service: add owner key to a signed payload of SessionToken

This commit is contained in:
Leonard Lyubich 2020-05-15 16:05:02 +03:00
parent bc413f6280
commit 1896264f8c
2 changed files with 32 additions and 3 deletions

View file

@ -174,11 +174,11 @@ func NewVerifiedSessionToken(token SessionToken) DataWithSignature {
} }
} }
func tokenInfoSize(v SessionKeySource) int { func tokenInfoSize(v SessionTokenInfo) int {
if v == nil { if v == nil {
return 0 return 0
} }
return fixedTokenDataSize + len(v.GetSessionKey()) return fixedTokenDataSize + len(v.GetSessionKey()) + len(v.GetOwnerKey())
} }
// Fills passed buffer with signing token information bytes. // Fills passed buffer with signing token information bytes.
@ -208,7 +208,9 @@ func copyTokenSignedData(buf []byte, token SessionTokenInfo) {
tokenEndianness.PutUint64(buf[off:], token.ExpirationEpoch()) tokenEndianness.PutUint64(buf[off:], token.ExpirationEpoch())
off += 8 off += 8
copy(buf[off:], token.GetSessionKey()) off += copy(buf[off:], token.GetSessionKey())
copy(buf[off:], token.GetOwnerKey())
} }
// SignedData concatenates signed data with session token information. Returns concatenation result. // SignedData concatenates signed data with session token information. Returns concatenation result.

View file

@ -77,6 +77,16 @@ func TestTokenGettersSetters(t *testing.T) {
require.Equal(t, key, tok.GetSessionKey()) require.Equal(t, key, tok.GetSessionKey())
} }
{
key := make([]byte, 10)
_, err := rand.Read(key)
require.NoError(t, err)
tok.SetOwnerKey(key)
require.Equal(t, key, tok.GetOwnerKey())
}
{ // Signature { // Signature
sig := make([]byte, 10) sig := make([]byte, 10)
_, err := rand.Read(sig) _, err := rand.Read(sig)
@ -126,6 +136,11 @@ func TestSignToken(t *testing.T) {
require.NoError(t, err) require.NoError(t, err)
token.SetSessionKey(sessionKey) token.SetSessionKey(sessionKey)
ownerKey := make([]byte, 10)
_, err = rand.Read(ownerKey[:])
require.NoError(t, err)
token.SetOwnerKey(ownerKey)
signedToken := NewSignedSessionToken(token) signedToken := NewSignedSessionToken(token)
verifiedToken := NewVerifiedSessionToken(token) verifiedToken := NewVerifiedSessionToken(token)
@ -211,6 +226,18 @@ func TestSignToken(t *testing.T) {
token.SetSessionKey(sessionKey) token.SetSessionKey(sessionKey)
}, },
}, },
{ // Owner key
corrupt: func() {
ownerKey := token.GetOwnerKey()
ownerKey[0]++
token.SetOwnerKey(ownerKey)
},
restore: func() {
ownerKey := token.GetOwnerKey()
ownerKey[0]--
token.SetOwnerKey(ownerKey)
},
},
} }
for _, v := range items { for _, v := range items {