[PM-31760] Implement sign() for PrivateKey#20523
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #20523 +/- ##
==========================================
+ Coverage 47.40% 47.41% +0.01%
==========================================
Files 3972 3972
Lines 121413 121445 +32
Branches 18635 18635
==========================================
+ Hits 57558 57586 +28
- Misses 59490 59494 +4
Partials 4365 4365 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
Opening this as ready for review. It is ready for engineering review (FYI @neuronull & @quexten). However, because this PR adds a dependency, the dependency will need to be reviewed by AppSec. If an approach using the proposed new dependency is the desired & approved one, then I'll submit the dep for AppSec's review. |
🤖 Bitwarden Claude Code ReviewOverall Assessment: APPROVE This PR adds a Code Review DetailsNo actionable findings on the current head. Notes for context (not findings):
|
|
@coltonhurst @neuronull From the confluence:
|
Yeah, I was aware it was a transitive dependency, was going to submit it just to be safe. I'll seek clarity on that. |
Update from AppSec; we are good to promote |
neuronull
left a comment
There was a problem hiding this comment.
Thanks for making changes to use the fallible function and documentation. Looks good overall, just some opinion takes.
|



🎟️ Tracking
https://bitwarden.atlassian.net/browse/PM-31760
📔 Objective
sign()forPrivateKeyin thecryptomodule for SSH v2.There were two main approaches I looked at taking:
signature::Signertrait thatssh_keyhas implementations for. While this is a new dependency that will need approval, it's still part of RustCrypto; it comes from their traits repository.ssh_key'ssignfunction on their own private key. This returns theirSshSigtype though, which is more high level than we probably want at this implementation level.A note on versions:
signaturecrate recently released v3. The latest stable version released was v2.2. However, we can't use v3 yet, asssh_keydoesn't yet have a release withsignaturev3 supported. This is being worked on, though! (link: ssh-key: bumpsignaturecrate dependency to v3 RustCrypto/SSH#501)🧪 Testing
No QA needed at this stage. Only the added unit tests were run.