diff options
author | bas-vk <bas-vk@users.noreply.github.com> | 2016-10-29 03:25:49 +0800 |
---|---|---|
committer | Felix Lange <fjl@twurst.com> | 2016-10-29 03:25:49 +0800 |
commit | b59c8399fbe42390a3d41e945d03b1f21c1a9b8d (patch) | |
tree | e7fd68d7619ef4cc2f7739c6fb85096238ae7a17 /console | |
parent | 289b30715d097edafd5562f66cb3567a70b2d330 (diff) | |
download | dexon-b59c8399fbe42390a3d41e945d03b1f21c1a9b8d.tar dexon-b59c8399fbe42390a3d41e945d03b1f21c1a9b8d.tar.gz dexon-b59c8399fbe42390a3d41e945d03b1f21c1a9b8d.tar.bz2 dexon-b59c8399fbe42390a3d41e945d03b1f21c1a9b8d.tar.lz dexon-b59c8399fbe42390a3d41e945d03b1f21c1a9b8d.tar.xz dexon-b59c8399fbe42390a3d41e945d03b1f21c1a9b8d.tar.zst dexon-b59c8399fbe42390a3d41e945d03b1f21c1a9b8d.zip |
internal/ethapi: add personal_sign and fix eth_sign to hash message (#2940)
This commit includes several API changes:
- The behavior of eth_sign is changed. It now accepts an arbitrary
message, prepends the well-known string
\x19Ethereum Signed Message:\n<length of message>
hashes the result using keccak256 and calculates the signature of
the hash. This breaks backwards compatability!
- personal_sign(hash, address [, password]) is added. It has the same
semantics as eth_sign but also accepts a password. The private key
used to sign the hash is temporarily unlocked in the scope of the
request.
- personal_recover(message, signature) is added and returns the
address for the account that created a signature.
Diffstat (limited to 'console')
-rw-r--r-- | console/bridge.go | 38 | ||||
-rw-r--r-- | console/console.go | 11 |
2 files changed, 45 insertions, 4 deletions
diff --git a/console/bridge.go b/console/bridge.go index 22ed7192b..24a777d78 100644 --- a/console/bridge.go +++ b/console/bridge.go @@ -126,6 +126,44 @@ func (b *bridge) UnlockAccount(call otto.FunctionCall) (response otto.Value) { return val } +// Sign is a wrapper around the personal.sign RPC method that uses a non-echoing password +// prompt to aquire the passphrase and executes the original RPC method (saved in +// jeth.sign) with it to actually execute the RPC call. +func (b *bridge) Sign(call otto.FunctionCall) (response otto.Value) { + var ( + message = call.Argument(0) + account = call.Argument(1) + passwd = call.Argument(2) + ) + + if !message.IsString() { + throwJSException("first argument must be the message to sign") + } + if !account.IsString() { + throwJSException("second argument must be the account to sign with") + } + + // if the password is not given or null ask the user and ensure password is a string + if passwd.IsUndefined() || passwd.IsNull() { + fmt.Fprintf(b.printer, "Give password for account %s\n", account) + if input, err := b.prompter.PromptPassword("Passphrase: "); err != nil { + throwJSException(err.Error()) + } else { + passwd, _ = otto.ToValue(input) + } + } + if !passwd.IsString() { + throwJSException("third argument must be the password to unlock the account") + } + + // Send the request to the backend and return + val, err := call.Otto.Call("jeth.sign", nil, message, account, passwd) + if err != nil { + throwJSException(err.Error()) + } + return val +} + // Sleep will block the console for the specified number of seconds. func (b *bridge) Sleep(call otto.FunctionCall) (response otto.Value) { if call.Argument(0).IsNumber() { diff --git a/console/console.go b/console/console.go index f224f0c2e..3cde9b8f5 100644 --- a/console/console.go +++ b/console/console.go @@ -156,10 +156,9 @@ func (c *Console) init(preload []string) error { if err != nil { return err } - // Override the unlockAccount and newAccount methods since these require user interaction. - // Assign the jeth.unlockAccount and jeth.newAccount in the Console the original web3 callbacks. - // These will be called by the jeth.* methods after they got the password from the user and send - // the original web3 request to the backend. + // Override the unlockAccount, newAccount and sign methods since these require user interaction. + // Assign these method in the Console the original web3 callbacks. These will be called by the jeth.* + // methods after they got the password from the user and send the original web3 request to the backend. if obj := personal.Object(); obj != nil { // make sure the personal api is enabled over the interface if _, err = c.jsre.Run(`jeth.unlockAccount = personal.unlockAccount;`); err != nil { return fmt.Errorf("personal.unlockAccount: %v", err) @@ -167,8 +166,12 @@ func (c *Console) init(preload []string) error { if _, err = c.jsre.Run(`jeth.newAccount = personal.newAccount;`); err != nil { return fmt.Errorf("personal.newAccount: %v", err) } + if _, err = c.jsre.Run(`jeth.sign = personal.sign;`); err != nil { + return fmt.Errorf("personal.sign: %v", err) + } obj.Set("unlockAccount", bridge.UnlockAccount) obj.Set("newAccount", bridge.NewAccount) + obj.Set("sign", bridge.Sign) } } // The admin.sleep and admin.sleepBlocks are offered by the console and not by the RPC layer. |