Provide a safe way to check if a key is valid.

[lgarron]

See cedarcode/webauthn-ruby#222 and #39

To check if a COSE key is valid, it seems we have to do:

begin
  COSE::Key.deserialize(public_key_bytes)
rescue ArgumentError, EOFError, TypeError, COSE::UnknownKeyType, CBOR::UnpackError
  # ...
end

This is not quite enough, because a NoMemoryError is also possible (#39). It would be nice to have a safe way to check whether an untrusted byte string is a valid key, e.g.:

• a method with a documented set of possible errors
• a boolean method, e.g. COSE::Key.valid?(public_key_bytes)

[grzuy]

For future reference, related comment => #39 (comment).

[grzuy]

It feels like most of these would be responsibility of the CBOR decoder... I mean, most of the possible random exceptions you would get are coming from CBOR.decode.

Seems like the responsibility could lie on cbor to respond to the question if the cbor bytes are actually something that would decode without throwing...?

[grzuy]

Staring discussion in cabo/cbor-ruby#14.

[grzuy]

FWIW #50 released in v0.10.0.