-
Notifications
You must be signed in to change notification settings - Fork 154
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Require client cert auth for gRPC, allow for JSON-RPC
Client authentication for JSON-RPC previously required configuring a user and password, with both client and server holding knowledge of the secret. By allowing client authentication to be performed with TLS client certificates, only the client side must hold a private key, as long as the dcrwallet server is configured to trust the public key. The gRPC server had no client authentication at all previously, and the only reason this was marginally safe was that all requests that could use a wallet key also required supplying and checking the wallet private passhprase in the request. However, with per-account passphrases, this is no longer a suitable mechanism, and instead the entire transport layer must be authenticated. The simplest way to perform this is by requiring and verifying client certificates. TLS client certificate authentication must be enabled with the --authtype=clientcerts flag or config setting. The gRPC server will no longer start without this setting, and enabling this also allows the JSON-RPC server to be started without any user or password. There are two ways in which a client certificate may be trusted: 1. A certificate authority is created which adds trust for a client cert, or certs signed by the authority. This file defaults to clients.pem in the dcrwallet application data directory and can be modified to use other paths with the --clientcafile option. Certificates can be created using gencerts, OpenSSL, and similar tooling. 2. A parent process can read an issued ephemeral certificate and key through a pipe. These certs and keys never reach the filesystem, and this is the expected mechanism by which Decrediton will authenticate itself to the gRPC server. This behavior is enabled with the --issueclientcert flag.
- Loading branch information
Showing
6 changed files
with
266 additions
and
21 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.