From f0097d6c248f301f1f9ff8cc31355662ddbf36fd Mon Sep 17 00:00:00 2001 From: alexvanin Date: Thu, 16 Jan 2020 14:16:20 +0300 Subject: [PATCH 1/5] dep: Update neofs-crypto lib to v0.2.3 --- go.mod | 2 +- go.sum | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index bb8c4ff..688905e 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/golang/protobuf v1.3.2 github.com/google/uuid v1.1.1 github.com/mr-tron/base58 v1.1.3 - github.com/nspcc-dev/neofs-crypto v0.2.2 + github.com/nspcc-dev/neofs-crypto v0.2.3 github.com/nspcc-dev/netmap v1.6.1 github.com/nspcc-dev/tzhash v1.3.0 github.com/pkg/errors v0.8.1 diff --git a/go.sum b/go.sum index db7763e..531a682 100644 --- a/go.sum +++ b/go.sum @@ -106,12 +106,12 @@ github.com/mr-tron/base58 v1.1.3/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjW github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/nspcc-dev/hrw v1.0.8 h1:vwRuJXZXgkMvf473vFzeWGCfY1WBVeSHAEHvR4u3/Cg= github.com/nspcc-dev/hrw v1.0.8/go.mod h1:l/W2vx83vMQo6aStyx2AuZrJ+07lGv2JQGlVkPG06MU= -github.com/nspcc-dev/neofs-crypto v0.2.2 h1:jLc5O+Wdpaq7L4lNYFX7li+OP4I1FsvvcPW1NXm3erY= -github.com/nspcc-dev/neofs-crypto v0.2.2/go.mod h1:F/96fUzPM3wR+UGsPi3faVNmFlA9KAEAUQR7dMxZmNA= +github.com/nspcc-dev/neofs-crypto v0.2.3 h1:aca3X2aly92ENRbFK+kH6Hd+J9EQ4Eu6XMVoITSIKtc= +github.com/nspcc-dev/neofs-crypto v0.2.3/go.mod h1:8w16GEJbH6791ktVqHN9YRNH3s9BEEKYxGhlFnp0cDw= github.com/nspcc-dev/netmap v1.6.1 h1:Pigqpqi6QSdRiusbq5XlO20A18k6Eyu7j9MzOfAE3CM= github.com/nspcc-dev/netmap v1.6.1/go.mod h1:mhV3UOg9ljQmu0teQShD6+JYX09XY5gu2I4hIByCH9M= -github.com/nspcc-dev/rfc6979 v0.1.0 h1:Lwg7esRRoyK1Up/IN1vAef1EmvrBeMHeeEkek2fAJ6c= -github.com/nspcc-dev/rfc6979 v0.1.0/go.mod h1:exhIh1PdpDC5vQmyEsGvc4YDM/lyQp/452QxGq/UEso= +github.com/nspcc-dev/rfc6979 v0.2.0 h1:3e1WNxrN60/6N0DW7+UYisLeZJyfqZTNOjeV/toYvOE= +github.com/nspcc-dev/rfc6979 v0.2.0/go.mod h1:exhIh1PdpDC5vQmyEsGvc4YDM/lyQp/452QxGq/UEso= github.com/nspcc-dev/tzhash v1.3.0 h1:n6FTHsfPYbMi5Jmo6SwGVVRQD8i2w1P2ScCaW6rz69Q= github.com/nspcc-dev/tzhash v1.3.0/go.mod h1:Lc4DersKS8MNIrunTmsAzANO56qnG+LZ4GOE/WYGVzU= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= From 50d3649acf2143125b1eb1fece68b43c091596c5 Mon Sep 17 00:00:00 2001 From: alexvanin Date: Thu, 16 Jan 2020 14:17:34 +0300 Subject: [PATCH 2/5] object: Add public key header type Object can contain public key header. It will be used for object verification. This header can contain owner's public key or be the part of x509 chain verification in couple with verification header. --- object/types.go | 6 + object/types.pb.go | 376 ++++++++++++++++++++++++++++++++++++++------- object/types.proto | 7 + 3 files changed, 334 insertions(+), 55 deletions(-) diff --git a/object/types.go b/object/types.go index f433b9c..79cef65 100644 --- a/object/types.go +++ b/object/types.go @@ -67,6 +67,8 @@ const ( IntegrityHdr // StorageGroupHdr is a storage group header type. StorageGroupHdr + // PublicKeyHdr is a public key header type. + PublicKeyHdr ) var ( @@ -140,6 +142,8 @@ func (m Header) typeOf(t isHeader_Value) (ok bool) { _, ok = m.Value.(*Header_Integrity) case *Header_StorageGroup: _, ok = m.Value.(*Header_StorageGroup) + case *Header_PublicKey: + _, ok = m.Value.(*Header_PublicKey) } return } @@ -168,6 +172,8 @@ func HeaderType(t headerType) Pred { return func(h *Header) bool { _, ok := h.Value.(*Header_Integrity); return ok } case StorageGroupHdr: return func(h *Header) bool { _, ok := h.Value.(*Header_StorageGroup); return ok } + case PublicKeyHdr: + return func(h *Header) bool { _, ok := h.Value.(*Header_PublicKey); return ok } default: return nil } diff --git a/object/types.pb.go b/object/types.pb.go index b5a1e78..525b39b 100644 --- a/object/types.pb.go +++ b/object/types.pb.go @@ -220,6 +220,7 @@ type Header struct { // *Header_PayloadChecksum // *Header_Integrity // *Header_StorageGroup + // *Header_PublicKey Value isHeader_Value `protobuf_oneof:"Value"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -291,6 +292,9 @@ type Header_Integrity struct { type Header_StorageGroup struct { StorageGroup *storagegroup.StorageGroup `protobuf:"bytes,10,opt,name=StorageGroup,proto3,oneof" json:"StorageGroup,omitempty"` } +type Header_PublicKey struct { + PublicKey *PublicKey `protobuf:"bytes,11,opt,name=PublicKey,proto3,oneof" json:"PublicKey,omitempty"` +} func (*Header_Link) isHeader_Value() {} func (*Header_Redirect) isHeader_Value() {} @@ -302,6 +306,7 @@ func (*Header_HomoHash) isHeader_Value() {} func (*Header_PayloadChecksum) isHeader_Value() {} func (*Header_Integrity) isHeader_Value() {} func (*Header_StorageGroup) isHeader_Value() {} +func (*Header_PublicKey) isHeader_Value() {} func (m *Header) GetValue() isHeader_Value { if m != nil { @@ -373,6 +378,13 @@ func (m *Header) GetStorageGroup() *storagegroup.StorageGroup { return nil } +func (m *Header) GetPublicKey() *PublicKey { + if x, ok := m.GetValue().(*Header_PublicKey); ok { + return x.PublicKey + } + return nil +} + // XXX_OneofWrappers is for the internal use of the proto package. func (*Header) XXX_OneofWrappers() []interface{} { return []interface{}{ @@ -386,6 +398,7 @@ func (*Header) XXX_OneofWrappers() []interface{} { (*Header_PayloadChecksum)(nil), (*Header_Integrity)(nil), (*Header_StorageGroup)(nil), + (*Header_PublicKey)(nil), } } @@ -750,6 +763,50 @@ func (m *Object) GetPayload() []byte { return nil } +type PublicKey struct { + // Value contains marshaled ecdsa public key + Value []byte `protobuf:"bytes,1,opt,name=Value,proto3" json:"Value,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *PublicKey) Reset() { *m = PublicKey{} } +func (m *PublicKey) String() string { return proto.CompactTextString(m) } +func (*PublicKey) ProtoMessage() {} +func (*PublicKey) Descriptor() ([]byte, []int) { + return fileDescriptor_02021a1d39b1aee0, []int{10} +} +func (m *PublicKey) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *PublicKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil +} +func (m *PublicKey) XXX_Merge(src proto.Message) { + xxx_messageInfo_PublicKey.Merge(m, src) +} +func (m *PublicKey) XXX_Size() int { + return m.Size() +} +func (m *PublicKey) XXX_DiscardUnknown() { + xxx_messageInfo_PublicKey.DiscardUnknown(m) +} + +var xxx_messageInfo_PublicKey proto.InternalMessageInfo + +func (m *PublicKey) GetValue() []byte { + if m != nil { + return m.Value + } + return nil +} + func init() { proto.RegisterEnum("object.Link_Type", Link_Type_name, Link_Type_value) proto.RegisterEnum("object.Transform_Type", Transform_Type_name, Transform_Type_value) @@ -763,66 +820,69 @@ func init() { proto.RegisterType((*Link)(nil), "object.Link") proto.RegisterType((*Transform)(nil), "object.Transform") proto.RegisterType((*Object)(nil), "object.Object") + proto.RegisterType((*PublicKey)(nil), "object.PublicKey") } func init() { proto.RegisterFile("object/types.proto", fileDescriptor_02021a1d39b1aee0) } var fileDescriptor_02021a1d39b1aee0 = []byte{ - // 863 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x6c, 0x55, 0xcb, 0x8e, 0xe3, 0x44, - 0x14, 0xb5, 0x13, 0xe7, 0x75, 0xe3, 0x99, 0xf6, 0x14, 0xc3, 0x60, 0x05, 0x91, 0x6e, 0x59, 0x3c, - 0x9a, 0x81, 0x76, 0x8b, 0x1e, 0xd0, 0x88, 0x05, 0x88, 0x4e, 0x07, 0xe1, 0x88, 0x81, 0x6e, 0x55, - 0x3f, 0x16, 0xec, 0x9c, 0xb8, 0xe2, 0x14, 0x9d, 0x54, 0x45, 0x55, 0x95, 0x99, 0xc9, 0x9e, 0x2f, - 0x60, 0xc5, 0x8e, 0xdf, 0x99, 0x25, 0x4b, 0x34, 0x8b, 0x16, 0x6a, 0x3e, 0x80, 0x5f, 0x40, 0x55, - 0xb6, 0x13, 0xbb, 0x67, 0x36, 0x56, 0xdd, 0x7b, 0xce, 0x29, 0xdf, 0xba, 0xf7, 0x94, 0x0d, 0x88, - 0x8f, 0x7f, 0x25, 0x13, 0x75, 0xa8, 0xd6, 0x4b, 0x22, 0xc3, 0xa5, 0xe0, 0x8a, 0xa3, 0x66, 0x96, - 0xeb, 0x79, 0x82, 0x4c, 0x65, 0x19, 0xe9, 0xbd, 0x23, 0x89, 0x94, 0x94, 0xb3, 0x4a, 0xd2, 0x97, - 0x8a, 0x8b, 0x38, 0x25, 0xa9, 0xe0, 0xab, 0x65, 0x05, 0x39, 0x48, 0xa9, 0x9a, 0xad, 0xc6, 0xe1, - 0x84, 0x2f, 0x0e, 0x53, 0x9e, 0xf2, 0x43, 0x93, 0x1e, 0xaf, 0xa6, 0x26, 0x32, 0x81, 0x59, 0x65, - 0xf4, 0xe0, 0x29, 0x34, 0x70, 0xcc, 0x52, 0x82, 0x1e, 0x41, 0xf3, 0x74, 0x3a, 0x95, 0x44, 0xf9, - 0xf6, 0x9e, 0xbd, 0xef, 0xe0, 0x3c, 0xd2, 0xf9, 0x67, 0x84, 0xa5, 0x6a, 0xe6, 0xd7, 0xb2, 0x7c, - 0x16, 0x05, 0x5f, 0x02, 0x5c, 0x4a, 0x22, 0x22, 0x12, 0x27, 0x44, 0x20, 0x0f, 0xea, 0x3f, 0x92, - 0xb5, 0x91, 0x76, 0xb0, 0x5e, 0xa2, 0x87, 0xd0, 0xb8, 0x8a, 0xe7, 0x2b, 0x62, 0x64, 0x1d, 0x9c, - 0x05, 0xc1, 0x6f, 0x0e, 0x34, 0x73, 0x49, 0x00, 0xce, 0x33, 0xca, 0xae, 0x8d, 0xa6, 0x7b, 0xe4, - 0x86, 0x59, 0x03, 0x42, 0x9d, 0x8b, 0x2c, 0x6c, 0x30, 0xf4, 0x19, 0xb4, 0x31, 0x49, 0xa8, 0x20, - 0x13, 0x65, 0xf6, 0xe9, 0x1e, 0xdd, 0x0b, 0x75, 0x83, 0xc2, 0xe3, 0x24, 0x11, 0x44, 0xca, 0xc8, - 0xc2, 0x1b, 0x02, 0xaa, 0x54, 0xe4, 0xd7, 0x0d, 0x1d, 0x15, 0xdb, 0x6e, 0x91, 0xc8, 0xc2, 0xe5, - 0xca, 0xbf, 0x80, 0xce, 0x85, 0x88, 0x99, 0x9c, 0x72, 0xb1, 0xf0, 0x1d, 0x23, 0x7a, 0x50, 0x88, - 0x36, 0x40, 0x64, 0xe1, 0x2d, 0xcb, 0x48, 0xf8, 0x62, 0x2c, 0x15, 0x67, 0xc4, 0x6f, 0xdc, 0x91, - 0x14, 0x80, 0x91, 0x14, 0x01, 0xfa, 0x0a, 0x9a, 0x57, 0x44, 0xd0, 0xe9, 0xda, 0x6f, 0x1a, 0xfe, - 0xfb, 0x61, 0x3e, 0xd5, 0xd0, 0xa4, 0xe9, 0x24, 0x56, 0x94, 0xb3, 0x4d, 0x81, 0x39, 0x19, 0x7d, - 0x0c, 0xed, 0x88, 0x2f, 0x78, 0x14, 0xcb, 0x99, 0xdf, 0xda, 0xb3, 0xf7, 0xdd, 0x41, 0xfb, 0xf5, - 0xcd, 0xae, 0xa3, 0x63, 0x7d, 0xf4, 0x02, 0x43, 0x8f, 0x61, 0xe7, 0x2c, 0x5e, 0xcf, 0x79, 0x9c, - 0x9c, 0xcc, 0xc8, 0xe4, 0x5a, 0xae, 0x16, 0x7e, 0x5b, 0xd3, 0x23, 0x0b, 0xdf, 0x05, 0xd0, 0x53, - 0xe8, 0x8c, 0x98, 0x22, 0xa9, 0xa0, 0x6a, 0xed, 0x77, 0x4c, 0x35, 0xef, 0x15, 0xd5, 0x6f, 0x80, - 0x4d, 0x25, 0x5b, 0x2e, 0xfa, 0x0e, 0xdc, 0xf3, 0xcc, 0x75, 0x3f, 0x68, 0xd7, 0xf9, 0x60, 0xb4, - 0xbd, 0xb0, 0x6c, 0xc5, 0xb0, 0xcc, 0x88, 0x2c, 0x5c, 0x51, 0x0c, 0x5a, 0xb9, 0x27, 0x82, 0x6e, - 0xa9, 0x83, 0xc1, 0x7f, 0x36, 0xb8, 0xe7, 0x6b, 0xa9, 0xc8, 0x22, 0x1f, 0x89, 0x0f, 0xad, 0x2b, - 0x22, 0x74, 0x77, 0x72, 0x2f, 0x16, 0x21, 0xfa, 0x10, 0xee, 0xe5, 0xc7, 0xa9, 0x78, 0xb2, 0x9a, - 0x44, 0x3d, 0xa8, 0x8d, 0x86, 0xc6, 0x00, 0xee, 0x00, 0x5e, 0xdd, 0xec, 0x5a, 0xaf, 0x6f, 0x76, - 0x6b, 0xa3, 0x21, 0xae, 0x8d, 0x86, 0xe8, 0x53, 0x68, 0x9d, 0xbe, 0x60, 0x44, 0x8c, 0x86, 0x66, - 0xd8, 0xee, 0x60, 0x27, 0x27, 0x14, 0x69, 0x5c, 0x2c, 0xd0, 0x07, 0x50, 0x3f, 0x19, 0x0d, 0xcd, - 0x80, 0xdd, 0x41, 0x37, 0xa7, 0xe9, 0x14, 0xd6, 0x0f, 0xf4, 0x35, 0x74, 0x4e, 0x04, 0x89, 0x15, - 0x49, 0x8e, 0x55, 0x3e, 0xd5, 0x77, 0x8b, 0x3e, 0x1a, 0x80, 0x72, 0x76, 0xc6, 0x29, 0x53, 0x03, - 0x47, 0x6b, 0xf1, 0x96, 0x1d, 0x1c, 0xc3, 0xbd, 0x0a, 0x03, 0xf5, 0xa0, 0x7d, 0xc9, 0xe8, 0xcb, - 0x0b, 0xba, 0x20, 0xe6, 0xc8, 0x75, 0xbc, 0x89, 0xf5, 0x45, 0xfa, 0x7e, 0xc9, 0x27, 0xc5, 0x59, - 0xb3, 0x20, 0xa0, 0xb0, 0x73, 0x67, 0x58, 0x68, 0x1f, 0x76, 0xb2, 0x95, 0xdc, 0x98, 0x40, 0xef, - 0xe5, 0xe2, 0xbb, 0x69, 0xf4, 0x39, 0x3c, 0x28, 0xd6, 0xe7, 0x34, 0x65, 0xb1, 0x5a, 0x89, 0xec, - 0x9e, 0xba, 0xf8, 0x4d, 0x20, 0xf8, 0xd3, 0xce, 0x6e, 0x2a, 0xfa, 0x08, 0x1c, 0xfd, 0xa5, 0x31, - 0xbb, 0xde, 0xdf, 0x5a, 0x5e, 0x63, 0xe1, 0xc5, 0x7a, 0x49, 0xb0, 0x81, 0xf3, 0xf6, 0xd7, 0xde, - 0xd6, 0xfe, 0xe0, 0x02, 0x1c, 0xcd, 0x44, 0x5d, 0x68, 0x5d, 0xb2, 0x6b, 0xc6, 0x5f, 0x30, 0xcf, - 0x42, 0x00, 0xcd, 0xb3, 0x58, 0x10, 0xa6, 0x3c, 0x1b, 0xb9, 0xd0, 0x3e, 0x13, 0xe4, 0x39, 0xe5, - 0x2b, 0xe9, 0xd5, 0x50, 0x1b, 0x9c, 0x9f, 0xc9, 0x4b, 0xe5, 0xd5, 0x51, 0x07, 0x1a, 0x27, 0x33, - 0x3a, 0x4f, 0x3c, 0x07, 0x79, 0x55, 0x1f, 0x7a, 0x8d, 0x60, 0x5e, 0xba, 0xc3, 0xe8, 0x71, 0xa5, - 0xca, 0x47, 0x6f, 0xdc, 0xe5, 0x52, 0xa9, 0xc1, 0x93, 0xb7, 0x95, 0xd3, 0x81, 0xc6, 0xf9, 0x72, - 0x4e, 0x75, 0x35, 0x6d, 0x70, 0x74, 0x1f, 0xbc, 0x9a, 0x4e, 0xfe, 0xc4, 0x57, 0xf3, 0xc4, 0xab, - 0x07, 0xbf, 0xdb, 0xd0, 0x3c, 0x35, 0x9b, 0xa2, 0x6f, 0xab, 0xce, 0xcd, 0xbf, 0x65, 0x0f, 0x8b, - 0x77, 0x96, 0xb1, 0xdc, 0x05, 0x55, 0xa7, 0x87, 0xd0, 0xca, 0x67, 0xe3, 0xd7, 0xf6, 0xea, 0xfb, - 0xdd, 0xa3, 0xfb, 0x85, 0xb4, 0x22, 0x2a, 0x48, 0xfa, 0x66, 0xe4, 0x56, 0xcf, 0xec, 0x8d, 0x8b, - 0x70, 0xf0, 0xcd, 0xab, 0xdb, 0xbe, 0xfd, 0xd7, 0x6d, 0xdf, 0xfe, 0xfb, 0xb6, 0x6f, 0xff, 0x73, - 0xdb, 0xb7, 0xff, 0xf8, 0xb7, 0x6f, 0xfd, 0xf2, 0x49, 0xe9, 0x67, 0xc0, 0xe4, 0x72, 0x32, 0x39, - 0x48, 0xc8, 0xf3, 0x43, 0x46, 0xf8, 0x54, 0x1e, 0x64, 0xbf, 0x82, 0xec, 0x75, 0xe3, 0xa6, 0x89, - 0x9e, 0xfc, 0x1f, 0x00, 0x00, 0xff, 0xff, 0x06, 0x20, 0x25, 0xf2, 0x9b, 0x06, 0x00, 0x00, + // 892 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x6c, 0x55, 0xcb, 0x72, 0x1b, 0x45, + 0x14, 0xd5, 0x48, 0xa3, 0xd7, 0xd5, 0x38, 0x9e, 0x34, 0x21, 0x4c, 0x89, 0x42, 0x36, 0x53, 0x3c, + 0x4c, 0xc0, 0xe3, 0xc2, 0x81, 0x4a, 0xb1, 0x80, 0xc2, 0xb2, 0x28, 0xa4, 0x22, 0x60, 0x55, 0xfb, + 0xb1, 0x60, 0x37, 0x92, 0x5a, 0xa3, 0xc6, 0x52, 0xb7, 0xaa, 0xbb, 0x27, 0x89, 0x7e, 0x83, 0x15, + 0x3b, 0x3e, 0x83, 0x5f, 0xc8, 0x92, 0x25, 0x95, 0x85, 0x8b, 0x32, 0x1f, 0xc0, 0x2f, 0xa4, 0xba, + 0xe7, 0xa1, 0x19, 0x27, 0x1b, 0x55, 0x9f, 0x7b, 0xce, 0x69, 0xdd, 0xb9, 0x7d, 0x7a, 0x06, 0x10, + 0x9f, 0xfc, 0x46, 0xa6, 0xea, 0x48, 0x6d, 0xd6, 0x44, 0x06, 0x6b, 0xc1, 0x15, 0x47, 0x8d, 0xa4, + 0xd6, 0x75, 0x05, 0x99, 0xcb, 0x22, 0xd3, 0x7d, 0x47, 0x12, 0x29, 0x29, 0x67, 0xa5, 0xa2, 0x27, + 0x15, 0x17, 0x61, 0x44, 0x22, 0xc1, 0xe3, 0x75, 0x89, 0x39, 0x8c, 0xa8, 0x5a, 0xc4, 0x93, 0x60, + 0xca, 0x57, 0x47, 0x11, 0x8f, 0xf8, 0x91, 0x29, 0x4f, 0xe2, 0xb9, 0x41, 0x06, 0x98, 0x55, 0x22, + 0xf7, 0x9f, 0x40, 0x1d, 0x87, 0x2c, 0x22, 0xe8, 0x21, 0x34, 0xce, 0xe6, 0x73, 0x49, 0x94, 0x67, + 0xed, 0x5b, 0x07, 0x36, 0x4e, 0x91, 0xae, 0x3f, 0x25, 0x2c, 0x52, 0x0b, 0xaf, 0x9a, 0xd4, 0x13, + 0xe4, 0x7f, 0x05, 0x70, 0x29, 0x89, 0x18, 0x92, 0x70, 0x46, 0x04, 0x72, 0xa1, 0xf6, 0x13, 0xd9, + 0x18, 0x6b, 0x1b, 0xeb, 0x25, 0x7a, 0x00, 0xf5, 0xab, 0x70, 0x19, 0x13, 0x63, 0x6b, 0xe3, 0x04, + 0xf8, 0x7f, 0xd9, 0xd0, 0x48, 0x2d, 0x3e, 0xd8, 0x4f, 0x29, 0xbb, 0x36, 0x9e, 0xce, 0xb1, 0x13, + 0x24, 0x03, 0x08, 0x74, 0x6d, 0x58, 0xc1, 0x86, 0x43, 0x9f, 0x43, 0x0b, 0x93, 0x19, 0x15, 0x64, + 0xaa, 0xcc, 0x3e, 0x9d, 0xe3, 0x9d, 0x40, 0x0f, 0x28, 0x38, 0x99, 0xcd, 0x04, 0x91, 0x72, 0x58, + 0xc1, 0xb9, 0x00, 0x95, 0x3a, 0xf2, 0x6a, 0x46, 0x8e, 0xb2, 0x6d, 0xb7, 0xcc, 0xb0, 0x82, 0x8b, + 0x9d, 0x7f, 0x09, 0xed, 0x0b, 0x11, 0x32, 0x39, 0xe7, 0x62, 0xe5, 0xd9, 0xc6, 0x74, 0x3f, 0x33, + 0xe5, 0xc4, 0xb0, 0x82, 0xb7, 0x2a, 0x63, 0xe1, 0xab, 0x89, 0x54, 0x9c, 0x11, 0xaf, 0x7e, 0xc7, + 0x92, 0x11, 0xc6, 0x92, 0x01, 0xf4, 0x35, 0x34, 0xae, 0x88, 0xa0, 0xf3, 0x8d, 0xd7, 0x30, 0xfa, + 0xf7, 0x83, 0xf4, 0x54, 0x03, 0x53, 0xa6, 0xd3, 0x50, 0x51, 0xce, 0xf2, 0x06, 0x53, 0x31, 0xfa, + 0x04, 0x5a, 0x43, 0xbe, 0xe2, 0xc3, 0x50, 0x2e, 0xbc, 0xe6, 0xbe, 0x75, 0xe0, 0xf4, 0x5b, 0xaf, + 0x6e, 0xf6, 0x6c, 0x8d, 0xf5, 0xa3, 0x67, 0x1c, 0x7a, 0x04, 0xbb, 0xe3, 0x70, 0xb3, 0xe4, 0xe1, + 0xec, 0x74, 0x41, 0xa6, 0xd7, 0x32, 0x5e, 0x79, 0x2d, 0x2d, 0x1f, 0x56, 0xf0, 0x5d, 0x02, 0x3d, + 0x81, 0xf6, 0x88, 0x29, 0x12, 0x09, 0xaa, 0x36, 0x5e, 0xdb, 0x74, 0xf3, 0x5e, 0xd6, 0x7d, 0x4e, + 0xe4, 0x9d, 0x6c, 0xb5, 0xe8, 0x7b, 0x70, 0xce, 0x93, 0xd4, 0xfd, 0xa8, 0x53, 0xe7, 0x81, 0xf1, + 0x76, 0x83, 0x62, 0x14, 0x83, 0xa2, 0x62, 0x58, 0xc1, 0x25, 0x87, 0x1e, 0xdc, 0x38, 0x9e, 0x2c, + 0xe9, 0x54, 0x67, 0xa5, 0x53, 0x1e, 0x5c, 0x4e, 0xe8, 0x3f, 0xcd, 0x41, 0xbf, 0x99, 0xc6, 0xc8, + 0xef, 0x14, 0x86, 0xee, 0xff, 0x6f, 0x81, 0x73, 0xbe, 0x91, 0x8a, 0xac, 0xd2, 0x53, 0xf4, 0xa0, + 0x79, 0x45, 0x84, 0x1e, 0x68, 0x1a, 0xdf, 0x0c, 0xa2, 0x8f, 0x60, 0x27, 0x9d, 0x40, 0x29, 0xc6, + 0xe5, 0x22, 0xea, 0x42, 0x75, 0x34, 0x30, 0x99, 0x71, 0xfa, 0xf0, 0xf2, 0x66, 0xaf, 0xf2, 0xea, + 0x66, 0xaf, 0x3a, 0x1a, 0xe0, 0xea, 0x68, 0x80, 0x3e, 0x83, 0xe6, 0xd9, 0x73, 0x46, 0xc4, 0x68, + 0x60, 0xf2, 0xe1, 0xf4, 0x77, 0x53, 0x41, 0x56, 0xc6, 0xd9, 0x02, 0x7d, 0x00, 0xb5, 0xd3, 0xd1, + 0xc0, 0x64, 0xc2, 0xe9, 0x77, 0x52, 0x99, 0x2e, 0x61, 0xfd, 0x83, 0xbe, 0x81, 0xf6, 0xa9, 0x20, + 0xa1, 0x22, 0xb3, 0x13, 0x95, 0x06, 0xe1, 0xdd, 0xec, 0xf9, 0x0d, 0x41, 0x39, 0x1b, 0x73, 0xca, + 0x54, 0xdf, 0xd6, 0x5e, 0xbc, 0x55, 0xfb, 0x27, 0xb0, 0x53, 0x52, 0xa0, 0x2e, 0xb4, 0x2e, 0x19, + 0x7d, 0x71, 0x41, 0x57, 0xc4, 0x3c, 0x72, 0x0d, 0xe7, 0x58, 0xdf, 0xbd, 0x1f, 0xd6, 0x7c, 0x9a, + 0x3d, 0x6b, 0x02, 0x7c, 0x0a, 0xbb, 0x77, 0xce, 0x17, 0x1d, 0xc0, 0x6e, 0xb2, 0x92, 0x79, 0x6e, + 0xf4, 0x5e, 0x0e, 0xbe, 0x5b, 0x46, 0x5f, 0xc0, 0xfd, 0x6c, 0x7d, 0x4e, 0x23, 0x16, 0xaa, 0x58, + 0x24, 0x57, 0xdb, 0xc1, 0x6f, 0x12, 0xfe, 0x9f, 0x56, 0x72, 0xb9, 0xd1, 0xc7, 0x60, 0xeb, 0x97, + 0x93, 0xd9, 0xf5, 0xde, 0xf6, 0xb0, 0x35, 0x17, 0x5c, 0x6c, 0xd6, 0x04, 0x1b, 0x3a, 0x1d, 0x7f, + 0xf5, 0x6d, 0xe3, 0xf7, 0x2f, 0xc0, 0xd6, 0x4a, 0xd4, 0x81, 0xe6, 0x25, 0xbb, 0x66, 0xfc, 0x39, + 0x73, 0x2b, 0x08, 0xa0, 0x31, 0x0e, 0x05, 0x61, 0xca, 0xb5, 0x90, 0x03, 0xad, 0xb1, 0x20, 0xcf, + 0x28, 0x8f, 0xa5, 0x5b, 0x45, 0x2d, 0xb0, 0x7f, 0x21, 0x2f, 0x94, 0x5b, 0x43, 0x6d, 0xa8, 0x9f, + 0x2e, 0xe8, 0x72, 0xe6, 0xda, 0xc8, 0x2d, 0x47, 0xd7, 0xad, 0xfb, 0xcb, 0xc2, 0xb5, 0x47, 0x8f, + 0x4a, 0x5d, 0x3e, 0x7c, 0xe3, 0xfa, 0x17, 0x5a, 0xf5, 0x1f, 0xbf, 0xad, 0x9d, 0x36, 0xd4, 0xcf, + 0xd7, 0x4b, 0xaa, 0xbb, 0x69, 0x81, 0xad, 0xe7, 0xe0, 0x56, 0x75, 0xf1, 0x67, 0x1e, 0x2f, 0x67, + 0x6e, 0xcd, 0xff, 0xdd, 0x82, 0xc6, 0x99, 0xd9, 0x14, 0x7d, 0x57, 0x4e, 0x6e, 0xfa, 0xfa, 0x7b, + 0x90, 0xfd, 0x67, 0x91, 0x4b, 0x53, 0x50, 0x4e, 0x7a, 0x00, 0xcd, 0xf4, 0x6c, 0xbc, 0xea, 0x7e, + 0xed, 0xa0, 0x73, 0x7c, 0x2f, 0xb3, 0x96, 0x4c, 0x99, 0x48, 0xdf, 0x8c, 0x34, 0xea, 0x49, 0xbc, + 0x71, 0x06, 0xfd, 0x0f, 0x0b, 0xb7, 0x71, 0xfb, 0xba, 0x4e, 0xce, 0x3f, 0x01, 0xfd, 0x6f, 0x5f, + 0xde, 0xf6, 0xac, 0xbf, 0x6f, 0x7b, 0xd6, 0x3f, 0xb7, 0x3d, 0xeb, 0xdf, 0xdb, 0x9e, 0xf5, 0xc7, + 0x7f, 0xbd, 0xca, 0xaf, 0x9f, 0x16, 0x3e, 0x31, 0x4c, 0xae, 0xa7, 0xd3, 0xc3, 0x19, 0x79, 0x76, + 0xc4, 0x08, 0x9f, 0xcb, 0xc3, 0xe4, 0x03, 0x93, 0x74, 0x34, 0x69, 0x18, 0xf4, 0xf8, 0x75, 0x00, + 0x00, 0x00, 0xff, 0xff, 0x95, 0x5d, 0xc3, 0x1e, 0xf1, 0x06, 0x00, 0x00, } func (m *Range) Marshal() (dAtA []byte, err error) { @@ -1142,6 +1202,27 @@ func (m *Header_StorageGroup) MarshalToSizedBuffer(dAtA []byte) (int, error) { } return len(dAtA) - i, nil } +func (m *Header_PublicKey) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Header_PublicKey) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + if m.PublicKey != nil { + { + size, err := m.PublicKey.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintTypes(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x5a + } + return len(dAtA) - i, nil +} func (m *Tombstone) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -1456,6 +1537,40 @@ func (m *Object) MarshalToSizedBuffer(dAtA []byte) (int, error) { return len(dAtA) - i, nil } +func (m *PublicKey) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *PublicKey) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *PublicKey) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if len(m.Value) > 0 { + i -= len(m.Value) + copy(dAtA[i:], m.Value) + i = encodeVarintTypes(dAtA, i, uint64(len(m.Value))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + func encodeVarintTypes(dAtA []byte, offset int, v uint64) int { offset -= sovTypes(v) base := offset @@ -1638,6 +1753,18 @@ func (m *Header_StorageGroup) Size() (n int) { } return n } +func (m *Header_PublicKey) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.PublicKey != nil { + l = m.PublicKey.Size() + n += 1 + l + sovTypes(uint64(l)) + } + return n +} func (m *Tombstone) Size() (n int) { if m == nil { return 0 @@ -1770,6 +1897,22 @@ func (m *Object) Size() (n int) { return n } +func (m *PublicKey) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Value) + if l > 0 { + n += 1 + l + sovTypes(uint64(l)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + func sovTypes(x uint64) (n int) { return (math_bits.Len64(x|1) + 6) / 7 } @@ -2364,6 +2507,41 @@ func (m *Header) Unmarshal(dAtA []byte) error { } m.Value = &Header_StorageGroup{v} iNdEx = postIndex + case 11: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field PublicKey", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTypes + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthTypes + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthTypes + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + v := &PublicKey{} + if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + m.Value = &Header_PublicKey{v} + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipTypes(dAtA[iNdEx:]) @@ -3215,6 +3393,94 @@ func (m *Object) Unmarshal(dAtA []byte) error { } return nil } +func (m *PublicKey) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTypes + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: PublicKey: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: PublicKey: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTypes + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthTypes + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthTypes + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Value = append(m.Value[:0], dAtA[iNdEx:postIndex]...) + if m.Value == nil { + m.Value = []byte{} + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipTypes(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthTypes + } + if (iNdEx + skippy) < 0 { + return ErrInvalidLengthTypes + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} func skipTypes(dAtA []byte) (n int, err error) { l := len(dAtA) iNdEx := 0 diff --git a/object/types.proto b/object/types.proto index 8f50f76..293f347 100644 --- a/object/types.proto +++ b/object/types.proto @@ -45,6 +45,8 @@ message Header { IntegrityHeader Integrity = 9; // StorageGroup contains meta information for the data audit storagegroup.StorageGroup StorageGroup = 10; + // PublicKey of owner of the object. Key is used for verification and can be based on NeoID or x509 cert. + PublicKey PublicKey = 11; } } @@ -122,3 +124,8 @@ message Object { // Payload is an object's payload bytes Payload = 3; } + +message PublicKey { + // Value contains marshaled ecdsa public key + bytes Value = 1; +} From c2f63107d0c20ad0c1edfa1745ba6b2d4b50f644 Mon Sep 17 00:00:00 2001 From: alexvanin Date: Thu, 16 Jan 2020 14:21:34 +0300 Subject: [PATCH 3/5] docs: Add doc about new public key header in object --- docs/object.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/docs/object.md b/docs/object.md index e9248ba..7e86325 100644 --- a/docs/object.md +++ b/docs/object.md @@ -33,6 +33,7 @@ - [IntegrityHeader](#object.IntegrityHeader) - [Link](#object.Link) - [Object](#object.Object) + - [PublicKey](#object.PublicKey) - [Range](#object.Range) - [SystemHeader](#object.SystemHeader) - [Tombstone](#object.Tombstone) @@ -368,6 +369,7 @@ in distributed system. | PayloadChecksum | [bytes](#bytes) | | PayloadChecksum of actual object's payload | | Integrity | [IntegrityHeader](#object.IntegrityHeader) | | Integrity header with checksum of all above headers in the object | | StorageGroup | [storagegroup.StorageGroup](#storagegroup.StorageGroup) | | StorageGroup contains meta information for the data audit | +| PublicKey | [PublicKey](#object.PublicKey) | | PublicKey of owner of the object. Key is used for verification and can be based on NeoID or x509 cert. | @@ -407,6 +409,17 @@ in distributed system. | Payload | [bytes](#bytes) | | Payload is an object's payload | + + +### Message PublicKey + + + +| Field | Type | Label | Description | +| ----- | ---- | ----- | ----------- | +| Value | [bytes](#bytes) | | Value contains marshaled ecdsa public key | + + ### Message Range From f1418ef79dd7e998954a9f02ba9733f39124ed39 Mon Sep 17 00:00:00 2001 From: alexvanin Date: Thu, 16 Jan 2020 14:38:08 +0300 Subject: [PATCH 4/5] object: Add `CreateIntegrityHeader` function CreateIntegrityHeader function allow to optimize object put pipeline in neofs nodes. --- object/verification.go | 27 +++++++++++++++++++-------- 1 file changed, 19 insertions(+), 8 deletions(-) diff --git a/object/verification.go b/object/verification.go index 761c04e..cbf12ab 100644 --- a/object/verification.go +++ b/object/verification.go @@ -63,6 +63,7 @@ func (m Object) verifySignature(key []byte, ih *IntegrityHeader) error { // Verify performs local integrity check by finding verification header and // integrity header. If header integrity is passed, function verifies // checksum of the object payload. +// todo: move this verification logic into separate library func (m Object) Verify() error { var ( err error @@ -111,22 +112,32 @@ func (m Object) Verify() error { return nil } -// Sign creates new integrity header and adds it to the end of the list of -// extended headers. -func (m *Object) Sign(key *ecdsa.PrivateKey) error { - headerChecksum, err := m.headersChecksum(false) +// CreateIntegrityHeader returns signed integrity header for the object +func CreateIntegrityHeader(obj *Object, key *ecdsa.PrivateKey) (*Header, error) { + headerChecksum, err := obj.headersChecksum(false) if err != nil { - return err + return nil, err } headerChecksumSignature, err := crypto.Sign(key, headerChecksum) if err != nil { - return err + return nil, err } - m.AddHeader(&Header{Value: &Header_Integrity{ + + return &Header{Value: &Header_Integrity{ Integrity: &IntegrityHeader{ HeadersChecksum: headerChecksum, ChecksumSignature: headerChecksumSignature, }, - }}) + }}, nil +} + +// Sign creates new integrity header and adds it to the end of the list of +// extended headers. +func (m *Object) Sign(key *ecdsa.PrivateKey) error { + ih, err := CreateIntegrityHeader(m, key) + if err != nil { + return err + } + m.AddHeader(ih) return nil } From 81cdfcc502a47ddc4f781903585f7ab264fa45f3 Mon Sep 17 00:00:00 2001 From: alexvanin Date: Thu, 16 Jan 2020 17:32:57 +0300 Subject: [PATCH 5/5] object: Update verify routine Verify routine now supports public key field to check if integrity header contains correct signature of object header. Verify also have strict check that integrity header is last header in the list of headers. --- object/extensions.go | 1 + object/verification.go | 28 +++++++++++++-------- object/verification_test.go | 50 ++++++++++++++++++++++++++++++++++--- 3 files changed, 64 insertions(+), 15 deletions(-) diff --git a/object/extensions.go b/object/extensions.go index 7427079..f6b10ab 100644 --- a/object/extensions.go +++ b/object/extensions.go @@ -1,4 +1,5 @@ package object +// todo: all extensions must be transferred to the separate util library import "github.com/nspcc-dev/neofs-proto/storagegroup" diff --git a/object/verification.go b/object/verification.go index cbf12ab..742375a 100644 --- a/object/verification.go +++ b/object/verification.go @@ -68,24 +68,30 @@ func (m Object) Verify() error { var ( err error checksum []byte + pubkey []byte ) - // Prepare structures - _, vh := m.LastHeader(HeaderType(VerifyHdr)) - if vh == nil { - return ErrHeaderNotFound - } - verify := vh.Value.(*Header_Verify).Verify - - _, ih := m.LastHeader(HeaderType(IntegrityHdr)) - if ih == nil { + ind, ih := m.LastHeader(HeaderType(IntegrityHdr)) + if ih == nil || ind != len(m.Headers) - 1{ return ErrHeaderNotFound } integrity := ih.Value.(*Header_Integrity).Integrity + // Prepare structures + _, vh := m.LastHeader(HeaderType(VerifyHdr)) + if vh == nil { + _, pkh := m.LastHeader(HeaderType(PublicKeyHdr)) + if pkh == nil { + return ErrHeaderNotFound + } + pubkey = pkh.Value.(*Header_PublicKey).PublicKey.Value + } else { + pubkey = vh.Value.(*Header_Verify).Verify.PublicKey + } + // Verify signature - err = m.verifySignature(verify.PublicKey, integrity) + err = m.verifySignature(pubkey, integrity) if err != nil { - return errors.Wrapf(err, "public key: %x", verify.PublicKey) + return errors.Wrapf(err, "public key: %x", pubkey) } // Verify checksum of header diff --git a/object/verification_test.go b/object/verification_test.go index f91e051..b538023 100644 --- a/object/verification_test.go +++ b/object/verification_test.go @@ -56,7 +56,7 @@ func TestObject_Verify(t *testing.T) { obj.SetPayload(payload) obj.SetHeader(&Header{Value: &Header_PayloadChecksum{[]byte("incorrect checksum")}}) - t.Run("error no integrity header", func(t *testing.T) { + t.Run("error no integrity header and pubkey", func(t *testing.T) { err = obj.Verify() require.EqualError(t, err, ErrHeaderNotFound.Error()) }) @@ -83,12 +83,25 @@ func TestObject_Verify(t *testing.T) { } obj.SetVerificationHeader(vh) + // validation header is not last + t.Run("error validation header is not last", func(t *testing.T) { + err = obj.Verify() + require.EqualError(t, err, ErrHeaderNotFound.Error()) + }) + + obj.Headers = obj.Headers[:len(obj.Headers)-2] + obj.SetVerificationHeader(vh) + obj.SetHeader(&Header{Value: &Header_Integrity{ih}}) + t.Run("error invalid header checksum", func(t *testing.T) { err = obj.Verify() require.EqualError(t, err, ErrVerifyHeader.Error()) }) - require.NoError(t, obj.Sign(sessionkey)) + obj.Headers = obj.Headers[:len(obj.Headers)-1] + genIH, err := CreateIntegrityHeader(obj, sessionkey) + require.NoError(t, err) + obj.SetHeader(genIH) t.Run("error invalid payload checksum", func(t *testing.T) { err = obj.Verify() @@ -96,10 +109,39 @@ func TestObject_Verify(t *testing.T) { }) obj.SetHeader(&Header{Value: &Header_PayloadChecksum{obj.PayloadChecksum()}}) - require.NoError(t, obj.Sign(sessionkey)) - t.Run("correct", func(t *testing.T) { + obj.Headers = obj.Headers[:len(obj.Headers)-1] + genIH, err = CreateIntegrityHeader(obj, sessionkey) + require.NoError(t, err) + obj.SetHeader(genIH) + + t.Run("correct with vh", func(t *testing.T) { err = obj.Verify() require.NoError(t, err) }) + + pkh := Header{Value: &Header_PublicKey{&PublicKey{ + Value: crypto.MarshalPublicKey(&key.PublicKey), + }}} + // replace vh with pkh + obj.Headers[len(obj.Headers)-2] = pkh + // re-sign object + obj.Sign(sessionkey) + + + t.Run("incorrect with bad public key", func(t *testing.T) { + err = obj.Verify() + require.Error(t, err) + }) + + obj.SetHeader(&Header{Value: &Header_PublicKey{&PublicKey{ + Value: dataPK, + }}}) + obj.Sign(sessionkey) + + t.Run("correct with good public key", func(t *testing.T) { + err = obj.Verify() + require.NoError(t, err) + }) + }