server/asset: drop support for truncated message sigs

decred · May 13, 2022 · efd7c12 · efd7c12
1 parent 2c002e5
commit efd7c12
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 24 deletions.
diff --git a/server/asset/btc/btc_test.go b/server/asset/btc/btc_test.go
@@ -524,7 +524,8 @@ func s256Auth(msg []byte) *testAuth {
 	if msg == nil {
 		msg = randomBytes(32)
 	}
-	sig, err := priv.Sign(msg)
+	hash := sha256.Sum256(msg)
+	sig, err := priv.Sign(hash[:])
 	if err != nil {
 		fmt.Printf("s256Auth sign error: %v\n", err)
 	}

diff --git a/server/asset/btc/script.go b/server/asset/btc/script.go
@@ -23,11 +23,7 @@ func checkSig(msg, pkBytes, sigBytes []byte) error {
 	}
 	hash := sha256.Sum256(msg)
 	if !signature.Verify(hash[:], pubKey) {
-		// This might be a legacy (buggy) client that signed the truncated
-		// message itself. (V0PURGE!)
-		if !signature.Verify(msg, pubKey) {
-			return fmt.Errorf("signature verification failed")
-		}
+		return fmt.Errorf("signature verification failed")
 	}
 	return nil
 }
diff --git a/server/asset/dcr/dcr_test.go b/server/asset/dcr/dcr_test.go
@@ -408,7 +408,8 @@ func s256Auth(msg []byte) *testAuth {
 	if msg == nil {
 		msg = randomBytes(32)
 	}
-	sig := ecdsa.Sign(priv, msg)
+	hash := chainhash.HashB(msg)
+	sig := ecdsa.Sign(priv, hash)
 	return &testAuth{
 		pubkey: pubkey,
 		pkHash: dcrutil.Hash160(pubkey),
@@ -426,7 +427,8 @@ func edwardsAuth(msg []byte) *testAuth {
 	if msg == nil {
 		msg = randomBytes(32)
 	}
-	sig, err := priv.Sign(msg)
+	hash := chainhash.HashB(msg)
+	sig, err := priv.Sign(hash)
 	if err != nil {
 		fmt.Printf("edwardsAuth sign error: %v\n", err)
 	}
@@ -447,7 +449,8 @@ func schnorrAuth(msg []byte) *testAuth {
 	if msg == nil {
 		msg = randomBytes(32)
 	}
-	sig, err := schnorr.Sign(priv, msg)
+	hash := chainhash.HashB(msg)
+	sig, err := schnorr.Sign(priv, hash)
 	if err != nil {
 		fmt.Printf("schnorrAuth sign error: %v\n", err)
 	}

diff --git a/server/asset/dcr/script.go b/server/asset/dcr/script.go
@@ -40,11 +40,7 @@ func checkSigS256(msg, pkBytes, sigBytes []byte) error {
 	}
 	hash := chainhash.HashB(msg)
 	if !signature.Verify(hash, pubKey) {
-		// This might be a legacy (buggy) client that signed the truncated
-		// message itself. (V0PURGE!)
-		if !signature.Verify(msg, pubKey) {
-			return fmt.Errorf("secp256k1 signature verification failed")
-		}
+		return fmt.Errorf("secp256k1 signature verification failed")
 	}
 	return nil
 }
@@ -62,11 +58,7 @@ func checkSigEdwards(msg, pkBytes, sigBytes []byte) error {
 	}
 	hash := chainhash.HashB(msg)
 	if !signature.Verify(hash, pubKey) {
-		// This might be a legacy (buggy) client that signed the truncated
-		// message itself. (V0PURGE!)
-		if !signature.Verify(msg, pubKey) {
-			return fmt.Errorf("edwards signature verification failed")
-		}
+		return fmt.Errorf("edwards signature verification failed")
 	}
 	return nil
 }
@@ -84,11 +76,7 @@ func checkSigSchnorr(msg, pkBytes, sigBytes []byte) error {
 	}
 	hash := chainhash.HashB(msg)
 	if !signature.Verify(hash, pubKey) {
-		// This might be a legacy (buggy) client that signed the truncated
-		// message itself. (V0PURGE!)
-		if !signature.Verify(msg, pubKey) {
-			return fmt.Errorf("schnorr signature verification failed")
-		}
+		return fmt.Errorf("schnorr signature verification failed")
 	}
 	return nil
 }