allow inputting empty password in case ssh key is not encrypted

CSCfi · Jan 22, 2024 · b11b024 · b11b024
1 parent 19f699f
commit b11b024
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 11 deletions.
diff --git a/sda_uploader/__main__.py b/sda_uploader/__main__.py
@@ -14,7 +14,7 @@ def main() -> None:
     print("3. Write SFTP username, server and port to SFTP Credentials")
     print("4. Load your SFTP identity key, or leave empty for password authentication")
     print("5. Click [Encrypt and Upload File(s)] to upload selected file or directory")
-    print("6. Password for SFTP key or, username authentication will be prompted\n")
+    print("6. Password for encrypted SSH key or, username authentication will be prompted\n")
     root.mainloop()
     gui.cleanup()
 

diff --git a/sda_uploader/gui.py b/sda_uploader/gui.py
@@ -97,7 +97,7 @@ def __init__(self, window: tk.Tk) -> None:
         if sftp_server_credentials and len(sftp_server_credentials) > 0:
             self.sftp_server_value.set(sftp_server_credentials)
 
-        self.sftp_key_label = tk.Label(window, text="SFTP Key")
+        self.sftp_key_label = tk.Label(window, text="SSH Key")
         self.sftp_key_label.grid(column=0, row=8, sticky=tk.W)
         self.sftp_key_value = tk.StringVar()
         self.sftp_key_field = tk.Entry(window, width=OS_CONFIG["field_width"], textvariable=self.sftp_key_value)
@@ -141,7 +141,7 @@ def __init__(self, window: tk.Tk) -> None:
 
         self.load_sftp_key_button = tk.Button(
             window,
-            text="Load SFTP Key",
+            text="Load SSH Key",
             width=OS_CONFIG["config_button_width"],
             command=partial(self.open_file, "sftp_key"),
         )
@@ -157,7 +157,7 @@ def __init__(self, window: tk.Tk) -> None:
         self.encrypt_button.grid(column=1, row=7, sticky=tk.E, columnspan=2, rowspan=3)
 
         self.remember_pass = tk.IntVar()
-        self.passwords = {"sftp_key": ""}
+        self.passwords: Dict[str, Union[str, bool]] = {"sftp_password": "", "asked_password": False}
         self.remember_password = tk.Checkbutton(window, text="Save password for this session", variable=self.remember_pass, onvalue=1, offvalue=0)
         self.remember_password.grid(column=1, row=10, sticky=tk.E)
 
@@ -196,15 +196,17 @@ def open_file(self, action: str) -> None:
 
     def _do_upload(self, private_key: bytes) -> None:
         # Ask for RSA key password
-        sftp_password = self.passwords["sftp_key"]
-        while len(sftp_password) == 0:
-            _prompted_password = askstring("SFTP Passphrase", "Passphrase for SFTP KEY or Username", show="*")
-            # This if-clause is for resetting the password prompt if it is empty
+        sftp_password: str = str(self.passwords["sftp_password"])
+        if not self.passwords["asked_password"]:
+            _prompted_password = askstring("SFTP Passphrase", "Passphrase for SSH KEY or SFTP Username.\nLeave empty if using unencrypted SSH Key.", show="*")
             if _prompted_password is None:
+                # This if-clause is for closing the prompt without proceeding with the upload workflow
                 return
             sftp_password = str(_prompted_password)  # must cast to string, because initial type allows None values
             if self.remember_pass.get():
-                self.passwords["sftp_key"] = sftp_password
+                # password is stored only for this session, in case the user wants to upload again
+                self.passwords["sftp_password"] = sftp_password
+            self.passwords["asked_password"] = True
         # Test SFTP connection
         sftp_username = self.sftp_username_value.get()
         sftp_hostname, sftp_port = "", 22
@@ -235,6 +237,7 @@ def _do_upload(self, private_key: bytes) -> None:
                 self.sftp_upload(sftp=sftp, target=self.file_value.get(), private_key=private_key, public_key=public_key)
         else:
             print("Could not form SFTP connection.")
+            self.passwords["asked_password"] = False  # resetting prompt in case password was wrong
 
     def _start_process(self) -> None:
         if self.their_key_value.get() and self.file_value.get() and self.sftp_username_value.get() and self.sftp_server_value.get():

diff --git a/sda_uploader/sftp.py b/sda_uploader/sftp.py
@@ -15,7 +15,7 @@ def _sftp_connection(username: str = "", hostname: str = "", port: int = 22, sft
     transport = paramiko.Transport((hostname, int(port)))
     paramiko_key: paramiko.PKey
     try:
-        print("Testing if SFTP key is of type RSA")
+        print("Testing if SSH key is of type RSA")
         paramiko_key = paramiko.rsakey.RSAKey.from_private_key_file(sftp_key, password=sftp_pass)
         transport.connect(
             username=username,
@@ -29,7 +29,7 @@ def _sftp_connection(username: str = "", hostname: str = "", port: int = 22, sft
         transport.close()
     # Test if key is ed25519
     try:
-        print("Testing if SFTP key is of type Ed25519")
+        print("Testing if SSH key is of type Ed25519")
         paramiko_key = paramiko.ed25519key.Ed25519Key(filename=sftp_key, password=sftp_pass)
         transport.connect(
             username=username,