[#562] cmd/neofs-ir: use NEP-6 wallet for keys
Also remove neofs-crypto uses from `pkg/innerring`. Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
This commit is contained in:
parent
88b4fe009a
commit
1553967328
7 changed files with 85 additions and 31 deletions
|
@ -52,7 +52,9 @@ func defaultConfiguration(cfg *viper.Viper) {
|
||||||
cfg.SetDefault("mainnet.endpoint.notification", "")
|
cfg.SetDefault("mainnet.endpoint.notification", "")
|
||||||
cfg.SetDefault("mainnet.dial_timeout", "10s")
|
cfg.SetDefault("mainnet.dial_timeout", "10s")
|
||||||
|
|
||||||
cfg.SetDefault("key", "") // inner ring node key
|
cfg.SetDefault("wallet.path", "") // inner ring node NEP-6 wallet
|
||||||
|
cfg.SetDefault("wallet.address", "") // account address
|
||||||
|
cfg.SetDefault("wallet.password", "") // password
|
||||||
|
|
||||||
cfg.SetDefault("contracts.netmap", "")
|
cfg.SetDefault("contracts.netmap", "")
|
||||||
cfg.SetDefault("contracts.neofs", "")
|
cfg.SetDefault("contracts.neofs", "")
|
||||||
|
|
|
@ -2,13 +2,11 @@ package innerring
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"crypto/ecdsa"
|
|
||||||
"fmt"
|
"fmt"
|
||||||
"sync"
|
"sync"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||||
crypto "github.com/nspcc-dev/neofs-crypto"
|
|
||||||
"github.com/nspcc-dev/neofs-node/pkg/morph/client"
|
"github.com/nspcc-dev/neofs-node/pkg/morph/client"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -17,7 +15,7 @@ type (
|
||||||
sync.RWMutex
|
sync.RWMutex
|
||||||
|
|
||||||
cli *client.Client
|
cli *client.Client
|
||||||
key *ecdsa.PublicKey
|
key *keys.PublicKey
|
||||||
timeout time.Duration
|
timeout time.Duration
|
||||||
|
|
||||||
ind indexes
|
ind indexes
|
||||||
|
@ -31,7 +29,7 @@ type (
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
func newInnerRingIndexer(cli *client.Client, key *ecdsa.PublicKey, to time.Duration) *innerRingIndexer {
|
func newInnerRingIndexer(cli *client.Client, key *keys.PublicKey, to time.Duration) *innerRingIndexer {
|
||||||
return &innerRingIndexer{
|
return &innerRingIndexer{
|
||||||
cli: cli,
|
cli: cli,
|
||||||
key: key,
|
key: key,
|
||||||
|
@ -104,9 +102,9 @@ func (s *innerRingIndexer) AlphabetIndex() (int32, error) {
|
||||||
|
|
||||||
// keyPosition returns "-1" if key is not found in the list, otherwise returns
|
// keyPosition returns "-1" if key is not found in the list, otherwise returns
|
||||||
// index of the key.
|
// index of the key.
|
||||||
func keyPosition(key *ecdsa.PublicKey, list keys.PublicKeys) (result int32) {
|
func keyPosition(key *keys.PublicKey, list keys.PublicKeys) (result int32) {
|
||||||
result = -1
|
result = -1
|
||||||
rawBytes := crypto.MarshalPublicKey(key)
|
rawBytes := key.Bytes()
|
||||||
|
|
||||||
for i := range list {
|
for i := range list {
|
||||||
if bytes.Equal(list[i].Bytes(), rawBytes) {
|
if bytes.Equal(list[i].Bytes(), rawBytes) {
|
||||||
|
|
|
@ -2,7 +2,6 @@ package innerring
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"crypto/ecdsa"
|
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
|
@ -11,7 +10,6 @@ import (
|
||||||
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/encoding/fixedn"
|
"github.com/nspcc-dev/neo-go/pkg/encoding/fixedn"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/util"
|
"github.com/nspcc-dev/neo-go/pkg/util"
|
||||||
crypto "github.com/nspcc-dev/neofs-crypto"
|
|
||||||
"github.com/nspcc-dev/neofs-node/pkg/innerring/config"
|
"github.com/nspcc-dev/neofs-node/pkg/innerring/config"
|
||||||
"github.com/nspcc-dev/neofs-node/pkg/innerring/processors/alphabet"
|
"github.com/nspcc-dev/neofs-node/pkg/innerring/processors/alphabet"
|
||||||
"github.com/nspcc-dev/neofs-node/pkg/innerring/processors/audit"
|
"github.com/nspcc-dev/neofs-node/pkg/innerring/processors/audit"
|
||||||
|
@ -35,6 +33,7 @@ import (
|
||||||
"github.com/nspcc-dev/neofs-node/pkg/morph/timer"
|
"github.com/nspcc-dev/neofs-node/pkg/morph/timer"
|
||||||
audittask "github.com/nspcc-dev/neofs-node/pkg/services/audit/taskmanager"
|
audittask "github.com/nspcc-dev/neofs-node/pkg/services/audit/taskmanager"
|
||||||
util2 "github.com/nspcc-dev/neofs-node/pkg/util"
|
util2 "github.com/nspcc-dev/neofs-node/pkg/util"
|
||||||
|
utilConfig "github.com/nspcc-dev/neofs-node/pkg/util/config"
|
||||||
"github.com/nspcc-dev/neofs-node/pkg/util/precision"
|
"github.com/nspcc-dev/neofs-node/pkg/util/precision"
|
||||||
"github.com/panjf2000/ants/v2"
|
"github.com/panjf2000/ants/v2"
|
||||||
"github.com/spf13/viper"
|
"github.com/spf13/viper"
|
||||||
|
@ -68,7 +67,7 @@ type (
|
||||||
sideNotaryConfig *notaryConfig
|
sideNotaryConfig *notaryConfig
|
||||||
|
|
||||||
// internal variables
|
// internal variables
|
||||||
key *ecdsa.PrivateKey
|
key *keys.PrivateKey
|
||||||
pubKey []byte
|
pubKey []byte
|
||||||
contracts *contracts
|
contracts *contracts
|
||||||
predefinedValidators keys.PublicKeys
|
predefinedValidators keys.PublicKeys
|
||||||
|
@ -110,7 +109,7 @@ type (
|
||||||
chainParams struct {
|
chainParams struct {
|
||||||
log *zap.Logger
|
log *zap.Logger
|
||||||
cfg *viper.Viper
|
cfg *viper.Viper
|
||||||
key *ecdsa.PrivateKey
|
key *keys.PrivateKey
|
||||||
name string
|
name string
|
||||||
gas util.Uint160
|
gas util.Uint160
|
||||||
}
|
}
|
||||||
|
@ -264,11 +263,16 @@ func New(ctx context.Context, log *zap.Logger, cfg *viper.Viper) (*Server, error
|
||||||
server.mainNotaryConfig, server.sideNotaryConfig = parseNotaryConfigs(cfg)
|
server.mainNotaryConfig, server.sideNotaryConfig = parseNotaryConfigs(cfg)
|
||||||
|
|
||||||
// prepare inner ring node private key
|
// prepare inner ring node private key
|
||||||
server.key, err = crypto.LoadPrivateKey(cfg.GetString("key"))
|
acc, err := utilConfig.LoadAccount(
|
||||||
|
cfg.GetString("wallet.path"),
|
||||||
|
cfg.GetString("wallet.address"),
|
||||||
|
cfg.GetString("wallet.password"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("ir: can't create private key: %w", err)
|
return nil, fmt.Errorf("ir: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
server.key = acc.PrivateKey()
|
||||||
|
|
||||||
// get all script hashes of contracts
|
// get all script hashes of contracts
|
||||||
server.contracts, err = parseContracts(cfg)
|
server.contracts, err = parseContracts(cfg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -344,11 +348,11 @@ func New(ctx context.Context, log *zap.Logger, cfg *viper.Viper) (*Server, error
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
server.pubKey = crypto.MarshalPublicKey(&server.key.PublicKey)
|
server.pubKey = server.key.PublicKey().Bytes()
|
||||||
|
|
||||||
server.statusIndex = newInnerRingIndexer(
|
server.statusIndex = newInnerRingIndexer(
|
||||||
server.morphClient,
|
server.morphClient,
|
||||||
&server.key.PublicKey,
|
server.key.PublicKey(),
|
||||||
cfg.GetDuration("indexer.cache_timeout"),
|
cfg.GetDuration("indexer.cache_timeout"),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -394,7 +398,7 @@ func New(ctx context.Context, log *zap.Logger, cfg *viper.Viper) (*Server, error
|
||||||
|
|
||||||
clientCache := newClientCache(&clientCacheParams{
|
clientCache := newClientCache(&clientCacheParams{
|
||||||
Log: log,
|
Log: log,
|
||||||
Key: server.key,
|
Key: &server.key.PrivateKey,
|
||||||
SGTimeout: cfg.GetDuration("audit.timeout.get"),
|
SGTimeout: cfg.GetDuration("audit.timeout.get"),
|
||||||
HeadTimeout: cfg.GetDuration("audit.timeout.head"),
|
HeadTimeout: cfg.GetDuration("audit.timeout.head"),
|
||||||
RangeTimeout: cfg.GetDuration("audit.timeout.rangehash"),
|
RangeTimeout: cfg.GetDuration("audit.timeout.rangehash"),
|
||||||
|
@ -432,7 +436,7 @@ func New(ctx context.Context, log *zap.Logger, cfg *viper.Viper) (*Server, error
|
||||||
IRList: server,
|
IRList: server,
|
||||||
FeeProvider: server.feeConfig,
|
FeeProvider: server.feeConfig,
|
||||||
ClientCache: clientCache,
|
ClientCache: clientCache,
|
||||||
Key: server.key,
|
Key: &server.key.PrivateKey,
|
||||||
RPCSearchTimeout: cfg.GetDuration("audit.timeout.search"),
|
RPCSearchTimeout: cfg.GetDuration("audit.timeout.search"),
|
||||||
TaskManager: auditTaskManager,
|
TaskManager: auditTaskManager,
|
||||||
Reporter: server,
|
Reporter: server,
|
||||||
|
@ -738,7 +742,7 @@ func createListener(ctx context.Context, p *chainParams) (event.Listener, error)
|
||||||
|
|
||||||
func createClient(ctx context.Context, p *chainParams) (*client.Client, error) {
|
func createClient(ctx context.Context, p *chainParams) (*client.Client, error) {
|
||||||
return client.New(
|
return client.New(
|
||||||
p.key,
|
&p.key.PrivateKey,
|
||||||
p.cfg.GetString(p.name+".endpoint.client"),
|
p.cfg.GetString(p.name+".endpoint.client"),
|
||||||
client.WithContext(ctx),
|
client.WithContext(ctx),
|
||||||
client.WithLogger(p.log),
|
client.WithLogger(p.log),
|
||||||
|
|
|
@ -1,21 +1,25 @@
|
||||||
package netmap
|
package netmap
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/ecdsa"
|
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||||
"github.com/nspcc-dev/neofs-api-go/pkg/netmap"
|
"github.com/nspcc-dev/neofs-api-go/pkg/netmap"
|
||||||
crypto "github.com/nspcc-dev/neofs-crypto"
|
|
||||||
"github.com/nspcc-dev/neofs-node/pkg/util/test"
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
func genKey(t *testing.T) *keys.PrivateKey {
|
||||||
|
priv, err := keys.NewPrivateKey()
|
||||||
|
require.NoError(t, err)
|
||||||
|
return priv
|
||||||
|
}
|
||||||
|
|
||||||
func TestCleanupTable(t *testing.T) {
|
func TestCleanupTable(t *testing.T) {
|
||||||
infos := []netmap.NodeInfo{
|
infos := []netmap.NodeInfo{
|
||||||
newNodeInfo(&test.DecodeKey(1).PublicKey),
|
newNodeInfo(genKey(t).PublicKey()),
|
||||||
newNodeInfo(&test.DecodeKey(2).PublicKey),
|
newNodeInfo(genKey(t).PublicKey()),
|
||||||
newNodeInfo(&test.DecodeKey(3).PublicKey),
|
newNodeInfo(genKey(t).PublicKey()),
|
||||||
}
|
}
|
||||||
|
|
||||||
networkMap, err := netmap.NewNetmap(netmap.NodesFromInfo(infos))
|
networkMap, err := netmap.NewNetmap(netmap.NodesFromInfo(infos))
|
||||||
|
@ -117,7 +121,7 @@ func TestCleanupTable(t *testing.T) {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func newNodeInfo(key *ecdsa.PublicKey) (n netmap.NodeInfo) {
|
func newNodeInfo(key *keys.PublicKey) (n netmap.NodeInfo) {
|
||||||
n.SetPublicKey(crypto.MarshalPublicKey(key))
|
n.SetPublicKey(key.Bytes())
|
||||||
return n
|
return n
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,14 +2,16 @@ package audit
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
|
"crypto/ecdsa"
|
||||||
|
"crypto/elliptic"
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
"math/big"
|
"math/big"
|
||||||
|
|
||||||
|
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||||
"github.com/nspcc-dev/neofs-api-go/pkg/audit"
|
"github.com/nspcc-dev/neofs-api-go/pkg/audit"
|
||||||
cid "github.com/nspcc-dev/neofs-api-go/pkg/container/id"
|
cid "github.com/nspcc-dev/neofs-api-go/pkg/container/id"
|
||||||
"github.com/nspcc-dev/neofs-api-go/pkg/object"
|
"github.com/nspcc-dev/neofs-api-go/pkg/object"
|
||||||
"github.com/nspcc-dev/neofs-api-go/pkg/owner"
|
"github.com/nspcc-dev/neofs-api-go/pkg/owner"
|
||||||
crypto "github.com/nspcc-dev/neofs-crypto"
|
|
||||||
"github.com/nspcc-dev/neofs-node/pkg/innerring/processors/settlement/common"
|
"github.com/nspcc-dev/neofs-node/pkg/innerring/processors/settlement/common"
|
||||||
"github.com/nspcc-dev/neofs-node/pkg/util/logger"
|
"github.com/nspcc-dev/neofs-node/pkg/util/logger"
|
||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
|
@ -312,9 +314,12 @@ func (c *singleResultCtx) auditEpoch() uint64 {
|
||||||
}
|
}
|
||||||
|
|
||||||
func ownerFromKey(key []byte) (*owner.ID, error) {
|
func ownerFromKey(key []byte) (*owner.ID, error) {
|
||||||
pubKey := crypto.UnmarshalPublicKey(key)
|
pubKey, err := keys.NewPublicKeyFromBytes(key, elliptic.P256())
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
n3wallet, err := owner.NEO3WalletFromPublicKey(pubKey)
|
n3wallet, err := owner.NEO3WalletFromPublicKey((*ecdsa.PublicKey)(pubKey))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,10 +2,13 @@ package innerring
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/ecdsa"
|
||||||
|
"crypto/elliptic"
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
"fmt"
|
"fmt"
|
||||||
"math/big"
|
"math/big"
|
||||||
|
|
||||||
|
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||||
auditAPI "github.com/nspcc-dev/neofs-api-go/pkg/audit"
|
auditAPI "github.com/nspcc-dev/neofs-api-go/pkg/audit"
|
||||||
containerAPI "github.com/nspcc-dev/neofs-api-go/pkg/container"
|
containerAPI "github.com/nspcc-dev/neofs-api-go/pkg/container"
|
||||||
cid "github.com/nspcc-dev/neofs-api-go/pkg/container/id"
|
cid "github.com/nspcc-dev/neofs-api-go/pkg/container/id"
|
||||||
|
@ -13,7 +16,6 @@ import (
|
||||||
"github.com/nspcc-dev/neofs-api-go/pkg/object"
|
"github.com/nspcc-dev/neofs-api-go/pkg/object"
|
||||||
"github.com/nspcc-dev/neofs-api-go/pkg/owner"
|
"github.com/nspcc-dev/neofs-api-go/pkg/owner"
|
||||||
"github.com/nspcc-dev/neofs-api-go/pkg/storagegroup"
|
"github.com/nspcc-dev/neofs-api-go/pkg/storagegroup"
|
||||||
crypto "github.com/nspcc-dev/neofs-crypto"
|
|
||||||
"github.com/nspcc-dev/neofs-node/pkg/core/container"
|
"github.com/nspcc-dev/neofs-node/pkg/core/container"
|
||||||
"github.com/nspcc-dev/neofs-node/pkg/core/netmap"
|
"github.com/nspcc-dev/neofs-node/pkg/core/netmap"
|
||||||
"github.com/nspcc-dev/neofs-node/pkg/innerring/processors/settlement/audit"
|
"github.com/nspcc-dev/neofs-node/pkg/innerring/processors/settlement/audit"
|
||||||
|
@ -181,7 +183,12 @@ func (s settlementDeps) SGInfo(addr *object.Address) (audit.SGInfo, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s settlementDeps) ResolveKey(ni common.NodeInfo) (*owner.ID, error) {
|
func (s settlementDeps) ResolveKey(ni common.NodeInfo) (*owner.ID, error) {
|
||||||
w, err := owner.NEO3WalletFromPublicKey(crypto.UnmarshalPublicKey(ni.PublicKey()))
|
pub, err := keys.NewPublicKeyFromBytes(ni.PublicKey(), elliptic.P256())
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
w, err := owner.NEO3WalletFromPublicKey((*ecdsa.PublicKey)(pub))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
34
pkg/util/config/crypto.go
Normal file
34
pkg/util/config/crypto.go
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
package config
|
||||||
|
|
||||||
|
import (
|
||||||
|
"errors"
|
||||||
|
|
||||||
|
"github.com/nspcc-dev/neo-go/pkg/encoding/address"
|
||||||
|
"github.com/nspcc-dev/neo-go/pkg/wallet"
|
||||||
|
)
|
||||||
|
|
||||||
|
// LoadAccount loads NEP-6 load, unlocks and returns provided account.
|
||||||
|
func LoadAccount(path, addr, password string) (*wallet.Account, error) {
|
||||||
|
w, err := wallet.NewWalletFromFile(path)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
defer w.Close()
|
||||||
|
|
||||||
|
h, err := address.StringToUint160(addr)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
acc := w.GetAccount(h)
|
||||||
|
if acc == nil {
|
||||||
|
return nil, errors.New("account is missing")
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := acc.Decrypt(password); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return acc, nil
|
||||||
|
}
|
Loading…
Reference in a new issue