From d65632e5b49f1c81bbe6dc6b0e4efa5e260289f1 Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Tue, 7 May 2019 11:21:25 +0200
Subject: updater: use hsm key and check header match

---
 updater/constants.go | 2 +-
 updater/signify.go   | 8 +++-----
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/updater/constants.go b/updater/constants.go
index ae3988bd..2ae78c8d 100644
--- a/updater/constants.go
+++ b/updater/constants.go
@@ -6,7 +6,7 @@
 package updater
 
 const (
-	releasePublicKeyBase64 = "RWQGxwD+15iPpnPCEijYJ3CWYFgojWwBJZNg0OnJfICVu/CfyKeQ0vIA"
+	releasePublicKeyBase64 = "RWRNqGKtBXftKTKPpBPGDMe8jHLnFQ0EdRy8Wg0apV6vTDFLAODD83G4"
 	latestVersionURL       = "https://download.wireguard.com/windows-client/latest.sig"
 	msiURL                 = "https://download.wireguard.com/windows-client/%s"
 	msiArchPrefix          = "wireguard-%s-"
diff --git a/updater/signify.go b/updater/signify.go
index d4605cbb..5fc16ba2 100644
--- a/updater/signify.go
+++ b/updater/signify.go
@@ -29,7 +29,6 @@ func readFileList(input []byte) (fileList, error) {
 	if err != nil || len(publicKeyBytes) != ed25519.PublicKeySize+10 || publicKeyBytes[0] != 'E' || publicKeyBytes[1] != 'd' {
 		return nil, errors.New("Invalid public key")
 	}
-	publicKeyBytes = publicKeyBytes[10:]
 	lines := bytes.SplitN(input, []byte{'\n'}, 3)
 	if len(lines) != 3 {
 		return nil, errors.New("Signature input has too few lines")
@@ -41,11 +40,10 @@ func readFileList(input []byte) (fileList, error) {
 	if err != nil {
 		return nil, errors.New("Signature input is not valid base64")
 	}
-	if len(signatureBytes) != ed25519.SignatureSize+10 || signatureBytes[0] != 'E' || signatureBytes[1] != 'd' {
-		return nil, errors.New("Signature input bytes are incorrect length or represent invalid signature type")
+	if len(signatureBytes) != ed25519.SignatureSize+10 || !bytes.Equal(signatureBytes[:10], publicKeyBytes[:10]) {
+		return nil, errors.New("Signature input bytes are incorrect length, type, or keyid")
 	}
-	signatureBytes = signatureBytes[10:]
-	if !ed25519.Verify(publicKeyBytes, lines[2], signatureBytes) {
+	if !ed25519.Verify(publicKeyBytes[10:], lines[2], signatureBytes[10:]) {
 		return nil, errors.New("Signature is invalid")
 	}
 	fileLines := strings.Split(string(lines[2]), "\n")
-- 
cgit v1.2.3-59-g8ed1b