Gracefully handle segwit names.

Check if addresses are legacy before trying to verify messages
with them.  This is needed to gracefully handle situations where
e.g. the name is owned by a segwit (bech32) address but a
legacy-address signer is set.

provider/libauth/authenticator.inc.php

 <?php
 /*
     NameID, a namecoin based OpenID identity provider.
-    Copyright (C) 2013-2014 by Daniel Kraft <d@domob.eu>
+    Copyright (C) 2013-2020 by Daniel Kraft <d@domob.eu>
 
     This program is free software: you can redistribute it and/or modify
     it under the terms of the GNU Affero General Public License as published by
@@ -92,7 +92,8 @@ class Authenticator
 
     /* Perform actual value checks.  */
 
-    if ($this->nc->verifyMessage ($addr, $msg, $signature))
+    if ($this->nc->isLegacyAddress ($addr)
+        && $this->nc->verifyMessage ($addr, $msg, $signature))
       return TRUE;
 
     if ($value !== NULL && isset ($value->signer))
@@ -105,7 +106,7 @@ class Authenticator
           $arr = array ();
 
         foreach ($arr as $addr)
-          if ($this->nc->isValidAddress ($addr)
+          if ($this->nc->isLegacyAddress ($addr)
               && $this->nc->verifyMessage ($addr, $msg, $signature))
             return TRUE;
       }

provider/libauth/namecoin_interface.inc.php

 <?php
 /*
     NameID, a namecoin based OpenID identity provider.
-    Copyright (C) 2013-2014 by Daniel Kraft <d@domob.eu>
+    Copyright (C) 2013-2020 by Daniel Kraft <d@domob.eu>
 
     This program is free software: you can redistribute it and/or modify
     it under the terms of the GNU Affero General Public License as published by
@@ -75,19 +75,22 @@ class NamecoinInterface
   }
 
   /**
-   * Check if the argument is a valid address.
+   * Check if the argument is a valid address of legacy type (which can
+   * be used for signing).
    * @param str Object to check.
-   * @return True iff str is a string and a valid address.
+   * @return True iff str is a string and a valid legacy address.
    */
-  public function isValidAddress ($str)
+  public function isLegacyAddress ($str)
   {
     if (!is_string ($str))
       return FALSE;
 
     $res = $this->rpc->executeRPC ("validateaddress", array ($str));
     assert (isset ($res->isvalid));
+    assert (isset ($res->isscript));
+    assert (isset ($res->iswitness));
 
-    return $res->isvalid;
+    return $res->isvalid && !$res->isscript && !$res->iswitness;
   }
 
   /**

provider/test/namecoinInterface.php

@@ -2,7 +2,7 @@
 <?php
 /*
     NameID, a namecoin based OpenID identity provider.
-    Copyright (C) 2013-2014 by Daniel Kraft <d@domob.eu>
+    Copyright (C) 2013-2020 by Daniel Kraft <d@domob.eu>
 
     This program is free software: you can redistribute it and/or modify
     it under the terms of the GNU Affero General Public License as published by
@@ -56,15 +56,19 @@ assert (!$res);
 $res = $nc->verifyMessage ($addr, $msg, base64_encode ("forged sig"));
 assert (!$res);
 
-$res = $nc->isValidAddress ($addr);
+$res = $nc->isLegacyAddress ($addr);
 assert ($res);
-$res = $nc->isValidAddress (array (5));
+$res = $nc->isLegacyAddress (array (5));
 assert (!$res);
-$res = $nc->isValidAddress ("");
+$res = $nc->isLegacyAddress ("");
 assert (!$res);
-$res = $nc->isValidAddress (NULL);
+$res = $nc->isLegacyAddress (NULL);
 assert (!$res);
-$res = $nc->isValidAddress ("invalid-address");
+$res = $nc->isLegacyAddress ("invalid-address");
+assert (!$res);
+$res = $nc->isLegacyAddress ("6QYV9s9vvM3qH8eGr8cqvtQZLi8NBTm1TN");
+assert (!$res);
+$res = $nc->isLegacyAddress ("nc1q7x7j4jvqgs8f32ach38wum6zsnu06n9hd8np8d");
 assert (!$res);
 
 $nc->close ();