[pbs-devel] [PATCH proxmox-backup 06/13] manifest: check fingerprint when loading with key
Fabian Grünbichler
f.gruenbichler at proxmox.com
Fri Nov 20 17:38:36 CET 2020
otherwise loading will run into the signature mismatch which is
technically true, but not the complete picture in this case.
Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---
src/backup/manifest.rs | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/src/backup/manifest.rs b/src/backup/manifest.rs
index 00dafbd6..a64cbe15 100644
--- a/src/backup/manifest.rs
+++ b/src/backup/manifest.rs
@@ -273,6 +273,19 @@ impl BackupManifest {
if let Some(ref crypt_config) = crypt_config {
if let Some(signature) = signature {
let expected_signature = proxmox::tools::digest_to_hex(&Self::json_signature(&json, crypt_config)?);
+
+ let fingerprint = &json["unprotected"]["key-fingerprint"];
+ if fingerprint != &Value::Null {
+ let fingerprint = serde_json::from_value(fingerprint.clone())?;
+ let config_fp = crypt_config.fingerprint();
+ if config_fp != fingerprint {
+ bail!(
+ "wrong key - unable to verify signature since manifest's key {} does not match provided key {}",
+ fingerprint,
+ config_fp
+ );
+ }
+ }
if signature != expected_signature {
bail!("wrong signature in manifest");
}
--
2.20.1
More information about the pbs-devel
mailing list