aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2019-06-26 21:19:07 +0200
committerChristian Grothoff <christian@grothoff.org>2019-06-26 21:19:07 +0200
commite04279294469c0d9c8a4f4665d841495f2c83678 (patch)
tree4450c7c4baddaefc3508546ec480f6b28b6b5dc0 /src
parent258263a5100a91bedaca67c45d3e87fa764b5284 (diff)
also check for master public key consistency in taler-exchange-keyup
Diffstat (limited to 'src')
-rw-r--r--src/exchange-tools/taler-exchange-keyup.c46
1 files changed, 44 insertions, 2 deletions
diff --git a/src/exchange-tools/taler-exchange-keyup.c b/src/exchange-tools/taler-exchange-keyup.c
index 28e2ea1d0..4c8682e54 100644
--- a/src/exchange-tools/taler-exchange-keyup.c
+++ b/src/exchange-tools/taler-exchange-keyup.c
@@ -1160,8 +1160,8 @@ revoke_denomination (const struct GNUNET_HashCode *hc)
}
if (GNUNET_OK !=
TALER_EXCHANGEDB_denomination_key_revoke (basedir,
- hc,
- &master_priv))
+ hc,
+ &master_priv))
{
GNUNET_free (basedir);
GNUNET_break (0);
@@ -1265,6 +1265,48 @@ run (void *cls,
GNUNET_CRYPTO_eddsa_key_get_public (&master_priv.eddsa_priv,
&master_public_key.eddsa_pub);
+ /* Check master public key in configuration matches our
+ master private key */
+ {
+ char *masters;
+ struct TALER_MasterPublicKeyP mpub_cfg;
+
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_string (cfg,
+ "exchange",
+ "MASTER_PUBLIC_KEY",
+ &masters))
+ {
+ fprintf (stderr,
+ "Master public key option missing in configuration\n");
+ global_ret = 1;
+ return;
+ }
+ if (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data (masters,
+ strlen (masters),
+ &mpub_cfg,
+ sizeof (mpub_cfg)))
+ {
+ fprintf (stderr,
+ "Master public key `%s' in configuration is not a valid key\n",
+ masters);
+ GNUNET_free (masters);
+ global_ret = 1;
+ return;
+ }
+ if (0 != GNUNET_memcmp (&master_public_key,
+ &mpub_cfg))
+ {
+ fprintf (stderr,
+ "Master public key `%s' in configuration does not match our master private key!\n",
+ masters);
+ GNUNET_free (masters);
+ global_ret = 1;
+ return;
+ }
+ GNUNET_free (masters);
+ }
if (NULL != auditorrequestfile)
{
auditor_output_file = FOPEN (auditorrequestfile,