forked from TrueCloudLab/frostfs-node
[#1624] go.mod: Update dependencies
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
This commit is contained in:
Evgenii Stratonikov
parent
91361c4fe2
commit
10c855efef
13 changed files with 60 additions and 25 deletions
|
|
@ -38,7 +38,7 @@ func verifyResponse(cmd *cobra.Command,
|
||||||
sigV2.SetSign(sigControl.GetSign())
|
sigV2.SetSign(sigControl.GetSign())
|
||||||
|
|
||||||
var sig neofscrypto.Signature
|
var sig neofscrypto.Signature
|
||||||
sig.ReadFromV2(sigV2)
|
common.ExitOnErr(cmd, "can't read signature: %w", sig.ReadFromV2(sigV2))
|
||||||
|
|
||||||
if !sig.Verify(body.StableMarshal(nil)) {
|
if !sig.Verify(body.StableMarshal(nil)) {
|
||||||
common.ExitOnErr(cmd, "", errors.New("invalid response signature"))
|
common.ExitOnErr(cmd, "", errors.New("invalid response signature"))
|
||||||
|
|
|
||||||
4
go.mod
4
go.mod
|
|
@ -18,8 +18,8 @@ require (
|
||||||
github.com/nspcc-dev/neo-go v0.99.1-pre.0.20220714084516-54849ef3e58e
|
github.com/nspcc-dev/neo-go v0.99.1-pre.0.20220714084516-54849ef3e58e
|
||||||
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220713145417-4f184498bc42 // indirect
|
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220713145417-4f184498bc42 // indirect
|
||||||
github.com/nspcc-dev/neofs-api-go/v2 v2.13.0
|
github.com/nspcc-dev/neofs-api-go/v2 v2.13.0
|
||||||
github.com/nspcc-dev/neofs-contract v0.15.1
|
github.com/nspcc-dev/neofs-contract v0.15.3
|
||||||
github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220706151041-0d862d8568a4
|
github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220725101411-90f1cc7a1a77
|
||||||
github.com/nspcc-dev/tzhash v1.6.1
|
github.com/nspcc-dev/tzhash v1.6.1
|
||||||
github.com/panjf2000/ants/v2 v2.4.0
|
github.com/panjf2000/ants/v2 v2.4.0
|
||||||
github.com/paulmach/orb v0.2.2
|
github.com/paulmach/orb v0.2.2
|
||||||
|
|
|
||||||
BIN
go.sum
BIN
go.sum
Binary file not shown.
|
|
@ -87,7 +87,6 @@ func (c *Client) GetEACL(cnr cid.ID) (*container.EACL, error) {
|
||||||
sigV2.SetSign(sig)
|
sigV2.SetSign(sig)
|
||||||
sigV2.SetScheme(refs.ECDSA_RFC6979_SHA256)
|
sigV2.SetScheme(refs.ECDSA_RFC6979_SHA256)
|
||||||
|
|
||||||
res.Signature.ReadFromV2(sigV2)
|
err = res.Signature.ReadFromV2(sigV2)
|
||||||
|
return &res, err
|
||||||
return &res, nil
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -12,7 +12,6 @@ import (
|
||||||
"github.com/nspcc-dev/neofs-node/pkg/morph/client"
|
"github.com/nspcc-dev/neofs-node/pkg/morph/client"
|
||||||
apistatus "github.com/nspcc-dev/neofs-sdk-go/client/status"
|
apistatus "github.com/nspcc-dev/neofs-sdk-go/client/status"
|
||||||
cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
|
cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
|
||||||
neofscrypto "github.com/nspcc-dev/neofs-sdk-go/crypto"
|
|
||||||
"github.com/nspcc-dev/neofs-sdk-go/session"
|
"github.com/nspcc-dev/neofs-sdk-go/session"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -109,8 +108,6 @@ func (c *Client) Get(cid []byte) (*containercore.Container, error) {
|
||||||
sigV2.SetSign(sigBytes)
|
sigV2.SetSign(sigBytes)
|
||||||
sigV2.SetScheme(refs.ECDSA_RFC6979_SHA256)
|
sigV2.SetScheme(refs.ECDSA_RFC6979_SHA256)
|
||||||
|
|
||||||
var sig neofscrypto.Signature
|
err = cnr.Signature.ReadFromV2(sigV2)
|
||||||
sig.ReadFromV2(sigV2)
|
return &cnr, err
|
||||||
|
|
||||||
return &cnr, nil
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -69,7 +69,10 @@ func (s *morphExecutor) Put(_ context.Context, tokV2 *sessionV2.Token, body *con
|
||||||
return nil, fmt.Errorf("invalid container: %w", err)
|
return nil, fmt.Errorf("invalid container: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
cnr.Signature.ReadFromV2(*sigV2)
|
err = cnr.Signature.ReadFromV2(*sigV2)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("can't read signature: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
if tokV2 != nil {
|
if tokV2 != nil {
|
||||||
cnr.Session = new(session.Container)
|
cnr.Session = new(session.Container)
|
||||||
|
|
@ -214,7 +217,10 @@ func (s *morphExecutor) SetExtendedACL(ctx context.Context, tokV2 *sessionV2.Tok
|
||||||
Value: eaclSDK.NewTableFromV2(body.GetEACL()),
|
Value: eaclSDK.NewTableFromV2(body.GetEACL()),
|
||||||
}
|
}
|
||||||
|
|
||||||
eaclInfo.Signature.ReadFromV2(*sigV2)
|
err := eaclInfo.Signature.ReadFromV2(*sigV2)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("can't read signature: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
if tokV2 != nil {
|
if tokV2 != nil {
|
||||||
eaclInfo.Session = new(session.Container)
|
eaclInfo.Session = new(session.Container)
|
||||||
|
|
@ -225,7 +231,7 @@ func (s *morphExecutor) SetExtendedACL(ctx context.Context, tokV2 *sessionV2.Tok
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
err := s.wrt.PutEACL(eaclInfo)
|
err = s.wrt.PutEACL(eaclInfo)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -4,6 +4,7 @@ import (
|
||||||
"context"
|
"context"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||||
"github.com/nspcc-dev/neofs-api-go/v2/container"
|
"github.com/nspcc-dev/neofs-api-go/v2/container"
|
||||||
"github.com/nspcc-dev/neofs-api-go/v2/refs"
|
"github.com/nspcc-dev/neofs-api-go/v2/refs"
|
||||||
"github.com/nspcc-dev/neofs-api-go/v2/session"
|
"github.com/nspcc-dev/neofs-api-go/v2/session"
|
||||||
|
|
@ -13,6 +14,8 @@ import (
|
||||||
cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
|
cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
|
||||||
cidtest "github.com/nspcc-dev/neofs-sdk-go/container/id/test"
|
cidtest "github.com/nspcc-dev/neofs-sdk-go/container/id/test"
|
||||||
containertest "github.com/nspcc-dev/neofs-sdk-go/container/test"
|
containertest "github.com/nspcc-dev/neofs-sdk-go/container/test"
|
||||||
|
neofscrypto "github.com/nspcc-dev/neofs-sdk-go/crypto"
|
||||||
|
neofsecdsa "github.com/nspcc-dev/neofs-sdk-go/crypto/ecdsa"
|
||||||
sessiontest "github.com/nspcc-dev/neofs-sdk-go/session/test"
|
sessiontest "github.com/nspcc-dev/neofs-sdk-go/session/test"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
)
|
)
|
||||||
|
|
@ -42,6 +45,22 @@ func TestInvalidToken(t *testing.T) {
|
||||||
var cnrV2 refs.ContainerID
|
var cnrV2 refs.ContainerID
|
||||||
cnr.WriteToV2(&cnrV2)
|
cnr.WriteToV2(&cnrV2)
|
||||||
|
|
||||||
|
priv, err := keys.NewPrivateKey()
|
||||||
|
require.NoError(t, err)
|
||||||
|
|
||||||
|
sign := func(reqBody interface {
|
||||||
|
StableMarshal([]byte) []byte
|
||||||
|
SetSignature(signature *refs.Signature)
|
||||||
|
}) {
|
||||||
|
signer := neofsecdsa.Signer(priv.PrivateKey)
|
||||||
|
var sig neofscrypto.Signature
|
||||||
|
require.NoError(t, sig.Calculate(signer, reqBody.StableMarshal(nil)))
|
||||||
|
|
||||||
|
var sigV2 refs.Signature
|
||||||
|
sig.WriteToV2(&sigV2)
|
||||||
|
reqBody.SetSignature(&sigV2)
|
||||||
|
}
|
||||||
|
|
||||||
var tokV2 session.Token
|
var tokV2 session.Token
|
||||||
sessiontest.ContainerSigned().WriteToV2(&tokV2)
|
sessiontest.ContainerSigned().WriteToV2(&tokV2)
|
||||||
|
|
||||||
|
|
@ -53,7 +72,6 @@ func TestInvalidToken(t *testing.T) {
|
||||||
name: "put",
|
name: "put",
|
||||||
op: func(e containerSvc.ServiceExecutor, tokV2 *session.Token) (err error) {
|
op: func(e containerSvc.ServiceExecutor, tokV2 *session.Token) (err error) {
|
||||||
var reqBody container.PutRequestBody
|
var reqBody container.PutRequestBody
|
||||||
reqBody.SetSignature(new(refs.Signature))
|
|
||||||
|
|
||||||
cnr := containertest.Container()
|
cnr := containertest.Container()
|
||||||
|
|
||||||
|
|
@ -61,6 +79,7 @@ func TestInvalidToken(t *testing.T) {
|
||||||
cnr.WriteToV2(&cnrV2)
|
cnr.WriteToV2(&cnrV2)
|
||||||
|
|
||||||
reqBody.SetContainer(&cnrV2)
|
reqBody.SetContainer(&cnrV2)
|
||||||
|
sign(&reqBody)
|
||||||
|
|
||||||
_, err = e.Put(context.TODO(), tokV2, &reqBody)
|
_, err = e.Put(context.TODO(), tokV2, &reqBody)
|
||||||
return
|
return
|
||||||
|
|
@ -81,6 +100,7 @@ func TestInvalidToken(t *testing.T) {
|
||||||
op: func(e containerSvc.ServiceExecutor, tokV2 *session.Token) (err error) {
|
op: func(e containerSvc.ServiceExecutor, tokV2 *session.Token) (err error) {
|
||||||
var reqBody container.SetExtendedACLRequestBody
|
var reqBody container.SetExtendedACLRequestBody
|
||||||
reqBody.SetSignature(new(refs.Signature))
|
reqBody.SetSignature(new(refs.Signature))
|
||||||
|
sign(&reqBody)
|
||||||
|
|
||||||
_, err = e.SetExtendedACL(context.TODO(), tokV2, &reqBody)
|
_, err = e.SetExtendedACL(context.TODO(), tokV2, &reqBody)
|
||||||
return
|
return
|
||||||
|
|
|
||||||
|
|
@ -57,7 +57,9 @@ func (s *Server) isValidRequest(req SignedMessage) error {
|
||||||
sigV2.SetScheme(refs.ECDSA_SHA512)
|
sigV2.SetScheme(refs.ECDSA_SHA512)
|
||||||
|
|
||||||
var sig neofscrypto.Signature
|
var sig neofscrypto.Signature
|
||||||
sig.ReadFromV2(sigV2)
|
if err := sig.ReadFromV2(sigV2); err != nil {
|
||||||
|
return fmt.Errorf("can't read signature: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
if !sig.Verify(binBody) {
|
if !sig.Verify(binBody) {
|
||||||
// TODO(@cthulhu-rider): #1387 use "const" error
|
// TODO(@cthulhu-rider): #1387 use "const" error
|
||||||
|
|
|
||||||
|
|
@ -57,7 +57,9 @@ func (s *Server) isValidRequest(req SignedMessage) error {
|
||||||
sigV2.SetScheme(refs.ECDSA_SHA512)
|
sigV2.SetScheme(refs.ECDSA_SHA512)
|
||||||
|
|
||||||
var sig neofscrypto.Signature
|
var sig neofscrypto.Signature
|
||||||
sig.ReadFromV2(sigV2)
|
if err := sig.ReadFromV2(sigV2); err != nil {
|
||||||
|
return fmt.Errorf("can't read signature: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
if !sig.Verify(binBody) {
|
if !sig.Verify(binBody) {
|
||||||
// TODO(@cthulhu-rider): #1387 use "const" error
|
// TODO(@cthulhu-rider): #1387 use "const" error
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,7 @@ package netmap
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"errors"
|
"errors"
|
||||||
|
"fmt"
|
||||||
|
|
||||||
"github.com/nspcc-dev/neofs-api-go/v2/netmap"
|
"github.com/nspcc-dev/neofs-api-go/v2/netmap"
|
||||||
"github.com/nspcc-dev/neofs-api-go/v2/refs"
|
"github.com/nspcc-dev/neofs-api-go/v2/refs"
|
||||||
|
|
@ -61,7 +62,9 @@ func (s *executorSvc) LocalNodeInfo(
|
||||||
}
|
}
|
||||||
|
|
||||||
var ver versionsdk.Version
|
var ver versionsdk.Version
|
||||||
ver.ReadFromV2(*verV2)
|
if err := ver.ReadFromV2(*verV2); err != nil {
|
||||||
|
return nil, fmt.Errorf("can't read version: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
ni, err := s.state.LocalNodeInfo()
|
ni, err := s.state.LocalNodeInfo()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
@ -100,7 +103,9 @@ func (s *executorSvc) NetworkInfo(
|
||||||
}
|
}
|
||||||
|
|
||||||
var ver versionsdk.Version
|
var ver versionsdk.Version
|
||||||
ver.ReadFromV2(*verV2)
|
if err := ver.ReadFromV2(*verV2); err != nil {
|
||||||
|
return nil, fmt.Errorf("can't read version: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
ni, err := s.netInfo.Dump(ver)
|
ni, err := s.netInfo.Dump(ver)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
||||||
|
|
@ -507,7 +507,9 @@ func (s *Service) toHeadPrm(ctx context.Context, req *objectV2.HeadRequest, resp
|
||||||
}
|
}
|
||||||
|
|
||||||
var sig neofscrypto.Signature
|
var sig neofscrypto.Signature
|
||||||
sig.ReadFromV2(*idSig)
|
if err := sig.ReadFromV2(*idSig); err != nil {
|
||||||
|
return nil, fmt.Errorf("can't read signature: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
if !sig.Verify(binID) {
|
if !sig.Verify(binID) {
|
||||||
return nil, errors.New("invalid object ID signature")
|
return nil, errors.New("invalid object ID signature")
|
||||||
|
|
|
||||||
|
|
@ -101,7 +101,9 @@ func verifyMessage(m message) error {
|
||||||
sigV2.SetScheme(refs.ECDSA_SHA512)
|
sigV2.SetScheme(refs.ECDSA_SHA512)
|
||||||
|
|
||||||
var sigSDK neofscrypto.Signature
|
var sigSDK neofscrypto.Signature
|
||||||
sigSDK.ReadFromV2(sigV2)
|
if err := sigSDK.ReadFromV2(sigV2); err != nil {
|
||||||
|
return fmt.Errorf("can't read signature: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
if !sigSDK.Verify(binBody) {
|
if !sigSDK.Verify(binBody) {
|
||||||
return errors.New("invalid signature")
|
return errors.New("invalid signature")
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue