def recover_public_keys_from_message(
cls,
message: bytes,
signature: str,
is_deprecated_mode: bool = False) -> Tuple[str, ...]:
"""
Get the public key used to produce the `signature` of the `message`
:param message: raw bytes used to produce signature
:param signature: signature of the message
:param is_deprecated_mode: if the deprecated signing was used
:return: the recovered public keys
"""
if not is_deprecated_mode:
signable_message = encode_defunct(primitive=message)
message = _hash_eip191_message(signable_message)
hash_bytes = HexBytes(message)
# code taken from https://github.com/ethereum/eth-account/blob/master/eth_account/account.py#L428
if len(hash_bytes) != 32: # pragma: nocover
raise ValueError("The message hash must be exactly 32-bytes")
signature_bytes = HexBytes(signature)
signature_bytes_standard = to_standard_signature_bytes(signature_bytes)
signature_obj = keys.Signature(
signature_bytes=signature_bytes_standard)
pubkey = signature_obj.recover_public_key_from_msg_hash(hash_bytes)
return (str(pubkey), )
def verify(self, message, signature) -> bool:
if isinstance(message, str):
message = bytes(message, 'utf-8')
if isinstance(signature, str):
signature = bytes.fromhex(signature)
if self._mode == EcdsaModes.SECP256K1_KECCAK_256_ETHEREUM:
message_hash = defunct_hash_message(message)
try:
signature_bytes_standard = to_standard_signature_bytes(
signature)
signature_obj = EthereumKeys.Signature(
signature_bytes=signature_bytes_standard)
obtained_public_value = signature_obj.recover_public_key_from_msg_hash(
message_hash).to_bytes()
if obtained_public_value != self._public_bytes:
raise eth_keys_exceptions.BadSignature
except (ValueError, eth_keys_exceptions.BadSignature):
raise InvalidSignatureError
else:
hash_function = '_'.join(self._mode.split('_')[1:]).lower()
message_hash = hash_message(message, hash_function)
try:
self._public_key_object.verify(
signature, message_hash,
ec.ECDSA(getattr(hashes, hash_function.upper())()))
except cryptography_exceptions.InvalidSignature:
raise InvalidSignatureError
def sign_message(self, message: bytes) -> bytes:
"""Signs the message with the private key of the TransactingPower."""
signature = self._signer.sign_message(account=self.__account,
message=message)
# This signature will need to be passed to Rust, so we are cleaning the chain identifier
# from the recovery byte, bringing it to the standard choice of {0, 1}.
return to_standard_signature_bytes(signature)
def test_blockchain_ursula_substantiates_stamp(blockchain_ursulas):
first_ursula = list(blockchain_ursulas)[0]
signature_as_bytes = first_ursula.operator_signature
signature_as_bytes = to_standard_signature_bytes(signature_as_bytes)
# `operator_address` was derived in nucypher_core, check it independently
assert verify_eip_191(address=first_ursula.operator_address,
message=bytes(first_ursula.stamp),
signature=signature_as_bytes)
def test_blockchain_ursula_substantiates_stamp(blockchain_ursulas):
first_ursula = list(blockchain_ursulas)[0]
signature_as_bytes = first_ursula.decentralized_identity_evidence
signature_as_bytes = to_standard_signature_bytes(signature_as_bytes)
assert verify_eip_191(address=first_ursula.worker_address,
message=bytes(first_ursula.stamp),
signature=signature_as_bytes)
# This method is a shortcut for the above.
assert first_ursula._stamp_has_valid_signature_by_worker()
def _recover_hash(self, message_hash, vrs=None, signature=None):
hash_bytes = HexBytes(message_hash)
if len(hash_bytes) != 32:
raise ValueError("The message hash must be exactly 32-bytes")
if vrs is not None:
v, r, s = map(hexstr_if_str(to_int), vrs)
v_standard = to_standard_v(v)
signature_obj = self._keys.Signature(vrs=(v_standard, r, s))
elif signature is not None:
signature_bytes = HexBytes(signature)
signature_bytes_standard = to_standard_signature_bytes(signature_bytes)
signature_obj = self._keys.Signature(signature_bytes=signature_bytes_standard)
else:
raise TypeError("You must supply the vrs tuple or the signature bytes")
pubkey = signature_obj.recover_public_key_from_msg_hash(hash_bytes)
return pubkey.to_checksum_address()
