crypto: handle encrypted private keys

closes #811

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-04-30 15:25:42 +02:00
parent 50678a9e2e
commit 333758d91f

View file

@ -39,7 +39,7 @@ class CertificateKeyPairSerializer(ModelSerializer):
"""Show if this keypair has a private key configured or not""" """Show if this keypair has a private key configured or not"""
return instance.key_data != "" and instance.key_data is not None return instance.key_data != "" and instance.key_data is not None
def validate_certificate_data(self, value): def validate_certificate_data(self, value: str) -> str:
"""Verify that input is a valid PEM x509 Certificate""" """Verify that input is a valid PEM x509 Certificate"""
try: try:
load_pem_x509_certificate(value.encode("utf-8"), default_backend()) load_pem_x509_certificate(value.encode("utf-8"), default_backend())
@ -47,7 +47,7 @@ class CertificateKeyPairSerializer(ModelSerializer):
raise ValidationError("Unable to load certificate.") raise ValidationError("Unable to load certificate.")
return value return value
def validate_key_data(self, value): def validate_key_data(self, value: str) -> str:
"""Verify that input is a valid PEM RSA Key""" """Verify that input is a valid PEM RSA Key"""
# Since this field is optional, data can be empty. # Since this field is optional, data can be empty.
if value != "": if value != "":
@ -57,8 +57,10 @@ class CertificateKeyPairSerializer(ModelSerializer):
password=None, password=None,
backend=default_backend(), backend=default_backend(),
) )
except ValueError: except (ValueError, TypeError):
raise ValidationError("Unable to load private key.") raise ValidationError(
"Unable to load private key (possibly encrypted?)."
)
return value return value
class Meta: class Meta: