def ecdsa_sign_bin(msgbin, priv):
v, r, s = ecdsa_raw_sign(msgbin, priv)
sig = encode_sig(v, r, s)
pubkey = privkey_to_pubkey(wif_to_privkey(priv))
ok = ecdsa_raw_verify(msgbin, decode_sig(sig), pubkey)
if not ok:
raise Exception('Bad signature!')
return sig
def ecdsa_verify_addr(msg, sig, addr):
isTestnet = addr[0] not in P2PKH_PREFIXES
if not checkPivxAddr(addr, isTestnet):
return False
v, r, s = decode_sig(sig)
Q = ecdsa_raw_recover(electrum_sig_hash(msg), (v, r, s))
Qenc = encode_pubkey(Q, 'hex_compressed') if v >= 31 else encode_pubkey(
Q, 'hex')
return pubkey_to_address(Qenc, isTestnet) == addr
def ecdsa_sign(msg: str, wif_priv_key: str, dash_network: str):
"""Signs a message with the Elliptic Curve algorithm."""
v, r, s = bitcoin.ecdsa_raw_sign(electrum_sig_hash(msg), wif_priv_key)
sig = bitcoin.encode_sig(v, r, s)
pubkey = bitcoin.privkey_to_pubkey(wif_to_privkey(wif_priv_key, dash_network))
ok = bitcoin.ecdsa_raw_verify(electrum_sig_hash(msg), bitcoin.decode_sig(sig), pubkey)
if not ok:
raise Exception('Bad signature!')
return sig
def verify_raw_data( raw_data, pubkey, sigb64 ): """ Verify the signature over a string, given the public key and base64-encode signature. Return True on success. Return False on error. """ data_hash = get_data_hash( raw_data ) return pybitcointools.ecdsa_raw_verify( data_hash, pybitcointools.decode_sig( sigb64 ), pubkey )
def verify_raw_data( raw_data, pubkey, sigb64 ): """ Verify the signature over a string, given the public key and base64-encode signature. Return True on success. Return False on error. """ data_hash = get_data_hash( raw_data ) return pybitcointools.ecdsa_raw_verify( data_hash, pybitcointools.decode_sig( sigb64 ), pubkey )
def ecdsa_sign_raw(msg_raw: bytes, wif_priv_key: str, dash_network: str):
"""Signs raw bytes (a message hash) with the Elliptic Curve algorithm.
"""
v, r, s = bitcoin.ecdsa_raw_sign(msg_raw, wif_priv_key)
sig = bitcoin.encode_sig(v, r, s)
pubkey = bitcoin.privkey_to_pubkey(wif_to_privkey(wif_priv_key, dash_network))
ok = bitcoin.ecdsa_raw_verify(msg_raw, bitcoin.decode_sig(sig), pubkey)
if not ok:
raise Exception('Bad signature!')
return sig
def ecdsa_sign(msg, priv):
"""
Based on project: https://github.com/chaeplin/dashmnb.
"""
v, r, s = ecdsa_raw_sign(electrum_sig_hash(msg), priv)
sig = encode_sig(v, r, s)
pubkey = privkey_to_pubkey(wif_to_privkey(priv))
ok = ecdsa_raw_verify(electrum_sig_hash(msg), decode_sig(sig), pubkey)
if not ok:
raise Exception('Bad signature!')
return sig
def ecdsa_sign(msg, priv):
"""
Based on project: https://github.com/chaeplin/dashmnb with some changes related to usage of bitcoin library.
"""
v, r, s = bitcoin.ecdsa_raw_sign(electrum_sig_hash(msg), priv)
sig = bitcoin.encode_sig(v, r, s)
pubkey = bitcoin.privkey_to_pubkey(wif_to_privkey(priv))
ok = bitcoin.ecdsa_raw_verify(electrum_sig_hash(msg),
bitcoin.decode_sig(sig), pubkey)
if not ok:
raise Exception('Bad signature!')
return sig
def ecdsa_sign(msg: str, wif_priv_key: str, dash_network: str):
"""Signs a message with the Elliptic Curve algorithm.
Note: Dash core uses uncompressed public keys, so if the private key passed as an argument
is of compressed format, convert it to an uncompressed
"""
# wif_priv_key = wif_privkey_to_uncompressed(wif_priv_key)
v, r, s = bitcoin.ecdsa_raw_sign(electrum_sig_hash(msg), wif_priv_key)
sig = bitcoin.encode_sig(v, r, s)
pubkey = bitcoin.privkey_to_pubkey(wif_to_privkey(wif_priv_key, dash_network))
ok = bitcoin.ecdsa_raw_verify(electrum_sig_hash(msg), bitcoin.decode_sig(sig), pubkey)
if not ok:
raise Exception('Bad signature!')
return sig
def get_result(result):
try:
if result[0] and digest(result[1][0]) == contract_hash:
contract = json.loads(result[1][0], object_pairs_hook=OrderedDict)
# TODO: verify the guid in the contract matches this node's guid
signature = contract["vendor_offer"]["signatures"]["guid"]
pubkey = node_to_ask.signed_pubkey[64:]
verify_obj = json.dumps(contract["vendor_offer"]["listing"], indent=4)
verify_key = nacl.signing.VerifyKey(pubkey)
verify_key.verify(verify_obj, base64.b64decode(signature))
bitcoin_key = contract["vendor_offer"]["listing"]["id"]["pubkeys"]["bitcoin"]
bitcoin_sig = contract["vendor_offer"]["signatures"]["bitcoin"]
valid = bitcoin.ecdsa_raw_verify(verify_obj, bitcoin.decode_sig(bitcoin_sig), bitcoin_key)
if not valid:
raise Exception("Invalid Bitcoin signature")
if "moderators" in contract["vendor_offer"]["listing"]:
for moderator in contract["vendor_offer"]["listing"]["moderators"]:
guid = moderator["guid"]
guid_key = moderator["pubkeys"]["signing"]["key"]
guid_sig = base64.b64decode(moderator["pubkeys"]["signing"]["signature"])
enc_key = moderator["pubkeys"]["encryption"]["key"]
enc_sig = base64.b64decode(moderator["pubkeys"]["encryption"]["signature"])
bitcoin_key = moderator["pubkeys"]["bitcoin"]["key"]
bitcoin_sig = base64.b64decode(moderator["pubkeys"]["bitcoin"]["signature"])
h = nacl.hash.sha512(guid_sig + unhexlify(guid_key))
pow_hash = h[64:128]
if int(pow_hash[:6], 16) >= 50 or guid != h[:40]:
raise Exception('Invalid GUID')
verify_key = nacl.signing.VerifyKey(guid_key, encoder=nacl.encoding.HexEncoder)
verify_key.verify(unhexlify(guid_key), guid_sig)
verify_key.verify(unhexlify(enc_key), enc_sig)
verify_key.verify(unhexlify(bitcoin_key), bitcoin_sig)
#TODO: should probably also validate the handle here.
self.cache(result[1][0])
if "image_hashes" in contract["vendor_offer"]["listing"]["item"]:
for image_hash in contract["vendor_offer"]["listing"]["item"]["image_hashes"]:
self.get_image(node_to_ask, unhexlify(image_hash))
return contract
else:
return None
except Exception:
return None
def get_result(result):
try:
if result[0] and digest(result[1][0]) == contract_hash:
contract = json.loads(result[1][0],
object_pairs_hook=OrderedDict)
# TODO: verify the guid in the contract matches this node's guid
signature = contract["vendor_offer"]["signatures"]["guid"]
pubkey = node_to_ask.signed_pubkey[64:]
verify_obj = json.dumps(
contract["vendor_offer"]["listing"], indent=4)
verify_key = nacl.signing.VerifyKey(pubkey)
verify_key.verify(verify_obj, base64.b64decode(signature))
bitcoin_key = contract["vendor_offer"]["listing"]["id"][
"pubkeys"]["bitcoin"]
bitcoin_sig = contract["vendor_offer"]["signatures"][
"bitcoin"]
valid = bitcoin.ecdsa_raw_verify(
verify_obj, bitcoin.decode_sig(bitcoin_sig),
bitcoin_key)
if not valid:
raise Exception("Invalid Bitcoin signature")
if "moderators" in contract["vendor_offer"]["listing"]:
for moderator in contract["vendor_offer"]["listing"][
"moderators"]:
guid = moderator["guid"]
guid_key = moderator["pubkeys"]["signing"]["key"]
guid_sig = base64.b64decode(
moderator["pubkeys"]["signing"]["signature"])
enc_key = moderator["pubkeys"]["encryption"]["key"]
enc_sig = base64.b64decode(
moderator["pubkeys"]["encryption"]
["signature"])
bitcoin_key = moderator["pubkeys"]["bitcoin"][
"key"]
bitcoin_sig = base64.b64decode(
moderator["pubkeys"]["bitcoin"]["signature"])
h = nacl.hash.sha512(guid_sig +
unhexlify(guid_key))
pow_hash = h[64:128]
if int(pow_hash[:6], 16) >= 50 or guid != h[:40]:
raise Exception('Invalid GUID')
verify_key = nacl.signing.VerifyKey(
guid_key, encoder=nacl.encoding.HexEncoder)
verify_key.verify(unhexlify(guid_key), guid_sig)
verify_key.verify(unhexlify(enc_key), enc_sig)
verify_key.verify(unhexlify(bitcoin_key),
bitcoin_sig)
#TODO: should probably also validate the handle here.
self.cache(result[1][0])
if "image_hashes" in contract["vendor_offer"]["listing"][
"item"]:
for image_hash in contract["vendor_offer"]["listing"][
"item"]["image_hashes"]:
self.get_image(node_to_ask, unhexlify(image_hash))
return contract
else:
return None
except Exception:
return None
