From 32833b7301ede19b3b80d95df32c0565efdd583a Mon Sep 17 00:00:00 2001 From: Fabio Berger Date: Wed, 30 May 2018 14:08:43 -0700 Subject: Fix order-utils tests --- packages/order-utils/src/signature_utils.ts | 82 +++++++++++++++++------------ 1 file changed, 48 insertions(+), 34 deletions(-) (limited to 'packages/order-utils/src/signature_utils.ts') diff --git a/packages/order-utils/src/signature_utils.ts b/packages/order-utils/src/signature_utils.ts index 106bbf4e8..8cd4264ab 100644 --- a/packages/order-utils/src/signature_utils.ts +++ b/packages/order-utils/src/signature_utils.ts @@ -8,12 +8,13 @@ import { artifacts } from './artifacts'; import { assert } from './assert'; import { ExchangeContract } from './generated_contract_wrappers/exchange'; import { ISignerContract } from './generated_contract_wrappers/i_signer'; -import { OrderError } from './types'; +import { MessagePrefixOpts, MessagePrefixType, OrderError } from './types'; /** * Verifies that the provided signature is valid according to the 0x Protocol smart contracts * @param data The hex encoded data signed by the supplied signature. - * @param signature An object containing the elliptic curve signature parameters. + * @param signature A hex encoded 0x Protocol signature made up of: [SignatureType][TypeSpecificData]. + * E.g [SignatureType.EIP712][vrs] * @param signerAddress The hex encoded address that signed the data, producing the supplied signature. * @return Whether the signature is valid for the supplied signerAddress and data. */ @@ -41,10 +42,8 @@ export async function isValidSignatureAsync( // types use ECRecover... case SignatureType.Ecrecover: { const ecSignature = parseECSignature(signature); - const dataBuff = ethUtil.toBuffer(data); - const msgHashBuff = ethUtil.hashPersonalMessage(dataBuff); - const msgHash = ethUtil.bufferToHex(msgHashBuff); - return isValidECSignature(msgHash, ecSignature, signerAddress); + const prefixedMessageHex = addSignedMessagePrefix(data, MessagePrefixType.EthSign); + return isValidECSignature(prefixedMessageHex, ecSignature, signerAddress); } case SignatureType.EIP712: { @@ -53,11 +52,9 @@ export async function isValidSignatureAsync( } case SignatureType.Trezor: { - const dataBuff = ethUtil.toBuffer(data); - const msgHashBuff = hashTrezorPersonalMessage(dataBuff); - const msgHash = ethUtil.bufferToHex(msgHashBuff); + const prefixedMessageHex = addSignedMessagePrefix(data, MessagePrefixType.Trezor); const ecSignature = parseECSignature(signature); - return isValidECSignature(msgHash, ecSignature, signerAddress); + return isValidECSignature(prefixedMessageHex, ecSignature, signerAddress); } // TODO: Rename Contract -> Wallet @@ -78,13 +75,14 @@ export async function isValidSignatureAsync( } } -export function getVRSHexString(ecSignature: ECSignature): string { - const vrs = `0x${intToHex(ecSignature.v)}${ethUtil.stripHexPrefix(ecSignature.r)}${ethUtil.stripHexPrefix( - ecSignature.s, - )}`; - return vrs; -} - +/** + * Checks if the supplied elliptic curve signature corresponds to signing `data` with + * the private key corresponding to `signerAddress` + * @param data The hex encoded data signed by the supplied signature. + * @param signature An object containing the elliptic curve signature parameters. + * @param signerAddress The hex encoded address that signed the data, producing the supplied signature. + * @return Whether the ECSignature is valid. + */ export function isValidECSignature(data: string, signature: ECSignature, signerAddress: string): boolean { assert.isHexString('data', data); assert.doesConformToSchema('signature', signature, schemas.ecSignatureSchema); @@ -112,17 +110,16 @@ export function isValidECSignature(data: string, signature: ECSignature, signerA * @param orderHash Hex encoded orderHash to sign. * @param signerAddress The hex encoded Ethereum address you wish to sign it with. This address * must be available via the Provider supplied to 0x.js. - * @param shouldAddPersonalMessagePrefix Some signers add the personal message prefix `\x19Ethereum Signed Message` - * themselves (e.g Parity Signer, Ledger, TestRPC) and others expect it to already be done by the client - * (e.g Metamask). Depending on which signer this request is going to, decide on whether to add the prefix - * before sending the request. + * @param hashPrefixOpts Different signers add/require different prefixes be appended to the message being signed. + * Since we cannot know ahead of time which signer you are using, you must supply both a prefixType and + * whether it must be added before calling `eth_sign` (some signers add it themselves) * @return An object containing the Elliptic curve signature parameters generated by signing the orderHash. */ export async function ecSignOrderHashAsync( provider: Provider, orderHash: string, signerAddress: string, - shouldAddPersonalMessagePrefix: boolean, + messagePrefixOpts: MessagePrefixOpts, ): Promise { assert.isHexString('orderHash', orderHash); const web3Wrapper = new Web3Wrapper(provider); @@ -130,12 +127,10 @@ export async function ecSignOrderHashAsync( const normalizedSignerAddress = signerAddress.toLowerCase(); let msgHashHex = orderHash; - if (shouldAddPersonalMessagePrefix) { - const orderHashBuff = ethUtil.toBuffer(orderHash); - const msgHashBuff = ethUtil.hashPersonalMessage(orderHashBuff); - msgHashHex = ethUtil.bufferToHex(msgHashBuff); + const prefixedMsgHashHex = addSignedMessagePrefix(orderHash, messagePrefixOpts.prefixType); + if (messagePrefixOpts.shouldAddPrefixBeforeCallingEthSign) { + msgHashHex = prefixedMsgHashHex; } - const signature = await web3Wrapper.signMessageAsync(normalizedSignerAddress, msgHashHex); // HACK: There is no consensus on whether the signatureHex string should be formatted as @@ -146,7 +141,7 @@ export async function ecSignOrderHashAsync( const validVParamValues = [27, 28]; const ecSignatureVRS = parseSignatureHexAsVRS(signature); if (_.includes(validVParamValues, ecSignatureVRS.v)) { - const isValidVRSSignature = isValidECSignature(orderHash, ecSignatureVRS, normalizedSignerAddress); + const isValidVRSSignature = isValidECSignature(prefixedMsgHashHex, ecSignatureVRS, normalizedSignerAddress); if (isValidVRSSignature) { return ecSignatureVRS; } @@ -154,7 +149,7 @@ export async function ecSignOrderHashAsync( const ecSignatureRSV = parseSignatureHexAsRSV(signature); if (_.includes(validVParamValues, ecSignatureRSV.v)) { - const isValidRSVSignature = isValidECSignature(orderHash, ecSignatureRSV, normalizedSignerAddress); + const isValidRSVSignature = isValidECSignature(prefixedMsgHashHex, ecSignatureRSV, normalizedSignerAddress); if (isValidRSVSignature) { return ecSignatureRSV; } @@ -163,6 +158,30 @@ export async function ecSignOrderHashAsync( throw new Error(OrderError.InvalidSignature); } +export function addSignedMessagePrefix(message: string, messagePrefixType: MessagePrefixType): string { + switch (messagePrefixType) { + case MessagePrefixType.None: + return message; + + case MessagePrefixType.EthSign: { + const msgBuff = ethUtil.toBuffer(message); + const prefixedMsgBuff = ethUtil.hashPersonalMessage(msgBuff); + const prefixedMsgHex = ethUtil.bufferToHex(prefixedMsgBuff); + return prefixedMsgHex; + } + + case MessagePrefixType.Trezor: { + const msgBuff = ethUtil.toBuffer(message); + const prefixedMsgBuff = hashTrezorPersonalMessage(msgBuff); + const prefixedMsgHex = ethUtil.bufferToHex(prefixedMsgBuff); + return prefixedMsgHex; + } + + default: + throw new Error(`Unrecognized MessagePrefixType: ${messagePrefixType}`); + } +} + function hashTrezorPersonalMessage(message: Buffer): Buffer { const prefix = ethUtil.toBuffer('\x19Ethereum Signed Message:\n' + String.fromCharCode(message.length)); return ethUtil.sha3(Buffer.concat([prefix, message])); @@ -183,11 +202,6 @@ function parseECSignature(signature: string): ECSignature { return ecSignature; } -function intToHex(i: number): string { - const hex = ethUtil.bufferToHex(ethUtil.toBuffer(i)); - return hex; -} - function getSignatureTypeIndexIfExists(signature: string): number { const unprefixedSignature = ethUtil.stripHexPrefix(signature); const signatureTypeHex = unprefixedSignature.substr(0, 2); -- cgit v1.2.3