Merge pull request #196 from Atheros1/master

Correct ECDSA verify
2013-06-07 12:47:46 -07:00 · 2013-06-07 12:47:46 -07:00 · d86e473995
commit d86e473995
parent eea7e86bdf e7f972ca66
4 changed files with 15 additions and 7 deletions
--- a/2
+++ b/2
@ -1,5 +1,5 @@
 APP=pybitmessage
-VERSION=0.3.2
+VERSION=0.3.3
 DEST_SHARE=$(DESTDIR)/usr/share
 DEST_APP=$(DEST_SHARE)/$(APP)

--- a/debian.sh
+++ b/debian.sh
@ -8,7 +8,7 @@

 APP=pybitmessage
 PREV_VERSION=0.3.2
-VERSION=0.3.2
+VERSION=0.3.3
 ARCH_TYPE=all

 #update version numbers automatically - so you don't have to
--- a/src/bitmessagemain.py
+++ b/src/bitmessagemain.py
@ -650,7 +650,9 @@ class receiveDataThread(threading.Thread):
                readPosition += signatureLengthLength
                signature = data[readPosition:readPosition+signatureLength]
                try:
-                    highlevelcrypto.verify(data[12:readPositionAtBottomOfMessage],signature,sendersPubSigningKey.encode('hex'))
+                    if not highlevelcrypto.verify(data[12:readPositionAtBottomOfMessage],signature,sendersPubSigningKey.encode('hex')):
+                        print 'ECDSA verify failed'
+                        return
                    print 'ECDSA verify passed'
                except Exception, err:
                    print 'ECDSA verify failed', err
@ -783,7 +785,9 @@ class receiveDataThread(threading.Thread):
            readPosition += signatureLengthLength
            signature = decryptedData[readPosition:readPosition+signatureLength]
            try:
-                highlevelcrypto.verify(decryptedData[:readPositionAtBottomOfMessage],signature,sendersPubSigningKey.encode('hex'))
+                if not highlevelcrypto.verify(decryptedData[:readPositionAtBottomOfMessage],signature,sendersPubSigningKey.encode('hex')):
+                    print 'ECDSA verify failed'
+                    return
                print 'ECDSA verify passed'
            except Exception, err:
                print 'ECDSA verify failed', err
@ -1024,7 +1028,9 @@ class receiveDataThread(threading.Thread):
            readPosition += signatureLengthLength
            signature = decryptedData[readPosition:readPosition+signatureLength]
            try:
-                highlevelcrypto.verify(decryptedData[:positionOfBottomOfAckData],signature,pubSigningKey.encode('hex'))
+                if not highlevelcrypto.verify(decryptedData[:positionOfBottomOfAckData],signature,pubSigningKey.encode('hex')):
+                    print 'ECDSA verify failed'
+                    return
                print 'ECDSA verify passed'
            except Exception, err:
                print 'ECDSA verify failed', err
@ -1340,7 +1346,9 @@ class receiveDataThread(threading.Thread):
            signatureLength, signatureLengthLength = decodeVarint(data[readPosition:readPosition+10])
            signature = data[readPosition:readPosition+signatureLengthLength]
            try:
-                highlevelcrypto.verify(data[8:readPosition],signature,publicSigningKey.encode('hex'))
+                if not highlevelcrypto.verify(data[8:readPosition],signature,publicSigningKey.encode('hex')):
+                    print 'ECDSA verify failed (within processpubkey)'
+                    return
                print 'ECDSA verify passed (within processpubkey)'
            except Exception, err:
                print 'ECDSA verify failed (within processpubkey)', err
--- a/src/shared.py
+++ b/src/shared.py
@ -1,4 +1,4 @@
-softwareVersion = '0.3.211'
+softwareVersion = '0.3.3'

 import threading
 import sys