aboutsummaryrefslogtreecommitdiff
path: root/src/wallet
diff options
context:
space:
mode:
Diffstat (limited to 'src/wallet')
-rw-r--r--src/wallet/api/wallet.cpp4
-rw-r--r--src/wallet/wallet2.cpp117
-rw-r--r--src/wallet/wallet2.h6
-rw-r--r--src/wallet/wallet_rpc_server.cpp24
-rw-r--r--src/wallet/wallet_rpc_server_commands_defs.h10
-rw-r--r--src/wallet/wallet_rpc_server_error_codes.h1
6 files changed, 136 insertions, 26 deletions
diff --git a/src/wallet/api/wallet.cpp b/src/wallet/api/wallet.cpp
index e00f9d2e9..152a7dcd7 100644
--- a/src/wallet/api/wallet.cpp
+++ b/src/wallet/api/wallet.cpp
@@ -1998,7 +1998,7 @@ bool WalletImpl::checkReserveProof(const std::string &address, const std::string
std::string WalletImpl::signMessage(const std::string &message)
{
- return m_wallet->sign(message);
+ return m_wallet->sign(message, tools::wallet2::sign_with_spend_key);
}
bool WalletImpl::verifySignedMessage(const std::string &message, const std::string &address, const std::string &signature) const
@@ -2008,7 +2008,7 @@ bool WalletImpl::verifySignedMessage(const std::string &message, const std::stri
if (!cryptonote::get_account_address_from_str(info, m_wallet->nettype(), address))
return false;
- return m_wallet->verify(message, info.address, signature);
+ return m_wallet->verify(message, info.address, signature).valid;
}
std::string WalletImpl::signMultisigParticipant(const std::string &message) const
diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp
index 31aaaddea..918b3fd41 100644
--- a/src/wallet/wallet2.cpp
+++ b/src/wallet/wallet2.cpp
@@ -12207,51 +12207,130 @@ void wallet2::set_account_tag_description(const std::string& tag, const std::str
m_account_tags.first[tag] = description;
}
-std::string wallet2::sign(const std::string &data, cryptonote::subaddress_index index) const
-{
+// Set up an address signature message hash
+// Hash data: domain separator, spend public key, view public key, mode identifier, payload data
+static crypto::hash get_message_hash(const std::string &data, const crypto::public_key &spend_key, const crypto::public_key &view_key, const uint8_t mode)
+{
+ KECCAK_CTX ctx;
+ keccak_init(&ctx);
+ keccak_update(&ctx, (const uint8_t*)config::HASH_KEY_MESSAGE_SIGNING, sizeof(config::HASH_KEY_MESSAGE_SIGNING)); // includes NUL
+ keccak_update(&ctx, (const uint8_t*)&spend_key, sizeof(crypto::public_key));
+ keccak_update(&ctx, (const uint8_t*)&view_key, sizeof(crypto::public_key));
+ keccak_update(&ctx, (const uint8_t*)&mode, sizeof(uint8_t));
+ char len_buf[(sizeof(size_t) * 8 + 6) / 7];
+ char *ptr = len_buf;
+ tools::write_varint(ptr, data.size());
+ CHECK_AND_ASSERT_THROW_MES(ptr > len_buf && ptr <= len_buf + sizeof(len_buf), "Length overflow");
+ keccak_update(&ctx, (const uint8_t*)len_buf, ptr - len_buf);
+ keccak_update(&ctx, (const uint8_t*)data.data(), data.size());
crypto::hash hash;
- crypto::cn_fast_hash(data.data(), data.size(), hash);
+ keccak_finish(&ctx, (uint8_t*)&hash);
+ return hash;
+}
+
+// Sign a message with a private key from either the base address or a subaddress
+// The signature is also bound to both keys and the signature mode (spend, view) to prevent unintended reuse
+std::string wallet2::sign(const std::string &data, message_signature_type_t signature_type, cryptonote::subaddress_index index) const
+{
const cryptonote::account_keys &keys = m_account.get_keys();
crypto::signature signature;
- crypto::secret_key skey;
+ crypto::secret_key skey, m;
+ crypto::secret_key skey_spend, skey_view;
crypto::public_key pkey;
+ crypto::public_key pkey_spend, pkey_view; // to include both in hash
+ crypto::hash hash;
+ uint8_t mode;
+
+ // Use the base address
if (index.is_zero())
{
- skey = keys.m_spend_secret_key;
- pkey = keys.m_account_address.m_spend_public_key;
+ switch (signature_type)
+ {
+ case sign_with_spend_key:
+ skey = keys.m_spend_secret_key;
+ pkey = keys.m_account_address.m_spend_public_key;
+ mode = 0;
+ break;
+ case sign_with_view_key:
+ skey = keys.m_view_secret_key;
+ pkey = keys.m_account_address.m_view_public_key;
+ mode = 1;
+ break;
+ default: CHECK_AND_ASSERT_THROW_MES(false, "Invalid signature type requested");
+ }
+ hash = get_message_hash(data,keys.m_account_address.m_spend_public_key,keys.m_account_address.m_view_public_key,mode);
}
+ // Use a subaddress
else
{
- skey = keys.m_spend_secret_key;
- crypto::secret_key m = m_account.get_device().get_subaddress_secret_key(keys.m_view_secret_key, index);
- sc_add((unsigned char*)&skey, (unsigned char*)&m, (unsigned char*)&skey);
+ skey_spend = keys.m_spend_secret_key;
+ m = m_account.get_device().get_subaddress_secret_key(keys.m_view_secret_key, index);
+ sc_add((unsigned char*)&skey_spend, (unsigned char*)&m, (unsigned char*)&skey_spend);
+ secret_key_to_public_key(skey_spend,pkey_spend);
+ sc_mul((unsigned char*)&skey_view, (unsigned char*)&keys.m_view_secret_key, (unsigned char*)&skey_spend);
+ secret_key_to_public_key(skey_view,pkey_view);
+ switch (signature_type)
+ {
+ case sign_with_spend_key:
+ skey = skey_spend;
+ pkey = pkey_spend;
+ mode = 0;
+ break;
+ case sign_with_view_key:
+ skey = skey_view;
+ pkey = pkey_view;
+ mode = 1;
+ break;
+ default: CHECK_AND_ASSERT_THROW_MES(false, "Invalid signature type requested");
+ }
secret_key_to_public_key(skey, pkey);
+ hash = get_message_hash(data,pkey_spend,pkey_view,mode);
}
crypto::generate_signature(hash, pkey, skey, signature);
- return std::string("SigV1") + tools::base58::encode(std::string((const char *)&signature, sizeof(signature)));
+ return std::string("SigV2") + tools::base58::encode(std::string((const char *)&signature, sizeof(signature)));
}
-bool wallet2::verify(const std::string &data, const cryptonote::account_public_address &address, const std::string &signature) const
+tools::wallet2::message_signature_result_t wallet2::verify(const std::string &data, const cryptonote::account_public_address &address, const std::string &signature) const
{
- const size_t header_len = strlen("SigV1");
- if (signature.size() < header_len || signature.substr(0, header_len) != "SigV1") {
+ static const size_t v1_header_len = strlen("SigV1");
+ static const size_t v2_header_len = strlen("SigV2");
+ const bool v1 = signature.size() >= v1_header_len && signature.substr(0, v1_header_len) == "SigV1";
+ const bool v2 = signature.size() >= v2_header_len && signature.substr(0, v2_header_len) == "SigV2";
+ if (!v1 && !v2)
+ {
LOG_PRINT_L0("Signature header check error");
- return false;
+ return {};
}
crypto::hash hash;
- crypto::cn_fast_hash(data.data(), data.size(), hash);
+ if (v1)
+ {
+ crypto::cn_fast_hash(data.data(), data.size(), hash);
+ }
std::string decoded;
- if (!tools::base58::decode(signature.substr(header_len), decoded)) {
+ if (!tools::base58::decode(signature.substr(v1 ? v1_header_len : v2_header_len), decoded)) {
LOG_PRINT_L0("Signature decoding error");
- return false;
+ return {};
}
crypto::signature s;
if (sizeof(s) != decoded.size()) {
LOG_PRINT_L0("Signature decoding error");
- return false;
+ return {};
}
memcpy(&s, decoded.data(), sizeof(s));
- return crypto::check_signature(hash, address.m_spend_public_key, s);
+
+ // Test each mode and return which mode, if either, succeeded
+ if (v2)
+ hash = get_message_hash(data,address.m_spend_public_key,address.m_view_public_key,(uint8_t) 0);
+ if (crypto::check_signature(hash, address.m_spend_public_key, s))
+ return {true, v1 ? 1u : 2u, !v2, sign_with_spend_key };
+
+ if (v2)
+ hash = get_message_hash(data,address.m_spend_public_key,address.m_view_public_key,(uint8_t) 1);
+ if (crypto::check_signature(hash, address.m_view_public_key, s))
+ return {true, v1 ? 1u : 2u, !v2, sign_with_view_key };
+
+ // Both modes failed
+ return {};
}
std::string wallet2::sign_multisig_participant(const std::string& data) const
diff --git a/src/wallet/wallet2.h b/src/wallet/wallet2.h
index 117e4e2f2..62ed111f1 100644
--- a/src/wallet/wallet2.h
+++ b/src/wallet/wallet2.h
@@ -1341,8 +1341,10 @@ private:
*/
void set_account_tag_description(const std::string& tag, const std::string& description);
- std::string sign(const std::string &data, cryptonote::subaddress_index index = {0, 0}) const;
- bool verify(const std::string &data, const cryptonote::account_public_address &address, const std::string &signature) const;
+ enum message_signature_type_t { sign_with_spend_key, sign_with_view_key };
+ std::string sign(const std::string &data, message_signature_type_t signature_type, cryptonote::subaddress_index index = {0, 0}) const;
+ struct message_signature_result_t { bool valid; unsigned version; bool old; message_signature_type_t type; };
+ message_signature_result_t verify(const std::string &data, const cryptonote::account_public_address &address, const std::string &signature) const;
/*!
* \brief sign_multisig_participant signs given message with the multisig public signer key
diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp
index 0ed749cb7..03db8b70f 100644
--- a/src/wallet/wallet_rpc_server.cpp
+++ b/src/wallet/wallet_rpc_server.cpp
@@ -2007,7 +2007,18 @@ namespace tools
return false;
}
- res.signature = m_wallet->sign(req.data, {req.account_index, req.address_index});
+ tools::wallet2::message_signature_type_t signature_type = tools::wallet2::sign_with_spend_key;
+ if (req.signature_type == "spend" || req.signature_type == "")
+ signature_type = tools::wallet2::sign_with_spend_key;
+ else if (req.signature_type == "view")
+ signature_type = tools::wallet2::sign_with_view_key;
+ else
+ {
+ er.code = WALLET_RPC_ERROR_CODE_INVALID_SIGNATURE_TYPE;
+ er.message = "Invalid signature type requested";
+ return false;
+ }
+ res.signature = m_wallet->sign(req.data, signature_type, {req.account_index, req.address_index});
return true;
}
//------------------------------------------------------------------------------------------------------------------------------
@@ -2042,7 +2053,16 @@ namespace tools
return false;
}
- res.good = m_wallet->verify(req.data, info.address, req.signature);
+ const auto result = m_wallet->verify(req.data, info.address, req.signature);
+ res.good = result.valid;
+ res.version = result.version;
+ res.old = result.old;
+ switch (result.type)
+ {
+ case tools::wallet2::sign_with_spend_key: res.signature_type = "spend"; break;
+ case tools::wallet2::sign_with_view_key: res.signature_type = "view"; break;
+ default: res.signature_type = "invalid"; break;
+ }
return true;
}
//------------------------------------------------------------------------------------------------------------------------------
diff --git a/src/wallet/wallet_rpc_server_commands_defs.h b/src/wallet/wallet_rpc_server_commands_defs.h
index 5b2536bf1..81f83fb18 100644
--- a/src/wallet/wallet_rpc_server_commands_defs.h
+++ b/src/wallet/wallet_rpc_server_commands_defs.h
@@ -47,7 +47,7 @@
// advance which version they will stop working with
// Don't go over 32767 for any of these
#define WALLET_RPC_VERSION_MAJOR 1
-#define WALLET_RPC_VERSION_MINOR 19
+#define WALLET_RPC_VERSION_MINOR 20
#define MAKE_WALLET_RPC_VERSION(major,minor) (((major)<<16)|(minor))
#define WALLET_RPC_VERSION MAKE_WALLET_RPC_VERSION(WALLET_RPC_VERSION_MAJOR, WALLET_RPC_VERSION_MINOR)
namespace tools
@@ -1618,11 +1618,13 @@ namespace wallet_rpc
std::string data;
uint32_t account_index;
uint32_t address_index;
+ std::string signature_type;
BEGIN_KV_SERIALIZE_MAP()
KV_SERIALIZE(data)
KV_SERIALIZE_OPT(account_index, 0u)
KV_SERIALIZE_OPT(address_index, 0u)
+ KV_SERIALIZE(signature_type)
END_KV_SERIALIZE_MAP()
};
typedef epee::misc_utils::struct_init<request_t> request;
@@ -1657,9 +1659,15 @@ namespace wallet_rpc
struct response_t
{
bool good;
+ unsigned version;
+ bool old;
+ std::string signature_type;
BEGIN_KV_SERIALIZE_MAP()
KV_SERIALIZE(good);
+ KV_SERIALIZE(version);
+ KV_SERIALIZE(old);
+ KV_SERIALIZE(signature_type);
END_KV_SERIALIZE_MAP()
};
typedef epee::misc_utils::struct_init<response_t> response;
diff --git a/src/wallet/wallet_rpc_server_error_codes.h b/src/wallet/wallet_rpc_server_error_codes.h
index 9b455af6a..f7c5bb0e1 100644
--- a/src/wallet/wallet_rpc_server_error_codes.h
+++ b/src/wallet/wallet_rpc_server_error_codes.h
@@ -76,3 +76,4 @@
#define WALLET_RPC_ERROR_CODE_NON_DETERMINISTIC -43
#define WALLET_RPC_ERROR_CODE_INVALID_LOG_LEVEL -44
#define WALLET_RPC_ERROR_CODE_ATTRIBUTE_NOT_FOUND -45
+#define WALLET_RPC_ERROR_CODE_INVALID_SIGNATURE_TYPE -47
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-26 07:05:43 +0000