This repository was archived by the owner on Feb 3, 2023. It is now read-only.
hc-dpki cli for DeepKey #2117
Open
hc-dpki cli for DeepKey #2117
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@zo-el I notice a bunch of tests are breaking, would like to review this after tests pass... |
* updated tests
|
@zippy this PR is ready for review |
| quiet, | ||
| ); | ||
| keygen_standalone(keystore_passphrase)? | ||
| }; |
There was a problem hiding this comment.
Noticed a few panics in here even though we are returning an HCResult, is this because we cannot recover from them if they happen?
There was a problem hiding this comment.
Agreed, these expects should be replaced with ?
| .read_line(&mut input) | ||
| .expect("Could not read from stdin"); | ||
| match input.as_str() { | ||
| "Y\n" => true, |
There was a problem hiding this comment.
do we care about lowercase/uppercase?
| &mut self.inner.buf, | ||
| )?; | ||
| Ok(KeyBundle::new_from_seed_buf(&mut ref_seed_buf)?) | ||
| } |
There was a problem hiding this comment.
You could probably generalize these two structs with an enum.
enum Seed
{ Auth,Revocation}
maackle
reviewed
Mar 2, 2020
| quiet, | ||
| ); | ||
| keygen_standalone(keystore_passphrase)? | ||
| }; |
There was a problem hiding this comment.
Agreed, these expects should be replaced with ?
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PR summary
Adds some new commands to the CLI tool for managing DPKI keys.
hc dpki genrootcreates a new random root seedhc dpki keygenis similar tohc keygenbut will use a dpki root seed mnemonic so that keys can be recoveredhc dpki genrevoke/genauthproduce revocation/auth seeds from which keys can be derived.hc dpki signuse a revocation/auth seed to produce a key then sign a message (which can be an agent key). This is the process by which keys can be authorized and revokedEach time a mnemonic is produced it is optionally encrypted with a passphrase
testing/benchmarking notes
( if any manual testing or benchmarking was/should be done, add notes and/or screenshots here )
followups
( any new tickets/concerns that were discovered or created during this work but aren't in scope for review here )
changelog
documentation