Nesterfifa/frostfs-node
1
0
Fork 0
forked from TrueCloudLab/frostfs-node
Code Pull requests Activity

[#505] ir/container: Check key-to-owner mapping in key ownership check

Browse source 
Owner identifier can be calculated from public key. If it matches, no
additional verification of key ownership is required.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
This commit is contained in:
Leonard Lyubich 2021-05-25 12:09:44 +03:00 committed by Alex Vanin
parent 369c12b702
commit ac2d347884
1 changed files with 15 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
pkg/innerring/processors/container/common.go
View file

@ -1,6 +1,7 @@
package container package container
import ( import (
"crypto/ecdsa"
"fmt" "fmt"
"github.com/nspcc-dev/neo-go/pkg/crypto/keys" "github.com/nspcc-dev/neo-go/pkg/crypto/keys"
@ -12,6 +13,20 @@ type ownerIDSource interface {
} }
func (cp *Processor) checkKeyOwnership(ownerIDSrc ownerIDSource, key *keys.PublicKey) error { func (cp *Processor) checkKeyOwnership(ownerIDSrc ownerIDSource, key *keys.PublicKey) error {
// TODO: need more convenient way to do this
w, err := owner.NEO3WalletFromPublicKey(&ecdsa.PublicKey{
X: key.X,
Y: key.Y,
})
if err != nil {
return err
}
// TODO: need Equal method on owner.ID
if ownerIDSrc.OwnerID().String() == owner.NewIDFromNeo3Wallet(w).String() {
return nil
}
ownerKeys, err := cp.idClient.AccountKeys(ownerIDSrc.OwnerID()) ownerKeys, err := cp.idClient.AccountKeys(ownerIDSrc.OwnerID())
if err != nil { if err != nil {
return fmt.Errorf("could not received owner keys %s: %w", ownerIDSrc.OwnerID(), err) return fmt.Errorf("could not received owner keys %s: %w", ownerIDSrc.OwnerID(), err)