Add an example of the format in the private key form.

Check if the private key is valid. Fixes #1004 - Legacy-Id: 5697
2013-05-06 12:21:31 +00:00 · 2013-05-06 12:21:31 +00:00 · 38480747b4
parent f795684305
commit 38480747b4
3 changed files with 38 additions and 4 deletions
--- a/ietf/nomcom/forms.py
+++ b/ietf/nomcom/forms.py
@ -26,7 +26,7 @@ from ietf.nomcom.utils import QUESTIONNAIRE_TEMPLATE, NOMINATION_EMAIL_TEMPLATE,
                              INEXISTENT_PERSON_TEMPLATE, NOMINEE_EMAIL_TEMPLATE, \
                              NOMINATION_RECEIPT_TEMPLATE, FEEDBACK_RECEIPT_TEMPLATE, \
                              get_user_email, get_hash_nominee_position, get_year_by_nomcom, \
-                              HEADER_QUESTIONNAIRE_TEMPLATE
+                              HEADER_QUESTIONNAIRE_TEMPLATE, validate_private_key
 from ietf.nomcom.decorators import member_required

 ROLODEX_URL = getattr(settings, 'ROLODEX_URL', None)
@ -758,6 +758,15 @@ class PrivateKeyForm(BaseNomcomForm, forms.Form):

    fieldsets = [('Private key', ('key',))]

+    def clean_key(self):
+        key = self.cleaned_data.get('key', None)
+        if not key:
+            return
+        (validation, error) = validate_private_key(key)
+        if validation:
+            return key
+        raise forms.ValidationError('Invalid private key. Error was: %s' % error)
+

 class PendingFeedbackForm(BaseNomcomForm, forms.ModelForm):

--- a/ietf/nomcom/utils.py
+++ b/ietf/nomcom/utils.py
@ -1,6 +1,8 @@
-import hashlib
-import re
 import email
+import hashlib
+import os
+import re
+import tempfile

 from django.conf import settings
 from django.core.exceptions import PermissionDenied
@ -156,3 +158,16 @@ def parse_email(text):
    body = extract_body(msg.get_payload())

    return msg['From'], msg['Subject'], body
+
+
+def validate_private_key(key):
+    key_file = tempfile.NamedTemporaryFile(delete=False)
+    key_file.write(key)
+    key_file.close()
+
+    command = "%s rsa -in %s -check -noout"
+    code, out, error = pipe(command % (settings.OPENSSL_COMMAND,
+                                       key_file.name))
+
+    os.unlink(key_file.name)
+    return (not error, error)
--- a/ietf/templates/nomcom/private_key.html
+++ b/ietf/templates/nomcom/private_key.html
@ -5,7 +5,17 @@
 {% block nomcom_content %}
 <h2>Enter private key</h2>

-<p>In order to access the {{ nomcom.group }} data you have to enter your private key. Please paste it in the text area below.</p>
+<p>In order to access the {{ nomcom.group }} data you have to enter your private key. Please paste it in the text area below. The key must be in the following format:</p>
+
+<pre>
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDC1WgGTQjX1BHC
+jecwXk05g/r3feSAcErTQwszpjg3tixqQ+tLXQ2HuQLFDgWT26jd4FR7UPMUC9lE
+...
+8JA+eKl1wgzm/y+TwEbdxnj950jch0nqZUm+kx3omy9GRAx9qWP5r7Ot4Fx8uBbo
+CKn79FUPkVdlG8miRUY2UIU=
+-----END PRIVATE KEY-----
+</pre>

 <p>If you don't have a private key, please contact the group chair. You can leave the key empty and continue navigation without access to the encrypted data.</p>