From df6031623f74ee06623292738a9696ccda3795f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20Mart=C3=ADn?= Date: Tue, 2 Apr 2024 10:38:31 +0200 Subject: [PATCH] fix: do not check OVPubKey on server side MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit During the onboarding the device checks the OVPubKey hash is the same as the DCPubKeyHash field stored in its DeviceCredential and no further verification is needed on server side. Extracted from the FIDO Specification: This key pair does not specifically identify the manufacturer (e.g., it is not in a certificate) and may be changed from time to time, so long as the Device Credential refers to the same key pair as the Ownership Voucher for that device. Signed-off-by: Miguel Martín --- rendezvous-server/src/handlers_to0.rs | 21 --------------------- 1 file changed, 21 deletions(-) diff --git a/rendezvous-server/src/handlers_to0.rs b/rendezvous-server/src/handlers_to0.rs index d2d32f9b2..5775d0b0d 100644 --- a/rendezvous-server/src/handlers_to0.rs +++ b/rendezvous-server/src/handlers_to0.rs @@ -69,27 +69,6 @@ pub(super) async fn ownersign( .into()); } - // Now check the OV first public key: is it one we trust? - let manufacturer_pubkey = to0d - .ownership_voucher() - .header() - .manufacturer_public_key() - .clone(); - log::trace!( - "Checking whether manufacturer key {:?} is trusted", - manufacturer_pubkey - ); - if let Some(trusted_manufacturer_keys) = &user_data.trusted_manufacturer_keys { - if !trusted_manufacturer_keys.contains_publickey(&manufacturer_pubkey) { - return Err(Error::new( - ErrorCode::InvalidOwnershipVoucher, - messages::v11::to0::OwnerSign::message_type(), - "Ownership voucher manufacturer not trusted", - ) - .into()); - } - } - // Now, get the final owner key let ov_iter = to0d .ownership_voucher()