service: add method to RequestVerificationHeader to validate owner

2019-11-26 13:34:16 +03:00 · 2019-11-26 13:34:16 +03:00 · eda9ea3829
commit eda9ea3829
parent 8967a0d1f5
1 changed files with 16 additions and 0 deletions
--- a/service/verify.go
+++ b/service/verify.go
@ -6,6 +6,7 @@ import (
 	"github.com/gogo/protobuf/proto"
 	crypto "github.com/nspcc-dev/neofs-crypto"
 	"github.com/nspcc-dev/neofs-proto/internal"
+	"github.com/nspcc-dev/neofs-proto/refs"
 	"github.com/pkg/errors"
 )

@ -35,6 +36,9 @@ const (

 	// ErrCannotFindOwner is raised when signatures empty in GetOwner.
 	ErrCannotFindOwner = internal.Error("cannot find owner public key")
+
+	// ErrWrongOwner is raised when passed OwnerID not equal to present PublicKey
+	ErrWrongOwner = internal.Error("wrong owner")
 )

 // SetSignatures replaces signatures stored in RequestVerificationHeader.
@ -62,6 +66,18 @@ func (m *RequestVerificationHeader) SetOwner(pub *ecdsa.PublicKey, sign []byte)
 	}
 }

+// CheckOwner validates, that passed OwnerID is equal to present PublicKey of owner.
+func (m *RequestVerificationHeader) CheckOwner(owner refs.OwnerID) error {
+	if key, err := m.GetOwner(); err != nil {
+		return err
+	} else if user, err := refs.NewOwnerID(key); err != nil {
+		return err
+	} else if !user.Equal(owner) {
+		return ErrWrongOwner
+	}
+	return nil
+}
+
 // GetOwner tries to get owner (client) public key from signatures.
 // If signatures contains not empty Origin, we should try to validate,
 // that session key was signed by owner (client), otherwise return error.