From dbeab00365a837ee2a272cf123acde811202afce Mon Sep 17 00:00:00 2001 From: "Ryan X. Charles" Date: Sun, 4 Jan 2015 11:04:03 -0800 Subject: [PATCH] bug in bn.js - upgrade to latest bug-fixed version This upgrades bn.js due to a bug that results in incorrect point multiplication, and therefore incorrect public keys and addresses, in some cases.. See these discussions: https://github.com/bitpay/bitcore/pull/894 https://github.com/indutny/elliptic/issues/17 https://github.com/indutny/elliptic/pull/18 https://github.com/indutny/elliptic/pull/19 https://github.com/indutny/bn.js/commit/3557d780b07ed0ed301e128f326f83c2226fb679 Furthermore, the getG function is update to return the value of G that has precomputed values, as per the above discussions. --- lib/point.js | 4 ++-- npm-shrinkwrap.json | 12 ++++++------ package.json | 2 +- test/point.js | 21 +++++++++++++++++++++ 4 files changed, 30 insertions(+), 9 deletions(-) diff --git a/lib/point.js b/lib/point.js index ece84663..1f22760e 100644 --- a/lib/point.js +++ b/lib/point.js @@ -62,8 +62,8 @@ Point.prototype.fromString = function(str) { }; Point.getG = function() { - var p = Point(ec.curve.g.getX(), ec.curve.g.getY()); - return p; + var g = ec.curve.g; + return g; }; Point.getN = function() { diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index efeedf4a..b5e2c09a 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -8,9 +8,9 @@ "resolved": "https://registry.npmjs.org/aes/-/aes-0.1.0.tgz" }, "bn.js": { - "version": "0.16.0", - "from": "bn.js@=0.16.0", - "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-0.16.0.tgz" + "version": "0.16.1", + "from": "bn.js@=0.16.1", + "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-0.16.1.tgz" }, "bs58": { "version": "1.2.1", @@ -19,17 +19,17 @@ }, "elliptic": { "version": "0.16.0", - "from": "elliptic@=0.16.0", + "from": "https://registry.npmjs.org/elliptic/-/elliptic-0.16.0.tgz", "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-0.16.0.tgz", "dependencies": { "brorand": { "version": "1.0.5", - "from": "brorand@^1.0.1", + "from": "https://registry.npmjs.org/brorand/-/brorand-1.0.5.tgz", "resolved": "https://registry.npmjs.org/brorand/-/brorand-1.0.5.tgz" }, "inherits": { "version": "2.0.1", - "from": "inherits@^2.0.1", + "from": "https://registry.npmjs.org/inherits/-/inherits-2.0.1.tgz", "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.1.tgz" } } diff --git a/package.json b/package.json index ff19a6aa..20bba7f7 100644 --- a/package.json +++ b/package.json @@ -65,7 +65,7 @@ }, "dependencies": { "aes": "=0.1.0", - "bn.js": "=0.16.0", + "bn.js": "=0.16.1", "bs58": "=1.2.1", "elliptic": "=0.16.0", "hash.js": "=0.3.2", diff --git a/test/point.js b/test/point.js index 88544ccb..2e6c5b93 100644 --- a/test/point.js +++ b/test/point.js @@ -150,6 +150,27 @@ describe('Point', function() { b.getY().toString().should.equal('32670510020758816978083085130507043184471273380659243275938904335757337482424'); }); + it('should accurate multiply this problematic value related to a bug in bn.js', function() { + // see these discussions: + // https://github.com/bitpay/bitcore/pull/894 + // https://github.com/indutny/elliptic/issues/17 + // https://github.com/indutny/elliptic/pull/18 + // https://github.com/indutny/elliptic/pull/19 + // https://github.com/indutny/bn.js/commit/3557d780b07ed0ed301e128f326f83c2226fb679 + var nhex = '6d1229a6b24c2e775c062870ad26bc261051e0198c67203167273c7c62538846'; + var n = BN(nhex, 16); + var g1 = Point.getG(); // precomputed g + var g2 = Point().fromX(false, BN('79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798', 16)); //non-precomputed g + var p1 = g1.mul(n); + var p2 = g2.mul(n); + var pxhex = 'd6106302d2698d6a41e9c9a114269e7be7c6a0081317de444bb2980bf9265a01'; + var pyhex = 'e05fb262e64b108991a29979809fcef9d3e70cafceb3248c922c17d83d66bc9d'; + p1.getX().toBuffer().toString('hex').should.equal(pxhex); + p1.getY().toBuffer().toString('hex').should.equal(pyhex); + p2.getX().toBuffer().toString('hex').should.equal(pxhex); + p2.getY().toBuffer().toString('hex').should.equal(pyhex); + }); + }); describe('@fromX', function() {