diff --git a/src/index.ts b/src/index.ts index a13f1a5..c4d10c1 100644 --- a/src/index.ts +++ b/src/index.ts @@ -3,8 +3,8 @@ * @author Johan Nordberg */ -import {hexify, PrivateKey} from '@steemit/libcrypto' -import {createHash, randomBytes} from 'crypto' +import {hexify, PrivateKey, sjcl} from '@steemit/libcrypto' +import {randomBytes} from 'crypto' /** * Signing constant used to reserve opcode space and prevent cross-protocol attacks. @@ -66,6 +66,11 @@ class ValidationError extends Error { } +function bufferToBits(b: Buffer) { + const ab = b.buffer.slice(b.byteOffset, b.byteOffset + b.byteLength) + return sjcl.codec.arrayBuffer.toBits(ab) +} + /** * Create request hash to be signed. * @@ -77,20 +82,20 @@ class ValidationError extends Error { * * @returns bytes to be signed or validated. */ -function hashMessage(timestamp: string, account: string, method: string, +export function hashMessage(timestamp: string, account: string, method: string, params: string, nonce: Buffer): Buffer { - const first = createHash('sha256') + const first = new sjcl.hash.sha256() first.update(timestamp) first.update(account) first.update(method) first.update(params) - const second = createHash('sha256') - second.update(K) - second.update(first.digest()) - second.update(nonce) + const second = new sjcl.hash.sha256() + second.update(bufferToBits(K)) + second.update(first.finalize()) + second.update(bufferToBits(nonce)) - return second.digest() + return Buffer.from(sjcl.codec.arrayBuffer.fromBits(second.finalize())) } /** diff --git a/test/index.ts b/test/index.ts index fffbbf0..d9fd678 100644 --- a/test/index.ts +++ b/test/index.ts @@ -4,7 +4,7 @@ import {randomBytes} from 'crypto' import * as fetch from 'node-fetch' import {PrivateKey, Client, utils, Signature} from 'dsteem' -import {sign, validate, JsonRpcRequest, VerifyMessage, SignedJsonRpcRequest} from './../src/' +import {sign, validate, JsonRpcRequest, VerifyMessage, SignedJsonRpcRequest, hashMessage} from './../src/' const dummyVerify: VerifyMessage = async (message: Buffer, signatures: string[], account: string) => {} @@ -258,3 +258,15 @@ describe('rpc auth', function() { }) }) + +describe('hashMessage', function() { + + const expected = '04d1b962e951babf44b1bb161d9ba97aa526aa633bf31505c2ccb593a895ac42' + + it('creates correct message', function() { + const nonce = Buffer.from('29a0132f4b950adb', 'hex') + const hash = hashMessage('2018-01-15T12:34:56Z', 'foo', 'bar.baz', 'WyJxZXgiXQo=', nonce) + assert.equal(hash.toString('hex'), expected) + }) + +})