From 247d1ca3e56461069c02481c7071b56e950fe78a Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Thu, 24 Dec 2020 14:48:50 +0100 Subject: implement #6661: secm key pinning via configuration --- contrib/auditor-report.tex.j2 | 2 +- src/auditor/report-lib.c | 4 +- src/exchange-tools/exchange-offline.conf | 6 +++ src/exchange-tools/taler-exchange-offline.c | 68 +++++++++++++++++++++++++++++ 4 files changed, 77 insertions(+), 3 deletions(-) diff --git a/contrib/auditor-report.tex.j2 b/contrib/auditor-report.tex.j2 index d96040512..c2d406ebe 100644 --- a/contrib/auditor-report.tex.j2 +++ b/contrib/auditor-report.tex.j2 @@ -977,7 +977,7 @@ future denomnations. So this must be read with a keen eye on the business situation. -{% if coins.unsigned_denominations() == 0 %} +{% if coins.unsigned_denominations|length() == 0 %} {\bf All denominations officially audited by this auditor.} {% else %} \begin{longtable}{p{6cm}|r|r|r} diff --git a/src/auditor/report-lib.c b/src/auditor/report-lib.c index 6334e6f65..e3b41b1a8 100644 --- a/src/auditor/report-lib.c +++ b/src/auditor/report-lib.c @@ -681,12 +681,12 @@ TALER_ARL_init (const struct GNUNET_CONFIGURATION_Handle *c) if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_string (TALER_ARL_cfg, "auditor", - "BASE_URL", + "AUDITOR_URL", &TALER_ARL_auditor_url)) { GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "auditor", - "BASE_URL"); + "AUDITOR_URL"); return GNUNET_SYSERR; } if (GNUNET_YES == GNUNET_is_zero (&TALER_ARL_master_pub)) diff --git a/src/exchange-tools/exchange-offline.conf b/src/exchange-tools/exchange-offline.conf index 3d42cc63d..336ec51be 100644 --- a/src/exchange-tools/exchange-offline.conf +++ b/src/exchange-tools/exchange-offline.conf @@ -7,3 +7,9 @@ MASTER_PRIV_FILE = ${TALER_DATA_HOME}/exchange/offline-keys/master.priv # Where do we store the TOFU key material? SECM_TOFU_FILE = ${TALER_DATA_HOME}/exchange/offline-keys/secm_tofus.pub + +# Base32-encoded public key of the RSA helper. +# SECM_DENOM_PUBKEY = + +# Base32-encoded public key of the EdDSA helper. +# SECM_ESIGN_PUBKEY = \ No newline at end of file diff --git a/src/exchange-tools/taler-exchange-offline.c b/src/exchange-tools/taler-exchange-offline.c index abcd52f22..97fc0b560 100644 --- a/src/exchange-tools/taler-exchange-offline.c +++ b/src/exchange-tools/taler-exchange-offline.c @@ -2331,6 +2331,74 @@ tofu_check (const struct TALER_SecurityModulePublicKeyP secm[2]) GNUNET_free (fn); return GNUNET_OK; } + else + { + char *key; + + /* check against SECMOD-keys pinned in configuration */ + if (GNUNET_OK == + GNUNET_CONFIGURATION_get_value_string (kcfg, + "exchange-offline", + "SECM_ESIGN_PUBKEY", + &key)) + { + struct TALER_SecurityModulePublicKeyP k; + + if (GNUNET_OK != + GNUNET_STRINGS_string_to_data (key, + strlen (key), + &k, + sizeof (k))) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "exchange-offline", + "SECM_ESIGN_PUBKEY", + "key malformed"); + GNUNET_free (key); + return GNUNET_SYSERR; + } + GNUNET_free (key); + if (0 != + GNUNET_memcmp (&k, + &secm[1])) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "ESIGN security module key does not match SECM_ESIGN_PUBKEY in configuration\n"); + return GNUNET_SYSERR; + } + } + if (GNUNET_OK == + GNUNET_CONFIGURATION_get_value_string (kcfg, + "exchange-offline", + "SECM_DENOM_PUBKEY", + &key)) + { + struct TALER_SecurityModulePublicKeyP k; + + if (GNUNET_OK != + GNUNET_STRINGS_string_to_data (key, + strlen (key), + &k, + sizeof (k))) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "exchange-offline", + "SECM_DENOM_PUBKEY", + "key malformed"); + GNUNET_free (key); + return GNUNET_SYSERR; + } + GNUNET_free (key); + if (0 != + GNUNET_memcmp (&k, + &secm[0])) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "DENOM security module key does not match SECM_DENOM_PUBKEY in configuration\n"); + return GNUNET_SYSERR; + } + } + } /* persist keys for future runs */ if (GNUNET_OK != GNUNET_DISK_fn_write (fn, -- cgit v1.2.3