From 6b1ac0bd4f6f4c036a8e68a91d76a3df5e6d7953 Mon Sep 17 00:00:00 2001
From: Wo Jake <vpn2843@protonmail.com>
Date: Wed, 17 May 2023 04:28:23 +0800
Subject: [PATCH] Add guard check for signing algorithm (#2278)

Previously unsupported algorithm would not throw exceptions.

Co-authored-by: Caleb Kniffen <ckniffen@ripple.com>
---
 packages/xrpl/HISTORY.md                | 1 +
 packages/xrpl/src/Wallet/index.ts       | 5 +++++
 packages/xrpl/test/wallet/index.test.ts | 9 +++++++++
 3 files changed, 15 insertions(+)

diff --git a/packages/xrpl/HISTORY.md b/packages/xrpl/HISTORY.md
index a20d41c6..f3b0fea2 100644
--- a/packages/xrpl/HISTORY.md
+++ b/packages/xrpl/HISTORY.md
@@ -4,6 +4,7 @@ Subscribe to [the **xrpl-announce** mailing list](https://groups.google.com/g/xr
 ## Unreleased
 
 ### Added
+* Guard check for signing algorithm used in `Wallet.generate()`
 * Null and undefined values in transactions are now treated as though the field was not passed in.
 
 ### Fixed
diff --git a/packages/xrpl/src/Wallet/index.ts b/packages/xrpl/src/Wallet/index.ts
index aaafbf8b..d20afed0 100644
--- a/packages/xrpl/src/Wallet/index.ts
+++ b/packages/xrpl/src/Wallet/index.ts
@@ -129,8 +129,13 @@ class Wallet {
    *
    * @param algorithm - The digital signature algorithm to generate an address for.
    * @returns A new Wallet derived from a generated seed.
+   *
+   * @throws ValidationError when signing algorithm isn't valid
    */
   public static generate(algorithm: ECDSA = DEFAULT_ALGORITHM): Wallet {
+    if (!Object.values(ECDSA).includes(algorithm)) {
+      throw new ValidationError('Invalid cryptographic signing algorithm')
+    }
     const seed = generateSeed({ algorithm })
     return Wallet.fromSeed(seed)
   }
diff --git a/packages/xrpl/test/wallet/index.test.ts b/packages/xrpl/test/wallet/index.test.ts
index 6ff132e1..05e089c2 100644
--- a/packages/xrpl/test/wallet/index.test.ts
+++ b/packages/xrpl/test/wallet/index.test.ts
@@ -57,6 +57,15 @@ describe('Wallet', function () {
       assert.isTrue(wallet.classicAddress.startsWith(classicAddressPrefix))
     })
 
+    it('generates a new wallet using an invalid/unknown algorithm', function () {
+      const algorithm = 'test'
+
+      assert.throws(() => {
+        // @ts-expect-error -- We know it is an invalid algorithm
+        Wallet.generate(algorithm)
+      }, /Invalid cryptographic signing algorithm/u)
+    })
+
     it('generates a new wallet using algorithm ecdsa-secp256k1', function () {
       const algorithm = ECDSA.secp256k1
       const wallet = Wallet.generate(algorithm)