[#11] accounting: Implement signing service

Adds accounting Service implementation that verifiers request signatures and signs responses from internal Service. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-08-22 17:17:03 +03:00 · 2020-08-22 17:17:03 +03:00 · 5cf622881f
commit 5cf622881f
parent 65eb1181e9
3 changed files with 58 additions and 3 deletions
--- a/cmd/neofs-node/config.go
+++ b/cmd/neofs-node/config.go
@ -2,7 +2,10 @@ package main

 import (
 	"context"
+	"crypto/ecdsa"
 	"sync"
+
+	crypto "github.com/nspcc-dev/neofs-crypto"
 )

 type cfg struct {
@ -11,12 +14,18 @@ type cfg struct {
 	wg *sync.WaitGroup

 	grpcAddr string
+
+	key *ecdsa.PrivateKey
 }

 func defaultCfg() *cfg {
+	key, err := crypto.LoadPrivateKey("Kwk6k2eC3L3QuPvD8aiaNyoSXgQ2YL1bwS5CP1oKoA9waeAze97s")
+	fatalOnErr(err)
+
 	return &cfg{
 		ctx:      context.Background(),
 		wg:       new(sync.WaitGroup),
 		grpcAddr: "127.0.0.1:50501",
+		key:      key,
 	}
 }
--- a/cmd/neofs-node/grpc.go
+++ b/cmd/neofs-node/grpc.go
@ -13,10 +13,11 @@ import (
 	object "github.com/nspcc-dev/neofs-api-go/v2/object/grpc"
 	sessionGRPC "github.com/nspcc-dev/neofs-api-go/v2/session"
 	session "github.com/nspcc-dev/neofs-api-go/v2/session/grpc"
-	accountingTransport "github.com/nspcc-dev/neofs-node/pkg/network/transport/accounting/grpc"
+	accountingTransportGRPC "github.com/nspcc-dev/neofs-node/pkg/network/transport/accounting/grpc"
 	containerTransport "github.com/nspcc-dev/neofs-node/pkg/network/transport/container/grpc"
 	objectTransport "github.com/nspcc-dev/neofs-node/pkg/network/transport/object/grpc"
 	sessionTransport "github.com/nspcc-dev/neofs-node/pkg/network/transport/session/grpc"
+	accountingService "github.com/nspcc-dev/neofs-node/pkg/services/accounting"
 	"github.com/pkg/errors"
 	"google.golang.org/grpc"
 )
@ -34,7 +35,7 @@ func unimplementedErr(srv, call string) error {
 }

 func (s *accountingSvc) Balance(context.Context, *accounting.BalanceRequest) (*accounting.BalanceResponse, error) {
-	return nil, unimplementedErr("Accounting", "Balance")
+	return new(accounting.BalanceResponse), nil
 }

 func (s *sessionSvc) Create(context.Context, *sessionGRPC.CreateRequest) (*sessionGRPC.CreateResponse, error) {
@ -99,7 +100,9 @@ func serveGRPC(c *cfg) {

 	srv := grpc.NewServer()

-	accountingGRPC.RegisterAccountingServiceServer(srv, accountingTransport.New(new(accountingSvc)))
+	accountingGRPC.RegisterAccountingServiceServer(srv,
+		accountingTransportGRPC.New(accountingService.NewSignService(c.key, new(accountingSvc))),
+	)
 	container.RegisterContainerServiceServer(srv, containerTransport.New(new(containerSvc)))
 	session.RegisterSessionServiceServer(srv, sessionTransport.New(new(sessionSvc)))
 	object.RegisterObjectServiceServer(srv, objectTransport.New(new(objectSvc)))
--- a/pkg/services/accounting/sign.go
+++ b/pkg/services/accounting/sign.go
@ -0,0 +1,43 @@
+package accounting
+
+import (
+	"context"
+	"crypto/ecdsa"
+
+	"github.com/nspcc-dev/neofs-api-go/v2/accounting"
+	"github.com/nspcc-dev/neofs-api-go/v2/signature"
+	"github.com/pkg/errors"
+)
+
+type signService struct {
+	key *ecdsa.PrivateKey
+
+	svc accounting.Service
+}
+
+func NewSignService(key *ecdsa.PrivateKey, svc accounting.Service) accounting.Service {
+	return &signService{
+		key: key,
+		svc: svc,
+	}
+}
+
+func (s *signService) Balance(ctx context.Context, req *accounting.BalanceRequest) (*accounting.BalanceResponse, error) {
+	// verify request signatures
+	if err := signature.VerifyServiceMessage(req); err != nil {
+		return nil, errors.Wrap(err, "could not verify request")
+	}
+
+	// process request
+	resp, err := s.svc.Balance(ctx, req)
+	if err != nil {
+		return nil, err
+	}
+
+	// sign the response
+	if err := signature.SignServiceMessage(s.key, resp); err != nil {
+		return nil, errors.Wrap(err, "could not sign response")
+	}
+
+	return resp, nil
+}