Auditor signatures should be verified when len(pp.Auditor) != 0 #1223 (#1235)

adecaro · web-flow · commit 27338ccc371c · 2025-10-14T13:19:04.000+02:00
diff --git a/token/core/common/validator_auditing.go b/token/core/common/validator_auditing.go
@@ -14,15 +14,24 @@ import (
 	"github.com/hyperledger-labs/fabric-token-sdk/token/driver"
 )
 
+var (
+	ErrAuditorSignaturesMissing = errors.New("auditor signatures missing")
+	ErrAuditorSignaturesPresent = errors.New("auditor signatures present")
+)
+
 func AuditingSignaturesValidate[P driver.PublicParameters, T any, TA driver.TransferAction, IA driver.IssueAction, DS driver.Deserializer](c context.Context, ctx *Context[P, T, TA, IA, DS]) error {
 	if len(ctx.PP.Auditors()) == 0 {
 		// enforce no auditor signatures are attached
 		if len(ctx.TokenRequest.AuditorSignatures) != 0 {
-			return errors.New("auditor signatures are not empty")
+			return ErrAuditorSignaturesPresent
 		}
 		return nil
 	}
 
+	if len(ctx.TokenRequest.AuditorSignatures) == 0 {
+		return ErrAuditorSignaturesMissing
+	}
+
 	auditors := ctx.PP.Auditors()
 	for _, auditorSignature := range ctx.TokenRequest.AuditorSignatures {
 		auditor := auditorSignature.Identity
diff --git a/token/core/common/validator_auditing_test.go b/token/core/common/validator_auditing_test.go
@@ -31,7 +31,7 @@ func TestAuditingSignaturesValidate(t *testing.T) {
 		{
 			name:   "No auditors but token requests with auditor signatures",
 			err:    true,
-			errMsg: "auditor signatures are not empty",
+			errMsg: ErrAuditorSignaturesPresent.Error(),
 			context: func() (*TestContext, TestCheck) {
 				pp := &mock.PublicParameters{}
 				pp.AuditorsReturns(nil)
@@ -104,6 +104,30 @@ func TestAuditingSignaturesValidate(t *testing.T) {
 				}, nil
 			},
 		},
+		{
+			name:   "it is an auditor but no signatures to verify",
+			err:    true,
+			errMsg: ErrAuditorSignaturesMissing.Error(),
+			context: func() (*TestContext, TestCheck) {
+				auditor := driver.Identity("auditor")
+				pp := &mock.PublicParameters{}
+				pp.AuditorsReturns([]identity.Identity{auditor})
+				ver := &mock.Verifier{}
+				ver.VerifyReturns(errors.New("signature is not valid"))
+				des := &mock.Deserializer{}
+				des.GetAuditorVerifierReturns(ver, nil)
+				sp := &mock.SignatureProvider{}
+				sp.HasBeenSignedByReturns(nil, errors.New("signature is not valid"))
+				return &TestContext{
+					PP: pp,
+					TokenRequest: &driver.TokenRequest{
+						AuditorSignatures: nil,
+					},
+					Deserializer:      des,
+					SignatureProvider: sp,
+				}, nil
+			},
+		},
 		{
 			name:   "it is an auditor but I cannot verify its signature",
 			err:    true,
