Make ECDSA.recover revert on error. (#2114)

* Make ECDSA.recover revert on error * Removed unused test * Remove duplicate line * Add tests for invalid signatures * Fix linter errors * Add changelog entry
2020-03-10 20:13:32 -03:00
parent e2813df879
commit 65e4ffde58
3 changed files with 38 additions and 41 deletions
--- a/test/cryptography/ECDSA.test.js
+++ b/test/cryptography/ECDSA.test.js
@ -1,7 +1,6 @@
 const { accounts, contract, web3 } = require('@openzeppelin/test-environment');

-const { constants, expectRevert } = require('@openzeppelin/test-helpers');
-const { ZERO_ADDRESS } = constants;
+const { expectRevert } = require('@openzeppelin/test-helpers');
 const { toEthSignedMessageHash, fixSignature } = require('../helpers/sign');

 const { expect } = require('chai');
@ -20,13 +19,15 @@ describe('ECDSA', function () {

  context('recover with invalid signature', function () {
    it('with short signature', async function () {
-      expect(await this.ecdsa.recover(TEST_MESSAGE, '0x1234')).to.equal(ZERO_ADDRESS);
+      await expectRevert(this.ecdsa.recover(TEST_MESSAGE, '0x1234'), 'ECDSA: invalid signature length');
    });

    it('with long signature', async function () {
-      // eslint-disable-next-line max-len
-      expect(await this.ecdsa.recover(TEST_MESSAGE, '0x01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789'))
-        .to.equal(ZERO_ADDRESS);
+      await expectRevert(
+        // eslint-disable-next-line max-len
+        this.ecdsa.recover(TEST_MESSAGE, '0x01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789'),
+        'ECDSA: invalid signature length'
+      );
    });
  });

@ -38,10 +39,10 @@ describe('ECDSA', function () {
      const signatureWithoutVersion = '0x5d99b6f7f6d1f73d1a26497f2b1c89b24c0993913f86e9a2d02cd69887d9c94f3c880358579d811b21dd1b7fd9bb01c1d81d10e69f0384e675c32b39643be892';

      context('with 00 as version value', function () {
-        it('returns 0', async function () {
+        it('reverts', async function () {
          const version = '00';
          const signature = signatureWithoutVersion + version;
-          expect(await this.ecdsa.recover(TEST_MESSAGE, signature)).to.equal(ZERO_ADDRESS);
+          await expectRevert(this.ecdsa.recover(TEST_MESSAGE, signature), 'ECDSA: invalid signature \'v\' value');
        });
      });

@ -54,12 +55,12 @@ describe('ECDSA', function () {
      });

      context('with wrong version', function () {
-        it('returns 0', async function () {
+        it('reverts', async function () {
          // The last two hex digits are the signature version.
          // The only valid values are 0, 1, 27 and 28.
          const version = '02';
          const signature = signatureWithoutVersion + version;
-          expect(await this.ecdsa.recover(TEST_MESSAGE, signature)).to.equal(ZERO_ADDRESS);
+          await expectRevert(this.ecdsa.recover(TEST_MESSAGE, signature), 'ECDSA: invalid signature \'v\' value');
        });
      });
    });
@ -70,10 +71,10 @@ describe('ECDSA', function () {
      const signatureWithoutVersion = '0x331fe75a821c982f9127538858900d87d3ec1f9f737338ad67cad133fa48feff48e6fa0c18abc62e42820f05943e47af3e9fbe306ce74d64094bdf1691ee53e0';

      context('with 01 as version value', function () {
-        it('returns 0', async function () {
+        it('reverts', async function () {
          const version = '01';
          const signature = signatureWithoutVersion + version;
-          expect(await this.ecdsa.recover(TEST_MESSAGE, signature)).to.equal(ZERO_ADDRESS);
+          await expectRevert(this.ecdsa.recover(TEST_MESSAGE, signature), 'ECDSA: invalid signature \'v\' value');
        });
      });

@ -86,23 +87,23 @@ describe('ECDSA', function () {
      });

      context('with wrong version', function () {
-        it('returns 0', async function () {
+        it('reverts', async function () {
          // The last two hex digits are the signature version.
          // The only valid values are 0, 1, 27 and 28.
          const version = '02';
          const signature = signatureWithoutVersion + version;
-          expect(await this.ecdsa.recover(TEST_MESSAGE, signature)).to.equal(ZERO_ADDRESS);
+          await expectRevert(this.ecdsa.recover(TEST_MESSAGE, signature), 'ECDSA: invalid signature \'v\' value');
        });
      });
    });

    context('with high-s value signature', function () {
-      it('returns 0', async function () {
+      it('reverts', async function () {
        const message = '0xb94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9';
        // eslint-disable-next-line max-len
        const highSSignature = '0xe742ff452d41413616a5bf43fe15dd88294e983d3d36206c2712f39083d638bde0a0fc89be718fbc1033e1d30d78be1c68081562ed2e97af876f286f3453231d1b';

-        expect(await this.ecdsa.recover(message, highSSignature)).to.equal(ZERO_ADDRESS);
+        await expectRevert(this.ecdsa.recover(message, highSSignature), 'ECDSA: invalid signature \'s\' value');
      });
    });

@ -120,26 +121,19 @@ describe('ECDSA', function () {
        });
      });

-      context('with wrong signature', function () {
-        it('does not return signer address', async function () {
-          // Create the signature
-          const signature = await web3.eth.sign(TEST_MESSAGE, other);
-
-          // Recover the signer address from the generated message and wrong signature.
+      context('with wrong message', function () {
+        it('returns a different address', async function () {
+          const signature = fixSignature(await web3.eth.sign(TEST_MESSAGE, other));
          expect(await this.ecdsa.recover(WRONG_MESSAGE, signature)).to.not.equal(other);
        });
      });
-    });

-    context('with small hash', function () {
-      // @TODO - remove `skip` once we upgrade to solc^0.5
-      it.skip('reverts', async function () {
-        // Create the signature
-        const signature = await web3.eth.sign(TEST_MESSAGE, other);
-        await expectRevert(
-          this.ecdsa.recover(TEST_MESSAGE.substring(2), signature),
-          'Failure message'
-        );
+      context('with invalid signature', function () {
+        it('reverts', async function () {
+          // eslint-disable-next-line max-len
+          const signature = '0x332ce75a821c982f9127538858900d87d3ec1f9f737338ad67cad133fa48feff48e6fa0c18abc62e42820f05943e47af3e9fbe306ce74d64094bdf1691ee53e01c';
+          await expectRevert(this.ecdsa.recover(TEST_MESSAGE, signature), 'ECDSA: invalid signature');
+        });
      });
    });
  });
@ -147,7 +141,6 @@ describe('ECDSA', function () {
  context('toEthSignedMessage', function () {
    it('should prefix hashes correctly', async function () {
      expect(await this.ecdsa.toEthSignedMessageHash(TEST_MESSAGE)).to.equal(toEthSignedMessageHash(TEST_MESSAGE));
-      expect(await this.ecdsa.toEthSignedMessageHash(TEST_MESSAGE)).to.equal(toEthSignedMessageHash(TEST_MESSAGE));
    });
  });
 });