8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-10 03:46:27 +00:00

Add specific function and check on validation for sshfp

This commit is contained in:
chirac 2021-01-09 00:47:04 +01:00 committed by chirac
parent 03fba819f0
commit 2f98bd4a8d

View file

@ -1276,14 +1276,8 @@ class SshFp(RevMixin, AclMixin, models.Model):
"""Get the hashes for the pub key with correct ID.
See RFC: 1 is sha1 , 2 is sha256.
Because of b64 MUST be divided by 4, we add a "padding" = carracter 3 times.
This padding is then ignored if the pubkey is greater than a multiple of 4.
More informations on : https://gist.github.com/perrygeo/ee7c65bb1541ff6ac770
As said in the thread, this fix is not optimal, however it is very simple as
no options on b64decode function exists.
"""
pubkey = base64.b64decode(self.pub_key_entry + "===")
pubkey = self.base64_pubkey()
return {
"1": hashlib.sha1(pubkey).hexdigest(),
"2": hashlib.sha256(pubkey).hexdigest(),
@ -1303,6 +1297,31 @@ class SshFp(RevMixin, AclMixin, models.Model):
def can_delete(self, user_request, *args, **kwargs):
return self.machine.can_delete(user_request, *args, **kwargs)
def base64_pubkey(self):
"""Function to decode in base64 the pub key entry
Returns:
Base64 decoded value of pub_key_entry
Because of b64 MUST be divided by 4, we add a "padding" = carracter 3 times.
This padding is then ignored if the pubkey is greater than a multiple of 4.
More informations on : https://gist.github.com/perrygeo/ee7c65bb1541ff6ac770
As said in the thread, this fix is not optimal, however it is very simple as
no options on b64decode function exists."""
return base64.b64decode(self.pub_key_entry + "===")
def clean(self, *args, **kwargs):
"""Check if the pub_key_entry is a valid base64 entry.
Raises:
ValidationError: the pub key entry is not a valid base64 enty.
"""
try:
self.base64_pubkey()
except ValueError:
raise ValidationError(_("Ssh pub key entry is incorrect base64 entry"))
super(SshFp, self).clean(*args, **kwargs)
def __str__(self):
return str(self.algo) + " " + str(self.comment)