frostfs-node/pkg/innerring/processors/container/process_container.go

package container

import (
	"crypto/elliptic"
	"crypto/sha256"
	"errors"
	"fmt"

	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
	containerSDK "github.com/nspcc-dev/neofs-api-go/pkg/container"
	"github.com/nspcc-dev/neofs-node/pkg/core/container"
	containerEvent "github.com/nspcc-dev/neofs-node/pkg/morph/event/container"
	"go.uber.org/zap"
)

// Process new container from the user by checking container sanity
// and sending approve tx back to morph.
func (cp *Processor) processContainerPut(put *containerEvent.Put) {
	if !cp.alphabetState.IsAlphabet() {
		cp.log.Info("non alphabet mode, ignore container put")
		return
	}

	err := cp.checkPutContainer(put)
	if err != nil {
		cp.log.Error("put container check failed",
			zap.String("error", err.Error()),
		)

		return
	}

	cp.approvePutContainer(put)
}

func (cp *Processor) checkPutContainer(e *containerEvent.Put) error {
	// verify signature
	key, err := keys.NewPublicKeyFromBytes(e.PublicKey(), elliptic.P256())
	if err != nil {
		return fmt.Errorf("invalid key: %w", err)
	}

	binCnr := e.Container()
	tableHash := sha256.Sum256(binCnr)

	if !key.Verify(e.Signature(), tableHash[:]) {
		return errors.New("invalid signature")
	}

	// unmarshal container structure
	cnr := containerSDK.New()

	err = cnr.Unmarshal(binCnr)
	if err != nil {
		return fmt.Errorf("invalid binary container: %w", err)
	}

	// perform format check
	err = container.CheckFormat(cnr)
	if err != nil {
		return fmt.Errorf("incorrect container format: %w", err)
	}

	return cp.checkKeyOwnership(cnr, key)
}

func (cp *Processor) approvePutContainer(e *containerEvent.Put) {
	// FIXME: here we should bind key to owner if needed
	err := cp.cnrClient.Put(e.Container(), e.PublicKey(), e.Signature(), e.SessionToken())
	if err != nil {
		cp.log.Error("could not approve put container",
			zap.String("error", err.Error()),
		)
	}
}

// Process delete container operation from the user by checking container sanity
// and sending approve tx back to morph.
func (cp *Processor) processContainerDelete(delete *containerEvent.Delete) {
	if !cp.alphabetState.IsAlphabet() {
		cp.log.Info("non alphabet mode, ignore container delete")
		return
	}

	err := cp.checkDeleteContainer(delete)
	if err != nil {
		cp.log.Error("delete container check failed",
			zap.String("error", err.Error()),
		)

		return
	}

	cp.approveDeleteContainer(delete)
}

func (cp *Processor) checkDeleteContainer(e *containerEvent.Delete) error {
	cid := e.ContainerID()

	// receive owner of the related container
	cnr, err := cp.cnrClient.Get(cid)
	if err != nil {
		return fmt.Errorf("could not receive the container: %w", err)
	}

	// receive all owner keys
	ownerKeys, err := cp.idClient.AccountKeys(cnr.OwnerID())
	if err != nil {
		return fmt.Errorf("could not received owner keys %s: %w", cnr.OwnerID(), err)
	}

	// verify signature
	cidHash := sha256.Sum256(cid)
	sig := e.Signature()

	for _, ownerKey := range ownerKeys {
		if ownerKey.Verify(sig, cidHash[:]) {
			return nil
		}
	}

	return errors.New("signature verification failed on all owner keys ")
}

func (cp *Processor) approveDeleteContainer(e *containerEvent.Delete) {
	// FIXME: here we should try notary invoke
	err := cp.cnrClient.Delete(e.ContainerID(), e.Signature())
	if err != nil {
		cp.log.Error("could not approve delete container",
			zap.String("error", err.Error()),
		)
	}
}
[#7] Add container processor for inner ring Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2020-08-11 12:10:01 +00:00			`package container`

			`import (`
[#505] ir/container: Verify signature in check of Put container event Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 16:08:07 +00:00			`"crypto/elliptic"`
			`"crypto/sha256"`
			`"errors"`
[#505] ir/container: Slightly refactor Put and Delete handlers Split up `processContainerPut` and `processContainerDelete` methods of container `Processor` into two sub-methods: checking the event and its assertion. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 14:55:43 +00:00			`"fmt"`

[#505] ir/container: Verify signature in check of Put container event Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 16:08:07 +00:00			`"github.com/nspcc-dev/neo-go/pkg/crypto/keys"`
[#85] inner-ring/container: Check container format in process Put Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2020-11-03 10:02:39 +00:00			`containerSDK "github.com/nspcc-dev/neofs-api-go/pkg/container"`
			`"github.com/nspcc-dev/neofs-node/pkg/core/container"`
[#7] Add container processor for inner ring Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2020-08-11 12:10:01 +00:00			`containerEvent "github.com/nspcc-dev/neofs-node/pkg/morph/event/container"`
			`"go.uber.org/zap"`
			`)`

			`// Process new container from the user by checking container sanity`
			`// and sending approve tx back to morph.`
			`func (cp Processor) processContainerPut(put containerEvent.Put) {`
[#446] innerring: Use alphabet state in processors Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-03-23 15:20:44 +00:00			`if !cp.alphabetState.IsAlphabet() {`
			`cp.log.Info("non alphabet mode, ignore container put")`
[#7] Add container processor for inner ring Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2020-08-11 12:10:01 +00:00			`return`
			`}`

[#505] ir/container: Slightly refactor Put and Delete handlers Split up `processContainerPut` and `processContainerDelete` methods of container `Processor` into two sub-methods: checking the event and its assertion. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 14:55:43 +00:00			`err := cp.checkPutContainer(put)`
			`if err != nil {`
			`cp.log.Error("put container check failed",`
[#85] inner-ring/container: Check container format in process Put Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2020-11-03 10:02:39 +00:00			`zap.String("error", err.Error()),`
			`)`

			`return`
			`}`

[#505] ir/container: Slightly refactor Put and Delete handlers Split up `processContainerPut` and `processContainerDelete` methods of container `Processor` into two sub-methods: checking the event and its assertion. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 14:55:43 +00:00			`cp.approvePutContainer(put)`
			`}`
[#85] inner-ring/container: Check container format in process Put Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2020-11-03 10:02:39 +00:00
[#505] ir/container: Slightly refactor Put and Delete handlers Split up `processContainerPut` and `processContainerDelete` methods of container `Processor` into two sub-methods: checking the event and its assertion. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 14:55:43 +00:00			`func (cp Processor) checkPutContainer(e containerEvent.Put) error {`
[#505] ir/container: Verify signature in check of Put container event Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 16:08:07 +00:00			`// verify signature`
			`key, err := keys.NewPublicKeyFromBytes(e.PublicKey(), elliptic.P256())`
			`if err != nil {`
			`return fmt.Errorf("invalid key: %w", err)`
			`}`

			`binCnr := e.Container()`
			`tableHash := sha256.Sum256(binCnr)`

			`if !key.Verify(e.Signature(), tableHash[:]) {`
			`return errors.New("invalid signature")`
			`}`

[#505] ir/container: Slightly refactor Put and Delete handlers Split up `processContainerPut` and `processContainerDelete` methods of container `Processor` into two sub-methods: checking the event and its assertion. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 14:55:43 +00:00			`// unmarshal container structure`
			`cnr := containerSDK.New()`

[#505] ir/container: Verify signature in check of Put container event Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 16:08:07 +00:00			`err = cnr.Unmarshal(binCnr)`
[#505] ir/container: Slightly refactor Put and Delete handlers Split up `processContainerPut` and `processContainerDelete` methods of container `Processor` into two sub-methods: checking the event and its assertion. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 14:55:43 +00:00			`if err != nil {`
			`return fmt.Errorf("invalid binary container: %w", err)`
			`}`

			`// perform format check`
			`err = container.CheckFormat(cnr)`
			`if err != nil {`
			`return fmt.Errorf("incorrect container format: %w", err)`
[#85] inner-ring/container: Check container format in process Put Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2020-11-03 10:02:39 +00:00			`}`

[#505] ir/container: Check key ownership in Put container handler Check if new container was signed by its owner, and otherwise prohibit operation. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 16:16:54 +00:00			`return cp.checkKeyOwnership(cnr, key)`
[#505] ir/container: Slightly refactor Put and Delete handlers Split up `processContainerPut` and `processContainerDelete` methods of container `Processor` into two sub-methods: checking the event and its assertion. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 14:55:43 +00:00			`}`

			`func (cp Processor) approvePutContainer(e containerEvent.Put) {`
[#505] ir/container: Change the way to approve container put event Call `Put` method on the wrapper over the Container contract's client directly from `Processor.approvePutContainer`. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 15:41:33 +00:00			`// FIXME: here we should bind key to owner if needed`
[#525] ir/container: Write session token on container approval Approved container should be stored in sidechain along with related session token. Forward session token from `Put` event to `Wrapper.Put` method. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-25 15:55:31 +00:00			`err := cp.cnrClient.Put(e.Container(), e.PublicKey(), e.Signature(), e.SessionToken())`
[#7] Add container processor for inner ring Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2020-08-11 12:10:01 +00:00			`if err != nil {`
[#505] ir/container: Slightly refactor Put and Delete handlers Split up `processContainerPut` and `processContainerDelete` methods of container `Processor` into two sub-methods: checking the event and its assertion. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 14:55:43 +00:00			`cp.log.Error("could not approve put container",`
			`zap.String("error", err.Error()),`
			`)`
[#7] Add container processor for inner ring Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2020-08-11 12:10:01 +00:00			`}`
			`}`
[#7] Add container delete notification handler Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2020-09-02 16:04:29 +00:00
			`// Process delete container operation from the user by checking container sanity`
			`// and sending approve tx back to morph.`
			`func (cp Processor) processContainerDelete(delete containerEvent.Delete) {`
[#446] innerring: Use alphabet state in processors Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2021-03-23 15:20:44 +00:00			`if !cp.alphabetState.IsAlphabet() {`
			`cp.log.Info("non alphabet mode, ignore container delete")`
[#7] Add container delete notification handler Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2020-09-02 16:04:29 +00:00			`return`
			`}`

[#505] ir/container: Slightly refactor Put and Delete handlers Split up `processContainerPut` and `processContainerDelete` methods of container `Processor` into two sub-methods: checking the event and its assertion. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 14:55:43 +00:00			`err := cp.checkDeleteContainer(delete)`
			`if err != nil {`
			`cp.log.Error("delete container check failed",`
			`zap.String("error", err.Error()),`
			`)`

			`return`
			`}`

			`cp.approveDeleteContainer(delete)`
			`}`

			`func (cp Processor) checkDeleteContainer(e containerEvent.Delete) error {`
[#505] morph/container: Verify signature of deleting container ID Get all owner keys and verify container ID signature until first success. If none of the keys match, then prohibit deletion. Thus, the delete operation is only allowed to the owner of the container. With this approach, a separate check for key ownership is not required. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 16:42:29 +00:00			`cid := e.ContainerID()`

			`// receive owner of the related container`
			`cnr, err := cp.cnrClient.Get(cid)`
			`if err != nil {`
			`return fmt.Errorf("could not receive the container: %w", err)`
			`}`

			`// receive all owner keys`
			`ownerKeys, err := cp.idClient.AccountKeys(cnr.OwnerID())`
			`if err != nil {`
			`return fmt.Errorf("could not received owner keys %s: %w", cnr.OwnerID(), err)`
			`}`

			`// verify signature`
			`cidHash := sha256.Sum256(cid)`
			`sig := e.Signature()`

			`for _, ownerKey := range ownerKeys {`
			`if ownerKey.Verify(sig, cidHash[:]) {`
			`return nil`
			`}`
			`}`

			`return errors.New("signature verification failed on all owner keys ")`
[#505] ir/container: Slightly refactor Put and Delete handlers Split up `processContainerPut` and `processContainerDelete` methods of container `Processor` into two sub-methods: checking the event and its assertion. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 14:55:43 +00:00			`}`

			`func (cp Processor) approveDeleteContainer(e containerEvent.Delete) {`
[#505] ir/container: Change the way to approve container delete event Call `Delete` method on the wrapper over the Container contract's client directly from `Processor.approveDeleteContainer`. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 16:00:28 +00:00			`// FIXME: here we should try notary invoke`
			`err := cp.cnrClient.Delete(e.ContainerID(), e.Signature())`
[#7] Add container delete notification handler Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2020-09-02 16:04:29 +00:00			`if err != nil {`
[#505] ir/container: Slightly refactor Put and Delete handlers Split up `processContainerPut` and `processContainerDelete` methods of container `Processor` into two sub-methods: checking the event and its assertion. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2021-05-19 14:55:43 +00:00			`cp.log.Error("could not approve delete container",`
			`zap.String("error", err.Error()),`
			`)`
[#7] Add container delete notification handler Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2020-09-02 16:04:29 +00:00			`}`
			`}`