Browse Source

do not base64encode signatures in requests

283
ThomasV 10 years ago
parent
commit
471cab6089
  1. 6
      gui/qt/main_window.py
  2. 5
      lib/bitcoin.py
  3. 7
      lib/commands.py
  4. 4
      plugins/btchipwallet.py
  5. 1
      plugins/greenaddress_instant.py
  6. 4
      plugins/trezor.py

6
gui/qt/main_window.py

@ -23,7 +23,7 @@ import socket
import webbrowser
import csv
from decimal import Decimal
import base64
import PyQt4
from PyQt4.QtGui import *
@ -1983,6 +1983,7 @@ class ElectrumWindow(QMainWindow):
message = message.encode('utf-8')
try:
sig = self.wallet.sign_message(str(address.text()), message, password)
sig = base64.b64encode(sig)
signature.setText(sig)
except Exception as e:
self.show_message(str(e))
@ -1990,7 +1991,8 @@ class ElectrumWindow(QMainWindow):
def do_verify(self, address, message, signature):
message = unicode(message.toPlainText())
message = message.encode('utf-8')
if bitcoin.verify_message(address.text(), str(signature.toPlainText()), message):
sig = base64.b64decode(str(signature.toPlainText()))
if bitcoin.verify_message(address.text(), sig, message):
self.show_message(_("Signature verified"))
else:
self.show_message(_("Error: wrong signature"))

5
lib/bitcoin.py

@ -488,7 +488,7 @@ class EC_KEY(object):
def sign_message(self, message, compressed, address):
signature = self.sign(Hash(msg_magic(message)))
for i in range(4):
sig = base64.b64encode(chr(27 + i + (4 if compressed else 0)) + signature)
sig = chr(27 + i + (4 if compressed else 0)) + signature
try:
self.verify_message(address, sig, message)
return sig
@ -498,8 +498,7 @@ class EC_KEY(object):
raise Exception("error: cannot sign message")
@classmethod
def verify_message(self, address, signature, message):
sig = base64.b64decode(signature)
def verify_message(self, address, sig, message):
if len(sig) != 65:
raise Exception("Wrong encoding")
nV = ord(sig[0])

7
lib/commands.py

@ -24,6 +24,7 @@ import copy
import argparse
import json
import ast
import base64
from functools import wraps
from decimal import Decimal
@ -361,12 +362,14 @@ class Commands:
def signmessage(self, address, message):
"""Sign a message with a key. Use quotes if your message contains
whitespaces"""
return self.wallet.sign_message(address, message, self.password)
sig = self.wallet.sign_message(address, message, self.password)
return base64.b64encode(sig)
@command('')
def verifymessage(self, address, signature, message):
"""Verify a signature."""
return bitcoin.verify_message(address, signature, message)
sig = base64.b64decode(signature)
return bitcoin.verify_message(address, sig, message)
def _mktx(self, outputs, fee, change_addr, domain, nocheck, unsigned):
self.nocheck = nocheck

4
plugins/btchipwallet.py

@ -5,7 +5,6 @@ from binascii import hexlify
from struct import pack,unpack
from sys import stderr
from time import sleep
from base64 import b64encode, b64decode
import electrum
from electrum_gui.qt.password_dialog import make_password_dialog, run_password_dialog
@ -345,8 +344,7 @@ class BTChipWallet(BIP32_HD_Wallet):
s = str(s)
# And convert it
return b64encode(chr(27 + 4 + (signature[0] & 0x01)) + r + s)
return chr(27 + 4 + (signature[0] & 0x01)) + r + s
def sign_transaction(self, tx, password):
if tx.is_complete():

1
plugins/greenaddress_instant.py

@ -80,6 +80,7 @@ class Plugin(BasePlugin):
addr = self.get_my_addr(tx)
message = "Please verify if %s is GreenAddress instant confirmed" % tx.hash()
sig = self.wallet.sign_message(addr, message, password)
sig = base64.b64encode(sig)
# 2. send the request
response = requests.request("GET", ("https://greenaddress.it/verify/?signature=%s&txhash=%s" % (urllib.quote(sig), tx.hash())),

4
plugins/trezor.py

@ -2,7 +2,6 @@ from binascii import unhexlify
from struct import pack
from sys import stderr
from time import sleep
from base64 import b64encode, b64decode
import unicodedata
import threading
import re
@ -459,8 +458,7 @@ class TrezorWallet(BIP32_HD_Wallet):
give_error(e)
finally:
self.plugin.handler.stop()
b64_msg_sig = b64encode(msg_sig.signature)
return str(b64_msg_sig)
return msg_sig.signature
def sign_transaction(self, tx, password):
if tx.is_complete():

Loading…
Cancel
Save