Verify subscribe request signature

This commit is contained in:
Aaron Feickert 2022-08-08 16:50:12 -05:00
parent 2204329c54
commit ce0a800f6b
2 changed files with 21 additions and 3 deletions

View File

@ -10,6 +10,9 @@ import settings
from funding.factory import app, db, cache from funding.factory import app, db, cache
from funding.orm import Address, Slate from funding.orm import Address, Slate
import secp256k1
import base58
@app.route('/') @app.route('/')
def index(): def index():
@ -50,12 +53,25 @@ def postSlate(receivingAddress, slate):
@app.route('/getSlates', methods=['POST']) @app.route('/getSlates', methods=['POST'])
@endpoint.api( @endpoint.api(
parameter('receivingAddress', type=str, required=True), parameter('receivingAddress', type=str, required=True),
parameter('signature', type=str, required=True)
) )
def getSlates(receivingAddress): def getSlates(receivingAddress, signature):
try: try:
if receivingAddress is None: if receivingAddress is None or signature is None:
return make_response(jsonify({'status': 'failure', 'error': str("missing correct arguments")})) return make_response(jsonify({'status': 'failure', 'error': str("missing correct arguments")}))
# Deserialize the base-58 address to an internal public key format
# NOTE: This assumes that the network version (which is not part of the key) is exactly 2 bytes
public_key = secp256k1.PublicKey(base58.b58decode_check(receivingAddress)[2:], raw=True)
# Prepare the message bound to the signature: a domain separator and the encoded address
# For some reason, the original client code calls this the "challenge"
message = 'SubscribeRequest_' + receivingAddress
# Deserialize and verify the provided signature against the message and address public key
if not public_key.ecdsa_verify(message.encode(), public_key.ecdsa_deserialize(bytes(bytearray.fromhex(signature)))):
return make_response(jsonify({'status': 'failure', 'error': str("bad signature")}))
slates = Slate.find_slates(address=receivingAddress) slates = Slate.find_slates(address=receivingAddress)
return make_response(jsonify({'status': 'success', 'slates': slates})) return make_response(jsonify({'status': 'success', 'slates': slates}))

View File

@ -15,3 +15,5 @@ pillow-simd
Flask-Caching Flask-Caching
flask-sqlalchemy flask-sqlalchemy
sqlalchemy_json sqlalchemy_json
secp256k1
base58