Verify validator token manifest matches private key

RIPD-1552
2025-11-30 23:45:48 +00:00 · 2017-11-15 10:32:00 -06:00
parent f0e1024ad6
commit 40c39c4afb
2 changed files with 40 additions and 3 deletions
--- a/src/ripple/app/misc/impl/ValidatorKeys.cpp
+++ b/src/ripple/app/misc/impl/ValidatorKeys.cpp
@@ -24,6 +24,7 @@
 #include <ripple/basics/Log.h>
 #include <ripple/core/Config.h>
 #include <ripple/core/ConfigSections.h>
+#include <beast/core/detail/base64.hpp>

 namespace ripple {
 ValidatorKeys::ValidatorKeys(Config const& config, beast::Journal j)
@@ -42,9 +43,23 @@ ValidatorKeys::ValidatorKeys(Config const& config, beast::Journal j)
        if (auto const token = ValidatorToken::make_ValidatorToken(
                config.section(SECTION_VALIDATOR_TOKEN).lines()))
        {
-            secretKey = token->validationSecret;
-            publicKey = derivePublicKey(KeyType::secp256k1, secretKey);
-            manifest = std::move(token->manifest);
+            auto const pk = derivePublicKey(
+                KeyType::secp256k1, token->validationSecret);
+            auto const m = Manifest::make_Manifest(
+                beast::detail::base64_decode(token->manifest));
+
+            if (! m || pk != m->signingKey)
+            {
+                configInvalid_ = true;
+                JLOG(j.fatal())
+                    << "Invalid token specified in [" SECTION_VALIDATOR_TOKEN "]";
+            }
+            else
+            {
+                secretKey = token->validationSecret;
+                publicKey = pk;
+                manifest = std::move(token->manifest);
+            }
        }
        else
        {
--- a/src/test/app/ValidatorKeys_test.cpp
+++ b/src/test/app/ValidatorKeys_test.cpp
@@ -57,6 +57,17 @@ class ValidatorKeys_test : public beast::unit_test::suite
        "gBD67kMaRFGvmpATHlGKJdvDFlWPYy5AqDedFv5TJa2w0i21eq3MYywLVJZnFOr7C0kw"
        "2AiTzSCjIzditQ8=";

+    // Manifest does not match private key
+    const std::vector<std::string> invalidTokenBlob = {
+        "eyJtYW5pZmVzdCI6IkpBQUFBQVZ4SWUyOVVBdzViZFJudHJ1elVkREk4aDNGV1JWZl\n",
+        "k3SXVIaUlKQUhJd3MxdzZzM01oQWtsa1VXQWR2RnFRVGRlSEpvS1pNY0hlS0RzOExo\n",
+        "b3d3bDlHOEdkVGNJbmFka1l3UkFJZ0h2Q01lQU1aSzlqQnV2aFhlaFRLRzVDQ3BBR1\n",
+        "k0bGtvZHRXYW84UGhzR3NDSUREVTA1d1c3bWNiMjlVNkMvTHBpZmgvakZPRGhFR21i\n",
+        "NWF6dTJMVHlqL1pjQkpBbitmNGhtQTQ0U0tYbGtTTUFqak1rSWRyR1Rxa21SNjBzVG\n",
+        "JaTjZOOUYwdk9UV3VYcUZ6eDFoSGIyL0RqWElVZXhDVGlITEcxTG9UdUp1eXdXbk55\n",
+        "RFE9PSIsInZhbGlkYXRpb25fc2VjcmV0X2tleSI6IjkyRDhCNDBGMzYwMTc5MTkwMU\n",
+        "MzQTUzMzI3NzBDMkUwMTA4MDI0NTZFOEM2QkI0NEQ0N0FFREQ0NzJGMDQ2RkYifQ==\n"};
+
 public:
    void
    run() override
@@ -141,6 +152,17 @@ public:
            BEAST_EXPECT(k.manifest.empty());
        }

+        {
+            // Token manifest and private key must match
+            Config c;
+            c.section(SECTION_VALIDATOR_TOKEN).append(invalidTokenBlob);
+            ValidatorKeys k{c, j};
+
+            BEAST_EXPECT(k.configInvalid());
+            BEAST_EXPECT(k.publicKey.size() == 0);
+            BEAST_EXPECT(k.manifest.empty());
+        }
+
    }
 };  // namespace test