• Sietse Ringers's avatar
    Add scheme manager authenticity through ECDSA signatures · 3c2a5508
    Sietse Ringers authored
    Authenticity of the scheme manager files in the irma_configuration
    folder is now checked as follows.
    Each scheme manager must henceforth include three new files in its
    root folder: index, index.sig, and pk.pem. index lists all files
    under this manager as well as their SHA256-hash. index.sig is a
    ECDSA signature over index, signed with the private key corresponding
    to the public key pk.pem. Thus, a file under the scheme manager
    is authenticated if its hash matches the one in the index file,
    and if the signature over the index file is valid.
    Authenticity of all xml files, including the Idemix public keys,
    is verified in this way automatically when these files are loaded.
    For issuer and credential logos, use Configuration.ReadAuthenticatedFile.