-
Notifications
You must be signed in to change notification settings - Fork 546
How/where to get value of x-identity and x-signature using bitcore? #708
Comments
From bitcore-wallet-client: /**
* Sign an HTTP request
* @private
* @static
* @memberof Client.API
* @param {String} method - The HTTP method
* @param {String} url - The URL for the request
* @param {Object} args - The arguments in case this is a POST/PUT request
* @param {String} privKey - Private key to sign the request
*/
API._signRequest = function(method, url, args, privKey) {
var message = [method.toLowerCase(), url, JSON.stringify(args)].join('|');
return Utils.signMessage(message, privKey);
}; Utils.signMessage Utils.signMessage = function(text, privKey) {
$.checkArgument(text);
var priv = new PrivateKey(privKey);
var hash = Utils.hashMessage(text);
return crypto.ECDSA.sign(hash, priv, 'little').toString();
};
Utils.hashMessage = function(text) {
$.checkArgument(text);
var buf = new Buffer(text);
var ret = crypto.Hash.sha256sha256(buf);
ret = new Bitcore.encoding.BufferReader(ret).readReverse();
return ret;
}; So basically, x-signature should be:
Edit: ECDSA was using the .sig attribute for sign. |
@dabura667 Thank for immediate reply, I am beginner so i need some more clear detail, if you have please give me step by step process what should i do, and more thing what about peer- ID..? |
If you are a beginner, just use bitcore-wallet to interact with BWS. |
@dabura667 does bitcore-wallet give all feature of bitcore wallet service ..? |
yes. bitcore-wallet-service is server-side, bitcore-wallet is the client software that talks to the BWS server. |
@dabura667 means using bitcore-wallet-service i can not generate multiple address right..? |
Hi @dabura667 I'm trying to create the signature for the message from a PHP based system, and I don't seem to be able to recreate the signature correctly
I am using this PHP library https://github.com/simplito/elliptic-php My code:
Any help much appreciated. |
Two things:
|
Also the signature must be low-S. I suck at reading PHP, sorry. |
@dabura667 Thanks for the help so far. No worries at all, don't expect you to be fluent in all languages.
as far as Low-s goes, $signature holds a Signature object that has an $r and a $s and a $recovery param the toDer('hex') function seems to combine the $r and $s with padding in some way and return the result encoded in hex I've tried using the string value of $s from the signature, this was encoded in base10 and didnt work either. |
@dabura667 I should add I'm dumping the message in the bitcore backend and I can see it's formulated correctly / the same as the requests from the copay client. |
If you are unsure about little endian, flip the byte order before passing to sign. Also, just to clarify, sign doesn’t do any hashing at all? Most libraries default to SHA1, so you could be SHA1-ing the double SHA256. Also, to calculate low-s, check if s > n/2 (where n is the order of the secp256k1 curve) and if it is, you should replace s with n - s Let me know if that helps. |
Also, remember to use the right private key for signing key. |
Thanks @dabura667 I'm signing with the key in the .wallet.dat referenced as "requestPrivKey" I've looked in the sign function and I can't see any hashing, although I have to say its getting a bit over my head, I'm not an encryption guru unfortunately. It seems to be getting truncated, then something next, but no idea, almost unreadable. :)
Is low-s the result i need to send? or am i supposed to calculate the signature with a parameter low-s set? (sorry im totally lacking knowledge in this area) |
Holy shit i just tried another library and got it working. So for anyone else trying to do this, try this other library "BitcoinECDSA" :
Thank you @dabura667 for all your help! |
There seems to be a problem with this library in that when it signs it can produce R values that are negative which goes against BIP-0066. |
Hey @dabura667 One more thing, how is the proposalsSignature generated for a transaction proposal? Thanks! |
I can not find the value of Authentication header from the docs
x-identity : Identity is the Peer-ID
x-signature : Signature is the current request signature
can any one have idea please let me know
The text was updated successfully, but these errors were encountered: