diff options
-rw-r--r-- | circle.yml | 4 | ||||
-rw-r--r-- | package.json | 4 | ||||
-rw-r--r-- | src/ts/0x.js.ts | 31 | ||||
-rw-r--r-- | src/ts/globals.d.ts | 11 | ||||
-rw-r--r-- | test/0x.js.ts | 71 |
5 files changed, 114 insertions, 7 deletions
diff --git a/circle.yml b/circle.yml index 7a97d756c..65db7c29a 100644 --- a/circle.yml +++ b/circle.yml @@ -1,3 +1,7 @@ +machine: + node: + version: 6.1.0 + test: override: - npm run test:coverage diff --git a/package.json b/package.json index 340e042ce..2f345a3f1 100644 --- a/package.json +++ b/package.json @@ -33,6 +33,7 @@ "devDependencies": { "@types/chai": "^3.5.2", "@types/mocha": "^2.2.41", + "@types/node": "^7.0.22", "awesome-typescript-loader": "^3.1.3", "chai": "^3.5.0", "mocha": "^3.4.1", @@ -46,5 +47,8 @@ "typedoc": "^0.7.1", "typescript": "^2.3.3", "webpack": "^2.6.0" + }, + "dependencies": { + "ethereumjs-util": "^5.1.1" } } diff --git a/src/ts/0x.js.ts b/src/ts/0x.js.ts index 95446ad74..dd67c49a0 100644 --- a/src/ts/0x.js.ts +++ b/src/ts/0x.js.ts @@ -1,6 +1,31 @@ +import * as ethUtil from 'ethereumjs-util'; + +/** + * Elliptic Curve signature + */ +export interface ECSignature { + v: number; + r: string; + s: string; +} + export class ZeroEx { - /** Verifies the signature */ - public verifySignature() { - // TODO + /** + * Verifies that the elliptic curve signature `signature` was generated + * by signing `data` with the private key corresponding to the `signer` address. + */ + public static isValidSignature(data: string, signature: ECSignature, signer: ETHAddressHex): boolean { + const dataBuff = ethUtil.toBuffer(data); + const msgHashBuff = ethUtil.hashPersonalMessage(dataBuff); + try { + const pubKey = ethUtil.ecrecover(msgHashBuff, + signature.v, + ethUtil.toBuffer(signature.r), + ethUtil.toBuffer(signature.s)); + const retrievedAddress = ethUtil.bufferToHex(ethUtil.pubToAddress(pubKey)); + return retrievedAddress === signer; + } catch (err) { + return false; + } } } diff --git a/src/ts/globals.d.ts b/src/ts/globals.d.ts new file mode 100644 index 000000000..0f7391b39 --- /dev/null +++ b/src/ts/globals.d.ts @@ -0,0 +1,11 @@ +declare type ETHPublicKey = string; +declare type ETHAddressHex = string; +declare type ETHAddressBuff = Buffer; + +declare module 'ethereumjs-util' { + const toBuffer: (data: string) => Buffer; + const hashPersonalMessage: (msg: Buffer) => Buffer; + const bufferToHex: (buff: Buffer) => string; + const ecrecover: (msgHashBuff: Buffer, v: number, r: Buffer, s: Buffer) => ETHPublicKey; + const pubToAddress: (pubKey: ETHPublicKey) => ETHAddressBuff; +} diff --git a/test/0x.js.ts b/test/0x.js.ts index 65475bf32..d59df8894 100644 --- a/test/0x.js.ts +++ b/test/0x.js.ts @@ -3,10 +3,73 @@ import {expect} from 'chai'; import 'mocha'; describe('ZeroEx library', () => { - describe('#verifySignature', () => { - it('should return undefined', () => { - const zeroEx = new ZeroEx(); - expect(zeroEx.verifySignature()).to.be.undefined; + describe('#isValidSignature', () => { + // This test data was borrowed from the JSON RPC documentation + // Source: https://github.com/ethereum/wiki/wiki/JSON-RPC#eth_sign + const data = '0xdeadbeaf'; + const signature = { + v: 27, + r: '0xa3f20717a250c2b0b729b7e5becbff67fdaef7e0699da4de7ca5895b02a170a1', + s: '0x2d887fd3b17bfdce3481f10bea41f45ba9f709d39ce8325427b57afcfc994cee', + }; + const address = '0x9b2055d370f73ec7d8a03e965129118dc8f5bf83'; + describe('should return false for malformed signature', () => { + it('malformed v', () => { + const malformedSignature = { + v: 34, + r: signature.r, + s: signature.s, + }; + const isValid = ZeroEx.isValidSignature(data, malformedSignature, address); + expect(isValid).to.be.false; + }); + it('r lacks 0x prefix', () => { + const malformedR = signature.r.replace('0x', ''); + const malformedSignature = { + v: signature.v, + r: malformedR, + s: signature.s, + }; + const isValid = ZeroEx.isValidSignature(data, malformedSignature, address); + expect(isValid).to.be.false; + }); + it('r is too short', () => { + const malformedR = signature.r.substr(10); + const malformedSignature = { + v: signature.v, + r: malformedR, + s: signature.s, + }; + const isValid = ZeroEx.isValidSignature(data, malformedSignature, address); + expect(isValid).to.be.false; + }); + it('s is not hex', () => { + const malformedS = signature.s.replace('0', 'z'); + const malformedSignature = { + v: signature.v, + r: signature.r, + s: malformedS, + }; + const isValid = ZeroEx.isValidSignature(data, malformedSignature, address); + expect(isValid).to.be.false; + }); + }); + it('should return false if the data doesn\'t pertain to the signature & address', () => { + const isValid = ZeroEx.isValidSignature('wrong data', signature, address); + expect(isValid).to.be.false; + }); + it('should return false if the address doesn\'t pertain to the signature & data', () => { + const isValid = ZeroEx.isValidSignature(data, signature, '0xIamWrong'); + expect(isValid).to.be.false; + }); + it('should return false if the signature doesn\'t pertain to the data & address', () => { + const wrongSignature = Object.assign({}, signature, {v: 28}); + const isValid = ZeroEx.isValidSignature(data, wrongSignature, address); + expect(isValid).to.be.false; + }); + it('should return true if the signature does pertain to the data & address', () => { + const isValid = ZeroEx.isValidSignature(data, signature, address); + expect(isValid).to.be.true; }); }); }); |