redwood: Add is_valid_public_key function #6948
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
legoktm
commented
Sep 22, 2023
legoktm
force-pushed
the
sequoia-valid-key
branch
3 times, most recently
from
1e86f38 to
306bf14
Compare
|
Marking as ready for review; CI will fail because SD tests are generating 1024-bit keys until #6892 lands. But at least the code can be reviewed ahead of time. |
9 tasks
rocodes
reviewed
Sep 28, 2023
We have multiple cases in Python code where we want to validate that a string is valid PGP public key that Sequoia will accept. Exporting a `is_valid_public_key` function will help make checks more robust and simplify some tests. The validation code on the Rust side is also a bit duplicated and currently manually kept in sync with comments, so let's take the opportunity to unify it into one file and de-duplicated with a macro (hopefully not too magical). Tests are provided that verify a good public key passes, a bad SHA-1 key is rejected and a secret key is also rejected. Fixes #6947.
This is a more comprehensive check than just verifying some variant of the string "BEGIN PGP PUBLIC KEY BLOCK" is present.
StandardPolicy::new() is const, so we can create one instance of the policy and use it everywhere, ensuring that we don't accidentally use different policies.
legoktm
force-pushed
the
sequoia-valid-key
branch
from
babdf26 to
87e1359
Compare
rocodes
approved these changes
Oct 4, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Status
Ready for review;
but will fail CI until #6892 lands (this will be rebased on top of that prior to merge)Description of Changes
We have multiple cases in Python code where we want to validate that a
string is valid PGP public key that Sequoia will accept. Exporting a
is_valid_public_keyfunction will help make checks more robust andsimplify some tests.
The validation code on the Rust side is also a bit duplicated and
currently manually kept in sync with comments, so let's take the
opportunity to unify it into one file and de-duplicated with a macro
(hopefully not too magical).
Fixes #6947.
Testing
Deployment
Any special considerations for deployment? no
Checklist
make lint) and tests (make test) pass in the development container