add RSA signature verifier

Author: Amxx

contracts/utils/cryptography/ERC7913SignatureVerifierRSA.sol

@@ -0,0 +1,20 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.20;
+
+import {RSA} from "@openzeppelin/contracts/utils/cryptography/RSA.sol";
+import {IERC7913SignatureVerifier} from "../../interfaces/IERC7913.sol";
+
+/**
+ * @dev ERC-7913 signature verifier that support RSA keys.
+ */
+contract ERC7913SignatureVerifierRSA is IERC7913SignatureVerifier {
+    /// @inheritdoc IERC7913SignatureVerifier
+    function verify(bytes calldata key, bytes32 hash, bytes calldata signature) public view virtual returns (bytes4) {
+        (bytes memory e, bytes memory n) = abi.decode(key, (bytes, bytes));
+        return
+            RSA.pkcs1Sha256(abi.encodePacked(hash), signature, e, n)
+                ? IERC7913SignatureVerifier.verify.selector
+                : bytes4(0xFFFFFFFF);
+    }
+}

test/account/AccountERC7913.test.js

@@ -3,59 +3,104 @@ const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers');
 
 const { getDomain } = require('@openzeppelin/contracts/test/helpers/eip712');
 const { ERC4337Helper } = require('../helpers/erc4337');
-const { NonNativeSigner, P256SigningKey } = require('../helpers/signers');
+const { NonNativeSigner, P256SigningKey, RSASHA256SigningKey } = require('../helpers/signers');
 const { PackedUserOperation } = require('../helpers/eip712-types');
 
 const { shouldBehaveLikeAccountCore, shouldBehaveLikeAccountHolder } = require('./Account.behavior');
 const { shouldBehaveLikeERC1271 } = require('../utils/cryptography/ERC1271.behavior');
 const { shouldBehaveLikeERC7821 } = require('./extensions/ERC7821.behavior');
 
+// Prepare signer in advance (RSA are long to initialize)
+const signerECDSA = ethers.Wallet.createRandom();
+const signerP256 = new NonNativeSigner(P256SigningKey.random());
+const signerRSA = new NonNativeSigner(RSASHA256SigningKey.random());
+
+// Minimal fixture common to the different signer verifiers
 async function fixture() {
   // EOAs and environment
   const [beneficiary, other] = await ethers.getSigners();
   const target = await ethers.deployContract('CallReceiverMockExtended');
 
-  // P256 signer
-  const signer = new NonNativeSigner(P256SigningKey.random());
-  const verifier = await ethers.deployContract('ERC7913SignatureVerifierP256');
+  // ERC-7913 verifiers
+  const verifierP256 = await ethers.deployContract('ERC7913SignatureVerifierP256');
+  const verifierRSA = await ethers.deployContract('ERC7913SignatureVerifierRSA');
 
-  // ERC-4337 account
+  // ERC-4337 env
   const helper = new ERC4337Helper();
-  const mock = await helper.newAccount('$AccountERC7913Mock', [
-    'AccountERC7913',
-    '1',
-    ethers.solidityPacked(
-      ['address', 'bytes32', 'bytes32'],
-      [verifier.target, signer.signingKey.publicKey.qx, signer.signingKey.publicKey.qy],
-    ),
-  ]);
-
-  // ERC-4337 Entrypoint domain
+  await helper.wait();
   const entrypointDomain = await getDomain(entrypoint.v08);
+  const domain = { name: 'AccountERC7913', version: '1', chainId: entrypointDomain.chainId }; // Missing verifyingContract,
 
-  // domain cannot be fetched using getDomain(mock) before the mock is deployed
-  const domain = {
-    name: 'AccountERC7913',
-    version: '1',
-    chainId: entrypointDomain.chainId,
-    verifyingContract: mock.address,
-  };
+  const makeMock = signer =>
+    helper.newAccount('$AccountERC7913Mock', ['AccountERC7913', '1', signer]).then(mock => {
+      domain.verifyingContract = mock.address;
+      return mock;
+    });
 
-  const signUserOp = userOp =>
-    signer
+  const signUserOp = function (userOp) {
+    return this.signer
       .signTypedData(entrypointDomain, { PackedUserOperation }, userOp.packed)
       .then(signature => Object.assign(userOp, { signature }));
+  };
 
-  return { helper, mock, domain, signer, target, beneficiary, other, signUserOp };
+  return { helper, verifierP256, verifierRSA, domain, target, beneficiary, other, makeMock, signUserOp };
 }
 
 describe('AccountERC7913', function () {
   beforeEach(async function () {
     Object.assign(this, await loadFixture(fixture));
   });
 
-  shouldBehaveLikeAccountCore();
-  shouldBehaveLikeAccountHolder();
-  shouldBehaveLikeERC1271({ erc7739: true });
-  shouldBehaveLikeERC7821();
+  // Using ECDSA key as verifier
+  describe('ECDSA key', function () {
+    beforeEach(async function () {
+      this.signer = signerECDSA;
+      this.mock = await this.makeMock(this.signer.address);
+    });
+
+    shouldBehaveLikeAccountCore();
+    shouldBehaveLikeAccountHolder();
+    shouldBehaveLikeERC1271({ erc7739: true });
+    shouldBehaveLikeERC7821();
+  });
+
+  // Using P256 key with an ERC-7913 verifier
+  describe('P256 key', function () {
+    beforeEach(async function () {
+      this.signer = signerP256;
+      this.mock = await this.makeMock(
+        ethers.concat([
+          this.verifierP256.target,
+          this.signer.signingKey.publicKey.qx,
+          this.signer.signingKey.publicKey.qy,
+        ]),
+      );
+    });
+
+    shouldBehaveLikeAccountCore();
+    shouldBehaveLikeAccountHolder();
+    shouldBehaveLikeERC1271({ erc7739: true });
+    shouldBehaveLikeERC7821();
+  });
+
+  // Using RSA key with an ERC-7913 verifier
+  describe('RSA key', function () {
+    beforeEach(async function () {
+      this.signer = signerRSA;
+      this.mock = await this.makeMock(
+        ethers.concat([
+          this.verifierRSA.target,
+          ethers.AbiCoder.defaultAbiCoder().encode(
+            ['bytes', 'bytes'],
+            [this.signer.signingKey.publicKey.e, this.signer.signingKey.publicKey.n],
+          ),
+        ]),
+      );
+    });
+
+    shouldBehaveLikeAccountCore();
+    shouldBehaveLikeAccountHolder();
+    shouldBehaveLikeERC1271({ erc7739: true });
+    shouldBehaveLikeERC7821();
+  });
 });