2019-03-18 10:55:06 +00:00
// Copyright (C) 2019 Storj Labs, Inc.
// See LICENSE for copying information.
package signing
import (
2019-06-04 12:36:27 +01:00
"context"
2019-03-18 10:55:06 +00:00
"storj.io/storj/pkg/pb"
"storj.io/storj/pkg/storj"
)
// Signee is able to verify that the data signature belongs to the signee.
type Signee interface {
ID ( ) storj . NodeID
2019-06-05 14:47:01 +01:00
HashAndVerifySignature ( ctx context . Context , data , signature [ ] byte ) error
2019-03-18 10:55:06 +00:00
}
2019-07-11 21:51:40 +01:00
// VerifyOrderLimitSignature verifies that the signature inside order limit is valid and belongs to the satellite.
2019-07-01 16:54:11 +01:00
func VerifyOrderLimitSignature ( ctx context . Context , satellite Signee , signed * pb . OrderLimit ) ( err error ) {
2019-06-04 12:36:27 +01:00
defer mon . Task ( ) ( & ctx ) ( & err )
2019-06-05 14:47:01 +01:00
bytes , err := EncodeOrderLimit ( ctx , signed )
2019-03-18 10:55:06 +00:00
if err != nil {
return Error . Wrap ( err )
}
2019-06-05 14:47:01 +01:00
return satellite . HashAndVerifySignature ( ctx , bytes , signed . SatelliteSignature )
2019-03-18 10:55:06 +00:00
}
2019-07-11 21:51:40 +01:00
// VerifyOrderSignature verifies that the signature inside order is valid and belongs to the uplink.
2019-07-01 16:54:11 +01:00
func VerifyOrderSignature ( ctx context . Context , uplink Signee , signed * pb . Order ) ( err error ) {
2019-06-04 12:36:27 +01:00
defer mon . Task ( ) ( & ctx ) ( & err )
2019-06-05 14:47:01 +01:00
bytes , err := EncodeOrder ( ctx , signed )
2019-03-18 10:55:06 +00:00
if err != nil {
return Error . Wrap ( err )
}
2019-06-05 14:47:01 +01:00
return uplink . HashAndVerifySignature ( ctx , bytes , signed . UplinkSignature )
2019-03-18 10:55:06 +00:00
}
2019-07-11 21:51:40 +01:00
// VerifyUplinkOrderSignature verifies that the signature inside order is valid and belongs to the uplink.
func VerifyUplinkOrderSignature ( ctx context . Context , publicKey storj . PiecePublicKey , signed * pb . Order ) ( err error ) {
defer mon . Task ( ) ( & ctx ) ( & err )
bytes , err := EncodeOrder ( ctx , signed )
if err != nil {
return Error . Wrap ( err )
}
return Error . Wrap ( publicKey . Verify ( bytes , signed . UplinkSignature ) )
}
// VerifyPieceHashSignature verifies that the signature inside piece hash is valid and belongs to the signer, which is either uplink or storage node.
2019-06-05 14:47:01 +01:00
func VerifyPieceHashSignature ( ctx context . Context , signee Signee , signed * pb . PieceHash ) ( err error ) {
2019-06-04 12:36:27 +01:00
defer mon . Task ( ) ( & ctx ) ( & err )
2019-06-05 14:47:01 +01:00
bytes , err := EncodePieceHash ( ctx , signed )
2019-03-18 10:55:06 +00:00
if err != nil {
return Error . Wrap ( err )
}
2019-06-05 14:47:01 +01:00
return signee . HashAndVerifySignature ( ctx , bytes , signed . Signature )
2019-03-18 10:55:06 +00:00
}
2019-06-21 23:48:52 +01:00
2019-07-11 21:51:40 +01:00
// VerifyUplinkPieceHashSignature verifies that the signature inside piece hash is valid and belongs to the signer, which is either uplink or storage node.
func VerifyUplinkPieceHashSignature ( ctx context . Context , publicKey storj . PiecePublicKey , signed * pb . PieceHash ) ( err error ) {
defer mon . Task ( ) ( & ctx ) ( & err )
bytes , err := EncodePieceHash ( ctx , signed )
if err != nil {
return Error . Wrap ( err )
}
return Error . Wrap ( publicKey . Verify ( bytes , signed . Signature ) )
}
// VerifyVoucher verifies that the signature inside voucher is valid and belongs to the satellite
2019-06-21 23:48:52 +01:00
func VerifyVoucher ( ctx context . Context , satellite Signee , signed * pb . Voucher ) ( err error ) {
defer mon . Task ( ) ( & ctx ) ( & err )
bytes , err := EncodeVoucher ( ctx , signed )
if err != nil {
return Error . Wrap ( err )
}
return satellite . HashAndVerifySignature ( ctx , bytes , signed . SatelliteSignature )
}
2019-07-16 11:39:23 +01:00
// VerifyStreamID verifies that the signature inside stream ID belongs to the satellite
func VerifyStreamID ( ctx context . Context , satellite Signee , signed * pb . SatStreamID ) ( err error ) {
defer mon . Task ( ) ( & ctx ) ( & err )
bytes , err := EncodeStreamID ( ctx , signed )
if err != nil {
return Error . Wrap ( err )
}
return satellite . HashAndVerifySignature ( ctx , bytes , signed . SatelliteSignature )
}