def test_msg_signing(self):
msg1 = b'Chancellor on brink of second bailout for banks'
msg2 = b'Electrum'
def sign_message_with_wif_privkey(wif_privkey, msg):
txin_type, privkey, compressed = deserialize_privkey(wif_privkey)
key = ecc.ECPrivkey(privkey)
return key.sign_message(msg, compressed)
sig1 = sign_message_with_wif_privkey(
'XFXhvJNxgFoHR8W57qCrRzokud8JVot7XHoF92w1cZe5Bh55unMK', msg1)
addr1 = 'XfP5HuY7jKkMAhwej7yLKZ1K2VGuPwGCye'
sig2 = sign_message_with_wif_privkey(
'7qhMUpAsBF7hLzFd44Xq49AJF5nRjmkStUvwQUJx1szezCkAb7s', msg2)
addr2 = 'Xr58KiC2RvNN83LZExCoszE6mpAudBqQwK'
sig1_b64 = base64.b64encode(sig1)
sig2_b64 = base64.b64encode(sig2)
self.assertEqual(sig1_b64, b'Hziq9TTbuJcXyg3BC7kkUqxTOqYjHJLix6lTi5cum4plBFq7BwJvCqAba9yD6K/2OKpu9ZuLAktzqaAPzvsdEa0=')
self.assertEqual(sig2_b64, b'G3G4u7v0VYtbNRxGJ+elKL0udQGIGby47677kKwyaw+xE2Z0xeZnQBSBDpR3Ekr+ycHlCPE3FHSZRN+vL8Nl/x4=')
self.assertTrue(ecc.verify_message_with_address(addr1, sig1, msg1))
self.assertTrue(ecc.verify_message_with_address(addr2, sig2, msg2))
self.assertFalse(ecc.verify_message_with_address(addr1, b'wrong', msg1))
self.assertFalse(ecc.verify_message_with_address(addr1, sig2, msg1))
def test_msg_signing(self):
msg1 = b'Chancellor on brink of second bailout for banks'
msg2 = b'Electrum'
def sign_message_with_wif_privkey(wif_privkey, msg):
txin_type, privkey, compressed = deserialize_privkey(wif_privkey)
key = ecc.ECPrivkey(privkey)
return key.sign_message(msg, compressed)
sig1 = sign_message_with_wif_privkey(
'XFXhvJNxgFoHR8W57qCrRzokud8JVot7XHoF92w1cZe5Bh55unMK', msg1)
addr1 = 'XfP5HuY7jKkMAhwej7yLKZ1K2VGuPwGCye'
sig2 = sign_message_with_wif_privkey(
'7qhMUpAsBF7hLzFd44Xq49AJF5nRjmkStUvwQUJx1szezCkAb7s', msg2)
addr2 = 'Xr58KiC2RvNN83LZExCoszE6mpAudBqQwK'
sig1_b64 = base64.b64encode(sig1)
sig2_b64 = base64.b64encode(sig2)
self.assertEqual(
sig1_b64,
b'Hziq9TTbuJcXyg3BC7kkUqxTOqYjHJLix6lTi5cum4plBFq7BwJvCqAba9yD6K/2OKpu9ZuLAktzqaAPzvsdEa0='
)
self.assertEqual(
sig2_b64,
b'G3G4u7v0VYtbNRxGJ+elKL0udQGIGby47677kKwyaw+xE2Z0xeZnQBSBDpR3Ekr+ycHlCPE3FHSZRN+vL8Nl/x4='
)
self.assertTrue(ecc.verify_message_with_address(addr1, sig1, msg1))
self.assertTrue(ecc.verify_message_with_address(addr2, sig2, msg2))
self.assertFalse(ecc.verify_message_with_address(
addr1, b'wrong', msg1))
self.assertFalse(ecc.verify_message_with_address(addr1, sig2, msg1))
def sign_message(self, sequence, message, password):
sig = None
try:
message = message.encode('utf8')
inputPath = self.get_derivation() + "/%d/%d" % sequence
msg_hash = Hash(msg_magic(message))
inputHash = to_hexstr(msg_hash)
hasharray = []
hasharray.append({'hash': inputHash, 'keypath': inputPath})
hasharray = json.dumps(hasharray)
msg = ('{"sign":{"meta":"sign message", "data":%s}}' % hasharray).encode('utf8')
dbb_client = self.plugin.get_client(self)
if not dbb_client.is_paired():
raise Exception(_("Could not sign message."))
reply = dbb_client.hid_send_encrypt(msg)
self.handler.show_message(_("Signing message ...") + "\n\n" +
_("To continue, touch the Digital Bitbox's blinking light for 3 seconds.") + "\n\n" +
_("To cancel, briefly touch the blinking light or wait for the timeout."))
reply = dbb_client.hid_send_encrypt(msg) # Send twice, first returns an echo for smart verification (not implemented)
self.handler.finished()
if 'error' in reply:
raise Exception(reply['error']['message'])
if 'sign' not in reply:
raise Exception(_("Could not sign message."))
if 'recid' in reply['sign'][0]:
# firmware > v2.1.1
sig_string = binascii.unhexlify(reply['sign'][0]['sig'])
recid = int(reply['sign'][0]['recid'], 16)
sig = ecc.construct_sig65(sig_string, recid, True)
pubkey, compressed = ecc.ECPubkey.from_signature65(sig, msg_hash)
addr = public_key_to_p2pkh(pubkey.get_public_key_bytes(compressed=compressed))
if ecc.verify_message_with_address(addr, sig, message) is False:
raise Exception(_("Could not sign message"))
elif 'pubkey' in reply['sign'][0]:
# firmware <= v2.1.1
for recid in range(4):
sig_string = binascii.unhexlify(reply['sign'][0]['sig'])
sig = ecc.construct_sig65(sig_string, recid, True)
try:
addr = public_key_to_p2pkh(binascii.unhexlify(reply['sign'][0]['pubkey']))
if ecc.verify_message_with_address(addr, sig, message):
break
except Exception:
continue
else:
raise Exception(_("Could not sign message"))
except BaseException as e:
self.give_error(e)
return sig
def sign_message(self, sequence, message, password):
sig = None
try:
message = message.encode('utf8')
inputPath = self.get_derivation() + "/%d/%d" % sequence
msg_hash = sha256d(msg_magic(message))
inputHash = to_hexstr(msg_hash)
hasharray = []
hasharray.append({'hash': inputHash, 'keypath': inputPath})
hasharray = json.dumps(hasharray)
msg = ('{"sign":{"meta":"sign message", "data":%s}}' % hasharray).encode('utf8')
dbb_client = self.plugin.get_client(self)
if not dbb_client.is_paired():
raise Exception(_("Could not sign message."))
reply = dbb_client.hid_send_encrypt(msg)
self.handler.show_message(_("Signing message ...") + "\n\n" +
_("To continue, touch the Digital Bitbox's blinking light for 3 seconds.") + "\n\n" +
_("To cancel, briefly touch the blinking light or wait for the timeout."))
reply = dbb_client.hid_send_encrypt(msg) # Send twice, first returns an echo for smart verification (not implemented)
self.handler.finished()
if 'error' in reply:
raise Exception(reply['error']['message'])
if 'sign' not in reply:
raise Exception(_("Could not sign message."))
if 'recid' in reply['sign'][0]:
# firmware > v2.1.1
sig_string = binascii.unhexlify(reply['sign'][0]['sig'])
recid = int(reply['sign'][0]['recid'], 16)
sig = ecc.construct_sig65(sig_string, recid, True)
pubkey, compressed = ecc.ECPubkey.from_signature65(sig, msg_hash)
addr = public_key_to_p2pkh(pubkey.get_public_key_bytes(compressed=compressed))
if ecc.verify_message_with_address(addr, sig, message) is False:
raise Exception(_("Could not sign message"))
elif 'pubkey' in reply['sign'][0]:
# firmware <= v2.1.1
for recid in range(4):
sig_string = binascii.unhexlify(reply['sign'][0]['sig'])
sig = ecc.construct_sig65(sig_string, recid, True)
try:
addr = public_key_to_p2pkh(binascii.unhexlify(reply['sign'][0]['pubkey']))
if ecc.verify_message_with_address(addr, sig, message):
break
except Exception:
continue
else:
raise Exception(_("Could not sign message"))
except BaseException as e:
self.give_error(e)
return sig
async def get_update_info(self):
async with make_aiohttp_session(
proxy=self.main_window.network.proxy) as session:
async with session.get(UpdateCheck.url) as result:
signed_version_dict = await result.json(content_type=None)
# example signed_version_dict:
# {
# "version": "3.9.9",
# "signatures": {
# "1Lqm1HphuhxKZQEawzPse8gJtgjm9kUKT4": "IA+2QG3xPRn4HAIFdpu9eeaCYC7S5wS/sDxn54LJx6BdUTBpse3ibtfq8C43M7M1VfpGkD5tsdwl5C6IfpZD/gQ="
# }
# }
version_num = signed_version_dict['version']
sigs = signed_version_dict['signatures']
for address, sig in sigs.items():
if address not in UpdateCheck.VERSION_ANNOUNCEMENT_SIGNING_KEYS:
continue
sig = base64.b64decode(sig)
msg = version_num.encode('utf-8')
if ecc.verify_message_with_address(
address=address,
sig65=sig,
message=msg,
net=constants.BitcoinMainnet):
self.logger.info(
f"valid sig for version announcement '{version_num}' from address '{address}'"
)
break
else:
raise Exception(
'no valid signature for version announcement')
return StrictVersion(version_num.strip())
def test_create_and_sign(self):
collateral_pub = '038ae57bd0fa5b45640e771614ec571c7326a2266c78bb444f1971c85188411ba1' # XahPxwmCuKjPq69hzVxP18V1eASwDWbUrn
delegate_pub = '02526201c87c1b4630aabbd04572eec3e2545e442503e57e60880fafcc1f684dbc' # Xx2nSdhaT7c9SREKBPAgzpkhu518XFgkgh
protocol_version = 70103
ip = '0.0.0.0'
port = 20000
addr = NetworkAddress(ip=ip, port=port)
vin = {'prevout_hash': '00'*32, 'prevout_n': 0, 'scriptSig': '', 'sequence':0xffffffff}
last_ping = MasternodePing(vin=vin, block_hash='ff'*32)
announce = MasternodeAnnounce(vin=vin, addr=addr, collateral_key=collateral_pub, delegate_key=delegate_pub,
protocol_version=protocol_version, last_ping=last_ping)
collateral_wif = 'XJqCcyfnLYK4Y7ZDVjLrgPnsrq2cWMF6MX9cyhKgfMajwqrCwZaS'
delegate_wif = 'XCbhXBc2N9q8kxqBF41rSuLWVpVVbDm7P1oPv9GxcrS9QXYBWZkB'
announce.last_ping.sign(delegate_wif, bfh(delegate_pub), 1461858375)
sig = announce.sign(collateral_wif, 1461858375)
address = 'XahPxwmCuKjPq69hzVxP18V1eASwDWbUrn'
self.assertTrue(announce.verify(address))
self.assertTrue(ecc.verify_message_with_address
(address, sig, announce.serialize_for_sig()))
def test_create_and_sign(self):
collateral_pub = '038ae57bd0fa5b45640e771614ec571c7326a2266c78bb444f1971c85188411ba1' # XahPxwmCuKjPq69hzVxP18V1eASwDWbUrn
delegate_pub = '02526201c87c1b4630aabbd04572eec3e2545e442503e57e60880fafcc1f684dbc' # Xx2nSdhaT7c9SREKBPAgzpkhu518XFgkgh
protocol_version = 70103
ip = '0.0.0.0'
port = 20000
addr = NetworkAddress(ip=ip, port=port)
vin = {
'prevout_hash': '00' * 32,
'prevout_n': 0,
'scriptSig': '',
'sequence': 0xffffffff
}
last_ping = MasternodePing(vin=vin, block_hash='ff' * 32)
announce = MasternodeAnnounce(vin=vin,
addr=addr,
collateral_key=collateral_pub,
delegate_key=delegate_pub,
protocol_version=protocol_version,
last_ping=last_ping)
collateral_wif = 'XJqCcyfnLYK4Y7ZDVjLrgPnsrq2cWMF6MX9cyhKgfMajwqrCwZaS'
delegate_wif = 'XCbhXBc2N9q8kxqBF41rSuLWVpVVbDm7P1oPv9GxcrS9QXYBWZkB'
announce.last_ping.sign(delegate_wif, bfh(delegate_pub), 1461858375)
sig = announce.sign(collateral_wif, 1461858375)
address = 'XahPxwmCuKjPq69hzVxP18V1eASwDWbUrn'
self.assertTrue(announce.verify(address))
self.assertTrue(
ecc.verify_message_with_address(address, sig,
announce.serialize_for_sig()))
def test_sign(self):
vin = {'prevout_hash': '00'*32, 'prevout_n': 0, 'scriptSig': '', 'sequence':0xffffffff}
block_hash = 'ff'*32
current_time = 1461858375
ping = MasternodePing(vin=vin, block_hash=block_hash, sig_time=current_time)
expected_sig = 'H6k0M7G15GLnJ7i7Zcs8uCHcVRsn1P0hKK4lVMkgY4byaOvUECCsfxA9ktUiFT8scfFYYb/sxkcD8ifU/SEnBUg='
wif = 'XCbhXBc2N9q8kxqBF41rSuLWVpVVbDm7P1oPv9GxcrS9QXYBWZkB'
sig = ping.sign(wif, current_time = current_time)
address = bitcoin.address_from_private_key(wif)
self.assertTrue(ecc.verify_message_with_address
(address, sig, ping.serialize_for_sig()))
self.assertEqual(expected_sig, base64.b64encode(sig).decode('utf-8'))
def test_sign(self):
vin = {'prevout_hash': '00'*32, 'prevout_n': 0, 'scriptSig': '', 'sequence':0xffffffff}
block_hash = 'ff'*32
current_time = 1461858375
ping = MasternodePing(vin=vin, block_hash=block_hash, sig_time=current_time)
expected_sig = 'H6k0M7G15GLnJ7i7Zcs8uCHcVRsn1P0hKK4lVMkgY4byaOvUECCsfxA9ktUiFT8scfFYYb/sxkcD8ifU/SEnBUg='
wif = 'XCbhXBc2N9q8kxqBF41rSuLWVpVVbDm7P1oPv9GxcrS9QXYBWZkB'
sig = ping.sign(wif, current_time = current_time)
address = bitcoin.address_from_private_key(wif)
self.assertTrue(ecc.verify_message_with_address
(address, sig, ping.serialize_for_sig()))
self.assertEqual(expected_sig, base64.b64encode(sig).decode('utf-8'))