MCPcopy Create free account
hub / github.com/ElementsProject/lightning / json_checkmessage

Function json_checkmessage

lightningd/signmessage.c:148–235  ·  view source on GitHub ↗

Source from the content-addressed store, hash-verified

146}
147
148static struct command_result *json_checkmessage(struct command *cmd,
149 const char *buffer,
150 const jsmntok_t *obj UNNEEDED,
151 const jsmntok_t *params)
152{
153 struct pubkey *pubkey, reckey;
154 const u8 *u8sig;
155 const char *message, *zb;
156 secp256k1_ecdsa_recoverable_signature rsig;
157 struct sha256_ctx sctx = SHA256_INIT;
158 struct sha256_double shad;
159 struct json_stream *response;
160
161 if (!param_check(cmd, buffer, params,
162 p_req("message", param_string, &message),
163 p_req("zbase", param_string, &zb),
164 p_opt("pubkey", param_pubkey, &pubkey),
165 NULL))
166 return command_param_failed();
167
168 u8sig = from_zbase32(tmpctx, zb);
169 if (!u8sig)
170 return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
171 "zbase is not valid zbase32");
172
173 if (tal_bytelen(u8sig) != 65)
174 return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
175 "zbase is too %s",
176 tal_bytelen(u8sig) < 65 ? "short" : "long");
177
178 if (!secp256k1_ecdsa_recoverable_signature_parse_compact(secp256k1_ctx,
179 &rsig,
180 u8sig + 1,
181 u8sig[0] - 31))
182 return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
183 "cannot parse zbase signature");
184
185 if (command_check_only(cmd))
186 return command_check_done(cmd);
187
188 sha256_update(&sctx, "Lightning Signed Message:",
189 strlen("Lightning Signed Message:"));
190 sha256_update(&sctx, message, strlen(message));
191 sha256_double_done(&sctx, &shad);
192
193 if (!secp256k1_ecdsa_recover(secp256k1_ctx, &reckey.pubkey, &rsig,
194 shad.sha.u.u8)) {
195 response = json_stream_success(cmd);
196 json_add_bool(response, "verified", false);
197 return command_success(cmd, response);
198 }
199
200 /* If they didn't specify pubkey, we only accept the signature if it's
201 * in the graph (thus, they've signed something with it). This idea
202 * was stolen directly from lnd, thanks @roasbeef.
203 *
204 * FIXME: We could also look through known invoices: AFAICT you can't
205 * make two (different) signed messages with the same recovered key

Callers

nothing calls this directly

Calls 15

param_checkFunction · 0.85
from_zbase32Function · 0.85
tal_bytelenFunction · 0.85
sha256_updateFunction · 0.85
sha256_double_doneFunction · 0.85
json_add_boolFunction · 0.85
node_id_from_pubkeyFunction · 0.85
json_add_node_idFunction · 0.85
json_add_pubkeyFunction · 0.85
command_param_failedFunction · 0.70
command_failFunction · 0.70
command_check_onlyFunction · 0.70

Tested by

no test coverage detected