forked from TrueCloudLab/frostfs-node
[#11] services: Implement universal Sign/Verify service
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
This commit is contained in:
Leonard Lyubich
Alex Vanin
parent
3308fcf56d
commit
f71d64435e
2 changed files with 54 additions and 20 deletions
|
|
@ -5,39 +5,29 @@ import (
|
|||
"crypto/ecdsa"
|
||||
|
||||
"github.com/nspcc-dev/neofs-api-go/v2/accounting"
|
||||
"github.com/nspcc-dev/neofs-api-go/v2/signature"
|
||||
"github.com/pkg/errors"
|
||||
"github.com/nspcc-dev/neofs-node/pkg/services/util"
|
||||
)
|
||||
|
||||
type signService struct {
|
||||
key *ecdsa.PrivateKey
|
||||
|
||||
svc accounting.Service
|
||||
unarySigService *util.UnarySignService
|
||||
}
|
||||
|
||||
func NewSignService(key *ecdsa.PrivateKey, svc accounting.Service) accounting.Service {
|
||||
return &signService{
|
||||
key: key,
|
||||
svc: svc,
|
||||
unarySigService: util.NewUnarySignService(
|
||||
key,
|
||||
func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||
return svc.Balance(ctx, req.(*accounting.BalanceRequest))
|
||||
},
|
||||
),
|
||||
}
|
||||
}
|
||||
|
||||
func (s *signService) Balance(ctx context.Context, req *accounting.BalanceRequest) (*accounting.BalanceResponse, error) {
|
||||
// verify request signatures
|
||||
if err := signature.VerifyServiceMessage(req); err != nil {
|
||||
return nil, errors.Wrap(err, "could not verify request")
|
||||
}
|
||||
|
||||
// process request
|
||||
resp, err := s.svc.Balance(ctx, req)
|
||||
resp, err := s.unarySigService.HandleUnaryRequest(ctx, req)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// sign the response
|
||||
if err := signature.SignServiceMessage(s.key, resp); err != nil {
|
||||
return nil, errors.Wrap(err, "could not sign response")
|
||||
}
|
||||
|
||||
return resp, nil
|
||||
return resp.(*accounting.BalanceResponse), nil
|
||||
}
|
||||
|
|
|
|||
44
pkg/services/util/sign.go
Normal file
44
pkg/services/util/sign.go
Normal file
|
|
@ -0,0 +1,44 @@
|
|||
package util
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto/ecdsa"
|
||||
|
||||
"github.com/nspcc-dev/neofs-api-go/v2/signature"
|
||||
"github.com/pkg/errors"
|
||||
)
|
||||
|
||||
type UnaryHandler func(context.Context, interface{}) (interface{}, error)
|
||||
|
||||
type UnarySignService struct {
|
||||
key *ecdsa.PrivateKey
|
||||
|
||||
unaryHandler UnaryHandler
|
||||
}
|
||||
|
||||
func NewUnarySignService(key *ecdsa.PrivateKey, handler UnaryHandler) *UnarySignService {
|
||||
return &UnarySignService{
|
||||
key: key,
|
||||
unaryHandler: handler,
|
||||
}
|
||||
}
|
||||
|
||||
func (s *UnarySignService) HandleUnaryRequest(ctx context.Context, req interface{}) (interface{}, error) {
|
||||
// verify request signatures
|
||||
if err := signature.VerifyServiceMessage(req); err != nil {
|
||||
return nil, errors.Wrap(err, "could not verify request")
|
||||
}
|
||||
|
||||
// process request
|
||||
resp, err := s.unaryHandler(ctx, req)
|
||||
if err != nil {
|
||||
return nil, errors.Wrap(err, "could not handle request")
|
||||
}
|
||||
|
||||
// sign the response
|
||||
if err := signature.SignServiceMessage(s.key, resp); err != nil {
|
||||
return nil, errors.Wrap(err, "could not sign response")
|
||||
}
|
||||
|
||||
return resp, nil
|
||||
}
|
||||
Loading…
Reference in a new issue