Minor fixes

elonen · Sep 20, 2024 · 283a4bd · 283a4bd
1 parent 1a7acfc
commit 283a4bd
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 0 deletions.
diff --git a/hsm-conf.yml b/hsm-conf.yml
@@ -233,6 +233,17 @@ admin:
       change-authentication-key: 'fixed'
       put-symmetric-key: 'fixed'
       generate-symmetric-key: 'fixed'
+      generate-otp-aead-key: 'fixed'
+      put-otp-aead-key: 'fixed'
+      set-log-index: 'fixed'
+      sign-ecdsa: 'fixed'
+      sign-eddsa: 'fixed'
+      sign-hmac: 'fixed'
+      sign-pkcs1: 'fixed'
+      sign-pss: 'fixed'
+      sign-ssh-certificate: 'fixed'
+      unwrap-data: 'fixed'
+      wrap-data: 'fixed'
       echo: 'off'
       device-info: 'off'
       get-storage-info: 'off'

diff --git a/hsm_secrets/log/__init__.py b/hsm_secrets/log/__init__.py
@@ -230,6 +230,7 @@ def log_verify_all(ctx: HsmSecretsCtx, db_path: str, initial_num: int, alldevs:
                 cli_info("Log chain verified successfully")
             except ValueError as e:
                 cli_info(f"Log chain verification failed: {str(e)}")
+                exit(1)
 
 
 @cmd_log.command('export')

diff --git a/hsm_secrets/utils.py b/hsm_secrets/utils.py
@@ -243,6 +243,7 @@ def connect_hsm_and_auth_with_yubikey(config: hscfg.HSMConfig, yubikey_slot_labe
         hsm = YubiHsm.connect(connector_url)
         verify_hsm_device_info(device_serial, hsm)
 
+        assert yubikey_label
         auth_key_id = config.find_auth_key(yubikey_label).id
         cli_info(f"Authenticating as YubiHSM key ID {hex(auth_key_id)} with local YubiKey '{yubikey.name} {yubikey.info.serial}' HSM auth slot '{yubikey_label}'")