mirror of
https://github.com/kremalicious/metamask-extension.git
synced 2024-12-23 09:52:26 +01:00
Merge pull request #5596 from MetaMask/validateSignTypedData
Validate signTypedData signer/address in eth-json-rpc-middleware
This commit is contained in:
kumavis
GitHub
commit
1bb4a8428c
@ -11,6 +11,7 @@ function createMetamaskMiddleware ({
|
|||||||
processTransaction,
|
processTransaction,
|
||||||
processEthSignMessage,
|
processEthSignMessage,
|
||||||
processTypedMessage,
|
processTypedMessage,
|
||||||
|
processTypedMessageV3,
|
||||||
processPersonalMessage,
|
processPersonalMessage,
|
||||||
getPendingNonce,
|
getPendingNonce,
|
||||||
}) {
|
}) {
|
||||||
@ -25,6 +26,7 @@ function createMetamaskMiddleware ({
|
|||||||
processTransaction,
|
processTransaction,
|
||||||
processEthSignMessage,
|
processEthSignMessage,
|
||||||
processTypedMessage,
|
processTypedMessage,
|
||||||
|
processTypedMessageV3,
|
||||||
processPersonalMessage,
|
processPersonalMessage,
|
||||||
}),
|
}),
|
||||||
createPendingNonceMiddleware({ getPendingNonce }),
|
createPendingNonceMiddleware({ getPendingNonce }),
|
||||||
|
|||||||
@ -277,6 +277,8 @@ module.exports = class MetamaskController extends EventEmitter {
|
|||||||
processTransaction: this.newUnapprovedTransaction.bind(this),
|
processTransaction: this.newUnapprovedTransaction.bind(this),
|
||||||
// msg signing
|
// msg signing
|
||||||
processEthSignMessage: this.newUnsignedMessage.bind(this),
|
processEthSignMessage: this.newUnsignedMessage.bind(this),
|
||||||
|
processTypedMessage: this.newUnsignedTypedMessage.bind(this),
|
||||||
|
processTypedMessageV3: this.newUnsignedTypedMessage.bind(this),
|
||||||
processPersonalMessage: this.newUnsignedPersonalMessage.bind(this),
|
processPersonalMessage: this.newUnsignedPersonalMessage.bind(this),
|
||||||
getPendingNonce: this.getPendingNonce.bind(this),
|
getPendingNonce: this.getPendingNonce.bind(this),
|
||||||
}
|
}
|
||||||
@ -980,8 +982,8 @@ module.exports = class MetamaskController extends EventEmitter {
|
|||||||
* @param {Object} msgParams - The params passed to eth_signTypedData.
|
* @param {Object} msgParams - The params passed to eth_signTypedData.
|
||||||
* @param {Function} cb - The callback function, called with the signature.
|
* @param {Function} cb - The callback function, called with the signature.
|
||||||
*/
|
*/
|
||||||
newUnsignedTypedMessage (msgParams, req) {
|
newUnsignedTypedMessage (msgParams, req, version) {
|
||||||
const promise = this.typedMessageManager.addUnapprovedMessageAsync(msgParams, req)
|
const promise = this.typedMessageManager.addUnapprovedMessageAsync(msgParams, req, version)
|
||||||
this.sendUpdate()
|
this.sendUpdate()
|
||||||
this.opts.showUnconfirmedMessage()
|
this.opts.showUnconfirmedMessage()
|
||||||
return promise
|
return promise
|
||||||
@ -1275,10 +1277,6 @@ module.exports = class MetamaskController extends EventEmitter {
|
|||||||
engine.push(subscriptionManager.middleware)
|
engine.push(subscriptionManager.middleware)
|
||||||
// watch asset
|
// watch asset
|
||||||
engine.push(this.preferencesController.requestWatchAsset.bind(this.preferencesController))
|
engine.push(this.preferencesController.requestWatchAsset.bind(this.preferencesController))
|
||||||
// sign typed data middleware
|
|
||||||
engine.push(this.createTypedDataMiddleware('eth_signTypedData', 'V1').bind(this))
|
|
||||||
engine.push(this.createTypedDataMiddleware('eth_signTypedData_v1', 'V1').bind(this))
|
|
||||||
engine.push(this.createTypedDataMiddleware('eth_signTypedData_v3', 'V3', true).bind(this))
|
|
||||||
// forward to metamask primary provider
|
// forward to metamask primary provider
|
||||||
engine.push(createProviderMiddleware({ provider }))
|
engine.push(createProviderMiddleware({ provider }))
|
||||||
|
|
||||||
@ -1550,27 +1548,6 @@ module.exports = class MetamaskController extends EventEmitter {
|
|||||||
* @param {Function} - next
|
* @param {Function} - next
|
||||||
* @param {Function} - end
|
* @param {Function} - end
|
||||||
*/
|
*/
|
||||||
createTypedDataMiddleware (methodName, version, reverse) {
|
|
||||||
return async (req, res, next, end) => {
|
|
||||||
const { method, params } = req
|
|
||||||
if (method === methodName) {
|
|
||||||
const promise = this.typedMessageManager.addUnapprovedMessageAsync({
|
|
||||||
data: reverse ? params[1] : params[0],
|
|
||||||
from: reverse ? params[0] : params[1],
|
|
||||||
}, req, version)
|
|
||||||
this.sendUpdate()
|
|
||||||
this.opts.showUnconfirmedMessage()
|
|
||||||
try {
|
|
||||||
res.result = await promise
|
|
||||||
end()
|
|
||||||
} catch (error) {
|
|
||||||
end(error)
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
next()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Adds a domain to the {@link BlacklistController} whitelist
|
* Adds a domain to the {@link BlacklistController} whitelist
|
||||||
|
|||||||
65
package-lock.json
generated
65
package-lock.json
generated
@ -9899,29 +9899,26 @@
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
"eth-json-rpc-middleware": {
|
"eth-json-rpc-middleware": {
|
||||||
"version": "3.1.3",
|
"version": "3.1.6",
|
||||||
"resolved": "https://registry.npmjs.org/eth-json-rpc-middleware/-/eth-json-rpc-middleware-3.1.3.tgz",
|
"resolved": "https://registry.npmjs.org/eth-json-rpc-middleware/-/eth-json-rpc-middleware-3.1.6.tgz",
|
||||||
"integrity": "sha512-glp/mCefhsqrgVOTTuYlHYiTL+9mMPfaZsuQv4vnRg3kqNigblS1nqARaMeVW9WOM8ssh9TqIFpuUr7JDgNmKQ==",
|
"integrity": "sha512-yf17/rAM4ElKMul8oSvuK7JuYIYEFFdy2YGPo2EZbuOEv2Wq1bteMlppgqZ9NYHriXLAOWV+ojY9kWHGbcU4xA==",
|
||||||
"dev": true,
|
"dev": true,
|
||||||
"requires": {
|
"requires": {
|
||||||
"async": "^2.5.0",
|
|
||||||
"btoa": "^1.2.1",
|
"btoa": "^1.2.1",
|
||||||
"clone": "^2.1.1",
|
"clone": "^2.1.1",
|
||||||
"eth-query": "^2.1.2",
|
"eth-query": "^2.1.2",
|
||||||
"eth-sig-util": "^1.4.2",
|
"eth-sig-util": "^1.4.2",
|
||||||
"eth-tx-summary": "^3.1.2",
|
"eth-tx-summary": "^3.2.3",
|
||||||
"ethereumjs-block": "^1.6.0",
|
"ethereumjs-block": "^1.6.0",
|
||||||
"ethereumjs-tx": "^1.3.3",
|
"ethereumjs-tx": "^1.3.3",
|
||||||
"ethereumjs-util": "^5.1.2",
|
"ethereumjs-util": "^5.1.2",
|
||||||
"ethereumjs-vm": "^2.1.0",
|
"ethereumjs-vm": "^2.4.0",
|
||||||
"fetch-ponyfill": "^4.0.0",
|
"fetch-ponyfill": "^4.0.0",
|
||||||
"json-rpc-engine": "^3.6.3",
|
"json-rpc-engine": "^3.8.0",
|
||||||
"json-rpc-error": "^2.0.0",
|
"json-rpc-error": "^2.0.0",
|
||||||
"json-stable-stringify": "^1.0.1",
|
"json-stable-stringify": "^1.0.1",
|
||||||
"pify": "^3.0.0",
|
"pify": "^3.0.0",
|
||||||
"promise-to-callback": "^1.0.0",
|
"safe-event-emitter": "^1.0.1"
|
||||||
"safe-event-emitter": "^1.0.1",
|
|
||||||
"tape": "^4.6.3"
|
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"eth-sig-util": {
|
"eth-sig-util": {
|
||||||
@ -9930,24 +9927,14 @@
|
|||||||
"integrity": "sha1-jZWCAsftuq6Dlwf7pvCf8ydgYhA=",
|
"integrity": "sha1-jZWCAsftuq6Dlwf7pvCf8ydgYhA=",
|
||||||
"dev": true,
|
"dev": true,
|
||||||
"requires": {
|
"requires": {
|
||||||
"ethereumjs-abi": "git+https://github.com/ethereumjs/ethereumjs-abi.git#00ba8463a7f7a67fcad737ff9c2ebd95643427f7",
|
"ethereumjs-abi": "git+https://github.com/ethereumjs/ethereumjs-abi.git#2863c40e0982acfc0b7163f0285d4c56427c7799",
|
||||||
"ethereumjs-util": "^5.1.1"
|
"ethereumjs-util": "^5.1.1"
|
||||||
},
|
|
||||||
"dependencies": {
|
|
||||||
"ethereumjs-abi": {
|
|
||||||
"version": "git+https://github.com/ethereumjs/ethereumjs-abi.git#00ba8463a7f7a67fcad737ff9c2ebd95643427f7",
|
|
||||||
"from": "git+https://github.com/ethereumjs/ethereumjs-abi.git#00ba8463a7f7a67fcad737ff9c2ebd95643427f7",
|
|
||||||
"dev": true,
|
|
||||||
"requires": {
|
|
||||||
"bn.js": "^4.10.0",
|
|
||||||
"ethereumjs-util": "^5.0.0"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"ethereumjs-abi": {
|
"ethereumjs-abi": {
|
||||||
"version": "git+https://github.com/ethereumjs/ethereumjs-abi.git#00ba8463a7f7a67fcad737ff9c2ebd95643427f7",
|
"version": "git+https://github.com/ethereumjs/ethereumjs-abi.git#2863c40e0982acfc0b7163f0285d4c56427c7799",
|
||||||
"from": "git+https://github.com/ethereumjs/ethereumjs-abi.git",
|
"from": "git+https://github.com/ethereumjs/ethereumjs-abi.git",
|
||||||
|
"dev": true,
|
||||||
"requires": {
|
"requires": {
|
||||||
"bn.js": "^4.10.0",
|
"bn.js": "^4.10.0",
|
||||||
"ethereumjs-util": "^5.0.0"
|
"ethereumjs-util": "^5.0.0"
|
||||||
@ -9957,6 +9944,7 @@
|
|||||||
"version": "5.2.0",
|
"version": "5.2.0",
|
||||||
"resolved": "https://registry.npmjs.org/ethereumjs-util/-/ethereumjs-util-5.2.0.tgz",
|
"resolved": "https://registry.npmjs.org/ethereumjs-util/-/ethereumjs-util-5.2.0.tgz",
|
||||||
"integrity": "sha512-CJAKdI0wgMbQFLlLRtZKGcy/L6pzVRgelIZqRqNbuVFM3K9VEnyfbcvz0ncWMRNCe4kaHWjwRYQcYMucmwsnWA==",
|
"integrity": "sha512-CJAKdI0wgMbQFLlLRtZKGcy/L6pzVRgelIZqRqNbuVFM3K9VEnyfbcvz0ncWMRNCe4kaHWjwRYQcYMucmwsnWA==",
|
||||||
|
"dev": true,
|
||||||
"requires": {
|
"requires": {
|
||||||
"bn.js": "^4.11.0",
|
"bn.js": "^4.11.0",
|
||||||
"create-hash": "^1.1.2",
|
"create-hash": "^1.1.2",
|
||||||
@ -9966,6 +9954,31 @@
|
|||||||
"safe-buffer": "^5.1.1",
|
"safe-buffer": "^5.1.1",
|
||||||
"secp256k1": "^3.0.1"
|
"secp256k1": "^3.0.1"
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
"ethereumjs-vm": {
|
||||||
|
"version": "2.4.0",
|
||||||
|
"resolved": "https://registry.npmjs.org/ethereumjs-vm/-/ethereumjs-vm-2.4.0.tgz",
|
||||||
|
"integrity": "sha512-MJ4lCWa5c6LhahhhvoDKW+YGjK00ZQn0RHHLh4L+WaH1k6Qv7/q3uTluew6sJGNCZdlO0yYMDXYW9qyxLHKlgQ==",
|
||||||
|
"dev": true,
|
||||||
|
"requires": {
|
||||||
|
"async": "^2.1.2",
|
||||||
|
"async-eventemitter": "^0.2.2",
|
||||||
|
"ethereumjs-account": "^2.0.3",
|
||||||
|
"ethereumjs-block": "~1.7.0",
|
||||||
|
"ethereumjs-common": "~0.4.0",
|
||||||
|
"ethereumjs-util": "^5.2.0",
|
||||||
|
"fake-merkle-patricia-tree": "^1.0.1",
|
||||||
|
"functional-red-black-tree": "^1.0.1",
|
||||||
|
"merkle-patricia-tree": "^2.1.2",
|
||||||
|
"rustbn.js": "~0.2.0",
|
||||||
|
"safe-buffer": "^5.1.1"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"rustbn.js": {
|
||||||
|
"version": "0.2.0",
|
||||||
|
"resolved": "https://registry.npmjs.org/rustbn.js/-/rustbn.js-0.2.0.tgz",
|
||||||
|
"integrity": "sha512-4VlvkRUuCJvr2J6Y0ImW7NvTCriMi7ErOAqWk1y69vAdoNIzCF3yPmgeNzx+RQTLEDFq5sHfscn1MwHxP9hNfA==",
|
||||||
|
"dev": true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
@ -10916,6 +10929,12 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"ethereumjs-common": {
|
||||||
|
"version": "0.4.1",
|
||||||
|
"resolved": "https://registry.npmjs.org/ethereumjs-common/-/ethereumjs-common-0.4.1.tgz",
|
||||||
|
"integrity": "sha512-ywYGsOeGCsMNWso5Y4GhjWI24FJv9FK7+VyVKiQgXg8ZRDPXJ7F/kJ1CnjtkjTvDF4e0yqU+FWswlqR3bmZQ9Q==",
|
||||||
|
"dev": true
|
||||||
|
},
|
||||||
"ethereumjs-tx": {
|
"ethereumjs-tx": {
|
||||||
"version": "1.3.3",
|
"version": "1.3.3",
|
||||||
"resolved": "https://registry.npmjs.org/ethereumjs-tx/-/ethereumjs-tx-1.3.3.tgz",
|
"resolved": "https://registry.npmjs.org/ethereumjs-tx/-/ethereumjs-tx-1.3.3.tgz",
|
||||||
|
|||||||
@ -261,7 +261,7 @@
|
|||||||
"eslint-plugin-json": "^1.2.0",
|
"eslint-plugin-json": "^1.2.0",
|
||||||
"eslint-plugin-mocha": "^5.0.0",
|
"eslint-plugin-mocha": "^5.0.0",
|
||||||
"eslint-plugin-react": "^7.4.0",
|
"eslint-plugin-react": "^7.4.0",
|
||||||
"eth-json-rpc-middleware": "^3.1.3",
|
"eth-json-rpc-middleware": "^3.1.6",
|
||||||
"eth-keyring-controller": "^3.3.1",
|
"eth-keyring-controller": "^3.3.1",
|
||||||
"fetch-mock": "^6.5.2",
|
"fetch-mock": "^6.5.2",
|
||||||
"file-loader": "^1.1.11",
|
"file-loader": "^1.1.11",
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user