-
Notifications
You must be signed in to change notification settings - Fork 134
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merge sev repo into the enarx repo #71
Conversation
Don't run the test for this command by default. We don't want to invalidate people's keys accidentally.
This commit adds pek_generate, pdh_generate and get_identifer commands. The first two are not tested by default since they may erase keys in the hardware.
They are only needed in a single function.
This is more clear than using the previous u8 type.
There will be a future kernel API change here. We have adjusted our API to handle both the current and future kernel APIs. Also, we added convenience traits for formatting as hex, since this is how the identifier is used during online validation.
The end result should be that it is easier to use.
The earliest Rust version we support is 1.32.
Use the codicon public default type for the Certificate types. Private types take private Params.
Managing two distinct models for each certificate type (multiplied across versions) has proved to be challenging when writing verification code. Therefore, we rework the code to have a single Certificate type with multiple encodings.
All tests pass!
This test currently fails because of a bug in upstream rust-openssl. This bug is fixed in master. So we additionally add a patch to fix it.
Best use explicit names to clarity purposes.
Due to the inherent merge commit in this PR which causes rebasing this branch to be incredibly annoying, I'm putting a freeze on all other merges until this PR is merged. Please review this PR ASAP. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a small comment on duplicate Travis configs. Otherwise, this looks good to go!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Assuming these changes were in the SEV repo previously, it looks fine to me. TO DO: Add sev
to the Enarx workspace in a separate PR.
@steveej @mbestavros @lkatalin @haraldh @whitebrandy
There are only two "new" commits in this PR.