lukechilds
/
electrum
mirror of https://github.com/lukechilds/electrum.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

ecc: API changes: verify_message_hash to return bool instead of raising 

verify_message_hash and verify_message_for_address now return bool
instead of raising Exceptions on bad signatures.
patch-4
SomberNight 3 years ago
parent
57583c05cf
commit
4f9e4c520f
No known key found for this signature in database GPG Key ID: B33B5F232C6271E9
5 changed files with 38 additions and 47 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 69
      electrum/ecc.py
  2. 3
      electrum/lnaddr.py
  3. 6
      electrum/plugins/coldcard/coldcard.py
  4. 2
      electrum/tests/test_bitcoin.py
  5. 5
      electrum/transaction.py

69
electrum/ecc.py
View File

@ -159,7 +159,7 @@ class ECPubkey(object):
assert_bytes(sig_string)
if len(sig_string) != 64:
raise Exception(f'wrong encoding used for signature? len={len(sig_string)} (should be 64)')
if recid < 0 or recid > 3:
if not (0 <= recid <= 3):
raise ValueError('recid is {}, but should be 0 <= recid <= 3'.format(recid))
sig65 = create_string_buffer(65)
ret = _libsecp256k1.secp256k1_ecdsa_recoverable_signature_parse_compact(
@ -177,7 +177,7 @@ class ECPubkey(object):
if len(sig) != 65:
raise Exception(f'wrong encoding used for signature? len={len(sig)} (should be 65)')
nV = sig[0]
if nV < 27 or nV >= 35:
if not (27 <= nV <= 34):
raise Exception("Bad encoding")
if nV >= 31:
compressed = True
@ -290,33 +290,36 @@ class ECPubkey(object):
raise TypeError('comparison not defined for ECPubkey and {}'.format(type(other)))
return (self.x() or 0) < (other.x() or 0)
def verify_message_for_address(self, sig65: bytes, message: bytes, algo=lambda x: sha256d(msg_magic(x))) -> None:
def verify_message_for_address(self, sig65: bytes, message: bytes, algo=lambda x: sha256d(msg_magic(x))) -> bool:
assert_bytes(message)
h = algo(message)
public_key, compressed = self.from_signature65(sig65, h)
try:
public_key, compressed = self.from_signature65(sig65, h)
except Exception:
return False
# check public key
if public_key != self:
raise Exception("Bad signature")
return False
# check message
self.verify_message_hash(sig65[1:], h)
return self.verify_message_hash(sig65[1:], h)
# TODO return bool instead of raising
def verify_message_hash(self, sig_string: bytes, msg_hash: bytes) -> None:
def verify_message_hash(self, sig_string: bytes, msg_hash: bytes) -> bool:
assert_bytes(sig_string)
if len(sig_string) != 64:
raise Exception(f'wrong encoding used for signature? len={len(sig_string)} (should be 64)')
return False
if not (isinstance(msg_hash, bytes) and len(msg_hash) == 32):
raise Exception("msg_hash must be bytes, and 32 bytes exactly")
return False
sig = create_string_buffer(64)
ret = _libsecp256k1.secp256k1_ecdsa_signature_parse_compact(_libsecp256k1.ctx, sig, sig_string)
if not ret:
raise Exception("Bad signature")
return False
ret = _libsecp256k1.secp256k1_ecdsa_signature_normalize(_libsecp256k1.ctx, sig, sig)
pubkey = self._to_libsecp256k1_pubkey_ptr()
if 1 != _libsecp256k1.secp256k1_ecdsa_verify(_libsecp256k1.ctx, sig, msg_hash, pubkey):
raise Exception("Bad signature")
return False
return True
def encrypt_message(self, message: bytes, magic: bytes = b'BIE1') -> bytes:
"""
@ -364,33 +367,28 @@ def msg_magic(message: bytes) -> bytes:
def verify_signature(pubkey: bytes, sig: bytes, h: bytes) -> bool:
try:
ECPubkey(pubkey).verify_message_hash(sig, h)
except:
return False
return True
return ECPubkey(pubkey).verify_message_hash(sig, h)
def verify_message_with_address(address: str, sig65: bytes, message: bytes, *, net=None):
def verify_message_with_address(address: str, sig65: bytes, message: bytes, *, net=None) -> bool:
from .bitcoin import pubkey_to_address
assert_bytes(sig65, message)
if net is None: net = constants.net
h = sha256d(msg_magic(message))
try:
h = sha256d(msg_magic(message))
public_key, compressed = ECPubkey.from_signature65(sig65, h)
# check public key using the address
pubkey_hex = public_key.get_public_key_hex(compressed)
for txin_type in ['p2pkh','p2wpkh','p2wpkh-p2sh']:
addr = pubkey_to_address(txin_type, pubkey_hex, net=net)
if address == addr:
break
else:
raise Exception("Bad signature")
# check message
public_key.verify_message_hash(sig65[1:], h)
return True
except Exception as e:
_logger.info(f"Verification error: {repr(e)}")
return False
# check public key using the address
pubkey_hex = public_key.get_public_key_hex(compressed)
for txin_type in ['p2pkh','p2wpkh','p2wpkh-p2sh']:
addr = pubkey_to_address(txin_type, pubkey_hex, net=net)
if address == addr:
break
else:
return False
# check message
return public_key.verify_message_hash(sig65[1:], h)
def is_secret_within_curve_range(secret: Union[int, bytes]) -> bool:
@ -476,7 +474,8 @@ class ECPrivkey(ECPubkey):
r, s = sign_with_extra_entropy(extra_entropy=extra_entropy)
sig_string = sig_string_from_r_and_s(r, s)
self.verify_message_hash(sig_string, msg_hash)
if not self.verify_message_hash(sig_string, msg_hash):
raise Exception("sanity check failed: signature we just created does not verify!")
sig = sigencode(r, s)
return sig
@ -488,11 +487,9 @@ class ECPrivkey(ECPubkey):
def bruteforce_recid(sig_string):
for recid in range(4):
sig65 = construct_sig65(sig_string, recid, is_compressed)
try:
self.verify_message_for_address(sig65, message, algo)
return sig65, recid
except Exception as e:
if not self.verify_message_for_address(sig65, message, algo):
continue
return sig65, recid
else:
raise Exception("error: cannot sign message. no recid fits..")

3
electrum/lnaddr.py
View File

@ -508,7 +508,8 @@ def lndecode(invoice: str, *, verbose=False, net=None) -> LnAddr:
#
# A reader MUST use the `n` field to validate the signature instead of
# performing signature recovery if a valid `n` field is provided.
ecc.ECPubkey(addr.pubkey).verify_message_hash(sigdecoded[:64], hrp_hash)
if not ecc.ECPubkey(addr.pubkey).verify_message_hash(sigdecoded[:64], hrp_hash):
raise LnDecodeException("bad signature")
pubkey_copy = addr.pubkey
class WrappedBytesKey:
serialize = lambda: pubkey_copy

6
electrum/plugins/coldcard/coldcard.py
View File

@ -43,11 +43,7 @@ try:
# verify a signature (65 bytes) over the session key, using the master bip32 node
# - customized to use specific EC library of Electrum.
pubkey = BIP32Node.from_xkey(expect_xpub).eckey
try:
pubkey.verify_message_hash(sig[1:65], self.session_key)
return True
except:
return False
return pubkey.verify_message_hash(sig[1:65], self.session_key)
except ImportError as e:
if not (isinstance(e, ModuleNotFoundError) and e.name == 'ckcc'):

2
electrum/tests/test_bitcoin.py
View File

@ -152,7 +152,7 @@ class Test_bitcoin(ElectrumTestCase):
signature = eck.sign_message(message, True)
#print signature
eck.verify_message_for_address(signature, message)
self.assertTrue(eck.verify_message_for_address(signature, message))
def test_ecc_sanity(self):
G = ecc.GENERATOR

5
electrum/transaction.py
View File

@ -2025,10 +2025,7 @@ class PartialTransaction(Transaction):
continue
pubkey_hex = public_key.get_public_key_hex(compressed=True)
if pubkey_hex in pubkeys:
try:
public_key.verify_message_hash(sig_string, pre_hash)
except Exception:
_logger.exception('')
if not public_key.verify_message_hash(sig_string, pre_hash):
continue
_logger.info(f"adding sig: txin_idx={i}, signing_pubkey={pubkey_hex}, sig={sig}")
self.add_signature_to_txin(txin_idx=i, signing_pubkey=pubkey_hex, sig=sig)

Write Preview
Loading…
Cancel
Save