| Message ID | 20240920174056.1729418-1-patrick.vogelaar@belden.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [swugenerator] fix: ignore space in key file | expand |
Hi Patrick, On 20.09.24 19:40, 'Patrick Vogelaar' via swupdate wrote: > The key file generated by openssl contains a space after iv which then was not > recognized and swugenerator failed because of iv being None. > > Added a check for iv being None and also ignore whitspaces in the key file. > > Signed-off-by: Patrick Vogelaar <patrick.vogelaar@belden.com> > --- > swugenerator/generator.py | 9 +++++++++ > swugenerator/main.py | 2 +- > tests/test_main.py | 8 ++++++++ > 3 files changed, 18 insertions(+), 1 deletion(-) > > diff --git a/swugenerator/generator.py b/swugenerator/generator.py > index f770c95..d2f0b90 100644 > --- a/swugenerator/generator.py > +++ b/swugenerator/generator.py > @@ -181,6 +181,11 @@ class SWUGenerator: > entry["filename"], > ) > if self.noivt: > + if not self.aesiv: > + logging.critical( > + "%s must be encrypted, but no initialization vector is given", > + entry["filename"], > + ) > iv = self.aesiv > else: > iv = self.generate_iv() > @@ -264,6 +269,10 @@ class SWUGenerator: > logging.critical( > "sw-description must be encrypted, but no encryption key is given" > ) > + if not self.aesiv: > + logging.critical( > + "sw-description must be encrypted, but no initialization vector is given" > + ) > > iv = self.aesiv > sw.fullfilename = swdesc_filename > diff --git a/swugenerator/main.py b/swugenerator/main.py > index 22ff0ee..b162710 100644 > --- a/swugenerator/main.py > +++ b/swugenerator/main.py > @@ -52,7 +52,7 @@ def extract_keys(keyfile: str) -> Tuple[Optional[str], Optional[str]]: > enc_key, init_vec = None, None > for line in lines: > key, value = ( > - line.rstrip("\n").split("=") if len(line.split("=")) == 2 else (None, None) > + line.replace(" ", "").rstrip("\n").split("=") if len(line.split("=")) == 2 else (None, None) > ) > if key == "key": > enc_key = value > diff --git a/tests/test_main.py b/tests/test_main.py > index 6612b2f..5dbf51f 100644 > --- a/tests/test_main.py > +++ b/tests/test_main.py > @@ -27,6 +27,12 @@ def valid_key_file(test_dir): > key_file_fd.write(f"key={VALID_KEY}\niv={VALID_IV}") > return key_file > > +@pytest.fixture(scope="session") > +def valid_key_file_2(test_dir): > + key_file = test_dir / VALID_KEY_FILE > + with key_file.open("w") as key_file_fd: > + key_file_fd.write(f"key={VALID_KEY}\niv ={VALID_IV}") > + return key_file > > @pytest.fixture(scope="session") > def invalid_key_file(test_dir): > @@ -40,6 +46,8 @@ def invalid_key_file(test_dir): > def test_extract_keys_returns_valid_tuple_from_valid_file(valid_key_file): > assert main.extract_keys(str(valid_key_file)) == (VALID_KEY, VALID_IV) > > +def test_extract_keys_returns_valid_tuple_from_valid_file_2(valid_key_file_2): > + assert main.extract_keys(str(valid_key_file_2)) == (VALID_KEY, VALID_IV) > > def test_extract_keys_returns_none_from_key_file_thats_invalid(invalid_key_file): > assert main.extract_keys(str(invalid_key_file)) == (VALID_KEY, None) Reviewed-by : Stefano Babic <stefano.babic@swupdate.org>
diff --git a/swugenerator/generator.py b/swugenerator/generator.py index f770c95..d2f0b90 100644 --- a/swugenerator/generator.py +++ b/swugenerator/generator.py @@ -181,6 +181,11 @@ class SWUGenerator: entry["filename"], ) if self.noivt: + if not self.aesiv: + logging.critical( + "%s must be encrypted, but no initialization vector is given", + entry["filename"], + ) iv = self.aesiv else: iv = self.generate_iv() @@ -264,6 +269,10 @@ class SWUGenerator: logging.critical( "sw-description must be encrypted, but no encryption key is given" ) + if not self.aesiv: + logging.critical( + "sw-description must be encrypted, but no initialization vector is given" + ) iv = self.aesiv sw.fullfilename = swdesc_filename diff --git a/swugenerator/main.py b/swugenerator/main.py index 22ff0ee..b162710 100644 --- a/swugenerator/main.py +++ b/swugenerator/main.py @@ -52,7 +52,7 @@ def extract_keys(keyfile: str) -> Tuple[Optional[str], Optional[str]]: enc_key, init_vec = None, None for line in lines: key, value = ( - line.rstrip("\n").split("=") if len(line.split("=")) == 2 else (None, None) + line.replace(" ", "").rstrip("\n").split("=") if len(line.split("=")) == 2 else (None, None) ) if key == "key": enc_key = value diff --git a/tests/test_main.py b/tests/test_main.py index 6612b2f..5dbf51f 100644 --- a/tests/test_main.py +++ b/tests/test_main.py @@ -27,6 +27,12 @@ def valid_key_file(test_dir): key_file_fd.write(f"key={VALID_KEY}\niv={VALID_IV}") return key_file +@pytest.fixture(scope="session") +def valid_key_file_2(test_dir): + key_file = test_dir / VALID_KEY_FILE + with key_file.open("w") as key_file_fd: + key_file_fd.write(f"key={VALID_KEY}\niv ={VALID_IV}") + return key_file @pytest.fixture(scope="session") def invalid_key_file(test_dir): @@ -40,6 +46,8 @@ def invalid_key_file(test_dir): def test_extract_keys_returns_valid_tuple_from_valid_file(valid_key_file): assert main.extract_keys(str(valid_key_file)) == (VALID_KEY, VALID_IV) +def test_extract_keys_returns_valid_tuple_from_valid_file_2(valid_key_file_2): + assert main.extract_keys(str(valid_key_file_2)) == (VALID_KEY, VALID_IV) def test_extract_keys_returns_none_from_key_file_thats_invalid(invalid_key_file): assert main.extract_keys(str(invalid_key_file)) == (VALID_KEY, None)
The key file generated by openssl contains a space after iv which then was not recognized and swugenerator failed because of iv being None. Added a check for iv being None and also ignore whitspaces in the key file. Signed-off-by: Patrick Vogelaar <patrick.vogelaar@belden.com> --- swugenerator/generator.py | 9 +++++++++ swugenerator/main.py | 2 +- tests/test_main.py | 8 ++++++++ 3 files changed, 18 insertions(+), 1 deletion(-)