fix: do not check OVPubKey on server side

During the onboarding the device checks the OVPubKey hash is the same as the DCPubKeyHash field stored in its DeviceCredential and no further verification is needed on server side. Extracted from the FIDO Specification: This key pair does not specifically identify the manufacturer (e.g., it is not in a certificate) and may be changed from time to time, so long as the Device Credential refers to the same key pair as the Ownership Voucher for that device. Signed-off-by: Miguel Martín <[email protected]>
mmartinv · Apr 2, 2024 · df60316 · df60316
1 parent 165eb26
commit df60316
Showing 1 changed file with 0 additions and 21 deletions.
diff --git a/rendezvous-server/src/handlers_to0.rs b/rendezvous-server/src/handlers_to0.rs
@@ -69,27 +69,6 @@ pub(super) async fn ownersign(
         .into());
     }
 
-    // Now check the OV first public key: is it one we trust?
-    let manufacturer_pubkey = to0d
-        .ownership_voucher()
-        .header()
-        .manufacturer_public_key()
-        .clone();
-    log::trace!(
-        "Checking whether manufacturer key {:?} is trusted",
-        manufacturer_pubkey
-    );
-    if let Some(trusted_manufacturer_keys) = &user_data.trusted_manufacturer_keys {
-        if !trusted_manufacturer_keys.contains_publickey(&manufacturer_pubkey) {
-            return Err(Error::new(
-                ErrorCode::InvalidOwnershipVoucher,
-                messages::v11::to0::OwnerSign::message_type(),
-                "Ownership voucher manufacturer not trusted",
-            )
-            .into());
-        }
-    }
-
     // Now, get the final owner key
     let ov_iter = to0d
         .ownership_voucher()