diff options
author | Christian Grothoff <christian@grothoff.org> | 2019-06-26 21:19:07 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2019-06-26 21:19:07 +0200 |
commit | e04279294469c0d9c8a4f4665d841495f2c83678 (patch) | |
tree | 4450c7c4baddaefc3508546ec480f6b28b6b5dc0 | |
parent | 258263a5100a91bedaca67c45d3e87fa764b5284 (diff) |
also check for master public key consistency in taler-exchange-keyup
-rw-r--r-- | src/exchange-tools/taler-exchange-keyup.c | 46 |
1 files changed, 44 insertions, 2 deletions
diff --git a/src/exchange-tools/taler-exchange-keyup.c b/src/exchange-tools/taler-exchange-keyup.c index 28e2ea1d0..4c8682e54 100644 --- a/src/exchange-tools/taler-exchange-keyup.c +++ b/src/exchange-tools/taler-exchange-keyup.c @@ -1160,8 +1160,8 @@ revoke_denomination (const struct GNUNET_HashCode *hc) } if (GNUNET_OK != TALER_EXCHANGEDB_denomination_key_revoke (basedir, - hc, - &master_priv)) + hc, + &master_priv)) { GNUNET_free (basedir); GNUNET_break (0); @@ -1265,6 +1265,48 @@ run (void *cls, GNUNET_CRYPTO_eddsa_key_get_public (&master_priv.eddsa_priv, &master_public_key.eddsa_pub); + /* Check master public key in configuration matches our + master private key */ + { + char *masters; + struct TALER_MasterPublicKeyP mpub_cfg; + + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_string (cfg, + "exchange", + "MASTER_PUBLIC_KEY", + &masters)) + { + fprintf (stderr, + "Master public key option missing in configuration\n"); + global_ret = 1; + return; + } + if (GNUNET_OK != + GNUNET_STRINGS_string_to_data (masters, + strlen (masters), + &mpub_cfg, + sizeof (mpub_cfg))) + { + fprintf (stderr, + "Master public key `%s' in configuration is not a valid key\n", + masters); + GNUNET_free (masters); + global_ret = 1; + return; + } + if (0 != GNUNET_memcmp (&master_public_key, + &mpub_cfg)) + { + fprintf (stderr, + "Master public key `%s' in configuration does not match our master private key!\n", + masters); + GNUNET_free (masters); + global_ret = 1; + return; + } + GNUNET_free (masters); + } if (NULL != auditorrequestfile) { auditor_output_file = FOPEN (auditorrequestfile, |