Improve error report when user passes a private key (#22726)

author zeripath <art27@cantab.net>

Thu, 2 Feb 2023 18:25:54 +0000 (18:25 +0000)

committer GitHub <noreply@github.com>

Thu, 2 Feb 2023 18:25:54 +0000 (18:25 +0000)
author zeripath <art27@cantab.net>
Thu, 2 Feb 2023 18:25:54 +0000 (18:25 +0000)
committer GitHub <noreply@github.com>
Thu, 2 Feb 2023 18:25:54 +0000 (18:25 +0000)
diff --git a/models/asymkey/error.go b/models/asymkey/error.go

index 1d486082f46109773b497dca25689d1d7d512e85..03bc82302f1000c48cfd71bc05543e92f5684e75 100644 (file)
--- a/models/asymkey/error.go
+++ b/models/asymkey/error.go
@@ -24,6 +24,9 @@ func (err ErrKeyUnableVerify) Error() string {
         return fmt.Sprintf("Unable to verify key content [result: %s]", err.Result)
  }
  
+// ErrKeyIsPrivate is returned when the provided key is a private key not a public key
+var ErrKeyIsPrivate = util.NewSilentWrapErrorf(util.ErrInvalidArgument, "the provided key is a private key")
+
  // ErrKeyNotExist represents a "KeyNotExist" kind of error.
  type ErrKeyNotExist struct {
         ID int64
diff --git a/models/asymkey/ssh_key_parse.go b/models/asymkey/ssh_key_parse.go

index 1df6db6fa7219e6c632623eddc7bd03117ee416c..8693c87e76b2d9b15fe5b826cb6bf81dabd1663f 100644 (file)
--- a/models/asymkey/ssh_key_parse.go
+++ b/models/asymkey/ssh_key_parse.go
@@ -96,6 +96,9 @@ func parseKeyString(content string) (string, error) {
                         if block == nil {
                                 return "", fmt.Errorf("failed to parse PEM block containing the public key")
                         }
+                       if strings.Contains(block.Type, "PRIVATE") {
+                               return "", ErrKeyIsPrivate
+                       }
  
                         pub, err := x509.ParsePKIXPublicKey(block.Bytes)
                         if err != nil {
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini

index 8465660cc07561ae1b79fe7521121504bba35ace..26217293a5efafba6067f87412f75d43e9045644 100644 (file)
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -518,6 +518,7 @@ organization_leave_success = You have successfully left the organization %s.
  invalid_ssh_key = Cannot verify your SSH key: %s
  invalid_gpg_key = Cannot verify your GPG key: %s
  invalid_ssh_principal = Invalid principal: %s
+must_use_public_key = The key you provided is a private key. Please do not upload your private key anywhere. Use your public key instead.
  unable_verify_ssh_key = "Cannot verify the SSH key; double-check it for mistakes."
  auth_failed = Authentication failed: %v
  
diff --git a/routers/web/repo/setting.go b/routers/web/repo/setting.go

index da52957548be8b4ccdb1f2dc237a3fc867e61091..2cc263e5bbfd305ea67f19fe990f99c15fa9ef9e 100644 (file)
--- a/routers/web/repo/setting.go
+++ b/routers/web/repo/setting.go
@@ -1158,6 +1158,10 @@ func DeployKeysPost(ctx *context.Context) {
                         ctx.Flash.Info(ctx.Tr("settings.ssh_disabled"))
                 } else if asymkey_model.IsErrKeyUnableVerify(err) {
                         ctx.Flash.Info(ctx.Tr("form.unable_verify_ssh_key"))
+               } else if err == asymkey_model.ErrKeyIsPrivate {
+                       ctx.Data["HasError"] = true
+                       ctx.Data["Err_Content"] = true
+                       ctx.Flash.Error(ctx.Tr("form.must_use_public_key"))
                 } else {
                         ctx.Data["HasError"] = true
                         ctx.Data["Err_Content"] = true
diff --git a/routers/web/user/setting/keys.go b/routers/web/user/setting/keys.go

index 0ecc39ecd17ed5a3bb6953c2cd4e0cb9f8635d64..6debf95bbce06e7f55a787a79db3ad67a2fd5a6a 100644 (file)
--- a/routers/web/user/setting/keys.go
+++ b/routers/web/user/setting/keys.go
@@ -159,6 +159,8 @@ func KeysPost(ctx *context.Context) {
                                 ctx.Flash.Info(ctx.Tr("settings.ssh_disabled"))
                         } else if asymkey_model.IsErrKeyUnableVerify(err) {
                                 ctx.Flash.Info(ctx.Tr("form.unable_verify_ssh_key"))
+                       } else if err == asymkey_model.ErrKeyIsPrivate {
+                               ctx.Flash.Error(ctx.Tr("form.must_use_public_key"))
                         } else {
                                 ctx.Flash.Error(ctx.Tr("form.invalid_ssh_key", err.Error()))
                         }
author	zeripath <art27@cantab.net>
	Thu, 2 Feb 2023 18:25:54 +0000 (18:25 +0000)
committer	GitHub <noreply@github.com>
	Thu, 2 Feb 2023 18:25:54 +0000 (18:25 +0000)
models/asymkey/error.go		patch \| blob \| history
models/asymkey/ssh_key_parse.go		patch \| blob \| history
options/locale/locale_en-US.ini		patch \| blob \| history
routers/web/repo/setting.go		patch \| blob \| history
routers/web/user/setting/keys.go		patch \| blob \| history