fixing the message creation

radixdlt · Nov 28, 2023 · 83358fb · 83358fb
1 parent f85a6fb
commit 83358fb
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 29 deletions.
diff --git a/python/rola/models/signed_challenge.py b/python/rola/models/signed_challenge.py
@@ -1,6 +1,6 @@
-import hashlib
 import logging
 
+import ed25519
 from ecdsa import VerifyingKey, BadSignatureError
 from rola.models.proof import Proof
 
@@ -22,12 +22,11 @@ def __init__(self,
 
     def verify_signature(self, signature_message: str) -> bool:
         # Create a verifying key object from the public key
-        verify_key = VerifyingKey.from_string(
-            bytes.fromhex(self.proof.public_key),
-            curve=self.proof.curve)
-        # Verify the signature
+        verify_key = ed25519.VerifyingKey(bytes.fromhex(self.proof.public_key))
         try:
-            verify_key.verify(self.proof.signature.encode(), signature_message.encode())
+            verify_key.verify(
+                bytes.fromhex(self.proof.signature),
+                bytes.fromhex(signature_message))
             return True
         except BadSignatureError:
             logger.info("Signature is invalid.")

diff --git a/python/rola/utils/helpers.py b/python/rola/utils/helpers.py
@@ -18,22 +18,28 @@ def create_public_key_hash(public_key: str) -> str:
 
 
 def create_signature_message(challenge, dapp_definition_address, origin):
-    # Convert challenge to bytes from hex
+    """
+    Format
+        Y = 82 (R in ASCII for ROLA)
+        32 raw bytes of the challenge
+        1 byte - the length of the UTF-8-encoded bech32-encoded dapp-definition address
+        The bytes of the UTF-8-encoded bech32-encoded address
+        The bytes of the origin UTF-8 encoded
+    """
+    prefix = 'R'.encode()
+    length_of_dapp_def_address = len(dapp_definition_address)
+    length_of_dapp_def_address_bytes = length_of_dapp_def_address.to_bytes(1, byteorder="big")
+    dapp_def_address_bytes = bytes([ord(c) for c in dapp_definition_address])
+    origin_bytes = bytes([ord(c) for c in origin])
     challenge_bytes = bytes.fromhex(challenge)
-    # Convert dAppDefinitionAddress to bytes using utf-8 encoding
-    dAppDefinitionAddress_bytes = dapp_definition_address.encode('utf-8')
-    # Convert origin to bytes using utf-8 encoding
-    origin_bytes = origin.encode('utf-8')
-    # Create a prefix buffer from ASCII character 'R'
-    prefix = b'R'
-    # Convert length of dAppDefinitionAddress to bytes using hex encoding
-    length_of_dAppDefinitionAddress_bytes = bytes([len(dapp_definition_address)])
-    # Concatenate all the buffers
-    message_buffer = (prefix +
-                      challenge_bytes +
-                      length_of_dAppDefinitionAddress_bytes +
-                      dAppDefinitionAddress_bytes +
-                      origin_bytes)
-    # Hash the message using Blake2b
-    hashed_message = hashlib.blake2b(message_buffer).hexdigest()
-    return hashed_message
+
+    message = b''.join([
+        prefix,
+        challenge_bytes,
+        length_of_dapp_def_address_bytes,
+        dapp_def_address_bytes,
+        origin_bytes,
+    ])
+
+    hash_result = hashlib.blake2b(message, digest_size=32).hexdigest()
+    return hash_result
diff --git a/python/tests/test_signed_challenge.py b/python/tests/test_signed_challenge.py
@@ -6,10 +6,10 @@
 
 
 def test_verify_signature():
-    challenge = 'b519902dd21c9669b81bb5023687879d178e5c4991ba1d0ee9e131cee365bafa'
+    challenge = 'fe81d4fddaa22d0c103198f61df8437d8b8899102633c08021ecc41c5ab61dfd'
     publicKey = 'a6b8a053f51c1f945317bef5f5344321783b243821e919448c5963b9a8a20552'
     dapp_definition_address = "account_tdx_2_12xdm5g7xdhh73zkh7xkty0dsxw4rw0jl0sq4lr3erpc3xdn54zx0le"
-    signature = 'ff90cc1fba1bf027b07d1c676a755f0136a71002684acd6353346ae1f5e3197fec35c20a35e50fafb4caffdfff25a9f6b4df943e81955d4e756fb21c7962c0f3'
+    signature = '7f3730ae82ba7dfcfad7497a9159381451dc11b77b02fd46f67406752f50800e81ad180a59f37a4642f71845272f3ab605a322acd40de80ee650743d7afe4902'
 
     signed_challenge = SignedChallenge(
         challenge=challenge,
@@ -18,12 +18,13 @@ def test_verify_signature():
             signature=signature,
             curve=Ed25519
         ),
-        address="",
-        type=""
+        address="identity_tdx_2_12gc7ajs0araj6ph78dqqd0cvzzcegfygu55jst77vnee2nd05vp8wc",
+        type="persona"
     )
     signature_message = create_signature_message(
         challenge=challenge,
         dapp_definition_address=dapp_definition_address,
         origin="https://stokenet-dashboard.radixdlt.com")
+
     signature_verified = signed_challenge.verify_signature(signature_message)
-    print((signature_verified))
+    assert signature_verified