def check_sig(public_key, signature, message):
raw = bytes(bytearray.fromhex(public_key))
sig = bytes(bytearray.fromhex(signature))
pub = PublicKey(raw, raw=True)
try:
sig_raw = pub.ecdsa_deserialize(sig)
good = pub.ecdsa_verify(bytes(bytearray.fromhex(message)), sig_raw)
except:
good = False
print(u"{}\n".format(good))
return 0 if good else 1
def verify(self, message):
pub = PublicKey(self.pub_key, raw=True)
message = VarInt(len(message)).encode() + message
# LOGGER.debug("Comparing with %r" % (MESSAGE_TEMPLATE % message))
try:
sig_raw = pub.ecdsa_deserialize(self.sig_ser)
good = pub.ecdsa_verify(MESSAGE_TEMPLATE % message, sig_raw)
except Exception:
LOGGER.exception("Verification failed")
good = False
return good
def verify_sign(message, pubkey, address, sign):
"""verify message sign"""
# verify public key
if address != pubkey2address(pubkey):
return False
# verify sign
ecc_pubkey = PublicKey(bytes(bytearray.fromhex(pubkey)), raw=True)
# print(ecc_pubkey)
sign = ecc_pubkey.ecdsa_deserialize(binascii.unhexlify(sign))
verified = ecc_pubkey.ecdsa_verify(binascii.unhexlify(message), sign)
# print(verified)
return verified
def verify_message(message):
"""验证信息有效性"""
# 验证公钥
if message.sender != pubkey2address(message.pubkey):
return False
# 验证签名
ecc_pubkey = PublicKey(bytes(bytearray.fromhex(message.pubkey)), raw=True)
# print(ecc_pubkey)
sign = ecc_pubkey.ecdsa_deserialize(binascii.unhexlify(message.sign))
verified = ecc_pubkey.ecdsa_verify(binascii.unhexlify(message.content), sign)
# print(verified)
return verified
def getDeployedSecret(dongle, masterPrivate, targetid):
testMaster = PrivateKey(bytes(masterPrivate))
testMasterPublic = bytearray(testMaster.pubkey.serialize(compressed=False))
targetid = bytearray(struct.pack('>I', targetid))
# identify
apdu = bytearray([0xe0, 0x04, 0x00, 0x00]) + bytearray([len(targetid)]) + targetid
dongle.exchange(apdu)
# walk the chain
batch_info = bytearray(dongle.exchange(bytearray.fromhex('E050000000')))
cardKey = batch_info[5:5 + batch_info[4]]
# if not found, get another pair
#if cardKey <> testMasterPublic:
# raise Exception("Invalid batch public key")
# provide the ephemeral certificate
ephemeralPrivate = PrivateKey()
ephemeralPublic = bytearray(ephemeralPrivate.pubkey.serialize(compressed=False))
print "Using ephemeral key " + str(ephemeralPublic).encode('hex')
signature = testMaster.ecdsa_sign(bytes(ephemeralPublic))
signature = testMaster.ecdsa_serialize(signature)
certificate = bytearray([len(ephemeralPublic)]) + ephemeralPublic + bytearray([len(signature)]) + signature
apdu = bytearray([0xE0, 0x51, 0x00, 0x00]) + bytearray([len(certificate)]) + certificate
dongle.exchange(apdu)
# walk the device certificates to retrieve the public key to use for authentication
index = 0
last_pub_key = PublicKey(bytes(testMasterPublic), raw=True)
while True:
certificate = bytearray(dongle.exchange(bytearray.fromhex('E052000000')))
if len(certificate) == 0:
break
certificatePublic = certificate[1 : 1 + certificate[0]]
certificateSignature = last_pub_key.ecdsa_deserialize(bytes(certificate[2 + certificate[0] :]))
if not last_pub_key.ecdsa_verify(bytes(certificatePublic), certificateSignature):
if index == 0:
# Not an error if loading from user key
print "Broken certificate chain - loading from user key"
else:
raise Exception("Broken certificate chain")
last_pub_key = PublicKey(bytes(certificatePublic), raw=True)
index = index + 1
# Commit device ECDH channel
dongle.exchange(bytearray.fromhex('E053000000'))
secret = last_pub_key.ecdh(bytes(ephemeralPrivate.serialize().decode('hex')))
return str(secret[0:16])
def validate(self, transaction, unspent_tx_outs):
if not self.validate_struct():
return False
utx_out = None
for unspent_tx_out in unspent_tx_outs:
if unspent_tx_out.tx_out_id == self.tx_out_id and unspent_tx_out.tx_out_index == self.tx_out_index:
utx_out = unspent_tx_out
if utx_out is None:
return False
pubkey = PublicKey(unhexlify(utx_out.address), raw=True)
if not pubkey.ecdsa_verify(
unhexlify(transaction.id),
pubkey.ecdsa_deserialize(unhexlify(self.signature))):
logging.error("invalid tx_in signature")
return False
return True
def valid(self):
"""Check if this object is valid or not"""
if not self.signature:
return False
assert isinstance(self.signature, bytes)
assert 70 <= len(self.signature) <= 71
assert isinstance(self.user_public_key, bytes)
assert len(self.user_public_key) == 33
assert isinstance(self.user_address, str)
assert re.match(r'^(?:0[xX])?[0-9a-fA-F]{40}$', self.user_address)
public_key = PublicKey(self.user_public_key, raw=True)
verified = public_key.ecdsa_verify(
self.serialize(include_signature=False),
public_key.ecdsa_deserialize(self.signature))
if not verified:
return False
if get_address(public_key) != self.user_address:
return False
return self.id == self.hash
break
textToSign += data + "\n"
dongle = getDongle(True)
publicKey = dongle.exchange(bytes("8004000000".decode('hex')))
print("publicKey " + str(publicKey).encode('hex'))
try:
offset = 0
while offset != len(textToSign):
if (len(textToSign) - offset) > 255:
chunk = textToSign[offset : offset + 255]
else:
chunk = textToSign[offset:]
if (offset + len(chunk)) == len(textToSign):
p1 = 0x80
else:
p1 = 0x00
apdu = bytes("8002".decode('hex')) + chr(p1) + chr(0x00) + chr(len(chunk)) + bytes(chunk)
signature = dongle.exchange(apdu)
offset += len(chunk)
print("signature " + str(signature).encode('hex'))
publicKey = PublicKey(bytes(publicKey), raw=True)
signature = publicKey.ecdsa_deserialize(bytes(signature))
print("verified " + str(publicKey.ecdsa_verify(bytes(textToSign), signature)))
except CommException as comm:
if comm.sw == 0x6985:
print("Aborted by user")
else:
print("Invalid status " + comm.sw)
break
textToSign += data + "\n"
dongle = getDongle(True)
publicKey = dongle.exchange(bytes("8004000000".decode('hex')))
print "publicKey " + str(publicKey).encode('hex')
try:
offset = 0
while offset <> len(textToSign):
if (len(textToSign) - offset) > 255:
chunk = textToSign[offset : offset + 255]
else:
chunk = textToSign[offset:]
if (offset + len(chunk)) == len(textToSign):
p1 = 0x80
else:
p1 = 0x00
apdu = bytes("8002".decode('hex')) + chr(p1) + chr(0x00) + chr(len(chunk)) + bytes(chunk)
signature = dongle.exchange(apdu)
offset += len(chunk)
print "signature " + str(signature).encode('hex')
publicKey = PublicKey(bytes(publicKey), raw=True)
signature = publicKey.ecdsa_deserialize(bytes(signature))
print "verified " + str(publicKey.ecdsa_verify(bytes(textToSign), signature))
except CommException as comm:
if comm.sw == 0x6985:
print "Aborted by user"
else:
print "Invalid status " + comm.sw
def validate_signature(sighash, signature, miner_pubkey): """Validate header signature""" pubkey = PublicKey(miner_pubkey, raw=True) return pubkey.ecdsa_verify(sighash, pubkey.ecdsa_deserialize(signature))
while offset <> len(textToSign):
if (len(textToSign) - offset) > 255:
chunk = textToSign[offset:offset + 255]
else:
chunk = textToSign[offset:]
if (offset + len(chunk)) == len(textToSign):
p1 = 0x80
else:
p1 = 0x00
apdu = bytes("8002".decode('hex')) + chr(p1) + chr(0x00) + chr(
len(chunk)) + bytes(chunk)
signature = dongle.exchange(apdu)
offset += len(chunk)
print "signature " + str(signature).encode('hex')
publicKey = PublicKey(bytes(publicKey), raw=True)
signatureStuct = publicKey.ecdsa_deserialize(bytes(signature))
print "verified " + str(
publicKey.ecdsa_verify(bytes(textToSign), signatureStuct))
sig = bytes(signature)
try:
sig_raw = publicKey.ecdsa_deserialize(sig)
good = publicKey.ecdsa_verify(textToSign, sig_raw)
except:
good = False
print good
except CommException as comm:
if comm.sw == 0x6985:
print "Aborted by user"
else:
print "Invalid status " + comm.sw
