Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Require list of expected algorithms when secret/publicKey is given #135

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: Require list of expected algorithms when secret/publicKey is given #135

wants to merge 1 commit into from

Conversation

codedust
Copy link
Contributor

Summary

Instead of allowing only one single algorithm during signature validation,
one can now specify a comma-separated list of algorithms using the
--algs command line parameter.

In order to encourage users to be aware of the choice of algorithms and
safely define a subset of the supported algorithms, the --algs
parameter is now required when the -S parameter is set.

Preflight checklist

  • Code formatted with rustfmt
  • Relevant tests added
  • Any new documentation added (documentation of command line parameters has been updated)

Closes #134.

@codedust
feat: Require list of expected algorithms when secret/publicKey is given
58f6124 
Instead of allowing only one single algorithm during signature validation,
one can now specify a comma-separated list of algorithms using the
`--algs` command line parameter.

In order to encourage users to be aware of the choice of algorithms and
safely define a subset of the supported algorithms, the `--algs`
parameter is now required when the `-S` parameter is set.
@codedust codedust force-pushed the pr-list-of-validation-algorithms branch from cff04ea to 58f6124 Compare July 31, 2021 13:30
@codedust
Copy link
Contributor Author

Rebased to main

mike-engel
mike-engel requested changes Sep 29, 2021
View reviewed changes
Copy link
Owner

@mike-engel mike-engel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mind doing the following?

src/main.rs
.takes_value(true)
.long("alg")
.long("algs")
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this can probably just stay as alg? Less breaking changes that way

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mike-engel mike-engel mike-engel requested changes

Assignees
No one assigned
Labels
waiting for response
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

--alg should be required when performing signature validation
2 participants
@codedust @mike-engel