def test_msg_signing(self):
msg1 = b'Chancellor on brink of second bailout for banks'
msg2 = b'Electrum'
def sign_message_with_wif_privkey(wif_privkey, msg):
txin_type, privkey, compressed = deserialize_privkey(wif_privkey)
key = ecc.ECPrivkey(privkey)
return key.sign_message(msg, compressed)
sig1 = sign_message_with_wif_privkey(
'p2pkh:7vDWwB83SqxMK27mev4bWpGEx464CcsQXTmggVar8EitECD4mx2P', msg1)
addr1 = 'GaiL5FUg6v7CSYugqpDaasvL8MWedqXoCT'
sig2 = sign_message_with_wif_privkey(
'p2pkh:7v1CzrPtqMLa9gdTi9gdnJD8xnqzppQR2RJa9MKzuEZ8APws4YK7', msg2)
addr2 = 'GL9hiUJP7JrqGLqtDPGuGuTBxQ7cHuhYpL'
sig1_b64 = base64.b64encode(sig1)
sig2_b64 = base64.b64encode(sig2)
self.assertEqual(
sig1_b64,
b'H728/TD0FJDC5GwYunKROiRe7uaUqUwwNq9GQhpXMVpgeLLiJ5NhluKNYXqqCFfVmfyhkGsM/ROmbi6lRTrH8ac='
)
self.assertEqual(
sig2_b64,
b'H9uiJF8QvlAqVSG8mE4+nm4qVP8+pgrmNmOLctBtj98QABHiLCgoDk76jn1z21yp7E61O1mtHToUXx05NNZHjx8='
)
self.assertTrue(ecc.verify_message_with_address(addr1, sig1, msg1))
self.assertTrue(ecc.verify_message_with_address(addr2, sig2, msg2))
self.assertFalse(ecc.verify_message_with_address(
addr1, b'wrong', msg1))
self.assertFalse(ecc.verify_message_with_address(addr1, sig2, msg1))
async def get_update_info(self):
async with make_aiohttp_session(
proxy=self.main_window.network.proxy) as session:
async with session.get(UpdateCheck.url) as result:
signed_version_dict = await result.json(content_type=None)
# example signed_version_dict:
# {
# "version": "3.9.9",
# "signatures": {
# "1Lqm1HphuhxKZQEawzPse8gJtgjm9kUKT4": "IA+2QG3xPRn4HAIFdpu9eeaCYC7S5wS/sDxn54LJx6BdUTBpse3ibtfq8C43M7M1VfpGkD5tsdwl5C6IfpZD/gQ="
# }
# }
version_num = signed_version_dict['version']
sigs = signed_version_dict['signatures']
for address, sig in sigs.items():
if address not in UpdateCheck.VERSION_ANNOUNCEMENT_SIGNING_KEYS:
continue
sig = base64.b64decode(sig)
msg = version_num.encode('utf-8')
if ecc.verify_message_with_address(
address=address,
sig65=sig,
message=msg,
net=constants.BitcoinMainnet):
self.logger.info(
f"valid sig for version announcement '{version_num}' from address '{address}'"
)
break
else:
raise Exception(
'no valid signature for version announcement')
return StrictVersion(version_num.strip())
def test_create_and_sign(self):
collateral_pub = '02a6eeee0b2ec1bea855d555f8a5c78cb4854fb95d7034d1f0150d69965f8eb866' # GLosAyGUGzvqT4fxpzFCosY8f6ZZdQyXJt
masternode_pubkey = '03b9c1d8b9d76ee0ff1247d6e36c1b34399c61fa168e65f83ea4c73b5c34e629ce' # GaToqaVr9GDZEUQ8xdxNXesFoiMUntNbSw
protocol_version = 70914
ip = '0.0.0.0'
port = 9333
addr = NetworkAddress(ip+':'+str(port))
vin = {'prevout_hash': '00'*32, 'prevout_n': 0, 'scriptSig': '', 'sequence':0xffffffff}
last_ping = MasternodePing(vin=vin, block_hash='ff'*32)
announce = MasternodeAnnounce(vin=vin, addr=addr, collateral_key=collateral_pub, masternode_pubkey=masternode_pubkey,
protocol_version=protocol_version, last_ping=last_ping)
collateral_wif = 'p2pkh:7usrUZignVHMLXbUTBTViYwKFhCu2T37DPsJSX5YPzmbKcmgBJev'
masternode_wif = '7sqv1jqC6vbysyLZr2CeECoGa2syaf2T5RRTQGWcRAsN3Ez9RR9h'
announce.last_ping.sign(masternode_wif, 1461858375)
sig = announce.sign(collateral_wif, 1461858375)
address = 'GLosAyGUGzvqT4fxpzFCosY8f6ZZdQyXJt'
self.assertTrue(announce.verify(address))
self.assertTrue(ecc.verify_message_with_address
(address, sig, announce.serialize_for_sig()))
def test_sign(self):
vin = {'prevout_hash': '00'*32, 'prevout_n': 0, 'scriptSig': '', 'sequence':0xffffffff}
block_hash = 'ff'*32
current_time = 1461858375
ping = MasternodePing(vin=vin, block_hash=block_hash, sig_time=current_time)
expected_sig = 'H6RJ/CNWtTgLEyHO4W+FY0NtKESt0tpg3kwG9aZJatWPVauwhYq7RfW01+4Ny6NlRJpE5i6ywgA9Ry3XC31BAXs='
wif = '7sqv1jqC6vbysyLZr2CeECoGa2syaf2T5RRTQGWcRAsN3Ez9RR9h'
sig = ping.sign(wif, current_time = current_time)
address = bitcoin.address_from_private_key('p2pkh:'+wif)
self.assertTrue(ecc.verify_message_with_address
(address, sig, ping.serialize_for_sig()))
self.assertEqual(expected_sig, base64.b64encode(sig).decode('utf-8'))
def sign_message(self, sequence, message, password):
sig = None
try:
message = message.encode('utf8')
inputPath = self.get_derivation() + "/%d/%d" % sequence
msg_hash = sha256d(msg_magic(message))
inputHash = to_hexstr(msg_hash)
hasharray = []
hasharray.append({'hash': inputHash, 'keypath': inputPath})
hasharray = json.dumps(hasharray)
msg = ('{"sign":{"meta":"sign message", "data":%s}}' %
hasharray).encode('utf8')
dbb_client = self.plugin.get_client(self)
if not dbb_client.is_paired():
raise Exception(_("Could not sign message."))
reply = dbb_client.hid_send_encrypt(msg)
self.handler.show_message(
_("Signing message ...") + "\n\n" +
_("To continue, touch the Digital Bitbox's blinking light for 3 seconds."
) + "\n\n" +
_("To cancel, briefly touch the blinking light or wait for the timeout."
))
reply = dbb_client.hid_send_encrypt(
msg
) # Send twice, first returns an echo for smart verification (not implemented)
self.handler.finished()
if 'error' in reply:
raise Exception(reply['error']['message'])
if 'sign' not in reply:
raise Exception(_("Could not sign message."))
if 'recid' in reply['sign'][0]:
# firmware > v2.1.1
sig_string = binascii.unhexlify(reply['sign'][0]['sig'])
recid = int(reply['sign'][0]['recid'], 16)
sig = ecc.construct_sig65(sig_string, recid, True)
pubkey, compressed = ecc.ECPubkey.from_signature65(
sig, msg_hash)
addr = public_key_to_p2pkh(
pubkey.get_public_key_bytes(compressed=compressed))
if ecc.verify_message_with_address(addr, sig,
message) is False:
raise Exception(_("Could not sign message"))
elif 'pubkey' in reply['sign'][0]:
# firmware <= v2.1.1
for recid in range(4):
sig_string = binascii.unhexlify(reply['sign'][0]['sig'])
sig = ecc.construct_sig65(sig_string, recid, True)
try:
addr = public_key_to_p2pkh(
binascii.unhexlify(reply['sign'][0]['pubkey']))
if ecc.verify_message_with_address(addr, sig, message):
break
except Exception:
continue
else:
raise Exception(_("Could not sign message"))
except BaseException as e:
self.give_error(e)
return sig