ssh key validation

resources/lib/UnitySite.php

@@ -2,6 +2,8 @@
 
 namespace UnityWebPortal\lib;
 
+use phpseclib3\Crypt\PublicKeyLoader;
+
 class UnitySite
 {
     public static function redirect($destination)
@@ -50,4 +52,14 @@ public static function getConfig($conf_path)
         $arr = parse_ini_file($conf_path, true);
         return $arr;
     }
+
+    public static function testValidSSHKey($key_str)
+    {
+        try {
+            PublicKeyLoader::load($key_str);
+            return true;
+        } catch (\Exception $e) {
+            return false;
+        }
+    }
 }

webroot/js/ajax/ssh_validate.php

@@ -0,0 +1,12 @@
+<?php
+
+require "../../../resources/autoload.php";
+
+use phpseclib3\Crypt\PublicKeyLoader;
+
+try {
+    PublicKeyLoader::load($_POST['key'], $password = false);
+    echo "true";
+} catch (Exception $e) {
+    echo "false";
+}

webroot/panel/account.php

@@ -6,17 +6,32 @@
 
 require_once $LOC_HEADER;
 
+$invalid_ssh_dialogue = "<script type='text/javascript'>
+alert('Invalid SSH key. Please verify your public key file is valid.');
+</script>";
+
 if ($_SERVER['REQUEST_METHOD'] == "POST") {
     switch ($_POST["form_type"]) {
         case "addKey":
             $added_keys = array();
 
             switch ($_POST["add_type"]) {
                 case "paste":
-                    array_push($added_keys, $_POST["key"]);
+                    $key = $_POST["key"];
+                    if (UnitySite::testValidSSHKey($key)) {
+                        array_push($added_keys, $key);
+                    } else {
+                        echo $invalid_ssh_dialogue;
+                    }
                     break;
                 case "import":
-                    array_push($added_keys, file_get_contents($_FILES['keyfile']['tmp_name']));
+                    $keyfile = $_FILES["keyfile"]["tmp_name"];
+                    $key = file_get_contents($keyfile);
+                    if (UnitySite::testValidSSHKey($key)) {
+                        array_push($added_keys, $key);
+                    } else {
+                        echo $invalid_ssh_dialogue;
+                    }
                     break;
                 case "generate":
                     array_push($added_keys, $_POST["gen_key"]);

webroot/panel/modal/new_key.php

@@ -32,7 +32,7 @@
     <div id="key_paste">
         <textarea placeholder="ssh-rsa AAARs1..." form="newKeyform" name="key"></textarea>
 
-        <input type="submit" value="Add Key">
+        <input type="submit" value="Add Key" id="add-key">
     </div>
 
     <div style="display: none;" id="key_import">
@@ -90,4 +90,26 @@
             }
         });
     });
+
+    $("textarea[name=key]").on("input", function() {
+        var key = $(this).val();
+        $.ajax({
+            url: "<?php echo $CONFIG["site"]["prefix"]; ?>/js/ajax/ssh_validate.php",
+            type: "POST",
+            data: {
+                key: key
+            },
+            success: function(result) {
+                const res = result.replace(key, "");
+                if (res == "true") {
+                    $("input[id=add-key]").prop("disabled", false);
+                    $("textarea[name=key]").css("box-shadow", "none");
+                } else {
+                    $("input[id=add-key]").prop("disabled", true);
+                    $("textarea[name=key]").css("box-shadow", "0 0 0 0.3rem rgba(220, 53, 69, 0.25)");
+                }
+            }
+        });
+    });
+
 </script>