[#199] sdk/client: Verify header signature in GetObjectHeader method

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
This commit is contained in:
Leonard Lyubich 2020-11-16 17:33:04 +03:00 committed by Alex Vanin
parent c6884f9823
commit 3097059f85

View file

@ -569,7 +569,19 @@ func (c *Client) getObjectHeaderV2(ctx context.Context, p *ObjectHeaderParams, o
return nil, errors.New("got nil instead of header with signature") return nil, errors.New("got nil instead of header with signature")
} }
hdr = hdrWithSig.GetHeader() hdr = hdrWithSig.GetHeader()
// todo: check signature there
if err := signer.VerifyDataWithSource(
signature.StableMarshalerWrapper{
SM: hdrWithSig.GetHeader(),
},
func() (key, sig []byte) {
s := hdrWithSig.GetSignature()
return s.GetKey(), s.GetSign()
},
); err != nil {
return nil, errors.Wrap(err, "incorrect object header signature")
}
default: default:
panic(fmt.Sprintf("unexpected Head object type %T", v)) panic(fmt.Sprintf("unexpected Head object type %T", v))
} }