fmt.go

package object

import (
	"bytes"
	"crypto/sha256"
	"errors"
	"fmt"

	"github.com/nspcc-dev/neofs-api-go/v2/object"
	"github.com/nspcc-dev/neofs-sdk-go/checksum"
	neofscrypto "github.com/nspcc-dev/neofs-sdk-go/crypto"
	oid "github.com/nspcc-dev/neofs-sdk-go/object/id"
)

var (
	errCheckSumMismatch = errors.New("payload checksum mismatch")
	errCheckSumNotSet   = errors.New("payload checksum is not set")
	errIncorrectID      = errors.New("incorrect object identifier")
)

// CalculatePayloadChecksum calculates and returns checksum of
// object payload bytes.
func CalculatePayloadChecksum(payload []byte) checksum.Checksum {
	var res checksum.Checksum
	checksum.Calculate(&res, checksum.SHA256, payload)

	return res
}

// CalculateAndSetPayloadChecksum calculates checksum of current
// object payload and writes it to the object.
func CalculateAndSetPayloadChecksum(obj *Object) {
	obj.SetPayloadChecksum(
		CalculatePayloadChecksum(obj.Payload()),
	)
}

// VerifyPayloadChecksum checks if payload checksum in the object
// corresponds to its payload.
func VerifyPayloadChecksum(obj *Object) error {
	actual := CalculatePayloadChecksum(obj.Payload())

	cs, set := obj.PayloadChecksum()
	if !set {
		return errCheckSumNotSet
	}

	if !bytes.Equal(cs.Value(), actual.Value()) {
		return errCheckSumMismatch
	}

	return nil
}

// CalculateID calculates identifier for the object.
func CalculateID(obj *Object) (oid.ID, error) {
	var id oid.ID
	id.SetSHA256(sha256.Sum256(obj.ToV2().GetHeader().StableMarshal(nil)))

	return id, nil
}

// CalculateAndSetID calculates identifier for the object
// and writes the result to it.
func CalculateAndSetID(obj *Object) error {
	id, err := CalculateID(obj)
	if err != nil {
		return err
	}

	obj.SetID(id)

	return nil
}

// VerifyID checks if identifier in the object corresponds to
// its structure.
func VerifyID(obj *Object) error {
	id, err := CalculateID(obj)
	if err != nil {
		return err
	}

	oID, set := obj.ID()
	if !set {
		return errOIDNotSet
	}

	if !id.Equals(oID) {
		return errIncorrectID
	}

	return nil
}

// CalculateAndSetSignature signs id with provided key and sets that signature to
// the object.
func CalculateAndSetSignature(signer neofscrypto.Signer, obj *Object) error {
	oID, set := obj.ID()
	if !set {
		return errOIDNotSet
	}

	sig, err := oID.CalculateIDSignature(signer)
	if err != nil {
		return err
	}

	obj.SetSignature(&sig)

	return nil
}

// VerifyIDSignature verifies object ID signature.
func (o *Object) VerifyIDSignature() bool {
	m := (*object.Object)(o)

	sigV2 := m.GetSignature()
	if sigV2 == nil {
		return false
	}

	idV2 := m.GetObjectID()
	if idV2 == nil {
		return false
	}

	var sig neofscrypto.Signature

	return sig.ReadFromV2(*sigV2) == nil && sig.Verify(idV2.StableMarshal(nil))
}

// SetIDWithSignature sets object identifier and signature.
func SetIDWithSignature(signer neofscrypto.Signer, obj *Object) error {
	if err := CalculateAndSetID(obj); err != nil {
		return fmt.Errorf("could not set identifier: %w", err)
	}

	if err := CalculateAndSetSignature(signer, obj); err != nil {
		return fmt.Errorf("could not set signature: %w", err)
	}

	return nil
}

// SetVerificationFields calculates and sets all verification fields of the object.
func SetVerificationFields(signer neofscrypto.Signer, obj *Object) error {
	CalculateAndSetPayloadChecksum(obj)

	return SetIDWithSignature(signer, obj)
}

// CheckVerificationFields checks all verification fields of the object.
func CheckVerificationFields(obj *Object) error {
	if err := CheckHeaderVerificationFields(obj); err != nil {
		return fmt.Errorf("invalid header structure: %w", err)
	}

	if err := VerifyPayloadChecksum(obj); err != nil {
		return fmt.Errorf("invalid payload checksum: %w", err)
	}

	return nil
}

var errInvalidSignature = errors.New("invalid signature")

// CheckHeaderVerificationFields checks all verification fields except payload.
func CheckHeaderVerificationFields(obj *Object) error {
	if !obj.VerifyIDSignature() {
		return errInvalidSignature
	}

	if err := VerifyID(obj); err != nil {
		return fmt.Errorf("invalid identifier: %w", err)
	}

	return nil
}