Improve SSH key format validation
What does this MR do and why?
On backend and frontend we have simple format validation for SSH key(Key#key).
This validation fails whenever the key doesn't begin with ssh- or ecdsa-.
We don't rely much on this validation, it is mainly used for an early response on UI:
| Early response | General message 'Key is invalid' |
|---|---|
 |
 |
In #213259 (closed) we are about to add support for new types of SSH keys. Their algorithm names are sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com. It means that we would have to improve this validation on backend and frontend since those names do not begin with either ssh- nor ecdsa-.
On the backend, we have the method Gitlab::SSHPublicKey.supported_algorithms that returns names of all supported algorithms.
I suggest making this validation work based on this method, as the single source of truth, so that we wouldn't need to update this validation manually when we extend the list of supported SSH keys.
Also, this change improves validation since it requires users' keys to begin with algorithms GitLab supports at the moment. Keys that begin with ssh-unsupported-key or something should be considered as invalid.
Screenshots or screen recordings
These are strongly recommended to assist reviewers and reduce the time to merge your change.
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.