crypto: fix "Could not deserialize key data." with empty private key

This commit is contained in:
Jens Langhammer 2020-11-08 22:27:28 +01:00
parent 1edcda58ba
commit a202679bfb
4 changed files with 31 additions and 1 deletions

View file

@ -54,7 +54,7 @@ class CertificateKeyPair(CreatedUpdatedModel):
@property @property
def private_key(self) -> Optional[RSAPrivateKey]: def private_key(self) -> Optional[RSAPrivateKey]:
"""Get python cryptography PrivateKey instance""" """Get python cryptography PrivateKey instance"""
if not self._private_key: if not self._private_key and self._private_key != "":
self._private_key = load_pem_private_key( self._private_key = load_pem_private_key(
str.encode("\n".join([x.strip() for x in self.key_data.split("\n")])), str.encode("\n".join([x.strip() for x in self.key_data.split("\n")])),
password=None, password=None,

View file

@ -7,6 +7,7 @@ from django.utils.translation import gettext as _
from passbook.admin.fields import CodeMirrorWidget from passbook.admin.fields import CodeMirrorWidget
from passbook.core.expression import PropertyMappingEvaluator from passbook.core.expression import PropertyMappingEvaluator
from passbook.crypto.models import CertificateKeyPair
from passbook.flows.models import Flow, FlowDesignation from passbook.flows.models import Flow, FlowDesignation
from passbook.providers.saml.models import SAMLPropertyMapping, SAMLProvider from passbook.providers.saml.models import SAMLPropertyMapping, SAMLProvider
@ -20,6 +21,9 @@ class SAMLProviderForm(forms.ModelForm):
designation=FlowDesignation.AUTHORIZATION designation=FlowDesignation.AUTHORIZATION
) )
self.fields["property_mappings"].queryset = SAMLPropertyMapping.objects.all() self.fields["property_mappings"].queryset = SAMLPropertyMapping.objects.all()
self.fields["signing_kp"].queryset = CertificateKeyPair.objects.exclude(
key_data__iexact=""
)
class Meta: class Meta:

View file

@ -34,6 +34,7 @@ class TestAuthNRequest(TestCase):
), ),
acs_url="http://testserver/source/saml/provider/acs/", acs_url="http://testserver/source/saml/provider/acs/",
signing_kp=CertificateKeyPair.objects.first(), signing_kp=CertificateKeyPair.objects.first(),
verification_kp=CertificateKeyPair.objects.first(),
) )
self.source = SAMLSource.objects.create( self.source = SAMLSource.objects.create(
slug="provider", slug="provider",

View file

@ -1100,6 +1100,25 @@ paths:
required: true required: true
type: string type: string
format: uuid format: uuid
/flows/instances/{flow_uuid}/cache_count/:
get:
operationId: flows_instances_cache_count
description: Get count of cached flows
parameters: []
responses:
'200':
description: ''
schema:
$ref: '#/definitions/Flow'
tags:
- flows
parameters:
- name: flow_uuid
in: path
description: A UUID string identifying this Flow.
required: true
type: string
format: uuid
/outposts/outposts/: /outposts/outposts/:
get: get:
operationId: outposts_outposts_list operationId: outposts_outposts_list
@ -7506,6 +7525,12 @@ definitions:
description: Require Requests to be signed by an X509 Certificate. Must match description: Require Requests to be signed by an X509 Certificate. Must match
the Certificate selected in `Singing Keypair`. the Certificate selected in `Singing Keypair`.
type: boolean type: boolean
verification_kp:
title: Verification Keypair
description: If selected, incoming assertion's Signatures will be validated.
type: string
format: uuid
x-nullable: true
Message: Message:
description: Serialize Django Message into DRF Object description: Serialize Django Message into DRF Object
type: object type: object