session: change PrivateToken interface methods

This commit replaces PublicKey() and SignData() methods of PrivateToken
with PrivateKey() in order to have the ability to sign data with
session key using service package functions.
This commit is contained in:
Leonard Lyubich 2020-05-18 13:11:39 +03:00
parent ba27e296c3
commit af28735ca6
3 changed files with 7 additions and 39 deletions

View file

@ -4,8 +4,6 @@ import (
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
crypto "github.com/nspcc-dev/neofs-crypto"
)
type pToken struct {
@ -30,14 +28,9 @@ func NewPrivateToken(validUntil uint64) (PrivateToken, error) {
}, nil
}
// Sign signs data with session private key.
func (t *pToken) Sign(data []byte) ([]byte, error) {
return crypto.Sign(t.sessionKey, data)
}
// PublicKey returns a binary representation of the session public key.
func (t *pToken) PublicKey() []byte {
return crypto.MarshalPublicKey(&t.sessionKey.PublicKey)
// PrivateKey returns a binary representation of the session public key.
func (t *pToken) PrivateKey() *ecdsa.PrivateKey {
return t.sessionKey
}
func (t *pToken) Expired(epoch uint64) bool {

View file

@ -1,35 +1,16 @@
package session
import (
"crypto/rand"
"testing"
crypto "github.com/nspcc-dev/neofs-crypto"
"github.com/stretchr/testify/require"
)
func TestPrivateToken(t *testing.T) {
func TestPToken_PrivateKey(t *testing.T) {
// create new private token
pToken, err := NewPrivateToken(0)
require.NoError(t, err)
// generate data to sign
data := make([]byte, 10)
_, err = rand.Read(data)
require.NoError(t, err)
// sign data via private token
sig, err := pToken.Sign(data)
require.NoError(t, err)
// check signature
require.NoError(t,
crypto.Verify(
crypto.UnmarshalPublicKey(pToken.PublicKey()),
data,
sig,
),
)
require.NotNil(t, pToken.PrivateKey())
}
func TestPToken_Expired(t *testing.T) {

View file

@ -10,14 +10,8 @@ import (
// PrivateToken is an interface of session private part.
type PrivateToken interface {
// PublicKey must return a binary representation of session public key.
PublicKey() []byte
// Sign must return the signature of passed data.
//
// Resulting signature must be verified by crypto.Verify function
// with the session public key.
Sign([]byte) ([]byte, error)
// PrivateKey must return session private key.
PrivateKey() *ecdsa.PrivateKey
// Expired must return true if and only if private token is expired in the given epoch number.
Expired(uint64) bool