quixotique
commented
11 years ago Fixed in 91a0b2520f47772c4980df152cce2ef52648406d, 6fd49099cb800e76fe95b2341f5c43d51feed57c, ae69da284fa455886af3960fa2270c31a7c2583a, e6438d74d3fef1123bfb80381833d25d1f8ee799, merged into development 4e48725c93b46546adc0b8de1dbf75bf3cf433fc.
As this TODO comment suggests, the keyring file format is not forward compatible. In other words, old releases of Serval DNA cannot cope with keyring files generated by later releases of Serval DNA that store new key types in the keyring.
This is a problem, because we need the freedom to add new keyring key types, in order to support newer and better crypto systems, without compromising the ability to transport keyring files between Serval Mesh nodes that may be running different versions of Serval DNA.
Of course, older releases of Serval DNA will have to skip unknown key types, and only use the known ones they find in the keyring. This will limit the usefulness of introducing new key types when keyring files are moved from node to node, but it may allow a single keyring identity to contain older and newer key types simultaneously, so that, for example, if upgrading the Rhizome key type, Rhizome bundles may be signed by both a newer and an older Rhizome secret for a while, during a transition period, allowing both older and newer releases of Serval DNA to verify authorship. An older release of Serval DNA with a new keyring file could still sign using the older Rhizome secret, and also detect self-authorship, which is better than nothing.
I suggest a new keyring format that uses a type byte followed by a length byte or bytes, so that unrecognised keypairs can easily be skipped without confusing the decoder.
If we want to keep backward compatibility, we could treat the four currently supported key type codes as omitting the length bytes, and having instead implicit lengths, as currently implemented, which must be preserved in the keyring decoding code for ever.