common_2signmessage_8cpp_source.html

// Copyright (c) 2009-2010 Satoshi Nakamoto

// Copyright (c) 2009-2022 The Bitcoin Core developers

// Distributed under the MIT software license, see the accompanying

// file COPYING or http://www.opensource.org/licenses/mit-license.php.


#include <common/signmessage.h>

#include <hash.h>

#include <key.h>

#include <key_io.h>

#include <pubkey.h>

#include <uint256.h>

#include <util/strencodings.h>


#include <cassert>

#include <optional>

#include <string>

#include <variant>

#include <vector>


const std::string MESSAGE_MAGIC = "Bitcoin Signed Message:\n";


MessageVerificationResult MessageVerify(

    const std::string& address,

    const std::string& signature,

    const std::string& message)

{

    CTxDestination destination = DecodeDestination(address);

    if (!IsValidDestination(destination)) {

        return MessageVerificationResult::ERR_INVALID_ADDRESS;

    }


    if (std::get_if<PKHash>(&destination) == nullptr) {

        return MessageVerificationResult::ERR_ADDRESS_NO_KEY;

    }


    auto signature_bytes = DecodeBase64(signature);

    if (!signature_bytes) {

        return MessageVerificationResult::ERR_MALFORMED_SIGNATURE;

    }


    CPubKey pubkey;

    if (!pubkey.RecoverCompact(MessageHash(message), *signature_bytes)) {

        return MessageVerificationResult::ERR_PUBKEY_NOT_RECOVERED;

    }


    if (!(PKHash(pubkey) == *std::get_if<PKHash>(&destination))) {

        return MessageVerificationResult::ERR_NOT_SIGNED;

    }


    return MessageVerificationResult::OK;

}


bool MessageSign(

    const CKey& privkey,

    const std::string& message,

    std::string& signature)

{

    std::vector<unsigned char> signature_bytes;


    if (!privkey.SignCompact(MessageHash(message), signature_bytes)) {

        return false;

    }


    signature = EncodeBase64(signature_bytes);


    return true;

}


uint256 MessageHash(const std::string& message)

{

    HashWriter hasher{};

    hasher << MESSAGE_MAGIC << message;


    return hasher.GetHash();

}


std::string SigningResultString(const SigningResult res)

{

    switch (res) {

        case SigningResult::OK:

            return "No error";

        case SigningResult::PRIVATE_KEY_NOT_AVAILABLE:

            return "Private key not available";

        case SigningResult::SIGNING_FAILED:

            return "Sign failed";

        // no default case, so the compiler can warn about missing cases

    }

    assert(false);

}

IsValidDestination
bool IsValidDestination(const CTxDestination &dest)
Check whether a CTxDestination corresponds to one with an address.
Definition: addresstype.cpp:171

CTxDestination
std::variant< CNoDestination, PubKeyDestination, PKHash, ScriptHash, WitnessV0ScriptHash, WitnessV0KeyHash, WitnessV1Taproot, PayToAnchor, WitnessUnknown > CTxDestination
A txout script categorized into standard templates.
Definition: addresstype.h:140

CKey
An encapsulated private key.
Definition: key.h:35

CKey::SignCompact
bool SignCompact(const uint256 &hash, std::vector< unsigned char > &vchSig) const
Create a compact signature (65 bytes), which allows reconstructing the used public key.
Definition: key.cpp:249

CPubKey
An encapsulated public key.
Definition: pubkey.h:34

CPubKey::RecoverCompact
bool RecoverCompact(const uint256 &hash, const std::vector< unsigned char > &vchSig)
Recover a public key from a compact signature.
Definition: pubkey.cpp:294

HashWriter
A writer stream (for serialization) that computes a 256-bit hash.
Definition: hash.h:101

uint256
256-bit opaque blob.
Definition: uint256.h:190

MessageHash
uint256 MessageHash(const std::string &message)
Hashes a message for signing and verification in a manner that prevents inadvertently signing a trans...
Definition: signmessage.cpp:73

MessageSign
bool MessageSign(const CKey &privkey, const std::string &message, std::string &signature)
Sign a message.
Definition: signmessage.cpp:57

MESSAGE_MAGIC
const std::string MESSAGE_MAGIC
Text used to signify that a signed message follows and to prevent inadvertently signing a transaction...
Definition: signmessage.cpp:24

SigningResultString
std::string SigningResultString(const SigningResult res)
Definition: signmessage.cpp:81

MessageVerify
MessageVerificationResult MessageVerify(const std::string &address, const std::string &signature, const std::string &message)
Verify a signed message.
Definition: signmessage.cpp:26

key.h

DecodeDestination
CTxDestination DecodeDestination(const std::string &str, std::string &error_msg, std::vector< int > *error_locations)
Definition: key_io.cpp:299

key_io.h

pubkey.h

signmessage.h

SigningResult
SigningResult
Definition: signmessage.h:43

SigningResult::PRIVATE_KEY_NOT_AVAILABLE
@ PRIVATE_KEY_NOT_AVAILABLE

SigningResult::SIGNING_FAILED
@ SIGNING_FAILED

SigningResult::OK
@ OK
No error.

MessageVerificationResult
MessageVerificationResult
The result of a signed message verification.
Definition: signmessage.h:23

MessageVerificationResult::ERR_MALFORMED_SIGNATURE
@ ERR_MALFORMED_SIGNATURE
The provided signature couldn't be parsed (maybe invalid base64).

MessageVerificationResult::ERR_INVALID_ADDRESS
@ ERR_INVALID_ADDRESS
The provided address is invalid.

MessageVerificationResult::ERR_ADDRESS_NO_KEY
@ ERR_ADDRESS_NO_KEY
The provided address is valid but does not refer to a public key.

MessageVerificationResult::ERR_NOT_SIGNED
@ ERR_NOT_SIGNED
The message was not signed with the private key of the provided address.

MessageVerificationResult::OK
@ OK
The message verification was successful.

MessageVerificationResult::ERR_PUBKEY_NOT_RECOVERED
@ ERR_PUBKEY_NOT_RECOVERED
A public key could not be recovered from the provided signature and message.

strencodings.h

PKHash
Definition: addresstype.h:48

uint256.h

EncodeBase64
std::string EncodeBase64(Span< const unsigned char > input)
Definition: strencodings.cpp:99

DecodeBase64
std::optional< std::vector< unsigned char > > DecodeBase64(std::string_view str)
Definition: strencodings.cpp:110

assert
assert(!tx.IsCoinBase())