From b59c8399fbe42390a3d41e945d03b1f21c1a9b8d Mon Sep 17 00:00:00 2001 From: bas-vk Date: Fri, 28 Oct 2016 21:25:49 +0200 Subject: internal/ethapi: add personal_sign and fix eth_sign to hash message (#2940) This commit includes several API changes: - The behavior of eth_sign is changed. It now accepts an arbitrary message, prepends the well-known string \x19Ethereum Signed Message:\n hashes the result using keccak256 and calculates the signature of the hash. This breaks backwards compatability! - personal_sign(hash, address [, password]) is added. It has the same semantics as eth_sign but also accepts a password. The private key used to sign the hash is temporarily unlocked in the scope of the request. - personal_recover(message, signature) is added and returns the address for the account that created a signature. --- accounts/abi/bind/auth.go | 2 +- accounts/account_manager.go | 25 ++++++++++++++++++++----- 2 files changed, 21 insertions(+), 6 deletions(-) (limited to 'accounts') diff --git a/accounts/abi/bind/auth.go b/accounts/abi/bind/auth.go index 2cf22768c..cd6adc746 100644 --- a/accounts/abi/bind/auth.go +++ b/accounts/abi/bind/auth.go @@ -52,7 +52,7 @@ func NewKeyedTransactor(key *ecdsa.PrivateKey) *TransactOpts { if address != keyAddr { return nil, errors.New("not authorized to sign this account") } - signature, err := crypto.Sign(tx.SigHash().Bytes(), key) + signature, err := crypto.SignEthereum(tx.SigHash().Bytes(), key) if err != nil { return nil, err } diff --git a/accounts/account_manager.go b/accounts/account_manager.go index bfb7556d6..c8601c3c0 100644 --- a/accounts/account_manager.go +++ b/accounts/account_manager.go @@ -136,8 +136,11 @@ func (am *Manager) DeleteAccount(a Account, passphrase string) error { return err } -// Sign signs hash with an unlocked private key matching the given address. -func (am *Manager) Sign(addr common.Address, hash []byte) (signature []byte, err error) { +// Sign calculates a ECDSA signature for the given hash. +// Note, Ethereum signatures have a particular format as described in the +// yellow paper. Use the SignEthereum function to calculate a signature +// in Ethereum format. +func (am *Manager) Sign(addr common.Address, hash []byte) ([]byte, error) { am.mu.RLock() defer am.mu.RUnlock() unlockedKey, found := am.unlocked[addr] @@ -147,8 +150,20 @@ func (am *Manager) Sign(addr common.Address, hash []byte) (signature []byte, err return crypto.Sign(hash, unlockedKey.PrivateKey) } -// SignWithPassphrase signs hash if the private key matching the given address can be -// decrypted with the given passphrase. +// SignEthereum calculates a ECDSA signature for the given hash. +// The signature has the format as described in the Ethereum yellow paper. +func (am *Manager) SignEthereum(addr common.Address, hash []byte) ([]byte, error) { + am.mu.RLock() + defer am.mu.RUnlock() + unlockedKey, found := am.unlocked[addr] + if !found { + return nil, ErrLocked + } + return crypto.SignEthereum(hash, unlockedKey.PrivateKey) +} + +// SignWithPassphrase signs hash if the private key matching the given +// address can be decrypted with the given passphrase. func (am *Manager) SignWithPassphrase(addr common.Address, passphrase string, hash []byte) (signature []byte, err error) { _, key, err := am.getDecryptedKey(Account{Address: addr}, passphrase) if err != nil { @@ -156,7 +171,7 @@ func (am *Manager) SignWithPassphrase(addr common.Address, passphrase string, ha } defer zeroKey(key.PrivateKey) - return crypto.Sign(hash, key.PrivateKey) + return crypto.SignEthereum(hash, key.PrivateKey) } // Unlock unlocks the given account indefinitely. -- cgit v1.2.3