-
Sietse Ringers authored
Authenticity of the scheme manager files in the irma_configuration folder is now checked as follows. Each scheme manager must henceforth include three new files in its root folder: index, index.sig, and pk.pem. index lists all files under this manager as well as their SHA256-hash. index.sig is a ECDSA signature over index, signed with the private key corresponding to the public key pk.pem. Thus, a file under the scheme manager is authenticated if its hash matches the one in the index file, and if the signature over the index file is valid. Authenticity of all xml files, including the Idemix public keys, is verified in this way automatically when these files are loaded. For issuer and credential logos, use Configuration.ReadAuthenticatedFile.
3c2a5508