Add an example of the format in the private key form.

emiliosanchez · emiliosanchez · commit 38480747b4aa · 2013-05-06T12:21:31.000Z
Check if the private key is valid. Fixes ietf-tools#1004 - Legacy-Id: 5697
diff --git a/ietf/nomcom/forms.py b/ietf/nomcom/forms.py
@@ -26,7 +26,7 @@
                               INEXISTENT_PERSON_TEMPLATE, NOMINEE_EMAIL_TEMPLATE, \
                               NOMINATION_RECEIPT_TEMPLATE, FEEDBACK_RECEIPT_TEMPLATE, \
                               get_user_email, get_hash_nominee_position, get_year_by_nomcom, \
-                              HEADER_QUESTIONNAIRE_TEMPLATE
+                              HEADER_QUESTIONNAIRE_TEMPLATE, validate_private_key
 from ietf.nomcom.decorators import member_required
 
 ROLODEX_URL = getattr(settings, 'ROLODEX_URL', None)
@@ -758,6 +758,15 @@ class PrivateKeyForm(BaseNomcomForm, forms.Form):
 
     fieldsets = [('Private key', ('key',))]
 
+    def clean_key(self):
+        key = self.cleaned_data.get('key', None)
+        if not key:
+            return
+        (validation, error) = validate_private_key(key)
+        if validation:
+            return key
+        raise forms.ValidationError('Invalid private key. Error was: %s' % error)
+
 
 class PendingFeedbackForm(BaseNomcomForm, forms.ModelForm):
 
diff --git a/ietf/nomcom/utils.py b/ietf/nomcom/utils.py
@@ -1,6 +1,8 @@
+import email
 import hashlib
+import os
 import re
-import email
+import tempfile
 
 from django.conf import settings
 from django.core.exceptions import PermissionDenied
@@ -156,3 +158,16 @@ def parse_email(text):
     body = extract_body(msg.get_payload())
 
     return msg['From'], msg['Subject'], body
+
+
+def validate_private_key(key):
+    key_file = tempfile.NamedTemporaryFile(delete=False)
+    key_file.write(key)
+    key_file.close()
+
+    command = "%s rsa -in %s -check -noout"
+    code, out, error = pipe(command % (settings.OPENSSL_COMMAND,
+                                       key_file.name))
+
+    os.unlink(key_file.name)
+    return (not error, error)
diff --git a/ietf/templates/nomcom/private_key.html b/ietf/templates/nomcom/private_key.html
@@ -5,7 +5,17 @@
 {% block nomcom_content %}
 <h2>Enter private key</h2>
 
-<p>In order to access the {{ nomcom.group }} data you have to enter your private key. Please paste it in the text area below.</p>
+<p>In order to access the {{ nomcom.group }} data you have to enter your private key. Please paste it in the text area below. The key must be in the following format:</p>
+
+<pre>
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDC1WgGTQjX1BHC
+jecwXk05g/r3feSAcErTQwszpjg3tixqQ+tLXQ2HuQLFDgWT26jd4FR7UPMUC9lE
+...
+8JA+eKl1wgzm/y+TwEbdxnj950jch0nqZUm+kx3omy9GRAx9qWP5r7Ot4Fx8uBbo
+CKn79FUPkVdlG8miRUY2UIU=
+-----END PRIVATE KEY-----
+</pre>
 
 <p>If you don't have a private key, please contact the group chair. You can leave the key empty and continue navigation without access to the encrypted data.</p>
 
