Resolves TODO regarding none value as software signer password; Raise AccessDenied.

2020-11-24 12:04:36 -08:00 · 2020-11-24 12:04:36 -08:00 · acdcf8c16e
parent 79c3895e0f
commit acdcf8c16e
2 changed files with 9 additions and 4 deletions
--- a/nucypher/blockchain/eth/signers/software.py
+++ b/nucypher/blockchain/eth/signers/software.py
@ -355,16 +355,17 @@ class KeystoreSigner(Signer):
        Decrypt the signing material from the key metadata file and cache it on
        the keystore instance is decryption is successful.
        """
+        if not password:
+            # It is possible that password is None here passed form the above layer,
+            # causing Account.decrypt to crash, expecting a value for password.
+            raise self.AccessDenied('No password supplied to unlock account.')
+
        if not self.__signers.get(account):
            try:
                key_metadata = self.__keys[account]
-            except ValueError:
-                return False  # Decryption Failed
            except KeyError:
                raise self.UnknownAccount(account=account)
            try:
-                # TODO: It is possible that password is None here passed form the above leayer,
-                #       causing Account.decrypt to crash, expecting a value for password.
                signing_key = Account.from_key(Account.decrypt(key_metadata, password))
                self.__signers[account] = signing_key
            except ValueError as e:
--- a/tests/integration/blockchain/test_keystore_signer_filesystem_integration.py
+++ b/tests/integration/blockchain/test_keystore_signer_filesystem_integration.py
@ -86,6 +86,7 @@ def unknown_address():
    address = Account.create().address
    return address

+
 def test_invalid_keystore(tmp_path):
    with pytest.raises(Signer.InvalidSignerURI) as e:
        Signer.from_signer_uri(uri=f'keystore:{tmp_path/"nonexistent"}', testnet=True)
@ -169,6 +170,9 @@ def test_keystore_locking(mock_account, good_signer, unknown_address):
    with pytest.raises(Signer.UnknownAccount):
        good_signer.unlock_account(account=unknown_address, password=INSECURE_DEVELOPMENT_PASSWORD)

+    with pytest.raises(Signer.AccessDenied, match='No password supplied to unlock account.'):
+        good_signer.unlock_account(account=mock_account.address, password=None)
+
    successful_unlock = good_signer.unlock_account(account=mock_account.address, password=INSECURE_DEVELOPMENT_PASSWORD)
    assert successful_unlock