def verifyData(self, data):
# verify hash
msg_hash = data[:32]
if msg_hash != keccak256(data[32:]):
print " First 32 bytes are not keccak256 hash of the rest."
return
else:
print " Verified message hash."
# verify signature
signature = data[32:97]
signed_data = data[97:]
deserialized_sig = self.priv_key.ecdsa_recoverable_deserialize(signature[:64], ord(signature[64]))
remote_pubkey = self.priv_key.ecdsa_recover(keccak256(signed_data), deserialized_sig, raw = True)
pub = PublicKey()
pub.public_key = remote_pubkey
verified = pub.ecdsa_verify(keccak256(signed_data),
pub.ecdsa_recoverable_convert(deserialized_sig),
raw = True)
if not verified:
print " Signature invalid"
return False
else:
print " Verified signature."
return True
def handlePacket(self, data, addr):
# print("received message[" + str(addr) + "]")
msg_hash = data[:32] # 32 Byte Hash
raw_sig = data[32:97] # 64 Byte + 1 Byte Signature
ptype = data[97] # 1 Byte packet_type
pdata = data[98:] # Rest is rlp-encoded data
decdata = rlp.decode(pdata)
signedData = data[97:]
# Verify hash
if msg_hash != keccak256(data[32:]):
print("Invalid message hash!")
exit(0)
# Verify signature
deserialized_sig = self.priv_key.ecdsa_recoverable_deserialize(
raw_sig[:64], raw_sig[64])
remote_pubkey = self.priv_key.ecdsa_recover(keccak256(signedData),
deserialized_sig,
raw=True)
pub = PublicKey()
pub.public_key = remote_pubkey
verified = pub.ecdsa_verify(
keccak256(signedData),
pub.ecdsa_recoverable_convert(deserialized_sig),
raw=True)
if not verified:
print("Signature invalid!")
exit(0)
else:
print("Public Key: " + pub.serialize().hex())
packet_type = bytes([ptype])
if packet_type == PingPacket.packet_type:
print("Got ping.")
recv_ping = PingPacket.unpack(rlp.decode(pdata))
print(str(recv_ping))
# self.pong(msg_hash, recv_ping.To())
# TODO: Find out the correct endpoint
self.pong(self.theirEndpoint, msg_hash)
if packet_type == PongPacket.packet_type:
print("Got pong.")
recv_pong = PongPacket.unpack(decdata)
print(str(recv_pong))
# self.ping(self.theirEndpoint)
if packet_type == FindNodePacket.packet_type:
print("Got FindNodePacket.")
recv_findnode = FindNodePacket.unpack(rlp.decode(pdata))
target = recv_findnode.target
print("Target: " + str(target.hex()))
self.neighbors(self.theirEndpoint, target)
if packet_type == NeighborsPacket.packet_type:
print("Got NeighborsPacket.")
recv_neighbors = NeighborsPacket.unpack(rlp.decode(pdata))
print("# Neighbors: " + str(len(recv_neighbors.neighbors)))
def ecdsa_verify(pubkey, signature, message):
assert len(signature) == 65
assert len(pubkey) == 64
pk = PublicKey('\04' + pubkey, raw=True, ctx=ctx)
return pk.ecdsa_verify(message,
pk.ecdsa_recoverable_convert(
pk.ecdsa_recoverable_deserialize(
signature[:64], ord(signature[64]))),
raw=True)
def ecdsa_compact_verify(self, msg32, sign, pub):
# Check if pubkey has been bin_electrum encoded.
# If so, append \04 to the front of the key, to make sure the length is 65
if len(pub) == 64:
pub = '\04'+pub
pub_k = PublicKey().deserialize(pub)
pub_key = PublicKey(pub_k, raw=False, flags=secp256k1.ALL_FLAGS)
der_sig = pub_key.ecdsa_recoverable_deserialize(sign[0], sign[1])
raw_sig = pub_key.ecdsa_recoverable_convert(der_sig)
return pub_key.ecdsa_verify(msg32, raw_sig, raw=True)
def receive(self, data, addr):
"""
macSize = 256 / 8 = 32
sigSize = 520 / 8 = 65
headSize = macSize + sigSize = 97
hash, sig, sigdata := buf[:macSize], buf[macSize:headSize], buf[headSize:]
shouldhash := crypto.Sha3(buf[macSize:])
"""
# verify hash
msg_hash = data[:32]
if msg_hash != keccak256(data[32:]):
print " First 32 bytes are not keccak256 hash of the rest."
return
else:
print " Verified message hash."
# verify signature
signature = data[32:97]
signed_data = data[97:]
deserialized_sig = self.priv_key.ecdsa_recoverable_deserialize(signature[:64],
ord(signature[64]))
remote_pubkey = self.priv_key.ecdsa_recover(keccak256(signed_data),
deserialized_sig,
raw=True)
pub = PublicKey()
pub.public_key = remote_pubkey
verified = pub.ecdsa_verify(keccak256(signed_data),
pub.ecdsa_recoverable_convert(deserialized_sig),
raw=True)
if not verified:
print " Signature invalid"
return
else:
print " Verified signature."
response_types = {
PingNode.packet_type: self.receive_ping,
Pong.packet_type: self.receive_pong,
FindNeighbors.packet_type: self.receive_find_neighbors,
Neighbors.packet_type: self.receive_neighbors
}
try:
packet_type = data[97]
dispatch = response_types[packet_type]
except KeyError:
print " Unknown message type: " + data[97]
return
payload = data[98:]
dispatch(payload, msg_hash, addr)
def receive(self):
print "listening..."
data, addr = self.sock.recvfrom(1024)
print "received message[", addr, "]"
## verify hash
msg_hash = data[:32]
if msg_hash != keccak256(data[32:]):
print " First 32 bytes are not keccak256 hash of the rest."
return
else:
print " Verified message hash."
## verify signature
signature = data[32:97]
signed_data = data[97:]
deserialized_sig = self.priv_key.ecdsa_recoverable_deserialize(
signature[:64], ord(signature[64]))
remote_pubkey = self.priv_key.ecdsa_recover(keccak256(signed_data),
deserialized_sig,
raw=True)
pub = PublicKey()
pub.public_key = remote_pubkey
verified = pub.ecdsa_verify(
keccak256(signed_data),
pub.ecdsa_recoverable_convert(deserialized_sig),
raw=True)
if not verified:
print " Signature invalid"
return
else:
print " Verified signature."
response_types = {
PingNode.packet_type: self.receive_ping,
Pong.packet_type: self.receive_pong
}
try:
packet_type = data[97]
dispatch = response_types[packet_type]
except KeyError:
print " Unknown message type: " + data[97]
return
payload = data[98:]
dispatch(payload)
def receive(self, data, addr):
"""
macSize = 256 / 8 = 32
sigSize = 520 / 8 = 65
headSize = macSize + sigSize = 97
hash, sig, sigdata := buf[:macSize], buf[macSize:headSize], buf[headSize:]
shouldhash := crypto.Sha3(buf[macSize:])
"""
# verify hash
msg_hash = data[:32]
assert msg_hash == keccak256(
data[32:]), "First 32 bytes are not keccak256 hash of the rest"
# verify signature
signature = data[32:97]
signed_data = data[97:]
deserialized_sig = self.priv_key.ecdsa_recoverable_deserialize(
signature[:64], ord(signature[64]))
remote_pubkey = self.priv_key.ecdsa_recover(keccak256(signed_data),
deserialized_sig,
raw=True)
pub = PublicKey()
pub.public_key = remote_pubkey
verified = pub.ecdsa_verify(
keccak256(signed_data),
pub.ecdsa_recoverable_convert(deserialized_sig),
raw=True)
assert verified, "Signature invalid"
pubkey = pubkey_format(pub)[1:]
hex_id = binascii.hexlify(keccak256(pubkey))
packet_type = data[97]
payload = rlp.decode(data[98:])
if packet_type == PingNode.packet_type:
# fake ip in packet
payload[1][0] = addr[0]
ping = PingNode.unpack(payload)
if expired(ping):
return
self.receive_ping(addr, pubkey, ping, msg_hash)
elif packet_type == Pong.packet_type:
pong = Pong.unpack(payload)
if expired(pong):
return
self.receive_pong(addr, pubkey, pong)
elif packet_type == FindNeighbors.packet_type:
fn = FindNeighbors.unpack(payload)
if expired(fn):
return
self.receive_find_neighbors(addr, pubkey, fn)
elif packet_type == Neighbors.packet_type:
neighbours = Neighbors.unpack(payload)
if expired(neighbours):
return
self.receive_neighbors(addr, pubkey, neighbours)
else:
assert False, " Unknown message type: {}".format(packet_type)