From ffa22eea55e4d93ac42af91ae8e83a0e48d8138e Mon Sep 17 00:00:00 2001 From: Gustavo Maximiliano Cortez Date: Thu, 2 Apr 2020 10:22:44 -0300 Subject: [PATCH 1/3] fix(sign-input): invalid appIdentity for bp card --- .gitignore | 27 +++++++++++++++++++++++++++ .travis.yml | 19 ------------------- README.md | 28 ---------------------------- bower.json | 29 ----------------------------- browserify.js | 14 -------------- karma.conf.js | 24 ++++++++++++++++++++++++ lib/bitauth-browserify.js | 7 ++++--- package.json | 11 +++++++++-- 8 files changed, 64 insertions(+), 95 deletions(-) delete mode 100644 .travis.yml delete mode 100644 bower.json delete mode 100644 browserify.js create mode 100644 karma.conf.js diff --git a/.gitignore b/.gitignore index acb3481..47b3907 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,31 @@ node_modules ./bitauth.min.js ./tests.js +# OSX +.DS_Store +.AppleDouble +.LSOverride + +# Thumbnails +._* + +# Files that might appear on external disk +.Spotlight-V100 +.Trashes + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk + +# VIM ignore + +[._]*.s[a-w][a-z] +[._]s[a-w][a-z] +*.un~ +Session.vim +.netrwhist +*~ diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index fc5f4b2..0000000 --- a/.travis.yml +++ /dev/null @@ -1,19 +0,0 @@ -language: node_js -sudo: false -compiler: - - gcc -addons: - apt: - sources: - - ubuntu-toolchain-r-test - packages: - - g++-6 -node_js: - - '8' - - '10' - - '12' -before_install: - - export CXX="g++-6" -install: - - npm install -script: npm run test diff --git a/README.md b/README.md index dbe12ce..218c13b 100644 --- a/README.md +++ b/README.md @@ -18,12 +18,6 @@ Install with Node.js: npm install bitauth ``` -To generate a browser bundle, you can then run: - -```bash -gulp browser -``` - ## Advantages over other authentication mechanisms * By signing each request, man in the middle attacks are impossible. @@ -199,25 +193,3 @@ BitAuth exposes a connect middleware for use in connect or ExpressJS application var bitauth = require('bitauth'); app.use( bitauth.middleware ); ``` - -## Development - -To build a browser compatible version of BitAuth, run the following command from the project's root directory: - -```bash -gulp browser -``` - -This will output `bitauth.min.js` to project directory. The script can be loaded using `require('bitauth')`. - -To then run tests for a web browser: - -```bash -gulp test:browser -``` - -To run tests for Node.js: - -```bash -gulp test:node -``` diff --git a/bower.json b/bower.json deleted file mode 100644 index 80fa544..0000000 --- a/bower.json +++ /dev/null @@ -1,29 +0,0 @@ -{ - "name": "bitauth", - "main": "./bitauth.min.js", - "version": "0.4.0", - "homepage": "https://github.com/bitpay/bitauth", - "authors": [ - "BitPay, Inc." - ], - "description": "Passwordless authentication using Bitcoin cryptography", - "moduleType": [ - "globals" - ], - "keywords": [ - "bitcoin", - "bitcore", - "btc", - "satoshi" - ], - "license": "MIT", - "ignore": [ - "**/.*", - "CONTRIBUTING.md", - "gulpfile.js", - "lib", - "index.js", - "karma.conf.js", - "test" - ] -} diff --git a/browserify.js b/browserify.js deleted file mode 100644 index 604f4c3..0000000 --- a/browserify.js +++ /dev/null @@ -1,14 +0,0 @@ -const fs = require('fs'); -const browserify = require('browserify'); -const minifyStream = require('minify-stream'); - -// This currently generates the dist files but there are no tests done - -browserify('index.js') - .bundle() - .pipe(fs.createWriteStream('./dist/bitauth.js')); - -fs.createReadStream('./dist/bitauth.js') - .pipe(minifyStream({ sourceMap: false })) - .pipe(fs.createWriteStream('./dist/bitauth.min.js')); - diff --git a/karma.conf.js b/karma.conf.js new file mode 100644 index 0000000..63c075b --- /dev/null +++ b/karma.conf.js @@ -0,0 +1,24 @@ +module.exports = function(config) { + config.set({ + basePath: './', + frameworks: ['browserify', 'mocha'], + files: [ + 'test/*.js' + ], + exclude: [ + ], + preprocessors: { + 'test/*.js': [ 'browserify' ] + }, + browserify: { + debug: true + }, + reporters: ['progress'], + port: 9876, + colors: true, + logLevel: config.LOG_INFO, + autoWatch: false, + browsers: ['Chrome'], + singleRun: true + }) +} diff --git a/lib/bitauth-browserify.js b/lib/bitauth-browserify.js index 9025dc8..119e88b 100644 --- a/lib/bitauth-browserify.js +++ b/lib/bitauth-browserify.js @@ -19,7 +19,7 @@ BitAuth._getPublicKeyFromPrivateKey = function(privkey) { } else { privKeyString = privkey; } - const keys = ecdsa.keyPair(privkey, 'hex'); + const keys = ecdsa.keyFromPrivate(privKeyString, 'hex'); // compressed public key const pubKey = keys.getPublic(); @@ -36,12 +36,13 @@ BitAuth._getPublicKeyFromPrivateKey = function(privkey) { }; BitAuth._sign = function(hashBuffer, privkey) { - const signature = ecdsa.sign(hashBuffer.toString('hex'), privkey); + const keys = ecdsa.keyFromPrivate(privkey, 'hex'); + const signature = keys.sign(hashBuffer.toString('hex')); return signature.toDER('hex'); }; BitAuth._verifySignature = function(hashBuffer, signatureBuffer, pubkey) { - return ecdsa.verify(hashBuffer.toString('hex'), signatureBuffer, pubkey); + return ecdsa.verify(hashBuffer.toString('hex'), signatureBuffer, pubkey, 'hex'); }; module.exports = BitAuth; diff --git a/package.json b/package.json index bbc9ea7..cf31b1d 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,8 @@ } ], "scripts": { - "test": "mocha" + "test": "mocha", + "test-browser": "karma start karma.conf.js" }, "main": "index.js", "version": "0.4.0", @@ -38,8 +39,14 @@ }, "devDependencies": { "benchmark": "^2.1.4", + "browserify": "^16.5.1", "chai": "^4.2.0", - "mocha": "^6.2.2" + "karma": "^4.4.1", + "karma-browserify": "^7.0.0", + "karma-chrome-launcher": "^3.1.0", + "karma-mocha": "^1.3.0", + "mocha": "^6.2.2", + "watchify": "^3.11.1" }, "license": "MIT" } From 7487e2d326b91a26e82ec7f923f53702c9282682 Mon Sep 17 00:00:00 2001 From: Gabriel Date: Mon, 22 Mar 2021 16:36:34 -0300 Subject: [PATCH 2/3] [UPDATE] secp256k1 to version 4.0.2 --- lib/bitauth-node.js | 12 ++++++------ package.json | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/lib/bitauth-node.js b/lib/bitauth-node.js index cd9bf3c..f0f5e02 100644 --- a/lib/bitauth-node.js +++ b/lib/bitauth-node.js @@ -6,7 +6,7 @@ const crypto = require('crypto'); BitAuth._generateRandomPair = function() { const privateKeyBuffer = crypto.randomBytes(32); // may throw error if entropy sources drained - const publicKeyBuffer = secp256k1.publicKeyCreate(privateKeyBuffer, true); + const publicKeyBuffer = Buffer.from(secp256k1.publicKeyCreate(privateKeyBuffer, true)); return [privateKeyBuffer.toString('hex'), publicKeyBuffer.toString('hex')]; }; @@ -17,7 +17,7 @@ BitAuth._getPublicKeyFromPrivateKey = function(privkey) { } else { privateKeyBuffer = Buffer.from(privkey, 'hex'); } - return secp256k1.publicKeyCreate(privateKeyBuffer, true); + return Buffer.from(secp256k1.publicKeyCreate(privateKeyBuffer, true)); }; BitAuth._sign = function(hashBuffer, privkey) { @@ -27,19 +27,19 @@ BitAuth._sign = function(hashBuffer, privkey) { } else { privkeyBuffer = Buffer.from(privkey, 'hex'); } - var signatureInfo = secp256k1.sign(hashBuffer, privkeyBuffer); - return secp256k1.signatureExport(signatureInfo.signature); + var signatureInfo = secp256k1.ecdsaSign(hashBuffer, privkeyBuffer); + return Buffer.from(secp256k1.signatureExport(signatureInfo.signature)); }; BitAuth._verifySignature = function(hashBuffer, signatureBuffer, pubkey) { let pubkeyBuffer; - const signature = secp256k1.signatureNormalize(secp256k1.signatureImportLax(signatureBuffer)); + const signature = secp256k1.signatureNormalize(secp256k1.signatureImport(signatureBuffer)); if (!Buffer.isBuffer(pubkey)){ pubkeyBuffer = Buffer.from(pubkey, 'hex'); } else { pubkeyBuffer = pubkey; } - return !!secp256k1.verify(hashBuffer, signature, pubkeyBuffer); + return !!secp256k1.ecdsaVerify(signature, hashBuffer, pubkeyBuffer); }; module.exports = BitAuth; diff --git a/package.json b/package.json index cf31b1d..3f3c272 100644 --- a/package.json +++ b/package.json @@ -35,7 +35,7 @@ "version": "0.4.0", "dependencies": { "bs58": "^2.0.0", - "secp256k1": "3.7.1" + "secp256k1": "4.0.2" }, "devDependencies": { "benchmark": "^2.1.4", From e5e149510ce3f3bce8b5ab4041d836883e8c36ad Mon Sep 17 00:00:00 2001 From: Dargon789 <64915515+Dargon789@users.noreply.github.com> Date: Sat, 3 Jan 2026 14:05:02 +0700 Subject: [PATCH 3/3] Add .circleci/config.yml --- .circleci/config.yml | 38 ++++++++++++++++++++++++++------------ 1 file changed, 26 insertions(+), 12 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 4a8a9e2..bb68b14 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,17 +1,31 @@ +# Use the latest 2.1 version of CircleCI pipeline process engine. +# See: https://circleci.com/docs/reference/configuration-reference version: 2.1 -orbs: - node: circleci/node@1.1.6 + +# Define a job to be invoked later in a workflow. +# See: https://circleci.com/docs/guides/orchestrate/jobs-steps/#jobs-overview & https://circleci.com/docs/reference/configuration-reference/#jobs jobs: - build-and-test: - executor: - name: node/default + say-hello: + # Specify the execution environment. You can specify an image from Docker Hub or use one of our convenience images from CircleCI's Developer Hub. + # See: https://circleci.com/docs/guides/execution-managed/executor-intro/ & https://circleci.com/docs/reference/configuration-reference/#executor-job + docker: + # Specify the version you desire here + # See: https://circleci.com/developer/images/image/cimg/base + - image: cimg/base:current + + # Add steps to the job + # See: https://circleci.com/docs/guides/orchestrate/jobs-steps/#steps-overview & https://circleci.com/docs/reference/configuration-reference/#steps steps: + # Checkout the code as the first step. - checkout - - node/with-cache: - steps: - - run: npm install - - run: npm test + - run: + name: "Say hello" + command: "echo Hello, World!" + +# Orchestrate jobs using workflows +# See: https://circleci.com/docs/guides/orchestrate/workflows/ & https://circleci.com/docs/reference/configuration-reference/#workflows workflows: - build-and-test: - jobs: - - build-and-test \ No newline at end of file + say-hello-workflow: # This is the name of the workflow, feel free to change it to better match your workflow. + # Inside the workflow, you define the jobs you want to run. + jobs: + - say-hello \ No newline at end of file