implement #6661: secm key pinning via configuration
This commit is contained in:
Christian Grothoff
parent
deed88fe33
commit
247d1ca3e5
@ -977,7 +977,7 @@ future denomnations. So this must be read with a keen eye on the
|
||||
business situation.
|
||||
|
||||
|
||||
{% if coins.unsigned_denominations() == 0 %}
|
||||
{% if coins.unsigned_denominations|length() == 0 %}
|
||||
{\bf All denominations officially audited by this auditor.}
|
||||
{% else %}
|
||||
\begin{longtable}{p{6cm}|r|r|r}
|
||||
|
||||
@ -681,12 +681,12 @@ TALER_ARL_init (const struct GNUNET_CONFIGURATION_Handle *c)
|
||||
if (GNUNET_OK !=
|
||||
GNUNET_CONFIGURATION_get_value_string (TALER_ARL_cfg,
|
||||
"auditor",
|
||||
"BASE_URL",
|
||||
"AUDITOR_URL",
|
||||
&TALER_ARL_auditor_url))
|
||||
{
|
||||
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
|
||||
"auditor",
|
||||
"BASE_URL");
|
||||
"AUDITOR_URL");
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
if (GNUNET_YES == GNUNET_is_zero (&TALER_ARL_master_pub))
|
||||
|
||||
@ -7,3 +7,9 @@ MASTER_PRIV_FILE = ${TALER_DATA_HOME}/exchange/offline-keys/master.priv
|
||||
|
||||
# Where do we store the TOFU key material?
|
||||
SECM_TOFU_FILE = ${TALER_DATA_HOME}/exchange/offline-keys/secm_tofus.pub
|
||||
|
||||
# Base32-encoded public key of the RSA helper.
|
||||
# SECM_DENOM_PUBKEY =
|
||||
|
||||
# Base32-encoded public key of the EdDSA helper.
|
||||
# SECM_ESIGN_PUBKEY =
|
||||
@ -2331,6 +2331,74 @@ tofu_check (const struct TALER_SecurityModulePublicKeyP secm[2])
|
||||
GNUNET_free (fn);
|
||||
return GNUNET_OK;
|
||||
}
|
||||
else
|
||||
{
|
||||
char *key;
|
||||
|
||||
/* check against SECMOD-keys pinned in configuration */
|
||||
if (GNUNET_OK ==
|
||||
GNUNET_CONFIGURATION_get_value_string (kcfg,
|
||||
"exchange-offline",
|
||||
"SECM_ESIGN_PUBKEY",
|
||||
&key))
|
||||
{
|
||||
struct TALER_SecurityModulePublicKeyP k;
|
||||
|
||||
if (GNUNET_OK !=
|
||||
GNUNET_STRINGS_string_to_data (key,
|
||||
strlen (key),
|
||||
&k,
|
||||
sizeof (k)))
|
||||
{
|
||||
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
|
||||
"exchange-offline",
|
||||
"SECM_ESIGN_PUBKEY",
|
||||
"key malformed");
|
||||
GNUNET_free (key);
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
GNUNET_free (key);
|
||||
if (0 !=
|
||||
GNUNET_memcmp (&k,
|
||||
&secm[1]))
|
||||
{
|
||||
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
|
||||
"ESIGN security module key does not match SECM_ESIGN_PUBKEY in configuration\n");
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
}
|
||||
if (GNUNET_OK ==
|
||||
GNUNET_CONFIGURATION_get_value_string (kcfg,
|
||||
"exchange-offline",
|
||||
"SECM_DENOM_PUBKEY",
|
||||
&key))
|
||||
{
|
||||
struct TALER_SecurityModulePublicKeyP k;
|
||||
|
||||
if (GNUNET_OK !=
|
||||
GNUNET_STRINGS_string_to_data (key,
|
||||
strlen (key),
|
||||
&k,
|
||||
sizeof (k)))
|
||||
{
|
||||
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
|
||||
"exchange-offline",
|
||||
"SECM_DENOM_PUBKEY",
|
||||
"key malformed");
|
||||
GNUNET_free (key);
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
GNUNET_free (key);
|
||||
if (0 !=
|
||||
GNUNET_memcmp (&k,
|
||||
&secm[0]))
|
||||
{
|
||||
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
|
||||
"DENOM security module key does not match SECM_DENOM_PUBKEY in configuration\n");
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
}
|
||||
}
|
||||
/* persist keys for future runs */
|
||||
if (GNUNET_OK !=
|
||||
GNUNET_DISK_fn_write (fn,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user