apps.wallet: implement VerifyMessage

src/apps/common/address_type.py

@@ -25,3 +25,15 @@ def strip(address_type, raw_address):
         raise ValueError('Invalid address')
     l = length(address_type)
     return raw_address[l:]
+
+def split(coin, raw_address):
+    l = None
+    for f in ['', '_p2sh', '_p2wpkh', '_p2wsh']:
+        at = getattr(coin, 'address_type' + f)
+        if at is not None and check(at, raw_address):
+            l = length(coin.address_type)
+            break
+    if l is not None:
+        return raw_address[:l], raw_address[l:]
+    else:
+        raise ValueError('Invalid addressXXX')

src/apps/wallet/__init__.py

@@ -1,7 +1,7 @@
 from trezor.wire import register_type, protobuf_handler
 from trezor.utils import unimport
 from trezor.messages.wire_types import \
-    GetPublicKey, GetAddress, SignTx, EstimateTxSize, SignMessage
+    GetPublicKey, GetAddress, SignTx, EstimateTxSize, SignMessage, VerifyMessage
 
 
 @unimport
@@ -37,9 +37,16 @@ def dispatch_SignMessage(*args, **kwargs):
     return layout_sign_message(*args, **kwargs)
 
 
+@unimport
+def dispatch_VerifyMessage(*args, **kwargs):
+    from .layout_verify_message import layout_verify_message
+    return layout_verify_message(*args, **kwargs)
+
+
 def boot():
     register_type(GetPublicKey, protobuf_handler, dispatch_GetPublicKey)
     register_type(GetAddress, protobuf_handler, dispatch_GetAddress)
     register_type(SignTx, protobuf_handler, dispatch_SignTx)
     register_type(EstimateTxSize, protobuf_handler, dispatch_EstimateTxSize)
     register_type(SignMessage, protobuf_handler, dispatch_SignMessage)
+    register_type(VerifyMessage, protobuf_handler, dispatch_VerifyMessage)

src/apps/wallet/layout_verify_message.py

@@ -0,0 +1,45 @@
+from trezor import wire, ui
+from trezor.utils import unimport
+
+@unimport
+async def layout_verify_message(msg, session_id):
+    from trezor.messages.Success import Success
+    from trezor.crypto.curve import secp256k1
+    from trezor.crypto.hashlib import ripemd160, sha256
+    from trezor.crypto import base58
+    from ..common import address_type
+    from ..common import coins
+    from ..common.signtx import node_derive, HashWriter, write_varint
+
+    address = msg.address
+    message = msg.message
+    signature = msg.signature
+    coin_name = getattr(msg, 'coin_name', 'Bitcoin')
+    coin = coins.by_name(coin_name)
+
+    ui.display.clear()
+    ui.display.text(10, 30, 'Verifying message',
+                    ui.BOLD, ui.LIGHT_GREEN, ui.BLACK)
+    ui.display.text(10, 60, message, ui.MONO, ui.WHITE, ui.BLACK)
+    ui.display.text(10, 80, address, ui.MONO, ui.WHITE, ui.BLACK)
+
+    h = HashWriter(sha256)
+    write_varint(h, len(coin.signed_message_header))
+    h.extend(coin.signed_message_header)
+    write_varint(h, len(message))
+    h.extend(message)
+
+    digest = sha256(h.getvalue()).digest()
+    pubkey = secp256k1.verify_recover(signature, digest)
+
+    if not pubkey:
+        raise ValueError('Invalid signature')
+
+    raw_address = base58.decode_check(address)
+    at, pkh = address_type.split(coin, raw_address)
+    pkh2 = ripemd160(sha256(pubkey).digest()).digest()
+
+    if pkh != pkh2:
+        raise ValueError('Invalid signature')
+
+    return Success(message='Message verified')