LiskArchive · toschdev · Mar 1, 2018 · Feb 14, 2018 · Feb 14, 2018 · Feb 15, 2018
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -3,6 +3,10 @@
 	"version": "0.4.5",
 	"description": "JavaScript library for sending Lisk transactions from the client or server",
 	"main": "./dist-node/index.js",
+	"engines": {
+		"node": ">=6.3 <=9.5",
+		"npm": ">=3 <=5"
+	},
 	"scripts": {
 		"prestart": "./bin/prestart.sh",
 		"start": "./bin/start.sh",

diff --git a/src/cryptography/convert.js b/src/cryptography/convert.js
@@ -24,7 +24,20 @@ export const bufferToBigNumberString = bigNumberBuffer =>
 
 export const bufferToHex = buffer => naclInstance.to_hex(buffer);
 
-export const hexToBuffer = hex => Buffer.from(hex, 'hex');
+const hexRegex = /^[0-9a-f]+/i;
+export const hexToBuffer = hex => {
+	if (typeof hex !== 'string') {
+		throw new TypeError('Argument must be a string.');
+	}
+	const matchedHex = (hex.match(hexRegex) || [])[0];
+	if (!matchedHex || matchedHex.length !== hex.length) {
+		throw new TypeError('Argument must be a valid hex string.');
+	}
+	if (matchedHex.length % 2 !== 0) {
+		throw new TypeError('Argument must have a valid length of hex string.');
+	}
+	return Buffer.from(matchedHex, 'hex');
+};
 
 export const getFirstEightBytesReversed = publicKeyBytes =>
 	Buffer.from(publicKeyBytes)

diff --git a/src/cryptography/encrypt.js b/src/cryptography/encrypt.js
@@ -125,9 +125,6 @@ const encryptAES256GCMWithPassword = (plainText, password) => {
 
 const getTagBuffer = tag => {
 	const tagBuffer = hexToBuffer(tag);
-	if (bufferToHex(tagBuffer) !== tag) {
-		throw new Error('Tag must be a hex string.');
-	}
 	if (tagBuffer.length !== 16) {
 		throw new Error('Tag must be 16 bytes.');
 	}

diff --git a/src/transactions/utils/getTransactionBytes.js b/src/transactions/utils/getTransactionBytes.js
@@ -49,7 +49,7 @@ export const getAssetDataForRegisterSecondSignatureTransaction = ({
 }) => {
 	checkRequiredFields(['publicKey'], signature);
 	const { publicKey } = signature;
-	return Buffer.from(publicKey, 'hex');
+	return cryptography.hexToBuffer(publicKey);
 };
 
 export const getAssetDataForRegisterDelegateTransaction = ({ delegate }) => {
@@ -159,12 +159,12 @@ const getTransactionBytes = transaction => {
 		BYTESIZES.TIMESTAMP,
 	);
 
-	const transactionSenderPublicKey = Buffer.from(
+	const transactionSenderPublicKey = cryptography.hexToBuffer(
 		transaction.senderPublicKey,
-		'hex',
 	);
+
 	const transactionRequesterPublicKey = transaction.requesterPublicKey
-		? Buffer.from(transaction.requesterPublicKey, 'hex')
+		? cryptography.hexToBuffer(transaction.requesterPublicKey)
 		: Buffer.alloc(0);
 
 	const transactionRecipientID = transaction.recipientId
@@ -182,11 +182,11 @@ const getTransactionBytes = transaction => {
 	const transactionAssetData = getAssetBytes(transaction);
 
 	const transactionSignature = transaction.signature
-		? Buffer.from(transaction.signature, 'hex')
+		? cryptography.hexToBuffer(transaction.signature)
 		: Buffer.alloc(0);
 
 	const transactionSecondSignature = transaction.signSignature
-		? Buffer.from(transaction.signSignature, 'hex')
+		? cryptography.hexToBuffer(transaction.signSignature)
 		: Buffer.alloc(0);
 
 	return Buffer.concat([

diff --git a/src/transactions/utils/validation.js b/src/transactions/utils/validation.js
@@ -13,20 +13,16 @@
  *
  */
 import bignum from 'browserify-bignum';
-import { bufferToHex, hexToBuffer } from 'cryptography/convert';
+import { hexToBuffer } from 'cryptography/convert';
 import { MAX_ADDRESS_NUMBER } from 'constants';
 
 export const validatePublicKey = publicKey => {
 	const publicKeyBuffer = hexToBuffer(publicKey);
-	if (bufferToHex(publicKeyBuffer) !== publicKey) {
-		throw new Error('Public key must be a valid hex string.');
-	}
 	if (publicKeyBuffer.length !== 32) {
 		throw new Error(
 			`Public key ${publicKey} length differs from the expected 32 bytes for a public key.`,
 		);
 	}
-
 	return true;
 };
 

diff --git a/test/cryptography/convert.js b/test/cryptography/convert.js
@@ -65,6 +65,48 @@ describe('convert', () => {
 			const buffer = hexToBuffer(defaultHex);
 			return buffer.should.be.eql(defaultBuffer);
 		});
+
+		it('should throw TypeError with number', () => {
+			return hexToBuffer
+				.bind(null, 123)
+				.should.throw(TypeError, { message: 'Argument must be a string.' });
+		});
+
+		it('should throw TypeError with object', () => {
+			return hexToBuffer
+				.bind(null, {})
+				.should.throw(TypeError, { message: 'Argument must be a string.' });
+		});
+
+		it('should throw TypeError with non hex string', () => {
+			return hexToBuffer.bind(null, 'yKJj').should.throw(TypeError, {
+				message: 'Argument must be a valid hex string.',
+			});
+		});
+
+		it('should throw TypeError with partially correct hex string', () => {
+			return hexToBuffer.bind(null, 'Abxzzzz').should.throw(TypeError, {
+				message: 'Argument must be a valid hex string.',
+			});
+		});
+
+		it('should throw TypeError with odd number of string with partially correct hex string', () => {
+			return hexToBuffer.bind(null, 'Abxzzab').should.throw(TypeError, {
+				message: 'Argument must be a valid hex string.',
+			});
+		});
+
+		it('should throw TypeError with odd number hex string with invalid hex', () => {
+			return hexToBuffer.bind(null, '123xxxx').should.throw(TypeError, {
+				message: 'Argument must be a valid hex string.',
+			});
+		});
+
+		it('should throw TypeError with odd number of hex string', () => {
+			return hexToBuffer.bind(null, 'c3a5c3a4c3b6a').should.throw(TypeError, {
+				message: 'Argument must have a valid length of hex string.',
+			});
+		});
 	});
 
 	describe('#getFirstEightBytesReversed', () => {

diff --git a/test/cryptography/encrypt.js b/test/cryptography/encrypt.js
@@ -269,7 +269,7 @@ describe('encrypt', () => {
 				)}gg`;
 				return decryptPassphraseWithPassword
 					.bind(null, cipherIvSaltTagAndVersion, defaultPassword)
-					.should.throw('Tag must be a hex string.');
+					.should.throw('Argument must be a valid hex string.');
 			});
 
 			it('should inform the user if the tag has been altered', () => {

diff --git a/test/transactions/3_castVotes.js b/test/transactions/3_castVotes.js
@@ -244,7 +244,7 @@ describe('#castVotes transaction', () => {
 					unvotes: unvotePublicKeys,
 					votes: [plusPrependedPublicKey],
 				})
-				.should.throw('Invalid hex string');
+				.should.throw('Argument must be a valid hex string.');
 		});
 	});
 

diff --git a/test/transactions/4_registerMultisignatureAccount.js b/test/transactions/4_registerMultisignatureAccount.js
@@ -235,7 +235,7 @@ describe('#registerMultisignatureAccount transaction', () => {
 					lifetime,
 					minimum,
 				})
-				.should.throw('Invalid hex string');
+				.should.throw('Argument must be a valid hex string.');
 		});
 	});
 

diff --git a/test/transactions/utils/validation.js b/test/transactions/utils/validation.js
@@ -29,7 +29,7 @@ describe('public key validation', () => {
 			it('should throw an error', () => {
 				return validatePublicKey
 					.bind(null, invalidHexPublicKey)
-					.should.throw('Invalid hex string');
+					.should.throw('Argument must have a valid length of hex string.');
 			});
 		});
 
@@ -39,7 +39,7 @@ describe('public key validation', () => {
 			it('should throw an error', () => {
 				return validatePublicKey
 					.bind(null, invalidHexPublicKey)
-					.should.throw('Public key must be a valid hex string.');
+					.should.throw('Argument must be a valid hex string.');
 			});
 		});
 
@@ -95,7 +95,7 @@ describe('public key validation', () => {
 			it('should throw an error', () => {
 				return validatePublicKeys
 					.bind(null, publicKeys)
-					.should.throw('Invalid hex string');
+					.should.throw('Argument must have a valid length of hex string.');
 			});
 		});