at_server
at_server copied to clipboard
atsign-foundation
existing malformed keys in keystore
Is your feature request related to a problem? Please describe.
- feat https://github.com/atsign-foundation/at_server/issues/821 will prevent malformed keys from server v 3.0.22
- existing malformed keys should be deleted or preserved ?
outcome of arch call
- keep existing invalid keys with punctuation etc.,
- delete invalid keys such as missing shared by, invalid atsign
@gkc @cconstab I parsed old prod hive storage and latest prod storage for few atsigns with my stand alone code to detect malformed keys which have to be deleted. Currently I have the below logic to determine keys which have to be deleted
- key starting with 'public:cached' if key is KeyType.invalidKey
- ignore cached keys(marked invalid mainly due to punctuations)
- public keys for which sharedBy atsign != current atsign.
bool _isInvalid(String key, String? currentAtSign) {
bool isInvalid = false;
final decodedKey = Utf7.decode(key);
final atKeyType = AtKey.getKeyType(decodedKey, enforceNameSpace: false);
if (decodedKey.startsWith('public:cached')) {
isInvalid = true;
} else if (atKeyType == KeyType.invalidKey) {
if (decodedKey.startsWith('cached:')) {
} else {
final atKey = AtKey.fromString(key);
if ((atKey.sharedBy == currentAtSign &&
(atKey.sharedWith != null && atKey.sharedWith!.isNotEmpty)) ||
(decodedKey.startsWith('public:') &&
atKey.sharedBy == currentAtSign)) {
} else {
isInvalid = true;
}
}
}
return isInvalid;
}
Results of the run. Please let me know whether I can goahead with the above logic and deleted certain malformed keys on startup.
invalid_old_prod_backup.txt invalid_colin.txt invalid_barbara.txt
The only question I have is on the atKrypto keys.. I think they are unusable in the current SDK but might be worth double checking
Other than that yup good to go
downgrading the severity due to other customer bugs and priorities in PR48
The changes are merged to the trunk and released to the canary in c3.0.26b. Spent 5 SP in PR 51
