frostfs-sdk-go/eacl/target.go

180 lines
3.7 KiB
Go
Raw Permalink Normal View History

package eacl
import (
"bytes"
"crypto/ecdsa"
v2acl "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/acl"
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
)
// Target is a group of request senders to match ContainerEACL. Defined by role enum
// and set of public keys.
//
// Target is compatible with v2 acl.EACLRecord.Target message.
type Target struct {
role Role
keys [][]byte
}
func ecdsaKeysToPtrs(keys []ecdsa.PublicKey) []*ecdsa.PublicKey {
keysPtr := make([]*ecdsa.PublicKey, len(keys))
for i := range keys {
keysPtr[i] = &keys[i]
}
return keysPtr
}
// BinaryKeys returns list of public keys to identify
// target subject in a binary format.
func (t *Target) BinaryKeys() [][]byte {
return t.keys
}
// SetBinaryKeys sets list of binary public keys to identify
// target subject.
func (t *Target) SetBinaryKeys(keys [][]byte) {
t.keys = keys
}
// SetTargetECDSAKeys converts ECDSA public keys to a binary
// format and stores them in Target.
func SetTargetECDSAKeys(t *Target, pubs ...*ecdsa.PublicKey) {
binKeys := t.BinaryKeys()
ln := len(pubs)
if cap(binKeys) >= ln {
binKeys = binKeys[:0]
} else {
binKeys = make([][]byte, 0, ln)
}
for i := 0; i < ln; i++ {
binKeys = append(binKeys, (*keys.PublicKey)(pubs[i]).Bytes())
}
t.SetBinaryKeys(binKeys)
}
// TargetECDSAKeys interprets binary public keys of Target
// as ECDSA public keys. If any key has a different format,
// the corresponding element will be nil.
func TargetECDSAKeys(t *Target) []*ecdsa.PublicKey {
binKeys := t.BinaryKeys()
ln := len(binKeys)
pubs := make([]*ecdsa.PublicKey, ln)
for i := 0; i < ln; i++ {
p := new(keys.PublicKey)
if p.DecodeBytes(binKeys[i]) == nil {
pubs[i] = (*ecdsa.PublicKey)(p)
}
}
return pubs
}
// SetRole sets target subject's role class.
func (t *Target) SetRole(r Role) {
t.role = r
}
// Role returns target subject's role class.
func (t Target) Role() Role {
return t.role
}
// ToV2 converts Target to v2 acl.EACLRecord.Target message.
//
// Nil Target converts to nil.
func (t *Target) ToV2() *v2acl.Target {
if t == nil {
return nil
}
target := new(v2acl.Target)
target.SetRole(t.role.ToV2())
target.SetKeys(t.keys)
return target
}
// NewTarget creates, initializes and returns blank Target instance.
//
// Defaults:
// - role: RoleUnknown;
// - keys: nil.
func NewTarget() *Target {
return NewTargetFromV2(new(v2acl.Target))
}
// NewTargetFromV2 converts v2 acl.EACLRecord.Target message to Target.
func NewTargetFromV2(target *v2acl.Target) *Target {
if target == nil {
return new(Target)
}
return &Target{
role: RoleFromV2(target.GetRole()),
keys: target.GetKeys(),
}
}
// Marshal marshals Target into a protobuf binary form.
func (t *Target) Marshal() ([]byte, error) {
return t.ToV2().StableMarshal(nil), nil
}
// Unmarshal unmarshals protobuf binary representation of Target.
func (t *Target) Unmarshal(data []byte) error {
fV2 := new(v2acl.Target)
if err := fV2.Unmarshal(data); err != nil {
return err
}
*t = *NewTargetFromV2(fV2)
return nil
}
// MarshalJSON encodes Target to protobuf JSON format.
func (t *Target) MarshalJSON() ([]byte, error) {
return t.ToV2().MarshalJSON()
}
// UnmarshalJSON decodes Target from protobuf JSON format.
func (t *Target) UnmarshalJSON(data []byte) error {
tV2 := new(v2acl.Target)
if err := tV2.UnmarshalJSON(data); err != nil {
return err
}
*t = *NewTargetFromV2(tV2)
return nil
}
// equalTargets compares Target with each other.
func equalTargets(t1, t2 Target) bool {
if t1.Role() != t2.Role() {
return false
}
keys1, keys2 := t1.BinaryKeys(), t2.BinaryKeys()
if len(keys1) != len(keys2) {
return false
}
for i := 0; i < len(keys1); i++ {
if !bytes.Equal(keys1[i], keys2[i]) {
return false
}
}
return true
}