ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2025-12-06 17:27:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Verify validator token manifest matches private key

Browse Source 
RIPD-1552
This commit is contained in:
wilsonianb
2017-11-15 10:32:00 -06:00
committed by Brad Chase
parent f0e1024ad6
commit 40c39c4afb
2 changed files with 40 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/ripple/app/misc/impl/ValidatorKeys.cpp
View File

@@ -24,6 +24,7 @@
#include <ripple/basics/Log.h>
#include <ripple/core/Config.h>
#include <ripple/core/ConfigSections.h>
#include <beast/core/detail/base64.hpp>
namespace ripple {
ValidatorKeys::ValidatorKeys(Config const& config, beast::Journal j)
@@ -42,9 +43,23 @@ ValidatorKeys::ValidatorKeys(Config const& config, beast::Journal j)
if (auto const token = ValidatorToken::make_ValidatorToken(
config.section(SECTION_VALIDATOR_TOKEN).lines()))
{
secretKey = token->validationSecret;
publicKey = derivePublicKey(KeyType::secp256k1, secretKey);
manifest = std::move(token->manifest);
auto const pk = derivePublicKey(
KeyType::secp256k1, token->validationSecret);
auto const m = Manifest::make_Manifest(
beast::detail::base64_decode(token->manifest));
if (! m || pk != m->signingKey)
{
configInvalid_ = true;
JLOG(j.fatal())
<< "Invalid token specified in [" SECTION_VALIDATOR_TOKEN "]";
}
else
{
secretKey = token->validationSecret;
publicKey = pk;
manifest = std::move(token->manifest);
}
}
else
{