From d065453bd0a7a22b4efd724b11ecec6a50c275bc Mon Sep 17 00:00:00 2001
From: Leonard Lyubich <leonard@nspcc.ru>
Date: Wed, 2 Mar 2022 13:15:36 +0300
Subject: [PATCH] [#380] Support changes in signature schemes

Support new `SignatureRFC6979` message. Make `refs.ECDSA_SHA512` to be
default scheme.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
---
 container/convert.go         |  37 +++++++++++++++++++++++++----------
 container/grpc/service.go    |  16 +++++++--------
 container/grpc/service.pb.go | Bin 112686 -> 112658 bytes
 container/types.go           |  10 ++++++++++
 refs/grpc/types.go           |  14 +++++++++++++
 refs/grpc/types.pb.go        | Bin 26473 -> 28422 bytes
 refs/types.go                |   5 ++---
 util/signature/data.go       |   4 ++--
 util/signature/options.go    |  32 ++++++++++++------------------
 9 files changed, 76 insertions(+), 42 deletions(-)

diff --git a/container/convert.go b/container/convert.go
index 89e0153..5e49bea 100644
--- a/container/convert.go
+++ b/container/convert.go
@@ -152,6 +152,18 @@ func (c *Container) FromGRPCMessage(m grpc.Message) error {
 	return nil
 }
 
+func toSignatureRFC6979(s *refs.Signature) *refsGRPC.SignatureRFC6979 {
+	var res *refsGRPC.SignatureRFC6979
+
+	if s != nil {
+		res = new(refsGRPC.SignatureRFC6979)
+		res.SetKey(s.GetKey())
+		res.SetSign(s.GetSign())
+	}
+
+	return res
+}
+
 func (r *PutRequestBody) ToGRPCMessage() grpc.Message {
 	var m *container.PutRequest_Body
 
@@ -159,7 +171,7 @@ func (r *PutRequestBody) ToGRPCMessage() grpc.Message {
 		m = new(container.PutRequest_Body)
 
 		m.SetContainer(r.cnr.ToGRPCMessage().(*container.Container))
-		m.SetSignature(r.sig.ToGRPCMessage().(*refsGRPC.Signature))
+		m.SetSignature(toSignatureRFC6979(r.sig))
 	}
 
 	return m
@@ -195,7 +207,8 @@ func (r *PutRequestBody) FromGRPCMessage(m grpc.Message) error {
 			r.sig = new(refs.Signature)
 		}
 
-		err = r.sig.FromGRPCMessage(sig)
+		r.sig.SetKey(sig.GetKey())
+		r.sig.SetSign(sig.GetSign())
 	}
 
 	return err
@@ -391,7 +404,7 @@ func (r *GetResponseBody) ToGRPCMessage() grpc.Message {
 
 		m.SetContainer(r.cnr.ToGRPCMessage().(*container.Container))
 		m.SetSessionToken(r.token.ToGRPCMessage().(*sessionGRPC.SessionToken))
-		m.SetSignature(r.sig.ToGRPCMessage().(*refsGRPC.Signature))
+		m.SetSignature(toSignatureRFC6979(r.sig))
 	}
 
 	return m
@@ -424,7 +437,8 @@ func (r *GetResponseBody) FromGRPCMessage(m grpc.Message) error {
 			r.sig = new(refs.Signature)
 		}
 
-		err = r.sig.FromGRPCMessage(sig)
+		r.sig.SetKey(sig.GetKey())
+		r.sig.SetSign(sig.GetSign())
 	}
 
 	token := v.GetSessionToken()
@@ -486,7 +500,7 @@ func (r *DeleteRequestBody) ToGRPCMessage() grpc.Message {
 		m = new(container.DeleteRequest_Body)
 
 		m.SetContainerId(r.cid.ToGRPCMessage().(*refsGRPC.ContainerID))
-		m.SetSignature(r.sig.ToGRPCMessage().(*refsGRPC.Signature))
+		m.SetSignature(toSignatureRFC6979(r.sig))
 	}
 
 	return m
@@ -522,7 +536,8 @@ func (r *DeleteRequestBody) FromGRPCMessage(m grpc.Message) error {
 			r.sig = new(refs.Signature)
 		}
 
-		err = r.sig.FromGRPCMessage(sig)
+		r.sig.SetKey(sig.GetKey())
+		r.sig.SetSign(sig.GetSign())
 	}
 
 	return err
@@ -765,7 +780,7 @@ func (r *SetExtendedACLRequestBody) ToGRPCMessage() grpc.Message {
 		m = new(container.SetExtendedACLRequest_Body)
 
 		m.SetEacl(r.eacl.ToGRPCMessage().(*aclGRPC.EACLTable))
-		m.SetSignature(r.sig.ToGRPCMessage().(*refsGRPC.Signature))
+		m.SetSignature(toSignatureRFC6979(r.sig))
 	}
 
 	return m
@@ -801,7 +816,8 @@ func (r *SetExtendedACLRequestBody) FromGRPCMessage(m grpc.Message) error {
 			r.sig = new(refs.Signature)
 		}
 
-		err = r.sig.FromGRPCMessage(sig)
+		r.sig.SetKey(sig.GetKey())
+		r.sig.SetSign(sig.GetSign())
 	}
 
 	return err
@@ -981,7 +997,7 @@ func (r *GetExtendedACLResponseBody) ToGRPCMessage() grpc.Message {
 		m = new(container.GetExtendedACLResponse_Body)
 
 		m.SetEacl(r.eacl.ToGRPCMessage().(*aclGRPC.EACLTable))
-		m.SetSignature(r.sig.ToGRPCMessage().(*refsGRPC.Signature))
+		m.SetSignature(toSignatureRFC6979(r.sig))
 		m.SetSessionToken(r.token.ToGRPCMessage().(*sessionGRPC.SessionToken))
 	}
 
@@ -1018,7 +1034,8 @@ func (r *GetExtendedACLResponseBody) FromGRPCMessage(m grpc.Message) error {
 			r.sig = new(refs.Signature)
 		}
 
-		err = r.sig.FromGRPCMessage(sig)
+		r.sig.SetKey(sig.GetKey())
+		r.sig.SetSign(sig.GetSign())
 	}
 
 	token := v.GetSessionToken()
diff --git a/container/grpc/service.go b/container/grpc/service.go
index 6aa854b..09743dc 100644
--- a/container/grpc/service.go
+++ b/container/grpc/service.go
@@ -14,7 +14,7 @@ func (m *PutRequest_Body) SetContainer(v *Container) {
 }
 
 // SetSignature sets signature of the container structure.
-func (m *PutRequest_Body) SetSignature(v *refs.Signature) {
+func (m *PutRequest_Body) SetSignature(v *refs.SignatureRFC6979) {
 	if m != nil {
 		m.Signature = v
 	}
@@ -77,7 +77,7 @@ func (m *DeleteRequest_Body) SetContainerId(v *refs.ContainerID) {
 }
 
 // SetSignature sets signature of the container identifier.
-func (m *DeleteRequest_Body) SetSignature(v *refs.Signature) {
+func (m *DeleteRequest_Body) SetSignature(v *refs.SignatureRFC6979) {
 	if m != nil {
 		m.Signature = v
 	}
@@ -166,8 +166,8 @@ func (m *GetResponse_Body) SetSessionToken(v *session.SessionToken) {
 	}
 }
 
-// SetSignature sets signature of the requested container.
-func (m *GetResponse_Body) SetSignature(v *refs.Signature) {
+// SetSignature sets signature of the container structure.
+func (m *GetResponse_Body) SetSignature(v *refs.SignatureRFC6979) {
 	if m != nil {
 		m.Signature = v
 	}
@@ -257,8 +257,8 @@ func (m *SetExtendedACLRequest_Body) SetEacl(v *acl.EACLTable) {
 	}
 }
 
-// SetSignature sets signature of the eACL table.
-func (m *SetExtendedACLRequest_Body) SetSignature(v *refs.Signature) {
+// SetSignature sets signature of the eACL table structure.
+func (m *SetExtendedACLRequest_Body) SetSignature(v *refs.SignatureRFC6979) {
 	if m != nil {
 		m.Signature = v
 	}
@@ -341,8 +341,8 @@ func (m *GetExtendedACLResponse_Body) SetEacl(v *acl.EACLTable) {
 	}
 }
 
-// SetSignature sets signature of the eACL table.
-func (m *GetExtendedACLResponse_Body) SetSignature(v *refs.Signature) {
+// SetSignature sets signature of the eACL table structure.
+func (m *GetExtendedACLResponse_Body) SetSignature(v *refs.SignatureRFC6979) {
 	if m != nil {
 		m.Signature = v
 	}
diff --git a/container/grpc/service.pb.go b/container/grpc/service.pb.go
index d7fa78e20e26790b782328b964bb38d4505a71bb..dd913949064e96a31b9dc70e339fcccfd0aaef5f 100644
GIT binary patch
delta 3976
zcma)9YfzNu6`lj^vb!w1EEh#!xh#lW7WkH3c0phjxf{87i3X#B8cdp|5pAcMsEHXh
zCb1fux5?2u$<U_LPHx6_J6)T`h)tT9i;>RsSH=k1I9@=+TTE)yKJWLji*}qQe_+4&
zJMVkmbDrls=X`rd^)HO-_kFxh#IH|@p3_k4t?*Td8m~Rjy#Ai3@PeziLMU5f17B=B
zZ1`VG(Y$`DSeaoEBiqe^p67Dz*cCXk<I|YC>?jU2>=_DM23)-hV((%#Rrs5dMAu?n
zVA0<BVQYcg1cv_fo%t?1ibcboq`>QaF5PW+uMcE?_^V`5JCYFi=y;3HQ0{SNDr*&&
z_~q~<{=iRhY;llYG+&G5pBc#?VKQ=$g>v}|BUSL{3#o;>Oq3`xu4Id&C-nTXiOPAF
zjZFNpLa{t-qM4#;z|NQFkyC8Ek;d*sO6R}EP}LNV*J&~;Ydvo1(Ct<KR;Yh{<G;&F
zxwnFRoE}4Z_!gGaCEVXmIo!U4%<?j}DC!XHH=?MFd#h=)I6IKRgYA^48U#1z(#=TT
zrO*`7b1f>W6duKa;S!;oN#%_VloSr9)kSX6KBSi+#fk0bvv|LY3b@^*xg9)T!lMdh
zaZe(W(Q{RAER|;|Yr9v7`jJBZ+Z;;c{<)MW@A%shI2cIgqY0GEeP)V^DD{bpR}(mM
zBAjF#OA^)*2lviFSlD9VmGLxzmsrUtN(QTf7o7B3q@i5RhYCXm7pLP+2ZxJ7*ER;X
zL{Jg&`wAt<6xWH*2D3vcj^{74sXG_hMOuGIa%%$pU!O5YEOQ0liKI2U=%sSw?Vf>s
z5ZFIL)XgVMw2CjyqauKr%nGu>FUQb*5=_mVOv(=c)1+d-UNhx$R~6zfsiaIK@1+uQ
z@`g%s^JqFXvOktmcv}lt_--tCGp!0Q>{aA2A^q@I(e2FSQ?bDQCkrW?t1QT7S`>Lz
z%H7f-F|Q3w=QJyTgMlNIWG^37z|cQnUF;n6O1E*8F9vUVRrq;j9HolBOY()NzE~;t
z{To$a1E(IEMP(xWq?20<$RrM*o5mSUIH)g~%(PtcuaSFN$S+~FbAJhC;RN<)fuV0*
zPvf3sWGk~Av}#G9)bZlt4GEN_LpVO4$T~Ga5_1y&#YmGWOq&7;YM#NfLPkAi1}diV
z3ke`zh?G$>D;!LuGU@mEc~rvoBvRx9YIX|pGRDFjt#a*F#8fkhJlyV~BG$QSB3m7#
z<NjPq;=LYHc*hK~@jfF+|HNnxBc-{4O=n{xsT}%H%#Wsk2*dbMR*SoQl|sp4<CVSq
zdMeJnuYvNyH?#QED%Vi!Uj9-VWw6^xYj|cMN^`7O%sirlx8E14QjyI49c1QpjZ`da
zMbBFoP>~G9l?xK686K+{eGob|7#ZR7sFzA~P^z?391_#3as04@a>b^z4zcW50{_E7
zPWiU80>K)yDPH{em@!;QDdN?uvn0QhcrY1Q?>KLlVr3QGUl(VFISvf&MsXgBp+*sR
zTF;wvDAfWhZ<&gh2U5YAs#fMwJil26zVDcikVZ@4sIwY*M&xn4VKUYKpQz_@iw7C`
zCJWmi^?;(vfay-W%zW5NothM?R9q^~eVfXU6-(|<r)m6_jbgaT3;iB7z<*aOLVNQ+
zspBy7dp3yc!Ds*owTegDHt{?8NO)V;nBFQ<@>>zc>S)Rq)~|HDyA@F!oIy!84c}#`
zN+^gFNIp<NbGgT<?L9OXEW4)=Xea}!cuQ7>@HR_M?o~yUe_99b+!>-jovgfFN2|q!
zLBE)Oy-}mUCvjLd<k1r-%TgYkj(dHQ2NV`xO5wtMdW16;Yo%Dk`+Vvx1P$l&^cg6I
z_LEVZkV1vLTfvpkAJk;(+}-lxM--YX+OL>-zY)sP=Au#&cWa`k_}b2yk+^lQk*qpT
zg)|*?A;z~Mg$9JZ%qN#-mttup_$#T_mJ23LzXroGxXn`0W5ltMd<l6GXWUC2T<D~w
zvU3^4=ijEug2YrYU<#g`Nx{g8%f>`mO|14?CDqb$_}NemR#e4+&tUpYgH&KI%8lQ3
zP=_V-gtg^ZJEQ<Bv<%tEA$n6nT|>>jY<y~Sb}MpQnX0kh$9j1stxLOj_f)WWXeuD7
zF+;9H!fxRwq{Qzw!{6hT;MW@+l=tEw)YpI9B>K<lrOq3~<l~O8%x7_@837%LMe=`L
zg?+Cy(F!qqJe#*oz+4d*K{^q4qc*}_8qzdH)%u}YO>~bef)?-aqXB<bgFA(~tH>Bt
zA^D>fhxh8JN#<>W7#W-<Hhyas4-HjnwEFWz+8$z*nV(Fi7BDJNYQk#G0OGDPO3&x>
z=|%qC3_QxFV$e!nS<1t8)NDp>d=e=9b8}BMoSsa<pB1$s)Q4-)vI2|f+0Ye}cu$?C
zUxyZ<_t|R^!nrz4`K)qVLp_yBR*k=Yv!06dD$eE7M>gj-fe@AkP3XpmY~shWY4Z0I
zS<0461>W_5Wb(mA)X!1b<xV$Zv_raL<oSvGeiOOJ3ckF2yx^Z|g8jZablkqCvHm9?
zLL-?~6TYHm&=CEmhBq}+rsTs4exM%x3Y%1sw^hSnd=tuHiVS)mN=Y`R0{&4R@_2h=
zQct;^RTj?kP#y%Z0z1XVi?g}aOBVV2#KjKov!SQS$uy*O3I~gDpO8<LCP!NkOm95&
z`EwtX1<f#y{Zcd6U!FBCd;CEwa6!Mz=ae=ow@D}zwcnK~GBG|*nTsHArIA^5ozD?P
zCrtclGgV<$O_g&={vAa)3(M+Us`l^b*;@ZDpG|gg^D5>CZH6?48>5?VHK7=WkEip_
zh0t`z9KfUw=0|2@Fz*?$hhrK`esdee$9U8s8*D{Z?Q&d^*W;Z@<PD!3&8hd3O&s~o
zD2`u>*9z(Rg%lmSuG*pX;_S7`upwJ?2vQ1|+TZ>@4?U-{gr@R<g`Q-&nOt&C+QOJU
za>5tWvr`9#P3!>Ke{RQ~4;Mf$uFoeUZ|{JR^i@+1%DaZ2S%5@l=K?1T0GTT3OP7Td
z;Evf^ofjnXJUb2Y5rS1s!6d#M1vuZ%p&8Q2FF56X$+iN}3XVVH$L48o>-mTsbl)`(
z{qoiO!2-ujn#CE5U>pj{&#2&BzOa~bq_0(es#C+{+Qq05=!HjyuC@z3TiX!iDOtp@
zFOc^B+iOEzS+@jO1lkb(+e@?pJ|<TVM?h4Ko#d9gsyji3<TD<T@ulQ5zapR0&lK_5
zPW6*U*sdp<G~M>%i;B~`s7Bg#b>XD<T=MJ5gw(##rCJ9Mb<sbqp-)0y`XFYr{XLWx
zS_%HEhb||EpFY|`E($+=^E5fhHui07GRm>2q$IP9SFJ{Q_N~DzdGKM13Euk*_1|uW
jxkxqp%~Nvxo3G>1XF=Wkt@tF`^&A}yAOGMs`pEfTn7GW;

delta 3925
zcmcInYj9NM8J>69>}EH++1#_q?j|S6CV{X?_LA%-kR^ALm@5Q=5=jCQ3R*E-9HG)l
zX2f>1DwnVFwp2|9MxAklM)PBTFd}v8Slf!3PCF`Ah*A;JkVOT=DD?TxvguguO#krb
z%-M6^^WL84eco^PhjmB8y74z3Tv}SHbZ`2}=C#}J-#VylyKCd%y@SfV_ix*-tQ%AY
zH*McIxK&x%(cRTp-?Fr&u|c_StI}BC&|TZVd}+PEGEmvy-CXM}_lxX<4zcxkl28ib
z#K6H4ar!xv7>$n+$A(Sfo+Akp>vo0bi9f7xh^I&G!m-mlF*@?6*jpHU;>;rz+PQ#_
z*!GF{elsi%{=+1W=f#Wf_Uc8~i3G7HJ6>cwzxw69xyD<N%f!IJj2M~2#M7gT%(oyw
zw9^xvM~3E#ow)JRx29VYtbStGs~)u?z&L;ZA06VI(E*|CG)|1XZnkRHZ<yHgL0^m}
zu%4@l+#>(%ZJZE8+E6%_iiiTdFPHMU#z<`%Po+q_xRn2Hq+XuPqk5s7E97mdRK`=y
zq~qtzRH!i;#M&=ith7>&aDSY{7KPF{JdaXE__G`yUPe06`-vrluiRSJ1}RazI%^eE
zpXhiqQ8C}hpb~zQ$OlJUTTRs*)Q}?bu9k^~Ulog=Ud-jV6iU(z21MudLf*cd9Q;Z(
zE@NiWi(}IYk9ny~;|*|5J?-X!<rFJZx^H?hcR9$)!&)-Q2RAO3^0N+d@)REMi#l4s
z*B#^%lV?nvum%;4`^m;N3MKJoJtfK*1$;7#vbZK49|SY-EUShJ#8B8K!c!KR?obVt
z^WJROOa@5HZ|f+Qzlfz={%1D%IKe~de0M8V@H49@OWKd=sg$b&<mU73bdNT$!KH|o
zW(%UtC{(K*b0d%Ibz~GHXRX|qN#o+i=PCR`2hEqAF!AOl(rJ7uOj}fhK2DBQP^Cd8
zoAM~gtK-P`@|7=4nzd^~Uuo!p81Ab>Iemog|Nn3Yd8e0>`Gq*j<cum5b1IG$HY}zh
zozdXl;n|>)1AR-CuhY0wAw7>TMiX8zp^fOJg-ff*CQCnWLaSU=R2Wk^=)&(7Gkz;Q
z=vov^gGA~0bUQm*@$qyo?Ksc_xa4bb<FtXZ3#gV4JCMOh0rg7?7SO|UFj=`(M|LrA
z&A>_xIf0T@hV84NCW(+$0%#OnU+ei~4ONH}GgekK@H}+EE3SW-B;LB1#{H#KDf&N3
z;=_et$BlN_4S$+0-0#QmZcuQJw;v^;;+bT!^Y^jpN>;fy$KouWPDTZ%l3{)|38(@-
zl{dB&Di`hN%K70Ga`DJKa>gj`9bUgIsVO=;IyoA4IY4?eqB%6ArEli(p$sbIN5KyM
zTLz|QDidyzg@r$>qcYL)d9f^OH^<v3g~x-iJ)<GB67acX0I$3bmdmSKy?3vb_nvZo
zJfA$Vxb>Gwa0Z-k9mPd=z^-O3_ML0w9y_?OX*J!$`|@G)cn_c&S%vm4?4>x)XrRSn
z@@guNra&DqmvQ_wW=xJ;5g*OQ&y7Zk7hUH~JedMGmYnuVx!A(5XCYI}nU(jJ!{ga%
z)DoU5W_K(l@MCRM$zvs?0y<Me>7whKDs~rQ6r!}t;jU7Ia0Tc{x_`Y|pIVu_Ox~Ay
zQItrW$>f9zsum~C>G)eG9KV%=sEVF);`|<I=l99tm0U1$x`Le6=p($jOYM`|v&iJB
z0$C(J_$pV9AYDGhzDlZMvy*Zp?>cXX6LT--vCWG-uckp1Aenj|@se_2As)Gd;Fvj|
z8V;<YL;J7AivDx<iDy0m#N8cKlnAWkjIA3~i$P#+E23`cI>!M;f%r*Wa#Zo-m3CkO
z-0e~BsJg4?5-n!&Asaow_bs8;iISPa^EgP*>65cMl|<sHf0_9~qJ}x_q2+h5I}h*y
zm~^Sd4LqrV;2`o}lgS1xYKWJaMaZ<yjm)Mz)Xk$kP=K-9$<M=H@O`!!(~9yGzO#ik
zh~)1QdCl!;x7w4ZTA}%8d=gg4k<|szrl~?Q@QW^({E#R-lm-hRWs+HSN4lls-#IBw
zSU$DzKsi;3W#L8Oj9!di%jDAe*g8i(N}J<OlDPAH9ADE>N|Zc0@yhw-V)B9ob_x89
zLO$`tHCs%%>^omlkbO-XCCK5AU8hcu+ar$7E>N`^H1ctAGUf5foJe9;vE;Im({i!C
zKpmB-N(I^U|IHZd{wqd)H<yaQ8o98VI4ar}PFMu~Ke-6RToFf&ybHupb=JL}a}+e}
zy*S_v^)<;IlgA58<el3w?(gfai5+Gz?t%$<LUc`hWf9P+25Gn(8qAX|Hy2VbxHR5O
zX3;*C#V>22_6b1@tkObuc>f=A#HWM6_3^5R54sJ@`0ZYxCmlug+9Kl5Ch!wlS{Q<6
zKRb`t)PbYF*TU@Ab(AXU^kEPm!i$C58&Ua89oY5Sl{C(-hb1Uz6Ux;kYAltV>Tqsp
z#?+K9!3M>^>$uc~rMRL28rauNwit{){4Q&R_8o4J@^sU=D!SnYVETQtS}D8!3cgea
zQ8{tN%*Ps``Eg%n$!)uU?U~s5txJ(|M_Q!TON0fE)ZE-w4+;LQ0g)lWC76nMUXu@y
zq8r+P4()6rhb)wvs8)1cGD`O*o@t6~iLoklxTu*duw2}XR{X4rHt_SUfEG$&6K_vv
zNsi_6;ucJ-a(O<lF<`Z$_nG`yFSW^br}7;u$R5HdMRY^<6+)N7KkuMoF>_Wub^N)5
zY7xWSNsj;Q?T2tE%T`gJ>4YW@T(C&(utbg-HxF&<k!&ahGjl3z=E*J`%SNURu^yGw
zUeKc#3m6Bk6cM~)m%d^>s_J@uI2f#)bLHbpX@E(UzhlcOQ(T`laA7BsmrGuXR90l!
zAQKfSoC23bmCPhE-cM7Ppfs%DAxwqr>CP2Ev!tFLz;29H%L@2J&AIeBPkQo*#E-L8
z`C;!$az<3c%150N(4I)BJ^27My2VmCcn3YkHLEaZ?M`H+YTAhNCaW3w>A7<?ivHp9
zE0Zph#O2u}sdMry!{OD)7ak3Kya&#HL<e`6!Lo2ChzzgTPF-|27i+Nq|FV#}BKfMt
zN({Ka7mPkpA0gtIdQ9oNz35@M4ZeRw`@xe~K2lGQMAH8DPQY|xChLdCbG@Wg{2cq7
zoY6;_b~zZ8a`yz(73!~0@71G&pO+aZgE#h(D_xpJ4AfTvzcll15cgh6=hynk2i{%n
z1Gm5K#)&6*DwFT(M|tX`9O_5*c?MkG>W?(+oqm<5nFILXIXi}F{Q&+&96Xg8+A~0}
zSeUi|7-b9EwQY!Op(lsv%aqWbhsi^sH-14b3VriSB8|~#@F5xeVJ_$KUD#m*!;~2c
OK1zBDwf>6UaQz#FZq#=G

diff --git a/container/types.go b/container/types.go
index ea7fd9c..4da1723 100644
--- a/container/types.go
+++ b/container/types.go
@@ -316,6 +316,8 @@ func (r *PutRequestBody) GetSignature() *refs.Signature {
 
 func (r *PutRequestBody) SetSignature(v *refs.Signature) {
 	if r != nil {
+		// TODO: (neofs-api-go#381) avoid this hack (e.g. create refs.SignatureRFC6979 type)
+		v.SetScheme(0)
 		r.sig = v
 	}
 }
@@ -434,6 +436,8 @@ func (r *GetResponseBody) GetSignature() *refs.Signature {
 // SetSignature sets signature of the requested container.
 func (r *GetResponseBody) SetSignature(v *refs.Signature) {
 	if r != nil {
+		// TODO: (neofs-api-go#381) avoid this hack (e.g. create refs.SignatureRFC6979 type)
+		v.SetScheme(0)
 		r.sig = v
 	}
 }
@@ -476,6 +480,8 @@ func (r *DeleteRequestBody) GetSignature() *refs.Signature {
 
 func (r *DeleteRequestBody) SetSignature(v *refs.Signature) {
 	if r != nil {
+		// TODO: (neofs-api-go#381) avoid this hack (e.g. create refs.SignatureRFC6979 type)
+		v.SetScheme(0)
 		r.sig = v
 	}
 }
@@ -588,6 +594,8 @@ func (r *SetExtendedACLRequestBody) GetSignature() *refs.Signature {
 
 func (r *SetExtendedACLRequestBody) SetSignature(v *refs.Signature) {
 	if r != nil {
+		// TODO: (neofs-api-go#381) avoid this hack (e.g. create refs.SignatureRFC6979 type)
+		v.SetScheme(0)
 		r.sig = v
 	}
 }
@@ -672,6 +680,8 @@ func (r *GetExtendedACLResponseBody) GetSignature() *refs.Signature {
 
 func (r *GetExtendedACLResponseBody) SetSignature(v *refs.Signature) {
 	if r != nil {
+		// TODO: (neofs-api-go#381) avoid this hack (e.g. create refs.SignatureRFC6979 type)
+		v.SetScheme(0)
 		r.sig = v
 	}
 }
diff --git a/refs/grpc/types.go b/refs/grpc/types.go
index b1c48c1..e191656 100644
--- a/refs/grpc/types.go
+++ b/refs/grpc/types.go
@@ -84,6 +84,20 @@ func (x *Signature) SetScheme(s SignatureScheme) {
 	}
 }
 
+// SetKey sets public key in a binary format.
+func (x *SignatureRFC6979) SetKey(v []byte) {
+	if x != nil {
+		x.Key = v
+	}
+}
+
+// SetSign sets signature.
+func (x *SignatureRFC6979) SetSign(v []byte) {
+	if x != nil {
+		x.Sign = v
+	}
+}
+
 // FromString parses SignatureScheme from a string representation,
 // It is a reverse action to String().
 //
diff --git a/refs/grpc/types.pb.go b/refs/grpc/types.pb.go
index 7df2f05a3a3705d71d243623267ed91df6df31bb..96f62855e7a293e5b5a9f90ae4381ae201d4f217 100644
GIT binary patch
delta 1040
zcmZWoOH30{6it8N3`nW+Zzw}C(vkwx&rCZdU@L-1%g}ZR6b1Q6t5qcOiyCb(F>&KY
zIborgpoxhq6JmF6gasR8Sh#VeZgfF38lyWj`rh!7&s)6AJ?Gqe&%3#^wyL@FL9@7|
zMNn6bl+LN)F|QlfIKeSy*z_lHTW=!KoIZp<`r;$JgJl?NOY;dOI1p=X7A3DVptJ>D
zf@t+~PC}+xJLV1MjAHo3XWGQKdfd?E@@$%A>+3m^!O;|MGIf4zXli;QQO8bQzmnjT
zt$4F0mOX2Dtg~gY45ctAl%md<gZF|PW0qVz_cGaA(vPBf`}>Je#<#}AE`G401?xNX
zixrk#{EVXu)?=UZ_jy>VtugNP6|L;WgMe{YfqZ}Wwt=L-HDhmB(Q177VM$=7kwJgc
z3W+LBpO77x)%wyHZ!FHd2&8jO?hyyaU*m`9?WB{%qp$=-3JM6|mMHA@s<%YR1-T4I
zLx=IS!-6le$si6>v?f%KXJI2!p-L?Y?~?FUxDfV^!UH7V<EEPYr~?xnwMe#B!4b~I
zYKM!GUXhZ~mRbn1g93tw0)c1&(sB#V$SmH-ZFxIw@=4rlZ$N)%HCEfRXv3eKN*+li
z{>ja&ujq;>he)vf0+yix%#m`8#!ARGeUFsV9Ab{#qK`IhlB*y^`Twv-g|9}{>Vm2i
z)ar|!0uIJ3R4MEjofO+psy+xoYChb6yecHBlUUz?M0L2X5vuA_6qFxl3~qItx0Eux
zQzTkl6sSGYnusi23jPKegXkhrW~NKgY9%`Y-P~+48|&S6mLrF3IPd3hU$mgDrv!aH
zjhO54=?H_fr;G5rm&MnfA}z<w#{CfEK3t4TScv<!l6`7&iIrt+HG8+wZW~LD+8wlq
zv>~%?{s2_nd?9h}(&Y5zEfsY`4^cb$jH%a@vwyu!!!OBRE)Si`SVwMZG*V_E@mli_
D`BW@!

delta 831
zcmZ9KPfQa*7{#+~#kLTM!~(5AMh<FCX?NRhX&X?nR0<{v*_Hy@mZdDx&@QFjMvNLb
zdC=oCp46j>oJ=+*{z;I77d>e7tR75EG~wb!IcRWaAX?qS?9A_b?|a{D_WDQe>uc`e
zhG`|GE~tx_R4+-+D`ZxglWRqd6jV*Alq-rRYlTJCz-2|9trBA^ld@dV3i(=5u8^u$
zspYj=MIqYdvf{Pdq{2m2ra;QiD<vhDIxCIFW5cJ1<AdbC8tEsz-R8r($<28&W^Tu}
z$;k<DnwL<tcHq8w=y09A+he!cged8b#|EW=oRk<41wVs+Y@5$S>ZMWg=i#aCU(esF
zK#Slkt>!54>nj$Az<Kps;yX)YT{pew<VzFo^eH$WdxJ0ipRv(sMO*v^7Ed%A%&tF;
zUu(i6so7+=;c?QBEvbiYR}+VjNFK-9kPoXP4S1IH?6KSUWfA+6Z7`?eR(cA}dI&~S
zBL{+thw#h1%+@($GO84$Hmr{w!Dgzfg%W<QPBeq}X(vbUBQ4Urx91!<I6ktE>I9zY
z1fzF#Tw>NhgrYz%TO){$cjD$mCtA{uow-G1)5n-O7@(S9*f8HtOALt&iAGl=Z5Odg
zX%HqRb`eVzjRKzRqF#nVh8?cS9aV@8;-~k%GAT8&kHFdoX7DZ1f$x(MmKhT17&ICE
zQ#;mPrVIH!M87vBnM`3fau*2hmiEGxaa(*o!lNta!iQ-qN|{!ins(rqvG>UhSToKq
zGC};zh!C@3EM<dukQMRCc)N1l?Xh_!zfi4}+(*?y(d}V>kkK%L&1t8u=eF$n^M$J%
K7uNequejfw(fI-Z

diff --git a/refs/types.go b/refs/types.go
index dbe307a..7d89881 100644
--- a/refs/types.go
+++ b/refs/types.go
@@ -35,8 +35,7 @@ type SignatureScheme uint32
 
 //nolint:revive
 const (
-	UnspecifiedScheme SignatureScheme = iota
-	ECDSA_SHA512
+	ECDSA_SHA512 SignatureScheme = iota
 	ECDSA_RFC6979_SHA256
 )
 
@@ -189,7 +188,7 @@ func (s *Signature) GetScheme() SignatureScheme {
 	if s != nil {
 		return s.scheme
 	}
-	return UnspecifiedScheme
+	return 0
 }
 
 func (s *Signature) SetScheme(scheme SignatureScheme) {
diff --git a/util/signature/data.go b/util/signature/data.go
index ee2d7ad..cd02d88 100644
--- a/util/signature/data.go
+++ b/util/signature/data.go
@@ -41,13 +41,13 @@ func SignDataWithHandler(key *ecdsa.PrivateKey, src DataSource, handler KeySigna
 		opts[i](cfg)
 	}
 
-	sigData, err := sign(cfg, cfg.defaultScheme, key, data)
+	sigData, err := sign(cfg, key, data)
 	if err != nil {
 		return err
 	}
 
 	sig := new(refs.Signature)
-	sig.SetScheme(cfg.defaultScheme)
+	sig.SetScheme(cfg.scheme)
 	sig.SetKey(crypto.MarshalPublicKey(&key.PublicKey))
 	sig.SetSign(sigData)
 	handler(sig)
diff --git a/util/signature/options.go b/util/signature/options.go
index c77c290..dd38986 100644
--- a/util/signature/options.go
+++ b/util/signature/options.go
@@ -9,51 +9,45 @@ import (
 )
 
 type cfg struct {
-	defaultScheme  refs.SignatureScheme
-	restrictScheme refs.SignatureScheme
+	schemeFixed bool
+	scheme      refs.SignatureScheme
 }
 
 func defaultCfg() *cfg {
-	return &cfg{
-		defaultScheme:  refs.ECDSA_SHA512,
-		restrictScheme: refs.UnspecifiedScheme,
-	}
+	return new(cfg)
 }
 
 func verify(cfg *cfg, data []byte, sig *refs.Signature) error {
-	scheme := sig.GetScheme()
-	if scheme == refs.UnspecifiedScheme {
-		scheme = cfg.defaultScheme
-	}
-	if cfg.restrictScheme != refs.UnspecifiedScheme && scheme != cfg.restrictScheme {
-		return fmt.Errorf("%w: unexpected signature scheme", crypto.ErrInvalidSignature)
+	if !cfg.schemeFixed {
+		cfg.scheme = sig.GetScheme()
 	}
 
 	pub := crypto.UnmarshalPublicKey(sig.GetKey())
-	switch scheme {
+
+	switch cfg.scheme {
 	case refs.ECDSA_SHA512:
 		return crypto.Verify(pub, data, sig.GetSign())
 	case refs.ECDSA_RFC6979_SHA256:
 		return crypto.VerifyRFC6979(pub, data, sig.GetSign())
 	default:
-		return crypto.ErrInvalidSignature
+		return fmt.Errorf("unsupported signature scheme %s", cfg.scheme)
 	}
 }
 
-func sign(cfg *cfg, scheme refs.SignatureScheme, key *ecdsa.PrivateKey, data []byte) ([]byte, error) {
-	switch scheme {
+func sign(cfg *cfg, key *ecdsa.PrivateKey, data []byte) ([]byte, error) {
+	switch cfg.scheme {
 	case refs.ECDSA_SHA512:
 		return crypto.Sign(key, data)
 	case refs.ECDSA_RFC6979_SHA256:
 		return crypto.SignRFC6979(key, data)
 	default:
-		panic("unsupported scheme")
+		panic(fmt.Sprintf("unsupported scheme %s", cfg.scheme))
 	}
 }
 
 func SignWithRFC6979() SignOption {
 	return func(c *cfg) {
-		c.defaultScheme = refs.ECDSA_RFC6979_SHA256
-		c.restrictScheme = refs.ECDSA_RFC6979_SHA256
+		c.schemeFixed = true
+		c.scheme = refs.ECDSA_RFC6979_SHA256
 	}
 }