keyfork-shard: derive cert from combined secret to ensure data integrity
This commit is contained in:
parent
0615a66ace
commit
7a80799115
|
@ -20,7 +20,7 @@ use openpgp::{
|
|||
Marshal,
|
||||
},
|
||||
types::KeyFlags,
|
||||
KeyID, PacketPile
|
||||
KeyID, PacketPile,
|
||||
};
|
||||
pub use sequoia_openpgp as openpgp;
|
||||
use sharks::{Share, Sharks};
|
||||
|
@ -234,6 +234,31 @@ pub fn combine(
|
|||
.map_err(|e| WrappedError(e.to_string()))?;
|
||||
let secret = Sharks(threshold).recover(&shares)?;
|
||||
|
||||
let userid = UserID::from("keyfork-sss");
|
||||
let kdr = DerivationRequest::new(
|
||||
DerivationAlgorithm::Ed25519,
|
||||
&DerivationPath::from_str("m/7366512'/0'")?,
|
||||
)
|
||||
.derive_with_master_seed(secret.to_vec())?;
|
||||
let derived_cert = keyfork_derive_openpgp::derive(
|
||||
kdr,
|
||||
&[KeyFlags::empty().set_certification().set_signing()],
|
||||
userid,
|
||||
)?;
|
||||
|
||||
// NOTE: Signatures on certs will be different. Compare fingerprints instead.
|
||||
if Some(derived_cert.fingerprint()) != keyring.root_cert().map(Cert::fingerprint) {
|
||||
return Err(WrappedError(format!(
|
||||
"Derived {} != expected {}",
|
||||
derived_cert.fingerprint(),
|
||||
keyring
|
||||
.root_cert()
|
||||
.expect("cert was previously set")
|
||||
.fingerprint()
|
||||
))
|
||||
.into());
|
||||
}
|
||||
|
||||
output.write_all(smex::encode(&secret).as_bytes())?;
|
||||
|
||||
Ok(())
|
||||
|
|
|
@ -47,6 +47,10 @@ impl Keyring {
|
|||
cert
|
||||
}
|
||||
|
||||
pub fn root_cert(&self) -> Option<&Cert> {
|
||||
self.root.as_ref()
|
||||
}
|
||||
|
||||
pub fn get_cert_for_primary_keyid<'a>(&'a self, keyid: &KeyID) -> Option<&'a Cert> {
|
||||
self.full_certs.iter().find(|cert| &cert.keyid() == keyid)
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue