[#505] morph/container: Verify signature of deleting container ID
Get all owner keys and verify container ID signature until first success. If none of the keys match, then prohibit deletion. Thus, the delete operation is only allowed to the owner of the container. With this approach, a separate check for key ownership is not required. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
This commit is contained in:
parent
83c27f6e8a
commit
369c12b702
1 changed files with 25 additions and 1 deletions
|
@ -96,7 +96,31 @@ func (cp *Processor) processContainerDelete(delete *containerEvent.Delete) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cp *Processor) checkDeleteContainer(e *containerEvent.Delete) error {
|
func (cp *Processor) checkDeleteContainer(e *containerEvent.Delete) error {
|
||||||
|
cid := e.ContainerID()
|
||||||
|
|
||||||
|
// receive owner of the related container
|
||||||
|
cnr, err := cp.cnrClient.Get(cid)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("could not receive the container: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// receive all owner keys
|
||||||
|
ownerKeys, err := cp.idClient.AccountKeys(cnr.OwnerID())
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("could not received owner keys %s: %w", cnr.OwnerID(), err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// verify signature
|
||||||
|
cidHash := sha256.Sum256(cid)
|
||||||
|
sig := e.Signature()
|
||||||
|
|
||||||
|
for _, ownerKey := range ownerKeys {
|
||||||
|
if ownerKey.Verify(sig, cidHash[:]) {
|
||||||
return nil
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return errors.New("signature verification failed on all owner keys ")
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cp *Processor) approveDeleteContainer(e *containerEvent.Delete) {
|
func (cp *Processor) approveDeleteContainer(e *containerEvent.Delete) {
|
||||||
|
|
Loading…
Reference in a new issue