From 7611c218e385f291a01e2d6c8efb3df694713782 Mon Sep 17 00:00:00 2001
From: Leonard Lyubich <leonard@nspcc.ru>
Date: Mon, 16 Nov 2020 17:35:52 +0300
Subject: [PATCH] [#199] sdk/client: Verify eACL table signature in GetEACL
 method

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
---
 pkg/client/container.go | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/pkg/client/container.go b/pkg/client/container.go
index 279a340d..58570372 100644
--- a/pkg/client/container.go
+++ b/pkg/client/container.go
@@ -350,9 +350,20 @@ func (c Client) getEACLV2(ctx context.Context, id *container.ID, opts ...CallOpt
 			return nil, errors.New("response body is nil")
 		}
 
-		result := eacl.NewTableFromV2(body.GetEACL())
+		if err := signature.VerifyDataWithSource(
+			v2signature.StableMarshalerWrapper{
+				SM: body.GetEACL(),
+			},
+			func() (key, sig []byte) {
+				s := body.GetSignature()
 
-		// todo: check signature
+				return s.GetKey(), s.GetSign()
+			},
+		); err != nil {
+			return nil, errors.Wrap(err, "incorrect signature")
+		}
+
+		result := eacl.NewTableFromV2(body.GetEACL())
 
 		return result, nil
 	default: