forked from TrueCloudLab/frostfs-api-go
service: support broken apart signable payload of the requests
In previous implementation service package provided types and functions
that wrapped signing/verification of data with session token.
This allowed us to use these functions for signing / verification of
service requests of other packages. To support the expansion of messages
with additional parts that need to be signed, you must be able to easily
expand the signed data with new parts.
To achieve the described goal, this commit makes the following changes:
* adds GroupSignedPayloads and GroupVerifyPayloads functions;
* renames SignedDataWithToken to RequestData, DataWithTokenSignAccumulator
to RequestSignedData, DataWithTokenSignSource to RequestVerifyData;
* renames SignDataWithSessionToken/VerifyAccumulatedSignaturesWithToken
function to SignRequestData/VerifyRequestData and makes it to use
GroupSignedPayloads/GroupVerifyPayloads internally.
This commit is contained in:
Leonard Lyubich
parent
8dbd65132d
commit
74e917810a
12 changed files with 260 additions and 103 deletions
|
|
@ -257,16 +257,16 @@ func TestVerifySignatureWithKey(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestSignVerifyDataWithSessionToken(t *testing.T) {
|
||||
// sign with empty DataWithTokenSignAccumulator
|
||||
// sign with empty RequestSignedData
|
||||
require.EqualError(t,
|
||||
SignDataWithSessionToken(nil, nil),
|
||||
ErrNilDataWithTokenSignAccumulator.Error(),
|
||||
SignRequestData(nil, nil),
|
||||
ErrNilRequestSignedData.Error(),
|
||||
)
|
||||
|
||||
// verify with empty DataWithTokenSignSource
|
||||
// verify with empty RequestVerifyData
|
||||
require.EqualError(t,
|
||||
VerifyAccumulatedSignaturesWithToken(nil),
|
||||
ErrNilSignatureKeySourceWithToken.Error(),
|
||||
VerifyRequestData(nil),
|
||||
ErrNilRequestVerifyData.Error(),
|
||||
)
|
||||
|
||||
// create test session token
|
||||
|
|
@ -287,16 +287,16 @@ func TestSignVerifyDataWithSessionToken(t *testing.T) {
|
|||
sk := test.DecodeKey(0)
|
||||
|
||||
// sign with private key
|
||||
require.NoError(t, SignDataWithSessionToken(sk, src))
|
||||
require.NoError(t, SignRequestData(sk, src))
|
||||
|
||||
// ascertain that verification is passed
|
||||
require.NoError(t, VerifyAccumulatedSignaturesWithToken(src))
|
||||
require.NoError(t, VerifyRequestData(src))
|
||||
|
||||
// break the data
|
||||
src.data[0]++
|
||||
|
||||
// ascertain that verification is failed
|
||||
require.Error(t, VerifyAccumulatedSignaturesWithToken(src))
|
||||
require.Error(t, VerifyRequestData(src))
|
||||
|
||||
// restore the data
|
||||
src.data[0]--
|
||||
|
|
@ -305,13 +305,13 @@ func TestSignVerifyDataWithSessionToken(t *testing.T) {
|
|||
token.SetVerb(initVerb + 1)
|
||||
|
||||
// ascertain that verification is failed
|
||||
require.Error(t, VerifyAccumulatedSignaturesWithToken(src))
|
||||
require.Error(t, VerifyRequestData(src))
|
||||
|
||||
// restore the token
|
||||
token.SetVerb(initVerb)
|
||||
|
||||
// ascertain that verification is passed
|
||||
require.NoError(t, VerifyAccumulatedSignaturesWithToken(src))
|
||||
require.NoError(t, VerifyRequestData(src))
|
||||
|
||||
// wrap to data reader
|
||||
rdr := &testSignedDataReader{
|
||||
|
|
@ -319,8 +319,8 @@ func TestSignVerifyDataWithSessionToken(t *testing.T) {
|
|||
}
|
||||
|
||||
// sign with private key
|
||||
require.NoError(t, SignDataWithSessionToken(sk, rdr))
|
||||
require.NoError(t, SignRequestData(sk, rdr))
|
||||
|
||||
// ascertain that verification is passed
|
||||
require.NoError(t, VerifyAccumulatedSignaturesWithToken(rdr))
|
||||
require.NoError(t, VerifyRequestData(rdr))
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue