Skip to content

add restriction on users ability to set credentials#386

Merged
bigbrett merged 1 commit into
wolfSSL:mainfrom
JacobBarthelmeh:auth_credentials
Jun 9, 2026
Merged

add restriction on users ability to set credentials#386
bigbrett merged 1 commit into
wolfSSL:mainfrom
JacobBarthelmeh:auth_credentials

Conversation

@JacobBarthelmeh

@JacobBarthelmeh JacobBarthelmeh commented May 28, 2026

Copy link
Copy Markdown
Contributor

Follow up to item 3 from #270

@JacobBarthelmeh JacobBarthelmeh self-assigned this May 28, 2026
Copilot AI review requested due to automatic review settings May 28, 2026 22:15
Copilot AI reviewed May 28, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR tightens the authentication manager’s “set credentials” operation so a non-admin user can only change their own credentials, while admins can change any user’s credentials. It does this by threading the caller’s user ID through the UserSetCredentials backend callback and enforcing the restriction in the default/base backend.

Changes:

  • Extend UserSetCredentials callback API to include current_user_id (caller) and pass it from wh_Auth_UserSetCredentials.
  • Enforce self-only credential changes for non-admins in wh_Auth_BaseUserSetCredentials (admins exempt).
  • Add documentation and a new test scenario for non-admin credential-change authorization.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
wolfhsm/wh_auth.h Updates callback signature to include current_user_id.
wolfhsm/wh_auth_base.h Updates base backend API docs/signature to include caller ID and policy.
src/wh_auth.c Passes context->user.user_id into backend UserSetCredentials callback.
src/wh_auth_base.c Enforces “non-admin can only set own credentials” restriction.
test/wh_test_auth.c Adds non-admin authorization test for set-credentials.
docs/src/chapter09.md Documents the new restriction and clarifies action-bit vs backend authorization.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread test/wh_test_auth.c Outdated
Comment thread docs/src/chapter09.md Outdated
wolfSSL-Fenrir-bot
wolfSSL-Fenrir-bot reviewed May 28, 2026
View reviewed changes

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #386

Scan targets checked: wolfhsm-core-bugs, wolfhsm-crypto-bugs, wolfhsm-src

No new issues found in the changed files. ✅

@JacobBarthelmeh JacobBarthelmeh requested a review from Copilot May 28, 2026 22:40
Copilot AI reviewed May 28, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 6 out of 6 changed files in this pull request and generated no new comments.

@JacobBarthelmeh JacobBarthelmeh marked this pull request as ready for review May 29, 2026 21:44
rizlik
rizlik approved these changes Jun 9, 2026
View reviewed changes

@rizlik rizlik left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work.
As a small improvement in the AuthBase backend that can be postponed to a followup PR: consider to allow the admin to overwrite other user credentials without knowledge of the credentials itself

@bigbrett bigbrett merged commit 4462118 into wolfSSL:main Jun 9, 2026
108 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left review comments

@rizlik rizlik rizlik approved these changes

@bigbrett bigbrett bigbrett approved these changes

Assignees

@bigbrett bigbrett

@wolfSSL-Bot wolfSSL-Bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@JacobBarthelmeh @rizlik @bigbrett @wolfSSL-Fenrir-bot @wolfSSL-Bot