161 lines
3.3 KiB
Go
161 lines
3.3 KiB
Go
package service
|
|
|
|
import (
|
|
"crypto/ecdsa"
|
|
"encoding/binary"
|
|
|
|
crypto "github.com/nspcc-dev/neofs-crypto"
|
|
)
|
|
|
|
var tokenEndianness = binary.BigEndian
|
|
|
|
// GetID is an ID field getter.
|
|
func (m Token_Info) GetID() TokenID {
|
|
return m.ID
|
|
}
|
|
|
|
// SetID is an ID field setter.
|
|
func (m *Token_Info) SetID(id TokenID) {
|
|
m.ID = id
|
|
}
|
|
|
|
// GetOwnerID is an OwnerID field getter.
|
|
func (m Token_Info) GetOwnerID() OwnerID {
|
|
return m.OwnerID
|
|
}
|
|
|
|
// SetOwnerID is an OwnerID field setter.
|
|
func (m *Token_Info) SetOwnerID(id OwnerID) {
|
|
m.OwnerID = id
|
|
}
|
|
|
|
// SetVerb is a Verb field setter.
|
|
func (m *Token_Info) SetVerb(verb Token_Info_Verb) {
|
|
m.Verb = verb
|
|
}
|
|
|
|
// GetAddress is an Address field getter.
|
|
func (m Token_Info) GetAddress() Address {
|
|
return m.Address
|
|
}
|
|
|
|
// SetAddress is an Address field setter.
|
|
func (m *Token_Info) SetAddress(addr Address) {
|
|
m.Address = addr
|
|
}
|
|
|
|
// CreationEpoch is a Created field getter.
|
|
func (m Token_Info) CreationEpoch() uint64 {
|
|
return m.Created
|
|
}
|
|
|
|
// SetCreationEpoch is a Created field setter.
|
|
func (m *Token_Info) SetCreationEpoch(e uint64) {
|
|
m.Created = e
|
|
}
|
|
|
|
// ExpirationEpoch is a ValidUntil field getter.
|
|
func (m Token_Info) ExpirationEpoch() uint64 {
|
|
return m.ValidUntil
|
|
}
|
|
|
|
// SetExpirationEpoch is a ValidUntil field setter.
|
|
func (m *Token_Info) SetExpirationEpoch(e uint64) {
|
|
m.ValidUntil = e
|
|
}
|
|
|
|
// SetSessionKey is a SessionKey field setter.
|
|
func (m *Token_Info) SetSessionKey(key []byte) {
|
|
m.SessionKey = key
|
|
}
|
|
|
|
// SetSignature is a Signature field setter.
|
|
func (m *Token) SetSignature(sig []byte) {
|
|
m.Signature = sig
|
|
}
|
|
|
|
// Returns byte slice that is used for creation/verification of the token signature.
|
|
func verificationTokenData(token SessionToken) []byte {
|
|
var sz int
|
|
|
|
id := token.GetID()
|
|
sz += id.Size()
|
|
|
|
ownerID := token.GetOwnerID()
|
|
sz += ownerID.Size()
|
|
|
|
verb := uint32(token.GetVerb())
|
|
sz += 4
|
|
|
|
addr := token.GetAddress()
|
|
sz += addr.CID.Size() + addr.ObjectID.Size()
|
|
|
|
cEpoch := token.CreationEpoch()
|
|
sz += 8
|
|
|
|
fEpoch := token.ExpirationEpoch()
|
|
sz += 8
|
|
|
|
key := token.GetSessionKey()
|
|
sz += len(key)
|
|
|
|
data := make([]byte, sz)
|
|
|
|
var off int
|
|
|
|
tokenEndianness.PutUint32(data, verb)
|
|
off += 4
|
|
|
|
tokenEndianness.PutUint64(data[off:], cEpoch)
|
|
off += 8
|
|
|
|
tokenEndianness.PutUint64(data[off:], fEpoch)
|
|
off += 8
|
|
|
|
off += copy(data[off:], id.Bytes())
|
|
off += copy(data[off:], ownerID.Bytes())
|
|
off += copy(data[off:], addr.CID.Bytes())
|
|
off += copy(data[off:], addr.ObjectID.Bytes())
|
|
off += copy(data[off:], key)
|
|
|
|
return data
|
|
}
|
|
|
|
// SignToken calculates and stores the signature of token information.
|
|
//
|
|
// If passed token is nil, ErrNilToken returns.
|
|
// If passed private key is nil, crypto.ErrEmptyPrivateKey returns.
|
|
func SignToken(token SessionToken, key *ecdsa.PrivateKey) error {
|
|
if token == nil {
|
|
return ErrNilToken
|
|
} else if key == nil {
|
|
return crypto.ErrEmptyPrivateKey
|
|
}
|
|
|
|
sig, err := crypto.Sign(key, verificationTokenData(token))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
token.SetSignature(sig)
|
|
|
|
return nil
|
|
}
|
|
|
|
// VerifyTokenSignature checks if token was signed correctly.
|
|
//
|
|
// If passed token is nil, ErrNilToken returns.
|
|
// If passed public key is nil, crypto.ErrEmptyPublicKey returns.
|
|
func VerifyTokenSignature(token SessionToken, key *ecdsa.PublicKey) error {
|
|
if token == nil {
|
|
return ErrNilToken
|
|
} else if key == nil {
|
|
return crypto.ErrEmptyPublicKey
|
|
}
|
|
|
|
return crypto.Verify(
|
|
key,
|
|
verificationTokenData(token),
|
|
token.GetSignature(),
|
|
)
|
|
}
|