diff --git a/cmd/clef/extapi_changelog.md b/cmd/clef/extapi_changelog.md index 6c2c3e819430..55b9f0995b48 100644 --- a/cmd/clef/extapi_changelog.md +++ b/cmd/clef/extapi_changelog.md @@ -1,5 +1,12 @@ ### Changelog for external API +### 5.0.0 + +* The external method `accounts_Sign(address, data)` was replaced with `accounts_signData(contentType, address, data)`. +The addition of `contentType` makes it possible to use the method for different types of objects, such as + * signing clique headers, + * signing [ERC-712](https://eips.ethereum.org/EIPS/eip-712) typed data structures (not yet implemented) + #### 4.0.0 * The external `account_Ecrecover`-method was removed. diff --git a/cmd/clef/main.go b/cmd/clef/main.go index 6098b1ac21f1..73ec16643666 100644 --- a/cmd/clef/main.go +++ b/cmd/clef/main.go @@ -39,14 +39,17 @@ import ( "github.com/ethereum/go-ethereum/cmd/utils" "github.com/ethereum/go-ethereum/common" "github.com/ethereum/go-ethereum/console" + "github.com/ethereum/go-ethereum/core/types" "github.com/ethereum/go-ethereum/crypto" "github.com/ethereum/go-ethereum/log" "github.com/ethereum/go-ethereum/node" + "github.com/ethereum/go-ethereum/rlp" "github.com/ethereum/go-ethereum/rpc" "github.com/ethereum/go-ethereum/signer/core" "github.com/ethereum/go-ethereum/signer/rules" "github.com/ethereum/go-ethereum/signer/storage" "gopkg.in/urfave/cli.v1" + "math/big" ) // ExternalAPIVersion -- see extapi_changelog.md @@ -631,10 +634,38 @@ func testExternalUI(api *core.SignerAPI) { } var err error + cliqueHeader := types.Header{ + common.HexToHash("0000H45H"), + common.HexToHash("0000H45H"), + common.HexToAddress("0000H45H"), + common.HexToHash("0000H00H"), + common.HexToHash("0000H45H"), + common.HexToHash("0000H45H"), + types.Bloom{}, + big.NewInt(1337), + big.NewInt(1337), + 1338, + 1338, + big.NewInt(1338), + []byte("Extra data Extra data Extra data Extra data Extra data Extra data Extra data Extra data"), + common.HexToHash("0x0000H45H"), + types.BlockNonce{}, + } + cliqueRlp, err := rlp.EncodeToBytes(cliqueHeader) + if err != nil { + utils.Fatalf("Should not error: %v", err) + } + addr, err:= common.NewMixedcaseAddressFromString("0x0011223344556677889900112233445566778899") + if err != nil { + utils.Fatalf("Should not error: %v", err) + } + _, err = api.SignData(ctx, "application/clique", *addr, cliqueRlp) + checkErr("SignData", err) + _, err = api.SignTransaction(ctx, core.SendTxArgs{From: common.MixedcaseAddress{}}, nil) checkErr("SignTransaction", err) - _, err = api.Sign(ctx, common.MixedcaseAddress{}, common.Hex2Bytes("01020304")) - checkErr("Sign", err) + //_, err = api.Sign(ctx, common.MixedcaseAddress{}, common.Hex2Bytes("01020304")) + //checkErr("Sign", err) _, err = api.List(ctx) checkErr("List", err) _, err = api.New(ctx) diff --git a/signer/core/api.go b/signer/core/api.go index 2b96cdb5f32f..1265cba7135c 100644 --- a/signer/core/api.go +++ b/signer/core/api.go @@ -30,10 +30,13 @@ import ( "github.com/ethereum/go-ethereum/accounts/usbwallet" "github.com/ethereum/go-ethereum/common" "github.com/ethereum/go-ethereum/common/hexutil" + "github.com/ethereum/go-ethereum/core/types" "github.com/ethereum/go-ethereum/crypto" + "github.com/ethereum/go-ethereum/crypto/sha3" "github.com/ethereum/go-ethereum/internal/ethapi" "github.com/ethereum/go-ethereum/log" "github.com/ethereum/go-ethereum/rlp" + "mime" ) // numberOfAccountsToDerive For hardware wallets, the number of accounts to derive @@ -48,7 +51,9 @@ type ExternalAPI interface { // SignTransaction request to sign the specified transaction SignTransaction(ctx context.Context, args SendTxArgs, methodSelector *string) (*ethapi.SignTransactionResult, error) // Sign - request to sign the given data (plus prefix) - Sign(ctx context.Context, addr common.MixedcaseAddress, data hexutil.Bytes) (hexutil.Bytes, error) + SignData(ctx context.Context, contentType string, addr common.MixedcaseAddress, data hexutil.Bytes) (hexutil.Bytes, error) + // EcRecover - request to perform ecrecover + //EcRecover(ctx context.Context, data, sig hexutil.Bytes) (common.Address, error) // Export - request to export an account Export(ctx context.Context, addr common.Address) (json.RawMessage, error) // Import - request to import an account @@ -170,11 +175,12 @@ type ( NewPassword string `json:"new_password"` } SignDataRequest struct { - Address common.MixedcaseAddress `json:"address"` - Rawdata hexutil.Bytes `json:"raw_data"` - Message string `json:"message"` - Hash hexutil.Bytes `json:"hash"` - Meta Metadata `json:"meta"` + Address common.MixedcaseAddress `json:"address"` + Rawdata hexutil.Bytes `json:"raw_data"` + Message string `json:"message"` + Hash hexutil.Bytes `json:"hash"` + Meta Metadata `json:"meta"` + ContentType string `json:"content_type"` } SignDataResponse struct { Approved bool `json:"approved"` @@ -510,22 +516,96 @@ func (api *SignerAPI) SignTransaction(ctx context.Context, args SendTxArgs, meth } -// Sign calculates an Ethereum ECDSA signature for: -// keccack256("\x19Ethereum Signed Message:\n" + len(message) + message)) +// cliqueSigHash returns the hash which is used as input for the proof-of-authority +// signing. It is the hash of the entire header apart from the 65 byte signature +// contained at the end of the extra data. // -// Note, the produced signature conforms to the secp256k1 curve R, S and V values, -// where the V value will be 27 or 28 for legacy reasons. +// The method requires the extra data to be at least 65 bytes -- the original implementation +// in clique.go panics if this is the case, thus it's been reimplemented here to avoid the panic +// and simply return an error instead +func cliqueSigHash(header *types.Header) (hexutil.Bytes, error) { + hash := common.Hash{} + if len(header.Extra) < 65 { + return hash.Bytes(), fmt.Errorf("clique header extradata too short, %d < 65", len(header.Extra)) + } + hasher := sha3.NewKeccak256() + rlp.Encode(hasher, []interface{}{ + header.ParentHash, + header.UncleHash, + header.Coinbase, + header.Root, + header.TxHash, + header.ReceiptHash, + header.Bloom, + header.Difficulty, + header.Number, + header.GasLimit, + header.GasUsed, + header.Time, + header.Extra[:len(header.Extra)-65], + header.MixDigest, + header.Nonce, + }) + hasher.Sum(hash[:0]) + return hash.Bytes(), nil +} + +func (api *SignerAPI) determineSignatureFormat(contentType string, data hexutil.Bytes) (*SignDataRequest, error) { + var req *SignDataRequest + mediaType, _, err := mime.ParseMediaType(contentType) + if err != nil { + return nil, err + } + switch mediaType { + case "application/clique": + header := &types.Header{} + if err := rlp.DecodeBytes(data, header); err != nil { + return nil, err + } + sighash, err := cliqueSigHash(header) + if err != nil { + return nil, err + } + msg := fmt.Sprintf("Clique block %d [0x%x]", header.Number, header.Hash()) + req = &SignDataRequest{Rawdata: data, Message: msg, Hash: sighash, ContentType: mediaType} + case "text/plain": + // Sign calculates an Ethereum ECDSA signature for: + // keccack256("\x19Ethereum Signed Message:\n" + len(message) + message)) + + // In the cases where it matter ensure that the charset is handled. The charset + // resides in the 'params' returned as the second returnvalue from mime.ParseMediaType + // charset, ok := params["charset"] + // As it is now, we accept any charset and just treat it as 'raw'. + + sighash, msg := SignHash(data) + req = &SignDataRequest{Rawdata: data, Message: msg, Hash: sighash, ContentType: mediaType} + default: + //TODO! Add a content-type for EIP712 typed data. + return nil, fmt.Errorf("content type '%s' not implemented for signing") + } + return req, nil + +} + +// SignData signs the hash of the provided data, but does so differently +// depending on the content-type specified. // -// The key used to calculate the signature is decrypted with the given password. +// Depending on the content-type, different types of validations will occur. // -// https://github.com/ethereum/go-ethereum/wiki/Management-APIs#personal_sign -func (api *SignerAPI) Sign(ctx context.Context, addr common.MixedcaseAddress, data hexutil.Bytes) (hexutil.Bytes, error) { - sighash, msg := SignHash(data) +// Note, the produced signature conforms to the secp256k1 curve R, S and V values, +// where the V value will be 27 or 28 for legacy reasons. +func (api *SignerAPI) SignData(ctx context.Context, contentType string, addr common.MixedcaseAddress, data hexutil.Bytes) (hexutil.Bytes, error) { + + var req, err = api.determineSignatureFormat(contentType, data) + if err != nil { + return nil, err + } + req.Address = addr + req.Meta = MetadataFromContext(ctx) + // We make the request prior to looking up if we actually have the account, to prevent // account-enumeration via the API - req := &SignDataRequest{Address: addr, Rawdata: data, Message: msg, Hash: sighash, Meta: MetadataFromContext(ctx)} res, err := api.UI.ApproveSignData(req) - if err != nil { return nil, err } @@ -538,8 +618,8 @@ func (api *SignerAPI) Sign(ctx context.Context, addr common.MixedcaseAddress, da if err != nil { return nil, err } - // Assemble sign the data with the wallet - signature, err := wallet.SignHashWithPassphrase(account, res.Password, sighash) + // Sign the data with the wallet + signature, err := wallet.SignHashWithPassphrase(account, res.Password, req.Hash) if err != nil { api.UI.ShowError(err.Error()) return nil, err diff --git a/signer/core/api_test.go b/signer/core/api_test.go index a8aa23896e6c..abe67c9f4d18 100644 --- a/signer/core/api_test.go +++ b/signer/core/api_test.go @@ -259,7 +259,7 @@ func TestSignData(t *testing.T) { control <- "Y" control <- "wrongpassword" - h, err := api.Sign(context.Background(), a, []byte("EHLO world")) + h, err := api.SignData(context.Background(), "text/plain", a, []byte("EHLO world")) if h != nil { t.Errorf("Expected nil-data, got %x", h) } @@ -267,7 +267,7 @@ func TestSignData(t *testing.T) { t.Errorf("Expected ErrLocked! %v", err) } control <- "No way" - h, err = api.Sign(context.Background(), a, []byte("EHLO world")) + h, err = api.SignData(context.Background(), "text/plain", a, []byte("EHLO world")) if h != nil { t.Errorf("Expected nil-data, got %x", h) } @@ -276,7 +276,7 @@ func TestSignData(t *testing.T) { } control <- "Y" control <- "a_long_password" - h, err = api.Sign(context.Background(), a, []byte("EHLO world")) + h, err = api.SignData(context.Background(), "text/plain", a, []byte("EHLO world")) if err != nil { t.Fatal(err) } diff --git a/signer/core/auditlog.go b/signer/core/auditlog.go index 1f9c90918594..a0fb1b076706 100644 --- a/signer/core/auditlog.go +++ b/signer/core/auditlog.go @@ -63,11 +63,11 @@ func (l *AuditLogger) SignTransaction(ctx context.Context, args SendTxArgs, meth return res, e } -func (l *AuditLogger) Sign(ctx context.Context, addr common.MixedcaseAddress, data hexutil.Bytes) (hexutil.Bytes, error) { - l.log.Info("Sign", "type", "request", "metadata", MetadataFromContext(ctx).String(), - "addr", addr.String(), "data", common.Bytes2Hex(data)) - b, e := l.api.Sign(ctx, addr, data) - l.log.Info("Sign", "type", "response", "data", common.Bytes2Hex(b), "error", e) +func (l *AuditLogger) SignData(ctx context.Context, contentType string, addr common.MixedcaseAddress, data hexutil.Bytes) (hexutil.Bytes, error) { + l.log.Info("SignData", "type", "request", "metadata", MetadataFromContext(ctx).String(), + "addr", addr.String(), "data", common.Bytes2Hex(data), "content-type", contentType) + b, e := l.api.SignData(ctx, contentType, addr, data) + l.log.Info("SignData", "type", "response", "data", common.Bytes2Hex(b), "error", e) return b, e }