RubyGems - sibit - Versions diffs - 0.32.3 → 0.32.4 - Mend

sibit 0.32.3 → 0.32.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 196fa93e65ec890ca33a83d3d56358f311d57933e20432e61b5e3df32ae8515d
-  data.tar.gz: 0d02c5a2f773d84dbd13c614c6e52533e88a88dff5c07e4ff304650311ce5a22
+  metadata.gz: addf1c76d3af290c3cdbdaae049db0e9f81fab3b71aed128cd8d284b4b3377e5
+  data.tar.gz: d4654c29684e00847a317bf7203a295f018036438a3c64ac93ba6477c84e1a52
 SHA512:
-  metadata.gz: b62032df000f92c6e58147224c5055c3db2ac1798308022899b0e5a5706b691deb9b948733514bcbbac80e70b2ea9f31e085a1da9557a37fd60076240face315
-  data.tar.gz: 21601d77cf209b9980caef8567321f018efe4442eec5caa96f2e791865519c7499d3f7c64111c01823e90ffeb2ed808608fc7e3387c3fda47d3056612a13449c
+  metadata.gz: 4405e4c542199ea6a4e99e401cb33321ef6048a8d3e7ff424c99f31718d17e8d03928f9922afd80b02e33f1a447a6e7c0042c038226e50078a35b5c237e16801
+  data.tar.gz: 235aa484a4719cdab76cbff47da26b949b25513990b88b12096c8d7081bde1c8bb3331808e144e34b3f2302f1fe462896aff5a60d3a0fcc9a955d9525e58db57

data/lib/sibit/key.rb CHANGED Viewed

@@ -22,12 +22,23 @@ class Sibit
     MIN_PRIV = 0x01
     MAX_PRIV = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364140
+    SECP256K1_N = OpenSSL::BN.new(
+      'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141', 16
+    )
     attr_reader :network
     def self.generate(network: :mainnet)
       key = OpenSSL::PKey::EC.generate('secp256k1')
-      pvt = key.private_key.to_s(16).rjust(64, '0').downcase
-      new(pvt, network: network)
+      pvt = key.private_key
+      raise 'Invalid private key: zero' if pvt.zero?
+      raise 'Invalid private key: out of range' if pvt >= SECP256K1_N
+      raise 'Invalid public key: not on curve' unless key.public_key.on_curve?
+      hex = key.private_key.to_s(16).rjust(64, '0').downcase
+      raise 'Invalid private key encoding' unless hex.match?(/\A[0-9a-f]{64}\z/)
+      trip = OpenSSL::BN.new(hex, 16)
+      raise 'Private key serialization is lossy' unless trip == pvt
+      new(hex, network: network)
     end
     def initialize(privkey, network: nil)
@@ -49,11 +60,17 @@ class Sibit
     def bech32
       hrp = { mainnet: 'bc', testnet: 'tb', regtest: 'bcrt' }[@network]
-      Bech32.encode(hrp, 0, hash160(pub))
+      hex = pub
+      raise 'Invalid public key: not on curve' unless @key.public_key.on_curve?
+      raise 'Invalid public key format' unless hex.match?(/\A0[23][0-9a-f]{64}\z/)
+      Bech32.encode(hrp, 0, hash160(hex))
     end
     def base58
-      hash = hash160(pub)
+      hex = pub
+      raise 'Invalid public key: not on curve' unless @key.public_key.on_curve?
+      raise 'Invalid public key format' unless hex.match?(/\A0[23][0-9a-f]{64}\z/)
+      hash = hash160(hex)
       prefix = @network == :mainnet ? '00' : '6f'
       versioned = "#{prefix}#{hash}"
       checksum = Base58.new(versioned).check

data/lib/sibit/version.rb CHANGED Viewed

@@ -9,5 +9,5 @@
 # License:: MIT
 class Sibit
   # Current version of the library.
-  VERSION = '0.32.3' unless defined?(VERSION)
+  VERSION = '0.32.4' unless defined?(VERSION)
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sibit
 version: !ruby/object:Gem::Version
-  version: 0.32.3
+  version: 0.32.4
 platform: ruby
 authors:
 - Yegor Bugayenko