* Check that the file containing the secret key is secret.

author: Eelco Dolstra <e.dolstra@tudelft.nl> 2007-02-21T17·51+0000
committer: Eelco Dolstra <e.dolstra@tudelft.nl> 2007-02-21T17·51+0000
commit: 65f195f4c7eec4f0880e7c3953aa5e78eeffbebf (patch)
tree: ca768a2e6cd5123071d6da35e934eed6049406fd /src
parent: bdadb98de8fcd5ed99cca97071741e2775f3ada2 (diff)
1 files changed, 14 insertions, 1 deletions
diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc
index ab1f4682ca48..c91368865309 100644
--- a/src/libstore/local-store.cc
+++ b/src/libstore/local-store.cc
@@ -718,6 +718,16 @@ struct HashAndWriteSink : Sink
 #define EXPORT_MAGIC 0x4558494e
 
 
+static void checkSecrecy(const Path & path)
+{
+    struct stat st;
+    if (stat(path.c_str(), &st))
+        throw SysError(format("getting status of `%1%'") % path);
+    if ((st.st_mode & (S_IRWXG | S_IRWXO)) != 0)
+        throw Error(format("file `%1%' should be secret (inaccessible to everybody else)!") % path);
+}
+
+
 void LocalStore::exportPath(const Path & path, bool sign,
     Sink & sink)
 {
@@ -756,11 +766,14 @@ void LocalStore::exportPath(const Path & path, bool sign,
         Path hashFile = tmpDir + "/hash";
         writeStringToFile(hashFile, printHash(hash));
 
+        Path secretKey = nixConfDir + "/signing-key.sec";
+        checkSecrecy(secretKey);
+
         Strings args;
         args.push_back("rsautl");
         args.push_back("-sign");
         args.push_back("-inkey");
-        args.push_back(nixConfDir + "/signing-key.sec");
+        args.push_back(secretKey);
         args.push_back("-in");
         args.push_back(hashFile);
         string signature = runProgram("openssl", true, args);
author	Eelco Dolstra <e.dolstra@tudelft.nl>	2007-02-21T17·51+0000
committer	Eelco Dolstra <e.dolstra@tudelft.nl>	2007-02-21T17·51+0000
commit	65f195f4c7eec4f0880e7c3953aa5e78eeffbebf (patch)
tree	ca768a2e6cd5123071d6da35e934eed6049406fd /src
parent	bdadb98de8fcd5ed99cca97071741e2775f3ada2 (diff)