hsmd: cleanup encrypted hsm_secret detection

This makes use of the constant defined in the previous commits to more accurately detect plaintext, encrypted, and invalid seeds. We now error on invalid seeds. Changelog-changed: hsmd: we now error at startup on invalid hsm_secret Changelog-changed: hsmtool: all commands now error on invalid hsm_secret Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
2025-02-21 14:24:09 +01:00 · 2021-01-03 16:59:24 +01:00 · 2021-01-03 16:59:24 +01:00 · 45bb1bfa3c
commit 45bb1bfa3c
parent d2a903992c
3 changed files with 21 additions and 8 deletions
--- a/hsmd/hsmd.c
+++ b/hsmd/hsmd.c
@ -666,7 +666,7 @@ static void load_hsm(const struct secret *encryption_key)
 		              "stating: %s", strerror(errno));

 	/* If the seed is stored in clear. */
-	if (st.st_size <= 32) {
+	if (st.st_size == 32) {
 		if (!read_all(fd, &secretstuff.hsm_secret, sizeof(secretstuff.hsm_secret)))
 			status_failed(STATUS_FAIL_INTERNAL_ERROR,
 			              "reading: %s", strerror(errno));
@ -686,11 +686,14 @@ static void load_hsm(const struct secret *encryption_key)
 				              "opening: %s", strerror(errno));
 		}
 	}
-	/*~ If an encryption key was passed and the `hsm_secret` is stored
+	/* If an encryption key was passed and the `hsm_secret` is stored
 	 * encrypted, recover the seed from the cipher. */
-	if (encryption_key && st.st_size > 32) {
+	else if (st.st_size == ENCRYPTED_HSM_SECRET_LEN) {
 		struct encrypted_hsm_secret encrypted_secret;

+		/* hsm_control must have checked it! */
+		assert(encryption_key);
+
 		if (!read_all(fd, encrypted_secret.data, ENCRYPTED_HSM_SECRET_LEN))
 			status_failed(STATUS_FAIL_INTERNAL_ERROR,
 			              "Reading encrypted hsm_secret: %s", strerror(errno));
@ -702,7 +705,10 @@ static void load_hsm(const struct secret *encryption_key)
 			exit(1);
 		}
 	}
-	/* else { handled in hsm_control } */
+	else
+		status_failed(STATUS_FAIL_INTERNAL_ERROR, "Invalid hsm_secret, "
+							  "no plaintext nor encrypted"
+							  " seed.");
 	close(fd);

 	populate_secretstuff();
--- a/lightningd/hsm_control.c
+++ b/lightningd/hsm_control.c
@ -6,6 +6,7 @@
 #include <ccan/io/io.h>
 #include <ccan/take/take.h>
 #include <common/ecdh.h>
+#include <common/hsm_encryption.h>
 #include <common/json.h>
 #include <common/json_helpers.h>
 #include <common/jsonrpc_errors.h>
@ -106,7 +107,8 @@ struct ext_key *hsm_init(struct lightningd *ld)
 	 * actual secret. */
 	if (!ld->config.keypass) {
 		struct stat st;
-		if (stat("hsm_secret", &st) == 0 && st.st_size > 32)
+		if (stat("hsm_secret", &st) == 0 &&
+			 st.st_size == ENCRYPTED_HSM_SECRET_LEN)
 			errx(1, "hsm_secret is encrypted, you need to pass the "
 			        "--encrypted-hsm startup option.");
 	}
--- a/tools/hsmtool.c
+++ b/tools/hsmtool.c
@ -145,14 +145,19 @@ static void get_channel_seed(struct secret *channel_seed, struct node_id *peer_i
 	            info, strlen(info));
 }

-/* We detect an encrypted hsm_secret as a hsm_secret which is larger than
- * the plaintext seed. */
+/* We detect an encrypted hsm_secret as a hsm_secret which is 73-bytes long. */
 static bool hsm_secret_is_encrypted(const char *hsm_secret_path)
 {
 	struct stat st;
+
 	if (stat(hsm_secret_path, &st) != 0)
 		errx(ERROR_HSM_FILE, "Could not stat hsm_secret");
-	return st.st_size > 32;
+
+	if (st.st_size != 32 && st.st_size != ENCRYPTED_HSM_SECRET_LEN)
+		errx(ERROR_HSM_FILE, "Invalid hsm_secret (neither plaintext "
+				     "nor encrypted).");
+
+	return st.st_size == ENCRYPTED_HSM_SECRET_LEN;
 }

 static int decrypt_hsm(const char *hsm_secret_path)