Merge pull request #14 from starkbank/fix/signature-range

Fixed signature range

Author: cdottori-stark

.gitignore

@@ -1,3 +1,4 @@
 #Private and public keys
 *.key
 .idea
+node_modules

CHANGELOG.md

@@ -0,0 +1,33 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
+and this project adheres to the following versioning pattern:
+
+Given a version number MAJOR.MINOR.PATCH, increment:
+
+- MAJOR version when **breaking changes** are introduced;
+- MINOR version when **backwards compatible changes** are introduced;
+- PATCH version when backwards compatible bug **fixes** are implemented.
+
+
+## [Unreleased]
+### Fixed
+- Signature r and s range check
+
+## [1.1.2] - 2020-09-27
+### Added
+- package-lock.json
+
+## [1.1.1] - 2020-09-02
+### Changed
+- mocha to dev dependencies in package.json
+
+## [1.1.0] - 2020-08-26
+### Added
+- external randNum override to Ecdsa.sign
+
+## [1.0.0] - 2020-04-15
+### Added
+- first official version

ellipticcurve/ecdsa.js

@@ -32,6 +32,14 @@ exports.verify = function (message, signature, publicKey, hashfunc=sha256) {
     let curve = publicKey.curve;
     let sigR = signature.r;
     let sigS = signature.s;
+
+    if (sigR < 1 || sigR >= curve.N) {
+        return false;
+    }
+    if (sigS < 1 || sigS >= curve.N) {
+        return false;
+    }
+
     let inv = EcdsaMath.inv(sigS, curve.N);
     let u1 = EcdsaMath.multiply(curve.G, modulo((numberMessage.multiply(inv)), curve.N), curve.N, curve.A, curve.P);
     let u2 = EcdsaMath.multiply(publicKey.point, modulo((sigR.multiply(inv)), curve.N), curve.N, curve.A, curve.P);

package-lock.json

@@ -36,4 +36,4 @@
   "devDependencies": {
     "mocha": "^6.2.2"
   }
-}
+}