Add even hex length before hashing 'm' for Go comp

package.json

@@ -1,6 +1,6 @@
 {
   "name": "blindsecp256k1",
-  "version": "0.0.5",
+  "version": "0.0.6",
   "description": "Blind signatures over secp256k1, compatible with https://github.com/arnaucube/go-blindsecp256k1",
   "main": "dist/index",
   "types": "dist/index",
@@ -8,6 +8,7 @@
     "prepublishOnly": "npm run build",
     "clean": "rimraf dist",
     "build": "npm run clean && ./node_modules/.bin/tsc",
+    "browserify": "npm run build && browserify dist/index.js --standalone blindsecp256k1 > dist/blindsecp256k1-browser.js",
     "watch": "./node_modules/.bin/tsc -w -p .",
     "ts-node": "./node_modules/.bin/ts-node",
     "test": "npm run build && ./node_modules/.bin/mocha -r ts-node/register test/**/*.ts"
@@ -31,6 +32,7 @@
     "rimraf": "^3.0.2",
     "ts-node": "^9.1.1",
     "tslint": "^6.1.3",
-    "typescript": "^4.1.3"
+    "typescript": "^4.1.3",
+    "browserify": "^16.5.0"
   }
 }

src/index.ts

@@ -93,8 +93,9 @@ export function blind(m: BigInteger, signerR: Point): { mBlinded: BigInteger, us
     const ainvrx = ainv.multiply(rx)
 
     const mHex = m.toString(16)
-    const hHex = keccak256('0x' + zeroPad(mHex, 32)).substr(2)
+    const hHex = keccak256('0x' + evenHex(mHex)).substr(2)
     const h = BigInteger.fromHex(hHex)
+
     const mBlinded = ainvrx.multiply(h)
 
     return { mBlinded: mBlinded.mod(n), userSecretData: u }
@@ -121,7 +122,7 @@ export function verify(m: BigInteger, s: UnblindedSignature, q: Point) {
     const sG = G.multiply(s.s)
 
     const mHex = m.toString(16)
-    const hHex = keccak256('0x' + zeroPad(mHex, 32)).substr(2)
+    const hHex = keccak256('0x' + evenHex(mHex)).substr(2)
     const h = BigInteger.fromHex(hHex)
 
     const rx = s.f.affineX.mod(n)
@@ -148,9 +149,8 @@ function random(bytes: number) {
     return k
 }
 
-function zeroPad(hexString: string, byteLength: number) {
-    if (hexString.length > (byteLength * 2)) throw new Error("Out of bounds")
-    while (hexString.length < (byteLength * 2)) {
+export function evenHex(hexString: string) {
+    if ((hexString.length % 2) != 0) {
         hexString = "0" + hexString
     }
     return hexString

test/index.test.ts

@@ -2,7 +2,7 @@ import * as assert from 'assert'
 import * as BigInteger from 'bigi'
 import { keccak256 } from '@ethersproject/keccak256'
 
-import { pointFromHex, newKeyPair, newRequestParameters, blind, blindSign, unblind, verify, signatureFromHex, signatureToHex, messageToBigNumber, pointToHex } from '../src/index'
+import { pointFromHex, newKeyPair, newRequestParameters, blind, blindSign, unblind, verify, signatureFromHex, signatureToHex, messageToBigNumber, pointToHex, ecparams, newBigFromString, evenHex } from '../src/index'
 
 describe('keccak256', function () {
 	it('should hash strings and big numbers', async () => {
@@ -71,3 +71,23 @@ describe('import point from hex', function () {
 		assert.strictEqual(signatureToHex(signatureFromHex(originalSignatureHex)), originalSignatureHex)
 	})
 })
+
+describe('Test hash m odd bytes', function () {
+	it('should take odd hex value and prepare it (using evenHex) to be even for keccak256 input', async () => {
+		// This test is made with same values than
+		// https://github.com/arnaucube/go-blindsecp256k1 to ensure
+		// compatibility
+		let m = newBigFromString("3024162961766929396601888431330224482373544644288322432261208139289299439809")
+		let mHex = m.toString(16)
+		assert.strictEqual(57, mHex.substr(6).length)
+		let hHex = keccak256('0x' + evenHex(mHex).substr(6)).substr(2)
+		let h = BigInteger.fromHex(hHex)
+		assert.strictEqual("57523339312508913023232057765773019244858443678197951618720342803494056599369", h.toString())
+
+		mHex = m.toString(16) + "1234"
+		assert.strictEqual(67, mHex.length)
+		hHex = keccak256('0x' + evenHex(mHex)).substr(2)
+		h = BigInteger.fromHex(hHex)
+		assert.strictEqual("9697834584560956691445940439424778243200861871421750951058436814122640359156", h.toString())
+	})
+})