[#505] morph/container: Verify signature of deleting container ID

Get all owner keys and verify container ID signature until first success. If none of the keys match, then prohibit deletion. Thus, the delete operation is only allowed to the owner of the container. With this approach, a separate check for key ownership is not required. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-19 19:42:29 +03:00 · 2021-05-19 19:42:29 +03:00 · 369c12b702
parent 83c27f6e8a
commit 369c12b702
1 changed files with 25 additions and 1 deletions
--- a/pkg/innerring/processors/container/process_container.go
+++ b/pkg/innerring/processors/container/process_container.go
@ -96,7 +96,31 @@ func (cp *Processor) processContainerDelete(delete *containerEvent.Delete) {
 }

 func (cp *Processor) checkDeleteContainer(e *containerEvent.Delete) error {
-	return nil
+	cid := e.ContainerID()
+
+	// receive owner of the related container
+	cnr, err := cp.cnrClient.Get(cid)
+	if err != nil {
+		return fmt.Errorf("could not receive the container: %w", err)
+	}
+
+	// receive all owner keys
+	ownerKeys, err := cp.idClient.AccountKeys(cnr.OwnerID())
+	if err != nil {
+		return fmt.Errorf("could not received owner keys %s: %w", cnr.OwnerID(), err)
+	}
+
+	// verify signature
+	cidHash := sha256.Sum256(cid)
+	sig := e.Signature()
+
+	for _, ownerKey := range ownerKeys {
+		if ownerKey.Verify(sig, cidHash[:]) {
+			return nil
+		}
+	}
+
+	return errors.New("signature verification failed on all owner keys ")
 }

 func (cp *Processor) approveDeleteContainer(e *containerEvent.Delete) {