Skip to content
This repository was archived by the owner on May 30, 2026. It is now read-only.

Add gemstone auth hash signer#1165

Open
0xh3rman wants to merge 2 commits into
mainfrom
refactor-android-device-auth
Open

Add gemstone auth hash signer#1165
0xh3rman wants to merge 2 commits into
mainfrom
refactor-android-device-auth

Conversation

@0xh3rman
Copy link
Copy Markdown
Collaborator

@0xh3rman 0xh3rman commented May 28, 2026

gemini-code-assist[bot]
gemini-code-assist Bot reviewed May 28, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces a new function sign_auth_message_hash in gemstone/src/auth.rs to sign an authentication message hash using a private key, along with corresponding unit tests. Feedback highlights a security concern where an early return on an invalid hash length prevents the private key from being wrapped in Zeroizing, potentially leaving sensitive key material in memory. It is recommended to wrap the private key in Zeroizing at the very beginning of the function and validate its length.

Comment thread gemstone/src/auth.rs
@0xh3rman 0xh3rman marked this pull request as ready for review May 28, 2026 09:37
gemcoder21
gemcoder21 reviewed May 29, 2026
View reviewed changes
Comment thread gemstone/src/auth.rs
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

2 more reviewers

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

@gemcoder21 gemcoder21 gemcoder21 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@0xh3rman @gemcoder21