[#11] accounting: Implement signing service

Adds accounting Service implementation that verifiers request signatures and
signs responses from internal Service.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
This commit is contained in:
Leonard Lyubich 2020-08-22 17:17:03 +03:00 committed by Alex Vanin
parent 65eb1181e9
commit 5cf622881f
3 changed files with 58 additions and 3 deletions

View file

@ -2,7 +2,10 @@ package main
import ( import (
"context" "context"
"crypto/ecdsa"
"sync" "sync"
crypto "github.com/nspcc-dev/neofs-crypto"
) )
type cfg struct { type cfg struct {
@ -11,12 +14,18 @@ type cfg struct {
wg *sync.WaitGroup wg *sync.WaitGroup
grpcAddr string grpcAddr string
key *ecdsa.PrivateKey
} }
func defaultCfg() *cfg { func defaultCfg() *cfg {
key, err := crypto.LoadPrivateKey("Kwk6k2eC3L3QuPvD8aiaNyoSXgQ2YL1bwS5CP1oKoA9waeAze97s")
fatalOnErr(err)
return &cfg{ return &cfg{
ctx: context.Background(), ctx: context.Background(),
wg: new(sync.WaitGroup), wg: new(sync.WaitGroup),
grpcAddr: "127.0.0.1:50501", grpcAddr: "127.0.0.1:50501",
key: key,
} }
} }

View file

@ -13,10 +13,11 @@ import (
object "github.com/nspcc-dev/neofs-api-go/v2/object/grpc" object "github.com/nspcc-dev/neofs-api-go/v2/object/grpc"
sessionGRPC "github.com/nspcc-dev/neofs-api-go/v2/session" sessionGRPC "github.com/nspcc-dev/neofs-api-go/v2/session"
session "github.com/nspcc-dev/neofs-api-go/v2/session/grpc" session "github.com/nspcc-dev/neofs-api-go/v2/session/grpc"
accountingTransport "github.com/nspcc-dev/neofs-node/pkg/network/transport/accounting/grpc" accountingTransportGRPC "github.com/nspcc-dev/neofs-node/pkg/network/transport/accounting/grpc"
containerTransport "github.com/nspcc-dev/neofs-node/pkg/network/transport/container/grpc" containerTransport "github.com/nspcc-dev/neofs-node/pkg/network/transport/container/grpc"
objectTransport "github.com/nspcc-dev/neofs-node/pkg/network/transport/object/grpc" objectTransport "github.com/nspcc-dev/neofs-node/pkg/network/transport/object/grpc"
sessionTransport "github.com/nspcc-dev/neofs-node/pkg/network/transport/session/grpc" sessionTransport "github.com/nspcc-dev/neofs-node/pkg/network/transport/session/grpc"
accountingService "github.com/nspcc-dev/neofs-node/pkg/services/accounting"
"github.com/pkg/errors" "github.com/pkg/errors"
"google.golang.org/grpc" "google.golang.org/grpc"
) )
@ -34,7 +35,7 @@ func unimplementedErr(srv, call string) error {
} }
func (s *accountingSvc) Balance(context.Context, *accounting.BalanceRequest) (*accounting.BalanceResponse, error) { func (s *accountingSvc) Balance(context.Context, *accounting.BalanceRequest) (*accounting.BalanceResponse, error) {
return nil, unimplementedErr("Accounting", "Balance") return new(accounting.BalanceResponse), nil
} }
func (s *sessionSvc) Create(context.Context, *sessionGRPC.CreateRequest) (*sessionGRPC.CreateResponse, error) { func (s *sessionSvc) Create(context.Context, *sessionGRPC.CreateRequest) (*sessionGRPC.CreateResponse, error) {
@ -99,7 +100,9 @@ func serveGRPC(c *cfg) {
srv := grpc.NewServer() srv := grpc.NewServer()
accountingGRPC.RegisterAccountingServiceServer(srv, accountingTransport.New(new(accountingSvc))) accountingGRPC.RegisterAccountingServiceServer(srv,
accountingTransportGRPC.New(accountingService.NewSignService(c.key, new(accountingSvc))),
)
container.RegisterContainerServiceServer(srv, containerTransport.New(new(containerSvc))) container.RegisterContainerServiceServer(srv, containerTransport.New(new(containerSvc)))
session.RegisterSessionServiceServer(srv, sessionTransport.New(new(sessionSvc))) session.RegisterSessionServiceServer(srv, sessionTransport.New(new(sessionSvc)))
object.RegisterObjectServiceServer(srv, objectTransport.New(new(objectSvc))) object.RegisterObjectServiceServer(srv, objectTransport.New(new(objectSvc)))

View file

@ -0,0 +1,43 @@
package accounting
import (
"context"
"crypto/ecdsa"
"github.com/nspcc-dev/neofs-api-go/v2/accounting"
"github.com/nspcc-dev/neofs-api-go/v2/signature"
"github.com/pkg/errors"
)
type signService struct {
key *ecdsa.PrivateKey
svc accounting.Service
}
func NewSignService(key *ecdsa.PrivateKey, svc accounting.Service) accounting.Service {
return &signService{
key: key,
svc: svc,
}
}
func (s *signService) Balance(ctx context.Context, req *accounting.BalanceRequest) (*accounting.BalanceResponse, error) {
// verify request signatures
if err := signature.VerifyServiceMessage(req); err != nil {
return nil, errors.Wrap(err, "could not verify request")
}
// process request
resp, err := s.svc.Balance(ctx, req)
if err != nil {
return nil, err
}
// sign the response
if err := signature.SignServiceMessage(s.key, resp); err != nil {
return nil, errors.Wrap(err, "could not sign response")
}
return resp, nil
}