Embed root keystore in binary #156
Conversation
jcarrete5
force-pushed
the
embed-root-keystore
branch
from
d779189 to
182645e
Compare
jcarrete5
force-pushed
the
embed-root-keystore
branch
from
182645e to
2feca1b
Compare
jcarrete5
force-pushed
the
embed-root-keystore
branch
from
2feca1b to
69ae5f8
Compare
riwoh
left a comment
riwoh
left a comment
There was a problem hiding this comment.
Need to update copyright year if the file was touched.
There was a problem hiding this comment.
Pull request overview
This PR embeds a root keystore directly into the binary to simplify testing and deployment. Previously, the root keystore was read from an external PKCS12 file; now it can fall back to an embedded version when the ROOT_KEYSTORE environment variable is not set.
Changes:
- Embedded default PKCS12 keystore data as a static array in a new header file
- Modified the keystore loading logic to use embedded data when no external file is specified
- Moved shared constants from common.h to the new root_keystore.h header
- Added tests for the embedded keystore functionality
Reviewed changes
Copilot reviewed 11 out of 11 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| reference/src/util/include/root_keystore.h | New header containing embedded PKCS12 keystore data and shared constants |
| reference/src/util/src/pkcs12.c | Updated to load from embedded keystore when ROOT_KEYSTORE env var is not set |
| reference/src/util/include/common.h | Removed DEFAULT_ROOT_KEYSTORE_PASSWORD and COMMON_ROOT_NAME (moved to root_keystore.h) |
| reference/src/util/include/pkcs12.h | Updated documentation to reflect new embedded keystore behavior |
| reference/src/util/test/pkcs12test.cpp | Added tests for embedded keystore loading functionality |
| reference/src/util/CMakeLists.txt | Added root_keystore.h to library sources |
| reference/src/taimpl/src/porting/otp.c | Added include for root_keystore.h |
| reference/src/taimpl/CMakeLists.txt | Added BYPRODUCTS directive for test file copy |
| reference/src/client/test/sa_key_common.cpp | Added include for root_keystore.h |
| reference/src/client/CMakeLists.txt | Added BYPRODUCTS directive for test file copy |
| reference/README.md | Updated documentation describing the new embedded keystore approach |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 11 out of 11 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
jcarrete5
force-pushed
the
embed-root-keystore
branch
from
827bbd2 to
7a3bd8e
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 11 out of 11 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Remove redundant include Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 11 out of 11 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This avoids copying the data multiple times if the header file is include in many translation units.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 12 out of 12 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
Depends on #161 to fix failing tests |
3 participants
Closes #157