From 10c855efef0c40ccac5cd1b47e1d6e5cf6eb4fc3 Mon Sep 17 00:00:00 2001
From: Evgenii Stratonikov <evgeniy@nspcc.ru>
Date: Fri, 22 Jul 2022 17:04:37 +0300
Subject: [PATCH] [#1624] go.mod: Update dependencies
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
---
cmd/neofs-cli/modules/control/util.go | 2 +-
docs/release-instruction.md | 8 +++----
go.mod | 4 ++--
go.sum | 10 ++++-----
pkg/morph/client/container/eacl.go | 5 ++---
pkg/morph/client/container/get.go | 7 ++----
pkg/services/container/morph/executor.go | 12 +++++++---
pkg/services/container/morph/executor_test.go | 22 ++++++++++++++++++-
pkg/services/control/ir/server/sign.go | 4 +++-
pkg/services/control/server/sign.go | 4 +++-
pkg/services/netmap/executor.go | 9 ++++++--
pkg/services/object/get/v2/util.go | 4 +++-
pkg/services/tree/signature.go | 4 +++-
13 files changed, 64 insertions(+), 31 deletions(-)
diff --git a/cmd/neofs-cli/modules/control/util.go b/cmd/neofs-cli/modules/control/util.go
index 38925121b..d700d6aa0 100644
--- a/cmd/neofs-cli/modules/control/util.go
+++ b/cmd/neofs-cli/modules/control/util.go
@@ -38,7 +38,7 @@ func verifyResponse(cmd *cobra.Command,
sigV2.SetSign(sigControl.GetSign())
var sig neofscrypto.Signature
- sig.ReadFromV2(sigV2)
+ common.ExitOnErr(cmd, "can't read signature: %w", sig.ReadFromV2(sigV2))
if !sig.Verify(body.StableMarshal(nil)) {
common.ExitOnErr(cmd, "", errors.New("invalid response signature"))
diff --git a/docs/release-instruction.md b/docs/release-instruction.md
index 82dab329c..242a61ace 100644
--- a/docs/release-instruction.md
+++ b/docs/release-instruction.md
@@ -12,14 +12,14 @@ These should run successfully:
## Writing changelog
-Add an entry to the `CHANGELOG.md` following the style established there. Add an
+Add an entry to the `CHANGELOG.md` following the style established there. Add an
optional codename, version and release date in the heading. Write a paragraph
describing the most significant changes done in this release. Add
`Fixed`, `Added`, `Removed` and `Updated` sections with fixed bug descriptions
and changes. Describe each change in detail with a reference to GitHub issues if
-possible.
+possible.
-Update the supported version of neofs-contract in `README.md` if there were
+Update the supported version of neofs-contract in `README.md` if there were
changes in releases.
## Tag the release
@@ -66,7 +66,7 @@ Close corresponding vX.Y.Z GitHub milestone.
## Post-release
-Prepare pull-request for
+Prepare pull-request for
[neofs-devenv](https://github.com/nspcc-dev/neofs-devenv).
Rebuild NeoFS LOCODE database via CLI `util locode generate` command (if needed).
diff --git a/go.mod b/go.mod
index adfcca31f..ae821b7ff 100644
--- a/go.mod
+++ b/go.mod
@@ -18,8 +18,8 @@ require (
github.com/nspcc-dev/neo-go v0.99.1-pre.0.20220714084516-54849ef3e58e
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220713145417-4f184498bc42 // indirect
github.com/nspcc-dev/neofs-api-go/v2 v2.13.0
- github.com/nspcc-dev/neofs-contract v0.15.1
- github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220706151041-0d862d8568a4
+ github.com/nspcc-dev/neofs-contract v0.15.3
+ github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220725101411-90f1cc7a1a77
github.com/nspcc-dev/tzhash v1.6.1
github.com/panjf2000/ants/v2 v2.4.0
github.com/paulmach/orb v0.2.2
diff --git a/go.sum b/go.sum
index ffdf4dd5c..c7b4a7e38 100644
--- a/go.sum
+++ b/go.sum
@@ -373,26 +373,24 @@ github.com/nspcc-dev/hrw v1.0.9 h1:17VcAuTtrstmFppBjfRiia4K2wA/ukXZhLFS8Y8rz5Y=
github.com/nspcc-dev/hrw v1.0.9/go.mod h1:l/W2vx83vMQo6aStyx2AuZrJ+07lGv2JQGlVkPG06MU=
github.com/nspcc-dev/neo-go v0.73.1-pre.0.20200303142215-f5a1b928ce09/go.mod h1:pPYwPZ2ks+uMnlRLUyXOpLieaDQSEaf4NM3zHVbRjmg=
github.com/nspcc-dev/neo-go v0.98.0/go.mod h1:E3cc1x6RXSXrJb2nDWXTXjnXk3rIqVN8YdFyWv+FrqM=
-github.com/nspcc-dev/neo-go v0.98.2/go.mod h1:KXKqJwfTyVJzDarSCDqFaKrVbg/qz0ZBk2c3AtzqS5M=
github.com/nspcc-dev/neo-go v0.99.1-pre.0.20220714084516-54849ef3e58e h1:sjl8sniYkjoOsD8F+wzkpRfm9RzZSLQlh5Z/SMyf4A8=
github.com/nspcc-dev/neo-go v0.99.1-pre.0.20220714084516-54849ef3e58e/go.mod h1:/y5Sl8p3YheTygriBtCCMWKkDOek8HcvSo5ds2rJtKI=
-github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220321113211-526c423a6152/go.mod h1:QBE0I30F2kOAISNpT5oks82yF4wkkUq3SCfI3Hqgx/Y=
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220713145417-4f184498bc42 h1:Krhg2cD5mqvC+lin7irw6hj0M+x4ZOZrRGzrZQB+wcQ=
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220713145417-4f184498bc42/go.mod h1:QBE0I30F2kOAISNpT5oks82yF4wkkUq3SCfI3Hqgx/Y=
github.com/nspcc-dev/neofs-api-go/v2 v2.11.0-pre.0.20211201134523-3604d96f3fe1/go.mod h1:oS8dycEh8PPf2Jjp6+8dlwWyEv2Dy77h/XhhcdxYEFs=
github.com/nspcc-dev/neofs-api-go/v2 v2.11.1/go.mod h1:oS8dycEh8PPf2Jjp6+8dlwWyEv2Dy77h/XhhcdxYEFs=
github.com/nspcc-dev/neofs-api-go/v2 v2.13.0 h1:7BcBiSjmWqJx0SPFlGRYt9ZFbMjucRIz9+Mv8UBLeq8=
github.com/nspcc-dev/neofs-api-go/v2 v2.13.0/go.mod h1:73j09Xa7I2zQbM3HCvAHnDHPYiiWnEHa1d6Z6RDMBLU=
-github.com/nspcc-dev/neofs-contract v0.15.1 h1:1r27t4SGKF7W1PRPOIfircEXHvALThNYNagT+SIabcA=
-github.com/nspcc-dev/neofs-contract v0.15.1/go.mod h1:kxO5ZTqdzFnRM5RMvM+Fhd+3GGrJo6AmG2ZyA9OCqqQ=
+github.com/nspcc-dev/neofs-contract v0.15.3 h1:7+NwyTtxFAnIevz0hR/XxQf6R2Ej2scjVR2bnnJnhBM=
+github.com/nspcc-dev/neofs-contract v0.15.3/go.mod h1:BXVZUZUJxrmmDETglXHI8+5DSgn84B9y5DoSWqEjYCs=
github.com/nspcc-dev/neofs-crypto v0.2.0/go.mod h1:F/96fUzPM3wR+UGsPi3faVNmFlA9KAEAUQR7dMxZmNA=
github.com/nspcc-dev/neofs-crypto v0.2.3/go.mod h1:8w16GEJbH6791ktVqHN9YRNH3s9BEEKYxGhlFnp0cDw=
github.com/nspcc-dev/neofs-crypto v0.3.0 h1:zlr3pgoxuzrmGCxc5W8dGVfA9Rro8diFvVnBg0L4ifM=
github.com/nspcc-dev/neofs-crypto v0.3.0/go.mod h1:8w16GEJbH6791ktVqHN9YRNH3s9BEEKYxGhlFnp0cDw=
github.com/nspcc-dev/neofs-sdk-go v0.0.0-20211201182451-a5b61c4f6477/go.mod h1:dfMtQWmBHYpl9Dez23TGtIUKiFvCIxUZq/CkSIhEpz4=
github.com/nspcc-dev/neofs-sdk-go v0.0.0-20220113123743-7f3162110659/go.mod h1:/jay1lr3w7NQd/VDBkEhkJmDmyPNsu4W+QV2obsUV40=
-github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220706151041-0d862d8568a4 h1:HA56Q5Wk6jv0N+/5y9kk2u0LEV/P7nLsCP7pjT50gpA=
-github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220706151041-0d862d8568a4/go.mod h1:KqyyYJT/Wyb5kQrIA6k6XIToSeqGkGPjYOilVCKFaEA=
+github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220725101411-90f1cc7a1a77 h1:C8QL3pUN/QZ7OdXONEV2FQ+JamXoBbovvZiylWOCfBo=
+github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220725101411-90f1cc7a1a77/go.mod h1:39SbCo+QUI0WJS47VsW4SCWhOwnJNpQSy8rGEG/b5vc=
github.com/nspcc-dev/rfc6979 v0.1.0/go.mod h1:exhIh1PdpDC5vQmyEsGvc4YDM/lyQp/452QxGq/UEso=
github.com/nspcc-dev/rfc6979 v0.2.0 h1:3e1WNxrN60/6N0DW7+UYisLeZJyfqZTNOjeV/toYvOE=
github.com/nspcc-dev/rfc6979 v0.2.0/go.mod h1:exhIh1PdpDC5vQmyEsGvc4YDM/lyQp/452QxGq/UEso=
diff --git a/pkg/morph/client/container/eacl.go b/pkg/morph/client/container/eacl.go
index 8d8bd5958..c65c0cffc 100644
--- a/pkg/morph/client/container/eacl.go
+++ b/pkg/morph/client/container/eacl.go
@@ -87,7 +87,6 @@ func (c *Client) GetEACL(cnr cid.ID) (*container.EACL, error) {
sigV2.SetSign(sig)
sigV2.SetScheme(refs.ECDSA_RFC6979_SHA256)
- res.Signature.ReadFromV2(sigV2)
-
- return &res, nil
+ err = res.Signature.ReadFromV2(sigV2)
+ return &res, err
}
diff --git a/pkg/morph/client/container/get.go b/pkg/morph/client/container/get.go
index 3ebb57a55..9649c51a5 100644
--- a/pkg/morph/client/container/get.go
+++ b/pkg/morph/client/container/get.go
@@ -12,7 +12,6 @@ import (
"github.com/nspcc-dev/neofs-node/pkg/morph/client"
apistatus "github.com/nspcc-dev/neofs-sdk-go/client/status"
cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
- neofscrypto "github.com/nspcc-dev/neofs-sdk-go/crypto"
"github.com/nspcc-dev/neofs-sdk-go/session"
)
@@ -109,8 +108,6 @@ func (c *Client) Get(cid []byte) (*containercore.Container, error) {
sigV2.SetSign(sigBytes)
sigV2.SetScheme(refs.ECDSA_RFC6979_SHA256)
- var sig neofscrypto.Signature
- sig.ReadFromV2(sigV2)
-
- return &cnr, nil
+ err = cnr.Signature.ReadFromV2(sigV2)
+ return &cnr, err
}
diff --git a/pkg/services/container/morph/executor.go b/pkg/services/container/morph/executor.go
index 79923201f..dd7dc072d 100644
--- a/pkg/services/container/morph/executor.go
+++ b/pkg/services/container/morph/executor.go
@@ -69,7 +69,10 @@ func (s *morphExecutor) Put(_ context.Context, tokV2 *sessionV2.Token, body *con
return nil, fmt.Errorf("invalid container: %w", err)
}
- cnr.Signature.ReadFromV2(*sigV2)
+ err = cnr.Signature.ReadFromV2(*sigV2)
+ if err != nil {
+ return nil, fmt.Errorf("can't read signature: %w", err)
+ }
if tokV2 != nil {
cnr.Session = new(session.Container)
@@ -214,7 +217,10 @@ func (s *morphExecutor) SetExtendedACL(ctx context.Context, tokV2 *sessionV2.Tok
Value: eaclSDK.NewTableFromV2(body.GetEACL()),
}
- eaclInfo.Signature.ReadFromV2(*sigV2)
+ err := eaclInfo.Signature.ReadFromV2(*sigV2)
+ if err != nil {
+ return nil, fmt.Errorf("can't read signature: %w", err)
+ }
if tokV2 != nil {
eaclInfo.Session = new(session.Container)
@@ -225,7 +231,7 @@ func (s *morphExecutor) SetExtendedACL(ctx context.Context, tokV2 *sessionV2.Tok
}
}
- err := s.wrt.PutEACL(eaclInfo)
+ err = s.wrt.PutEACL(eaclInfo)
if err != nil {
return nil, err
}
diff --git a/pkg/services/container/morph/executor_test.go b/pkg/services/container/morph/executor_test.go
index bb6e0a973..52b0da947 100644
--- a/pkg/services/container/morph/executor_test.go
+++ b/pkg/services/container/morph/executor_test.go
@@ -4,6 +4,7 @@ import (
"context"
"testing"
+ "github.com/nspcc-dev/neo-go/pkg/crypto/keys"
"github.com/nspcc-dev/neofs-api-go/v2/container"
"github.com/nspcc-dev/neofs-api-go/v2/refs"
"github.com/nspcc-dev/neofs-api-go/v2/session"
@@ -13,6 +14,8 @@ import (
cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
cidtest "github.com/nspcc-dev/neofs-sdk-go/container/id/test"
containertest "github.com/nspcc-dev/neofs-sdk-go/container/test"
+ neofscrypto "github.com/nspcc-dev/neofs-sdk-go/crypto"
+ neofsecdsa "github.com/nspcc-dev/neofs-sdk-go/crypto/ecdsa"
sessiontest "github.com/nspcc-dev/neofs-sdk-go/session/test"
"github.com/stretchr/testify/require"
)
@@ -42,6 +45,22 @@ func TestInvalidToken(t *testing.T) {
var cnrV2 refs.ContainerID
cnr.WriteToV2(&cnrV2)
+ priv, err := keys.NewPrivateKey()
+ require.NoError(t, err)
+
+ sign := func(reqBody interface {
+ StableMarshal([]byte) []byte
+ SetSignature(signature *refs.Signature)
+ }) {
+ signer := neofsecdsa.Signer(priv.PrivateKey)
+ var sig neofscrypto.Signature
+ require.NoError(t, sig.Calculate(signer, reqBody.StableMarshal(nil)))
+
+ var sigV2 refs.Signature
+ sig.WriteToV2(&sigV2)
+ reqBody.SetSignature(&sigV2)
+ }
+
var tokV2 session.Token
sessiontest.ContainerSigned().WriteToV2(&tokV2)
@@ -53,7 +72,6 @@ func TestInvalidToken(t *testing.T) {
name: "put",
op: func(e containerSvc.ServiceExecutor, tokV2 *session.Token) (err error) {
var reqBody container.PutRequestBody
- reqBody.SetSignature(new(refs.Signature))
cnr := containertest.Container()
@@ -61,6 +79,7 @@ func TestInvalidToken(t *testing.T) {
cnr.WriteToV2(&cnrV2)
reqBody.SetContainer(&cnrV2)
+ sign(&reqBody)
_, err = e.Put(context.TODO(), tokV2, &reqBody)
return
@@ -81,6 +100,7 @@ func TestInvalidToken(t *testing.T) {
op: func(e containerSvc.ServiceExecutor, tokV2 *session.Token) (err error) {
var reqBody container.SetExtendedACLRequestBody
reqBody.SetSignature(new(refs.Signature))
+ sign(&reqBody)
_, err = e.SetExtendedACL(context.TODO(), tokV2, &reqBody)
return
diff --git a/pkg/services/control/ir/server/sign.go b/pkg/services/control/ir/server/sign.go
index bb9625dea..ad2b18e9e 100644
--- a/pkg/services/control/ir/server/sign.go
+++ b/pkg/services/control/ir/server/sign.go
@@ -57,7 +57,9 @@ func (s *Server) isValidRequest(req SignedMessage) error {
sigV2.SetScheme(refs.ECDSA_SHA512)
var sig neofscrypto.Signature
- sig.ReadFromV2(sigV2)
+ if err := sig.ReadFromV2(sigV2); err != nil {
+ return fmt.Errorf("can't read signature: %w", err)
+ }
if !sig.Verify(binBody) {
// TODO(@cthulhu-rider): #1387 use "const" error
diff --git a/pkg/services/control/server/sign.go b/pkg/services/control/server/sign.go
index 5d6c5d4da..b6e36b244 100644
--- a/pkg/services/control/server/sign.go
+++ b/pkg/services/control/server/sign.go
@@ -57,7 +57,9 @@ func (s *Server) isValidRequest(req SignedMessage) error {
sigV2.SetScheme(refs.ECDSA_SHA512)
var sig neofscrypto.Signature
- sig.ReadFromV2(sigV2)
+ if err := sig.ReadFromV2(sigV2); err != nil {
+ return fmt.Errorf("can't read signature: %w", err)
+ }
if !sig.Verify(binBody) {
// TODO(@cthulhu-rider): #1387 use "const" error
diff --git a/pkg/services/netmap/executor.go b/pkg/services/netmap/executor.go
index 132556bb8..797478090 100644
--- a/pkg/services/netmap/executor.go
+++ b/pkg/services/netmap/executor.go
@@ -3,6 +3,7 @@ package netmap
import (
"context"
"errors"
+ "fmt"
"github.com/nspcc-dev/neofs-api-go/v2/netmap"
"github.com/nspcc-dev/neofs-api-go/v2/refs"
@@ -61,7 +62,9 @@ func (s *executorSvc) LocalNodeInfo(
}
var ver versionsdk.Version
- ver.ReadFromV2(*verV2)
+ if err := ver.ReadFromV2(*verV2); err != nil {
+ return nil, fmt.Errorf("can't read version: %w", err)
+ }
ni, err := s.state.LocalNodeInfo()
if err != nil {
@@ -100,7 +103,9 @@ func (s *executorSvc) NetworkInfo(
}
var ver versionsdk.Version
- ver.ReadFromV2(*verV2)
+ if err := ver.ReadFromV2(*verV2); err != nil {
+ return nil, fmt.Errorf("can't read version: %w", err)
+ }
ni, err := s.netInfo.Dump(ver)
if err != nil {
diff --git a/pkg/services/object/get/v2/util.go b/pkg/services/object/get/v2/util.go
index 1c736667f..17ac8d638 100644
--- a/pkg/services/object/get/v2/util.go
+++ b/pkg/services/object/get/v2/util.go
@@ -507,7 +507,9 @@ func (s *Service) toHeadPrm(ctx context.Context, req *objectV2.HeadRequest, resp
}
var sig neofscrypto.Signature
- sig.ReadFromV2(*idSig)
+ if err := sig.ReadFromV2(*idSig); err != nil {
+ return nil, fmt.Errorf("can't read signature: %w", err)
+ }
if !sig.Verify(binID) {
return nil, errors.New("invalid object ID signature")
diff --git a/pkg/services/tree/signature.go b/pkg/services/tree/signature.go
index 65f164b37..8f97929b6 100644
--- a/pkg/services/tree/signature.go
+++ b/pkg/services/tree/signature.go
@@ -101,7 +101,9 @@ func verifyMessage(m message) error {
sigV2.SetScheme(refs.ECDSA_SHA512)
var sigSDK neofscrypto.Signature
- sigSDK.ReadFromV2(sigV2)
+ if err := sigSDK.ReadFromV2(sigV2); err != nil {
+ return fmt.Errorf("can't read signature: %w", err)
+ }
if !sigSDK.Verify(binBody) {
return errors.New("invalid signature")