-
Notifications
You must be signed in to change notification settings - Fork 45
/
util.go
130 lines (113 loc) · 4.2 KB
/
util.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
package types
import (
"crypto/sha256"
"strings"
"unicode/utf8"
"cosmossdk.io/errors"
sdk "github.com/cosmos/cosmos-sdk/types"
sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
ethcrypto "github.com/ethereum/go-ethereum/crypto"
"github.com/ethereum/go-ethereum/crypto/secp256k1"
)
// CheckValidBucketName - checks if we have a valid input bucket name.
// This is a stricter version.
// - http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html
func CheckValidBucketName(bucketName string) (err error) {
if len(bucketName) == 0 || strings.TrimSpace(bucketName) == "" {
return errors.Wrap(ErrInvalidBucketName, "Bucket name cannot be empty")
}
if len(bucketName) < 3 {
return errors.Wrap(ErrInvalidBucketName, "Bucket name cannot be shorter than 3 characters")
}
if len(bucketName) > 63 {
return errors.Wrap(ErrInvalidBucketName, "Bucket name cannot be longer than 63 characters")
}
if ipAddress.MatchString(bucketName) {
return errors.Wrap(ErrInvalidBucketName, "Bucket name cannot be an ip address")
}
if strings.Contains(bucketName, "..") || strings.Contains(bucketName, ".-") || strings.Contains(bucketName, "-.") {
return errors.Wrap(ErrInvalidBucketName, "Bucket name contains invalid characters")
}
if !validBucketName.MatchString(bucketName) {
return errors.Wrap(ErrInvalidBucketName, "Bucket name contains invalid characters")
}
return nil
}
const (
// Bad path components to be rejected by the path validity handler.
dotdotComponent = ".."
dotComponent = "."
// SlashSeparator - slash separator.
SlashSeparator = "/"
)
// / CheckValidObjectName - checks if we have a valid input object name.
// - http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html
func CheckValidObjectName(objectName string) error {
// check the length of objectname
if len(objectName) == 0 || strings.TrimSpace(objectName) == "" {
return errors.Wrap(ErrInvalidObjectName, "Object name cannot be empty")
}
if len(objectName) > 1024 {
return errors.Wrap(ErrInvalidObjectName, "Object name cannot be longer than 1024 characters")
}
// check bad path component
if hasBadPathComponent(objectName) {
return errors.Wrap(ErrInvalidObjectName, "Object name with a bad path component are not supported")
}
// check UTF-8 strings
if !utf8.ValidString(objectName) {
return errors.Wrap(ErrInvalidObjectName, "Object name with non UTF-8 strings are not supported")
}
if strings.Contains(objectName, `//`) {
return errors.Wrap(ErrInvalidObjectName, "Object name with a \"//\" prefix are not supported")
}
return nil
}
func CheckValidGroupName(groupName string) error {
if !utf8.ValidString(groupName) {
return errors.Wrap(ErrInvalidGroupName, "Group name with non UTF-8 strings are not supported")
}
return nil
}
// Check if the incoming path has bad path components,
// such as ".." and "."
func hasBadPathComponent(path string) bool {
path = strings.TrimSpace(path)
for _, p := range strings.Split(path, SlashSeparator) {
switch strings.TrimSpace(p) {
case dotdotComponent:
return true
case dotComponent:
return true
}
}
return false
}
// CheckValidExpectChecksums checks if the MSG have a valid SHA256 checksum.
func CheckValidExpectChecksums(expectChecksums [][]byte) error {
// TODO(fynn): hard code here. will be replaced by module params.
if len(expectChecksums) != 7 {
return ErrInvalidChcecksum
}
for _, checksum := range expectChecksums {
if len(checksum) != sha256.Size {
return errors.Wrap(ErrInvalidChcecksum, "Invalid SHA256 checksum size.")
}
}
return nil
}
func CheckValidContentType(contentType string) error {
// TODO(fynn): check validity of the contentType
return nil
}
func VerifySignature(sigAcc sdk.AccAddress, sigData []byte, sig []byte) error {
if len(sig) != ethcrypto.SignatureLength {
return errors.Wrap(sdkerrors.ErrorInvalidSigner, "signature length doesn't match typical [R||S||V] signature 65 bytes")
}
// VerifySignature of ethsecp256k1 accepts 64 byte signature [R||S]
// WARNING! Under NO CIRCUMSTANCES try to use pubKey.VerifySignature there
if !secp256k1.VerifySignature(sigAcc.Bytes(), sigData, sig[:len(sig)-1]) {
return errors.Wrap(sdkerrors.ErrorInvalidSigner, "unable to verify signer signature of EIP712 typed data")
}
return nil
}