From 480b7390d4c9a57c6f3f9bbc84f7014752e08655 Mon Sep 17 00:00:00 2001 From: Leonard Lyubich Date: Sat, 29 Jul 2023 14:03:08 +0400 Subject: [PATCH] session: Add getter of binary-encoded public key from signature Signature is used for user authentication so access to public key is required. Digital signature bytes may still be unexported because they are only useful for `VerifySignature` method. Add `IssuerPublicKeyBytes` method returning binary-encoded public key of the session issuer. Signed-off-by: Leonard Lyubich --- session/common.go | 11 +++++++++++ session/container_test.go | 17 +++++++++++++++-- session/object_test.go | 2 ++ 3 files changed, 28 insertions(+), 2 deletions(-) diff --git a/session/common.go b/session/common.go index 75c90b6d..244d81bd 100644 --- a/session/common.go +++ b/session/common.go @@ -336,3 +336,14 @@ func (x commonData) Issuer() user.ID { return user.ID{} } + +// IssuerPublicKeyBytes returns binary-encoded public key of the session issuer. +// +// IssuerPublicKeyBytes MUST NOT be called before ReadFromV2 or Sign methods. +func (x *commonData) IssuerPublicKeyBytes() []byte { + if x.sigSet { + return x.sig.GetKey() + } + + return nil +} diff --git a/session/container_test.go b/session/container_test.go index 3ded50a7..444cdc5d 100644 --- a/session/container_test.go +++ b/session/container_test.go @@ -523,9 +523,9 @@ func TestIssuedBy(t *testing.T) { } func TestContainer_Issuer(t *testing.T) { - var token session.Container - t.Run("signer", func(t *testing.T) { + var token session.Container + signer := test.RandomSignerRFC6979(t) require.Zero(t, token.Issuer()) @@ -536,12 +536,25 @@ func TestContainer_Issuer(t *testing.T) { }) t.Run("external", func(t *testing.T) { + var token session.Container + signer := test.RandomSignerRFC6979(t) issuer := signer.UserID() token.SetIssuer(issuer) require.True(t, token.Issuer().Equals(issuer)) }) + + t.Run("public key", func(t *testing.T) { + var token session.Container + + signer := test.RandomSignerRFC6979(t) + + require.Nil(t, token.IssuerPublicKeyBytes()) + require.NoError(t, token.Sign(signer)) + + require.Equal(t, neofscrypto.PublicKeyBytes(signer.Public()), token.IssuerPublicKeyBytes()) + }) } func TestContainer_Sign(t *testing.T) { diff --git a/session/object_test.go b/session/object_test.go index c4400456..21524c4b 100644 --- a/session/object_test.go +++ b/session/object_test.go @@ -610,12 +610,14 @@ func TestObject_Issuer(t *testing.T) { signer := test.RandomSignerRFC6979(t) require.Zero(t, token.Issuer()) + require.Nil(t, token.IssuerPublicKeyBytes()) require.NoError(t, token.Sign(signer)) issuer := signer.UserID() require.True(t, token.Issuer().Equals(issuer)) + require.Equal(t, neofscrypto.PublicKeyBytes(signer.Public()), token.IssuerPublicKeyBytes()) } func TestObject_Sign(t *testing.T) {