Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dmulder/key auth value #33

Merged
merged 6 commits into from
Mar 28, 2024
Merged

Dmulder/key auth value #33

merged 6 commits into from
Mar 28, 2024

Conversation

Firstyear
Copy link
Member

Refers #32 - Fix PIN Value support for identity keys. This works on the TPM with it's native lockout features, and soft with argon2id derivation hmaced (peppered) to the machine key.

Checklist

  • [ x ] This pr contains no AI generated code
  • [ x ] cargo fmt has been run
  • [ x ] cargo clippy has been run and there's no issues
  • [ x ] cargo test has been run and passes

@dmulder
Copy link
Collaborator

dmulder commented Mar 27, 2024

Odd, I see these:

2024-03-27T14:05:59.108386Z ERROR kanidm_hsm_crypto: elapsed=Ok(331.406153ms)
2024-03-27T14:05:59.124725Z ERROR kanidm_hsm_crypto: elapsed=Ok(332.024759ms)
2024-03-27T14:05:59.438566Z ERROR kanidm_hsm_crypto: elapsed=Ok(330.107573ms)
2024-03-27T14:05:59.464243Z ERROR kanidm_hsm_crypto: elapsed=Ok(339.426009ms)

All the tests pass though. Maybe these should be going to debug, not error?

dmulder
dmulder reviewed Mar 27, 2024
View reviewed changes
src/lib.rs Outdated Show resolved Hide resolved
@dmulder
Copy link
Collaborator

dmulder commented Mar 27, 2024

Otherwise, LGTM. Thanks for doing this! I built this against some test code and it worked as expected.

dmulder
dmulder approved these changes Mar 27, 2024
View reviewed changes
Copy link
Collaborator

@dmulder dmulder left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@dmulder
Copy link
Collaborator

dmulder commented Mar 27, 2024

When you merge, can you issue a release?

@dmulder dmulder mentioned this pull request Mar 27, 2024
Merged
@Firstyear Firstyear enabled auto-merge (squash) March 28, 2024 00:58
@Firstyear Firstyear merged commit 6029e55 into kanidm:main Mar 28, 2024
8 checks passed
@Firstyear Firstyear deleted the dmulder/key_auth_value branch March 28, 2024 01:08
@Firstyear
Copy link
Member Author

@dmulder released 0.2.0

@dmulder
Copy link
Collaborator

dmulder commented Mar 29, 2024

@dmulder released 0.2.0

Sigh, I always forget about the dependency loop on compact-jwt. That also needs to be updated to point to the new hsm-crypto (else none of my code will build).

@Firstyear
Copy link
Member Author

If all goes well, I will push my changes to compact-jwt today so we can release them.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmulder dmulder dmulder approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Firstyear @dmulder