From 6ec104d6860143d8767b5d3729eeaf5352c7bb35 Mon Sep 17 00:00:00 2001
From: Pavel Karpy <carpawell@nspcc.ru>
Date: Sun, 27 Mar 2022 18:55:24 +0300
Subject: [PATCH] [#1255] node/session: Rename constant

Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
---
 .../session/storage/persistent/storage.go       | 17 +++--------------
 pkg/services/session/storage/persistent/util.go |  6 +++---
 2 files changed, 6 insertions(+), 17 deletions(-)

diff --git a/pkg/services/session/storage/persistent/storage.go b/pkg/services/session/storage/persistent/storage.go
index 05ab607d5..3e52a8dcf 100644
--- a/pkg/services/session/storage/persistent/storage.go
+++ b/pkg/services/session/storage/persistent/storage.go
@@ -3,7 +3,6 @@ package persistent
 import (
 	"crypto/aes"
 	"crypto/cipher"
-	"crypto/x509"
 	"encoding/hex"
 	"fmt"
 
@@ -62,20 +61,10 @@ func NewTokenStore(path string, opts ...Option) (*TokenStore, error) {
 	// enable encryption if it
 	// was configured so
 	if cfg.privateKey != nil {
-		rawKey, err := x509.MarshalECPrivateKey(cfg.privateKey)
-		if err != nil {
-			return nil, fmt.Errorf("could not marshal provided private key: %w", err)
-		}
+		rawKey := make([]byte, (cfg.privateKey.Curve.Params().N.BitLen()+7)/8)
+		cfg.privateKey.D.FillBytes(rawKey)
 
-		// tagOffset is a constant offset for
-		// tags when marshalling ECDSA key in
-		// ASN.1 DER form
-		const tagOffset = 7
-
-		// using first 32 bytes from
-		// the marshalled private key
-		// as a secret
-		c, err := aes.NewCipher(rawKey[tagOffset : tagOffset+32])
+		c, err := aes.NewCipher(rawKey)
 		if err != nil {
 			return nil, fmt.Errorf("could not create cipher block: %w", err)
 		}
diff --git a/pkg/services/session/storage/persistent/util.go b/pkg/services/session/storage/persistent/util.go
index 3180497f0..68ea58176 100644
--- a/pkg/services/session/storage/persistent/util.go
+++ b/pkg/services/session/storage/persistent/util.go
@@ -10,7 +10,7 @@ import (
 	"go.etcd.io/bbolt"
 )
 
-const expOffset = 8
+const keyOffset = 8
 
 func (s *TokenStore) packToken(exp uint64, key *ecdsa.PrivateKey) ([]byte, error) {
 	rawKey, err := x509.MarshalECPrivateKey(key)
@@ -25,7 +25,7 @@ func (s *TokenStore) packToken(exp uint64, key *ecdsa.PrivateKey) ([]byte, error
 		}
 	}
 
-	res := make([]byte, expOffset, expOffset+len(rawKey))
+	res := make([]byte, keyOffset, keyOffset+len(rawKey))
 	binary.LittleEndian.PutUint64(res, exp)
 
 	res = append(res, rawKey...)
@@ -37,7 +37,7 @@ func (s *TokenStore) unpackToken(raw []byte) (*storage.PrivateToken, error) {
 	var err error
 
 	epoch := epochFromToken(raw)
-	rawKey := raw[expOffset:]
+	rawKey := raw[keyOffset:]
 
 	if s.gcm != nil {
 		rawKey, err = s.decrypt(rawKey)