do not base64encode signatures in requests

2015-07-14 16:37:04 +02:00 · 2015-07-14 16:37:04 +02:00 · 471cab6089
parent 7588519e8e
commit 471cab6089
6 changed files with 14 additions and 13 deletions
--- a/gui/qt/main_window.py
+++ b/gui/qt/main_window.py
@ -23,7 +23,7 @@ import socket
 import webbrowser
 import csv
 from decimal import Decimal
-
+import base64

 import PyQt4
 from PyQt4.QtGui import *
@ -1983,6 +1983,7 @@ class ElectrumWindow(QMainWindow):
        message = message.encode('utf-8')
        try:
            sig = self.wallet.sign_message(str(address.text()), message, password)
+            sig = base64.b64encode(sig)
            signature.setText(sig)
        except Exception as e:
            self.show_message(str(e))
@ -1990,7 +1991,8 @@ class ElectrumWindow(QMainWindow):
    def do_verify(self, address, message, signature):
        message = unicode(message.toPlainText())
        message = message.encode('utf-8')
-        if bitcoin.verify_message(address.text(), str(signature.toPlainText()), message):
+        sig = base64.b64decode(str(signature.toPlainText()))
+        if bitcoin.verify_message(address.text(), sig, message):
            self.show_message(_("Signature verified"))
        else:
            self.show_message(_("Error: wrong signature"))
--- a/lib/bitcoin.py
+++ b/lib/bitcoin.py
@ -488,7 +488,7 @@ class EC_KEY(object):
    def sign_message(self, message, compressed, address):
        signature = self.sign(Hash(msg_magic(message)))
        for i in range(4):
-            sig = base64.b64encode(chr(27 + i + (4 if compressed else 0)) + signature)
+            sig = chr(27 + i + (4 if compressed else 0)) + signature
            try:
                self.verify_message(address, sig, message)
                return sig
@ -498,8 +498,7 @@ class EC_KEY(object):
            raise Exception("error: cannot sign message")

    @classmethod
-    def verify_message(self, address, signature, message):
-        sig = base64.b64decode(signature)
+    def verify_message(self, address, sig, message):
        if len(sig) != 65:
            raise Exception("Wrong encoding")
        nV = ord(sig[0])
--- a/lib/commands.py
+++ b/lib/commands.py
@ -24,6 +24,7 @@ import copy
 import argparse
 import json
 import ast
+import base64
 from functools import wraps
 from decimal import Decimal

@ -361,12 +362,14 @@ class Commands:
    def signmessage(self, address, message):
        """Sign a message with a key. Use quotes if your message contains
        whitespaces"""
-        return self.wallet.sign_message(address, message, self.password)
+        sig = self.wallet.sign_message(address, message, self.password)
+        return base64.b64encode(sig)

    @command('')
    def verifymessage(self, address, signature, message):
        """Verify a signature."""
-        return bitcoin.verify_message(address, signature, message)
+        sig = base64.b64decode(signature)
+        return bitcoin.verify_message(address, sig, message)

    def _mktx(self, outputs, fee, change_addr, domain, nocheck, unsigned):
        self.nocheck = nocheck
--- a/plugins/btchipwallet.py
+++ b/plugins/btchipwallet.py
@ -5,7 +5,6 @@ from binascii import hexlify
 from struct import pack,unpack
 from sys import stderr
 from time import sleep
-from base64 import b64encode, b64decode

 import electrum
 from electrum_gui.qt.password_dialog import make_password_dialog, run_password_dialog
@ -345,8 +344,7 @@ class BTChipWallet(BIP32_HD_Wallet):
        s = str(s)

        # And convert it
-
-        return b64encode(chr(27 + 4 + (signature[0] & 0x01)) + r + s)
+        return chr(27 + 4 + (signature[0] & 0x01)) + r + s

    def sign_transaction(self, tx, password):
        if tx.is_complete():
--- a/plugins/greenaddress_instant.py
+++ b/plugins/greenaddress_instant.py
@ -80,6 +80,7 @@ class Plugin(BasePlugin):
            addr = self.get_my_addr(tx)
            message = "Please verify if %s is GreenAddress instant confirmed" % tx.hash()
            sig = self.wallet.sign_message(addr, message, password)
+            sig = base64.b64encode(sig)

            # 2. send the request
            response = requests.request("GET", ("https://greenaddress.it/verify/?signature=%s&txhash=%s" % (urllib.quote(sig), tx.hash())),
--- a/plugins/trezor.py
+++ b/plugins/trezor.py
@ -2,7 +2,6 @@ from binascii import unhexlify
 from struct import pack
 from sys import stderr
 from time import sleep
-from base64 import b64encode, b64decode
 import unicodedata
 import threading
 import re
@ -459,8 +458,7 @@ class TrezorWallet(BIP32_HD_Wallet):
            give_error(e)
        finally:
            self.plugin.handler.stop()
-        b64_msg_sig = b64encode(msg_sig.signature)
-        return str(b64_msg_sig)
+        return msg_sig.signature

    def sign_transaction(self, tx, password):
        if tx.is_complete():