def test_verify_recoverable_sign(self):
"""Verifies recovering a signature."""
test_requests = [TEST_REQUEST_TRANSFER_ICX, TEST_REQUEST_SCORE_FUNCTION_CALL,
TEST_REQUEST_SEND_MESSAGE, TEST_REQUEST_SCORE_UPDATE, TEST_REQUEST_SCORE_ISNTALL]
for request in test_requests:
# Serialize a signature
private_key_object = PrivateKey()
msg_hash_bytes = sha3_256(serialize(request["params"])).digest()
sign_bytes = sign(msg_hash_bytes, private_key_object.private_key)
# Deserialize a signature
recoverable_sign = private_key_object.ecdsa_recoverable_deserialize(sign_bytes[0:64], sign_bytes[64])
sign_ = private_key_object.ecdsa_recoverable_convert(recoverable_sign)
# Verify a signature with a public key
self.assertTrue(private_key_object.pubkey.ecdsa_verify(msg_hash_bytes, sign_, raw=True))
# Verify a signature when an message is invalid
invalid_msg_hash = sha3_256(f'invalid message'.encode()).digest()
self.assertFalse(private_key_object.pubkey.ecdsa_verify(invalid_msg_hash, sign_, raw=True))
# Verify a signature when a private key is invalid
invalid_private_key = PrivateKey()
self.assertFalse(invalid_private_key.pubkey.ecdsa_verify(msg_hash_bytes, sign_, raw=True))
def test_eth_sign(web3, skip_if_testrpc):
skip_if_testrpc(web3)
private_key_hex = '0x5e95384d8050109aab08c1922d3c230739bc16976553c317e5d0b87b59371f2a'
private_key = decode_hex(private_key_hex)
# This imports the private key into the running geth instance and unlocks
# the account so that it can sign things.
# `0xa5df35f30ba0ce878b1061ae086289adff3ba1e0`
address = web3.personal.importRawKey(private_key, "password")
web3.personal.unlockAccount(address, "password")
assert add_0x_prefix(encode_hex(privtoaddr(private_key))) == add_0x_prefix(address)
assert address == '0xa5df35f30ba0ce878b1061ae086289adff3ba1e0'
# the data to be signed
data = b'1234567890abcdefghijklmnopqrstuvwxyz'
# the hash of the data `0x089c33d56ed10bd8b571a0f493cedb28db1ae0f40c6cd266243001528c06eab3`
data_hash = web3.sha3(data, encoding=None)
data_hash_bytes = decode_hex(data_hash)
assert force_bytes(data_hash) == sha3(data)
priv_key = PrivateKey(flags=ALL_FLAGS)
priv_key.set_raw_privkey(private_key)
# sanit check the extract_ecdsa_signer function works as expected.
vector_sig = priv_key.ecdsa_sign_recoverable(data_hash_bytes, raw=True, digest=sha3_256)
vector_sig_bytes, rec_id = priv_key.ecdsa_recoverable_serialize(vector_sig)
vector_sig_bytes_full = vector_sig_bytes + force_bytes(chr(rec_id))
vector_address = force_text(extract_ecdsa_signer(data_hash_bytes, vector_sig_bytes_full))
assert vector_address == address
# Now have geth sign some data.
signature_hex = web3.eth.sign(address, data)
signature_bytes = decode_hex(signature_hex)
actual_signer = extract_ecdsa_signer(data_hash_bytes, signature_bytes)
assert actual_signer == address
# Verify the signature against the public key derived from the
# original private key. It fails.
rec_id = signature_bytes[64]
if is_string(rec_id):
rec_id = ord(rec_id)
recoverable_signature = priv_key.ecdsa_recoverable_deserialize(
signature_bytes[:64],
rec_id,
)
signature = priv_key.ecdsa_recoverable_convert(recoverable_signature)
is_valid = priv_key.pubkey.ecdsa_verify(
msg=data,
raw_sig=signature,
digest=sha3_256,
)
assert is_valid
class TestIcxSigner(unittest.TestCase):
def setUp(self):
self.test_private_key = PrivateKey()
self.signer = IcxSigner(self.test_private_key.private_key)
m = hashlib.sha256()
m.update(b'message_for_test')
# prepare massage msg_hash
self.hashed_message = m.digest()
# check if signature which sign_recoverable method made is valid
# use ecdsa_verify. before verify signature, convert sign (recoverable_sig -> normal_sig)
# check secp256k1 doc: https://github.com/ludbb/secp256k1-py
def test_sign_recoverable_verify_sig(self):
# get sign, recovery
sign, recovery_id = self.signer.sign_recoverable(self.hashed_message)
# Convert recoverable sig to normal sig
deserialized_recoverable_sig = self.test_private_key.ecdsa_recoverable_deserialize(sign, recovery_id)
normal_sig = self.test_private_key.ecdsa_recoverable_convert(deserialized_recoverable_sig)
# Check sig
self.assertTrue(self.test_private_key.pubkey.ecdsa_verify(self.hashed_message, normal_sig, raw=True))
# Verify using invalid message
m = hashlib.sha256()
m.update(b'invalid message')
invalid_message = m.digest()
self.assertFalse(self.test_private_key.pubkey.ecdsa_verify(invalid_message, normal_sig, raw=True))
# Verify using invalid private key
invalid_privateKey = PrivateKey()
self.assertFalse(invalid_privateKey.pubkey.ecdsa_verify(self.hashed_message, normal_sig, raw=True))
def test_sign_base64_encode(self):
# make signature
encoded_sign = self.signer.sign(self.hashed_message)
decoded_sign = base64.b64decode(encoded_sign)
actual_id = int.from_bytes(decoded_sign[-1:], byteorder='big')
actual_sig = decoded_sign[:len(decoded_sign) - 1]
expected_signature, expected_recovery_id = self.signer.sign_recoverable(self.hashed_message)
self.assertEqual(actual_id, expected_recovery_id)
self.assertEqual(actual_sig, expected_signature)
def test_key_from_key_store_get_private_key(self):
# Invalid keystore file path
self.assertRaises(KeyStoreException, key_from_key_store, './invalid_file_path', 'qwer1234%')
# Invalid keystore password
self.assertRaises(KeyStoreException, key_from_key_store, './tests/test_util/test_keystore', 'qwer12')
def test_eth_sign(web3, skip_if_testrpc):
skip_if_testrpc(web3)
private_key_hex = '0x5e95384d8050109aab08c1922d3c230739bc16976553c317e5d0b87b59371f2a'
private_key = decode_hex(private_key_hex)
# This imports the private key into the running geth instance and unlocks
# the account so that it can sign things.
# address = '0xa5df35f30ba0ce878b1061ae086289adff3ba1e0'
address = web3.personal.importRawKey(private_key, "password")
web3.personal.unlockAccount(address, "password")
assert add_0x_prefix(encode_hex(
privtoaddr(private_key))) == add_0x_prefix(address)
assert address == '0xa5df35f30ba0ce878b1061ae086289adff3ba1e0'
# the data to be signed
data = b'1234567890abcdefghijklmnopqrstuvwxyz'
# the hash of the data `0x089c33d56ed10bd8b571a0f493cedb28db1ae0f40c6cd266243001528c06eab3`
data_hash = web3.sha3(data, encoding=None)
data_hash_bytes = decode_hex(data_hash)
assert force_bytes(data_hash) == sha3(data)
priv_key = PrivateKey(flags=ALL_FLAGS)
priv_key.set_raw_privkey(private_key)
# sanit check the extract_ecdsa_signer function works as expected.
vector_sig = priv_key.ecdsa_sign_recoverable(data_hash_bytes,
raw=True,
digest=hashlib.sha3_256)
vector_sig_bytes, rec_id = priv_key.ecdsa_recoverable_serialize(vector_sig)
vector_sig_bytes_full = vector_sig_bytes + force_bytes(chr(rec_id))
vector_address = force_text(
extract_ecdsa_signer(data_hash_bytes, vector_sig_bytes_full))
assert vector_address == address
# Now have geth sign some data.
signature_hex = web3.eth.sign(address, data)
signature_bytes = decode_hex(signature_hex)
# geth prefix message before signing
geth_prefix_data = eth_message_prefix_hash(web3, data.decode())
actual_signer = extract_ecdsa_signer(force_bytes(geth_prefix_data),
signature_bytes)
assert actual_signer == address
# Verify the signature against the public key derived from the
# original private key. It fails.
rec_id = signature_bytes[64]
if is_string(rec_id):
rec_id = ord(rec_id)
recoverable_signature = priv_key.ecdsa_recoverable_deserialize(
signature_bytes[:64],
rec_id,
)
signature = priv_key.ecdsa_recoverable_convert(recoverable_signature)
is_valid = priv_key.pubkey.ecdsa_verify(
msg=data,
raw_sig=signature,
digest=hashlib.sha3_256,
)
assert is_valid
