diff --git a/go.mod b/go.mod index 2b4b74b..b74440c 100644 --- a/go.mod +++ b/go.mod @@ -25,6 +25,7 @@ require ( github.com/grpc-ecosystem/grpc-gateway/v2 v2.15.2 github.com/planetmint/planetmint-go/lib v0.5.0 github.com/rddl-network/elements-rpc v1.0.0 + github.com/rddl-network/go-utils v0.1.1 github.com/spf13/cast v1.6.0 github.com/spf13/cobra v1.6.1 github.com/spf13/pflag v1.0.5 diff --git a/go.sum b/go.sum index 60cc8d5..9e4bd13 100644 --- a/go.sum +++ b/go.sum @@ -892,6 +892,8 @@ github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 h1:N/ElC8H3+5X github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/rddl-network/elements-rpc v1.0.0 h1:geFcsaD1t2ONxRC13semPpiOwsJl0ZCfkFT9UIKPZFk= github.com/rddl-network/elements-rpc v1.0.0/go.mod h1:E35cJMXZqe1iEo/AvjwSWn25mHZ4+y4gV8qj0lWle5c= +github.com/rddl-network/go-utils v0.1.1 h1:41ZrDMM2ree7/OfhKYK4j/SQnyVvms4YirTKneibeyk= +github.com/rddl-network/go-utils v0.1.1/go.mod h1:xKO/ZSAEHwcYe8bNUZjcQCIX+6OMXzEXu1WQ1HqXqZA= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= diff --git a/util/validate_signature.go b/util/validate_signature.go deleted file mode 100644 index e72d807..0000000 --- a/util/validate_signature.go +++ /dev/null @@ -1,53 +0,0 @@ -package util - -import ( - "encoding/hex" - "errors" - - "github.com/btcsuite/btcd/btcutil/hdkeychain" - "github.com/cosmos/cosmos-sdk/crypto/keys/secp256k1" -) - -func ValidateSignature(message string, signature string, publicKey string) (bool, error) { - // Convert the message, signature, and public key from hex to bytes - messageBytes, err := hex.DecodeString(message) - if err != nil { - return false, errors.New("invalid message hex string") - } - return ValidateSignatureByteMsg(messageBytes, signature, publicKey) -} - -func ValidateSignatureByteMsg(message []byte, signature string, publicKey string) (bool, error) { - // Convert signature, and public key from hex to bytes - signatureBytes, err := hex.DecodeString(signature) - if err != nil { - return false, errors.New("invalid signature hex string") - } - publicKeyBytes, err := hex.DecodeString(publicKey) - if err != nil { - return false, errors.New("invalid public key hex string") - } - - // Create a secp256k1 public key object - pubKey := &secp256k1.PubKey{Key: publicKeyBytes} - - // Verify the signature - isValid := pubKey.VerifySignature(message, signatureBytes) - if !isValid { - return false, errors.New("invalid signature") - } - return isValid, nil -} - -func GetHexPubKey(extPubKey string) (string, error) { - xpubKey, err := hdkeychain.NewKeyFromString(extPubKey) - if err != nil { - return "", err - } - pubKey, err := xpubKey.ECPubKey() - if err != nil { - return "", err - } - byteKey := pubKey.SerializeCompressed() - return hex.EncodeToString(byteKey), nil -} diff --git a/x/machine/keeper/msg_server_attest_machine.go b/x/machine/keeper/msg_server_attest_machine.go index 21e952e..f0e3277 100644 --- a/x/machine/keeper/msg_server_attest_machine.go +++ b/x/machine/keeper/msg_server_attest_machine.go @@ -2,6 +2,7 @@ package keeper import ( "context" + "errors" "fmt" config "github.com/planetmint/planetmint-go/config" @@ -13,6 +14,7 @@ import ( errorsmod "cosmossdk.io/errors" sdk "github.com/cosmos/cosmos-sdk/types" + "github.com/rddl-network/go-utils/signature" ) func (k msgServer) AttestMachine(goCtx context.Context, msg *types.MsgAttestMachine) (*types.MsgAttestMachineResponse, error) { @@ -22,9 +24,17 @@ func (k msgServer) AttestMachine(goCtx context.Context, msg *types.MsgAttestMach // and removed from here due to inconsistency or checking the same thing over and over again. ta, _, _ := k.GetTrustAnchor(ctx, msg.Machine.MachineId) - isValidMachineID, err := util.ValidateSignature(msg.Machine.MachineId, msg.Machine.MachineIdSignature, msg.Machine.MachineId) - if !isValidMachineID { - return nil, err + isValidSecp256r1, errR1 := signature.ValidateSECP256R1Signature(msg.Machine.MachineId, msg.Machine.MachineIdSignature, msg.Machine.MachineId) + if errR1 != nil || !isValidSecp256r1 { + isValidSecp256k1, errK1 := signature.ValidateSignature(msg.Machine.MachineId, msg.Machine.MachineIdSignature, msg.Machine.MachineId) + if errK1 != nil || !isValidSecp256k1 { + errStr := "" + if errR1 != nil { + errStr = errR1.Error() + } + aggreatedErrorMessage := "Invalid machine signature: " + errStr + ", " + errK1.Error() + return nil, errors.New(aggreatedErrorMessage) + } } isValidIssuerPlanetmint := validateExtendedPublicKey(msg.Machine.IssuerPlanetmint, config.PlmntNetParams) @@ -59,7 +69,7 @@ func (k msgServer) AttestMachine(goCtx context.Context, msg *types.MsgAttestMach k.StoreMachine(ctx, *msg.Machine) k.StoreMachineIndex(ctx, *msg.Machine) - err = k.StoreTrustAnchor(ctx, ta, true) + err := k.StoreTrustAnchor(ctx, ta, true) if err != nil { return nil, err }