Google Git
Sign in
fuchsia / integration / 2063f67a2c00bab28b66b35f1f0c2ec5c009e2db
commit2063f67a2c00bab28b66b35f1f0c2ec5c009e2db[log] [tgz]
authorBenjamin Wright <benwright@fuchsia.infra.roller.google.com>Wed Mar 30 18:10:52 2022 +0000
committerCopybara-Service <copybara-worker@google.com>Wed Mar 30 11:12:28 2022 -0700
treec2e024e53584ea5c1d89e8187fe623983e8e8fa9
parent4429ad3587ad56078d988276f5edbcb6349fbc2a [diff]
[roll] Roll fuchsia [credential_manager] Implements Add, Remove & Check Credential.

This change implements the Add, Remove and Check Credential operations for the
CredentialManager. The CredentialManager acts as the storage for the cr50
holding the HashTree and the encrypted CredentialMetadata.

On launch the CredentialManager checks if a HashTree already has been
persisted to disk and if so loads it into memory. Otherwise it will create
and persist a fresh HashTree and call ResetTree on the CR50.

Once the HashTree has been provisioned the CredentialManager starts
serving the fuchsia.identity.credential.CredentialManager protocol with
the three new operations.

Operations:
- AddCredential: Allocates a new credential in the hash tree binding a
  low-entropy secret to a high entropy secret in the CR50.
- CheckCredential: Validates an existing credential, if valid returns
  the high entropy secret.
- RemoveCredential: Removes an existing credential from the system.

Testing:
The vast bulk of this CL is test code testing the interactions of the
credential manager with a mocked pinweaver protocol.

Original-Fixed: 92205
Original-Fixed: 89058
Original-Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/634604
Original-Revision: e860c69dbedef7944855342ad9c1c77ecdc35fe9
GitOrigin-RevId: c197572448a864268463148b7b6c617666c66add
Change-Id: Ie58dc9ad60904e0795c6464ba11b08a711ae9fca
1 file changed
tree: c2e024e53584ea5c1d89e8187fe623983e8e8fa9
  1. infra/
  2. third_party/
  3. cts
  4. firmware
  5. flower
  6. jiri.lock
  7. minimal
  8. prebuilts
  9. README.md
  10. stem
  11. test_durations
  12. toolchain
README.md

Integration

This repository contains Fuchsia's Global Integration manifest files.

Making changes

All changes should be made to the internal version of this repository. Our infrastructure automatically updates this version when the internal one changes.

Currently all changes must be made by a Google employee. Non-Google employees wishing to make a change can ask for assistance via the IRC channel #fuchsia on Freenode.

Obtaining the source

First install Jiri.

Next run:

$ jiri init
$ jiri import minimal https://fuchsia.googlesource.com/integration
$ jiri update

Third party

Third party projects should have their own subdirectory in ./third_party.