add Aaron's fix for verifying a signature
This commit is contained in:
parent
6f1939296d
commit
7bd5e4fa8d
@ -57,19 +57,20 @@ def postSlate(receivingAddress, slate):
|
||||
)
|
||||
def getSlates(receivingAddress, signature):
|
||||
try:
|
||||
if receivingAddress is None:
|
||||
if receivingAddress is None or signature is None:
|
||||
return make_response(jsonify({'status': 'failure', 'error': str("missing correct arguments")}))
|
||||
|
||||
# Deserialize the base-58 address to hex, and then to an internal public key format
|
||||
|
||||
# Deserialize the base-58 address to an internal public key format
|
||||
# NOTE: This assumes that the network version (which is not part of the key) is exactly 2 bytes
|
||||
public_key = secp256k1.PublicKey(base58.b58decode_check(receivingAddress)[2:])
|
||||
|
||||
public_key = secp256k1.PublicKey(base58.b58decode_check(receivingAddress)[2:], raw=True)
|
||||
|
||||
# Prepare the message bound to the signature: a domain separator and the encoded address
|
||||
# For some reason, the original client code calls this the "challenge"
|
||||
message = 'SubscribeRequest_' + receivingAddress
|
||||
|
||||
# Deserialize and verify the provided signature against the message and address public key
|
||||
if not public_key.ecdsa_verify(message, public_key.ecdsa_deserialize(signature)):
|
||||
if not public_key.ecdsa_verify(message.encode(),
|
||||
public_key.ecdsa_deserialize(bytes(bytearray.fromhex(signature)))):
|
||||
return make_response(jsonify({'status': 'failure', 'error': str("bad signature")}))
|
||||
|
||||
slates = Slate.find_slates(address=receivingAddress)
|
||||
|
Loading…
Reference in New Issue
Block a user