frostfs-api-go/session/private.go

package session

import (
	"crypto/ecdsa"
	"crypto/elliptic"
	"crypto/rand"
)

type pToken struct {
	// private session token
	sessionKey *ecdsa.PrivateKey
	// last epoch of the lifetime
	validUntil uint64
}

// NewPrivateToken creates PrivateToken instance that expires after passed epoch.
//
// Returns non-nil error on key generation error.
func NewPrivateToken(validUntil uint64) (PrivateToken, error) {
	sk, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
	if err != nil {
		return nil, err
	}

	return &pToken{
		sessionKey: sk,
		validUntil: validUntil,
	}, nil
}

// PrivateKey returns a binary representation of the session public key.
func (t *pToken) PrivateKey() *ecdsa.PrivateKey {
	return t.sessionKey
}

func (t *pToken) Expired(epoch uint64) bool {
	return t.validUntil < epoch
}

// SetOwnerID is an owner ID field setter.
func (s *PrivateTokenKey) SetOwnerID(id OwnerID) {
	s.owner = id
}

// SetTokenID is a token ID field setter.
func (s *PrivateTokenKey) SetTokenID(id TokenID) {
	s.token = id
}
session: replace PToken structure with PrivateToken interface In previous implementation PToken contained the full Token structure. Since private token is used for data signature only, storing unused fields of a user token is impractical. To emphasize the purpose of the private part of the session, it makes sense to provide the user of the session package with its interface. The interface will only provide the functionality of data signing with private session key. This commit: * removes PToken structure from session package; * defines PrivateToken interface of private session part; * adds the implementation of PrivateToken on unexported struct; * provides the constructor that generates session key internally. 2020-04-29 08:52:05 +00:00			`package session`

			`import (`
			`"crypto/ecdsa"`
session: remove trivial defaultCurve function 2020-04-29 09:46:05 +00:00			`"crypto/elliptic"`
session: replace PToken structure with PrivateToken interface In previous implementation PToken contained the full Token structure. Since private token is used for data signature only, storing unused fields of a user token is impractical. To emphasize the purpose of the private part of the session, it makes sense to provide the user of the session package with its interface. The interface will only provide the functionality of data signing with private session key. This commit: * removes PToken structure from session package; * defines PrivateToken interface of private session part; * adds the implementation of PrivateToken on unexported struct; * provides the constructor that generates session key internally. 2020-04-29 08:52:05 +00:00			`"crypto/rand"`
			`)`

			`type pToken struct {`
			`// private session token`
			`sessionKey *ecdsa.PrivateKey`
session: support the expiration of private tokens All sessions in NeoFS has limited in epochs lifetime. There is a need to limit the lifetime of private session tokens. This commmit: * extends PrivateToken interface with Expired method; * defines EpochLifetimeStore interface with RemoveExpired method and embeds it to PrivateTokenStore interface; * adds epoch value parameter to private token constructor. 2020-04-29 11:11:19 +00:00			`// last epoch of the lifetime`
			`validUntil uint64`
session: replace PToken structure with PrivateToken interface In previous implementation PToken contained the full Token structure. Since private token is used for data signature only, storing unused fields of a user token is impractical. To emphasize the purpose of the private part of the session, it makes sense to provide the user of the session package with its interface. The interface will only provide the functionality of data signing with private session key. This commit: * removes PToken structure from session package; * defines PrivateToken interface of private session part; * adds the implementation of PrivateToken on unexported struct; * provides the constructor that generates session key internally. 2020-04-29 08:52:05 +00:00			`}`

session: support the expiration of private tokens All sessions in NeoFS has limited in epochs lifetime. There is a need to limit the lifetime of private session tokens. This commmit: * extends PrivateToken interface with Expired method; * defines EpochLifetimeStore interface with RemoveExpired method and embeds it to PrivateTokenStore interface; * adds epoch value parameter to private token constructor. 2020-04-29 11:11:19 +00:00			`// NewPrivateToken creates PrivateToken instance that expires after passed epoch.`
session: replace PToken structure with PrivateToken interface In previous implementation PToken contained the full Token structure. Since private token is used for data signature only, storing unused fields of a user token is impractical. To emphasize the purpose of the private part of the session, it makes sense to provide the user of the session package with its interface. The interface will only provide the functionality of data signing with private session key. This commit: * removes PToken structure from session package; * defines PrivateToken interface of private session part; * adds the implementation of PrivateToken on unexported struct; * provides the constructor that generates session key internally. 2020-04-29 08:52:05 +00:00			`//`
			`// Returns non-nil error on key generation error.`
session: support the expiration of private tokens All sessions in NeoFS has limited in epochs lifetime. There is a need to limit the lifetime of private session tokens. This commmit: * extends PrivateToken interface with Expired method; * defines EpochLifetimeStore interface with RemoveExpired method and embeds it to PrivateTokenStore interface; * adds epoch value parameter to private token constructor. 2020-04-29 11:11:19 +00:00			`func NewPrivateToken(validUntil uint64) (PrivateToken, error) {`
session: remove trivial defaultCurve function 2020-04-29 09:46:05 +00:00			`sk, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)`
session: replace PToken structure with PrivateToken interface In previous implementation PToken contained the full Token structure. Since private token is used for data signature only, storing unused fields of a user token is impractical. To emphasize the purpose of the private part of the session, it makes sense to provide the user of the session package with its interface. The interface will only provide the functionality of data signing with private session key. This commit: * removes PToken structure from session package; * defines PrivateToken interface of private session part; * adds the implementation of PrivateToken on unexported struct; * provides the constructor that generates session key internally. 2020-04-29 08:52:05 +00:00			`if err != nil {`
			`return nil, err`
			`}`

			`return &pToken{`
			`sessionKey: sk,`
session: support the expiration of private tokens All sessions in NeoFS has limited in epochs lifetime. There is a need to limit the lifetime of private session tokens. This commmit: * extends PrivateToken interface with Expired method; * defines EpochLifetimeStore interface with RemoveExpired method and embeds it to PrivateTokenStore interface; * adds epoch value parameter to private token constructor. 2020-04-29 11:11:19 +00:00			`validUntil: validUntil,`
session: replace PToken structure with PrivateToken interface In previous implementation PToken contained the full Token structure. Since private token is used for data signature only, storing unused fields of a user token is impractical. To emphasize the purpose of the private part of the session, it makes sense to provide the user of the session package with its interface. The interface will only provide the functionality of data signing with private session key. This commit: * removes PToken structure from session package; * defines PrivateToken interface of private session part; * adds the implementation of PrivateToken on unexported struct; * provides the constructor that generates session key internally. 2020-04-29 08:52:05 +00:00			`}, nil`
			`}`

session: change PrivateToken interface methods This commit replaces PublicKey() and SignData() methods of PrivateToken with PrivateKey() in order to have the ability to sign data with session key using service package functions. 2020-05-18 10:11:39 +00:00			`// PrivateKey returns a binary representation of the session public key.`
			`func (t pToken) PrivateKey() ecdsa.PrivateKey {`
			`return t.sessionKey`
session: replace PToken structure with PrivateToken interface In previous implementation PToken contained the full Token structure. Since private token is used for data signature only, storing unused fields of a user token is impractical. To emphasize the purpose of the private part of the session, it makes sense to provide the user of the session package with its interface. The interface will only provide the functionality of data signing with private session key. This commit: * removes PToken structure from session package; * defines PrivateToken interface of private session part; * adds the implementation of PrivateToken on unexported struct; * provides the constructor that generates session key internally. 2020-04-29 08:52:05 +00:00			`}`
session: support the expiration of private tokens All sessions in NeoFS has limited in epochs lifetime. There is a need to limit the lifetime of private session tokens. This commmit: * extends PrivateToken interface with Expired method; * defines EpochLifetimeStore interface with RemoveExpired method and embeds it to PrivateTokenStore interface; * adds epoch value parameter to private token constructor. 2020-04-29 11:11:19 +00:00
			`func (t *pToken) Expired(epoch uint64) bool {`
			`return t.validUntil < epoch`
			`}`
session: add OwnerID to a private token storage key 2020-05-08 10:20:12 +00:00
			`// SetOwnerID is an owner ID field setter.`
			`func (s *PrivateTokenKey) SetOwnerID(id OwnerID) {`
			`s.owner = id`
			`}`

			`// SetTokenID is a token ID field setter.`
			`func (s *PrivateTokenKey) SetTokenID(id TokenID) {`
			`s.token = id`
			`}`