adds life-mismatch checks to pre-boot validation

2024-12-12 10:29:01 +03:00 · 2018-10-25 17:39:34 -04:00 · 2018-10-25 17:39:34 -04:00 · 7269c09771
commit 7269c09771
parent 345cc92578
2 changed files with 26 additions and 0 deletions
--- a/sys/zuse.hoon
+++ b/sys/zuse.hoon
@ -8117,6 +8117,10 @@
      ::
      ?~  net.hull
        [%| %parent-not-keyed]
+      ::  life must match parent's
+      ::
+      ?.  =(lyf.seed life.u.net.hull)
+        [%| %life-mismatch]
      =/  loy  (com:nu:crub:crypto pass.u.net.hull)
      =/  hax  (shaf %earl (sham who.seed lyf.seed pub:ex:cub))
      ::  the signature must be valid
@ -8138,6 +8142,10 @@
      ::
      ?.  =(pub:ex:cub pass.u.net.hull)
        [%| %key-mismatch]
+      ::  life must match the contract
+      ::
+      ?.  =(lyf.seed life.u.net.hull)
+        [%| %life-mismatch]
      ::  the boot life must be greater than and discontinuous with
      ::  the last seen life (per the sponsor)
      ::
--- a/tests/sys/zuse/dawn.hoon
+++ b/tests/sys/zuse/dawn.hoon
@ -168,6 +168,12 @@
    !>  [%| %key-mismatch]
    !>  (veri:dawn sed hul ~)
 ::
++  test-veri-life-mismatch
+  =/  sed  [~zod 2 sec ~]
+  %+  expect-eq
+    !>  [%| %life-mismatch]
+    !>  (veri:dawn sed hul ~)
+::
 ++  test-veri-already-booted
  =/  sed  [~zod 1 sec ~]
  ;:  weld
@ -213,6 +219,18 @@
    !>  [%| %parent-not-keyed]
    !>  (veri:dawn sed =>(hul .(net ~)) ~)
 ::
++  test-veri-earl-life-mismatch
+  =/  cub  (pit:nu:crub:crypto 24 %foo)
+  =/  who  ~simtel-mithet-dozzod-dozzod
+  =/  sed
+    =/  sig
+      %-  sign:as:(nol:nu:crub:crypto sec)
+      (shaf %earl (sham who 1 pub:ex:cub))
+    [who 2 sec:ex:cub `sig]
+  %+  expect-eq
+    !>  [%| %life-mismatch]
+    !>  (veri:dawn sed hul ~)
+::
 ++  test-veri-earl-invalid-sig
  =/  cub  (pit:nu:crub:crypto 24 %foo)
  =/  who  ~simtel-mithet-dozzod-dozzod