refactor(core): all errors in signature verification now throw an exc…

…eption (#468)
fetchai · Jul 23, 2024 · a53e355 · a53e355
1 parent ea9b3e2
commit a53e355
Show file tree

Hide file tree

Showing 5 changed files with 32 additions and 32 deletions.
diff --git a/python/src/uagents/asgi.py b/python/src/uagents/asgi.py
@@ -261,29 +261,32 @@ async def __call__(self, scope, receive, send):  #  pylint: disable=too-many-bra
             return
 
         expects_response = headers.get(b"x-uagents-connection") == b"sync"
-        do_verify = not is_user_address(env.sender)
 
         if expects_response:
             # Add a future that will be resolved once the query is answered
             self._queries[env.sender] = asyncio.Future()
 
-        if do_verify and env.verify() is False:
-            await send(
-                {
-                    "type": "http.response.start",
-                    "status": 400,
-                    "headers": [
-                        [b"content-type", b"application/json"],
-                    ],
-                }
-            )
-            await send(
-                {
-                    "type": "http.response.body",
-                    "body": b'{"error": "signature verification failed"}',
-                }
-            )
-            return
+        if not is_user_address(env.sender):  # verify signature if sent from agent
+            try:
+                env.verify()
+            except Exception as err:
+                self._logger.warning(f"Failed to verify envelope: {err}")
+                await send(
+                    {
+                        "type": "http.response.start",
+                        "status": 400,
+                        "headers": [
+                            [b"content-type", b"application/json"],
+                        ],
+                    }
+                )
+                await send(
+                    {
+                        "type": "http.response.body",
+                        "body": b'{"error": "signature verification failed"}',
+                    }
+                )
+                return
 
         if not dispatcher.contains(env.target):
             await send(

diff --git a/python/src/uagents/crypto/__init__.py b/python/src/uagents/crypto/__init__.py
@@ -195,9 +195,4 @@ def verify_digest(address: str, digest: bytes, signature: str) -> bool:
         # build the verifying key
         verifying_key = ecdsa.VerifyingKey.from_string(pk_data, curve=ecdsa.SECP256k1)
 
-        try:
-            result = verifying_key.verify_digest(sig_data, digest)
-        except ecdsa.keys.BadSignatureError:
-            return False
-
-        return result
+        return verifying_key.verify_digest(sig_data, digest)
diff --git a/python/src/uagents/envelope.py b/python/src/uagents/envelope.py
@@ -83,8 +83,7 @@ def verify(self) -> bool:
             bool: True if the signature is valid, False otherwise.
         """
         if self.signature is None:
-            return False
-
+            raise ValueError("Envelope signature is missing")
         return Identity.verify_digest(self.sender, self._digest(), self.signature)
 
     def _digest(self) -> bytes:

diff --git a/python/src/uagents/mailbox.py b/python/src/uagents/mailbox.py
@@ -90,11 +90,14 @@ async def _handle_envelope(self, payload: dict):
             self._logger.warning("Received invalid envelope")
             return
 
-        do_verify = not is_user_address(env.sender)
-
-        if do_verify and env.verify() is False:
-            self._logger.warning("Received envelope that failed verification")
-            return
+        if not is_user_address(env.sender):  # verify signature if sent from agent
+            try:
+                env.verify()
+            except Exception as err:
+                self._logger.warning(
+                    "Received envelope that failed verification: %s", err
+                )
+                return
 
         if not dispatcher.contains(env.target):
             self._logger.warning("Received envelope for unrecognized address")

diff --git a/python/src/uagents/registration.py b/python/src/uagents/registration.py
@@ -19,7 +19,7 @@ def sign(self, identity: Identity):
 
     def verify(self) -> bool:
         if self.signature is None:
-            return False
+            raise ValueError("Attestation signature is missing")
         return Identity.verify_digest(
             self.agent_address, self._build_digest(), self.signature
         )