frostfs-node/cmd/frostfs-cli/modules/control/util.go

package control

import (
	"crypto/ecdsa"
	"errors"

	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/refs"
	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
	controlSvc "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control/server"
	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
	frostfscrypto "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/crypto"
	"github.com/spf13/cobra"
)

func initControlFlags(cmd *cobra.Command) {
	ff := cmd.Flags()
	ff.StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, commonflags.WalletPathDefault, commonflags.WalletPathUsage)
	ff.StringP(commonflags.Account, commonflags.AccountShorthand, commonflags.AccountDefault, commonflags.AccountUsage)
	ff.String(controlRPC, controlRPCDefault, controlRPCUsage)
	ff.DurationP(commonflags.Timeout, commonflags.TimeoutShorthand, commonflags.TimeoutDefault, commonflags.TimeoutUsage)
}

func signRequest(cmd *cobra.Command, pk *ecdsa.PrivateKey, req controlSvc.SignedMessage) {
	err := controlSvc.SignMessage(pk, req)
	commonCmd.ExitOnErr(cmd, "could not sign request: %w", err)
}

func verifyResponse(cmd *cobra.Command,
	sigControl interface {
		GetKey() []byte
		GetSign() []byte
	},
	body interface {
		StableMarshal([]byte) []byte
	},
) {
	if sigControl == nil {
		commonCmd.ExitOnErr(cmd, "", errors.New("missing response signature"))
	}

	// TODO(@cthulhu-rider): #468 use Signature message from FrostFS API to avoid conversion
	var sigV2 refs.Signature
	sigV2.SetScheme(refs.ECDSA_SHA512)
	sigV2.SetKey(sigControl.GetKey())
	sigV2.SetSign(sigControl.GetSign())

	var sig frostfscrypto.Signature
	commonCmd.ExitOnErr(cmd, "can't read signature: %w", sig.ReadFromV2(sigV2))

	if !sig.Verify(body.StableMarshal(nil)) {
		commonCmd.ExitOnErr(cmd, "", errors.New("invalid response signature"))
	}
}

func getClient(cmd *cobra.Command, pk *ecdsa.PrivateKey) *client.Client {
	return internalclient.GetSDKClientByFlag(cmd, pk, controlRPC)
}
[#1381] neofs-cli: Move `control` command to a separate module Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru> 2022-05-23 16:26:27 +00:00			`package control`

			`import (`
			`"crypto/ecdsa"`
			`"errors"`

Rename package name Due to source code relocation from GitHub. Signed-off-by: Alex Vanin <a.vanin@yadro.com> 2023-03-07 13:38:26 +00:00			`"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/refs"`
			`internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"`
			`"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"`
			`commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"`
			`controlSvc "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control/server"`
			`"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"`
			`frostfscrypto "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/crypto"`
[#1381] neofs-cli: Move `control` command to a separate module Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru> 2022-05-23 16:26:27 +00:00			`"github.com/spf13/cobra"`
			`)`

[#1917] neofs-cli: Support timeout in `control` commands Signed-off-by: Evgenii Stratonikov <evgeniy@morphbits.ru> 2022-10-17 15:37:15 +00:00			`func initControlFlags(cmd *cobra.Command) {`
			`ff := cmd.Flags()`
[#2089] neofs-cli: Remove `-g` option from `neofs-cli control ...` and `neofs-cli container create` commands Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com> 2022-11-29 10:22:17 +00:00			`ff.StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, commonflags.WalletPathDefault, commonflags.WalletPathUsage)`
			`ff.StringP(commonflags.Account, commonflags.AccountShorthand, commonflags.AccountDefault, commonflags.AccountUsage)`
[#1917] neofs-cli: Support timeout in `control` commands Signed-off-by: Evgenii Stratonikov <evgeniy@morphbits.ru> 2022-10-17 15:37:15 +00:00			`ff.String(controlRPC, controlRPCDefault, controlRPCUsage)`
			`ff.DurationP(commonflags.Timeout, commonflags.TimeoutShorthand, commonflags.TimeoutDefault, commonflags.TimeoutUsage)`
			`}`

[#1381] neofs-cli: Move `control` command to a separate module Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru> 2022-05-23 16:26:27 +00:00			`func signRequest(cmd cobra.Command, pk ecdsa.PrivateKey, req controlSvc.SignedMessage) {`
			`err := controlSvc.SignMessage(pk, req)`
[#1889] Move netmap.go and exit.go from `cli` to `cmd/internal/common` Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com> 2023-01-16 09:20:16 +00:00			`commonCmd.ExitOnErr(cmd, "could not sign request: %w", err)`
[#1381] neofs-cli: Move `control` command to a separate module Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru> 2022-05-23 16:26:27 +00:00			`}`

			`func verifyResponse(cmd *cobra.Command,`
			`sigControl interface {`
			`GetKey() []byte`
			`GetSign() []byte`
			`},`
			`body interface {`
[#1454] Upgrade NeoFS SDK Go module with new IDs Core changes: * avoid package-colliding variable naming * avoid using pointers to IDs where unnecessary * avoid using `idSDK` import alias pattern * use `EncodeToString` for protocol string calculation and `String` for printing Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-31 17:00:41 +00:00			`StableMarshal([]byte) []byte`
[#1381] neofs-cli: Move `control` command to a separate module Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru> 2022-05-23 16:26:27 +00:00			`},`
			`) {`
			`if sigControl == nil {`
[#1889] Move netmap.go and exit.go from `cli` to `cmd/internal/common` Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com> 2023-01-16 09:20:16 +00:00			`commonCmd.ExitOnErr(cmd, "", errors.New("missing response signature"))`
[#1381] neofs-cli: Move `control` command to a separate module Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru> 2022-05-23 16:26:27 +00:00			`}`

[#468] *: replace outdated TODO crypto-related links Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com> 2023-06-26 13:18:39 +00:00			`// TODO(@cthulhu-rider): #468 use Signature message from FrostFS API to avoid conversion`
[#1381] neofs-cli: Move `control` command to a separate module Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru> 2022-05-23 16:26:27 +00:00			`var sigV2 refs.Signature`
			`sigV2.SetScheme(refs.ECDSA_SHA512)`
			`sigV2.SetKey(sigControl.GetKey())`
			`sigV2.SetSign(sigControl.GetSign())`

Move to frostfs-node Signed-off-by: Pavel Karpy <p.karpy@yadro.com> 2022-12-23 17:35:35 +00:00			`var sig frostfscrypto.Signature`
[#1889] Move netmap.go and exit.go from `cli` to `cmd/internal/common` Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com> 2023-01-16 09:20:16 +00:00			`commonCmd.ExitOnErr(cmd, "can't read signature: %w", sig.ReadFromV2(sigV2))`
[#1381] neofs-cli: Move `control` command to a separate module Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru> 2022-05-23 16:26:27 +00:00
[#1454] Upgrade NeoFS SDK Go module with new IDs Core changes: * avoid package-colliding variable naming * avoid using pointers to IDs where unnecessary * avoid using `idSDK` import alias pattern * use `EncodeToString` for protocol string calculation and `String` for printing Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-31 17:00:41 +00:00			`if !sig.Verify(body.StableMarshal(nil)) {`
[#1889] Move netmap.go and exit.go from `cli` to `cmd/internal/common` Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com> 2023-01-16 09:20:16 +00:00			`commonCmd.ExitOnErr(cmd, "", errors.New("invalid response signature"))`
[#1381] neofs-cli: Move `control` command to a separate module Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru> 2022-05-23 16:26:27 +00:00			`}`
			`}`

			`func getClient(cmd cobra.Command, pk ecdsa.PrivateKey) *client.Client {`
[#1424] neofs-cli: Fail immediately if a client can't be created Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru> 2022-05-24 08:38:45 +00:00			`return internalclient.GetSDKClientByFlag(cmd, pk, controlRPC)`
[#1381] neofs-cli: Move `control` command to a separate module Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru> 2022-05-23 16:26:27 +00:00			`}`