test: induce Sign() error with malformed curve

ARR4N · ARR4N · commit 0d6db3e14e19 · 2025-06-04T15:48:49.000+01:00
diff --git a/libevm/precompiles/p256verify/p256verify.go b/libevm/precompiles/p256verify/p256verify.go
@@ -22,7 +22,6 @@ import (
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
-	"io"
 	"math/big"
 
 	"github.com/ava-labs/libevm/params"
@@ -89,16 +88,11 @@ func (in *input) bigWord(index int) *big.Int {
 }
 
 // Sign signs `hash` with the private key, using [rand.Reader] as the first
-// argument to [ecdsa.Sign]. It returns a signature payload constructed with
+// argument to [ecdsa.Sign] and assuming that the private key is for the
+// [elliptic.P256] curve. The returned signature payload is constructed with
 // [Pack], which can therefore be passed directly to the precompile.
 func Sign(priv *ecdsa.PrivateKey, hash [32]byte) ([]byte, error) {
-	return signWithRandReader(rand.Reader, priv, hash)
-}
-
-// signWithRandReader is abstracted for testing purposes only and MUST NOT be
-// used directly. Always use [Sign].
-func signWithRandReader(rand io.Reader, priv *ecdsa.PrivateKey, hash [32]byte) ([]byte, error) {
-	r, s, err := ecdsa.Sign(rand, priv, hash[:])
+	r, s, err := ecdsa.Sign(rand.Reader, priv, hash[:])
 	if err != nil {
 		return nil, err
 	}
diff --git a/libevm/precompiles/p256verify/p256verify_test.go b/libevm/precompiles/p256verify/p256verify_test.go
@@ -24,7 +24,6 @@ import (
 	"encoding/asn1"
 	"encoding/hex"
 	"encoding/json"
-	"errors"
 	"fmt"
 	"math/big"
 	"slices"
@@ -258,21 +257,23 @@ func TestViaEVM(t *testing.T) {
 	assert.Equal(t, []byte{31: 1}, got)
 }
 
-type brokenReader struct {
-	err error
+// A badCurve will cause [ecdsa.Sign] to return an error due to a zero
+// parameter.
+type badCurve struct {
+	elliptic.Curve
 }
 
-func (r brokenReader) Read([]byte) (int, error) {
-	return 0, r.err
+func (badCurve) Params() *elliptic.CurveParams {
+	return &elliptic.CurveParams{
+		N: big.NewInt(0),
+	}
 }
 
-func TestSignPropagatesReaderError(t *testing.T) {
+func TestSignPropagatesError(t *testing.T) {
 	priv, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
 	require.NoError(t, err, "ecdsa.GenerateKey()")
+	priv.Curve = badCurve{}
 
-	r := brokenReader{
-		err: errors.New("uh oh"),
-	}
-	_, err = signWithRandReader(r, priv, [32]byte{})
-	require.Equal(t, r.err, err, "Propagate error from io.Reader entropy source")
+	_, err = Sign(priv, [32]byte{})
+	require.ErrorContains(t, err, "zero", "Sign([private key with zero-param curve])")
 }
