[#15] Sign base64 token representation
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
Denis Kirillov
Alex Vanin
parent
5bee10d096
commit
fd0ff4b803
4 changed files with 21 additions and 4 deletions
|
|
@ -924,11 +924,13 @@ func signToken(t *testing.T, key *keys.PrivateKey, data []byte) *handlers.Bearer
|
|||
}
|
||||
|
||||
func signTokenWalletConnect(t *testing.T, key *keys.PrivateKey, data []byte) *handlers.BearerToken {
|
||||
sm, err := walletconnect.SignMessage(&key.PrivateKey, data[:])
|
||||
b64Token := make([]byte, base64.StdEncoding.EncodedLen(len(data)))
|
||||
base64.StdEncoding.Encode(b64Token, data)
|
||||
sm, err := walletconnect.SignMessage(&key.PrivateKey, b64Token[:])
|
||||
require.NoError(t, err)
|
||||
|
||||
return &handlers.BearerToken{
|
||||
Token: base64.StdEncoding.EncodeToString(data),
|
||||
Token: string(b64Token),
|
||||
Signature: hex.EncodeToString(append(sm.Data, sm.Salt...)),
|
||||
Key: hex.EncodeToString(key.PublicKey().Bytes()),
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package handlers
|
|||
import (
|
||||
"testing"
|
||||
|
||||
sessionv2 "github.com/nspcc-dev/neofs-api-go/v2/session"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
|
|
@ -35,3 +36,17 @@ func TestCheckContainerName(t *testing.T) {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestPrepareSessionToken(t *testing.T) {
|
||||
st := &SessionToken{
|
||||
BearerToken: BearerToken{
|
||||
Token: "ChASxCTiXwREjLAG7nkxjDHVEhsKGTVxfQ56a0uQeFmOO63mqykBS1HNpw1rxSgaBgjIAhjkASIhAnLj82Qmdlcg7JtoyhDjJ1OsRFjtmxdXbzrwVkwxWAdWMgQIAxAB",
|
||||
Signature: "2ebdc1f2fea2bba397d1be6f982a6fe1b2bc9f46a348b700108fe2eba4e6531a1bb585febf9a40a3fa2e085fca5e2a75ca57f61166117c6d3e04a95ef9a2d2196f52648546784853e17c0b7ba762eae1",
|
||||
Key: "03bd9108c0b49f657e9eee50d1399022bd1e436118e5b7529a1b7cd606652f578f",
|
||||
},
|
||||
Verb: sessionv2.ContainerVerbSetEACL,
|
||||
}
|
||||
|
||||
_, err := prepareSessionToken(st, true)
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -423,7 +423,7 @@ func prepareSessionToken(st *SessionToken, isWalletConnect bool) (*session.Token
|
|||
stoken.ToV2().SetSignature(v2signature)
|
||||
|
||||
if isWalletConnect {
|
||||
if !walletconnect.Verify((*ecdsa.PublicKey)(ownerKey), data, signature) {
|
||||
if !walletconnect.Verify((*ecdsa.PublicKey)(ownerKey), []byte(st.Token), signature) {
|
||||
return nil, fmt.Errorf("invalid signature")
|
||||
}
|
||||
} else if !stoken.VerifySignature() {
|
||||
|
|
|
|||
|
|
@ -370,7 +370,7 @@ func prepareBearerToken(bt *BearerToken, isWalletConnect bool) (*token.BearerTok
|
|||
btoken.ToV2().SetSignature(v2signature)
|
||||
|
||||
if isWalletConnect {
|
||||
if !walletconnect.Verify((*ecdsa.PublicKey)(ownerKey), data, signature) {
|
||||
if !walletconnect.Verify((*ecdsa.PublicKey)(ownerKey), []byte(bt.Token), signature) {
|
||||
return nil, fmt.Errorf("invalid signature")
|
||||
}
|
||||
} else if err = btoken.VerifySignature(); err != nil {
|
||||
|
|
|
|||
Reference in a new issue