util.validation¶
General validation utilities for Trustpoint.
Module Contents¶
- util.validation.validate_common_name_characters(common_name)[source]¶
Validate that the common name contains only safe characters and no URL-like constructs.
- Parameters:
common_name (str)
- Return type:
None
- util.validation.validate_application_uri(application_uri)[source]¶
Validate that the application URI has a valid scheme and is not HTTP/HTTPS.
- Parameters:
application_uri (str)
- Return type:
None
- util.validation.validate_webhook_url(url)[source]¶
Validate that the webhook URL is safe and doesn’t allow SSRF attacks.
Implements comprehensive SSRF protection following OWASP guidelines: - Input validation and sanitization - URL parsing and scheme validation - Port number restrictions - Hostname validation - DNS resolution and IP address validation - Blocking of private/internal networks
- Parameters:
url (str)
- Return type:
None
- util.validation.validate_remote_ca_connection(host, port, path, *, allow_localhost=True)[source]¶
Validate remote CA connection parameters for safety.
- Parameters:
host (str) – The hostname or IP address of the remote CA.
port (int | None) – The port number (can be None for default).
path (str) – The URL path for the CA endpoint.
allow_localhost (bool) – Whether to allow localhost connections (default True for testing).
- Return type:
None