aboutsummaryrefslogtreecommitdiffstats
path: root/console
diff options
context:
space:
mode:
authorbas-vk <bas-vk@users.noreply.github.com>2016-10-29 03:25:49 +0800
committerFelix Lange <fjl@twurst.com>2016-10-29 03:25:49 +0800
commitb59c8399fbe42390a3d41e945d03b1f21c1a9b8d (patch)
treee7fd68d7619ef4cc2f7739c6fb85096238ae7a17 /console
parent289b30715d097edafd5562f66cb3567a70b2d330 (diff)
downloaddexon-b59c8399fbe42390a3d41e945d03b1f21c1a9b8d.tar
dexon-b59c8399fbe42390a3d41e945d03b1f21c1a9b8d.tar.gz
dexon-b59c8399fbe42390a3d41e945d03b1f21c1a9b8d.tar.bz2
dexon-b59c8399fbe42390a3d41e945d03b1f21c1a9b8d.tar.lz
dexon-b59c8399fbe42390a3d41e945d03b1f21c1a9b8d.tar.xz
dexon-b59c8399fbe42390a3d41e945d03b1f21c1a9b8d.tar.zst
dexon-b59c8399fbe42390a3d41e945d03b1f21c1a9b8d.zip
internal/ethapi: add personal_sign and fix eth_sign to hash message (#2940)
This commit includes several API changes: - The behavior of eth_sign is changed. It now accepts an arbitrary message, prepends the well-known string \x19Ethereum Signed Message:\n<length of message> hashes the result using keccak256 and calculates the signature of the hash. This breaks backwards compatability! - personal_sign(hash, address [, password]) is added. It has the same semantics as eth_sign but also accepts a password. The private key used to sign the hash is temporarily unlocked in the scope of the request. - personal_recover(message, signature) is added and returns the address for the account that created a signature.
Diffstat (limited to 'console')
-rw-r--r--console/bridge.go38
-rw-r--r--console/console.go11
2 files changed, 45 insertions, 4 deletions
diff --git a/console/bridge.go b/console/bridge.go
index 22ed7192b..24a777d78 100644
--- a/console/bridge.go
+++ b/console/bridge.go
@@ -126,6 +126,44 @@ func (b *bridge) UnlockAccount(call otto.FunctionCall) (response otto.Value) {
return val
}
+// Sign is a wrapper around the personal.sign RPC method that uses a non-echoing password
+// prompt to aquire the passphrase and executes the original RPC method (saved in
+// jeth.sign) with it to actually execute the RPC call.
+func (b *bridge) Sign(call otto.FunctionCall) (response otto.Value) {
+ var (
+ message = call.Argument(0)
+ account = call.Argument(1)
+ passwd = call.Argument(2)
+ )
+
+ if !message.IsString() {
+ throwJSException("first argument must be the message to sign")
+ }
+ if !account.IsString() {
+ throwJSException("second argument must be the account to sign with")
+ }
+
+ // if the password is not given or null ask the user and ensure password is a string
+ if passwd.IsUndefined() || passwd.IsNull() {
+ fmt.Fprintf(b.printer, "Give password for account %s\n", account)
+ if input, err := b.prompter.PromptPassword("Passphrase: "); err != nil {
+ throwJSException(err.Error())
+ } else {
+ passwd, _ = otto.ToValue(input)
+ }
+ }
+ if !passwd.IsString() {
+ throwJSException("third argument must be the password to unlock the account")
+ }
+
+ // Send the request to the backend and return
+ val, err := call.Otto.Call("jeth.sign", nil, message, account, passwd)
+ if err != nil {
+ throwJSException(err.Error())
+ }
+ return val
+}
+
// Sleep will block the console for the specified number of seconds.
func (b *bridge) Sleep(call otto.FunctionCall) (response otto.Value) {
if call.Argument(0).IsNumber() {
diff --git a/console/console.go b/console/console.go
index f224f0c2e..3cde9b8f5 100644
--- a/console/console.go
+++ b/console/console.go
@@ -156,10 +156,9 @@ func (c *Console) init(preload []string) error {
if err != nil {
return err
}
- // Override the unlockAccount and newAccount methods since these require user interaction.
- // Assign the jeth.unlockAccount and jeth.newAccount in the Console the original web3 callbacks.
- // These will be called by the jeth.* methods after they got the password from the user and send
- // the original web3 request to the backend.
+ // Override the unlockAccount, newAccount and sign methods since these require user interaction.
+ // Assign these method in the Console the original web3 callbacks. These will be called by the jeth.*
+ // methods after they got the password from the user and send the original web3 request to the backend.
if obj := personal.Object(); obj != nil { // make sure the personal api is enabled over the interface
if _, err = c.jsre.Run(`jeth.unlockAccount = personal.unlockAccount;`); err != nil {
return fmt.Errorf("personal.unlockAccount: %v", err)
@@ -167,8 +166,12 @@ func (c *Console) init(preload []string) error {
if _, err = c.jsre.Run(`jeth.newAccount = personal.newAccount;`); err != nil {
return fmt.Errorf("personal.newAccount: %v", err)
}
+ if _, err = c.jsre.Run(`jeth.sign = personal.sign;`); err != nil {
+ return fmt.Errorf("personal.sign: %v", err)
+ }
obj.Set("unlockAccount", bridge.UnlockAccount)
obj.Set("newAccount", bridge.NewAccount)
+ obj.Set("sign", bridge.Sign)
}
}
// The admin.sleep and admin.sleepBlocks are offered by the console and not by the RPC layer.