2020-08-24 10:05:10 +00:00
|
|
|
package util
|
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/ecdsa"
|
2021-11-06 11:13:04 +00:00
|
|
|
"errors"
|
2021-05-18 08:12:51 +00:00
|
|
|
"fmt"
|
2020-08-24 10:05:10 +00:00
|
|
|
|
2023-03-07 13:38:26 +00:00
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/session"
|
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/signature"
|
|
|
|
apistatus "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client/status"
|
2020-08-24 10:05:10 +00:00
|
|
|
)
|
|
|
|
|
2021-11-06 11:13:04 +00:00
|
|
|
type RequestMessage interface {
|
|
|
|
GetMetaHeader() *session.RequestMetaHeader
|
|
|
|
}
|
|
|
|
|
2023-02-05 15:59:38 +00:00
|
|
|
// ResponseMessage is an interface of FrostFS response message.
|
2020-10-22 11:02:40 +00:00
|
|
|
type ResponseMessage interface {
|
|
|
|
GetMetaHeader() *session.ResponseMetaHeader
|
|
|
|
SetMetaHeader(*session.ResponseMetaHeader)
|
|
|
|
}
|
2020-10-22 08:03:34 +00:00
|
|
|
|
2020-08-26 09:43:39 +00:00
|
|
|
type SignService struct {
|
2020-08-24 10:05:10 +00:00
|
|
|
key *ecdsa.PrivateKey
|
|
|
|
}
|
|
|
|
|
2021-11-06 11:13:04 +00:00
|
|
|
var ErrAbortStream = errors.New("abort message stream")
|
2020-08-26 09:41:43 +00:00
|
|
|
|
2020-08-26 09:43:39 +00:00
|
|
|
func NewUnarySignService(key *ecdsa.PrivateKey) *SignService {
|
|
|
|
return &SignService{
|
2020-08-26 09:20:26 +00:00
|
|
|
key: key,
|
2020-08-24 10:05:10 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-12-30 17:01:13 +00:00
|
|
|
// SignResponse response with private key via signature.SignServiceMessage.
|
|
|
|
// The signature error affects the result depending on the protocol version:
|
|
|
|
// - if status return is supported, panics since we cannot return the failed status, because it will not be signed.
|
|
|
|
// - otherwise, returns error in order to transport it directly.
|
2023-07-26 12:47:32 +00:00
|
|
|
func (s *SignService) SignResponse(resp ResponseMessage, err error) error {
|
2021-11-06 11:13:04 +00:00
|
|
|
if err != nil {
|
2022-02-16 15:53:43 +00:00
|
|
|
setStatusV2(resp, err)
|
2021-11-06 11:13:04 +00:00
|
|
|
}
|
|
|
|
|
2022-12-30 17:01:13 +00:00
|
|
|
err = signature.SignServiceMessage(s.key, resp)
|
2020-08-24 10:05:10 +00:00
|
|
|
if err != nil {
|
2022-12-31 06:43:13 +00:00
|
|
|
return fmt.Errorf("could not sign response: %w", err)
|
2020-08-24 10:05:10 +00:00
|
|
|
}
|
|
|
|
|
2022-12-31 06:43:13 +00:00
|
|
|
return nil
|
2022-12-30 15:26:43 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *SignService) VerifyRequest(req RequestMessage) error {
|
|
|
|
if err := signature.VerifyServiceMessage(req); err != nil {
|
|
|
|
var sigErr apistatus.SignatureVerification
|
|
|
|
sigErr.SetMessage(err.Error())
|
|
|
|
return sigErr
|
2020-08-26 09:41:43 +00:00
|
|
|
}
|
2022-12-30 15:26:43 +00:00
|
|
|
return nil
|
|
|
|
}
|
2020-08-26 09:41:43 +00:00
|
|
|
|
2022-12-30 15:26:43 +00:00
|
|
|
// EnsureNonNilResponse creates an appropriate response struct if it is nil.
|
|
|
|
func EnsureNonNilResponse[T any](resp *T, err error) (*T, error) {
|
|
|
|
if resp != nil {
|
|
|
|
return resp, err
|
|
|
|
}
|
|
|
|
return new(T), err
|
2020-08-24 10:05:10 +00:00
|
|
|
}
|
2021-11-06 11:13:04 +00:00
|
|
|
|
2022-02-16 15:53:43 +00:00
|
|
|
func setStatusV2(resp ResponseMessage, err error) {
|
|
|
|
// unwrap error
|
|
|
|
for e := errors.Unwrap(err); e != nil; e = errors.Unwrap(err) {
|
|
|
|
err = e
|
|
|
|
}
|
|
|
|
|
|
|
|
session.SetStatus(resp, apistatus.ToStatusV2(apistatus.ErrToStatus(err)))
|
2021-11-06 11:13:04 +00:00
|
|
|
}
|