diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 0fb70855..3000e537 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -18,7 +18,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v2 with: - go-version: 1.18 + go-version: 1.19 - name: Build and Test run: make diff --git a/Dockerfile b/Dockerfile index d2696b42..4b15882b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.18-buster AS builder +FROM golang:1.19-buster AS builder ARG BUILD_VERSION ENV BUILD_VERSION=${BUILD_VERSION} ADD . /ffsigner diff --git a/config.md b/config.md index e8ced098..a83cd8b0 100644 --- a/config.md +++ b/config.md @@ -63,6 +63,7 @@ nav_order: 2 |clientAuth|Enables or disables client auth for TLS on this API|`string`|`` |enabled|Enables or disables TLS on this API|`boolean`|`false` |keyFile|The path to the private key file for TLS on this API|`string`|`` +|requiredDNAttributes|A set of required subject DN attributes. Each entry is a regular expression, and the subject certificate must have a matching attribute of the specified type (CN, C, O, OU, ST, L, STREET, POSTALCODE, SERIALNUMBER are valid attributes)|`map[string]string`|`` ## backend.ws @@ -179,4 +180,5 @@ nav_order: 2 |certFile|The path to the certificate file for TLS on this API|`string`|`` |clientAuth|Enables or disables client auth for TLS on this API|`string`|`` |enabled|Enables or disables TLS on this API|`boolean`|`false` -|keyFile|The path to the private key file for TLS on this API|`string`|`` \ No newline at end of file +|keyFile|The path to the private key file for TLS on this API|`string`|`` +|requiredDNAttributes|A set of required subject DN attributes. Each entry is a regular expression, and the subject certificate must have a matching attribute of the specified type (CN, C, O, OU, ST, L, STREET, POSTALCODE, SERIALNUMBER are valid attributes)|`map[string]string`|`` \ No newline at end of file diff --git a/go.mod b/go.mod index 5d4bae40..7aa04e38 100644 --- a/go.mod +++ b/go.mod @@ -1,13 +1,13 @@ module github.com/hyperledger/firefly-signer -go 1.18 +go 1.19 require ( github.com/btcsuite/btcd/btcec/v2 v2.1.3 github.com/fsnotify/fsnotify v1.6.0 github.com/go-resty/resty/v2 v2.7.0 github.com/gorilla/mux v1.8.0 - github.com/hyperledger/firefly-common v1.2.10 + github.com/hyperledger/firefly-common v1.2.11 github.com/karlseguin/ccache v2.0.3+incompatible github.com/pelletier/go-toml v1.9.5 github.com/santhosh-tekuri/jsonschema/v5 v5.0.2 @@ -27,7 +27,7 @@ require ( github.com/davecgh/go-spew v1.1.1 // indirect github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 // indirect github.com/docker/go-units v0.5.0 // indirect - github.com/getkin/kin-openapi v0.107.0 // indirect + github.com/getkin/kin-openapi v0.116.0 // indirect github.com/ghodss/yaml v1.0.0 // indirect github.com/go-openapi/jsonpointer v0.19.5 // indirect github.com/go-openapi/swag v0.22.3 // indirect @@ -48,6 +48,7 @@ require ( github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect github.com/nxadm/tail v1.4.8 // indirect github.com/pelletier/go-toml/v2 v2.0.5 // indirect + github.com/perimeterx/marshmallow v1.1.4 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/client_golang v1.11.1 // indirect diff --git a/go.sum b/go.sum index b8eb145c..81cd2629 100644 --- a/go.sum +++ b/go.sum @@ -84,8 +84,8 @@ github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3 github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= -github.com/getkin/kin-openapi v0.107.0 h1:bxhL6QArW7BXQj8NjXfIJQy680NsMKd25nwhvpCXchg= -github.com/getkin/kin-openapi v0.107.0/go.mod h1:9Dhr+FasATJZjS4iOLvB0hkaxgYdulrNYm2e9epLWOo= +github.com/getkin/kin-openapi v0.116.0 h1:o986hwgMzR972JzOG5j6+WTwWqllZLs1EJKMKCivs2E= +github.com/getkin/kin-openapi v0.116.0/go.mod h1:l5e9PaFUo9fyLJCPGQeXI2ML8c3P8BHOEV2VaAVf/pc= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= @@ -105,6 +105,8 @@ github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+ github.com/go-resty/resty/v2 v2.7.0 h1:me+K9p3uhSmXtrBZ4k9jcEAfJmuC8IivWHwaLZwPrFY= github.com/go-resty/resty/v2 v2.7.0/go.mod h1:9PWDzw47qPphMRFfhsyk0NnSgvluHcljSMVIq3w7q0I= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-test/deep v1.0.8 h1:TDsG77qcSprGbC6vTN8OuXp5g+J+b5Pcguhf7Zt61VM= +github.com/go-test/deep v1.0.8/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -176,8 +178,8 @@ github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hyperledger/firefly-common v1.2.10 h1:im+GPaTnv764WmNvmtFFXz7+wx2IXg58Pf8AtDapM5o= -github.com/hyperledger/firefly-common v1.2.10/go.mod h1:kSAawo5is7RKWh3e9PMdWuR/OitfHAaAWVSK6V4lX80= +github.com/hyperledger/firefly-common v1.2.11 h1:ePDHJtorKE6ss8PtoPlyqLb+cB0TDB7ziM85Gtyerqs= +github.com/hyperledger/firefly-common v1.2.11/go.mod h1:17lOH4YufiPy82LpKm8fPa/YXJ0pUyq01zK1CmklJwM= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/inconshreveable/mousetrap v1.0.1 h1:U3uMjPSQEBMNp1lFxmllqCPM6P5u/Xq7Pgzkat/bFNc= @@ -242,6 +244,8 @@ github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3v github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pelletier/go-toml/v2 v2.0.5 h1:ipoSadvV8oGUjnUbMub59IDPPwfxF694nG/jwbMiyQg= github.com/pelletier/go-toml/v2 v2.0.5/go.mod h1:OMHamSCAODeSsVrwwvcJOaoN0LIUIaFVNZzmWyNfXas= +github.com/perimeterx/marshmallow v1.1.4 h1:pZLDH9RjlLGGorbXhcaQLhfuV0pFMNfPO55FuFkxqLw= +github.com/perimeterx/marshmallow v1.1.4/go.mod h1:dsXbUu8CRzfYP5a87xpp0xq9S3u0Vchtcl8we9tYaXw= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= @@ -311,6 +315,10 @@ github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKs github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/subosito/gotenv v1.4.1 h1:jyEFiXpy21Wm81FBN71l9VoMMV8H8jG+qIK3GCpY6Qs= github.com/subosito/gotenv v1.4.1/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= +github.com/ugorji/go v1.2.7 h1:qYhyWUUd6WbiM+C6JZAUkIJt/1WrjzNHY9+KCIjVqTo= +github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M= +github.com/ugorji/go/codec v1.2.7 h1:YPXUKf7fYbp/y8xloBqZOw2qaVggbfwMlI8WM3wZUJ0= +github.com/ugorji/go/codec v1.2.7/go.mod h1:WGN1fab3R1fzQlVQTkfxVtIBhWDRqOviHU95kRgeqEY= github.com/wsxiaoys/terminal v0.0.0-20160513160801-0940f3fc43a0 h1:3UeQBvD0TFrlVjOeLOBz+CPAI8dnbqNSVwUwRrkp7vQ= github.com/wsxiaoys/terminal v0.0.0-20160513160801-0940f3fc43a0/go.mod h1:IXCdmsXIht47RaVFLEdVnh1t+pgYtTAhQGj73kz+2DM= github.com/x-cray/logrus-prefixed-formatter v0.5.2 h1:00txxvfBM9muc0jiLIEAkAcIMJzfthRT6usrui8uGmg= diff --git a/internal/rpcserver/rpchandler.go b/internal/rpcserver/rpchandler.go index 764c7e6c..f694d874 100644 --- a/internal/rpcserver/rpchandler.go +++ b/internal/rpcserver/rpchandler.go @@ -1,4 +1,4 @@ -// Copyright © 2022 Kaleido, Inc. +// Copyright © 2023 Kaleido, Inc. // // SPDX-License-Identifier: Apache-2.0 // @@ -19,7 +19,7 @@ package rpcserver import ( "context" "encoding/json" - "io/ioutil" + "io" "net/http" "strconv" "unicode" @@ -35,7 +35,7 @@ func (s *rpcServer) rpcHandler(w http.ResponseWriter, r *http.Request) { ctx := r.Context() // will include logging ID from FireFly server framework - b, err := ioutil.ReadAll(r.Body) + b, err := io.ReadAll(r.Body) if err != nil { s.replyRPCParseError(ctx, w, b) return diff --git a/pkg/fswallet/fswallet.go b/pkg/fswallet/fswallet.go index ecb3bf1d..db872509 100644 --- a/pkg/fswallet/fswallet.go +++ b/pkg/fswallet/fswallet.go @@ -20,7 +20,7 @@ import ( "context" "encoding/json" "io/fs" - "io/ioutil" + "os" "path" "regexp" "strings" @@ -177,11 +177,20 @@ func (w *fsWallet) matchFilename(ctx context.Context, f fs.FileInfo) *ethtypes.A func (w *fsWallet) Refresh(ctx context.Context) error { log.L(ctx).Infof("Refreshing account list at %s", w.conf.Path) - files, err := ioutil.ReadDir(w.conf.Path) + dirEntries, err := os.ReadDir(w.conf.Path) if err != nil { return i18n.WrapError(ctx, err, signermsgs.MsgReadDirFile) } - w.notifyNewFiles(ctx, files...) + files := make([]os.FileInfo, 0, len(dirEntries)) + for _, de := range dirEntries { + fi, infoErr := de.Info() + if infoErr == nil { + files = append(files, fi) + } + } + if len(files) > 0 { + w.notifyNewFiles(ctx, files...) + } return nil } @@ -274,7 +283,7 @@ func (w *fsWallet) GetWalletFile(ctx context.Context, addr ethtypes.Address0xHex func (w *fsWallet) loadWalletFile(ctx context.Context, addr ethtypes.Address0xHex, primaryFilename string) (keystorev3.WalletFile, error) { - b, err := ioutil.ReadFile(primaryFilename) + b, err := os.ReadFile(primaryFilename) if err != nil { log.L(ctx).Errorf("Failed to read '%s': %s", primaryFilename, err) return nil, i18n.NewError(ctx, signermsgs.MsgWalletFailed, addr) @@ -287,7 +296,7 @@ func (w *fsWallet) loadWalletFile(ctx context.Context, addr ethtypes.Address0xHe log.L(ctx).Debugf("Reading keyfile=%s passwordfile=%s", keyFilename, passwordFilename) if keyFilename != primaryFilename { - b, err = ioutil.ReadFile(keyFilename) + b, err = os.ReadFile(keyFilename) if err != nil { log.L(ctx).Errorf("Failed to read '%s' (keyfile): %s", keyFilename, err) return nil, i18n.NewError(ctx, signermsgs.MsgWalletFailed, addr) @@ -296,7 +305,7 @@ func (w *fsWallet) loadWalletFile(ctx context.Context, addr ethtypes.Address0xHe var password []byte if passwordFilename != "" { - password, err = ioutil.ReadFile(passwordFilename) + password, err = os.ReadFile(passwordFilename) if err != nil { log.L(ctx).Debugf("Failed to read '%s' (password file): %s", passwordFilename, err) } else if w.conf.Filenames.PasswordTrimSpace { @@ -310,7 +319,7 @@ func (w *fsWallet) loadWalletFile(ctx context.Context, addr ethtypes.Address0xHe log.L(ctx).Errorf("No password file available for address, and no default password file: %s", addr) return nil, i18n.NewError(ctx, signermsgs.MsgWalletFailed, addr) } - password, err = ioutil.ReadFile(w.conf.DefaultPasswordFile) + password, err = os.ReadFile(w.conf.DefaultPasswordFile) if err != nil { log.L(ctx).Errorf("Failed to read '%s' (default password file): %s", w.conf.DefaultPasswordFile, err) return nil, i18n.NewError(ctx, signermsgs.MsgWalletFailed, addr) diff --git a/pkg/fswallet/fswallet_test.go b/pkg/fswallet/fswallet_test.go index 00be2764..eca20938 100644 --- a/pkg/fswallet/fswallet_test.go +++ b/pkg/fswallet/fswallet_test.go @@ -19,6 +19,8 @@ package fswallet import ( "context" "encoding/json" + "os" + "path" "testing" "github.com/hyperledger/firefly-common/pkg/config" @@ -175,6 +177,32 @@ func TestRefreshOK(t *testing.T) { } +func TestRefreshStatFail(t *testing.T) { + + config.RootConfigReset() + logrus.SetLevel(logrus.TraceLevel) + + tmpDir := t.TempDir() + os.Mkdir(path.Join(tmpDir, "baddir"), 0000) + + unitTestConfig := config.RootSection("ut_fs_config") + InitConfig(unitTestConfig) + unitTestConfig.Set(ConfigPath, tmpDir) + unitTestConfig.Set(ConfigFilenamesPrimaryExt, ".toml") + unitTestConfig.Set(ConfigMetadataKeyFileProperty, `{{ index .signing "key-file" }}`) + unitTestConfig.Set(ConfigMetadataPasswordFileProperty, `{{ index .signing "password-file" }}`) + unitTestConfig.Set(ConfigDisableListener, true) + ctx := context.Background() + + ff, err := NewFilesystemWallet(ctx, ReadConfig(unitTestConfig)) + assert.NoError(t, err) + defer ff.Close() + + err = ff.Refresh(ctx) + assert.NoError(t, err) + +} + func TestSignOK(t *testing.T) { ctx, f, done := newTestTOMLMetadataWallet(t, true)