[Ceres] Arbitrary sized signed message in Crypto.verify_sig (#4193)

* FATE: Allow arbitrary bytes in verif_sig + tests

* Cleanup duplicate function exports

* Bump sophia + release note

apps/aecontract/test/aecontract_SUITE.erl

@@ -5567,6 +5567,13 @@ sophia_crypto(_Cfg) ->
                                 , {test_string_verify, Message, true}
                                 , {test_string_verify, <<"Not the secret message">>, false}] ],
 
+    %% Test that arbitrary sized message also works in Ceres and onwards
+    [ begin
+        Sig2 = ?sig(enacl:sign_detached(Message, PrivKey)),
+        TestRes = ?call(call_contract, Acc, IdC, test_verify, bool, {{bytes, Message}, PubKey, Sig2}),
+        ?assertMatch(true, TestRes)
+      end || sophia_version() >= ?SOPHIA_CERES_FATE ],
+
     %% SECP256K1 signature verification
     {SECP_Pub0, SECP_Priv} = crypto:generate_key(ecdh, secp256k1),
     SECP_Pub = aeu_crypto:ecdsa_from_der_pk(SECP_Pub0),
@@ -5655,6 +5662,22 @@ sophia_crypto(_Cfg) ->
     PHash3 = ?call(call_contract, Acc, IdC, poseidon, word, {TooLarge, B}),
     ?assertMatch({error, <<"Bad arguments to poseidon", _/binary>>}, PHash3),
 
+
+    BytesArb = <<"arbitrary sized byte array">>,
+    BytesX = {bytes, BytesArb},
+
+    Sha3_BX    = aec_hash:hash(evm, BytesArb),
+    Sha256_BX  = aec_hash:sha256_hash(BytesArb),
+    Blake2b_BX = aec_hash:blake2b_256_hash(BytesArb),
+
+    ResSha3_BX    = ?call(call_contract, Acc, IdC, sha3_bX,    word, {BytesX}),
+    ResSha256_BX  = ?call(call_contract, Acc, IdC, sha256_bX,  word, {BytesX}),
+    ResBlake2b_BX = ?call(call_contract, Acc, IdC, blake2b_bX, word, {BytesX}),
+
+    ?assertMatch({bytes, Sha3_BX},    ResSha3_BX),
+    ?assertMatch({bytes, Sha256_BX},  ResSha256_BX),
+    ?assertMatch({bytes, Blake2b_BX}, ResBlake2b_BX),
+
     ok.
 
 sophia_crypto_pairing(Cfg) ->

apps/aefate/src/aefa_fate_op.erl

@@ -191,10 +191,7 @@
         , bytes_size/3
         , bytes_split/4
         , bytes_split_any/4
-        , bytes_size/3
         , bytes_to_fixed_size/4
-        , int_to_bytes/4
-        , str_to_bytes/3
         , load_pre_iris_map_ordering/0
         ]).
 
@@ -2360,7 +2357,12 @@ spend_tuple_gas(TupleSize, ES) ->
     aefa_engine_state:spend_gas_for_new_cells(TupleSize + 2, ES).
 
 verify_sig(Arg0, Arg1, Arg2, Arg3, ES) ->
-    ter_op(verify_sig, {Arg0, Arg1, Arg2, Arg3}, ES).
+    case aefa_engine_state:vm_version(ES) >= ?VM_FATE_SOPHIA_3 of
+        false ->
+            ter_op(verify_sig_of_hash, {Arg0, Arg1, Arg2, Arg3}, ES);
+        true ->
+            ter_op(verify_sig, {Arg0, Arg1, Arg2, Arg3}, ES)
+    end.
 
 verify_sig_secp256k1(Arg0, Arg1, Arg2, Arg3, ES) ->
     ter_op(verify_sig_secp256k1, {Arg0, Arg1, Arg2, Arg3}, ES).
@@ -2935,11 +2937,15 @@ op(map_update, Map, Key, Value) when ?IS_FATE_MAP(Map),
     aeb_fate_data:make_map(Res);
 op(map_update, ?FATE_STORE_MAP(Cache, Id), Key, Value) ->
     ?FATE_STORE_MAP(Cache#{ Key => Value }, Id);
-op(verify_sig, Msg, PK, Sig) when ?IS_FATE_BYTES(32, Msg)
-                                , ?IS_FATE_ADDRESS(PK)
-                                , ?IS_FATE_BYTES(64, Sig) ->
+op(verify_sig_of_hash, Msg, PK, Sig) when ?IS_FATE_BYTES(32, Msg)
+                                        , ?IS_FATE_ADDRESS(PK)
+                                        , ?IS_FATE_BYTES(64, Sig) ->
     {?FATE_BYTES(Msg1), ?FATE_ADDRESS(PK1), ?FATE_BYTES(Sig1)} = {Msg, PK, Sig},
     aeu_crypto:verify_sig(Msg1, PK1, Sig1);
+op(verify_sig, ?FATE_BYTES(Msg1), PK, Sig) when ?IS_FATE_ADDRESS(PK)
+                                              , ?IS_FATE_BYTES(64, Sig) ->
+    {?FATE_ADDRESS(PK1), ?FATE_BYTES(Sig1)} = {PK, Sig},
+    aeu_crypto:verify_sig(Msg1, PK1, Sig1);
 op(verify_sig_secp256k1, Msg, PK, Sig) when ?IS_FATE_BYTES(32, Msg)
                                           , ?IS_FATE_BYTES(64, PK)
                                           , ?IS_FATE_BYTES(64, Sig) ->

docs/release-notes/next-ceres/fate_extensions.md

@@ -5,6 +5,6 @@
   - Crypto.poseidon - a ZK/SNARK friendly hash function
   - Introduce arbitrary sized binary arrays (type `bytes()`); adding `Bytes.split_any`,
   `Bytes.to_fixed_size`, `Bytes.to_any_size`, `Bytes.size`, `String.to_bytes`,
-  and `Int.to_bytes`; and adjust `Bytes.concat` to allow both fixed and arbitrary
-  sized byte arrays.
+  and `Int.to_bytes`; and adjust `Bytes.concat`, and `Crypto.verify_sig` to allow both
+  fixed and arbitrary sized byte arrays.
   - Chain.network\_id - the network id of the chain

rebar.config

@@ -217,7 +217,7 @@
                     {dist_node, [{setcookie, 'aeternity_cookie'},
                                  {sname, 'aeternity_ct@localhost'}]},
                     {deps, [{meck, "0.8.12"},
-                            {aesophia, {git, "https://github.com/aeternity/aesophia.git", {ref,"1538af7"}}},
+                            {aesophia, {git, "https://github.com/aeternity/aesophia.git", {ref,"8f50838"}}},
                             {aesophia_cli, {git, "https://github.com/aeternity/aesophia_cli", {ref,"5f03a89"}}},
                             {aestratum_client, {git, "https://github.com/aeternity/aestratum_client", {ref, "adb0993"}}},
                             {websocket_client, {git, "https://github.com/aeternity/websocket_client", {ref, "95ef9de"}}},

test/contracts/crypto.aes

@@ -18,7 +18,11 @@ contract CryptoTest =
   entrypoint sha256_b52  (x : bytes(52)) : hash = Crypto.sha256(x)
   entrypoint blake2b_b52 (x : bytes(52)) : hash = Crypto.blake2b(x)
 
-  entrypoint test_verify(msg : hash, pk : address, sig : signature) =
+  entrypoint sha3_bX    (x : bytes()) : hash = Crypto.sha3(x)
+  entrypoint sha256_bX  (x : bytes()) : hash = Crypto.sha256(x)
+  entrypoint blake2b_bX (x : bytes()) : hash = Crypto.blake2b(x)
+
+  entrypoint test_verify(msg : bytes(), pk : address, sig : signature) =
     Crypto.verify_sig(msg, pk, sig)
 
   entrypoint test_string_verify(x : string, pk : address, sig : signature) =