From 10c855efef0c40ccac5cd1b47e1d6e5cf6eb4fc3 Mon Sep 17 00:00:00 2001 From: Evgenii Stratonikov Date: Fri, 22 Jul 2022 17:04:37 +0300 Subject: [PATCH] [#1624] go.mod: Update dependencies Signed-off-by: Evgenii Stratonikov --- cmd/neofs-cli/modules/control/util.go | 2 +- docs/release-instruction.md | 8 +++---- go.mod | 4 ++-- go.sum | Bin 94540 -> 94319 bytes pkg/morph/client/container/eacl.go | 5 ++-- pkg/morph/client/container/get.go | 7 ++---- pkg/services/container/morph/executor.go | 12 +++++++--- pkg/services/container/morph/executor_test.go | 22 +++++++++++++++++- pkg/services/control/ir/server/sign.go | 4 +++- pkg/services/control/server/sign.go | 4 +++- pkg/services/netmap/executor.go | 9 +++++-- pkg/services/object/get/v2/util.go | 4 +++- pkg/services/tree/signature.go | 4 +++- 13 files changed, 60 insertions(+), 25 deletions(-) diff --git a/cmd/neofs-cli/modules/control/util.go b/cmd/neofs-cli/modules/control/util.go index 38925121bd..d700d6aa09 100644 --- a/cmd/neofs-cli/modules/control/util.go +++ b/cmd/neofs-cli/modules/control/util.go @@ -38,7 +38,7 @@ func verifyResponse(cmd *cobra.Command, sigV2.SetSign(sigControl.GetSign()) var sig neofscrypto.Signature - sig.ReadFromV2(sigV2) + common.ExitOnErr(cmd, "can't read signature: %w", sig.ReadFromV2(sigV2)) if !sig.Verify(body.StableMarshal(nil)) { common.ExitOnErr(cmd, "", errors.New("invalid response signature")) diff --git a/docs/release-instruction.md b/docs/release-instruction.md index 82dab329c0..242a61ace4 100644 --- a/docs/release-instruction.md +++ b/docs/release-instruction.md @@ -12,14 +12,14 @@ These should run successfully: ## Writing changelog -Add an entry to the `CHANGELOG.md` following the style established there. Add an +Add an entry to the `CHANGELOG.md` following the style established there. Add an optional codename, version and release date in the heading. Write a paragraph describing the most significant changes done in this release. Add `Fixed`, `Added`, `Removed` and `Updated` sections with fixed bug descriptions and changes. Describe each change in detail with a reference to GitHub issues if -possible. +possible. -Update the supported version of neofs-contract in `README.md` if there were +Update the supported version of neofs-contract in `README.md` if there were changes in releases. ## Tag the release @@ -66,7 +66,7 @@ Close corresponding vX.Y.Z GitHub milestone. ## Post-release -Prepare pull-request for +Prepare pull-request for [neofs-devenv](https://github.com/nspcc-dev/neofs-devenv). Rebuild NeoFS LOCODE database via CLI `util locode generate` command (if needed). diff --git a/go.mod b/go.mod index adfcca31f9..ae821b7ff6 100644 --- a/go.mod +++ b/go.mod @@ -18,8 +18,8 @@ require ( github.com/nspcc-dev/neo-go v0.99.1-pre.0.20220714084516-54849ef3e58e github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220713145417-4f184498bc42 // indirect github.com/nspcc-dev/neofs-api-go/v2 v2.13.0 - github.com/nspcc-dev/neofs-contract v0.15.1 - github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220706151041-0d862d8568a4 + github.com/nspcc-dev/neofs-contract v0.15.3 + github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220725101411-90f1cc7a1a77 github.com/nspcc-dev/tzhash v1.6.1 github.com/panjf2000/ants/v2 v2.4.0 github.com/paulmach/orb v0.2.2 diff --git a/go.sum b/go.sum index ffdf4dd5c9ba5a70692b3edecaff8974760688ea..c7b4a7e38c7301e41e1b295ed3bc8d1772770603 100644 GIT binary patch delta 317 zcmX@}i1qyg)(yUWljZtVC!g(mGD?>^u+#K^fQ_HFh zGJ^CYDgx8Yf{a|VjEa-9!h(#F^76d$GMs!TH%=Fy%s-KB@_|YGX2$yI`FgqeDIhbP zBEq6Vqe8tZigI&ZTtm`xB0M}Tv`t-t)AKA$oGdF%UGjs&3th7!ohLt>D7U$Oau1V> zk*T49p^2fPuBAbmVREv0qG6)BImj?)i$EXaf>1yGz$kP7ln8%6*DxcuKy9zY+=zUq zr2Mk7sLaZoaDV4Cr+m1BK1`MN#%dsvBaJPClbrLl14BIx!o7k`%)^SqO@f`nGyKc* dy!;9RgDWkH++E%ElT6E!f#xc0{xU7%761%}ZF2ws delta 398 zcmZwByH3JT0LJl1LNvz2$v6-boe8w(wCA+AmcR`8DTsn1`3WAv7mpu85U++8+!}{0IVi~Ahub^SQwz-YhDWZ z`AdWbt2Xc;H)ah<5xFYR%et0tbv-*<%T0uW*(uhGR@;mld8=s)!QBG z!z0XF>`Igq5H6vri+dBg7^je*a$R^y7qS&f=LUs~w9busCZgM;KhgX?ru-XQQ!2#w r>#|8z{U<US7a1uI0_4aYiIp(tCBSdtON^qLp1XXZzvKgZ=&kP6~o6 diff --git a/pkg/morph/client/container/eacl.go b/pkg/morph/client/container/eacl.go index 8d8bd5958f..c65c0cffc2 100644 --- a/pkg/morph/client/container/eacl.go +++ b/pkg/morph/client/container/eacl.go @@ -87,7 +87,6 @@ func (c *Client) GetEACL(cnr cid.ID) (*container.EACL, error) { sigV2.SetSign(sig) sigV2.SetScheme(refs.ECDSA_RFC6979_SHA256) - res.Signature.ReadFromV2(sigV2) - - return &res, nil + err = res.Signature.ReadFromV2(sigV2) + return &res, err } diff --git a/pkg/morph/client/container/get.go b/pkg/morph/client/container/get.go index 3ebb57a55d..9649c51a52 100644 --- a/pkg/morph/client/container/get.go +++ b/pkg/morph/client/container/get.go @@ -12,7 +12,6 @@ import ( "github.com/nspcc-dev/neofs-node/pkg/morph/client" apistatus "github.com/nspcc-dev/neofs-sdk-go/client/status" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" - neofscrypto "github.com/nspcc-dev/neofs-sdk-go/crypto" "github.com/nspcc-dev/neofs-sdk-go/session" ) @@ -109,8 +108,6 @@ func (c *Client) Get(cid []byte) (*containercore.Container, error) { sigV2.SetSign(sigBytes) sigV2.SetScheme(refs.ECDSA_RFC6979_SHA256) - var sig neofscrypto.Signature - sig.ReadFromV2(sigV2) - - return &cnr, nil + err = cnr.Signature.ReadFromV2(sigV2) + return &cnr, err } diff --git a/pkg/services/container/morph/executor.go b/pkg/services/container/morph/executor.go index 79923201f2..dd7dc072d4 100644 --- a/pkg/services/container/morph/executor.go +++ b/pkg/services/container/morph/executor.go @@ -69,7 +69,10 @@ func (s *morphExecutor) Put(_ context.Context, tokV2 *sessionV2.Token, body *con return nil, fmt.Errorf("invalid container: %w", err) } - cnr.Signature.ReadFromV2(*sigV2) + err = cnr.Signature.ReadFromV2(*sigV2) + if err != nil { + return nil, fmt.Errorf("can't read signature: %w", err) + } if tokV2 != nil { cnr.Session = new(session.Container) @@ -214,7 +217,10 @@ func (s *morphExecutor) SetExtendedACL(ctx context.Context, tokV2 *sessionV2.Tok Value: eaclSDK.NewTableFromV2(body.GetEACL()), } - eaclInfo.Signature.ReadFromV2(*sigV2) + err := eaclInfo.Signature.ReadFromV2(*sigV2) + if err != nil { + return nil, fmt.Errorf("can't read signature: %w", err) + } if tokV2 != nil { eaclInfo.Session = new(session.Container) @@ -225,7 +231,7 @@ func (s *morphExecutor) SetExtendedACL(ctx context.Context, tokV2 *sessionV2.Tok } } - err := s.wrt.PutEACL(eaclInfo) + err = s.wrt.PutEACL(eaclInfo) if err != nil { return nil, err } diff --git a/pkg/services/container/morph/executor_test.go b/pkg/services/container/morph/executor_test.go index bb6e0a9739..52b0da947f 100644 --- a/pkg/services/container/morph/executor_test.go +++ b/pkg/services/container/morph/executor_test.go @@ -4,6 +4,7 @@ import ( "context" "testing" + "github.com/nspcc-dev/neo-go/pkg/crypto/keys" "github.com/nspcc-dev/neofs-api-go/v2/container" "github.com/nspcc-dev/neofs-api-go/v2/refs" "github.com/nspcc-dev/neofs-api-go/v2/session" @@ -13,6 +14,8 @@ import ( cid "github.com/nspcc-dev/neofs-sdk-go/container/id" cidtest "github.com/nspcc-dev/neofs-sdk-go/container/id/test" containertest "github.com/nspcc-dev/neofs-sdk-go/container/test" + neofscrypto "github.com/nspcc-dev/neofs-sdk-go/crypto" + neofsecdsa "github.com/nspcc-dev/neofs-sdk-go/crypto/ecdsa" sessiontest "github.com/nspcc-dev/neofs-sdk-go/session/test" "github.com/stretchr/testify/require" ) @@ -42,6 +45,22 @@ func TestInvalidToken(t *testing.T) { var cnrV2 refs.ContainerID cnr.WriteToV2(&cnrV2) + priv, err := keys.NewPrivateKey() + require.NoError(t, err) + + sign := func(reqBody interface { + StableMarshal([]byte) []byte + SetSignature(signature *refs.Signature) + }) { + signer := neofsecdsa.Signer(priv.PrivateKey) + var sig neofscrypto.Signature + require.NoError(t, sig.Calculate(signer, reqBody.StableMarshal(nil))) + + var sigV2 refs.Signature + sig.WriteToV2(&sigV2) + reqBody.SetSignature(&sigV2) + } + var tokV2 session.Token sessiontest.ContainerSigned().WriteToV2(&tokV2) @@ -53,7 +72,6 @@ func TestInvalidToken(t *testing.T) { name: "put", op: func(e containerSvc.ServiceExecutor, tokV2 *session.Token) (err error) { var reqBody container.PutRequestBody - reqBody.SetSignature(new(refs.Signature)) cnr := containertest.Container() @@ -61,6 +79,7 @@ func TestInvalidToken(t *testing.T) { cnr.WriteToV2(&cnrV2) reqBody.SetContainer(&cnrV2) + sign(&reqBody) _, err = e.Put(context.TODO(), tokV2, &reqBody) return @@ -81,6 +100,7 @@ func TestInvalidToken(t *testing.T) { op: func(e containerSvc.ServiceExecutor, tokV2 *session.Token) (err error) { var reqBody container.SetExtendedACLRequestBody reqBody.SetSignature(new(refs.Signature)) + sign(&reqBody) _, err = e.SetExtendedACL(context.TODO(), tokV2, &reqBody) return diff --git a/pkg/services/control/ir/server/sign.go b/pkg/services/control/ir/server/sign.go index bb9625dea2..ad2b18e9ec 100644 --- a/pkg/services/control/ir/server/sign.go +++ b/pkg/services/control/ir/server/sign.go @@ -57,7 +57,9 @@ func (s *Server) isValidRequest(req SignedMessage) error { sigV2.SetScheme(refs.ECDSA_SHA512) var sig neofscrypto.Signature - sig.ReadFromV2(sigV2) + if err := sig.ReadFromV2(sigV2); err != nil { + return fmt.Errorf("can't read signature: %w", err) + } if !sig.Verify(binBody) { // TODO(@cthulhu-rider): #1387 use "const" error diff --git a/pkg/services/control/server/sign.go b/pkg/services/control/server/sign.go index 5d6c5d4da3..b6e36b244b 100644 --- a/pkg/services/control/server/sign.go +++ b/pkg/services/control/server/sign.go @@ -57,7 +57,9 @@ func (s *Server) isValidRequest(req SignedMessage) error { sigV2.SetScheme(refs.ECDSA_SHA512) var sig neofscrypto.Signature - sig.ReadFromV2(sigV2) + if err := sig.ReadFromV2(sigV2); err != nil { + return fmt.Errorf("can't read signature: %w", err) + } if !sig.Verify(binBody) { // TODO(@cthulhu-rider): #1387 use "const" error diff --git a/pkg/services/netmap/executor.go b/pkg/services/netmap/executor.go index 132556bb87..797478090d 100644 --- a/pkg/services/netmap/executor.go +++ b/pkg/services/netmap/executor.go @@ -3,6 +3,7 @@ package netmap import ( "context" "errors" + "fmt" "github.com/nspcc-dev/neofs-api-go/v2/netmap" "github.com/nspcc-dev/neofs-api-go/v2/refs" @@ -61,7 +62,9 @@ func (s *executorSvc) LocalNodeInfo( } var ver versionsdk.Version - ver.ReadFromV2(*verV2) + if err := ver.ReadFromV2(*verV2); err != nil { + return nil, fmt.Errorf("can't read version: %w", err) + } ni, err := s.state.LocalNodeInfo() if err != nil { @@ -100,7 +103,9 @@ func (s *executorSvc) NetworkInfo( } var ver versionsdk.Version - ver.ReadFromV2(*verV2) + if err := ver.ReadFromV2(*verV2); err != nil { + return nil, fmt.Errorf("can't read version: %w", err) + } ni, err := s.netInfo.Dump(ver) if err != nil { diff --git a/pkg/services/object/get/v2/util.go b/pkg/services/object/get/v2/util.go index 1c736667f6..17ac8d638f 100644 --- a/pkg/services/object/get/v2/util.go +++ b/pkg/services/object/get/v2/util.go @@ -507,7 +507,9 @@ func (s *Service) toHeadPrm(ctx context.Context, req *objectV2.HeadRequest, resp } var sig neofscrypto.Signature - sig.ReadFromV2(*idSig) + if err := sig.ReadFromV2(*idSig); err != nil { + return nil, fmt.Errorf("can't read signature: %w", err) + } if !sig.Verify(binID) { return nil, errors.New("invalid object ID signature") diff --git a/pkg/services/tree/signature.go b/pkg/services/tree/signature.go index 65f164b378..8f97929b6f 100644 --- a/pkg/services/tree/signature.go +++ b/pkg/services/tree/signature.go @@ -101,7 +101,9 @@ func verifyMessage(m message) error { sigV2.SetScheme(refs.ECDSA_SHA512) var sigSDK neofscrypto.Signature - sigSDK.ReadFromV2(sigV2) + if err := sigSDK.ReadFromV2(sigV2); err != nil { + return fmt.Errorf("can't read signature: %w", err) + } if !sigSDK.Verify(binBody) { return errors.New("invalid signature")