storj/pkg/signing/sign.go

// Copyright (C) 2019 Storj Labs, Inc.
// See LICENSE for copying information.

package signing

import (
	"context"

	"github.com/zeebo/errs"

	"storj.io/storj/pkg/pb"
	"storj.io/storj/pkg/storj"
)

// Error is the default error class for signing package.
var Error = errs.Class("signing")

// Signer is able to sign data and verify own signature belongs.
type Signer interface {
	ID() storj.NodeID
	HashAndSign(ctx context.Context, data []byte) ([]byte, error)
	HashAndVerifySignature(ctx context.Context, data, signature []byte) error
}

// SignOrderLimit signs the order limit using the specified signer.
// Signer is a satellite.
func SignOrderLimit(ctx context.Context, satellite Signer, unsigned *pb.OrderLimit) (_ *pb.OrderLimit, err error) {
	defer mon.Task()(&ctx)(&err)
	bytes, err := EncodeOrderLimit(ctx, unsigned)
	if err != nil {
		return nil, Error.Wrap(err)
	}

	signed := *unsigned
	signed.SatelliteSignature, err = satellite.HashAndSign(ctx, bytes)
	if err != nil {
		return nil, Error.Wrap(err)
	}

	return &signed, nil
}

// SignUplinkOrder signs the order using the specified signer.
// Signer is an uplink.
func SignUplinkOrder(ctx context.Context, privateKey storj.PiecePrivateKey, unsigned *pb.Order) (_ *pb.Order, err error) {
	defer mon.Task()(&ctx)(&err)
	bytes, err := EncodeOrder(ctx, unsigned)
	if err != nil {
		return nil, Error.Wrap(err)
	}

	signed := *unsigned
	signed.UplinkSignature, err = privateKey.Sign(bytes)
	if err != nil {
		return nil, Error.Wrap(err)
	}
	return &signed, nil
}

// SignPieceHash signs the piece hash using the specified signer.
// Signer is either uplink or storage node.
func SignPieceHash(ctx context.Context, signer Signer, unsigned *pb.PieceHash) (_ *pb.PieceHash, err error) {
	defer mon.Task()(&ctx)(&err)
	bytes, err := EncodePieceHash(ctx, unsigned)
	if err != nil {
		return nil, Error.Wrap(err)
	}

	signed := *unsigned
	signed.Signature, err = signer.HashAndSign(ctx, bytes)
	if err != nil {
		return nil, Error.Wrap(err)
	}

	return &signed, nil
}

// SignUplinkPieceHash signs the piece hash using the specified signer.
// Signer is either uplink or storage node.
func SignUplinkPieceHash(ctx context.Context, privateKey storj.PiecePrivateKey, unsigned *pb.PieceHash) (_ *pb.PieceHash, err error) {
	defer mon.Task()(&ctx)(&err)
	bytes, err := EncodePieceHash(ctx, unsigned)
	if err != nil {
		return nil, Error.Wrap(err)
	}

	signed := *unsigned
	signed.Signature, err = privateKey.Sign(bytes)
	if err != nil {
		return nil, Error.Wrap(err)
	}
	return &signed, nil
}

// SignVoucher signs the voucher using the specified signer
// Signer is a satellite
func SignVoucher(ctx context.Context, signer Signer, unsigned *pb.Voucher) (_ *pb.Voucher, err error) {
	defer mon.Task()(&ctx)(&err)
	bytes, err := EncodeVoucher(ctx, unsigned)
	if err != nil {
		return nil, Error.Wrap(err)
	}

	signed := *unsigned
	signed.SatelliteSignature, err = signer.HashAndSign(ctx, bytes)
	if err != nil {
		return nil, Error.Wrap(err)
	}

	return &signed, nil
}

// SignStreamID signs the stream ID using the specified signer
// Signer is a satellite
func SignStreamID(ctx context.Context, signer Signer, unsigned *pb.SatStreamID) (_ *pb.SatStreamID, err error) {
	defer mon.Task()(&ctx)(&err)
	bytes, err := EncodeStreamID(ctx, unsigned)
	if err != nil {
		return nil, Error.Wrap(err)
	}

	signed := *unsigned
	signed.SatelliteSignature, err = signer.HashAndSign(ctx, bytes)
	if err != nil {
		return nil, Error.Wrap(err)
	}

	return &signed, nil
}

// SignSegmentID signs the segment ID using the specified signer
// Signer is a satellite
func SignSegmentID(ctx context.Context, signer Signer, unsigned *pb.SatSegmentID) (_ *pb.SatSegmentID, err error) {
	defer mon.Task()(&ctx)(&err)
	bytes, err := EncodeSegmentID(ctx, unsigned)
	if err != nil {
		return nil, Error.Wrap(err)
	}

	signed := *unsigned
	signed.SatelliteSignature, err = signer.HashAndSign(ctx, bytes)
	if err != nil {
		return nil, Error.Wrap(err)
	}

	return &signed, nil
}
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol 2019-03-18 10:55:06 +00:00			`// Copyright (C) 2019 Storj Labs, Inc.`
			`// See LICENSE for copying information.`

			`package signing`

			`import (`
pkg/auth: add monkit task to missing places (#2123) What: add monkit.Task to a bunch of functions that are missing it Why: this will significantly help our instrumentation, data collection, and tracing about what's going on in the network 2019-06-05 14:47:01 +01:00			`"context"`

Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol 2019-03-18 10:55:06 +00:00			`"github.com/zeebo/errs"`

			`"storj.io/storj/pkg/pb"`
			`"storj.io/storj/pkg/storj"`
			`)`

			`// Error is the default error class for signing package.`
			`var Error = errs.Class("signing")`

			`// Signer is able to sign data and verify own signature belongs.`
			`type Signer interface {`
			`ID() storj.NodeID`
pkg/auth: add monkit task to missing places (#2123) What: add monkit.Task to a bunch of functions that are missing it Why: this will significantly help our instrumentation, data collection, and tracing about what's going on in the network 2019-06-05 14:47:01 +01:00			`HashAndSign(ctx context.Context, data []byte) ([]byte, error)`
			`HashAndVerifySignature(ctx context.Context, data, signature []byte) error`
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol 2019-03-18 10:55:06 +00:00			`}`

			`// SignOrderLimit signs the order limit using the specified signer.`
			`// Signer is a satellite.`
pkg/pb: rename Order2 to Order, OrderLimit2 to OrderLimit (#2406) 2019-07-01 16:54:11 +01:00			`func SignOrderLimit(ctx context.Context, satellite Signer, unsigned pb.OrderLimit) (_ pb.OrderLimit, err error) {`
pkg/auth: add monkit task to missing places (#2123) What: add monkit.Task to a bunch of functions that are missing it Why: this will significantly help our instrumentation, data collection, and tracing about what's going on in the network 2019-06-05 14:47:01 +01:00			`defer mon.Task()(&ctx)(&err)`
			`bytes, err := EncodeOrderLimit(ctx, unsigned)`
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol 2019-03-18 10:55:06 +00:00			`if err != nil {`
			`return nil, Error.Wrap(err)`
			`}`

			`signed := *unsigned`
pkg/auth: add monkit task to missing places (#2123) What: add monkit.Task to a bunch of functions that are missing it Why: this will significantly help our instrumentation, data collection, and tracing about what's going on in the network 2019-06-05 14:47:01 +01:00			`signed.SatelliteSignature, err = satellite.HashAndSign(ctx, bytes)`
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol 2019-03-18 10:55:06 +00:00			`if err != nil {`
			`return nil, Error.Wrap(err)`
			`}`

			`return &signed, nil`
			`}`

protocol: implement new piece signing and verification (#2525) 2019-07-11 21:51:40 +01:00			`// SignUplinkOrder signs the order using the specified signer.`
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol 2019-03-18 10:55:06 +00:00			`// Signer is an uplink.`
protocol: implement new piece signing and verification (#2525) 2019-07-11 21:51:40 +01:00			`func SignUplinkOrder(ctx context.Context, privateKey storj.PiecePrivateKey, unsigned pb.Order) (_ pb.Order, err error) {`
pkg/auth: add monkit task to missing places (#2123) What: add monkit.Task to a bunch of functions that are missing it Why: this will significantly help our instrumentation, data collection, and tracing about what's going on in the network 2019-06-05 14:47:01 +01:00			`defer mon.Task()(&ctx)(&err)`
			`bytes, err := EncodeOrder(ctx, unsigned)`
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol 2019-03-18 10:55:06 +00:00			`if err != nil {`
			`return nil, Error.Wrap(err)`
			`}`

			`signed := *unsigned`
protocol: implement new piece signing and verification (#2525) 2019-07-11 21:51:40 +01:00			`signed.UplinkSignature, err = privateKey.Sign(bytes)`
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol 2019-03-18 10:55:06 +00:00			`if err != nil {`
			`return nil, Error.Wrap(err)`
			`}`
			`return &signed, nil`
			`}`

			`// SignPieceHash signs the piece hash using the specified signer.`
			`// Signer is either uplink or storage node.`
pkg/auth: add monkit task to missing places (#2123) What: add monkit.Task to a bunch of functions that are missing it Why: this will significantly help our instrumentation, data collection, and tracing about what's going on in the network 2019-06-05 14:47:01 +01:00			`func SignPieceHash(ctx context.Context, signer Signer, unsigned pb.PieceHash) (_ pb.PieceHash, err error) {`
			`defer mon.Task()(&ctx)(&err)`
			`bytes, err := EncodePieceHash(ctx, unsigned)`
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol 2019-03-18 10:55:06 +00:00			`if err != nil {`
			`return nil, Error.Wrap(err)`
			`}`

			`signed := *unsigned`
pkg/auth: add monkit task to missing places (#2123) What: add monkit.Task to a bunch of functions that are missing it Why: this will significantly help our instrumentation, data collection, and tracing about what's going on in the network 2019-06-05 14:47:01 +01:00			`signed.Signature, err = signer.HashAndSign(ctx, bytes)`
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol 2019-03-18 10:55:06 +00:00			`if err != nil {`
			`return nil, Error.Wrap(err)`
			`}`

			`return &signed, nil`
			`}`
Satellite voucher service (#2043) * set up voucher service skeleton, basic test * add VetNode db method * basic test for VetNode * encode and sign voucher functions * fill out and sign vouchers * test pass/fail voucher request * match EncodeVoucher to other Encode functions 2019-05-30 20:52:33 +01:00
protocol: implement new piece signing and verification (#2525) 2019-07-11 21:51:40 +01:00			`// SignUplinkPieceHash signs the piece hash using the specified signer.`
			`// Signer is either uplink or storage node.`
			`func SignUplinkPieceHash(ctx context.Context, privateKey storj.PiecePrivateKey, unsigned pb.PieceHash) (_ pb.PieceHash, err error) {`
			`defer mon.Task()(&ctx)(&err)`
			`bytes, err := EncodePieceHash(ctx, unsigned)`
			`if err != nil {`
			`return nil, Error.Wrap(err)`
			`}`

			`signed := *unsigned`
			`signed.Signature, err = privateKey.Sign(bytes)`
			`if err != nil {`
			`return nil, Error.Wrap(err)`
			`}`
			`return &signed, nil`
			`}`

Satellite voucher service (#2043) * set up voucher service skeleton, basic test * add VetNode db method * basic test for VetNode * encode and sign voucher functions * fill out and sign vouchers * test pass/fail voucher request * match EncodeVoucher to other Encode functions 2019-05-30 20:52:33 +01:00			`// SignVoucher signs the voucher using the specified signer`
			`// Signer is a satellite`
pkg/auth: add monkit task to missing places (#2123) What: add monkit.Task to a bunch of functions that are missing it Why: this will significantly help our instrumentation, data collection, and tracing about what's going on in the network 2019-06-05 14:47:01 +01:00			`func SignVoucher(ctx context.Context, signer Signer, unsigned pb.Voucher) (_ pb.Voucher, err error) {`
			`defer mon.Task()(&ctx)(&err)`
			`bytes, err := EncodeVoucher(ctx, unsigned)`
Satellite voucher service (#2043) * set up voucher service skeleton, basic test * add VetNode db method * basic test for VetNode * encode and sign voucher functions * fill out and sign vouchers * test pass/fail voucher request * match EncodeVoucher to other Encode functions 2019-05-30 20:52:33 +01:00			`if err != nil {`
			`return nil, Error.Wrap(err)`
			`}`

			`signed := *unsigned`
pkg/auth: add monkit task to missing places (#2123) What: add monkit.Task to a bunch of functions that are missing it Why: this will significantly help our instrumentation, data collection, and tracing about what's going on in the network 2019-06-05 14:47:01 +01:00			`signed.SatelliteSignature, err = signer.HashAndSign(ctx, bytes)`
Satellite voucher service (#2043) * set up voucher service skeleton, basic test * add VetNode db method * basic test for VetNode * encode and sign voucher functions * fill out and sign vouchers * test pass/fail voucher request * match EncodeVoucher to other Encode functions 2019-05-30 20:52:33 +01:00			`if err != nil {`
			`return nil, Error.Wrap(err)`
			`}`

			`return &signed, nil`
			`}`
Metainfo RPC objects methods (#2534) 2019-07-16 11:39:23 +01:00
			`// SignStreamID signs the stream ID using the specified signer`
			`// Signer is a satellite`
			`func SignStreamID(ctx context.Context, signer Signer, unsigned pb.SatStreamID) (_ pb.SatStreamID, err error) {`
			`defer mon.Task()(&ctx)(&err)`
			`bytes, err := EncodeStreamID(ctx, unsigned)`
			`if err != nil {`
			`return nil, Error.Wrap(err)`
			`}`

			`signed := *unsigned`
			`signed.SatelliteSignature, err = signer.HashAndSign(ctx, bytes)`
			`if err != nil {`
			`return nil, Error.Wrap(err)`
			`}`

			`return &signed, nil`
			`}`
Metainfo RPC segment methods (part 1) (#2567) 2019-07-22 15:45:18 +01:00
			`// SignSegmentID signs the segment ID using the specified signer`
			`// Signer is a satellite`
			`func SignSegmentID(ctx context.Context, signer Signer, unsigned pb.SatSegmentID) (_ pb.SatSegmentID, err error) {`
			`defer mon.Task()(&ctx)(&err)`
			`bytes, err := EncodeSegmentID(ctx, unsigned)`
			`if err != nil {`
			`return nil, Error.Wrap(err)`
			`}`

			`signed := *unsigned`
			`signed.SatelliteSignature, err = signer.HashAndSign(ctx, bytes)`
			`if err != nil {`
			`return nil, Error.Wrap(err)`
			`}`

			`return &signed, nil`
			`}`