/** * ECDSA public key recovery from signature * @param {Buffer} msgHash * @p

1. /**
2. * ECDSA public key recovery from signature
3. * @param {Buffer} msgHash
4. * @param {Number} v
5. * @param {Buffer} r
6. * @param {Buffer} s
7. * @return {Buffer} publicKey
8. */
9. exports.ecrecover = function (msgHash, v, r, s) {
10. var signature = Buffer.concat([exports.setLength(r, 32), exports.setLength(s, 32)], 64)
11. var recovery = v - 27
12. if (recovery !== 0 && recovery !== 1) {
13. throw new Error('Invalid signature v value')
14. }
15. var senderPubKey = secp256k1.recover(msgHash, signature, recovery)
16. return secp256k1.publicKeyConvert(senderPubKey, false).slice(1)
17. }
18.  
19. /**
20. * Determines if the signature is valid
21. * @return {Boolean}
22. */
23. verifySignature () {
24. const msgHash = this.hash(false)
25. // All transaction signatures whose s-value is greater than secp256k1n/2 are considered invalid.
26. if (this._homestead && new BN(this.s).cmp(N_DIV_2) === 1) {
27. return false
28. }
29.  
30. try {
31. let v = ethUtil.bufferToInt(this.v)
32. if (this._chainId > 0) {
33. v -= this._chainId * 2 + 8
34. }
35. this._senderPubKey = ethUtil.ecrecover(msgHash, v, this.r, this.s)
36. } catch (e) {
37. return false
38. }
39.  
40. return !!this._senderPubKey
41. }
42.  
43. var sig = secp256k1.sign(msgHash, privateKey)
44. var ret = {}
45. ret.r = sig.signature.slice(0, 32)
46. ret.s = sig.signature.slice(32, 64)
47. ret.v = sig.recovery + 27