From 155396732829e3b9cb168e548583c4b94019c6ce Mon Sep 17 00:00:00 2001 From: Evgenii Stratonikov Date: Mon, 31 May 2021 11:55:38 +0300 Subject: [PATCH] [#562] cmd/neofs-ir: use NEP-6 wallet for keys Also remove neofs-crypto uses from `pkg/innerring`. Signed-off-by: Evgenii Stratonikov --- cmd/neofs-ir/defaults.go | 4 ++- pkg/innerring/indexer.go | 10 +++--- pkg/innerring/innerring.go | 26 ++++++++------ .../processors/netmap/cleanup_table_test.go | 20 ++++++----- .../processors/settlement/audit/calculate.go | 11 ++++-- pkg/innerring/settlement.go | 11 ++++-- pkg/util/config/crypto.go | 34 +++++++++++++++++++ 7 files changed, 85 insertions(+), 31 deletions(-) create mode 100644 pkg/util/config/crypto.go diff --git a/cmd/neofs-ir/defaults.go b/cmd/neofs-ir/defaults.go index a65ffd4d3..dd4040d78 100644 --- a/cmd/neofs-ir/defaults.go +++ b/cmd/neofs-ir/defaults.go @@ -52,7 +52,9 @@ func defaultConfiguration(cfg *viper.Viper) { cfg.SetDefault("mainnet.endpoint.notification", "") cfg.SetDefault("mainnet.dial_timeout", "10s") - cfg.SetDefault("key", "") // inner ring node key + cfg.SetDefault("wallet.path", "") // inner ring node NEP-6 wallet + cfg.SetDefault("wallet.address", "") // account address + cfg.SetDefault("wallet.password", "") // password cfg.SetDefault("contracts.netmap", "") cfg.SetDefault("contracts.neofs", "") diff --git a/pkg/innerring/indexer.go b/pkg/innerring/indexer.go index b05c8b8dd..ae644d0b1 100644 --- a/pkg/innerring/indexer.go +++ b/pkg/innerring/indexer.go @@ -2,13 +2,11 @@ package innerring import ( "bytes" - "crypto/ecdsa" "fmt" "sync" "time" "github.com/nspcc-dev/neo-go/pkg/crypto/keys" - crypto "github.com/nspcc-dev/neofs-crypto" "github.com/nspcc-dev/neofs-node/pkg/morph/client" ) @@ -17,7 +15,7 @@ type ( sync.RWMutex cli *client.Client - key *ecdsa.PublicKey + key *keys.PublicKey timeout time.Duration ind indexes @@ -31,7 +29,7 @@ type ( } ) -func newInnerRingIndexer(cli *client.Client, key *ecdsa.PublicKey, to time.Duration) *innerRingIndexer { +func newInnerRingIndexer(cli *client.Client, key *keys.PublicKey, to time.Duration) *innerRingIndexer { return &innerRingIndexer{ cli: cli, key: key, @@ -104,9 +102,9 @@ func (s *innerRingIndexer) AlphabetIndex() (int32, error) { // keyPosition returns "-1" if key is not found in the list, otherwise returns // index of the key. -func keyPosition(key *ecdsa.PublicKey, list keys.PublicKeys) (result int32) { +func keyPosition(key *keys.PublicKey, list keys.PublicKeys) (result int32) { result = -1 - rawBytes := crypto.MarshalPublicKey(key) + rawBytes := key.Bytes() for i := range list { if bytes.Equal(list[i].Bytes(), rawBytes) { diff --git a/pkg/innerring/innerring.go b/pkg/innerring/innerring.go index fe2cf89a1..aba503589 100644 --- a/pkg/innerring/innerring.go +++ b/pkg/innerring/innerring.go @@ -2,7 +2,6 @@ package innerring import ( "context" - "crypto/ecdsa" "errors" "fmt" "io" @@ -11,7 +10,6 @@ import ( "github.com/nspcc-dev/neo-go/pkg/crypto/keys" "github.com/nspcc-dev/neo-go/pkg/encoding/fixedn" "github.com/nspcc-dev/neo-go/pkg/util" - crypto "github.com/nspcc-dev/neofs-crypto" "github.com/nspcc-dev/neofs-node/pkg/innerring/config" "github.com/nspcc-dev/neofs-node/pkg/innerring/processors/alphabet" "github.com/nspcc-dev/neofs-node/pkg/innerring/processors/audit" @@ -35,6 +33,7 @@ import ( "github.com/nspcc-dev/neofs-node/pkg/morph/timer" audittask "github.com/nspcc-dev/neofs-node/pkg/services/audit/taskmanager" util2 "github.com/nspcc-dev/neofs-node/pkg/util" + utilConfig "github.com/nspcc-dev/neofs-node/pkg/util/config" "github.com/nspcc-dev/neofs-node/pkg/util/precision" "github.com/panjf2000/ants/v2" "github.com/spf13/viper" @@ -68,7 +67,7 @@ type ( sideNotaryConfig *notaryConfig // internal variables - key *ecdsa.PrivateKey + key *keys.PrivateKey pubKey []byte contracts *contracts predefinedValidators keys.PublicKeys @@ -110,7 +109,7 @@ type ( chainParams struct { log *zap.Logger cfg *viper.Viper - key *ecdsa.PrivateKey + key *keys.PrivateKey name string gas util.Uint160 } @@ -264,11 +263,16 @@ func New(ctx context.Context, log *zap.Logger, cfg *viper.Viper) (*Server, error server.mainNotaryConfig, server.sideNotaryConfig = parseNotaryConfigs(cfg) // prepare inner ring node private key - server.key, err = crypto.LoadPrivateKey(cfg.GetString("key")) + acc, err := utilConfig.LoadAccount( + cfg.GetString("wallet.path"), + cfg.GetString("wallet.address"), + cfg.GetString("wallet.password")) if err != nil { - return nil, fmt.Errorf("ir: can't create private key: %w", err) + return nil, fmt.Errorf("ir: %w", err) } + server.key = acc.PrivateKey() + // get all script hashes of contracts server.contracts, err = parseContracts(cfg) if err != nil { @@ -344,11 +348,11 @@ func New(ctx context.Context, log *zap.Logger, cfg *viper.Viper) (*Server, error } } - server.pubKey = crypto.MarshalPublicKey(&server.key.PublicKey) + server.pubKey = server.key.PublicKey().Bytes() server.statusIndex = newInnerRingIndexer( server.morphClient, - &server.key.PublicKey, + server.key.PublicKey(), cfg.GetDuration("indexer.cache_timeout"), ) @@ -394,7 +398,7 @@ func New(ctx context.Context, log *zap.Logger, cfg *viper.Viper) (*Server, error clientCache := newClientCache(&clientCacheParams{ Log: log, - Key: server.key, + Key: &server.key.PrivateKey, SGTimeout: cfg.GetDuration("audit.timeout.get"), HeadTimeout: cfg.GetDuration("audit.timeout.head"), RangeTimeout: cfg.GetDuration("audit.timeout.rangehash"), @@ -432,7 +436,7 @@ func New(ctx context.Context, log *zap.Logger, cfg *viper.Viper) (*Server, error IRList: server, FeeProvider: server.feeConfig, ClientCache: clientCache, - Key: server.key, + Key: &server.key.PrivateKey, RPCSearchTimeout: cfg.GetDuration("audit.timeout.search"), TaskManager: auditTaskManager, Reporter: server, @@ -738,7 +742,7 @@ func createListener(ctx context.Context, p *chainParams) (event.Listener, error) func createClient(ctx context.Context, p *chainParams) (*client.Client, error) { return client.New( - p.key, + &p.key.PrivateKey, p.cfg.GetString(p.name+".endpoint.client"), client.WithContext(ctx), client.WithLogger(p.log), diff --git a/pkg/innerring/processors/netmap/cleanup_table_test.go b/pkg/innerring/processors/netmap/cleanup_table_test.go index c6362ea2e..6ed91a51e 100644 --- a/pkg/innerring/processors/netmap/cleanup_table_test.go +++ b/pkg/innerring/processors/netmap/cleanup_table_test.go @@ -1,21 +1,25 @@ package netmap import ( - "crypto/ecdsa" "encoding/hex" "testing" + "github.com/nspcc-dev/neo-go/pkg/crypto/keys" "github.com/nspcc-dev/neofs-api-go/pkg/netmap" - crypto "github.com/nspcc-dev/neofs-crypto" - "github.com/nspcc-dev/neofs-node/pkg/util/test" "github.com/stretchr/testify/require" ) +func genKey(t *testing.T) *keys.PrivateKey { + priv, err := keys.NewPrivateKey() + require.NoError(t, err) + return priv +} + func TestCleanupTable(t *testing.T) { infos := []netmap.NodeInfo{ - newNodeInfo(&test.DecodeKey(1).PublicKey), - newNodeInfo(&test.DecodeKey(2).PublicKey), - newNodeInfo(&test.DecodeKey(3).PublicKey), + newNodeInfo(genKey(t).PublicKey()), + newNodeInfo(genKey(t).PublicKey()), + newNodeInfo(genKey(t).PublicKey()), } networkMap, err := netmap.NewNetmap(netmap.NodesFromInfo(infos)) @@ -117,7 +121,7 @@ func TestCleanupTable(t *testing.T) { }) } -func newNodeInfo(key *ecdsa.PublicKey) (n netmap.NodeInfo) { - n.SetPublicKey(crypto.MarshalPublicKey(key)) +func newNodeInfo(key *keys.PublicKey) (n netmap.NodeInfo) { + n.SetPublicKey(key.Bytes()) return n } diff --git a/pkg/innerring/processors/settlement/audit/calculate.go b/pkg/innerring/processors/settlement/audit/calculate.go index 4dcc88b21..84a4cea83 100644 --- a/pkg/innerring/processors/settlement/audit/calculate.go +++ b/pkg/innerring/processors/settlement/audit/calculate.go @@ -2,14 +2,16 @@ package audit import ( "bytes" + "crypto/ecdsa" + "crypto/elliptic" "encoding/hex" "math/big" + "github.com/nspcc-dev/neo-go/pkg/crypto/keys" "github.com/nspcc-dev/neofs-api-go/pkg/audit" cid "github.com/nspcc-dev/neofs-api-go/pkg/container/id" "github.com/nspcc-dev/neofs-api-go/pkg/object" "github.com/nspcc-dev/neofs-api-go/pkg/owner" - crypto "github.com/nspcc-dev/neofs-crypto" "github.com/nspcc-dev/neofs-node/pkg/innerring/processors/settlement/common" "github.com/nspcc-dev/neofs-node/pkg/util/logger" "go.uber.org/zap" @@ -312,9 +314,12 @@ func (c *singleResultCtx) auditEpoch() uint64 { } func ownerFromKey(key []byte) (*owner.ID, error) { - pubKey := crypto.UnmarshalPublicKey(key) + pubKey, err := keys.NewPublicKeyFromBytes(key, elliptic.P256()) + if err != nil { + return nil, err + } - n3wallet, err := owner.NEO3WalletFromPublicKey(pubKey) + n3wallet, err := owner.NEO3WalletFromPublicKey((*ecdsa.PublicKey)(pubKey)) if err != nil { return nil, err } diff --git a/pkg/innerring/settlement.go b/pkg/innerring/settlement.go index 31070795f..f3203e58c 100644 --- a/pkg/innerring/settlement.go +++ b/pkg/innerring/settlement.go @@ -2,10 +2,13 @@ package innerring import ( "context" + "crypto/ecdsa" + "crypto/elliptic" "encoding/hex" "fmt" "math/big" + "github.com/nspcc-dev/neo-go/pkg/crypto/keys" auditAPI "github.com/nspcc-dev/neofs-api-go/pkg/audit" containerAPI "github.com/nspcc-dev/neofs-api-go/pkg/container" cid "github.com/nspcc-dev/neofs-api-go/pkg/container/id" @@ -13,7 +16,6 @@ import ( "github.com/nspcc-dev/neofs-api-go/pkg/object" "github.com/nspcc-dev/neofs-api-go/pkg/owner" "github.com/nspcc-dev/neofs-api-go/pkg/storagegroup" - crypto "github.com/nspcc-dev/neofs-crypto" "github.com/nspcc-dev/neofs-node/pkg/core/container" "github.com/nspcc-dev/neofs-node/pkg/core/netmap" "github.com/nspcc-dev/neofs-node/pkg/innerring/processors/settlement/audit" @@ -181,7 +183,12 @@ func (s settlementDeps) SGInfo(addr *object.Address) (audit.SGInfo, error) { } func (s settlementDeps) ResolveKey(ni common.NodeInfo) (*owner.ID, error) { - w, err := owner.NEO3WalletFromPublicKey(crypto.UnmarshalPublicKey(ni.PublicKey())) + pub, err := keys.NewPublicKeyFromBytes(ni.PublicKey(), elliptic.P256()) + if err != nil { + return nil, err + } + + w, err := owner.NEO3WalletFromPublicKey((*ecdsa.PublicKey)(pub)) if err != nil { return nil, err } diff --git a/pkg/util/config/crypto.go b/pkg/util/config/crypto.go new file mode 100644 index 000000000..2564b21c0 --- /dev/null +++ b/pkg/util/config/crypto.go @@ -0,0 +1,34 @@ +package config + +import ( + "errors" + + "github.com/nspcc-dev/neo-go/pkg/encoding/address" + "github.com/nspcc-dev/neo-go/pkg/wallet" +) + +// LoadAccount loads NEP-6 load, unlocks and returns provided account. +func LoadAccount(path, addr, password string) (*wallet.Account, error) { + w, err := wallet.NewWalletFromFile(path) + if err != nil { + return nil, err + } + + defer w.Close() + + h, err := address.StringToUint160(addr) + if err != nil { + return nil, err + } + + acc := w.GetAccount(h) + if acc == nil { + return nil, errors.New("account is missing") + } + + if err := acc.Decrypt(password); err != nil { + return nil, err + } + + return acc, nil +}