forked from TrueCloudLab/frostfs-node
[#1092] control: Move SignMessage to separate package
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
This commit is contained in:
parent
f3e09cb09b
commit
b078fe5ba1
17 changed files with 86 additions and 65 deletions
|
|
@ -2,26 +2,17 @@ package control
|
|||
|
||||
import (
|
||||
"bytes"
|
||||
"crypto/ecdsa"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/refs"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control/server/ctrlmessage"
|
||||
frostfscrypto "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/crypto"
|
||||
frostfsecdsa "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/crypto/ecdsa"
|
||||
)
|
||||
|
||||
// SignedMessage is an interface of Control service message.
|
||||
type SignedMessage interface {
|
||||
ReadSignedData([]byte) ([]byte, error)
|
||||
GetSignature() *control.Signature
|
||||
SetSignature(*control.Signature)
|
||||
}
|
||||
|
||||
var errDisallowedKey = errors.New("key is not in the allowed list")
|
||||
|
||||
func (s *Server) isValidRequest(req SignedMessage) error {
|
||||
func (s *Server) isValidRequest(req ctrlmessage.SignedMessage) error {
|
||||
sign := req.GetSignature()
|
||||
if sign == nil {
|
||||
// TODO(@cthulhu-rider): #468 use "const" error
|
||||
|
|
@ -68,30 +59,3 @@ func (s *Server) isValidRequest(req SignedMessage) error {
|
|||
|
||||
return nil
|
||||
}
|
||||
|
||||
// SignMessage signs Control service message with private key.
|
||||
func SignMessage(key *ecdsa.PrivateKey, msg SignedMessage) error {
|
||||
binBody, err := msg.ReadSignedData(nil)
|
||||
if err != nil {
|
||||
return fmt.Errorf("marshal request body: %w", err)
|
||||
}
|
||||
|
||||
var sig frostfscrypto.Signature
|
||||
|
||||
err = sig.Calculate(frostfsecdsa.Signer(*key), binBody)
|
||||
if err != nil {
|
||||
return fmt.Errorf("calculate signature: %w", err)
|
||||
}
|
||||
|
||||
// TODO(@cthulhu-rider): #468 use Signature message from FrostFS API to avoid conversion
|
||||
var sigV2 refs.Signature
|
||||
sig.WriteToV2(&sigV2)
|
||||
|
||||
var sigControl control.Signature
|
||||
sigControl.SetKey(sigV2.GetKey())
|
||||
sigControl.SetSign(sigV2.GetSign())
|
||||
|
||||
msg.SetSignature(&sigControl)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue