From 5cf622881f4520d599360c311cf8c3f42df2c0c0 Mon Sep 17 00:00:00 2001 From: Leonard Lyubich Date: Sat, 22 Aug 2020 17:17:03 +0300 Subject: [PATCH] [#11] accounting: Implement signing service Adds accounting Service implementation that verifiers request signatures and signs responses from internal Service. Signed-off-by: Leonard Lyubich --- cmd/neofs-node/config.go | 9 +++++++ cmd/neofs-node/grpc.go | 9 ++++--- pkg/services/accounting/sign.go | 43 +++++++++++++++++++++++++++++++++ 3 files changed, 58 insertions(+), 3 deletions(-) create mode 100644 pkg/services/accounting/sign.go diff --git a/cmd/neofs-node/config.go b/cmd/neofs-node/config.go index 98e5df170..cb9fda6dc 100644 --- a/cmd/neofs-node/config.go +++ b/cmd/neofs-node/config.go @@ -2,7 +2,10 @@ package main import ( "context" + "crypto/ecdsa" "sync" + + crypto "github.com/nspcc-dev/neofs-crypto" ) type cfg struct { @@ -11,12 +14,18 @@ type cfg struct { wg *sync.WaitGroup grpcAddr string + + key *ecdsa.PrivateKey } func defaultCfg() *cfg { + key, err := crypto.LoadPrivateKey("Kwk6k2eC3L3QuPvD8aiaNyoSXgQ2YL1bwS5CP1oKoA9waeAze97s") + fatalOnErr(err) + return &cfg{ ctx: context.Background(), wg: new(sync.WaitGroup), grpcAddr: "127.0.0.1:50501", + key: key, } } diff --git a/cmd/neofs-node/grpc.go b/cmd/neofs-node/grpc.go index 1acdb754d..953bc7b32 100644 --- a/cmd/neofs-node/grpc.go +++ b/cmd/neofs-node/grpc.go @@ -13,10 +13,11 @@ import ( object "github.com/nspcc-dev/neofs-api-go/v2/object/grpc" sessionGRPC "github.com/nspcc-dev/neofs-api-go/v2/session" session "github.com/nspcc-dev/neofs-api-go/v2/session/grpc" - accountingTransport "github.com/nspcc-dev/neofs-node/pkg/network/transport/accounting/grpc" + accountingTransportGRPC "github.com/nspcc-dev/neofs-node/pkg/network/transport/accounting/grpc" containerTransport "github.com/nspcc-dev/neofs-node/pkg/network/transport/container/grpc" objectTransport "github.com/nspcc-dev/neofs-node/pkg/network/transport/object/grpc" sessionTransport "github.com/nspcc-dev/neofs-node/pkg/network/transport/session/grpc" + accountingService "github.com/nspcc-dev/neofs-node/pkg/services/accounting" "github.com/pkg/errors" "google.golang.org/grpc" ) @@ -34,7 +35,7 @@ func unimplementedErr(srv, call string) error { } func (s *accountingSvc) Balance(context.Context, *accounting.BalanceRequest) (*accounting.BalanceResponse, error) { - return nil, unimplementedErr("Accounting", "Balance") + return new(accounting.BalanceResponse), nil } func (s *sessionSvc) Create(context.Context, *sessionGRPC.CreateRequest) (*sessionGRPC.CreateResponse, error) { @@ -99,7 +100,9 @@ func serveGRPC(c *cfg) { srv := grpc.NewServer() - accountingGRPC.RegisterAccountingServiceServer(srv, accountingTransport.New(new(accountingSvc))) + accountingGRPC.RegisterAccountingServiceServer(srv, + accountingTransportGRPC.New(accountingService.NewSignService(c.key, new(accountingSvc))), + ) container.RegisterContainerServiceServer(srv, containerTransport.New(new(containerSvc))) session.RegisterSessionServiceServer(srv, sessionTransport.New(new(sessionSvc))) object.RegisterObjectServiceServer(srv, objectTransport.New(new(objectSvc))) diff --git a/pkg/services/accounting/sign.go b/pkg/services/accounting/sign.go new file mode 100644 index 000000000..97abda2e6 --- /dev/null +++ b/pkg/services/accounting/sign.go @@ -0,0 +1,43 @@ +package accounting + +import ( + "context" + "crypto/ecdsa" + + "github.com/nspcc-dev/neofs-api-go/v2/accounting" + "github.com/nspcc-dev/neofs-api-go/v2/signature" + "github.com/pkg/errors" +) + +type signService struct { + key *ecdsa.PrivateKey + + svc accounting.Service +} + +func NewSignService(key *ecdsa.PrivateKey, svc accounting.Service) accounting.Service { + return &signService{ + key: key, + svc: svc, + } +} + +func (s *signService) Balance(ctx context.Context, req *accounting.BalanceRequest) (*accounting.BalanceResponse, error) { + // verify request signatures + if err := signature.VerifyServiceMessage(req); err != nil { + return nil, errors.Wrap(err, "could not verify request") + } + + // process request + resp, err := s.svc.Balance(ctx, req) + if err != nil { + return nil, err + } + + // sign the response + if err := signature.SignServiceMessage(s.key, resp); err != nil { + return nil, errors.Wrap(err, "could not sign response") + } + + return resp, nil +}