direct-online/vito
2
0
Fork 0
mirror of https://github.com/vitodeploy/vito.git synced 2025-07-02 22:46:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update ssh key validation to accept other common standards (#228)

Browse Source
This commit is contained in:
Austin Kregel
2024-06-05 03:38:31 -04:00
committed by GitHub
parent 661292df5e
commit 3b42f93654
4 changed files with 198 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
app/ValidationRules/SshKeyRule.php
View File

@ -3,6 +3,8 @@
namespace App\ValidationRules;
use Illuminate\Contracts\Validation\Rule;
use phpseclib3\Crypt\PublicKeyLoader;
use phpseclib3\Exception\NoKeyLoadedException;
class SshKeyRule implements Rule
{
@ -15,29 +17,13 @@ class SshKeyRule implements Rule
*/
public function passes($attribute, $value)
{
$key_parts = explode(' ', $value, 3);
if (count($key_parts) < 2) {
return false;
}
if (count($key_parts) > 3) {
return false;
}
$algorithm = $key_parts[0];
$key = $key_parts[1];
if (! in_array($algorithm, ['ssh-rsa', 'ssh-dss'])) {
return false;
}
$key_base64_decoded = base64_decode($key, true);
if ($key_base64_decoded == false) {
return false;
}
$check = base64_decode(substr($key, 0, 16));
$check = preg_replace("/[^\w\-]/", '', $check);
if ((string) $check !== (string) $algorithm) {
return false;
}
try {
PublicKeyLoader::load($value);
return true;
return true;
} catch (NoKeyLoadedException $e) {
return false;
}
}
/**