package eacl import ( "crypto/ecdsa" "crypto/elliptic" v2acl "github.com/nspcc-dev/neofs-api-go/v2/acl" ) // Target is a group of request senders to match EACL. Defined by role enum // and set of public keys. // // Target is compatible with v2 acl.EACLRecord.Target message. type Target struct { role Role keys [][]byte } func ecdsaKeysToPtrs(keys []ecdsa.PublicKey) []*ecdsa.PublicKey { keysPtr := make([]*ecdsa.PublicKey, len(keys)) for i := range keys { keysPtr[i] = &keys[i] } return keysPtr } // BinaryKeys returns list of public keys to identify // target subject in a binary format. func (t *Target) BinaryKeys() [][]byte { return t.keys } // SetBinaryKeys sets list of binary public keys to identify // target subject. func (t *Target) SetBinaryKeys(keys [][]byte) { t.keys = keys } // SetTargetECDSAKeys converts ECDSA public keys to a binary // format and stores them in Target. func SetTargetECDSAKeys(t *Target, pubs ...*ecdsa.PublicKey) { binKeys := t.BinaryKeys() ln := len(pubs) if cap(binKeys) >= ln { binKeys = binKeys[:0] } else { binKeys = make([][]byte, 0, ln) } for i := 0; i < ln; i++ { b := elliptic.MarshalCompressed(pubs[i].Curve, pubs[i].X, pubs[i].Y) binKeys = append(binKeys, b) } t.SetBinaryKeys(binKeys) } // TargetECDSAKeys interprets binary public keys of Target // as ECDSA public keys. If any key has a different format, // the corresponding element will be nil. func TargetECDSAKeys(t *Target) []*ecdsa.PublicKey { binKeys := t.BinaryKeys() ln := len(binKeys) pubs := make([]*ecdsa.PublicKey, ln) for i := 0; i < ln; i++ { x, y := elliptic.UnmarshalCompressed(elliptic.P256(), binKeys[i]) if x != nil && y != nil { pubs[i] = &ecdsa.PublicKey{ Curve: elliptic.P256(), X: x, Y: y, } } } return pubs } // SetRole sets target subject's role class. func (t *Target) SetRole(r Role) { t.role = r } // Role returns target subject's role class. func (t Target) Role() Role { return t.role } // ToV2 converts Target to v2 acl.EACLRecord.Target message. // // Nil Target converts to nil. func (t *Target) ToV2() *v2acl.Target { if t == nil { return nil } target := new(v2acl.Target) target.SetRole(t.role.ToV2()) target.SetKeys(t.keys) return target } // NewTarget creates, initializes and returns blank Target instance. // // Defaults: // - role: RoleUnknown; // - keys: nil. func NewTarget() *Target { return NewTargetFromV2(new(v2acl.Target)) } // NewTargetFromV2 converts v2 acl.EACLRecord.Target message to Target. func NewTargetFromV2(target *v2acl.Target) *Target { if target == nil { return new(Target) } return &Target{ role: RoleFromV2(target.GetRole()), keys: target.GetKeys(), } } // Marshal marshals Target into a protobuf binary form. func (t *Target) Marshal() ([]byte, error) { return t.ToV2().StableMarshal(nil) } // Unmarshal unmarshals protobuf binary representation of Target. func (t *Target) Unmarshal(data []byte) error { fV2 := new(v2acl.Target) if err := fV2.Unmarshal(data); err != nil { return err } *t = *NewTargetFromV2(fV2) return nil } // MarshalJSON encodes Target to protobuf JSON format. func (t *Target) MarshalJSON() ([]byte, error) { return t.ToV2().MarshalJSON() } // UnmarshalJSON decodes Target from protobuf JSON format. func (t *Target) UnmarshalJSON(data []byte) error { tV2 := new(v2acl.Target) if err := tV2.UnmarshalJSON(data); err != nil { return err } *t = *NewTargetFromV2(tV2) return nil }