From 46fa07b7ccab7405b0a2cd9ac2144d4dad0c8012 Mon Sep 17 00:00:00 2001 From: Alex Vanin Date: Mon, 25 Oct 2021 15:10:13 +0300 Subject: [PATCH] [#943] service/object: Return error if requested session token is not available Signed-off-by: Alex Vanin --- pkg/services/object/util/key.go | 5 ++ pkg/services/object/util/key_test.go | 76 ++++++++++++++++++++++++++++ 2 files changed, 81 insertions(+) create mode 100644 pkg/services/object/util/key_test.go diff --git a/pkg/services/object/util/key.go b/pkg/services/object/util/key.go index 0ad6a70f05..ae389d08f8 100644 --- a/pkg/services/object/util/key.go +++ b/pkg/services/object/util/key.go @@ -2,11 +2,15 @@ package util import ( "crypto/ecdsa" + "errors" "github.com/nspcc-dev/neofs-api-go/pkg/session" "github.com/nspcc-dev/neofs-node/pkg/services/session/storage" ) +// todo(alexvanin): should be a part of status API +var errNoSessionToken = errors.New("session token does not exist") + // KeyStorage represents private key storage of the local node. type KeyStorage struct { key *ecdsa.PrivateKey @@ -32,6 +36,7 @@ func (s *KeyStorage) GetKey(token *session.Token) (*ecdsa.PrivateKey, error) { if pToken != nil { return pToken.SessionKey(), nil } + return nil, errNoSessionToken } return s.key, nil diff --git a/pkg/services/object/util/key_test.go b/pkg/services/object/util/key_test.go new file mode 100644 index 0000000000..31585508a4 --- /dev/null +++ b/pkg/services/object/util/key_test.go @@ -0,0 +1,76 @@ +package util_test + +import ( + "context" + "crypto/elliptic" + "testing" + + "github.com/google/uuid" + "github.com/nspcc-dev/neo-go/pkg/crypto/keys" + "github.com/nspcc-dev/neofs-api-go/pkg/session" + sessionV2 "github.com/nspcc-dev/neofs-api-go/v2/session" + "github.com/nspcc-dev/neofs-node/pkg/services/object/util" + tokenStorage "github.com/nspcc-dev/neofs-node/pkg/services/session/storage" + "github.com/stretchr/testify/require" +) + +func TestNewKeyStorage(t *testing.T) { + nodeKey, err := keys.NewPrivateKey() + require.NoError(t, err) + + tokenStor := tokenStorage.New() + stor := util.NewKeyStorage(&nodeKey.PrivateKey, tokenStor) + + t.Run("node key", func(t *testing.T) { + key, err := stor.GetKey(nil) + require.NoError(t, err) + require.Equal(t, nodeKey.PrivateKey, *key) + }) + + t.Run("unknown token", func(t *testing.T) { + tok := generateToken(t) + _, err = stor.GetKey(tok) + require.Error(t, err) + }) + + t.Run("known token", func(t *testing.T) { + tok := createToken(t, tokenStor, 100) + pubKey, err := keys.NewPublicKeyFromBytes(tok.SessionKey(), elliptic.P256()) + require.NoError(t, err) + + key, err := stor.GetKey(tok) + require.NoError(t, err) + require.Equal(t, pubKey.X, key.PublicKey.X) + require.Equal(t, pubKey.Y, key.PublicKey.Y) + }) +} + +func generateToken(t *testing.T) *session.Token { + key, err := keys.NewPrivateKey() + require.NoError(t, err) + + pubKey := key.PublicKey().Bytes() + id, err := uuid.New().MarshalBinary() + require.NoError(t, err) + + tok := session.NewToken() + tok.SetSessionKey(pubKey) + tok.SetID(id) + + return tok +} + +func createToken(t *testing.T, store *tokenStorage.TokenStore, exp uint64) *session.Token { + req := new(sessionV2.CreateRequestBody) + req.SetOwnerID(nil) + req.SetExpiration(exp) + + resp, err := store.Create(context.Background(), req) + require.NoError(t, err) + + tok := session.NewToken() + tok.SetSessionKey(resp.GetSessionKey()) + tok.SetID(resp.GetID()) + + return tok +}