def test_signature():
bob = get_ecc(b'secret2')
# sign
message = crypto.sha3(b"Hello Alice")
signature = bob.sign(message)
# verify signature
assert crypto.verify(bob.raw_pubkey, signature, message) is True
assert crypto.ECCx(raw_pubkey=bob.raw_pubkey).verify(signature, message) is True
# wrong signature
message = crypto.sha3(b"Hello Alicf")
assert crypto.ECCx(raw_pubkey=bob.raw_pubkey).verify(signature, message) is False
assert crypto.verify(bob.raw_pubkey, signature, message) is False
def test_signature():
bob = get_ecc('secret2')
# sign
message = "Hello Alice"
signature = bob.sign(message)
# verify signature
assert crypto.verify(bob.raw_pubkey, signature, message) is True
assert crypto.ECCx(raw_pubkey=bob.raw_pubkey).verify(signature, message) is True
# wrong signature
message = "Hello Alicf"
assert crypto.ECCx(raw_pubkey=bob.raw_pubkey).verify(signature, message) is False
assert crypto.verify(bob.raw_pubkey, signature, message) is False
def unpack(self, message):
"""
macSize = 256 / 8 = 32
sigSize = 520 / 8 = 65
headSize = macSize + sigSize = 97
hash, sig, sigdata := buf[:macSize], buf[macSize:headSize], buf[headSize:]
shouldhash := crypto.Sha3(buf[macSize:])
"""
mdc = message[:32]
assert mdc == crypto.sha3(message[32:])
signature = message[32:97]
assert len(signature) == 65
signed_data = crypto.sha3(message[97:])
remote_pubkey = crypto.ecdsa_recover(signed_data, signature)
assert len(remote_pubkey) == 512 / 8
if not crypto.verify(remote_pubkey, signature, signed_data):
raise InvalidSignature()
cmd_id = self.decoders['cmd_id'](message[97])
assert cmd_id in self.cmd_id_map.values()
payload = rlp.decode(message[98:])
assert isinstance(payload, list)
expiration = self.decoders['expiration'](payload.pop())
if time.time() > expiration:
raise PacketExpired()
return remote_pubkey, cmd_id, payload, mdc
def unpack(self, message):
"""
macSize = 256 / 8 = 32
sigSize = 520 / 8 = 65
headSize = macSize + sigSize = 97
hash, sig, sigdata := buf[:macSize], buf[macSize:headSize], buf[headSize:]
shouldhash := crypto.Sha3(buf[macSize:])
"""
mdc = message[:32]
if mdc != crypto.sha3(message[32:]):
log.warn('packet with wrong mcd')
raise WrongMAC()
signature = message[32:97]
assert len(signature) == 65
signed_data = crypto.sha3(message[97:])
remote_pubkey = crypto.ecdsa_recover(signed_data, signature)
assert len(remote_pubkey) == 512 / 8
if not crypto.verify(remote_pubkey, signature, signed_data):
raise InvalidSignature()
cmd_id = self.decoders['cmd_id'](message[97])
assert cmd_id in self.cmd_id_map.values()
payload = rlp.decode(message[98:])
assert isinstance(payload, list)
expiration = self.decoders['expiration'](payload.pop())
if time.time() > expiration:
raise PacketExpired()
return remote_pubkey, cmd_id, payload, mdc
def test_recover():
alice = get_ecc(b'secret1')
message = crypto.sha3(b'hello bob')
signature = alice.sign(message)
assert len(signature) == 65
assert crypto.verify(alice.raw_pubkey, signature, message) is True
recovered_pubkey = crypto.ecdsa_recover(message, signature)
assert len(recovered_pubkey) == 64
assert alice.raw_pubkey == recovered_pubkey
def test_recover():
alice = get_ecc('secret1')
message = 'hello bob'
signature = alice.sign(message)
assert len(signature) == 65
assert crypto.verify(alice.raw_pubkey, signature, message) is True
recovered_pubkey = crypto.ecdsa_recover(message, signature)
assert len(recovered_pubkey) == 64
assert alice.raw_pubkey == recovered_pubkey
def pack(self, cmd_id, payload):
"""
UDP packets are structured as follows:
hash || signature || packet-type || packet-data
packet-type: single byte < 2**7 // valid values are [1,4]
packet-data: RLP encoded list. Packet properties are serialized in the order in
which they're defined. See packet-data below.
Offset |
0 | MDC | Ensures integrity of packet,
65 | signature | Ensures authenticity of sender, `SIGN(sender-privkey, MDC)`
97 | type | Single byte in range [1, 4] that determines the structure of Data
98 | data | RLP encoded, see section Packet Data
The packets are signed and authenticated. The sender's Node ID is determined by
recovering the public key from the signature.
sender-pubkey = ECRECOVER(Signature)
The integrity of the packet can then be verified by computing the
expected MDC of the packet as:
MDC = SHA3(sender-pubkey || type || data)
As an optimization, implementations may look up the public key by
the UDP sending address and compute MDC before recovering the sender ID.
If the MDC values do not match, the packet can be dropped.
"""
assert cmd_id in self.cmd_id_map.values()
assert isinstance(payload, list)
cmd_id = self.encoders['cmd_id'](cmd_id)
expiration = self.encoders['expiration'](int(time.time() +
self.expiration))
encoded_data = rlp.encode(payload + [expiration])
# print rlp.decode(encoded_data)
signed_data = crypto.sha3(cmd_id + encoded_data)
signature = crypto.sign(signed_data, self.privkey)
assert crypto.verify(self.pubkey, signature, signed_data)
# assert self.pubkey == crypto.ecdsa_recover(signed_data, signature)
# assert crypto.verify(self.pubkey, signature, signed_data)
assert len(signature) == 65
mdc = crypto.sha3(signature + cmd_id + encoded_data)
assert len(mdc) == 32
# print dict(mdc=mdc.encode('hex'), signature=signature.encode('hex'),
# data=str(cmd_id + encoded_data).encode('hex'))
return mdc + signature + cmd_id + encoded_data
