; i++) { + // for (j = 0; j < keys.length; j++) { + // if (utils.isEqual(recovered[i], keys[j])) { + // total++; + // break; + // } + // } + // } + // if (total !== s.length - 1) + // return false; // } return true;