Add Support to be able to verify from multiple keys #425
Conversation
|
Hello, @ritikesh! This is your first Pull Request that will be reviewed by SourceLevel, an automatic Code Review service. It will leave comments on this diff with potential issues and style violations found in the code as you push new commits. You can also see all the issues found on this Pull Request on its review page. Please check our documentation for more information. |
![sourcelevel-bot[bot]](https://avatars.githubusercontent.com/in/597?s=60&v=4){kind=small}
|
Thanks for the proposal, first impression is that I think this is a pretty good idea. Have to digest it a little still if there are potential problems with this kind of behaviour. A little finetuning to get the specs passing and maybe adding a few new tests. |
Thanks! I'll add some new tests tomorrow and fix the existing specs as well. |
|
SourceLevel has finished reviewing this Pull Request and has found:
|
|
@excpt You have anything to add? I think this is a pretty neat addition. Would be ready to merge. |
|
From my part it looks good. Was thinking a second opinion on the feature would be valuable. |
|
Hi @excpt - have you had a chance to look at this? Would appreciate your thoughts on how to proceed. |
|
Im thinking we could merge this. Could you still be so kind and rebase to the latest master where the |
|
Hey, I've rebased my branch to the current master. Thanks.
|
Problem -
During a security incident, if one has to rotate secrets shared with 3rd party apps, one has to ensure backward compatibility where both the old and new secrets continue to work.
Solution -
Have made changes to iterate over an array of keys while verifying signature. This can be used by returning an array of keys from the
find_keyblock.PS: Will add specs if changes are ok.