aboutsummaryrefslogtreecommitdiff
path: root/src/exchange-tools
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2019-06-26 21:06:35 +0200
committerChristian Grothoff <christian@grothoff.org>2019-06-26 21:06:35 +0200
commit0f43ab72ae142c34e07a5d640a58bc1081982e8a (patch)
tree3e9415b323672c4abfb81623167342901decb6fd /src/exchange-tools
parent9a5030b993d74732f8fba2879cfca03ec070ad9a (diff)
have taler-exchange-wire check master public key matches
Diffstat (limited to 'src/exchange-tools')
-rw-r--r--src/exchange-tools/taler-exchange-wire.c39
1 files changed, 39 insertions, 0 deletions
diff --git a/src/exchange-tools/taler-exchange-wire.c b/src/exchange-tools/taler-exchange-wire.c
index 28cad1cc7..9af4c4910 100644
--- a/src/exchange-tools/taler-exchange-wire.c
+++ b/src/exchange-tools/taler-exchange-wire.c
@@ -132,6 +132,9 @@ run (void *cls,
const struct GNUNET_CONFIGURATION_Handle *cfg)
{
struct GNUNET_CRYPTO_EddsaPrivateKey *eddsa_priv;
+ char *masters;
+ struct GNUNET_CRYPTO_EddsaPublicKey mpub;
+ struct GNUNET_CRYPTO_EddsaPublicKey mpub_cfg;
if ( (NULL == masterkeyfile) &&
(GNUNET_OK !=
@@ -160,6 +163,42 @@ run (void *cls,
return;
}
master_priv.eddsa_priv = *eddsa_priv;
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_string (cfg,
+ "exchange",
+ "MASTER_PUBLIC_KEY",
+ &masters))
+ {
+ fprintf (stderr,
+ "Master public key option missing in configuration\n");
+ global_ret = 1;
+ return;
+ }
+ GNUNET_CRYPTO_eddsa_key_get_public (eddsa_priv,
+ &mpub);
+ if (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data (masters,
+ strlen (masters),
+ &mpub_cfg,
+ sizeof (mpub_cfg)))
+ {
+ fprintf (stderr,
+ "Master public key `%s' in configuration is not a valid key\n",
+ masters);
+ GNUNET_free (masters);
+ global_ret = 1;
+ return;
+ }
+ GNUNET_free (masters);
+ if (0 != GNUNET_memcmp (&mpub,
+ &mpub_cfg))
+ {
+ fprintf (stderr,
+ "Master public key `%s' in configuration does not match our master private key!\n",
+ masters);
+ global_ret = 1;
+ return;
+ }
TALER_EXCHANGEDB_find_accounts (cfg,
&sign_account_data,
NULL);