crypto: fix "Could not deserialize key data." with empty private key

This commit is contained in:
Jens Langhammer 2020-11-08 22:27:28 +01:00
parent 1edcda58ba
commit a202679bfb
4 changed files with 31 additions and 1 deletions

View file

@ -54,7 +54,7 @@ class CertificateKeyPair(CreatedUpdatedModel):
@property
def private_key(self) -> Optional[RSAPrivateKey]:
"""Get python cryptography PrivateKey instance"""
if not self._private_key:
if not self._private_key and self._private_key != "":
self._private_key = load_pem_private_key(
str.encode("\n".join([x.strip() for x in self.key_data.split("\n")])),
password=None,

View file

@ -7,6 +7,7 @@ from django.utils.translation import gettext as _
from passbook.admin.fields import CodeMirrorWidget
from passbook.core.expression import PropertyMappingEvaluator
from passbook.crypto.models import CertificateKeyPair
from passbook.flows.models import Flow, FlowDesignation
from passbook.providers.saml.models import SAMLPropertyMapping, SAMLProvider
@ -20,6 +21,9 @@ class SAMLProviderForm(forms.ModelForm):
designation=FlowDesignation.AUTHORIZATION
)
self.fields["property_mappings"].queryset = SAMLPropertyMapping.objects.all()
self.fields["signing_kp"].queryset = CertificateKeyPair.objects.exclude(
key_data__iexact=""
)
class Meta:

View file

@ -34,6 +34,7 @@ class TestAuthNRequest(TestCase):
),
acs_url="http://testserver/source/saml/provider/acs/",
signing_kp=CertificateKeyPair.objects.first(),
verification_kp=CertificateKeyPair.objects.first(),
)
self.source = SAMLSource.objects.create(
slug="provider",

View file

@ -1100,6 +1100,25 @@ paths:
required: true
type: string
format: uuid
/flows/instances/{flow_uuid}/cache_count/:
get:
operationId: flows_instances_cache_count
description: Get count of cached flows
parameters: []
responses:
'200':
description: ''
schema:
$ref: '#/definitions/Flow'
tags:
- flows
parameters:
- name: flow_uuid
in: path
description: A UUID string identifying this Flow.
required: true
type: string
format: uuid
/outposts/outposts/:
get:
operationId: outposts_outposts_list
@ -7506,6 +7525,12 @@ definitions:
description: Require Requests to be signed by an X509 Certificate. Must match
the Certificate selected in `Singing Keypair`.
type: boolean
verification_kp:
title: Verification Keypair
description: If selected, incoming assertion's Signatures will be validated.
type: string
format: uuid
x-nullable: true
Message:
description: Serialize Django Message into DRF Object
type: object