def generate_key_pair(request):
"""
Response to generate private/public RSA key pair
"""
get_user(request, settings.ASTAKOS_AUTH_URL)
if request.method != "POST":
return http.HttpResponseNotAllowed(["POST"])
if not SUPPORT_GENERATE_KEYS:
raise Exception("Application does not support ssh keys generation")
if PublicKeyPair.user_limit_exceeded(request.user_uniq):
return http.HttpResponseServerError("SSH keys limit exceeded")
# generate RSA key
from Crypto import Random
Random.atfork()
key = rsakey.RSA.generate(SSH_KEY_LENGTH)
# get PEM string
pem = exportKey(key, 'PEM')
public_data = Message()
public_data.add_string('ssh-rsa')
public_data.add_mpint(key.key.e)
public_data.add_mpint(key.key.n)
# generate public content
public = str("ssh-rsa %s" % base64.b64encode(str(public_data)))
data = {'private': pem, 'public': public}
return http.HttpResponse(json.dumps(data), mimetype="application/json")
def create_new_keypair(request):
"""Generates or imports a keypair.
Normal response code: 201
Error response codes: badRequest(400), unauthorized(401), forbidden(403),
conflict(409)
"""
userid = request.credentials.userid
if PublicKeyPair.user_limit_exceeded(userid):
return HttpResponseServerError("SSH keys limit exceeded")
req = utils.get_json_body(request)
try:
keypair = req['keypair']
assert(isinstance(req, dict))
name = keypair['name']
except (KeyError, AssertionError):
raise faults.BadRequest('Malformed request.')
if re.match(key_name_regex, name) is None:
raise faults.BadRequest('Invalid name format')
try:
# If the key with the same name exists in the database
# a conflict error will be raised
util.get_keypair(name, userid)
# If we get past this point then the key is already present
# in the database
raise faults.Conflict('A keypair with that name already exists')
except faults.ItemNotFound:
new_keypair = PublicKeyPair(name=name, user=userid)
gen_keypair = None
try:
new_keypair.content = keypair['public_key']
except KeyError:
# If the public_key field is omitted, generate a new
# keypair and return both the private and the public key
if not SUPPORT_GENERATE_KEYS:
raise faults.Forbidden(
"Application does not support ssh keys generation")
gen_keypair = generate_keypair()
new_keypair.content = gen_keypair['public']
new_keypair.save()
data = keypair_to_dict(new_keypair)
if gen_keypair is not None:
data['keypair']['private_key'] = gen_keypair['private']
return HttpResponse(json.dumps(data), status=201)
def create_new_keypair(request):
"""Generates or imports a keypair.
Normal response code: 201
Error response codes: badRequest(400), unauthorized(401), forbidden(403),
conflict(409)
"""
userid = request.credentials.userid
if PublicKeyPair.user_limit_exceeded(userid):
return HttpResponseServerError("SSH keys limit exceeded")
req = utils.get_json_body(request)
try:
keypair = req['keypair']
assert (isinstance(req, dict))
name = keypair['name']
except (KeyError, AssertionError):
raise faults.BadRequest('Malformed request.')
if re.match(key_name_regex, name) is None:
raise faults.BadRequest('Invalid name format')
try:
# If the key with the same name exists in the database
# a conflict error will be raised
util.get_keypair(name, userid)
# If we get past this point then the key is already present
# in the database
raise faults.Conflict('A keypair with that name already exists')
except faults.ItemNotFound:
new_keypair = PublicKeyPair(name=name, user=userid)
gen_keypair = None
try:
new_keypair.content = keypair['public_key']
except KeyError:
# If the public_key field is omitted, generate a new
# keypair and return both the private and the public key
if not SUPPORT_GENERATE_KEYS:
raise faults.Forbidden(
"Application does not support ssh keys generation")
gen_keypair = generate_keypair()
new_keypair.content = gen_keypair['public']
new_keypair.save()
data = keypair_to_dict(new_keypair)
if gen_keypair is not None:
data['keypair']['private_key'] = gen_keypair['private']
return HttpResponse(json.dumps(data), status=201)
def create_new_keypair(request):
"""
Response to generate private/public RSA key pair
"""
get_user(request, settings.ASTAKOS_AUTH_URL)
if request.method != "POST":
return http.HttpResponseNotAllowed(["POST"])
if not SUPPORT_GENERATE_KEYS:
raise Exception("Application does not support ssh keys generation")
if PublicKeyPair.user_limit_exceeded(request.user_uniq):
return http.HttpResponseServerError("SSH keys limit exceeded")
data = generate_keypair()
return http.HttpResponse(json.dumps(data), content_type="application/json")
