diff --git a/go.mod b/go.mod index 48c9453..c771411 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,6 @@ go 1.20 require ( git.frostfs.info/TrueCloudLab/frostfs-api-go/v2 v2.16.1-0.20240306101814-c1c7b344b9c0 git.frostfs.info/TrueCloudLab/frostfs-contract v0.0.0-20230307110621-19a8ef2d02fb - git.frostfs.info/TrueCloudLab/frostfs-crypto v0.6.0 git.frostfs.info/TrueCloudLab/hrw v1.2.1 git.frostfs.info/TrueCloudLab/tzhash v1.8.0 github.com/antlr4-go/antlr/v4 v4.13.0 @@ -21,6 +20,7 @@ require ( ) require ( + git.frostfs.info/TrueCloudLab/frostfs-crypto v0.6.0 // indirect git.frostfs.info/TrueCloudLab/rfc6979 v0.4.0 // indirect github.com/benbjohnson/clock v1.1.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect diff --git a/pool/tree/pool.go b/pool/tree/pool.go index 2c55351..b610909 100644 --- a/pool/tree/pool.go +++ b/pool/tree/pool.go @@ -126,7 +126,7 @@ type GetNodesParams struct { type GetSubTreeParams struct { CID cid.ID TreeID string - RootID uint64 + RootID []uint64 Depth uint32 BearerToken []byte Order SubTreeSort @@ -308,12 +308,7 @@ func (p *Pool) GetNodes(ctx context.Context, prm GetNodesParams) ([]*grpcService }, } - if err := p.signRequest(request.Body, func(key, sign []byte) { - request.Signature = &grpcService.Signature{ - Key: key, - Sign: sign, - } - }); err != nil { + if err := p.signRequest(request); err != nil { return nil, err } @@ -410,12 +405,7 @@ func (p *Pool) GetSubTree(ctx context.Context, prm GetSubTreeParams) (*SubTreeRe request.Body.OrderBy.Direction = grpcService.GetSubTreeRequest_Body_Order_None } - if err := p.signRequest(request.Body, func(key, sign []byte) { - request.Signature = &grpcService.Signature{ - Key: key, - Sign: sign, - } - }); err != nil { + if err := p.signRequest(request); err != nil { return nil, err } @@ -445,12 +435,7 @@ func (p *Pool) AddNode(ctx context.Context, prm AddNodeParams) (uint64, error) { BearerToken: prm.BearerToken, }, } - if err := p.signRequest(request.Body, func(key, sign []byte) { - request.Signature = &grpcService.Signature{ - Key: key, - Sign: sign, - } - }); err != nil { + if err := p.signRequest(request); err != nil { return 0, err } @@ -482,12 +467,7 @@ func (p *Pool) AddNodeByPath(ctx context.Context, prm AddNodeByPathParams) (uint }, } - if err := p.signRequest(request.Body, func(key, sign []byte) { - request.Signature = &grpcService.Signature{ - Key: key, - Sign: sign, - } - }); err != nil { + if err := p.signRequest(request); err != nil { return 0, err } @@ -527,12 +507,7 @@ func (p *Pool) MoveNode(ctx context.Context, prm MoveNodeParams) error { }, } - if err := p.signRequest(request.Body, func(key, sign []byte) { - request.Signature = &grpcService.Signature{ - Key: key, - Sign: sign, - } - }); err != nil { + if err := p.signRequest(request); err != nil { return err } @@ -558,12 +533,7 @@ func (p *Pool) RemoveNode(ctx context.Context, prm RemoveNodeParams) error { BearerToken: prm.BearerToken, }, } - if err := p.signRequest(request.Body, func(key, sign []byte) { - request.Signature = &grpcService.Signature{ - Key: key, - Sign: sign, - } - }); err != nil { + if err := p.signRequest(request); err != nil { return err } diff --git a/pool/tree/pool_signature.go b/pool/tree/pool_signature.go index 0b3a2f6..5a8def1 100644 --- a/pool/tree/pool_signature.go +++ b/pool/tree/pool_signature.go @@ -1,25 +1,38 @@ package tree import ( - crypto "git.frostfs.info/TrueCloudLab/frostfs-crypto" - "google.golang.org/protobuf/proto" + frostfsecdsa "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/crypto/ecdsa" + tree "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool/tree/service" ) -func (p *Pool) signData(buf []byte, f func(key, sign []byte)) error { - sign, err := crypto.Sign(&p.key.PrivateKey, buf) +type message interface { + SignedDataSize() int + ReadSignedData([]byte) ([]byte, error) + GetSignature() *tree.Signature + SetSignature(*tree.Signature) +} + +// signMessage uses the pool key and signs any protobuf +// message that was generated for the TreeService by the +// protoc-gen-go-frostfs generator. Returns any errors directly. +func (p *Pool) signRequest(m message) error { + binBody, err := m.ReadSignedData(nil) if err != nil { return err } - f(p.key.PublicKey().Bytes(), sign) + keySDK := frostfsecdsa.Signer(p.key.PrivateKey) + data, err := keySDK.Sign(binBody) + if err != nil { + return err + } + + rawPub := make([]byte, keySDK.Public().MaxEncodedSize()) + rawPub = rawPub[:keySDK.Public().Encode(rawPub)] + m.SetSignature(&tree.Signature{ + Key: rawPub, + Sign: data, + }) + return nil } - -func (p *Pool) signRequest(requestBody proto.Message, f func(key, sign []byte)) error { - buf, err := proto.Marshal(requestBody) - if err != nil { - return err - } - - return p.signData(buf, f) -} diff --git a/pool/tree/service/service.pb.go b/pool/tree/service/service.pb.go index 63f3e71..f439e3f 100644 Binary files a/pool/tree/service/service.pb.go and b/pool/tree/service/service.pb.go differ diff --git a/pool/tree/service/service_frostfs.pb.go b/pool/tree/service/service_frostfs.pb.go new file mode 100644 index 0000000..b2fbfb8 Binary files /dev/null and b/pool/tree/service/service_frostfs.pb.go differ diff --git a/pool/tree/service/service_grpc.pb.go b/pool/tree/service/service_grpc.pb.go index 2c08289..4c293a4 100644 Binary files a/pool/tree/service/service_grpc.pb.go and b/pool/tree/service/service_grpc.pb.go differ diff --git a/pool/tree/service/types.pb.go b/pool/tree/service/types.pb.go index b4d6981..6464ccb 100644 Binary files a/pool/tree/service/types.pb.go and b/pool/tree/service/types.pb.go differ diff --git a/pool/tree/service/types_frostfs.pb.go b/pool/tree/service/types_frostfs.pb.go new file mode 100644 index 0000000..707fcc3 Binary files /dev/null and b/pool/tree/service/types_frostfs.pb.go differ diff --git a/syncTree.sh b/syncTree.sh index 90eeba7..9921749 100755 --- a/syncTree.sh +++ b/syncTree.sh @@ -1,19 +1,14 @@ #!/bin/bash -REVISION="b3695411d907c3c65485bab04f9ff8479a72906b" +REVISION="fd6fed909c515e2cc148307ac2932d05e5557d94" echo "tree service revision ${REVISION}" # regexp below find all link to source code files which end with ".pb.go" and retrieve the file names # we use `[^.]*` as non greedy workaround for `.*` -FILES=$(curl -s https://git.frostfs.info/TrueCloudLab/frostfs-node/src/commit/${REVISION}/pkg/services/tree | sed -n "s,.*\"/TrueCloudLab/frostfs-node/src/commit/${REVISION}/pkg/services/tree/\([^.]*\.pb\.go\)\".*,\1,p") +FILES=$(curl -s https://git.frostfs.info/fyrchik/frostfs-node/src/commit/${REVISION}/pkg/services/tree | sed -n "s,.*\"/fyrchik/frostfs-node/src/commit/${REVISION}/pkg/services/tree/\([^.]*\.pb\.go\)\".*,\1,p") for file in $FILES; do - if [[ $file == *"frostfs"* ]]; then - echo "skip '$file'" - continue - else - echo "sync '$file' in tree service" - fi - curl -s "https://git.frostfs.info/TrueCloudLab/frostfs-node/raw/commit/${REVISION}/pkg/services/tree/${file}" -o "./pool/tree/service/${file}" + echo "sync '$file' in tree service" + curl -s "https://git.frostfs.info/fyrchik/frostfs-node/raw/commit/${REVISION}/pkg/services/tree/${file}" -o "./pool/tree/service/${file}" done