Fixed validator

repleo · Feb 21, 2023 · 842ae37 · 842ae37
1 parent 755a8ff
commit 842ae37
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 7 deletions.
diff --git a/api/serializers.py b/api/serializers.py
@@ -81,17 +81,18 @@ def validate_passphrase_out(self, passphrase_out):
         return None
 
     def validate_passphrase_issuer(self, passphrase_issuer):
-        if passphrase_issuer:
-            if not self.initial_data.get("parent"):
-                raise serializers.ValidationError(
-                    "You should provide a parent certificate if you provide an issuer passphrase"
-                )
+        if self.initial_data.get("parent"):
             parent = Certificate.objects.get(pk=self.initial_data.get("parent"))
             try:
                 if not parent.is_passphrase_valid(passphrase_issuer):
                     raise serializers.ValidationError("Passphrase incorrect. Not allowed to revoke your certificate")
             except KeyStore.DoesNotExist:
                 raise serializers.ValidationError("Certificate has no cert, something went wrong during generation")
+        else:
+            if passphrase_issuer:
+                raise serializers.ValidationError(
+                    "You should provide a parent certificate if you provide an issuer passphrase"
+                )
         return passphrase_issuer
 
     def validate_passphrase_out_confirmation(self, passphrase_out_confirmation):

diff --git a/certificate_engine/ssl/certificate.py b/certificate_engine/ssl/certificate.py
@@ -458,7 +458,7 @@ def _get_issuer_key(cert_request, passphrase_issuer):
         try:
             if cert_request.parent:
                 issuer_key = Key().load(cert_request.parent.keystore.key, passphrase_issuer)
-        except ValueError:
+        except (ValueError, TypeError):
             raise PassPhraseError("Bad passphrase, could not decode issuer key")
         return issuer_key
 

diff --git a/certificate_engine/ssl/key.py b/certificate_engine/ssl/key.py
@@ -111,7 +111,7 @@ def load(self, pem: str, passphrase: Optional[str] = None) -> "Key":
                 pem.encode("utf-8"), passphrase.encode("utf-8") if passphrase else None, backend=default_backend()
             )
             self._key = cast(CERTIFICATE_PRIVATE_KEY_TYPES, deserialized_key)
-        except ValueError:
+        except (ValueError, TypeError):
             raise ValueError("Bad decrypt. Incorrect password?")
         return self