From 89d9f382a03235338bae65661e66d2d5ffa736d5 Mon Sep 17 00:00:00 2001 From: moneromooo-monero Date: Sat, 23 Apr 2016 21:46:48 +0100 Subject: [PATCH] wallet: add command and RPC to sign/verify data Signing is done using the spend key, since the view key may be shared. This could be extended later, to let the user choose which key (even a per tx key). simplewallet's sign/verify API uses a file. The RPC uses a string (simplewallet can't easily do strings since commands receive a tokenized set of arguments). --- src/simplewallet/simplewallet.cpp | 67 ++++++++++++++++++++ src/simplewallet/simplewallet.h | 2 + src/wallet/wallet2.cpp | 35 ++++++++++ src/wallet/wallet2.h | 3 + src/wallet/wallet_rpc_server.cpp | 36 +++++++++++ src/wallet/wallet_rpc_server.h | 4 ++ src/wallet/wallet_rpc_server_commands_defs.h | 49 +++++++++++++- src/wallet/wallet_rpc_server_error_codes.h | 1 + 8 files changed, 195 insertions(+), 2 deletions(-) diff --git a/src/simplewallet/simplewallet.cpp b/src/simplewallet/simplewallet.cpp index 4a7a70b8c..1862173b9 100644 --- a/src/simplewallet/simplewallet.cpp +++ b/src/simplewallet/simplewallet.cpp @@ -658,6 +658,8 @@ simple_wallet::simple_wallet() m_cmd_binder.set_handler("set_tx_note", boost::bind(&simple_wallet::set_tx_note, this, _1), tr("Set an arbitrary string note for a txid")); m_cmd_binder.set_handler("get_tx_note", boost::bind(&simple_wallet::get_tx_note, this, _1), tr("Get a string note for a txid")); m_cmd_binder.set_handler("status", boost::bind(&simple_wallet::status, this, _1), tr("Show wallet status information")); + m_cmd_binder.set_handler("sign", boost::bind(&simple_wallet::sign, this, _1), tr("Sign the contents of a file")); + m_cmd_binder.set_handler("verify", boost::bind(&simple_wallet::verify, this, _1), tr("Verify a signature on the contents of a file")); m_cmd_binder.set_handler("help", boost::bind(&simple_wallet::help, this, _1), tr("Show this help")); } //---------------------------------------------------------------------------------------------------- @@ -3368,6 +3370,71 @@ bool simple_wallet::status(const std::vector &args) return true; } //---------------------------------------------------------------------------------------------------- +bool simple_wallet::sign(const std::vector &args) +{ + if (args.size() != 1) + { + fail_msg_writer() << tr("usage: sign "); + return true; + } + if (m_wallet->watch_only()) + { + fail_msg_writer() << tr("wallet is watch-only and cannot sign"); + return true; + } + std::string filename = args[0]; + std::string data; + bool r = epee::file_io_utils::load_file_to_string(filename, data); + if (!r) + { + fail_msg_writer() << tr("failed to read file ") << filename; + return true; + } + std::string signature = m_wallet->sign(data); + success_msg_writer() << signature; + return true; +} +//---------------------------------------------------------------------------------------------------- +bool simple_wallet::verify(const std::vector &args) +{ + if (args.size() != 3) + { + fail_msg_writer() << tr("usage: verify
"); + return true; + } + std::string filename = args[0]; + std::string address_string = args[1]; + std::string signature= args[2]; + + std::string data; + bool r = epee::file_io_utils::load_file_to_string(filename, data); + if (!r) + { + fail_msg_writer() << tr("failed to read file ") << filename; + return true; + } + + cryptonote::account_public_address address; + bool has_payment_id; + crypto::hash8 payment_id; + if(!get_account_integrated_address_from_str(address, has_payment_id, payment_id, m_wallet->testnet(), address_string)) + { + fail_msg_writer() << tr("failed to parse address"); + return true; + } + + r = m_wallet->verify(data, address, signature); + if (!r) + { + fail_msg_writer() << tr("Bad signature from ") << address_string; + } + else + { + success_msg_writer() << tr("Good signature from ") << address_string; + } + return true; +} +//---------------------------------------------------------------------------------------------------- bool simple_wallet::process_command(const std::vector &args) { return m_cmd_binder.process_command_vec(args); diff --git a/src/simplewallet/simplewallet.h b/src/simplewallet/simplewallet.h index e0478eb6e..97f30834a 100644 --- a/src/simplewallet/simplewallet.h +++ b/src/simplewallet/simplewallet.h @@ -143,6 +143,8 @@ namespace cryptonote bool get_tx_note(const std::vector &args); bool status(const std::vector &args); bool set_default_fee_multiplier(const std::vector &args); + bool sign(const std::vector &args); + bool verify(const std::vector &args); uint64_t get_daemon_blockchain_height(std::string& err); bool try_connect_to_daemon(); diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp index a153967ce..6d676c6bd 100644 --- a/src/wallet/wallet2.cpp +++ b/src/wallet/wallet2.cpp @@ -53,6 +53,7 @@ using namespace epee; #include "rapidjson/writer.h" #include "rapidjson/stringbuffer.h" #include "common/json_util.h" +#include "common/base58.h" extern "C" { @@ -3106,6 +3107,40 @@ std::string wallet2::get_tx_note(const crypto::hash &txid) const return std::string(); return i->second; } + +std::string wallet2::sign(const std::string &data) const +{ + crypto::hash hash; + crypto::cn_fast_hash(data.data(), data.size(), hash); + const cryptonote::account_keys &keys = m_account.get_keys(); + crypto::signature signature; + crypto::generate_signature(hash, keys.m_account_address.m_spend_public_key, keys.m_spend_secret_key, signature); + return std::string("SigV1") + tools::base58::encode(std::string((const char *)&signature, sizeof(signature))); +} + +bool wallet2::verify(const std::string &data, const cryptonote::account_public_address &address, const std::string &signature) const +{ + const size_t header_len = strlen("SigV1"); + if (signature.size() < header_len || signature.substr(0, header_len) != "SigV1") { + LOG_PRINT_L0("Signature header check error"); + return false; + } + crypto::hash hash; + crypto::cn_fast_hash(data.data(), data.size(), hash); + std::string decoded; + if (!tools::base58::decode(signature.substr(header_len), decoded)) { + LOG_PRINT_L0("Signature decoding error"); + return false; + } + crypto::signature s; + if (sizeof(s) != decoded.size()) { + LOG_PRINT_L0("Signature decoding error"); + return false; + } + memcpy(&s, decoded.data(), sizeof(s)); + return crypto::check_signature(hash, address.m_spend_public_key, s); +} + //---------------------------------------------------------------------------------------------------- void wallet2::generate_genesis(cryptonote::block& b) { if (m_testnet) diff --git a/src/wallet/wallet2.h b/src/wallet/wallet2.h index c5149a10c..ca5cec43c 100644 --- a/src/wallet/wallet2.h +++ b/src/wallet/wallet2.h @@ -386,6 +386,9 @@ namespace tools void set_tx_note(const crypto::hash &txid, const std::string ¬e); std::string get_tx_note(const crypto::hash &txid) const; + std::string sign(const std::string &data) const; + bool verify(const std::string &data, const cryptonote::account_public_address &address, const std::string &signature) const; + private: /*! * \brief Stores wallet information to wallet file. diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp index 01ae00fe5..6c5c35161 100644 --- a/src/wallet/wallet_rpc_server.cpp +++ b/src/wallet/wallet_rpc_server.cpp @@ -747,6 +747,42 @@ namespace tools return true; } //------------------------------------------------------------------------------------------------------------------------------ + bool wallet_rpc_server::on_sign(const wallet_rpc::COMMAND_RPC_SIGN::request& req, wallet_rpc::COMMAND_RPC_SIGN::response& res, epee::json_rpc::error& er) + { + if (m_wallet.restricted()) + { + er.code = WALLET_RPC_ERROR_CODE_DENIED; + er.message = "Command unavailable in restricted mode."; + return false; + } + + res.signature = m_wallet.sign(req.data); + return true; + } + //------------------------------------------------------------------------------------------------------------------------------ + bool wallet_rpc_server::on_verify(const wallet_rpc::COMMAND_RPC_VERIFY::request& req, wallet_rpc::COMMAND_RPC_VERIFY::response& res, epee::json_rpc::error& er) + { + if (m_wallet.restricted()) + { + er.code = WALLET_RPC_ERROR_CODE_DENIED; + er.message = "Command unavailable in restricted mode."; + return false; + } + + cryptonote::account_public_address address; + bool has_payment_id; + crypto::hash8 payment_id; + if(!get_account_integrated_address_from_str(address, has_payment_id, payment_id, m_wallet.testnet(), req.address)) + { + er.code = WALLET_RPC_ERROR_CODE_WRONG_ADDRESS; + er.message = ""; + return false; + } + + res.good = m_wallet.verify(req.data, address, req.signature); + return true; + } + //------------------------------------------------------------------------------------------------------------------------------ bool wallet_rpc_server::on_stop_wallet(const wallet_rpc::COMMAND_RPC_STOP_WALLET::request& req, wallet_rpc::COMMAND_RPC_STOP_WALLET::response& res, epee::json_rpc::error& er) { if (m_wallet.restricted()) diff --git a/src/wallet/wallet_rpc_server.h b/src/wallet/wallet_rpc_server.h index 8c90aecfe..205896332 100644 --- a/src/wallet/wallet_rpc_server.h +++ b/src/wallet/wallet_rpc_server.h @@ -80,6 +80,8 @@ namespace tools MAP_JON_RPC_WE("set_tx_notes", on_set_tx_notes, wallet_rpc::COMMAND_RPC_SET_TX_NOTES) MAP_JON_RPC_WE("get_tx_notes", on_get_tx_notes, wallet_rpc::COMMAND_RPC_GET_TX_NOTES) MAP_JON_RPC_WE("get_transfers", on_get_transfers, wallet_rpc::COMMAND_RPC_GET_TRANSFERS) + MAP_JON_RPC_WE("sign", on_sign, wallet_rpc::COMMAND_RPC_SIGN) + MAP_JON_RPC_WE("verify", on_verify, wallet_rpc::COMMAND_RPC_VERIFY) END_JSON_RPC_MAP() END_URI_MAP2() @@ -103,6 +105,8 @@ namespace tools bool on_set_tx_notes(const wallet_rpc::COMMAND_RPC_SET_TX_NOTES::request& req, wallet_rpc::COMMAND_RPC_SET_TX_NOTES::response& res, epee::json_rpc::error& er); bool on_get_tx_notes(const wallet_rpc::COMMAND_RPC_GET_TX_NOTES::request& req, wallet_rpc::COMMAND_RPC_GET_TX_NOTES::response& res, epee::json_rpc::error& er); bool on_get_transfers(const wallet_rpc::COMMAND_RPC_GET_TRANSFERS::request& req, wallet_rpc::COMMAND_RPC_GET_TRANSFERS::response& res, epee::json_rpc::error& er); + bool on_sign(const wallet_rpc::COMMAND_RPC_SIGN::request& req, wallet_rpc::COMMAND_RPC_SIGN::response& res, epee::json_rpc::error& er); + bool on_verify(const wallet_rpc::COMMAND_RPC_VERIFY::request& req, wallet_rpc::COMMAND_RPC_VERIFY::response& res, epee::json_rpc::error& er); bool handle_command_line(const boost::program_options::variables_map& vm); diff --git a/src/wallet/wallet_rpc_server_commands_defs.h b/src/wallet/wallet_rpc_server_commands_defs.h index 3908476d6..1404340da 100644 --- a/src/wallet/wallet_rpc_server_commands_defs.h +++ b/src/wallet/wallet_rpc_server_commands_defs.h @@ -551,6 +551,51 @@ namespace wallet_rpc }; }; -} -} + struct COMMAND_RPC_SIGN + { + struct request + { + std::string data; + BEGIN_KV_SERIALIZE_MAP() + KV_SERIALIZE(data); + END_KV_SERIALIZE_MAP() + }; + + struct response + { + std::string signature; + + BEGIN_KV_SERIALIZE_MAP() + KV_SERIALIZE(signature); + END_KV_SERIALIZE_MAP() + }; + }; + + struct COMMAND_RPC_VERIFY + { + struct request + { + std::string data; + std::string address; + std::string signature; + + BEGIN_KV_SERIALIZE_MAP() + KV_SERIALIZE(data); + KV_SERIALIZE(address); + KV_SERIALIZE(signature); + END_KV_SERIALIZE_MAP() + }; + + struct response + { + bool good; + + BEGIN_KV_SERIALIZE_MAP() + KV_SERIALIZE(good); + END_KV_SERIALIZE_MAP() + }; + }; + +} +} diff --git a/src/wallet/wallet_rpc_server_error_codes.h b/src/wallet/wallet_rpc_server_error_codes.h index 968836671..68edfe76e 100644 --- a/src/wallet/wallet_rpc_server_error_codes.h +++ b/src/wallet/wallet_rpc_server_error_codes.h @@ -39,3 +39,4 @@ #define WALLET_RPC_ERROR_CODE_TRANSFER_TYPE -6 #define WALLET_RPC_ERROR_CODE_DENIED -7 #define WALLET_RPC_ERROR_CODE_WRONG_TXID -8 +#define WALLET_RPC_ERROR_CODE_WRONG_SIGNATURE -9