def test_hex_smessage_with_detached_sig_matches_with_attached_sig(self):
sk = SigningKey.generate()
vk = sk.verify_key
smsg = sk.sign(b"Hello World in hex", encoder=HexEncoder)
msg = smsg.message
hexsig = smsg.signature
sig = HexEncoder.decode(hexsig)
assert vk.verify(msg, sig, encoder=HexEncoder) == \
vk.verify(smsg, encoder=HexEncoder)
assert HexEncoder.decode(msg) == b"Hello World in hex"
def test_hex_smessage_with_detached_sig_matches_with_attached_sig(self):
sk = SigningKey.generate()
vk = sk.verify_key
smsg = sk.sign(b"Hello World in hex", encoder=HexEncoder)
msg = smsg.message
hexsig = smsg.signature
sig = HexEncoder.decode(hexsig)
assert vk.verify(msg, sig, encoder=HexEncoder) == \
vk.verify(smsg, encoder=HexEncoder)
assert HexEncoder.decode(msg) == b"Hello World in hex"
def validate_transaction(tx: dict) -> bool:
"""
Verifies that a given transaction was sent from the sender
:param tx: The transaction dict
:return: <bool>
"""
public_key = tx["sender"]
# We need to strip the "signature" key from the tx
signature = tx.pop("signature")
signature_bytes = HexEncoder.decode(signature)
tx_bytes = json.dumps(tx, sort_keys=True).encode("ascii")
# Generate a verifying key from the public key
verify_key = VerifyKey(public_key, encoder=HexEncoder)
# Attempt to verify the signature
try:
verify_key.verify(tx_bytes, signature_bytes)
except BadSignatureError:
return False
else:
return True
def generate_serval_keys(name):
node_hash = HexEncoder.decode(nacl.hash.sha256(name.encode("utf-8")))
sign_pk, sign_sk = crypto_sign_seed_keypair(node_hash)
box_sk = crypto_sign_ed25519_sk_to_curve25519(sign_sk)
box_pk = crypto_scalarmult_base(box_sk)
rhiz_pk = HexEncoder.decode(nacl.hash.sha256(("rhizome"+name).encode("utf-8")))
keys = {
"sign_pk": HexEncoder.encode(sign_pk).decode("ascii").upper(),
"box_sk": HexEncoder.encode( box_sk).decode("ascii").upper(),
"sign_sk": HexEncoder.encode(sign_sk).decode("ascii").upper(),
"box_pk": HexEncoder.encode( box_pk).decode("ascii").upper(),
"sid": HexEncoder.encode( box_pk).decode("ascii").upper(),
"rhiz_pk": HexEncoder.encode(rhiz_pk).decode("ascii").upper(),
}
return keys
def test_valid_signed_message(self, _seed, public_key, message, signature,
signed):
key = VerifyKey(
public_key,
encoder=HexEncoder,
)
assert (binascii.hexlify(key.verify(signed,
encoder=HexEncoder), ) == message)
assert (binascii.hexlify(
key.verify(message,
HexEncoder.decode(signature),
encoder=HexEncoder), ) == message)
def __init__(self, seed=None):
if seed is None:
seed = nacl.utils.random(nacl.secret.SecretBox.KEY_SIZE)
else:
seed = HexEncoder.decode(seed)
public_key, secret_key = nacl.bindings.crypto_sign_seed_keypair(seed)
self._public_key = HexEncoder.encode(public_key).decode()
self._private_key = HexEncoder.encode(secret_key).decode()
self._seed = HexEncoder.encode(seed).decode()
self._signature_redeem = Protocol.public_key_to_signature_redeem(
self._public_key)
self._program_hash = Protocol.hex_string_to_program_hash(
self._signature_redeem)
def test_valid_signed_message(
self, _seed, public_key, message, signature, signed):
key = VerifyKey(
public_key,
encoder=HexEncoder,
)
assert binascii.hexlify(
key.verify(signed, encoder=HexEncoder),
) == message
assert binascii.hexlify(
key.verify(message, HexEncoder.decode(signature),
encoder=HexEncoder),
) == message
def verify_signature(msg, signature, verify_key):
# Encode the message to hex
msg_hex = HexEncoder.encode(msg)
# Decode signature to byte
signature_bytes = HexEncoder.decode(signature)
result = True
try:
verify_key.verify(msg_hex, signature_bytes, encoder=HexEncoder)
except BadSignatureError:
result = False
pass
return result
def read_config() -> Config:
config = Config()
try:
with open(CONFIG_FILENAME) as f:
obj = toml.load(f)
def read(key: str, t: Type[T]) -> Optional[T]:
ret = obj.get(key)
return ret if isinstance(ret, t) else None
temp = read("server_public_key", str)
if temp:
config.server_verify_key = VerifyKey(HexEncoder.decode(temp))
temp = read("secret_key", str)
if temp:
config.signing_key = SigningKey(HexEncoder.decode(temp))
config.initial_setup_nickname = read("initial_setup_nickname", str)
config.server_address = read("server_address", str)
except FileNotFoundError:
pass
except Exception:
print(f"Malformed configuration file {CONFIG_FILENAME}.\n")
raise
return config
def validate_signature(chain: str, web3, user_id: int, associated_wallet: str,
signature: str):
if chain == "eth":
signed_wallet = recover_user_id_hash(web3, user_id, signature)
return signed_wallet == associated_wallet
if chain == "sol":
try:
message = f"AudiusUserID:{user_id}"
verify_key = VerifyKey(
base58.b58decode(bytes(associated_wallet, "utf-8")))
# Verify raises an error if the message is tampered w/ else returns the original msg
verify_key.verify(str.encode(message),
HexEncoder.decode(signature))
return True
except Exception as e:
logger.error(
f"index.py | users.py | Verifying SPL validation signature for user_id {user_id} {e}",
exc_info=True,
)
return False
return False
def check(sign, msg):
try:
verify.verify(msg, HexEncoder.decode(sign))
return True
except BadSignatureError:
return False
def fixPKOutput(output):
for ele in output:
ele['pubkey'] = HexEncoder.decode(ele['pubkey'])
return output
def fixPKInput(input):
for ele in input:
out = ele['output']
out['pubkey'] = HexEncoder.decode(out['pubkey'])
return input
def sign(self, message):
sig = nacl.bindings.crypto_sign(message,
HexEncoder.decode(self._private_key))
return sig[:64] # length > 64, so cut 64