Update develop branch

service/meta.go

@@ -0,0 +1,90 @@
+package service
+
+import (
+	"github.com/nspcc-dev/neofs-proto/internal"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
+)
+
+type (
+	// MetaHeader contains meta information of request.
+	// It provides methods to get or set meta information
+	// and reset meta header.
+	MetaHeader interface {
+		ResetMeta()
+
+		// TTLRequest to verify and update ttl requests.
+		GetTTL() uint32
+		SetTTL(uint32)
+
+		// EpochRequest gives possibility to get or set epoch in RPC Requests.
+		GetEpoch() uint64
+		SetEpoch(v uint64)
+	}
+
+	// TTLCondition is closure, that allows to validate request with ttl
+	TTLCondition func(ttl uint32) error
+)
+
+const (
+	// ZeroTTL is empty ttl, should produce ErrZeroTTL.
+	ZeroTTL = iota
+
+	// NonForwardingTTL is a ttl that allows direct connections only.
+	NonForwardingTTL
+
+	// SingleForwardingTTL is a ttl that allows connections through another node.
+	SingleForwardingTTL
+)
+
+const (
+	// ErrZeroTTL is raised when zero ttl is passed.
+	ErrZeroTTL = internal.Error("zero ttl")
+
+	// ErrIncorrectTTL is raised when NonForwardingTTL is passed and NodeRole != InnerRingNode.
+	ErrIncorrectTTL = internal.Error("incorrect ttl")
+)
+
+// SetTTL sets TTL to RequestMetaHeader
+func (m *RequestMetaHeader) SetTTL(v uint32) { m.TTL = v }
+
+// SetEpoch sets Epoch to RequestMetaHeader
+func (m *RequestMetaHeader) SetEpoch(v uint64) { m.Epoch = v }
+
+// ResetMeta sets RequestMetaHeader to empty value
+func (m *RequestMetaHeader) ResetMeta() { m.Reset() }
+
+// IRNonForwarding condition that allows NonForwardingTTL only for IR
+func IRNonForwarding(role NodeRole) TTLCondition {
+	return func(ttl uint32) error {
+		if ttl == NonForwardingTTL && role != InnerRingNode {
+			return ErrIncorrectTTL
+		}
+
+		return nil
+	}
+}
+
+// ProcessRequestTTL validates and update ttl requests.
+func ProcessRequestTTL(req MetaHeader, cond ...TTLCondition) error {
+	var ttl = req.GetTTL()
+
+	if ttl == ZeroTTL {
+		return status.New(codes.InvalidArgument, ErrZeroTTL.Error()).Err()
+	}
+
+	for i := range cond {
+		if cond[i] == nil {
+			continue
+		}
+
+		// check specific condition:
+		if err := cond[i](ttl); err != nil {
+			return status.New(codes.InvalidArgument, err.Error()).Err()
+		}
+	}
+
+	req.SetTTL(ttl - 1)
+
+	return nil
+}

service/meta.pb.go

@@ -0,0 +1,346 @@
+// Code generated by protoc-gen-gogo. DO NOT EDIT.
+// source: service/meta.proto
+
+package service
+
+import (
+	fmt "fmt"
+	_ "github.com/gogo/protobuf/gogoproto"
+	proto "github.com/golang/protobuf/proto"
+	io "io"
+	math "math"
+	math_bits "math/bits"
+)
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package
+
+type RequestMetaHeader struct {
+	TTL                  uint32   `protobuf:"varint,1,opt,name=TTL,proto3" json:"TTL,omitempty"`
+	Epoch                uint64   `protobuf:"varint,2,opt,name=Epoch,proto3" json:"Epoch,omitempty"`
+	XXX_NoUnkeyedLiteral struct{} `json:"-"`
+	XXX_unrecognized     []byte   `json:"-"`
+	XXX_sizecache        int32    `json:"-"`
+}
+
+func (m *RequestMetaHeader) Reset()         { *m = RequestMetaHeader{} }
+func (m *RequestMetaHeader) String() string { return proto.CompactTextString(m) }
+func (*RequestMetaHeader) ProtoMessage()    {}
+func (*RequestMetaHeader) Descriptor() ([]byte, []int) {
+	return fileDescriptor_a638867e7b43457c, []int{0}
+}
+func (m *RequestMetaHeader) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *RequestMetaHeader) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *RequestMetaHeader) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_RequestMetaHeader.Merge(m, src)
+}
+func (m *RequestMetaHeader) XXX_Size() int {
+	return m.Size()
+}
+func (m *RequestMetaHeader) XXX_DiscardUnknown() {
+	xxx_messageInfo_RequestMetaHeader.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_RequestMetaHeader proto.InternalMessageInfo
+
+func (m *RequestMetaHeader) GetTTL() uint32 {
+	if m != nil {
+		return m.TTL
+	}
+	return 0
+}
+
+func (m *RequestMetaHeader) GetEpoch() uint64 {
+	if m != nil {
+		return m.Epoch
+	}
+	return 0
+}
+
+func init() {
+	proto.RegisterType((*RequestMetaHeader)(nil), "service.RequestMetaHeader")
+}
+
+func init() { proto.RegisterFile("service/meta.proto", fileDescriptor_a638867e7b43457c) }
+
+var fileDescriptor_a638867e7b43457c = []byte{
+	// 185 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x12, 0x2a, 0x4e, 0x2d, 0x2a,
+	0xcb, 0x4c, 0x4e, 0xd5, 0xcf, 0x4d, 0x2d, 0x49, 0xd4, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0x62,
+	0x87, 0x8a, 0x49, 0xe9, 0xa6, 0x67, 0x96, 0x64, 0x94, 0x26, 0xe9, 0x25, 0xe7, 0xe7, 0xea, 0xa7,
+	0xe7, 0xa7, 0xe7, 0xeb, 0x83, 0xe5, 0x93, 0x4a, 0xd3, 0xc0, 0x3c, 0x30, 0x07, 0xcc, 0x82, 0xe8,
+	0x53, 0xb2, 0xe6, 0x12, 0x0c, 0x4a, 0x2d, 0x2c, 0x4d, 0x2d, 0x2e, 0xf1, 0x4d, 0x2d, 0x49, 0xf4,
+	0x48, 0x4d, 0x4c, 0x49, 0x2d, 0x12, 0x12, 0xe0, 0x62, 0x0e, 0x09, 0xf1, 0x91, 0x60, 0x54, 0x60,
+	0xd4, 0xe0, 0x0d, 0x02, 0x31, 0x85, 0x44, 0xb8, 0x58, 0x5d, 0x0b, 0xf2, 0x93, 0x33, 0x24, 0x98,
+	0x14, 0x18, 0x35, 0x58, 0x82, 0x20, 0x1c, 0x27, 0xbb, 0x13, 0x8f, 0xe4, 0x18, 0x2f, 0x3c, 0x92,
+	0x63, 0xbc, 0xf1, 0x48, 0x8e, 0xf1, 0xc1, 0x23, 0x39, 0xc6, 0x19, 0x8f, 0xe5, 0x18, 0xa2, 0x34,
+	0x90, 0x5c, 0x90, 0x57, 0x5c, 0x90, 0x9c, 0xac, 0x9b, 0x92, 0x5a, 0xa6, 0x9f, 0x97, 0x9a, 0x9f,
+	0x56, 0xac, 0x0b, 0xb1, 0x1f, 0xea, 0xd6, 0x24, 0x36, 0x30, 0xd7, 0x18, 0x10, 0x00, 0x00, 0xff,
+	0xff, 0x73, 0x6f, 0x01, 0x49, 0xd1, 0x00, 0x00, 0x00,
+}
+
+func (m *RequestMetaHeader) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *RequestMetaHeader) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *RequestMetaHeader) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.XXX_unrecognized != nil {
+		i -= len(m.XXX_unrecognized)
+		copy(dAtA[i:], m.XXX_unrecognized)
+	}
+	if m.Epoch != 0 {
+		i = encodeVarintMeta(dAtA, i, uint64(m.Epoch))
+		i--
+		dAtA[i] = 0x10
+	}
+	if m.TTL != 0 {
+		i = encodeVarintMeta(dAtA, i, uint64(m.TTL))
+		i--
+		dAtA[i] = 0x8
+	}
+	return len(dAtA) - i, nil
+}
+
+func encodeVarintMeta(dAtA []byte, offset int, v uint64) int {
+	offset -= sovMeta(v)
+	base := offset
+	for v >= 1<<7 {
+		dAtA[offset] = uint8(v&0x7f | 0x80)
+		v >>= 7
+		offset++
+	}
+	dAtA[offset] = uint8(v)
+	return base
+}
+func (m *RequestMetaHeader) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if m.TTL != 0 {
+		n += 1 + sovMeta(uint64(m.TTL))
+	}
+	if m.Epoch != 0 {
+		n += 1 + sovMeta(uint64(m.Epoch))
+	}
+	if m.XXX_unrecognized != nil {
+		n += len(m.XXX_unrecognized)
+	}
+	return n
+}
+
+func sovMeta(x uint64) (n int) {
+	return (math_bits.Len64(x|1) + 6) / 7
+}
+func sozMeta(x uint64) (n int) {
+	return sovMeta(uint64((x << 1) ^ uint64((int64(x) >> 63))))
+}
+func (m *RequestMetaHeader) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowMeta
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: RequestMetaHeader: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: RequestMetaHeader: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field TTL", wireType)
+			}
+			m.TTL = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowMeta
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.TTL |= uint32(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 2:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Epoch", wireType)
+			}
+			m.Epoch = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowMeta
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Epoch |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		default:
+			iNdEx = preIndex
+			skippy, err := skipMeta(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthMeta
+			}
+			if (iNdEx + skippy) < 0 {
+				return ErrInvalidLengthMeta
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func skipMeta(dAtA []byte) (n int, err error) {
+	l := len(dAtA)
+	iNdEx := 0
+	depth := 0
+	for iNdEx < l {
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return 0, ErrIntOverflowMeta
+			}
+			if iNdEx >= l {
+				return 0, io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		wireType := int(wire & 0x7)
+		switch wireType {
+		case 0:
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowMeta
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				iNdEx++
+				if dAtA[iNdEx-1] < 0x80 {
+					break
+				}
+			}
+		case 1:
+			iNdEx += 8
+		case 2:
+			var length int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowMeta
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				length |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if length < 0 {
+				return 0, ErrInvalidLengthMeta
+			}
+			iNdEx += length
+		case 3:
+			depth++
+		case 4:
+			if depth == 0 {
+				return 0, ErrUnexpectedEndOfGroupMeta
+			}
+			depth--
+		case 5:
+			iNdEx += 4
+		default:
+			return 0, fmt.Errorf("proto: illegal wireType %d", wireType)
+		}
+		if iNdEx < 0 {
+			return 0, ErrInvalidLengthMeta
+		}
+		if depth == 0 {
+			return iNdEx, nil
+		}
+	}
+	return 0, io.ErrUnexpectedEOF
+}
+
+var (
+	ErrInvalidLengthMeta        = fmt.Errorf("proto: negative length found during unmarshaling")
+	ErrIntOverflowMeta          = fmt.Errorf("proto: integer overflow")
+	ErrUnexpectedEndOfGroupMeta = fmt.Errorf("proto: unexpected end of group")
+)

service/meta.proto

@@ -0,0 +1,12 @@
+syntax = "proto3";
+package service;
+option go_package = "github.com/nspcc-dev/neofs-proto/service";
+
+import "github.com/gogo/protobuf/gogoproto/gogo.proto";
+
+option (gogoproto.stable_marshaler_all) = true;
+
+message RequestMetaHeader {
+    uint32 TTL   = 1;
+    uint64 Epoch = 2;
+}

service/meta_test.go

@@ -0,0 +1,70 @@
+package service
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/require"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
+)
+
+type mockedRequest struct {
+	msg  string
+	name string
+	role NodeRole
+	code codes.Code
+	RequestMetaHeader
+}
+
+func TestMetaRequest(t *testing.T) {
+	tests := []mockedRequest{
+		{
+			role:              InnerRingNode,
+			name:              "direct to ir node",
+			RequestMetaHeader: RequestMetaHeader{TTL: NonForwardingTTL},
+		},
+		{
+			role:              StorageNode,
+			code:              codes.InvalidArgument,
+			msg:               ErrIncorrectTTL.Error(),
+			name:              "direct to storage node",
+			RequestMetaHeader: RequestMetaHeader{TTL: NonForwardingTTL},
+		},
+		{
+			role:              StorageNode,
+			msg:               ErrZeroTTL.Error(),
+			code:              codes.InvalidArgument,
+			name:              "zero ttl",
+			RequestMetaHeader: RequestMetaHeader{TTL: ZeroTTL},
+		},
+		{
+			role:              InnerRingNode,
+			name:              "default to ir node",
+			RequestMetaHeader: RequestMetaHeader{TTL: SingleForwardingTTL},
+		},
+		{
+			role:              StorageNode,
+			name:              "default to storage node",
+			RequestMetaHeader: RequestMetaHeader{TTL: SingleForwardingTTL},
+		},
+	}
+
+	for i := range tests {
+		tt := tests[i]
+		t.Run(tt.name, func(t *testing.T) {
+			before := tt.GetTTL()
+			err := ProcessRequestTTL(&tt, IRNonForwarding(tt.role))
+			if tt.msg != "" {
+				require.Errorf(t, err, tt.msg)
+
+				state, ok := status.FromError(err)
+				require.True(t, ok)
+				require.Equal(t, state.Code(), tt.code)
+				require.Equal(t, state.Message(), tt.msg)
+			} else {
+				require.NoError(t, err)
+				require.NotEqualf(t, before, tt.GetTTL(), "ttl should be changed: %d vs %d", before, tt.GetTTL())
+			}
+		})
+	}
+}

service/role_test.go

@@ -1,8 +1,9 @@
 package service
 
 import (
-	"github.com/stretchr/testify/require"
 	"testing"
+
+	"github.com/stretchr/testify/require"
 )
 
 func TestNodeRole_String(t *testing.T) {

service/ttl.go

@@ -1,45 +0,0 @@
-package service
-
-import (
-	"github.com/nspcc-dev/neofs-proto/internal"
-	"google.golang.org/grpc/codes"
-	"google.golang.org/grpc/status"
-)
-
-// TTLRequest to verify and update ttl requests.
-type TTLRequest interface {
-	GetTTL() uint32
-	SetTTL(uint32)
-}
-
-const (
-	// ZeroTTL is empty ttl, should produce ErrZeroTTL.
-	ZeroTTL = iota
-
-	// NonForwardingTTL is a ttl that allows direct connections only.
-	NonForwardingTTL
-
-	// SingleForwardingTTL is a ttl that allows connections through another node.
-	SingleForwardingTTL
-
-	// ErrZeroTTL is raised when zero ttl is passed.
-	ErrZeroTTL = internal.Error("zero ttl")
-
-	// ErrIncorrectTTL is raised when NonForwardingTTL is passed and NodeRole != InnerRingNode.
-	ErrIncorrectTTL = internal.Error("incorrect ttl")
-)
-
-// CheckTTLRequest validates and update ttl requests.
-func CheckTTLRequest(req TTLRequest, role NodeRole) error {
-	var ttl = req.GetTTL()
-
-	if ttl == ZeroTTL {
-		return status.New(codes.InvalidArgument, ErrZeroTTL.Error()).Err()
-	} else if ttl == NonForwardingTTL && role != InnerRingNode {
-		return status.New(codes.InvalidArgument, ErrIncorrectTTL.Error()).Err()
-	}
-
-	req.SetTTL(ttl - 1)
-
-	return nil
-}

service/ttl_test.go

@@ -1,72 +0,0 @@
-package service
-
-import (
-	"github.com/stretchr/testify/require"
-	"google.golang.org/grpc/codes"
-	"google.golang.org/grpc/status"
-	"testing"
-)
-
-type mockedRequest struct {
-	msg  string
-	ttl  uint32
-	name string
-	role NodeRole
-	code codes.Code
-}
-
-func (m *mockedRequest) SetTTL(v uint32) { m.ttl = v }
-func (m mockedRequest) GetTTL() uint32   { return m.ttl }
-
-func TestCheckTTLRequest(t *testing.T) {
-	tests := []mockedRequest{
-		{
-			ttl:  NonForwardingTTL,
-			role: InnerRingNode,
-			name: "direct to ir node",
-		},
-		{
-			ttl:  NonForwardingTTL,
-			role: StorageNode,
-			code: codes.InvalidArgument,
-			msg:  ErrIncorrectTTL.Error(),
-			name: "direct to storage node",
-		},
-		{
-			ttl:  ZeroTTL,
-			role: StorageNode,
-			msg:  ErrZeroTTL.Error(),
-			code: codes.InvalidArgument,
-			name: "zero ttl",
-		},
-		{
-			ttl:  SingleForwardingTTL,
-			role: InnerRingNode,
-			name: "default to ir node",
-		},
-		{
-			ttl:  SingleForwardingTTL,
-			role: StorageNode,
-			name: "default to storage node",
-		},
-	}
-
-	for i := range tests {
-		tt := tests[i]
-		t.Run(tt.name, func(t *testing.T) {
-			before := tt.ttl
-			err := CheckTTLRequest(&tt, tt.role)
-			if tt.msg != "" {
-				require.Errorf(t, err, tt.msg)
-
-				state, ok := status.FromError(err)
-				require.True(t, ok)
-				require.Equal(t, state.Code(), tt.code)
-				require.Equal(t, state.Message(), tt.msg)
-			} else {
-				require.NoError(t, err)
-				require.NotEqualf(t, before, tt.ttl, "ttl should be changed: %d vs %d", before, tt.ttl)
-			}
-		})
-	}
-}

service/verify.go

@@ -0,0 +1,179 @@
+package service
+
+import (
+	"crypto/ecdsa"
+
+	"github.com/gogo/protobuf/proto"
+	crypto "github.com/nspcc-dev/neofs-crypto"
+	"github.com/nspcc-dev/neofs-proto/internal"
+	"github.com/pkg/errors"
+)
+
+type (
+	// VerifiableRequest adds possibility to sign and verify request header
+	VerifiableRequest interface {
+		proto.Message
+		Marshal() ([]byte, error)
+		AddSignature(*RequestVerificationHeader_Signature)
+		GetSignatures() []*RequestVerificationHeader_Signature
+		SetSignatures([]*RequestVerificationHeader_Signature)
+	}
+
+	// MaintainableRequest adds possibility to set and get (+validate)
+	// owner (client) public key from RequestVerificationHeader.
+	MaintainableRequest interface {
+		proto.Message
+		GetOwner() (*ecdsa.PublicKey, error)
+		SetOwner(*ecdsa.PublicKey, []byte)
+		GetLastPeer() (*ecdsa.PublicKey, error)
+	}
+)
+
+const (
+	// ErrCannotLoadPublicKey is raised when cannot unmarshal public key from RequestVerificationHeader_Sign
+	ErrCannotLoadPublicKey = internal.Error("cannot load public key")
+
+	// ErrCannotFindOwner is raised when signatures empty in GetOwner
+	ErrCannotFindOwner = internal.Error("cannot find owner public key")
+)
+
+// SetSignatures replaces signatures stored in RequestVerificationHeader
+func (m *RequestVerificationHeader) SetSignatures(signatures []*RequestVerificationHeader_Signature) {
+	m.Signatures = signatures
+}
+
+// AddSignature adds new Signature into RequestVerificationHeader
+func (m *RequestVerificationHeader) AddSignature(sig *RequestVerificationHeader_Signature) {
+	if sig == nil {
+		return
+	}
+	m.Signatures = append(m.Signatures, sig)
+}
+
+// SetOwner adds origin (sign and public key) of owner (client) into first signature.
+func (m *RequestVerificationHeader) SetOwner(pub *ecdsa.PublicKey, sign []byte) {
+	if len(m.Signatures) == 0 || pub == nil {
+		return
+	}
+
+	m.Signatures[0].Origin = &RequestVerificationHeader_Sign{
+		Sign: sign,
+		Peer: crypto.MarshalPublicKey(pub),
+	}
+}
+
+// GetOwner tries to get owner (client) public key from signatures.
+// If signatures contains not empty Origin, we should try to validate,
+// that session key was signed by owner (client), otherwise return error.
+func (m *RequestVerificationHeader) GetOwner() (*ecdsa.PublicKey, error) {
+	if len(m.Signatures) == 0 {
+		return nil, ErrCannotFindOwner
+	}
+
+	// if first signature contains origin, we should try to validate session key
+	if m.Signatures[0].Origin != nil {
+		owner := crypto.UnmarshalPublicKey(m.Signatures[0].Origin.Peer)
+		if owner == nil {
+			return nil, ErrCannotLoadPublicKey
+		} else if err := crypto.Verify(owner, m.Signatures[0].Peer, m.Signatures[0].Origin.Sign); err != nil {
+			return nil, errors.Wrap(err, "could not verify session token")
+		}
+
+		return owner, nil
+	} else if key := crypto.UnmarshalPublicKey(m.Signatures[0].Peer); key != nil {
+		return key, nil
+	}
+
+	return nil, ErrCannotLoadPublicKey
+}
+
+// GetLastPeer tries to get last peer public key from signatures.
+// If signatures has zero length, returns ErrCannotFindOwner.
+// If signatures has length equal to one, uses GetOwner.
+// Otherwise tries to unmarshal last peer public key.
+func (m *RequestVerificationHeader) GetLastPeer() (*ecdsa.PublicKey, error) {
+	switch ln := len(m.Signatures); ln {
+	case 0:
+		return nil, ErrCannotFindOwner
+	case 1:
+		return m.GetOwner()
+	default:
+		if key := crypto.UnmarshalPublicKey(m.Signatures[ln-1].Peer); key != nil {
+			return key, nil
+		}
+
+		return nil, ErrCannotLoadPublicKey
+	}
+}
+
+func newSignature(key *ecdsa.PrivateKey, data []byte) (*RequestVerificationHeader_Signature, error) {
+	sign, err := crypto.Sign(key, data)
+	if err != nil {
+		return nil, err
+	}
+
+	return &RequestVerificationHeader_Signature{
+		RequestVerificationHeader_Sign: RequestVerificationHeader_Sign{
+			Sign: sign,
+			Peer: crypto.MarshalPublicKey(&key.PublicKey),
+		},
+	}, nil
+}
+
+// SignRequestHeader receives private key and request with RequestVerificationHeader,
+// tries to marshal and sign request with passed PrivateKey, after that adds
+// new signature to headers. If something went wrong, returns error.
+func SignRequestHeader(key *ecdsa.PrivateKey, req VerifiableRequest) error {
+	msg := proto.Clone(req).(VerifiableRequest)
+
+	// ignore meta header
+	if meta, ok := msg.(MetaHeader); ok {
+		meta.ResetMeta()
+	}
+
+	data, err := msg.Marshal()
+	if err != nil {
+		return err
+	}
+
+	signature, err := newSignature(key, data)
+	if err != nil {
+		return err
+	}
+
+	req.AddSignature(signature)
+
+	return nil
+}
+
+// VerifyRequestHeader receives request with RequestVerificationHeader,
+// tries to marshal and verify each signature from request
+// If something went wrong, returns error.
+func VerifyRequestHeader(req VerifiableRequest) error {
+	msg := proto.Clone(req).(VerifiableRequest)
+	// ignore meta header
+	if meta, ok := msg.(MetaHeader); ok {
+		meta.ResetMeta()
+	}
+
+	signatures := msg.GetSignatures()
+
+	for i := range signatures {
+		msg.SetSignatures(signatures[:i])
+		peer := signatures[i].GetPeer()
+		sign := signatures[i].GetSign()
+
+		key := crypto.UnmarshalPublicKey(peer)
+		if key == nil {
+			return errors.Wrapf(ErrCannotLoadPublicKey, "%d: %02x", i, peer)
+		}
+
+		if data, err := msg.Marshal(); err != nil {
+			return errors.Wrapf(err, "%d: %02x", i, peer)
+		} else if err := crypto.Verify(key, data, sign); err != nil {
+			return errors.Wrapf(err, "%d: %02x", i, peer)
+		}
+	}
+
+	return nil
+}

service/verify.pb.go

@@ -0,0 +1,813 @@
+// Code generated by protoc-gen-gogo. DO NOT EDIT.
+// source: service/verify.proto
+
+package service
+
+import (
+	fmt "fmt"
+	_ "github.com/gogo/protobuf/gogoproto"
+	proto "github.com/golang/protobuf/proto"
+	io "io"
+	math "math"
+	math_bits "math/bits"
+)
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package
+
+type RequestVerificationHeader struct {
+	Signatures           []*RequestVerificationHeader_Signature `protobuf:"bytes,1,rep,name=Signatures,proto3" json:"Signatures,omitempty"`
+	XXX_NoUnkeyedLiteral struct{}                               `json:"-"`
+	XXX_unrecognized     []byte                                 `json:"-"`
+	XXX_sizecache        int32                                  `json:"-"`
+}
+
+func (m *RequestVerificationHeader) Reset()         { *m = RequestVerificationHeader{} }
+func (m *RequestVerificationHeader) String() string { return proto.CompactTextString(m) }
+func (*RequestVerificationHeader) ProtoMessage()    {}
+func (*RequestVerificationHeader) Descriptor() ([]byte, []int) {
+	return fileDescriptor_4bdd5bc50ec96238, []int{0}
+}
+func (m *RequestVerificationHeader) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *RequestVerificationHeader) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *RequestVerificationHeader) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_RequestVerificationHeader.Merge(m, src)
+}
+func (m *RequestVerificationHeader) XXX_Size() int {
+	return m.Size()
+}
+func (m *RequestVerificationHeader) XXX_DiscardUnknown() {
+	xxx_messageInfo_RequestVerificationHeader.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_RequestVerificationHeader proto.InternalMessageInfo
+
+func (m *RequestVerificationHeader) GetSignatures() []*RequestVerificationHeader_Signature {
+	if m != nil {
+		return m.Signatures
+	}
+	return nil
+}
+
+type RequestVerificationHeader_Sign struct {
+	Sign                 []byte   `protobuf:"bytes,1,opt,name=Sign,proto3" json:"Sign,omitempty"`
+	Peer                 []byte   `protobuf:"bytes,2,opt,name=Peer,proto3" json:"Peer,omitempty"`
+	XXX_NoUnkeyedLiteral struct{} `json:"-"`
+	XXX_unrecognized     []byte   `json:"-"`
+	XXX_sizecache        int32    `json:"-"`
+}
+
+func (m *RequestVerificationHeader_Sign) Reset()         { *m = RequestVerificationHeader_Sign{} }
+func (m *RequestVerificationHeader_Sign) String() string { return proto.CompactTextString(m) }
+func (*RequestVerificationHeader_Sign) ProtoMessage()    {}
+func (*RequestVerificationHeader_Sign) Descriptor() ([]byte, []int) {
+	return fileDescriptor_4bdd5bc50ec96238, []int{0, 0}
+}
+func (m *RequestVerificationHeader_Sign) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *RequestVerificationHeader_Sign) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *RequestVerificationHeader_Sign) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_RequestVerificationHeader_Sign.Merge(m, src)
+}
+func (m *RequestVerificationHeader_Sign) XXX_Size() int {
+	return m.Size()
+}
+func (m *RequestVerificationHeader_Sign) XXX_DiscardUnknown() {
+	xxx_messageInfo_RequestVerificationHeader_Sign.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_RequestVerificationHeader_Sign proto.InternalMessageInfo
+
+func (m *RequestVerificationHeader_Sign) GetSign() []byte {
+	if m != nil {
+		return m.Sign
+	}
+	return nil
+}
+
+func (m *RequestVerificationHeader_Sign) GetPeer() []byte {
+	if m != nil {
+		return m.Peer
+	}
+	return nil
+}
+
+type RequestVerificationHeader_Signature struct {
+	RequestVerificationHeader_Sign `protobuf:"bytes,1,opt,name=Sign,proto3,embedded=Sign" json:"Sign"`
+	Origin                         *RequestVerificationHeader_Sign `protobuf:"bytes,2,opt,name=Origin,proto3" json:"Origin,omitempty"`
+	XXX_NoUnkeyedLiteral           struct{}                        `json:"-"`
+	XXX_unrecognized               []byte                          `json:"-"`
+	XXX_sizecache                  int32                           `json:"-"`
+}
+
+func (m *RequestVerificationHeader_Signature) Reset()         { *m = RequestVerificationHeader_Signature{} }
+func (m *RequestVerificationHeader_Signature) String() string { return proto.CompactTextString(m) }
+func (*RequestVerificationHeader_Signature) ProtoMessage()    {}
+func (*RequestVerificationHeader_Signature) Descriptor() ([]byte, []int) {
+	return fileDescriptor_4bdd5bc50ec96238, []int{0, 1}
+}
+func (m *RequestVerificationHeader_Signature) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *RequestVerificationHeader_Signature) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *RequestVerificationHeader_Signature) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_RequestVerificationHeader_Signature.Merge(m, src)
+}
+func (m *RequestVerificationHeader_Signature) XXX_Size() int {
+	return m.Size()
+}
+func (m *RequestVerificationHeader_Signature) XXX_DiscardUnknown() {
+	xxx_messageInfo_RequestVerificationHeader_Signature.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_RequestVerificationHeader_Signature proto.InternalMessageInfo
+
+func (m *RequestVerificationHeader_Signature) GetOrigin() *RequestVerificationHeader_Sign {
+	if m != nil {
+		return m.Origin
+	}
+	return nil
+}
+
+func init() {
+	proto.RegisterType((*RequestVerificationHeader)(nil), "service.RequestVerificationHeader")
+	proto.RegisterType((*RequestVerificationHeader_Sign)(nil), "service.RequestVerificationHeader.Sign")
+	proto.RegisterType((*RequestVerificationHeader_Signature)(nil), "service.RequestVerificationHeader.Signature")
+}
+
+func init() { proto.RegisterFile("service/verify.proto", fileDescriptor_4bdd5bc50ec96238) }
+
+var fileDescriptor_4bdd5bc50ec96238 = []byte{
+	// 270 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x12, 0x29, 0x4e, 0x2d, 0x2a,
+	0xcb, 0x4c, 0x4e, 0xd5, 0x2f, 0x4b, 0x2d, 0xca, 0x4c, 0xab, 0xd4, 0x2b, 0x28, 0xca, 0x2f, 0xc9,
+	0x17, 0x62, 0x87, 0x8a, 0x4a, 0xe9, 0xa6, 0x67, 0x96, 0x64, 0x94, 0x26, 0xe9, 0x25, 0xe7, 0xe7,
+	0xea, 0xa7, 0xe7, 0xa7, 0xe7, 0xeb, 0x83, 0xe5, 0x93, 0x4a, 0xd3, 0xc0, 0x3c, 0x30, 0x07, 0xcc,
+	0x82, 0xe8, 0x53, 0x5a, 0xcf, 0xc4, 0x25, 0x19, 0x94, 0x5a, 0x58, 0x9a, 0x5a, 0x5c, 0x12, 0x06,
+	0x32, 0x2f, 0x33, 0x39, 0xb1, 0x24, 0x33, 0x3f, 0xcf, 0x23, 0x35, 0x31, 0x25, 0xb5, 0x48, 0xc8,
+	0x87, 0x8b, 0x2b, 0x38, 0x33, 0x3d, 0x2f, 0xb1, 0xa4, 0xb4, 0x28, 0xb5, 0x58, 0x82, 0x51, 0x81,
+	0x59, 0x83, 0xdb, 0x48, 0x47, 0x0f, 0x6a, 0x95, 0x1e, 0x4e, 0x7d, 0x7a, 0x70, 0x4d, 0x41, 0x48,
+	0xfa, 0xa5, 0xf4, 0xb8, 0x58, 0x40, 0x3c, 0x21, 0x21, 0x08, 0x2d, 0xc1, 0xa8, 0xc0, 0xa8, 0xc1,
+	0x13, 0x04, 0x17, 0x0b, 0x48, 0x4d, 0x2d, 0x92, 0x60, 0x82, 0x88, 0x81, 0xd8, 0x52, 0x93, 0x19,
+	0xb9, 0x38, 0xe1, 0xda, 0x85, 0x5c, 0x91, 0x74, 0x71, 0x1b, 0xa9, 0x13, 0xe9, 0x0a, 0x27, 0x8e,
+	0x13, 0xf7, 0xe4, 0x19, 0x2e, 0xdc, 0x93, 0x67, 0x84, 0x5a, 0x64, 0xcf, 0xc5, 0xe6, 0x5f, 0x94,
+	0x99, 0x9e, 0x99, 0x07, 0xb6, 0x8a, 0x78, 0x83, 0x82, 0xa0, 0xda, 0x9c, 0xec, 0x4e, 0x3c, 0x92,
+	0x63, 0xbc, 0xf0, 0x48, 0x8e, 0xf1, 0xc6, 0x23, 0x39, 0xc6, 0x07, 0x8f, 0xe4, 0x18, 0x67, 0x3c,
+	0x96, 0x63, 0x88, 0xd2, 0x40, 0x0a, 0xf6, 0xbc, 0xe2, 0x82, 0xe4, 0x64, 0xdd, 0x94, 0xd4, 0x32,
+	0xfd, 0xbc, 0xd4, 0xfc, 0xb4, 0x62, 0x5d, 0x48, 0xa0, 0x43, 0xad, 0x49, 0x62, 0x03, 0x73, 0x8d,
+	0x01, 0x01, 0x00, 0x00, 0xff, 0xff, 0xd7, 0x15, 0xf6, 0x5e, 0xc8, 0x01, 0x00, 0x00,
+}
+
+func (m *RequestVerificationHeader) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *RequestVerificationHeader) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *RequestVerificationHeader) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.XXX_unrecognized != nil {
+		i -= len(m.XXX_unrecognized)
+		copy(dAtA[i:], m.XXX_unrecognized)
+	}
+	if len(m.Signatures) > 0 {
+		for iNdEx := len(m.Signatures) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Signatures[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintVerify(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0xa
+		}
+	}
+	return len(dAtA) - i, nil
+}
+
+func (m *RequestVerificationHeader_Sign) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *RequestVerificationHeader_Sign) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *RequestVerificationHeader_Sign) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.XXX_unrecognized != nil {
+		i -= len(m.XXX_unrecognized)
+		copy(dAtA[i:], m.XXX_unrecognized)
+	}
+	if len(m.Peer) > 0 {
+		i -= len(m.Peer)
+		copy(dAtA[i:], m.Peer)
+		i = encodeVarintVerify(dAtA, i, uint64(len(m.Peer)))
+		i--
+		dAtA[i] = 0x12
+	}
+	if len(m.Sign) > 0 {
+		i -= len(m.Sign)
+		copy(dAtA[i:], m.Sign)
+		i = encodeVarintVerify(dAtA, i, uint64(len(m.Sign)))
+		i--
+		dAtA[i] = 0xa
+	}
+	return len(dAtA) - i, nil
+}
+
+func (m *RequestVerificationHeader_Signature) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *RequestVerificationHeader_Signature) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *RequestVerificationHeader_Signature) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.XXX_unrecognized != nil {
+		i -= len(m.XXX_unrecognized)
+		copy(dAtA[i:], m.XXX_unrecognized)
+	}
+	if m.Origin != nil {
+		{
+			size, err := m.Origin.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintVerify(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x12
+	}
+	{
+		size, err := m.RequestVerificationHeader_Sign.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintVerify(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func encodeVarintVerify(dAtA []byte, offset int, v uint64) int {
+	offset -= sovVerify(v)
+	base := offset
+	for v >= 1<<7 {
+		dAtA[offset] = uint8(v&0x7f | 0x80)
+		v >>= 7
+		offset++
+	}
+	dAtA[offset] = uint8(v)
+	return base
+}
+func (m *RequestVerificationHeader) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if len(m.Signatures) > 0 {
+		for _, e := range m.Signatures {
+			l = e.Size()
+			n += 1 + l + sovVerify(uint64(l))
+		}
+	}
+	if m.XXX_unrecognized != nil {
+		n += len(m.XXX_unrecognized)
+	}
+	return n
+}
+
+func (m *RequestVerificationHeader_Sign) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Sign)
+	if l > 0 {
+		n += 1 + l + sovVerify(uint64(l))
+	}
+	l = len(m.Peer)
+	if l > 0 {
+		n += 1 + l + sovVerify(uint64(l))
+	}
+	if m.XXX_unrecognized != nil {
+		n += len(m.XXX_unrecognized)
+	}
+	return n
+}
+
+func (m *RequestVerificationHeader_Signature) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.RequestVerificationHeader_Sign.Size()
+	n += 1 + l + sovVerify(uint64(l))
+	if m.Origin != nil {
+		l = m.Origin.Size()
+		n += 1 + l + sovVerify(uint64(l))
+	}
+	if m.XXX_unrecognized != nil {
+		n += len(m.XXX_unrecognized)
+	}
+	return n
+}
+
+func sovVerify(x uint64) (n int) {
+	return (math_bits.Len64(x|1) + 6) / 7
+}
+func sozVerify(x uint64) (n int) {
+	return sovVerify(uint64((x << 1) ^ uint64((int64(x) >> 63))))
+}
+func (m *RequestVerificationHeader) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowVerify
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: RequestVerificationHeader: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: RequestVerificationHeader: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Signatures", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowVerify
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthVerify
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthVerify
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Signatures = append(m.Signatures, &RequestVerificationHeader_Signature{})
+			if err := m.Signatures[len(m.Signatures)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipVerify(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthVerify
+			}
+			if (iNdEx + skippy) < 0 {
+				return ErrInvalidLengthVerify
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *RequestVerificationHeader_Sign) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowVerify
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: Sign: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: Sign: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Sign", wireType)
+			}
+			var byteLen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowVerify
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				byteLen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if byteLen < 0 {
+				return ErrInvalidLengthVerify
+			}
+			postIndex := iNdEx + byteLen
+			if postIndex < 0 {
+				return ErrInvalidLengthVerify
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Sign = append(m.Sign[:0], dAtA[iNdEx:postIndex]...)
+			if m.Sign == nil {
+				m.Sign = []byte{}
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Peer", wireType)
+			}
+			var byteLen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowVerify
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				byteLen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if byteLen < 0 {
+				return ErrInvalidLengthVerify
+			}
+			postIndex := iNdEx + byteLen
+			if postIndex < 0 {
+				return ErrInvalidLengthVerify
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Peer = append(m.Peer[:0], dAtA[iNdEx:postIndex]...)
+			if m.Peer == nil {
+				m.Peer = []byte{}
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipVerify(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthVerify
+			}
+			if (iNdEx + skippy) < 0 {
+				return ErrInvalidLengthVerify
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *RequestVerificationHeader_Signature) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowVerify
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: Signature: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: Signature: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field RequestVerificationHeader_Sign", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowVerify
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthVerify
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthVerify
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.RequestVerificationHeader_Sign.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Origin", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowVerify
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthVerify
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthVerify
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Origin == nil {
+				m.Origin = &RequestVerificationHeader_Sign{}
+			}
+			if err := m.Origin.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipVerify(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthVerify
+			}
+			if (iNdEx + skippy) < 0 {
+				return ErrInvalidLengthVerify
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func skipVerify(dAtA []byte) (n int, err error) {
+	l := len(dAtA)
+	iNdEx := 0
+	depth := 0
+	for iNdEx < l {
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return 0, ErrIntOverflowVerify
+			}
+			if iNdEx >= l {
+				return 0, io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		wireType := int(wire & 0x7)
+		switch wireType {
+		case 0:
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowVerify
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				iNdEx++
+				if dAtA[iNdEx-1] < 0x80 {
+					break
+				}
+			}
+		case 1:
+			iNdEx += 8
+		case 2:
+			var length int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowVerify
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				length |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if length < 0 {
+				return 0, ErrInvalidLengthVerify
+			}
+			iNdEx += length
+		case 3:
+			depth++
+		case 4:
+			if depth == 0 {
+				return 0, ErrUnexpectedEndOfGroupVerify
+			}
+			depth--
+		case 5:
+			iNdEx += 4
+		default:
+			return 0, fmt.Errorf("proto: illegal wireType %d", wireType)
+		}
+		if iNdEx < 0 {
+			return 0, ErrInvalidLengthVerify
+		}
+		if depth == 0 {
+			return iNdEx, nil
+		}
+	}
+	return 0, io.ErrUnexpectedEOF
+}
+
+var (
+	ErrInvalidLengthVerify        = fmt.Errorf("proto: negative length found during unmarshaling")
+	ErrIntOverflowVerify          = fmt.Errorf("proto: integer overflow")
+	ErrUnexpectedEndOfGroupVerify = fmt.Errorf("proto: unexpected end of group")
+)

service/verify.proto

@@ -0,0 +1,20 @@
+syntax = "proto3";
+package service;
+option go_package = "github.com/nspcc-dev/neofs-proto/service";
+
+import "github.com/gogo/protobuf/gogoproto/gogo.proto";
+
+option (gogoproto.stable_marshaler_all) = true;
+
+message RequestVerificationHeader {
+    message Sign {
+        bytes Sign = 1;
+        bytes Peer = 2;
+    }
+    message Signature {
+        Sign Sign   = 1 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
+        Sign Origin = 2;
+    }
+
+    repeated Signature Signatures = 1;
+}

service/verify_test.go

@@ -0,0 +1,106 @@
+package service
+
+import (
+	"math"
+	"testing"
+
+	crypto "github.com/nspcc-dev/neofs-crypto"
+	"github.com/nspcc-dev/neofs-crypto/test"
+	"github.com/pkg/errors"
+	"github.com/stretchr/testify/require"
+)
+
+func TestSignRequestHeader(t *testing.T) {
+	req := &TestRequest{
+		IntField:    math.MaxInt32,
+		StringField: "TestRequestStringField",
+		BytesField:  []byte("TestRequestBytesField"),
+	}
+
+	key := test.DecodeKey(0)
+	peer := crypto.MarshalPublicKey(&key.PublicKey)
+
+	data, err := req.Marshal()
+	require.NoError(t, err)
+
+	require.NoError(t, SignRequestHeader(key, req))
+
+	require.Len(t, req.Signatures, 1)
+	for i := range req.Signatures {
+		sign := req.Signatures[i].GetSign()
+		require.Equal(t, peer, req.Signatures[i].GetPeer())
+		require.NoError(t, crypto.Verify(&key.PublicKey, data, sign))
+	}
+}
+
+func TestVerifyRequestHeader(t *testing.T) {
+	req := &TestRequest{
+		IntField:          math.MaxInt32,
+		StringField:       "TestRequestStringField",
+		BytesField:        []byte("TestRequestBytesField"),
+		RequestMetaHeader: RequestMetaHeader{TTL: 10},
+	}
+
+	for i := 0; i < 10; i++ {
+		req.TTL--
+		require.NoError(t, SignRequestHeader(test.DecodeKey(i), req))
+	}
+
+	require.NoError(t, VerifyRequestHeader(req))
+}
+
+func TestMaintainableRequest(t *testing.T) {
+	req := &TestRequest{
+		IntField:          math.MaxInt32,
+		StringField:       "TestRequestStringField",
+		BytesField:        []byte("TestRequestBytesField"),
+		RequestMetaHeader: RequestMetaHeader{TTL: 10},
+	}
+
+	count := 10
+	owner := test.DecodeKey(count + 1)
+
+	for i := 0; i < count; i++ {
+		req.TTL--
+
+		key := test.DecodeKey(i)
+		require.NoError(t, SignRequestHeader(key, req))
+
+		// sign first key (session key) by owner key
+		if i == 0 {
+			sign, err := crypto.Sign(owner, crypto.MarshalPublicKey(&key.PublicKey))
+			require.NoError(t, err)
+
+			req.SetOwner(&owner.PublicKey, sign)
+		}
+	}
+
+	{ // Good case:
+		require.NoError(t, VerifyRequestHeader(req))
+
+		// validate, that first key (session key) was signed with owner
+		signatures := req.GetSignatures()
+
+		require.Len(t, signatures, count)
+
+		pub, err := req.GetOwner()
+		require.NoError(t, err)
+
+		require.Equal(t, &owner.PublicKey, pub)
+	}
+
+	{ // wrong owner:
+		req.Signatures[0].Origin = nil
+
+		pub, err := req.GetOwner()
+		require.NoError(t, err)
+
+		require.NotEqual(t, &owner.PublicKey, pub)
+	}
+
+	{ // Wrong signatures:
+		copy(req.Signatures[count-1].Sign, req.Signatures[count-1].Peer)
+		err := VerifyRequestHeader(req)
+		require.EqualError(t, errors.Cause(err), crypto.ErrInvalidSignature.Error())
+	}
+}

service/verify_test.pb.go

@@ -0,0 +1,518 @@
+// Code generated by protoc-gen-gogo. DO NOT EDIT.
+// source: service/verify_test.proto
+
+package service
+
+import (
+	fmt "fmt"
+	_ "github.com/gogo/protobuf/gogoproto"
+	proto "github.com/golang/protobuf/proto"
+	io "io"
+	math "math"
+	math_bits "math/bits"
+)
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package
+
+type TestRequest struct {
+	IntField                  int32  `protobuf:"varint,1,opt,name=IntField,proto3" json:"IntField,omitempty"`
+	StringField               string `protobuf:"bytes,2,opt,name=StringField,proto3" json:"StringField,omitempty"`
+	BytesField                []byte `protobuf:"bytes,3,opt,name=BytesField,proto3" json:"BytesField,omitempty"`
+	RequestMetaHeader         `protobuf:"bytes,98,opt,name=Meta,proto3,embedded=Meta" json:"Meta"`
+	RequestVerificationHeader `protobuf:"bytes,99,opt,name=Header,proto3,embedded=Header" json:"Header"`
+	XXX_NoUnkeyedLiteral      struct{} `json:"-"`
+	XXX_unrecognized          []byte   `json:"-"`
+	XXX_sizecache             int32    `json:"-"`
+}
+
+func (m *TestRequest) Reset()         { *m = TestRequest{} }
+func (m *TestRequest) String() string { return proto.CompactTextString(m) }
+func (*TestRequest) ProtoMessage()    {}
+func (*TestRequest) Descriptor() ([]byte, []int) {
+	return fileDescriptor_1effa83201a30d75, []int{0}
+}
+func (m *TestRequest) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *TestRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *TestRequest) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_TestRequest.Merge(m, src)
+}
+func (m *TestRequest) XXX_Size() int {
+	return m.Size()
+}
+func (m *TestRequest) XXX_DiscardUnknown() {
+	xxx_messageInfo_TestRequest.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_TestRequest proto.InternalMessageInfo
+
+func (m *TestRequest) GetIntField() int32 {
+	if m != nil {
+		return m.IntField
+	}
+	return 0
+}
+
+func (m *TestRequest) GetStringField() string {
+	if m != nil {
+		return m.StringField
+	}
+	return ""
+}
+
+func (m *TestRequest) GetBytesField() []byte {
+	if m != nil {
+		return m.BytesField
+	}
+	return nil
+}
+
+func init() {
+	proto.RegisterType((*TestRequest)(nil), "service.TestRequest")
+}
+
+func init() { proto.RegisterFile("service/verify_test.proto", fileDescriptor_1effa83201a30d75) }
+
+var fileDescriptor_1effa83201a30d75 = []byte{
+	// 296 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x64, 0x90, 0xbf, 0x4e, 0xeb, 0x30,
+	0x14, 0xc6, 0xeb, 0x7b, 0xa1, 0x14, 0x97, 0xc9, 0x62, 0x28, 0x19, 0xdc, 0xa8, 0x53, 0x96, 0x26,
+	0x12, 0x2c, 0x4c, 0x0c, 0x15, 0x42, 0x30, 0xb0, 0x04, 0xc4, 0xc0, 0x82, 0x12, 0xe7, 0x24, 0x58,
+	0xa2, 0x71, 0x89, 0x4f, 0x22, 0xf5, 0x4d, 0x78, 0xa4, 0x8e, 0x1d, 0x99, 0x2a, 0x14, 0x46, 0x5e,
+	0x02, 0xd5, 0x36, 0x28, 0xc0, 0x96, 0xef, 0xcf, 0x2f, 0x47, 0xfe, 0xe8, 0x91, 0x86, 0xaa, 0x91,
+	0x02, 0xa2, 0x06, 0x2a, 0x99, 0x2f, 0x1f, 0x10, 0x34, 0x86, 0x8b, 0x4a, 0xa1, 0x62, 0x7b, 0x2e,
+	0xf2, 0xd8, 0x57, 0x67, 0x0e, 0x98, 0xd8, 0xd0, 0x3b, 0xfc, 0xc9, 0x39, 0x77, 0x5a, 0x48, 0x7c,
+	0xac, 0xd3, 0x50, 0xa8, 0x79, 0x54, 0xa8, 0x42, 0x45, 0xc6, 0x4e, 0xeb, 0xdc, 0x28, 0x23, 0xcc,
+	0x97, 0xad, 0x4f, 0x3e, 0x08, 0x1d, 0xde, 0x82, 0xc6, 0x18, 0x9e, 0x6b, 0xd0, 0xc8, 0x3c, 0x3a,
+	0xb8, 0x2a, 0xf1, 0x42, 0xc2, 0x53, 0x36, 0x22, 0x3e, 0x09, 0x76, 0xe3, 0x6f, 0xcd, 0x7c, 0x3a,
+	0xbc, 0xc1, 0x4a, 0x96, 0x85, 0x8d, 0xff, 0xf9, 0x24, 0xd8, 0x8f, 0xbb, 0x16, 0xe3, 0x94, 0xce,
+	0x96, 0x08, 0xda, 0x16, 0xfe, 0xfb, 0x24, 0x38, 0x88, 0x3b, 0x0e, 0x3b, 0xa5, 0x3b, 0xd7, 0x80,
+	0xc9, 0x28, 0xf5, 0x49, 0x30, 0x3c, 0xf6, 0x42, 0xf7, 0x82, 0xd0, 0x5d, 0xdf, 0x66, 0x97, 0x90,
+	0x64, 0x50, 0xcd, 0x06, 0xab, 0xcd, 0xb8, 0xb7, 0xde, 0x8c, 0x49, 0x6c, 0x08, 0x76, 0x4e, 0xfb,
+	0x36, 0x19, 0x09, 0xc3, 0x4e, 0x7e, 0xb3, 0x77, 0xdb, 0x11, 0xa4, 0x48, 0x50, 0xaa, 0xf2, 0xcf,
+	0x3f, 0x1c, 0x3b, 0x3b, 0x5b, 0xb5, 0x9c, 0xac, 0x5b, 0x4e, 0x5e, 0x5b, 0x4e, 0xde, 0x5a, 0x4e,
+	0x5e, 0xde, 0x79, 0xef, 0x3e, 0xe8, 0x4c, 0x56, 0xea, 0x85, 0x10, 0xd3, 0x0c, 0x9a, 0xa8, 0x04,
+	0x95, 0xeb, 0xa9, 0x1d, 0xcc, 0xdd, 0x4a, 0xfb, 0x46, 0x9e, 0x7c, 0x06, 0x00, 0x00, 0xff, 0xff,
+	0xa6, 0xdb, 0x5f, 0x7a, 0xb3, 0x01, 0x00, 0x00,
+}
+
+func (m *TestRequest) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *TestRequest) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *TestRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.XXX_unrecognized != nil {
+		i -= len(m.XXX_unrecognized)
+		copy(dAtA[i:], m.XXX_unrecognized)
+	}
+	{
+		size, err := m.RequestVerificationHeader.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintVerifyTest(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x6
+	i--
+	dAtA[i] = 0x9a
+	{
+		size, err := m.RequestMetaHeader.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintVerifyTest(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x6
+	i--
+	dAtA[i] = 0x92
+	if len(m.BytesField) > 0 {
+		i -= len(m.BytesField)
+		copy(dAtA[i:], m.BytesField)
+		i = encodeVarintVerifyTest(dAtA, i, uint64(len(m.BytesField)))
+		i--
+		dAtA[i] = 0x1a
+	}
+	if len(m.StringField) > 0 {
+		i -= len(m.StringField)
+		copy(dAtA[i:], m.StringField)
+		i = encodeVarintVerifyTest(dAtA, i, uint64(len(m.StringField)))
+		i--
+		dAtA[i] = 0x12
+	}
+	if m.IntField != 0 {
+		i = encodeVarintVerifyTest(dAtA, i, uint64(m.IntField))
+		i--
+		dAtA[i] = 0x8
+	}
+	return len(dAtA) - i, nil
+}
+
+func encodeVarintVerifyTest(dAtA []byte, offset int, v uint64) int {
+	offset -= sovVerifyTest(v)
+	base := offset
+	for v >= 1<<7 {
+		dAtA[offset] = uint8(v&0x7f | 0x80)
+		v >>= 7
+		offset++
+	}
+	dAtA[offset] = uint8(v)
+	return base
+}
+func (m *TestRequest) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if m.IntField != 0 {
+		n += 1 + sovVerifyTest(uint64(m.IntField))
+	}
+	l = len(m.StringField)
+	if l > 0 {
+		n += 1 + l + sovVerifyTest(uint64(l))
+	}
+	l = len(m.BytesField)
+	if l > 0 {
+		n += 1 + l + sovVerifyTest(uint64(l))
+	}
+	l = m.RequestMetaHeader.Size()
+	n += 2 + l + sovVerifyTest(uint64(l))
+	l = m.RequestVerificationHeader.Size()
+	n += 2 + l + sovVerifyTest(uint64(l))
+	if m.XXX_unrecognized != nil {
+		n += len(m.XXX_unrecognized)
+	}
+	return n
+}
+
+func sovVerifyTest(x uint64) (n int) {
+	return (math_bits.Len64(x|1) + 6) / 7
+}
+func sozVerifyTest(x uint64) (n int) {
+	return sovVerifyTest(uint64((x << 1) ^ uint64((int64(x) >> 63))))
+}
+func (m *TestRequest) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowVerifyTest
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: TestRequest: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: TestRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field IntField", wireType)
+			}
+			m.IntField = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowVerifyTest
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.IntField |= int32(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field StringField", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowVerifyTest
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthVerifyTest
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthVerifyTest
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.StringField = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field BytesField", wireType)
+			}
+			var byteLen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowVerifyTest
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				byteLen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if byteLen < 0 {
+				return ErrInvalidLengthVerifyTest
+			}
+			postIndex := iNdEx + byteLen
+			if postIndex < 0 {
+				return ErrInvalidLengthVerifyTest
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.BytesField = append(m.BytesField[:0], dAtA[iNdEx:postIndex]...)
+			if m.BytesField == nil {
+				m.BytesField = []byte{}
+			}
+			iNdEx = postIndex
+		case 98:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field RequestMetaHeader", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowVerifyTest
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthVerifyTest
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthVerifyTest
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.RequestMetaHeader.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 99:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field RequestVerificationHeader", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowVerifyTest
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthVerifyTest
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthVerifyTest
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.RequestVerificationHeader.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipVerifyTest(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthVerifyTest
+			}
+			if (iNdEx + skippy) < 0 {
+				return ErrInvalidLengthVerifyTest
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func skipVerifyTest(dAtA []byte) (n int, err error) {
+	l := len(dAtA)
+	iNdEx := 0
+	depth := 0
+	for iNdEx < l {
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return 0, ErrIntOverflowVerifyTest
+			}
+			if iNdEx >= l {
+				return 0, io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		wireType := int(wire & 0x7)
+		switch wireType {
+		case 0:
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowVerifyTest
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				iNdEx++
+				if dAtA[iNdEx-1] < 0x80 {
+					break
+				}
+			}
+		case 1:
+			iNdEx += 8
+		case 2:
+			var length int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowVerifyTest
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				length |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if length < 0 {
+				return 0, ErrInvalidLengthVerifyTest
+			}
+			iNdEx += length
+		case 3:
+			depth++
+		case 4:
+			if depth == 0 {
+				return 0, ErrUnexpectedEndOfGroupVerifyTest
+			}
+			depth--
+		case 5:
+			iNdEx += 4
+		default:
+			return 0, fmt.Errorf("proto: illegal wireType %d", wireType)
+		}
+		if iNdEx < 0 {
+			return 0, ErrInvalidLengthVerifyTest
+		}
+		if depth == 0 {
+			return iNdEx, nil
+		}
+	}
+	return 0, io.ErrUnexpectedEOF
+}
+
+var (
+	ErrInvalidLengthVerifyTest        = fmt.Errorf("proto: negative length found during unmarshaling")
+	ErrIntOverflowVerifyTest          = fmt.Errorf("proto: integer overflow")
+	ErrUnexpectedEndOfGroupVerifyTest = fmt.Errorf("proto: unexpected end of group")
+)

service/verify_test.proto

@@ -0,0 +1,17 @@
+syntax = "proto3";
+package service;
+option go_package = "github.com/nspcc-dev/neofs-proto/service";
+
+import "service/meta.proto";
+import "service/verify.proto";
+import "github.com/gogo/protobuf/gogoproto/gogo.proto";
+
+option (gogoproto.stable_marshaler_all) = true;
+
+message TestRequest {
+    int32 IntField                   = 1;
+    string StringField               = 2;
+    bytes BytesField                 = 3;
+    RequestMetaHeader Meta           = 98 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
+    RequestVerificationHeader Header = 99 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
+}