From ddcde038d0aee07bd550cd27b61d12bf921d0813 Mon Sep 17 00:00:00 2001 From: Daniel Cousens Date: Fri, 11 Jul 2014 16:33:39 +1000 Subject: [PATCH 1/3] HDNode: enforces sane seed lengths --- src/hdnode.js | 4 ++++ test/hdnode.js | 12 ++++++++++++ 2 files changed, 16 insertions(+) diff --git a/src/hdnode.js b/src/hdnode.js index abb3ec348..a3aa5efb1 100644 --- a/src/hdnode.js +++ b/src/hdnode.js @@ -51,6 +51,10 @@ HDNode.HIGHEST_BIT = 0x80000000 HDNode.LENGTH = 78 HDNode.fromSeedBuffer = function(seed, network) { + assert(Buffer.isBuffer(seed), 'Expected Buffer, got' + seed) + assert(seed.length >= 16, 'Seed should be atleast 128 bits') + assert(seed.length <= 64, 'Seed should be atmost 512 bits') + var I = crypto.HmacSHA512(seed, HDNode.MASTER_SECRET) var IL = I.slice(0, 32) var IR = I.slice(32) diff --git a/test/hdnode.js b/test/hdnode.js index 822a8ce81..f4011ac73 100644 --- a/test/hdnode.js +++ b/test/hdnode.js @@ -65,6 +65,18 @@ describe('HDNode', function() { assert.equal(hd.chainCode.toString('hex'), f.master.chainCode) }) }) + + it('throws on low entropy seed', function() { + assert.throws(function() { + HDNode.fromSeedHex('ffffffffff') + }, /Seed should be atleast 128 bits/) + }) + + it('throws on too high entropy seed', function() { + assert.throws(function() { + HDNode.fromSeedHex('ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff') + }, /Seed should be atmost 512 bits/) + }) }) describe('toBase58', function() { From 56d9ea66184875f299546bd4a7783a7f3f1beb97 Mon Sep 17 00:00:00 2001 From: Daniel Cousens Date: Fri, 11 Jul 2014 19:15:56 +1000 Subject: [PATCH 2/3] HDNode: fix error spelling --- src/hdnode.js | 4 ++-- test/hdnode.js | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/hdnode.js b/src/hdnode.js index a3aa5efb1..627b67dcf 100644 --- a/src/hdnode.js +++ b/src/hdnode.js @@ -52,8 +52,8 @@ HDNode.LENGTH = 78 HDNode.fromSeedBuffer = function(seed, network) { assert(Buffer.isBuffer(seed), 'Expected Buffer, got' + seed) - assert(seed.length >= 16, 'Seed should be atleast 128 bits') - assert(seed.length <= 64, 'Seed should be atmost 512 bits') + assert(seed.length >= 16, 'Seed should be at least 128 bits') + assert(seed.length <= 64, 'Seed should be at most 512 bits') var I = crypto.HmacSHA512(seed, HDNode.MASTER_SECRET) var IL = I.slice(0, 32) diff --git a/test/hdnode.js b/test/hdnode.js index f4011ac73..bc951a288 100644 --- a/test/hdnode.js +++ b/test/hdnode.js @@ -69,13 +69,13 @@ describe('HDNode', function() { it('throws on low entropy seed', function() { assert.throws(function() { HDNode.fromSeedHex('ffffffffff') - }, /Seed should be atleast 128 bits/) + }, /Seed should be at least 128 bits/) }) it('throws on too high entropy seed', function() { assert.throws(function() { HDNode.fromSeedHex('ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff') - }, /Seed should be atmost 512 bits/) + }, /Seed should be at most 512 bits/) }) }) From a90a8e061ed11a3ba6aaba79e8d2271a57a23f71 Mon Sep 17 00:00:00 2001 From: Daniel Cousens Date: Fri, 11 Jul 2014 19:18:27 +1000 Subject: [PATCH 3/3] Transaction: add assertion that scriptPubKey exists --- src/transaction.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/transaction.js b/src/transaction.js index 0926b84e1..80393b974 100644 --- a/src/transaction.js +++ b/src/transaction.js @@ -84,9 +84,11 @@ Transaction.prototype.addOutput = function(scriptPubKey, value) { scriptPubKey = address.toOutputScript() } + assert(scriptPubKey instanceof Script, 'Expected Address or Script, got ' + scriptPubKey) + return (this.outs.push({ script: scriptPubKey, - value: value, + value: value }) - 1) }