fix: deprecation warning, update poorman handshake

[JarbasAl]

Summary by CodeRabbit

• New Features

  • Updated cryptographic key management methods for improved security and compatibility.
  • Enhanced key generation process, now returning keys in PEM format.

• Dependency Updates

  • Updated poorman-handshake dependency to a stable version range.

• Documentation

  • Expanded documentation for properties and methods to improve clarity and usability.
  • Added type hints for various properties and methods to enhance type safety.

[coderabbitai]

Walkthrough

The pull request introduces modifications to the hivemind_bus_client/identity.py file, focusing on cryptographic key management methods. Key functions for creating and exporting keys have been renamed and updated to support RSA key generation, with enhancements to type annotations and documentation. Additionally, the requirements.txt file specifies a new version range for the poorman-handshake dependency, moving from an alpha version to a stable version constraint.

Changes

File	Change Summary
hivemind_bus_client/identity.py	- Renamed create_private_key() to create_RSA_key() - Renamed export_private_key() to export_RSA_key() - Updated create_keys method to generate RSA key pair and store in PEM format - Added type hints to several methods and properties - Expanded documentation strings for clarity
requirements.txt	- Updated poorman-handshake dependency version from >=0.2.2a3 to >=1.0.0,<2.0.0

Poem

🔑 A Rabbit's Cryptographic Verse 🐰

RSA keys dancing bright,
Old methods fading from sight,
Handshake version, stable and new,
Cryptographic magic breaking through!
Code evolves with each soft hop 🚀

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b7d090d and ca04405.

📒 Files selected for processing (1)

• requirements.txt (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• requirements.txt

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

hivemind_bus_client/identity.py (1)

96-98: Validate new RSA key generation logic.

The switch to create_RSA_key() and export_RSA_key properly addresses deprecation warnings by using stable, RSA-specific methods. Ensure that:

1. The returned secret is adequately protected and stored securely.
2. The pub key is indeed the ASCII-armored public key.
3. export_RSA_key(secret, priv) and subsequent references to secret and pub align with the usage semantics in downstream code.

If you need more robust key management or locking, consider encrypting the private key on disk or verifying correct permissions.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 87274f2 and 84a6d30.

📒 Files selected for processing (2)

• hivemind_bus_client/identity.py (3 hunks)
• requirements.txt (1 hunks)

🔇 Additional comments (3)

hivemind_bus_client/identity.py (2)

14-14: Grammar fix looks good.

Replacing "human readable" with "human-readable" in the docstring improves clarity without changing functionality.

---

2-2: Adopt a version check to ensure backward compatibility.

Importing export_RSA_key and create_RSA_key from poorman_handshake.asymmetric.utils is correct for the new approach. However, confirm that you have the minimum required version of poorman-handshake installed, especially if any consumers of this library rely on older versions or an environment that may not yet have the updated package.

Run the following script to confirm that the installed version of poorman-handshake meets the new requirement:

requirements.txt (1)

1-1: Good move to a stable release.

Upgrading poorman-handshake to >=1.0.0,<2.0.0 helps ensure a stable interface for the RSA key management methods. Validate that this new version range works seamlessly with other code parts relying on poorman-handshake.

[goldyfruit]

Do we still need PGPy library?

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (1)

hivemind_bus_client/identity.py (1)

68-69: Use os.path.join for path construction

The current path construction using string concatenation could be problematic on different operating systems. Consider using os.path.join for better cross-platform compatibility.

-        return self.IDENTITY_FILE.get("secret_key") or \
-            f"{dirname(self.IDENTITY_FILE.path)}/{self.name}.pem"
+        return self.IDENTITY_FILE.get("secret_key") or \
+            os.path.join(dirname(self.IDENTITY_FILE.path), f"{self.name}.pem")

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 84a6d30 and b7d090d.

📒 Files selected for processing (1)

• hivemind_bus_client/identity.py (1 hunks)

🔇 Additional comments (1)

hivemind_bus_client/identity.py (1)

8-21: Well-documented class with proper type hints!

The class documentation and constructor are well-documented with proper type hints, improving code safety and maintainability.

[coderabbitai]

💡 Codebase verification

Add error handling and file permissions for key operations

The key generation implementation needs improvements for robustness and security:

• No error handling is present for file operations in export_RSA_key and key file creation
• File permissions for the private key file (HiveMindComs.pem) are not explicitly set
• No existing key files in other formats were found that would require migration

Required changes:

• Add try-except blocks around file operations in create_keys and export_RSA_key
• Set restrictive permissions (600) for the private key file using os.chmod
• Consider adding a check if the key file already exists before overwriting

🔗 Analysis chain

Verify key generation and storage

The key generation and storage logic has been updated to use RSA keys stored in PEM format. Please ensure:

1. All existing key files are properly migrated
2. Key file permissions are set appropriately
3. Error handling for file operations is added

Let's check for any existing key file references:

---

Let me gather more information about the key generation and storage implementation.

---

Let me check one more aspect about error handling and file operations.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Look for other key file patterns that might need migration
rg -l "\.asc|\.pgp|\.gpg" 

# Check for file operation error handling
ast-grep --pattern 'export_RSA_key($_, $_)' -A 5

Length of output: 285

---

Script:

#!/bin/bash
# Check the implementation of create_RSA_key and export_RSA_key functions
ast-grep --pattern 'def create_RSA_key' -A 10
ast-grep --pattern 'def export_RSA_key' -A 10

# Look for any existing key file handling or migration code
rg -A 5 "HiveMindComs.pem"

# Check for file permission settings
rg -A 3 "chmod|os\.chmod"

Length of output: 447

---

Script:

#!/bin/bash
# Check for try-except blocks around file operations in identity.py
rg -A 5 "try:" hivemind_bus_client/identity.py

# Look for imports of os module and file operation related functions
rg "^import os|^from os" hivemind_bus_client/identity.py
rg "^from pathlib" hivemind_bus_client/identity.py

# Check the full Identity class implementation for file operation patterns
ast-grep --pattern 'class Identity' -A 10

Length of output: 240