In previous implementation service package provided types and functions
that wrapped signing/verification of data with session token.
This allowed us to use these functions for signing / verification of
service requests of other packages. To support the expansion of messages
with additional parts that need to be signed, you must be able to easily
expand the signed data with new parts.
To achieve the described goal, this commit makes the following changes:
* adds GroupSignedPayloads and GroupVerifyPayloads functions;
* renames SignedDataWithToken to RequestData, DataWithTokenSignAccumulator
to RequestSignedData, DataWithTokenSignSource to RequestVerifyData;
* renames SignDataWithSessionToken/VerifyAccumulatedSignaturesWithToken
function to SignRequestData/VerifyRequestData and makes it to use
GroupSignedPayloads/GroupVerifyPayloads internally.
In previous implementation first byte of buffer for HeadRequest
signed payload was set to 1 if FullHeaders flag was set. Otherwise,
this byte remained unchanged. For correct recording of a signed payload,
it is necessary to explicitly set the first byte with the unset flag.
BasicACL have set of rules for every request type. ACL will be
processed before any request specific handlers. Therefore
we need to determine request type in generic request interface,
which is used in pre-processors of object service
implementation.
Raw flag provides the ability to switch the expected representation
of the object between the physically stored and the system-wide.
The response to the request may vary when the flag is set for some
classes of objects (e.g. linking).
Verify routine now supports public key field to check
if integrity header contains correct signature of
object header.
Verify also have strict check that integrity header is
last header in the list of headers.
Object can contain public key header. It will be used
for object verification. This header can contain owner's
public key or be the part of x509 chain verification in
couple with verification header.
Tombstone header contains timestamp when tombstone was created.
This timestamp duplicates object creation timestamp in object
system header. This commit removes redundant field.
- SendPutRequest unused and work not like expected
- MakePutRequestHeader should not set epoch / ttl
- remove unused internal functions and consts
- update to latest neofs-crypto
