2019-11-08 18:57:51 +00:00
|
|
|
// Copyright (C) 2019 Storj Labs, Inc.
|
|
|
|
// See LICENSE for copying information.
|
|
|
|
|
|
|
|
package gracefulexit
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
|
|
|
"context"
|
|
|
|
|
2019-12-27 11:48:47 +00:00
|
|
|
"storj.io/common/identity"
|
|
|
|
"storj.io/common/pb"
|
|
|
|
"storj.io/common/signing"
|
2019-11-08 18:57:51 +00:00
|
|
|
)
|
|
|
|
|
2019-11-21 22:03:16 +00:00
|
|
|
func (endpoint *Endpoint) validatePendingTransfer(ctx context.Context, transfer *PendingTransfer) error {
|
|
|
|
if transfer.SatelliteMessage == nil {
|
2019-11-08 18:57:51 +00:00
|
|
|
return Error.New("Satellite message cannot be nil")
|
|
|
|
}
|
2019-11-21 22:03:16 +00:00
|
|
|
if transfer.SatelliteMessage.GetTransferPiece() == nil {
|
2019-11-08 18:57:51 +00:00
|
|
|
return Error.New("Satellite message transfer piece cannot be nil")
|
|
|
|
}
|
2019-11-21 22:03:16 +00:00
|
|
|
if transfer.SatelliteMessage.GetTransferPiece().GetAddressedOrderLimit() == nil {
|
2019-11-08 18:57:51 +00:00
|
|
|
return Error.New("Addressed order limit on transfer piece cannot be nil")
|
|
|
|
}
|
2019-11-21 22:03:16 +00:00
|
|
|
if transfer.SatelliteMessage.GetTransferPiece().GetAddressedOrderLimit().GetLimit() == nil {
|
2019-11-08 18:57:51 +00:00
|
|
|
return Error.New("Addressed order limit on transfer piece cannot be nil")
|
|
|
|
}
|
2019-11-21 22:03:16 +00:00
|
|
|
if transfer.Path == nil {
|
2019-11-08 18:57:51 +00:00
|
|
|
return Error.New("Transfer path cannot be nil")
|
|
|
|
}
|
2019-11-21 22:03:16 +00:00
|
|
|
if transfer.OriginalPointer == nil || transfer.OriginalPointer.GetRemote() == nil {
|
2019-11-08 18:57:51 +00:00
|
|
|
return Error.New("could not get remote pointer from transfer item")
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2019-11-21 22:03:16 +00:00
|
|
|
func (endpoint *Endpoint) verifyPieceTransferred(ctx context.Context, message *pb.StorageNodeMessage_Succeeded, transfer *PendingTransfer, receivingNodePeerID *identity.PeerIdentity) error {
|
2019-11-08 18:57:51 +00:00
|
|
|
originalOrderLimit := message.Succeeded.GetOriginalOrderLimit()
|
|
|
|
if originalOrderLimit == nil {
|
|
|
|
return ErrInvalidArgument.New("Original order limit cannot be nil")
|
|
|
|
}
|
|
|
|
originalPieceHash := message.Succeeded.GetOriginalPieceHash()
|
|
|
|
if originalPieceHash == nil {
|
|
|
|
return ErrInvalidArgument.New("Original piece hash cannot be nil")
|
|
|
|
}
|
|
|
|
replacementPieceHash := message.Succeeded.GetReplacementPieceHash()
|
|
|
|
if replacementPieceHash == nil {
|
|
|
|
return ErrInvalidArgument.New("Replacement piece hash cannot be nil")
|
|
|
|
}
|
|
|
|
|
|
|
|
// verify that the original piece hash and replacement piece hash match
|
|
|
|
if !bytes.Equal(originalPieceHash.Hash, replacementPieceHash.Hash) {
|
|
|
|
return ErrInvalidArgument.New("Piece hashes for transferred piece don't match")
|
|
|
|
}
|
|
|
|
|
|
|
|
// verify that the satellite signed the original order limit
|
|
|
|
err := signing.VerifyOrderLimitSignature(ctx, endpoint.signer, originalOrderLimit)
|
|
|
|
if err != nil {
|
|
|
|
return ErrInvalidArgument.Wrap(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// verify that the public key on the order limit signed the original piece hash
|
|
|
|
err = signing.VerifyUplinkPieceHashSignature(ctx, originalOrderLimit.UplinkPublicKey, originalPieceHash)
|
|
|
|
if err != nil {
|
|
|
|
return ErrInvalidArgument.Wrap(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if originalOrderLimit.PieceId != message.Succeeded.OriginalPieceId {
|
|
|
|
return ErrInvalidArgument.New("Invalid original piece ID")
|
|
|
|
}
|
|
|
|
|
2019-11-21 22:03:16 +00:00
|
|
|
receivingNodeID := transfer.SatelliteMessage.GetTransferPiece().GetAddressedOrderLimit().GetLimit().StorageNodeId
|
|
|
|
calculatedNewPieceID := transfer.OriginalPointer.GetRemote().RootPieceId.Derive(receivingNodeID, transfer.PieceNum)
|
2019-11-08 18:57:51 +00:00
|
|
|
if calculatedNewPieceID != replacementPieceHash.PieceId {
|
|
|
|
return ErrInvalidArgument.New("Invalid replacement piece ID")
|
|
|
|
}
|
|
|
|
|
|
|
|
signee := signing.SigneeFromPeerIdentity(receivingNodePeerID)
|
|
|
|
|
|
|
|
// verify that the new node signed the replacement piece hash
|
|
|
|
err = signing.VerifyPieceHashSignature(ctx, signee, replacementPieceHash)
|
|
|
|
if err != nil {
|
|
|
|
return ErrInvalidArgument.Wrap(err)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|