Skip to content

Add per-agent HMAC secrets#48

Merged
tattoosonmyskin merged 1 commit into
mainfrom
feat-agent-hmac-secrets
Jun 25, 2026
Merged

Add per-agent HMAC secrets#48
tattoosonmyskin merged 1 commit into
mainfrom
feat-agent-hmac-secrets

Conversation

@tattoosonmyskin

Copy link
Copy Markdown
Contributor

Summary

Adds optional file-backed per-agent HMAC admission keys for the UDS governance path.

  • introduces --agent-secret-dir / JINNGUARD_AGENT_SECRET_DIR
  • loads per-agent secrets once at daemon startup; each regular file name is an agent_id
  • uses the unsigned agent_id only to select a candidate key, then verifies the signed envelope before governance uses the payload
  • requires the per-agent key when one exists for an agent_id; unconfigured agents keep the existing shared current/previous admission-key behavior
  • documents the operator flow and updates the residual-risk boundary to describe this as file-backed HMAC v1, not tenant PKI

Validation

  • cargo fmt --check
  • cargo test -p ts_cli --bin ts_cli admission_key_tests
  • cargo test -p ts_cli --bin ts_cli agent_identity_binding_tests
  • cargo test -p ts_cli --bin ts_cli
  • cargo clippy -- -D warnings
  • cargo build -p ts_cli
  • cargo test -p ts_checker
  • git diff --check

Note: cargo build -p ts_cli emitted a non-fatal Cargo cache last-use warning from the sandbox's read-only global cache, then completed successfully.

Support optional cached per-agent HMAC keys selected by agent_id, requiring the agent-specific key when configured while preserving shared-key fallback for unconfigured agents.

Co-authored-by: OpenAI Codex <codex@openai.com>
@tattoosonmyskin tattoosonmyskin marked this pull request as ready for review June 25, 2026 10:02
@tattoosonmyskin tattoosonmyskin merged commit 1bdaf61 into main Jun 25, 2026
10 checks passed
@tattoosonmyskin tattoosonmyskin deleted the feat-agent-hmac-secrets branch June 25, 2026 10:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants