add Aaron's fix for verifying a signature

2022-08-09 20:39:33 -06:00 · 2022-08-09 20:39:33 -06:00 · 7bd5e4fa8d
commit 7bd5e4fa8d
parent 6f1939296d
1 changed files with 7 additions and 6 deletions
--- a/funding/routes.py
+++ b/funding/routes.py
@ -57,19 +57,20 @@ def postSlate(receivingAddress, slate):
 )
 def getSlates(receivingAddress, signature):
    try:
-        if receivingAddress is None:
+        if receivingAddress is None or signature is None:
            return make_response(jsonify({'status': 'failure', 'error': str("missing correct arguments")}))
-        
+
-        # Deserialize the base-58 address to hex, and then to an internal public key format
+        # Deserialize the base-58 address to an internal public key format
        # NOTE: This assumes that the network version (which is not part of the key) is exactly 2 bytes
-        public_key = secp256k1.PublicKey(base58.b58decode_check(receivingAddress)[2:])
+        public_key = secp256k1.PublicKey(base58.b58decode_check(receivingAddress)[2:], raw=True)
-        
+
        # Prepare the message bound to the signature: a domain separator and the encoded address
        # For some reason, the original client code calls this the "challenge"
        message = 'SubscribeRequest_' + receivingAddress
        # Deserialize and verify the provided signature against the message and address public key
-        if not public_key.ecdsa_verify(message, public_key.ecdsa_deserialize(signature)):
+        if not public_key.ecdsa_verify(message.encode(),
                                       public_key.ecdsa_deserialize(bytes(bytearray.fromhex(signature)))):
            return make_response(jsonify({'status': 'failure', 'error': str("bad signature")}))
        slates = Slate.find_slates(address=receivingAddress)