3923 validate key format

2024-05-10 07:54:54 +00:00 · 2020-01-18 21:52:42 -05:00
parent 606f3dacbb
commit c6d18da2eb
5 changed files with 52 additions and 0 deletions
--- a/netbox/secrets/forms.py
+++ b/netbox/secrets/forms.py
@@ -16,6 +16,8 @@ def validate_rsa_key(key, is_secret=True):
    """
    Validate the format and type of an RSA key.
    """
+    if key.startswith('ssh-rsa '):
+        raise forms.ValidationError("OpenSSH line format is not supported. Please ensure that your public is in PEM (base64) format.")
    try:
        key = RSA.importKey(key)
    except ValueError:
--- a/netbox/secrets/tests/constants.py
+++ b/netbox/secrets/tests/constants.py
@@ -36,3 +36,5 @@ GY2b4PKuSTcsYjbg8adOGzFL9RXLI1X4PHNCzD/Y1vdM3jJXv+luk3TU+JIbzJeN
 5ZEEz+sIdlMPCAACaZAY/t9Kd/LxHr0o4K/6gqkZIukxFCK6sN53gibAXfaKc4xl
 qQIDAQAB
 -----END PUBLIC KEY-----"""
+
+SSH_PUBLIC_KEY = """ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCy2yMGnuvmM5CnFG8CsohfUYobXU7+pz/RJtvUUnARAY11Ybc3cn0tvzn4aPxclX8+514n6R7jJCZuVGJXXapqZDq2l+PLmgLhyBJxE9qq7rbp4EAJiUP0inDyf8qFzSKT7Rm8cjHvY3v2GI32JUXuWACA23t5YPUqVglkjfdVX8VHJh6fMQrQ4O3CKKh2x0S82UHH7SaYH0HqOknPgyRQ+ZQorUU25IpzJPesk29nN3DYqfY+VQsKJOLglWvoapaZiu+wK/7ovXqYXNuhfAwlkjbCRKjwix1kZjtDS44US1//BCaT7AeuwMpFLI44v/VajoxTfE0h74Mxl48mNt7Qme4lbXxH8yMa6HNfDp4vjnxPE1CWuSrFo4G+HI1rc22qSmw9e67qIGRbcI7/cIFpeBvnfCCgWrqWZ6ZzdAZJCnu7/aWn00+VG+54GFmJ+3R2xhWcu+Uzn+o1aWROtUuzq0qR6zdXME3A0Oud2uQrQAiAGFdWpfvcOEbD+tlPNDk= test"""
--- a/netbox/secrets/tests/test_form.py
+++ b/netbox/secrets/tests/test_form.py
@@ -0,0 +1,33 @@
+from django.test import TestCase
+from secrets.forms import UserKeyForm
+from secrets.models import UserKey
+from utilities.testing import create_test_user
+from .constants import PUBLIC_KEY, SSH_PUBLIC_KEY
+
+
+class UserKeyFormTestCase(TestCase):
+
+    def setUp(self):
+        user = create_test_user(
+            permissions=[
+                'secrets.view_secretrole',
+                'secrets.add_secretrole',
+            ]
+        )
+        self.userkey = UserKey(user=user)
+
+    def test_upload_rsakey(self):
+        form = UserKeyForm(
+            data={'public_key': PUBLIC_KEY},
+            instance=self.userkey,
+        )
+        self.assertTrue(form.is_valid())
+        self.assertTrue(form.save())
+
+    def test_upload_sshkey(self):
+        form = UserKeyForm(
+            data={'public_key': SSH_PUBLIC_KEY},
+            instance=self.userkey,
+        )
+        print(form.is_valid())
+        self.assertFalse(form.is_valid())