Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support provisioning v1 tokens signed by RSA when in issuer mode #2041

Closed
ripienaar opened this issue Apr 18, 2023 · 0 comments
Closed

Support provisioning v1 tokens signed by RSA when in issuer mode #2041

ripienaar opened this issue Apr 18, 2023 · 0 comments
Labels
wd

Comments

@ripienaar
Copy link
Member

Today we just pass all tokens to the issuer based provisioning method when in issuer mode. But we do support provisioning v1 protocol tokens to facilitate a gradual rollout to new provisioning tokens.

But since we pass all verification into issuer mode validation we also expect only ed25519 tokens, this is not the case for the gradual rollout problem as those would be older rsa signed tokens.

We should then use the new helper choria-io/tokens@a02dabb to determine the algo and only pass EdDSA method tokens into the issuer path, all the rest to old mode.
@ripienaar ripienaar added the wd label Apr 18, 2023
ripienaar added a commit to ripienaar/go-choria that referenced this issue Apr 18, 2023
@ripienaar
(choria-io#2041) Only validate ed25519 signed prov tokens using issue…
d337678 
…r logic

Signed-off-by: R.I.Pienaar <rip@devco.net>
ripienaar added a commit that referenced this issue Apr 18, 2023
@ripienaar
Merge pull request #2042 from ripienaar/2041
c1b1266 
(#2041) Only validate ed25519 signed prov tokens using issuer logic
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
wd
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ripienaar