Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes and improvements for secret sealing/unsealing #327

Merged
merged 1 commit into from
Feb 3, 2024
Merged

Fixes and improvements for secret sealing/unsealing #327

merged 1 commit into from
Feb 3, 2024

Conversation

dgarske
Copy link
Contributor

@dgarske dgarske commented Feb 2, 2024

Fixes and improvements for secret sealing/unsealing:

  • Do not set userWithAuth by default when creating sealed objects. That flag allows password auth for the sealed object. Without the flag it only allows policy auth.
  • Allow setting policy auth with flags.
  • Fix secret_unseal to use policy session and valid sealed name.
  • Added expected failure test cases for seal/unseal with policy.
  • Improve the run_examples.sh script

@dgarske
Fixes and improvements for secret sealing/unsealing:
c34a0c2 
* Do not set userWithAuth by default when creating sealed objects. That flag allows password auth for the sealed object. Without the flag it only allows policy auth.
* Allow setting policy auth with flags.
* Fix secret_unseal to use policy session and valid sealed name.
* Added expected failure test cases for seal/unseal with policy.
* Improve the run_examples.sh script
@dgarske dgarske assigned dgarske, rizlik and wolfSSL-Bot and unassigned dgarske Feb 2, 2024
@dgarske dgarske requested review from embhorn and rizlik February 2, 2024 23:45
dgarske added a commit to dgarske/wolfBoot that referenced this pull request Feb 2, 2024
@dgarske
Fixes for sealing/unsealing:
0024317 
* Fix for sealing policy, which was not being set on creation.
* Fix to clear the userWithAuth bit requiring policy
Requires: wolfSSL/wolfTPM#327
@dgarske dgarske mentioned this pull request Feb 2, 2024
Merged
@dgarske dgarske assigned embhorn and lealem47 and unassigned rizlik and wolfSSL-Bot Feb 3, 2024
@lealem47 lealem47 merged commit bc1415d into wolfSSL:master Feb 3, 2024
3 checks passed
dgarske added a commit to dgarske/wolfBoot that referenced this pull request Feb 3, 2024
@dgarske
Fixes for sealing/unsealing:
4408eea 
* Fix for sealing policy, which was not being set on creation.
* Fix to clear the userWithAuth bit requiring policy
* Updated wolfTPM submodule with changes in wolfSSL/wolfTPM#327
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lealem47 lealem47 lealem47 approved these changes

@embhorn embhorn embhorn approved these changes

@rizlik rizlik Awaiting requested review from rizlik

Assignees

@embhorn embhorn

@lealem47 lealem47

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@dgarske @embhorn @lealem47 @rizlik @wolfSSL-Bot