Skip to content

feat: add digest and MAC KMIP operations #370

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Feb 25, 2025
Merged

feat: add digest and MAC KMIP operations #370

merged 5 commits into from
Feb 25, 2025

Conversation

Manuthor
Copy link
Contributor

No description provided.

@Manuthor Manuthor force-pushed the feat/add_digest_and_mac_kmip_operations branch from 06fcfc8 to 485e2cf Compare February 12, 2025 10:43
@Manuthor Manuthor force-pushed the feat/add_digest_and_mac_kmip_operations branch from 55fcf18 to e1005f7 Compare February 20, 2025 05:41
@Manuthor Manuthor marked this pull request as ready for review February 20, 2025 05:41
@Manuthor Manuthor force-pushed the feat/add_digest_and_mac_kmip_operations branch from ebd2279 to d71edaa Compare February 21, 2025 12:09
@Manuthor Manuthor requested a review from tbrezot February 21, 2025 13:19
tbrezot
tbrezot reviewed Feb 24, 2025
View reviewed changes
Copy link
Contributor

@tbrezot tbrezot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, some minor comments only.

crate/cli/src/actions/mac.rs Outdated
Comment on lines 23 to 24
SHA512_224,
SHA512_256,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't understand what those are. If these are truncations of a hash, I would let this to the user: if you want a short mac, compute a secure one, an truncate it to the desired length (at your own risks).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if I understand correctly:

  • SHA512_* belongs to SHA2 family (with truncation)
  • SHA3_belongs to SHA3 family without truncation but extensibility.
    Then I will let:
pub enum CHashingAlgorithm {
    SHA256,
    SHA384,
    SHA512,
    SHA3_224,
    SHA3_256,
    SHA3_384,
    SHA3_512,
}

crate/server/src/core/operations/mac.rs Outdated
let unique_identifier = UniqueIdentifier::TextString(unique_identifier.to_owned());

let hmac = if let Some(correlation_value) = request.correlation_value {
compute_hmac(&correlation_value, data, algorithm)?
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is a correlation value ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From KMIP: correlation_value: Specifies the existing stream or by-parts cryptographic operation (as returned from a previous call to this operation).

@Manuthor Manuthor force-pushed the feat/add_digest_and_mac_kmip_operations branch from b097920 to 94fe713 Compare February 25, 2025 12:41
@Manuthor Manuthor merged commit a3ea7fe into develop Feb 25, 2025
32 checks passed
@Manuthor Manuthor deleted the feat/add_digest_and_mac_kmip_operations branch February 25, 2025 15:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tbrezot tbrezot tbrezot left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Manuthor @tbrezot