bool STTx::checkSign () const { if (boost::indeterminate (sig_state_)) { try { ECDSA const fullyCanonical = (getFlags() & tfFullyCanonicalSig) ? ECDSA::strict : ECDSA::not_strict; RippleAddress n; n.setAccountPublic (getFieldVL (sfSigningPubKey)); sig_state_ = n.accountPublicVerify (getSigningData (*this), getFieldVL (sfTxnSignature), fullyCanonical); } catch (...) { sig_state_ = false; } } assert (!boost::indeterminate (sig_state_)); return static_cast<bool> (sig_state_); }
bool STTx::checkSingleSign () const { // We don't allow both a non-empty sfSigningPubKey and an sfSigners. // That would allow the transaction to be signed two ways. So if both // fields are present the signature is invalid. if (isFieldPresent (sfSigners)) return false; bool ret = false; try { ECDSA const fullyCanonical = (getFlags() & tfFullyCanonicalSig) ? ECDSA::strict : ECDSA::not_strict; RippleAddress n; n.setAccountPublic (getFieldVL (sfSigningPubKey)); ret = n.accountPublicVerify (getSigningData (*this), getFieldVL (sfTxnSignature), fullyCanonical); } catch (...) { // Assume it was a signature failure. ret = false; } return ret; }
bool SerializedValidation::isValid(const uint256& signingHash) const { try { RippleAddress raPublicKey = RippleAddress::createNodePublic(getFieldVL(sfSigningPubKey)); return raPublicKey.isValid() && raPublicKey.verifyNodePublic(signingHash, getFieldVL(sfSignature)); } catch (...) { Log(lsINFO) << "exception validating validation"; return false; } }
std::pair<bool, std::string> STTx::checkSign(bool allowMultiSign) const { std::pair<bool, std::string> ret {false, ""}; try { if (allowMultiSign) { // Determine whether we're single- or multi-signing by looking // at the SigningPubKey. It it's empty we must be // multi-signing. Otherwise we're single-signing. Blob const& signingPubKey = getFieldVL (sfSigningPubKey); ret = signingPubKey.empty () ? checkMultiSign () : checkSingleSign (); } else { ret = checkSingleSign (); } } catch (std::exception const&) { ret = {false, "Internal signature check failure."}; } return ret; }
bool SerializedValidation::isValid (uint256 const& signingHash) const { try { const ECDSA fullyCanonical = getFlags () & vfFullyCanonicalSig ? ECDSA::strict : ECDSA::not_strict; RippleAddress raPublicKey = RippleAddress::createNodePublic (getFieldVL (sfSigningPubKey)); return raPublicKey.isValid () && raPublicKey.verifyNodePublic (signingHash, getFieldVL (sfSignature), fullyCanonical); } catch (...) { WriteLog (lsINFO, Ledger) << "exception validating validation"; return false; } }
Blob STTx::getSignature () const { try { return getFieldVL (sfTxnSignature); } catch (std::exception const&) { return Blob (); } }
SerializedValidation::SerializedValidation(SerializerIterator& sit, bool checkSignature) : STObject(sValidationFormat, sit, sfValidation), mTrusted(false) { mNodeID = RippleAddress::createNodePublic(getFieldVL(sfSigningPubKey)).getNodeID(); assert(mNodeID.isNonZero()); if (checkSignature && !isValid()) { Log(lsTRACE) << "Invalid validation " << getJson(0); throw std::runtime_error("Invalid validation"); } }
Blob STTx::getSignature () const { try { return getFieldVL (sfTxnSignature); } catch (...) { return Blob (); } }
STValidation::STValidation (SerialIter& sit, bool checkSignature) : STObject (getFormat (), sit, sfValidation) { mNodeID = calcNodeID( PublicKey(makeSlice (getFieldVL (sfSigningPubKey)))); assert (mNodeID.isNonZero ()); if (checkSignature && !isValid ()) { JLOG (debugLog().error()) << "Invalid validation" << getJson (0); Throw<std::runtime_error> ("Invalid validation"); } }
std::pair<bool, std::string> STTx::checkSingleSign () const { // We don't allow both a non-empty sfSigningPubKey and an sfSigners. // That would allow the transaction to be signed two ways. So if both // fields are present the signature is invalid. if (isFieldPresent (sfSigners)) return {false, "Cannot both single- and multi-sign."}; bool validSig = false; try { bool const fullyCanonical = (getFlags() & tfFullyCanonicalSig); auto const spk = getFieldVL (sfSigningPubKey); if (publicKeyType (makeSlice(spk))) { Blob const signature = getFieldVL (sfTxnSignature); Blob const data = getSigningData (*this); validSig = verify ( PublicKey (makeSlice(spk)), makeSlice(data), makeSlice(signature), fullyCanonical); } } catch (std::exception const&) { // Assume it was a signature failure. validSig = false; } if (validSig == false) return {false, "Invalid signature."}; return {true, ""}; }
bool STValidation::isValid (uint256 const& signingHash) const { try { return verifyDigest (getSignerPublic(), signingHash, makeSlice(getFieldVL (sfSignature)), getFlags () & vfFullyCanonicalSig); } catch (std::exception const&) { JLOG (debugLog().error()) << "Exception validating validation"; return false; } }
bool STTx::checkSign(bool allowMultiSign) const { bool sigGood = false; try { if (allowMultiSign) { // Determine whether we're single- or multi-signing by looking // at the SigningPubKey. It it's empty we must be // multi-signing. Otherwise we're single-signing. Blob const& signingPubKey = getFieldVL (sfSigningPubKey); sigGood = signingPubKey.empty () ? checkMultiSign () : checkSingleSign (); } else { sigGood = checkSingleSign (); } } catch (...) { } return sigGood; }
Blob STValidation::getSignature () const { return getFieldVL (sfSignature); }
PublicKey STValidation::getSignerPublic () const { return PublicKey(makeSlice (getFieldVL (sfSigningPubKey))); }
std::vector<unsigned char> SerializedValidation::getSignature() const { return getFieldVL(sfSignature); }
RippleAddress SerializedValidation::getSignerPublic() const { RippleAddress a; a.setNodePublic(getFieldVL(sfSigningPubKey)); return a; }