Add specific function and check on validation for sshfp

2024-11-21 19:03:11 +00:00 · 2021-01-09 00:47:04 +01:00 · 2021-01-09 00:47:04 +01:00 · e8a9e64c3f
commit e8a9e64c3f
parent 2846a7fb32
1 changed files with 26 additions and 7 deletions
--- a/machines/models.py
+++ b/machines/models.py
@ -1276,14 +1276,8 @@ class SshFp(RevMixin, AclMixin, models.Model):
        """Get the hashes for the pub key with correct ID.

        See RFC: 1 is sha1 , 2 is sha256.
-
-        Because of b64 MUST be divided by 4, we add a "padding" = carracter 3 times.
-        This padding is then ignored if the pubkey is greater than a multiple of 4.
-        More informations on : https://gist.github.com/perrygeo/ee7c65bb1541ff6ac770
-        As said in the thread, this fix is not optimal, however it is very simple as
-        no options on b64decode function exists.
        """
-        pubkey = base64.b64decode(self.pub_key_entry + "===")
+        pubkey = self.base64_pubkey()
        return {
            "1": hashlib.sha1(pubkey).hexdigest(),
            "2": hashlib.sha256(pubkey).hexdigest(),
@ -1303,6 +1297,31 @@ class SshFp(RevMixin, AclMixin, models.Model):
    def can_delete(self, user_request, *args, **kwargs):
        return self.machine.can_delete(user_request, *args, **kwargs)

+    def base64_pubkey(self):
+        """Function to decode in base64 the pub key entry
+
+        Returns:
+            Base64 decoded value of pub_key_entry
+
+        Because of b64 MUST be divided by 4, we add a "padding" = carracter 3 times.
+        This padding is then ignored if the pubkey is greater than a multiple of 4.
+        More informations on : https://gist.github.com/perrygeo/ee7c65bb1541ff6ac770
+        As said in the thread, this fix is not optimal, however it is very simple as
+        no options on b64decode function exists."""
+        return base64.b64decode(self.pub_key_entry + "===")
+
+    def clean(self, *args, **kwargs):
+        """Check if the pub_key_entry is a valid base64 entry.
+
+        Raises:
+            ValidationError: the pub key entry is not a valid base64 enty.
+        """
+        try:
+            self.base64_pubkey()
+        except ValueError:
+            raise ValidationError(_("Ssh pub key entry is incorrect base64 entry"))
+        super(SshFp, self).clean(*args, **kwargs)
+
    def __str__(self):
        return str(self.algo) + " " + str(self.comment)