Browse Source

do not base64encode signatures in requests

283
ThomasV 10 years ago
parent
commit
471cab6089
  1. 6
      gui/qt/main_window.py
  2. 5
      lib/bitcoin.py
  3. 7
      lib/commands.py
  4. 4
      plugins/btchipwallet.py
  5. 1
      plugins/greenaddress_instant.py
  6. 4
      plugins/trezor.py

6
gui/qt/main_window.py

@ -23,7 +23,7 @@ import socket
import webbrowser import webbrowser
import csv import csv
from decimal import Decimal from decimal import Decimal
import base64
import PyQt4 import PyQt4
from PyQt4.QtGui import * from PyQt4.QtGui import *
@ -1983,6 +1983,7 @@ class ElectrumWindow(QMainWindow):
message = message.encode('utf-8') message = message.encode('utf-8')
try: try:
sig = self.wallet.sign_message(str(address.text()), message, password) sig = self.wallet.sign_message(str(address.text()), message, password)
sig = base64.b64encode(sig)
signature.setText(sig) signature.setText(sig)
except Exception as e: except Exception as e:
self.show_message(str(e)) self.show_message(str(e))
@ -1990,7 +1991,8 @@ class ElectrumWindow(QMainWindow):
def do_verify(self, address, message, signature): def do_verify(self, address, message, signature):
message = unicode(message.toPlainText()) message = unicode(message.toPlainText())
message = message.encode('utf-8') message = message.encode('utf-8')
if bitcoin.verify_message(address.text(), str(signature.toPlainText()), message): sig = base64.b64decode(str(signature.toPlainText()))
if bitcoin.verify_message(address.text(), sig, message):
self.show_message(_("Signature verified")) self.show_message(_("Signature verified"))
else: else:
self.show_message(_("Error: wrong signature")) self.show_message(_("Error: wrong signature"))

5
lib/bitcoin.py

@ -488,7 +488,7 @@ class EC_KEY(object):
def sign_message(self, message, compressed, address): def sign_message(self, message, compressed, address):
signature = self.sign(Hash(msg_magic(message))) signature = self.sign(Hash(msg_magic(message)))
for i in range(4): for i in range(4):
sig = base64.b64encode(chr(27 + i + (4 if compressed else 0)) + signature) sig = chr(27 + i + (4 if compressed else 0)) + signature
try: try:
self.verify_message(address, sig, message) self.verify_message(address, sig, message)
return sig return sig
@ -498,8 +498,7 @@ class EC_KEY(object):
raise Exception("error: cannot sign message") raise Exception("error: cannot sign message")
@classmethod @classmethod
def verify_message(self, address, signature, message): def verify_message(self, address, sig, message):
sig = base64.b64decode(signature)
if len(sig) != 65: if len(sig) != 65:
raise Exception("Wrong encoding") raise Exception("Wrong encoding")
nV = ord(sig[0]) nV = ord(sig[0])

7
lib/commands.py

@ -24,6 +24,7 @@ import copy
import argparse import argparse
import json import json
import ast import ast
import base64
from functools import wraps from functools import wraps
from decimal import Decimal from decimal import Decimal
@ -361,12 +362,14 @@ class Commands:
def signmessage(self, address, message): def signmessage(self, address, message):
"""Sign a message with a key. Use quotes if your message contains """Sign a message with a key. Use quotes if your message contains
whitespaces""" whitespaces"""
return self.wallet.sign_message(address, message, self.password) sig = self.wallet.sign_message(address, message, self.password)
return base64.b64encode(sig)
@command('') @command('')
def verifymessage(self, address, signature, message): def verifymessage(self, address, signature, message):
"""Verify a signature.""" """Verify a signature."""
return bitcoin.verify_message(address, signature, message) sig = base64.b64decode(signature)
return bitcoin.verify_message(address, sig, message)
def _mktx(self, outputs, fee, change_addr, domain, nocheck, unsigned): def _mktx(self, outputs, fee, change_addr, domain, nocheck, unsigned):
self.nocheck = nocheck self.nocheck = nocheck

4
plugins/btchipwallet.py

@ -5,7 +5,6 @@ from binascii import hexlify
from struct import pack,unpack from struct import pack,unpack
from sys import stderr from sys import stderr
from time import sleep from time import sleep
from base64 import b64encode, b64decode
import electrum import electrum
from electrum_gui.qt.password_dialog import make_password_dialog, run_password_dialog from electrum_gui.qt.password_dialog import make_password_dialog, run_password_dialog
@ -345,8 +344,7 @@ class BTChipWallet(BIP32_HD_Wallet):
s = str(s) s = str(s)
# And convert it # And convert it
return chr(27 + 4 + (signature[0] & 0x01)) + r + s
return b64encode(chr(27 + 4 + (signature[0] & 0x01)) + r + s)
def sign_transaction(self, tx, password): def sign_transaction(self, tx, password):
if tx.is_complete(): if tx.is_complete():

1
plugins/greenaddress_instant.py

@ -80,6 +80,7 @@ class Plugin(BasePlugin):
addr = self.get_my_addr(tx) addr = self.get_my_addr(tx)
message = "Please verify if %s is GreenAddress instant confirmed" % tx.hash() message = "Please verify if %s is GreenAddress instant confirmed" % tx.hash()
sig = self.wallet.sign_message(addr, message, password) sig = self.wallet.sign_message(addr, message, password)
sig = base64.b64encode(sig)
# 2. send the request # 2. send the request
response = requests.request("GET", ("https://greenaddress.it/verify/?signature=%s&txhash=%s" % (urllib.quote(sig), tx.hash())), response = requests.request("GET", ("https://greenaddress.it/verify/?signature=%s&txhash=%s" % (urllib.quote(sig), tx.hash())),

4
plugins/trezor.py

@ -2,7 +2,6 @@ from binascii import unhexlify
from struct import pack from struct import pack
from sys import stderr from sys import stderr
from time import sleep from time import sleep
from base64 import b64encode, b64decode
import unicodedata import unicodedata
import threading import threading
import re import re
@ -459,8 +458,7 @@ class TrezorWallet(BIP32_HD_Wallet):
give_error(e) give_error(e)
finally: finally:
self.plugin.handler.stop() self.plugin.handler.stop()
b64_msg_sig = b64encode(msg_sig.signature) return msg_sig.signature
return str(b64_msg_sig)
def sign_transaction(self, tx, password): def sign_transaction(self, tx, password):
if tx.is_complete(): if tx.is_complete():

Loading…
Cancel
Save