Add checkquote function without using the tpm2#570
Conversation
|
I did not update any packages, but got the following error: Is this expected? |
|
Not exactly a review but a couple of improvements on this PR: brandsimon#6 |
|
Here is a followup to fix the rsa pkcs1v15 signature check: brandsimon#7 |
brandsimon
force-pushed
the
sbr/checkquote
branch
from
da591df to
b217e84
Compare
|
You can rebase on main to fix the three tests. |
brandsimon
force-pushed
the
sbr/checkquote
branch
6 times, most recently
from
1889af6 to
2a80db7
Compare
|
@baloo Thank you very very much for your work. I did some changes so |
wiktor-k
left a comment
wiktor-k
left a comment
There was a problem hiding this comment.
I think this looks very nice 👌 just a couple of nits/questions.
brandsimon
force-pushed
the
sbr/checkquote
branch
from
2a80db7 to
7356768
Compare
|
@wiktor-k |
|
I fixed the clippy issues in #575 |
There was a problem hiding this comment.
It is my personal preference to try to avoid names like common, utils, e.t.c because they tend to end up becoming a garbage can full of "nice to have things". And it has been one of my personal goals to try to get rid of the utils module once and for all.
With that said. I would much rather have this put under abstraction. And if you want to be really specific about it you could even create a sub module in there called no_tpm.
hrmm or maybe a no_tpm module along side abstraction would be best. Because I guess it will contain more things that want to used the TPM structures for compatibility reasons.
FWIW I agree with this perspective and also don't like utils, helpers, etc. |
Signed-off-by: Simon Brand <simon.brand@postadigitale.de>
Signed-off-by: Arthur Gautier <arthur.gautier@arista.com>
Signed-off-by: Simon Brand <simon.brand@postadigitale.de>
brandsimon
force-pushed
the
sbr/checkquote
branch
2 times, most recently
from
2f3d086 to
423ae95
Compare
wiktor-k
left a comment
wiktor-k
left a comment
There was a problem hiding this comment.
LGTM. FWIW you can fix the sign-offs with git rebase --signoff main && git push --force-with-lease... or... well... since it's just last commit I guess git commit --amend --signoff --no-edit would work too :)
Signed-off-by: Simon Brand <simon.brand@postadigitale.de>
brandsimon
force-pushed
the
sbr/checkquote
branch
from
423ae95 to
b2ddd3a
Compare
|
@wiktor-k |
| #[cfg(feature = "sha1")] | ||
| HashingAlgorithm::Sha1 => { | ||
| let hash = sha1::Sha1::digest(message); | ||
| Ok(verifying_key.verify_prehash(&hash, &signature).is_ok()) |
There was a problem hiding this comment.
The use of PrehashVerifier should be swapped with DigestVerifier just so we stay off the hazmat.
4 participants
No description provided.