frostfs-api-go/session/private.go
Leonard Lyubich 291d512840 session: implement function for receiving session public key bytes
After recent changes PrivateToken cannot directly return public key
bytes. In order to provide this ability, this commit implements
a function over PrivateToken interface.
2020-05-18 16:47:15 +03:00

67 lines
1.5 KiB
Go

package session
import (
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
crypto "github.com/nspcc-dev/neofs-crypto"
)
type pToken struct {
// private session token
sessionKey *ecdsa.PrivateKey
// last epoch of the lifetime
validUntil uint64
}
// NewPrivateToken creates PrivateToken instance that expires after passed epoch.
//
// Returns non-nil error on key generation error.
func NewPrivateToken(validUntil uint64) (PrivateToken, error) {
sk, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
return nil, err
}
return &pToken{
sessionKey: sk,
validUntil: validUntil,
}, nil
}
// PublicSessionToken returns a binary representation of session public key.
//
// If passed PrivateToken is nil, ErrNilPrivateToken returns.
// If passed PrivateToken carries nil private key, crypto.ErrEmptyPrivateKey returns.
func PublicSessionToken(pToken PrivateToken) ([]byte, error) {
if pToken == nil {
return nil, ErrNilPrivateToken
}
sk := pToken.PrivateKey()
if sk == nil {
return nil, crypto.ErrEmptyPrivateKey
}
return crypto.MarshalPublicKey(&sk.PublicKey), nil
}
// PrivateKey is a session private key getter.
func (t *pToken) PrivateKey() *ecdsa.PrivateKey {
return t.sessionKey
}
func (t *pToken) Expired(epoch uint64) bool {
return t.validUntil < epoch
}
// SetOwnerID is an owner ID field setter.
func (s *PrivateTokenKey) SetOwnerID(id OwnerID) {
s.owner = id
}
// SetTokenID is a token ID field setter.
func (s *PrivateTokenKey) SetTokenID(id TokenID) {
s.token = id
}