From 552245a01ae03a1cf5c852be42cbbce67fc3abc3 Mon Sep 17 00:00:00 2001 From: Hitenjain14 Date: Thu, 25 Jan 2024 04:39:08 +0530 Subject: [PATCH 01/14] verify client in download handler --- .../blobbercore/handler/object_operation_handler.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go index 79ba4f8e5..3e07cff9b 100644 --- a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go +++ b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go @@ -343,6 +343,11 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i return nil, common.NewErrorf("download_file", "the file is not available until: %v", shareInfo.AvailableAt.UTC().Format("2006-01-02T15:04:05")) } + } else { + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), alloc.OwnerPublicKey) + if !valid || err != nil { + return nil, common.NewError("invalid_signature", "Invalid signature") + } } isReadFree := alloc.IsReadFree(blobberID) From f3b19077c4f103868b42af27fed92dd99c78546c Mon Sep 17 00:00:00 2001 From: Hitenjain14 Date: Thu, 25 Jan 2024 04:49:33 +0530 Subject: [PATCH 02/14] check signature for non owner --- .../handler/object_operation_handler.go | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go index 3e07cff9b..9d26bf81b 100644 --- a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go +++ b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go @@ -267,15 +267,16 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i // get client and allocation ids var ( - clientID = ctx.Value(constants.ContextKeyClient).(string) - allocationTx = ctx.Value(constants.ContextKeyAllocation).(string) - allocationID = ctx.Value(constants.ContextKeyAllocationID).(string) - alloc *allocation.Allocation - blobberID = node.Self.ID - quotaManager = getQuotaManager() + clientID = ctx.Value(constants.ContextKeyClient).(string) + clientPublicKey = ctx.Value(constants.ContextKeyClientKey).(string) + allocationTx = ctx.Value(constants.ContextKeyAllocation).(string) + allocationID = ctx.Value(constants.ContextKeyAllocationID).(string) + alloc *allocation.Allocation + blobberID = node.Self.ID + quotaManager = getQuotaManager() ) - if clientID == "" { + if clientID == "" || clientPublicKey == "" { return nil, common.NewError("download_file", "invalid client") } @@ -320,6 +321,10 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i if dr.AuthToken == "" { return nil, common.NewError("invalid_authticket", "authticket is required") } + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), clientPublicKey) + if !valid || err != nil { + return nil, common.NewError("invalid_signature", "Invalid signature") + } authTokenString, err := base64.StdEncoding.DecodeString(dr.AuthToken) if err != nil { return nil, common.NewError("invalid_authticket", err.Error()) From 298092d94c99332604ccd20762cd072dbf39698b Mon Sep 17 00:00:00 2001 From: Hitenjain14 Date: Thu, 25 Jan 2024 05:04:58 +0530 Subject: [PATCH 03/14] fix unit test --- .../blobbercore/handler/object_operation_handler_test.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/code/go/0chain.net/blobbercore/handler/object_operation_handler_test.go b/code/go/0chain.net/blobbercore/handler/object_operation_handler_test.go index 3edfafbf8..ccc627dc9 100644 --- a/code/go/0chain.net/blobbercore/handler/object_operation_handler_test.go +++ b/code/go/0chain.net/blobbercore/handler/object_operation_handler_test.go @@ -11,6 +11,7 @@ import ( "net/http/httptest" "time" + "github.com/0chain/blobber/code/go/0chain.net/core/encryption" "github.com/0chain/blobber/code/go/0chain.net/core/transaction" "github.com/0chain/blobber/code/go/0chain.net/blobbercore/reference" @@ -114,6 +115,8 @@ func TestDownloadFile(t *testing.T) { req.Header.Set("X-Block-Num", fmt.Sprintf("%d", p.inData.blockNum)) req.Header.Set("X-Num-Blocks", fmt.Sprintf("%d", p.inData.numBlocks)) req.Header.Set(common.AllocationIdHeader, mockAllocationId) + sign, _ := client.Sign(encryption.Hash(mockAllocationTx)) + req.Header.Set("X-App-Client-Signature", sign) if p.useAuthTicket { authTicket := &marker.AuthTicket{ From 737e3f02e44e1bfba552fd73b16e07ce37061b07 Mon Sep 17 00:00:00 2001 From: Hitenjain14 Date: Thu, 25 Jan 2024 05:34:32 +0530 Subject: [PATCH 04/14] fix handler ut --- .../blobbercore/handler/handler_download_test.go | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/code/go/0chain.net/blobbercore/handler/handler_download_test.go b/code/go/0chain.net/blobbercore/handler/handler_download_test.go index 47dc95c3a..70a0e5dfe 100644 --- a/code/go/0chain.net/blobbercore/handler/handler_download_test.go +++ b/code/go/0chain.net/blobbercore/handler/handler_download_test.go @@ -78,6 +78,7 @@ func TestHandlers_Download(t *testing.T) { // setupEncryptionScheme() router, handlers := setupDownloadHandlers() + signScheme := "bls0chain" sch := zcncrypto.NewSignatureScheme("bls0chain") //sch.Mnemonic = "expose culture dignity plastic digital couple promote best pool error brush upgrade correct art become lobster nature moment obtain trial multiply arch miss toe" @@ -222,7 +223,7 @@ func TestHandlers_Download(t *testing.T) { } hash := encryption.Hash(alloc.Tx) - sign, err := sch.Sign(hash) + sign, err := ownerClient.Sign(hash, signScheme) if err != nil { t.Fatal(err) } @@ -291,7 +292,7 @@ func TestHandlers_Download(t *testing.T) { t.Fatal(err) } hash := encryption.Hash(alloc.Tx) - sign, err := sch.Sign(hash) + sign, err := ownerClient.Sign(hash, signScheme) if err != nil { t.Fatal(err) } @@ -472,7 +473,7 @@ func TestHandlers_Download(t *testing.T) { t.Fatal(err) } hash := encryption.Hash(alloc.Tx) - sign, err := sch.Sign(hash) + sign, err := guestClient.Sign(hash, signScheme) if err != nil { t.Fatal(err) } @@ -554,7 +555,7 @@ func TestHandlers_Download(t *testing.T) { t.Fatal(err) } hash := encryption.Hash(alloc.Tx) - sign, err := sch.Sign(hash) + sign, err := guestClient.Sign(hash, signScheme) if err != nil { t.Fatal(err) } @@ -667,7 +668,7 @@ func TestHandlers_Download(t *testing.T) { } hash := encryption.Hash(alloc.Tx) - sign, err := sch.Sign(hash) + sign, err := guestClient.Sign(hash, signScheme) if err != nil { t.Fatal(err) } @@ -787,7 +788,7 @@ func TestHandlers_Download(t *testing.T) { } hash := encryption.Hash(alloc.Tx) - sign, err := sch.Sign(hash) + sign, err := guestClient.Sign(hash, signScheme) if err != nil { t.Fatal(err) } @@ -906,7 +907,7 @@ func TestHandlers_Download(t *testing.T) { } hash := encryption.Hash(alloc.Tx) - sign, err := sch.Sign(hash) + sign, err := guestClient.Sign(hash, signScheme) if err != nil { t.Fatal(err) } From 4b0343c0e192f7631c2be57c4819b90259fd7d8d Mon Sep 17 00:00:00 2001 From: Hitenjain14 Date: Fri, 26 Jan 2024 08:01:30 +0530 Subject: [PATCH 05/14] add url in sig hash --- code/go/0chain.net/blobbercore/handler/storage_handler.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/code/go/0chain.net/blobbercore/handler/storage_handler.go b/code/go/0chain.net/blobbercore/handler/storage_handler.go index da82478f1..1b9b5a1dd 100644 --- a/code/go/0chain.net/blobbercore/handler/storage_handler.go +++ b/code/go/0chain.net/blobbercore/handler/storage_handler.go @@ -22,6 +22,7 @@ import ( "github.com/0chain/blobber/code/go/0chain.net/core/common" "github.com/0chain/blobber/code/go/0chain.net/core/encryption" . "github.com/0chain/blobber/code/go/0chain.net/core/logging" + "github.com/0chain/blobber/code/go/0chain.net/core/node" ) const ( @@ -879,8 +880,8 @@ func verifySignatureFromRequest(alloc, sign, pbK string) (bool, error) { if len(sign) < 64 { return false, nil } - - hash := encryption.Hash(alloc) + hashData := alloc + node.Self.GetURLBase() + hash := encryption.Hash(hashData) return encryption.Verify(pbK, sign, hash) } From 845e5b3984aab9bd5e577adc66b8981164a5f13e Mon Sep 17 00:00:00 2001 From: Hitenjain14 Date: Sun, 28 Jan 2024 10:55:20 +0530 Subject: [PATCH 06/14] check verify in v2 --- .../handler/download_request_header.go | 2 ++ .../handler/object_operation_handler.go | 16 ++++++++++------ 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/code/go/0chain.net/blobbercore/handler/download_request_header.go b/code/go/0chain.net/blobbercore/handler/download_request_header.go index bda1fda40..9b22054b9 100644 --- a/code/go/0chain.net/blobbercore/handler/download_request_header.go +++ b/code/go/0chain.net/blobbercore/handler/download_request_header.go @@ -25,6 +25,7 @@ type DownloadRequestHeader struct { VerifyDownload bool DownloadMode string ConnectionID string + Version string } func FromDownloadRequest(allocationID string, req *http.Request, isRedeem bool) (*DownloadRequestHeader, error) { @@ -103,6 +104,7 @@ func (dr *DownloadRequestHeader) Parse(isRedeem bool) error { dr.DownloadMode = dr.Get("X-Mode") dr.VerifyDownload = dr.Get("X-Verify-Download") == "true" + dr.Version = dr.Get("X-Version") return nil } diff --git a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go index 9d26bf81b..ce1672963 100644 --- a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go +++ b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go @@ -321,9 +321,11 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i if dr.AuthToken == "" { return nil, common.NewError("invalid_authticket", "authticket is required") } - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), clientPublicKey) - if !valid || err != nil { - return nil, common.NewError("invalid_signature", "Invalid signature") + if dr.Version == "v2" { + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), clientPublicKey) + if !valid || err != nil { + return nil, common.NewError("invalid_signature", "Invalid signature") + } } authTokenString, err := base64.StdEncoding.DecodeString(dr.AuthToken) if err != nil { @@ -349,9 +351,11 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i } } else { - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), alloc.OwnerPublicKey) - if !valid || err != nil { - return nil, common.NewError("invalid_signature", "Invalid signature") + if dr.Version == "v2" { + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), alloc.OwnerPublicKey) + if !valid || err != nil { + return nil, common.NewError("invalid_signature", "Invalid signature") + } } } From 1e58867d585a8cd30ecd28bef69a744a865e04bd Mon Sep 17 00:00:00 2001 From: Hitenjain14 Date: Thu, 8 Feb 2024 01:07:44 +0530 Subject: [PATCH 07/14] add support for v2 sig header --- .../0chain.net/blobbercore/handler/context.go | 6 ++- .../0chain.net/blobbercore/handler/handler.go | 11 +++-- .../handler/object_operation_handler.go | 18 ++++---- .../blobbercore/handler/storage_handler.go | 44 ++++++++++++------- code/go/0chain.net/core/common/handler.go | 3 +- go.mod | 10 ++--- go.sum | 24 +++++----- 7 files changed, 68 insertions(+), 48 deletions(-) diff --git a/code/go/0chain.net/blobbercore/handler/context.go b/code/go/0chain.net/blobbercore/handler/context.go index 10c1d0ba3..f36167af1 100644 --- a/code/go/0chain.net/blobbercore/handler/context.go +++ b/code/go/0chain.net/blobbercore/handler/context.go @@ -30,7 +30,8 @@ type Context struct { // AllocationId optional. allocation id in request AllocationId string // Signature optional. signature in request - Signature string + Signature string + SignatureV2 string Allocation *allocation.Allocation @@ -163,6 +164,7 @@ func WithTxHandler(handler func(ctx *Context) (interface{}, error)) func(w http. ctx.ClientKey = r.Header.Get(common.ClientKeyHeader) ctx.AllocationId = r.Header.Get(common.AllocationIdHeader) ctx.Signature = r.Header.Get(common.ClientSignatureHeader) + ctx.SignatureV2 = r.Header.Get(common.ClientSignatureHeaderV2) ctx, err := WithVerify(ctx, r) statusCode = ctx.StatusCode @@ -222,7 +224,7 @@ func WithVerify(ctx *Context, r *http.Request) (*Context, error) { publicKey := alloc.OwnerPublicKey - valid, err := verifySignatureFromRequest(allocationTx, ctx.Signature, publicKey) + valid, err := verifySignatureFromRequest(allocationTx, ctx.Signature, ctx.SignatureV2, publicKey) if !valid { ctx.StatusCode = http.StatusBadRequest diff --git a/code/go/0chain.net/blobbercore/handler/handler.go b/code/go/0chain.net/blobbercore/handler/handler.go index a16887b2a..e8e26314b 100644 --- a/code/go/0chain.net/blobbercore/handler/handler.go +++ b/code/go/0chain.net/blobbercore/handler/handler.go @@ -311,6 +311,8 @@ func setupHandlerContext(ctx context.Context, r *http.Request) context.Context { // signature is not requered for all requests, but if header is empty it won`t affect anything ctx = context.WithValue(ctx, constants.ContextKeyClientSignatureHeaderKey, r.Header.Get(common.ClientSignatureHeader)) + // signature V2 + ctx = context.WithValue(ctx, constants.ContextKeyClientSignatureHeaderV2Key, r.Header.Get(common.ClientSignatureHeaderV2)) return ctx } @@ -806,8 +808,9 @@ func RevokeShare(ctx context.Context, r *http.Request) (interface{}, error) { } sign := r.Header.Get(common.ClientSignatureHeader) + signV2 := r.Header.Get(common.ClientSignatureHeaderV2) - valid, err := verifySignatureFromRequest(allocationTx, sign, allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, sign, signV2, allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -867,8 +870,9 @@ func InsertShare(ctx context.Context, r *http.Request) (interface{}, error) { } sign := r.Header.Get(common.ClientSignatureHeader) + signV2 := r.Header.Get(common.ClientSignatureHeaderV2) - valid, err := verifySignatureFromRequest(allocationTx, sign, allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, sign, signV2, allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -958,8 +962,9 @@ func ListShare(ctx context.Context, r *http.Request) (interface{}, error) { } sign := r.Header.Get(common.ClientSignatureHeader) + signV2 := r.Header.Get(common.ClientSignatureHeaderV2) - valid, err := verifySignatureFromRequest(allocationTx, sign, allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, sign, signV2, allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } diff --git a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go index ce1672963..7477ae9c0 100644 --- a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go +++ b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go @@ -322,7 +322,7 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i return nil, common.NewError("invalid_authticket", "authticket is required") } if dr.Version == "v2" { - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), clientPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), clientPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -352,7 +352,7 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i } else { if dr.Version == "v2" { - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), alloc.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), alloc.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -479,7 +479,7 @@ func (fsh *StorageHandler) CreateConnection(ctx context.Context, r *http.Request return nil, common.NewError("invalid_operation", "Operation needs to be performed by the owner or the payer of the allocation") } - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -781,8 +781,7 @@ func (fsh *StorageHandler) RenameObject(ctx context.Context, r *http.Request) (i clientID := ctx.Value(constants.ContextKeyClient).(string) _ = ctx.Value(constants.ContextKeyClientKey).(string) - - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -863,7 +862,7 @@ func (fsh *StorageHandler) CopyObject(ctx context.Context, r *http.Request) (int return nil, common.NewError("prohibited_allocation_file_options", "Cannot copy data from this allocation.") } - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -972,8 +971,7 @@ func (fsh *StorageHandler) MoveObject(ctx context.Context, r *http.Request) (int return nil, common.NewError("prohibited_allocation_file_options", "Cannot move data in this allocation.") } - valid, err := verifySignatureFromRequest( - allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -1124,7 +1122,7 @@ func (fsh *StorageHandler) CreateDir(ctx context.Context, r *http.Request) (*all return nil, common.NewError("invalid_parameters", "Invalid allocation id passed."+err.Error()) } - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -1255,7 +1253,7 @@ func (fsh *StorageHandler) WriteFile(ctx context.Context, r *http.Request) (*all st = time.Now() publicKey := allocationObj.OwnerPublicKey - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), publicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), publicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") diff --git a/code/go/0chain.net/blobbercore/handler/storage_handler.go b/code/go/0chain.net/blobbercore/handler/storage_handler.go index 1b9b5a1dd..0d884d1a6 100644 --- a/code/go/0chain.net/blobbercore/handler/storage_handler.go +++ b/code/go/0chain.net/blobbercore/handler/storage_handler.go @@ -136,7 +136,7 @@ func (fsh *StorageHandler) GetFileMeta(ctx context.Context, r *http.Request) (in if isOwner { publicKey := alloc.OwnerPublicKey - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), publicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), publicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -180,7 +180,7 @@ func (fsh *StorageHandler) GetFilesMetaByName(ctx context.Context, r *http.Reque if isOwner { publicKey := alloc.OwnerPublicKey - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), publicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), publicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -223,7 +223,8 @@ func (fsh *StorageHandler) GetFileStats(ctx context.Context, r *http.Request) (i allocationID := allocationObj.ID clientSign, _ := ctx.Value(constants.ContextKeyClientSignatureHeaderKey).(string) - valid, err := verifySignatureFromRequest(allocationTx, clientSign, allocationObj.OwnerPublicKey) + clientSignV2, _ := ctx.Value(constants.ContextKeyClientSignatureHeaderV2Key).(string) + valid, err := verifySignatureFromRequest(allocationTx, clientSign, clientSignV2, allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -409,8 +410,8 @@ func (fsh *StorageHandler) GetLatestWriteMarker(ctx context.Context, r *http.Req clientSign, _ := ctx.Value(constants.ContextKeyClientSignatureHeaderKey).(string) publicKey := allocationObj.OwnerPublicKey - - valid, err := verifySignatureFromRequest(allocationTx, clientSign, publicKey) + clientSignV2 := ctx.Value(constants.ContextKeyClientSignatureHeaderV2Key).(string) + valid, err := verifySignatureFromRequest(allocationTx, clientSign, clientSignV2, publicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "could not verify the allocation owner") } @@ -491,7 +492,8 @@ func (fsh *StorageHandler) getReferencePath(ctx context.Context, r *http.Request publicKey := allocationObj.OwnerPublicKey - valid, err := verifySignatureFromRequest(allocationTx, clientSign, publicKey) + clientSignV2 := ctx.Value(constants.ContextKeyClientSignatureHeaderV2Key).(string) + valid, err := verifySignatureFromRequest(allocationTx, clientSign, clientSignV2, publicKey) if !valid || err != nil { errCh <- common.NewError("invalid_signature", "could not verify the allocation owner or collaborator") return @@ -553,7 +555,8 @@ func (fsh *StorageHandler) GetObjectTree(ctx context.Context, r *http.Request) ( allocationID := allocationObj.ID clientSign, _ := ctx.Value(constants.ContextKeyClientSignatureHeaderKey).(string) - valid, err := verifySignatureFromRequest(allocationTx, clientSign, allocationObj.OwnerPublicKey) + clientSignV2 := ctx.Value(constants.ContextKeyClientSignatureHeaderV2Key).(string) + valid, err := verifySignatureFromRequest(allocationTx, clientSign, clientSignV2, allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -622,8 +625,8 @@ func (fsh *StorageHandler) GetRecentlyAddedRefs(ctx context.Context, r *http.Req } clientSign := ctx.Value(constants.ContextKeyClientSignatureHeaderKey).(string) - - valid, err := verifySignatureFromRequest(allocationTx, clientSign, allocationObj.OwnerPublicKey) + clientSignV2 := ctx.Value(constants.ContextKeyClientSignatureHeaderV2Key).(string) + valid, err := verifySignatureFromRequest(allocationTx, clientSign, clientSignV2, allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature or invalid access") } @@ -709,7 +712,8 @@ func (fsh *StorageHandler) GetRefs(ctx context.Context, r *http.Request) (*blobb clientSign, _ := ctx.Value(constants.ContextKeyClientSignatureHeaderKey).(string) - valid, err := verifySignatureFromRequest(allocationTx, clientSign, publicKey) + clientSignV2 := ctx.Value(constants.ContextKeyClientSignatureHeaderV2Key).(string) + valid, err := verifySignatureFromRequest(allocationTx, clientSign, clientSignV2, publicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -874,14 +878,24 @@ func (fsh *StorageHandler) GetRefs(ctx context.Context, r *http.Request) (*blobb } // verifySignatureFromRequest verifies signature passed as common.ClientSignatureHeader header. -func verifySignatureFromRequest(alloc, sign, pbK string) (bool, error) { - sign = encryption.MiraclToHerumiSig(sign) - +func verifySignatureFromRequest(alloc, signV1, signV2, pbK string) (bool, error) { + var ( + sign string + hashData string + hash string + ) + if signV2 != "" { + sign = encryption.MiraclToHerumiSig(signV2) + hashData = alloc + node.Self.GetURLBase() + hash = encryption.Hash(hashData) + } else { + sign = encryption.MiraclToHerumiSig(signV1) + hashData = alloc + hash = encryption.Hash(hashData) + } if len(sign) < 64 { return false, nil } - hashData := alloc + node.Self.GetURLBase() - hash := encryption.Hash(hashData) return encryption.Verify(pbK, sign, hash) } diff --git a/code/go/0chain.net/core/common/handler.go b/code/go/0chain.net/core/common/handler.go index d4de9afb8..b0fada4bb 100644 --- a/code/go/0chain.net/core/common/handler.go +++ b/code/go/0chain.net/core/common/handler.go @@ -19,7 +19,8 @@ const ( TimestampHeader = "X-App-Timestamp" // ClientSignatureHeader represents http request header contains signature. - ClientSignatureHeader = "X-App-Client-Signature" + ClientSignatureHeader = "X-App-Client-Signature" + ClientSignatureHeaderV2 = "X-App-Client-Signature-V2" AllocationIdHeader = "ALLOCATION-ID" ) diff --git a/go.mod b/go.mod index f557b26a9..c209dc60f 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,7 @@ go 1.18 require ( github.com/0chain/errors v1.0.3 - github.com/0chain/gosdk v1.11.0 + github.com/0chain/gosdk v1.12.1-0.20240207192047-6607342227a5 github.com/DATA-DOG/go-sqlmock v1.5.0 github.com/didip/tollbooth/v6 v6.1.2 github.com/go-openapi/runtime v0.26.0 @@ -21,9 +21,9 @@ require ( github.com/spf13/viper v1.16.0 github.com/stretchr/testify v1.8.4 go.uber.org/zap v1.24.0 - golang.org/x/crypto v0.15.0 - golang.org/x/net v0.10.0 // indirect - golang.org/x/sys v0.14.0 + golang.org/x/crypto v0.16.0 + golang.org/x/net v0.19.0 // indirect + golang.org/x/sys v0.15.0 golang.org/x/time v0.3.0 // indirect google.golang.org/genproto v0.0.0-20230526203410-71b5a4ffd15e // indirect google.golang.org/grpc v1.56.2 @@ -38,7 +38,7 @@ require ( require ( github.com/lithammer/shortuuid/v3 v3.0.7 - golang.org/x/sync v0.3.0 + golang.org/x/sync v0.5.0 google.golang.org/genproto/googleapis/api v0.0.0-20230530153820-e85fd2cbaebc ) diff --git a/go.sum b/go.sum index 237c28101..4bb2366f3 100644 --- a/go.sum +++ b/go.sum @@ -40,8 +40,8 @@ github.com/0chain/common v0.0.6-0.20230127095721-8df4d1d72565 h1:z+DtCR8mBsjPnEs github.com/0chain/common v0.0.6-0.20230127095721-8df4d1d72565/go.mod h1:UyDC8Qyl5z9lGkCnf9RHJPMektnFX8XtCJZHXCCVj8E= github.com/0chain/errors v1.0.3 h1:QQZPFxTfnMcRdt32DXbzRQIfGWmBsKoEdszKQDb0rRM= github.com/0chain/errors v1.0.3/go.mod h1:xymD6nVgrbgttWwkpSCfLLEJbFO6iHGQwk/yeSuYkIc= -github.com/0chain/gosdk v1.11.0 h1:PSD4ohQaaSOsH/sHvfnCbq35Bs5fCtL1g9S4vyvxQOY= -github.com/0chain/gosdk v1.11.0/go.mod h1:DAg/de6vodjEa7CM1/LjElOwntRtNV5lb9rMRaR7fzU= +github.com/0chain/gosdk v1.12.1-0.20240207192047-6607342227a5 h1:lSsTVaLKFdEXMFZWfg9UF8ap3NLaLg22ZJ7OG3yzDbQ= +github.com/0chain/gosdk v1.12.1-0.20240207192047-6607342227a5/go.mod h1:ew7kU2Cf1Y/CzoxMqtnmflD1CuSPaOI5TukoXA26Sz4= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/DATA-DOG/go-sqlmock v1.5.0 h1:Shsta01QNfFxHCfpW6YH2STWB0MudeXXEWMr20OEh60= @@ -832,8 +832,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA= -golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g= +golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY= +golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -869,7 +869,7 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= +golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= golang.org/x/net v0.0.0-20180719180050-a680a1efc54d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -916,8 +916,8 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM= golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= +golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= +golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -939,8 +939,8 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= -golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= +golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1008,8 +1008,8 @@ golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= -golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= +golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1090,7 +1090,7 @@ golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= -golang.org/x/tools v0.10.0 h1:tvDr/iQoUqNdohiYm0LmmKcBk+q86lb9EprIUFhHHGg= +golang.org/x/tools v0.16.0 h1:GO788SKMRunPIBCXiQyo2AaexLstOrVhuAL5YwsckQM= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= From 51dc6def060a968d57c04b15323e79225e5affac Mon Sep 17 00:00:00 2001 From: Hitenjain14 Date: Thu, 25 Jan 2024 04:39:08 +0530 Subject: [PATCH 08/14] verify client in download handler --- .../blobbercore/handler/object_operation_handler.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go index f7b9217e5..a31cbb2a1 100644 --- a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go +++ b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go @@ -343,6 +343,11 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i return nil, common.NewErrorf("download_file", "the file is not available until: %v", shareInfo.AvailableAt.UTC().Format("2006-01-02T15:04:05")) } + } else { + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), alloc.OwnerPublicKey) + if !valid || err != nil { + return nil, common.NewError("invalid_signature", "Invalid signature") + } } isReadFree := alloc.IsReadFree(blobberID) From f67c2d1a4c820c4af4cd78d785238bbfe60ae7e4 Mon Sep 17 00:00:00 2001 From: Hitenjain14 Date: Thu, 25 Jan 2024 04:49:33 +0530 Subject: [PATCH 09/14] check signature for non owner --- .../handler/object_operation_handler.go | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go index a31cbb2a1..4951379f4 100644 --- a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go +++ b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go @@ -267,15 +267,16 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i // get client and allocation ids var ( - clientID = ctx.Value(constants.ContextKeyClient).(string) - allocationTx = ctx.Value(constants.ContextKeyAllocation).(string) - allocationID = ctx.Value(constants.ContextKeyAllocationID).(string) - alloc *allocation.Allocation - blobberID = node.Self.ID - quotaManager = getQuotaManager() + clientID = ctx.Value(constants.ContextKeyClient).(string) + clientPublicKey = ctx.Value(constants.ContextKeyClientKey).(string) + allocationTx = ctx.Value(constants.ContextKeyAllocation).(string) + allocationID = ctx.Value(constants.ContextKeyAllocationID).(string) + alloc *allocation.Allocation + blobberID = node.Self.ID + quotaManager = getQuotaManager() ) - if clientID == "" { + if clientID == "" || clientPublicKey == "" { return nil, common.NewError("download_file", "invalid client") } @@ -320,6 +321,10 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i if dr.AuthToken == "" { return nil, common.NewError("invalid_authticket", "authticket is required") } + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), clientPublicKey) + if !valid || err != nil { + return nil, common.NewError("invalid_signature", "Invalid signature") + } authTokenString, err := base64.StdEncoding.DecodeString(dr.AuthToken) if err != nil { return nil, common.NewError("invalid_authticket", err.Error()) From 7ff7573360db2494a74dde048ad683df8158d51f Mon Sep 17 00:00:00 2001 From: Hitenjain14 Date: Thu, 25 Jan 2024 05:04:58 +0530 Subject: [PATCH 10/14] fix unit test --- .../blobbercore/handler/object_operation_handler_test.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/code/go/0chain.net/blobbercore/handler/object_operation_handler_test.go b/code/go/0chain.net/blobbercore/handler/object_operation_handler_test.go index 3edfafbf8..ccc627dc9 100644 --- a/code/go/0chain.net/blobbercore/handler/object_operation_handler_test.go +++ b/code/go/0chain.net/blobbercore/handler/object_operation_handler_test.go @@ -11,6 +11,7 @@ import ( "net/http/httptest" "time" + "github.com/0chain/blobber/code/go/0chain.net/core/encryption" "github.com/0chain/blobber/code/go/0chain.net/core/transaction" "github.com/0chain/blobber/code/go/0chain.net/blobbercore/reference" @@ -114,6 +115,8 @@ func TestDownloadFile(t *testing.T) { req.Header.Set("X-Block-Num", fmt.Sprintf("%d", p.inData.blockNum)) req.Header.Set("X-Num-Blocks", fmt.Sprintf("%d", p.inData.numBlocks)) req.Header.Set(common.AllocationIdHeader, mockAllocationId) + sign, _ := client.Sign(encryption.Hash(mockAllocationTx)) + req.Header.Set("X-App-Client-Signature", sign) if p.useAuthTicket { authTicket := &marker.AuthTicket{ From f98ad7ab5cd522fe7a5f7479051f4164d21147d0 Mon Sep 17 00:00:00 2001 From: Hitenjain14 Date: Thu, 25 Jan 2024 05:34:32 +0530 Subject: [PATCH 11/14] fix handler ut --- .../blobbercore/handler/handler_download_test.go | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/code/go/0chain.net/blobbercore/handler/handler_download_test.go b/code/go/0chain.net/blobbercore/handler/handler_download_test.go index 47dc95c3a..70a0e5dfe 100644 --- a/code/go/0chain.net/blobbercore/handler/handler_download_test.go +++ b/code/go/0chain.net/blobbercore/handler/handler_download_test.go @@ -78,6 +78,7 @@ func TestHandlers_Download(t *testing.T) { // setupEncryptionScheme() router, handlers := setupDownloadHandlers() + signScheme := "bls0chain" sch := zcncrypto.NewSignatureScheme("bls0chain") //sch.Mnemonic = "expose culture dignity plastic digital couple promote best pool error brush upgrade correct art become lobster nature moment obtain trial multiply arch miss toe" @@ -222,7 +223,7 @@ func TestHandlers_Download(t *testing.T) { } hash := encryption.Hash(alloc.Tx) - sign, err := sch.Sign(hash) + sign, err := ownerClient.Sign(hash, signScheme) if err != nil { t.Fatal(err) } @@ -291,7 +292,7 @@ func TestHandlers_Download(t *testing.T) { t.Fatal(err) } hash := encryption.Hash(alloc.Tx) - sign, err := sch.Sign(hash) + sign, err := ownerClient.Sign(hash, signScheme) if err != nil { t.Fatal(err) } @@ -472,7 +473,7 @@ func TestHandlers_Download(t *testing.T) { t.Fatal(err) } hash := encryption.Hash(alloc.Tx) - sign, err := sch.Sign(hash) + sign, err := guestClient.Sign(hash, signScheme) if err != nil { t.Fatal(err) } @@ -554,7 +555,7 @@ func TestHandlers_Download(t *testing.T) { t.Fatal(err) } hash := encryption.Hash(alloc.Tx) - sign, err := sch.Sign(hash) + sign, err := guestClient.Sign(hash, signScheme) if err != nil { t.Fatal(err) } @@ -667,7 +668,7 @@ func TestHandlers_Download(t *testing.T) { } hash := encryption.Hash(alloc.Tx) - sign, err := sch.Sign(hash) + sign, err := guestClient.Sign(hash, signScheme) if err != nil { t.Fatal(err) } @@ -787,7 +788,7 @@ func TestHandlers_Download(t *testing.T) { } hash := encryption.Hash(alloc.Tx) - sign, err := sch.Sign(hash) + sign, err := guestClient.Sign(hash, signScheme) if err != nil { t.Fatal(err) } @@ -906,7 +907,7 @@ func TestHandlers_Download(t *testing.T) { } hash := encryption.Hash(alloc.Tx) - sign, err := sch.Sign(hash) + sign, err := guestClient.Sign(hash, signScheme) if err != nil { t.Fatal(err) } From 7e3d52024d574a352f05b4c0a09f1414198194b2 Mon Sep 17 00:00:00 2001 From: Hitenjain14 Date: Fri, 26 Jan 2024 08:01:30 +0530 Subject: [PATCH 12/14] add url in sig hash --- code/go/0chain.net/blobbercore/handler/storage_handler.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/code/go/0chain.net/blobbercore/handler/storage_handler.go b/code/go/0chain.net/blobbercore/handler/storage_handler.go index 736fb5c07..2edca6ae5 100644 --- a/code/go/0chain.net/blobbercore/handler/storage_handler.go +++ b/code/go/0chain.net/blobbercore/handler/storage_handler.go @@ -22,6 +22,7 @@ import ( "github.com/0chain/blobber/code/go/0chain.net/core/common" "github.com/0chain/blobber/code/go/0chain.net/core/encryption" . "github.com/0chain/blobber/code/go/0chain.net/core/logging" + "github.com/0chain/blobber/code/go/0chain.net/core/node" ) const ( @@ -902,8 +903,8 @@ func verifySignatureFromRequest(alloc, sign, pbK string) (bool, error) { if len(sign) < 64 { return false, nil } - - hash := encryption.Hash(alloc) + hashData := alloc + node.Self.GetURLBase() + hash := encryption.Hash(hashData) return encryption.Verify(pbK, sign, hash) } From 6af7f1ce0f208f0d3dba0b668dda0f6bb8b29de5 Mon Sep 17 00:00:00 2001 From: Hitenjain14 Date: Sun, 28 Jan 2024 10:55:20 +0530 Subject: [PATCH 13/14] check verify in v2 --- .../handler/download_request_header.go | 2 ++ .../handler/object_operation_handler.go | 16 ++++++++++------ 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/code/go/0chain.net/blobbercore/handler/download_request_header.go b/code/go/0chain.net/blobbercore/handler/download_request_header.go index bda1fda40..9b22054b9 100644 --- a/code/go/0chain.net/blobbercore/handler/download_request_header.go +++ b/code/go/0chain.net/blobbercore/handler/download_request_header.go @@ -25,6 +25,7 @@ type DownloadRequestHeader struct { VerifyDownload bool DownloadMode string ConnectionID string + Version string } func FromDownloadRequest(allocationID string, req *http.Request, isRedeem bool) (*DownloadRequestHeader, error) { @@ -103,6 +104,7 @@ func (dr *DownloadRequestHeader) Parse(isRedeem bool) error { dr.DownloadMode = dr.Get("X-Mode") dr.VerifyDownload = dr.Get("X-Verify-Download") == "true" + dr.Version = dr.Get("X-Version") return nil } diff --git a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go index 4951379f4..d6696d009 100644 --- a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go +++ b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go @@ -321,9 +321,11 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i if dr.AuthToken == "" { return nil, common.NewError("invalid_authticket", "authticket is required") } - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), clientPublicKey) - if !valid || err != nil { - return nil, common.NewError("invalid_signature", "Invalid signature") + if dr.Version == "v2" { + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), clientPublicKey) + if !valid || err != nil { + return nil, common.NewError("invalid_signature", "Invalid signature") + } } authTokenString, err := base64.StdEncoding.DecodeString(dr.AuthToken) if err != nil { @@ -349,9 +351,11 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i } } else { - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), alloc.OwnerPublicKey) - if !valid || err != nil { - return nil, common.NewError("invalid_signature", "Invalid signature") + if dr.Version == "v2" { + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), alloc.OwnerPublicKey) + if !valid || err != nil { + return nil, common.NewError("invalid_signature", "Invalid signature") + } } } From 0e20c0fddca1ac73d3a726884be8a1b513ca4f0c Mon Sep 17 00:00:00 2001 From: Hitenjain14 Date: Thu, 8 Feb 2024 01:07:44 +0530 Subject: [PATCH 14/14] add support for v2 sig header --- .../0chain.net/blobbercore/handler/context.go | 6 ++- .../0chain.net/blobbercore/handler/handler.go | 11 +++-- .../handler/object_operation_handler.go | 18 ++++---- .../blobbercore/handler/storage_handler.go | 44 ++++++++++++------- code/go/0chain.net/core/common/handler.go | 3 +- go.mod | 2 +- go.sum | 6 +-- 7 files changed, 54 insertions(+), 36 deletions(-) diff --git a/code/go/0chain.net/blobbercore/handler/context.go b/code/go/0chain.net/blobbercore/handler/context.go index 10c1d0ba3..f36167af1 100644 --- a/code/go/0chain.net/blobbercore/handler/context.go +++ b/code/go/0chain.net/blobbercore/handler/context.go @@ -30,7 +30,8 @@ type Context struct { // AllocationId optional. allocation id in request AllocationId string // Signature optional. signature in request - Signature string + Signature string + SignatureV2 string Allocation *allocation.Allocation @@ -163,6 +164,7 @@ func WithTxHandler(handler func(ctx *Context) (interface{}, error)) func(w http. ctx.ClientKey = r.Header.Get(common.ClientKeyHeader) ctx.AllocationId = r.Header.Get(common.AllocationIdHeader) ctx.Signature = r.Header.Get(common.ClientSignatureHeader) + ctx.SignatureV2 = r.Header.Get(common.ClientSignatureHeaderV2) ctx, err := WithVerify(ctx, r) statusCode = ctx.StatusCode @@ -222,7 +224,7 @@ func WithVerify(ctx *Context, r *http.Request) (*Context, error) { publicKey := alloc.OwnerPublicKey - valid, err := verifySignatureFromRequest(allocationTx, ctx.Signature, publicKey) + valid, err := verifySignatureFromRequest(allocationTx, ctx.Signature, ctx.SignatureV2, publicKey) if !valid { ctx.StatusCode = http.StatusBadRequest diff --git a/code/go/0chain.net/blobbercore/handler/handler.go b/code/go/0chain.net/blobbercore/handler/handler.go index a16887b2a..e8e26314b 100644 --- a/code/go/0chain.net/blobbercore/handler/handler.go +++ b/code/go/0chain.net/blobbercore/handler/handler.go @@ -311,6 +311,8 @@ func setupHandlerContext(ctx context.Context, r *http.Request) context.Context { // signature is not requered for all requests, but if header is empty it won`t affect anything ctx = context.WithValue(ctx, constants.ContextKeyClientSignatureHeaderKey, r.Header.Get(common.ClientSignatureHeader)) + // signature V2 + ctx = context.WithValue(ctx, constants.ContextKeyClientSignatureHeaderV2Key, r.Header.Get(common.ClientSignatureHeaderV2)) return ctx } @@ -806,8 +808,9 @@ func RevokeShare(ctx context.Context, r *http.Request) (interface{}, error) { } sign := r.Header.Get(common.ClientSignatureHeader) + signV2 := r.Header.Get(common.ClientSignatureHeaderV2) - valid, err := verifySignatureFromRequest(allocationTx, sign, allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, sign, signV2, allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -867,8 +870,9 @@ func InsertShare(ctx context.Context, r *http.Request) (interface{}, error) { } sign := r.Header.Get(common.ClientSignatureHeader) + signV2 := r.Header.Get(common.ClientSignatureHeaderV2) - valid, err := verifySignatureFromRequest(allocationTx, sign, allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, sign, signV2, allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -958,8 +962,9 @@ func ListShare(ctx context.Context, r *http.Request) (interface{}, error) { } sign := r.Header.Get(common.ClientSignatureHeader) + signV2 := r.Header.Get(common.ClientSignatureHeaderV2) - valid, err := verifySignatureFromRequest(allocationTx, sign, allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, sign, signV2, allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } diff --git a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go index d6696d009..d1f632909 100644 --- a/code/go/0chain.net/blobbercore/handler/object_operation_handler.go +++ b/code/go/0chain.net/blobbercore/handler/object_operation_handler.go @@ -322,7 +322,7 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i return nil, common.NewError("invalid_authticket", "authticket is required") } if dr.Version == "v2" { - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), clientPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), clientPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -352,7 +352,7 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i } else { if dr.Version == "v2" { - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), alloc.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), alloc.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -478,7 +478,7 @@ func (fsh *StorageHandler) CreateConnection(ctx context.Context, r *http.Request return nil, common.NewError("invalid_operation", "Operation needs to be performed by the owner or the payer of the allocation") } - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -780,8 +780,7 @@ func (fsh *StorageHandler) RenameObject(ctx context.Context, r *http.Request) (i clientID := ctx.Value(constants.ContextKeyClient).(string) _ = ctx.Value(constants.ContextKeyClientKey).(string) - - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -862,7 +861,7 @@ func (fsh *StorageHandler) CopyObject(ctx context.Context, r *http.Request) (int return nil, common.NewError("prohibited_allocation_file_options", "Cannot copy data from this allocation.") } - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -971,8 +970,7 @@ func (fsh *StorageHandler) MoveObject(ctx context.Context, r *http.Request) (int return nil, common.NewError("prohibited_allocation_file_options", "Cannot move data in this allocation.") } - valid, err := verifySignatureFromRequest( - allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -1123,7 +1121,7 @@ func (fsh *StorageHandler) CreateDir(ctx context.Context, r *http.Request) (*all return nil, common.NewError("invalid_parameters", "Invalid allocation id passed."+err.Error()) } - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -1254,7 +1252,7 @@ func (fsh *StorageHandler) WriteFile(ctx context.Context, r *http.Request) (*all st = time.Now() publicKey := allocationObj.OwnerPublicKey - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), publicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), publicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") diff --git a/code/go/0chain.net/blobbercore/handler/storage_handler.go b/code/go/0chain.net/blobbercore/handler/storage_handler.go index 2edca6ae5..f472c1f20 100644 --- a/code/go/0chain.net/blobbercore/handler/storage_handler.go +++ b/code/go/0chain.net/blobbercore/handler/storage_handler.go @@ -137,7 +137,7 @@ func (fsh *StorageHandler) GetFileMeta(ctx context.Context, r *http.Request) (in if isOwner { publicKey := alloc.OwnerPublicKey - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), publicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), publicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -181,7 +181,7 @@ func (fsh *StorageHandler) GetFilesMetaByName(ctx context.Context, r *http.Reque if isOwner { publicKey := alloc.OwnerPublicKey - valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), publicKey) + valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), publicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -224,7 +224,8 @@ func (fsh *StorageHandler) GetFileStats(ctx context.Context, r *http.Request) (i allocationID := allocationObj.ID clientSign, _ := ctx.Value(constants.ContextKeyClientSignatureHeaderKey).(string) - valid, err := verifySignatureFromRequest(allocationTx, clientSign, allocationObj.OwnerPublicKey) + clientSignV2, _ := ctx.Value(constants.ContextKeyClientSignatureHeaderV2Key).(string) + valid, err := verifySignatureFromRequest(allocationTx, clientSign, clientSignV2, allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -432,8 +433,8 @@ func (fsh *StorageHandler) GetLatestWriteMarker(ctx context.Context, r *http.Req clientSign, _ := ctx.Value(constants.ContextKeyClientSignatureHeaderKey).(string) publicKey := allocationObj.OwnerPublicKey - - valid, err := verifySignatureFromRequest(allocationTx, clientSign, publicKey) + clientSignV2 := ctx.Value(constants.ContextKeyClientSignatureHeaderV2Key).(string) + valid, err := verifySignatureFromRequest(allocationTx, clientSign, clientSignV2, publicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "could not verify the allocation owner") } @@ -514,7 +515,8 @@ func (fsh *StorageHandler) getReferencePath(ctx context.Context, r *http.Request publicKey := allocationObj.OwnerPublicKey - valid, err := verifySignatureFromRequest(allocationTx, clientSign, publicKey) + clientSignV2 := ctx.Value(constants.ContextKeyClientSignatureHeaderV2Key).(string) + valid, err := verifySignatureFromRequest(allocationTx, clientSign, clientSignV2, publicKey) if !valid || err != nil { errCh <- common.NewError("invalid_signature", "could not verify the allocation owner or collaborator") return @@ -576,7 +578,8 @@ func (fsh *StorageHandler) GetObjectTree(ctx context.Context, r *http.Request) ( allocationID := allocationObj.ID clientSign, _ := ctx.Value(constants.ContextKeyClientSignatureHeaderKey).(string) - valid, err := verifySignatureFromRequest(allocationTx, clientSign, allocationObj.OwnerPublicKey) + clientSignV2 := ctx.Value(constants.ContextKeyClientSignatureHeaderV2Key).(string) + valid, err := verifySignatureFromRequest(allocationTx, clientSign, clientSignV2, allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -645,8 +648,8 @@ func (fsh *StorageHandler) GetRecentlyAddedRefs(ctx context.Context, r *http.Req } clientSign := ctx.Value(constants.ContextKeyClientSignatureHeaderKey).(string) - - valid, err := verifySignatureFromRequest(allocationTx, clientSign, allocationObj.OwnerPublicKey) + clientSignV2 := ctx.Value(constants.ContextKeyClientSignatureHeaderV2Key).(string) + valid, err := verifySignatureFromRequest(allocationTx, clientSign, clientSignV2, allocationObj.OwnerPublicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature or invalid access") } @@ -732,7 +735,8 @@ func (fsh *StorageHandler) GetRefs(ctx context.Context, r *http.Request) (*blobb clientSign, _ := ctx.Value(constants.ContextKeyClientSignatureHeaderKey).(string) - valid, err := verifySignatureFromRequest(allocationTx, clientSign, publicKey) + clientSignV2 := ctx.Value(constants.ContextKeyClientSignatureHeaderV2Key).(string) + valid, err := verifySignatureFromRequest(allocationTx, clientSign, clientSignV2, publicKey) if !valid || err != nil { return nil, common.NewError("invalid_signature", "Invalid signature") } @@ -897,14 +901,24 @@ func (fsh *StorageHandler) GetRefs(ctx context.Context, r *http.Request) (*blobb } // verifySignatureFromRequest verifies signature passed as common.ClientSignatureHeader header. -func verifySignatureFromRequest(alloc, sign, pbK string) (bool, error) { - sign = encryption.MiraclToHerumiSig(sign) - +func verifySignatureFromRequest(alloc, signV1, signV2, pbK string) (bool, error) { + var ( + sign string + hashData string + hash string + ) + if signV2 != "" { + sign = encryption.MiraclToHerumiSig(signV2) + hashData = alloc + node.Self.GetURLBase() + hash = encryption.Hash(hashData) + } else { + sign = encryption.MiraclToHerumiSig(signV1) + hashData = alloc + hash = encryption.Hash(hashData) + } if len(sign) < 64 { return false, nil } - hashData := alloc + node.Self.GetURLBase() - hash := encryption.Hash(hashData) return encryption.Verify(pbK, sign, hash) } diff --git a/code/go/0chain.net/core/common/handler.go b/code/go/0chain.net/core/common/handler.go index d4de9afb8..b0fada4bb 100644 --- a/code/go/0chain.net/core/common/handler.go +++ b/code/go/0chain.net/core/common/handler.go @@ -19,7 +19,8 @@ const ( TimestampHeader = "X-App-Timestamp" // ClientSignatureHeader represents http request header contains signature. - ClientSignatureHeader = "X-App-Client-Signature" + ClientSignatureHeader = "X-App-Client-Signature" + ClientSignatureHeaderV2 = "X-App-Client-Signature-V2" AllocationIdHeader = "ALLOCATION-ID" ) diff --git a/go.mod b/go.mod index 0c6caf782..ea0d4fc17 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,7 @@ go 1.21 require ( github.com/0chain/errors v1.0.3 - github.com/0chain/gosdk v1.12.1 + github.com/0chain/gosdk v1.12.1-0.20240207192047-6607342227a5 github.com/DATA-DOG/go-sqlmock v1.5.0 github.com/didip/tollbooth/v6 v6.1.2 github.com/go-openapi/runtime v0.26.0 diff --git a/go.sum b/go.sum index 27bc4ae16..fc2c7c892 100644 --- a/go.sum +++ b/go.sum @@ -40,8 +40,8 @@ github.com/0chain/common v0.0.6-0.20230127095721-8df4d1d72565 h1:z+DtCR8mBsjPnEs github.com/0chain/common v0.0.6-0.20230127095721-8df4d1d72565/go.mod h1:UyDC8Qyl5z9lGkCnf9RHJPMektnFX8XtCJZHXCCVj8E= github.com/0chain/errors v1.0.3 h1:QQZPFxTfnMcRdt32DXbzRQIfGWmBsKoEdszKQDb0rRM= github.com/0chain/errors v1.0.3/go.mod h1:xymD6nVgrbgttWwkpSCfLLEJbFO6iHGQwk/yeSuYkIc= -github.com/0chain/gosdk v1.12.1 h1:U4XX87tao+J7rqiOdVBa1bWh/SKz+kiSvxGbVjdvWwE= -github.com/0chain/gosdk v1.12.1/go.mod h1:ew7kU2Cf1Y/CzoxMqtnmflD1CuSPaOI5TukoXA26Sz4= +github.com/0chain/gosdk v1.12.1-0.20240207192047-6607342227a5 h1:lSsTVaLKFdEXMFZWfg9UF8ap3NLaLg22ZJ7OG3yzDbQ= +github.com/0chain/gosdk v1.12.1-0.20240207192047-6607342227a5/go.mod h1:ew7kU2Cf1Y/CzoxMqtnmflD1CuSPaOI5TukoXA26Sz4= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/DATA-DOG/go-sqlmock v1.5.0 h1:Shsta01QNfFxHCfpW6YH2STWB0MudeXXEWMr20OEh60= @@ -931,7 +931,6 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= -golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180719180050-a680a1efc54d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -1153,7 +1152,6 @@ golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.16.0 h1:GO788SKMRunPIBCXiQyo2AaexLstOrVhuAL5YwsckQM= -golang.org/x/tools v0.16.0/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=