From 9f30fb635a06b743183aae2ac0b18f5ddf23176f Mon Sep 17 00:00:00 2001
From: Simon Leary <simon.leary42@proton.me>
Date: Mon, 7 Apr 2025 13:22:53 -0400
Subject: [PATCH 1/4] replace strlen hack with json

---
 webroot/js/ajax/ssh_generate.php | 26 ++++++++++++++------------
 webroot/panel/modal/new_key.php  | 19 +++++--------------
 2 files changed, 19 insertions(+), 26 deletions(-)

diff --git a/webroot/js/ajax/ssh_generate.php b/webroot/js/ajax/ssh_generate.php
index 6ea280b7..92e0e65e 100644
--- a/webroot/js/ajax/ssh_generate.php
+++ b/webroot/js/ajax/ssh_generate.php
@@ -4,20 +4,22 @@
 
 use phpseclib3\Crypt\RSA;
 
-echo "<pre>";
-
 $private = RSA::createKey(2048);
 $public = $private->getPublicKey();
 
-echo "<section class='pubKey'>";
-echo $public->toString('OpenSSH');
-echo "</section>";
-echo "<section class='privKey'>";
-if (isset($_GET["type"]) && $_GET["type"] == "ppk") {
-    echo $private->toString('PuTTY');
-} else {
-    echo $private;
+switch ($_GET["type"]) {
+    case "key":
+        break;
+    case "ppk":
+        $private = $private->toString("PuTTY");
+        break;
+    default:
+        $SITE->bad_request("invalid type '" . $_GET["type"] . "'");
 }
-echo "</section>";
 
-echo "</pre>";
+echo json_encode([
+    "pubkey" => $public->toString('OpenSSH'),
+    "privkey" => $private
+]);
+
+
diff --git a/webroot/panel/modal/new_key.php b/webroot/panel/modal/new_key.php
index 40c509fc..9df7df37 100644
--- a/webroot/panel/modal/new_key.php
+++ b/webroot/panel/modal/new_key.php
@@ -64,21 +64,13 @@
     });
 
     function generateKey(type) {
-        var pubSection = "<section class='pubKey'>";
-        var privSection = "<section class='privKey'>";
-        var endingSection = "</section>";
-
         $.ajax({
             url: "<?php echo $CONFIG["site"]["prefix"]; ?>/js/ajax/ssh_generate.php?type=" + type,
             success: function(result) {
-                var pubKey = result.substr(result.indexOf(pubSection) + pubSection.length,
-                result.indexOf(endingSection) - result.indexOf(pubSection) - pubSection.length);
-                var privKey = result.substr(result.indexOf(privSection) + privSection.length,
-                result.indexOf(endingSection, result.indexOf(endingSection) + 1) -
-                result.indexOf(privSection) - privSection.length);
-                $("input[type=hidden][name=gen_key]").val(pubKey);
-                downloadFile(privKey, "privkey." + type); // Force download of private key
-
+            success: function(outputJsonStr) {
+                const output = JSON.parse(outputJsonStr);
+                $("input[type=hidden][name=gen_key]").val(output.pubkey);
+                downloadFile(output.privkey, `privkey.${type}`); // Force download of private key
                 $("#newKeyform").submit();
             }
         });
@@ -104,8 +96,7 @@ function generateKey(type) {
                 key: key
             },
             success: function(result) {
-                const res = result.replace(key, "");
-                if (res == "true") {
+                if (result == "true") {
                     $("input[id=add-key]").prop("disabled", false);
                     $("textarea[name=key]").css("box-shadow", "none");
                 } else {

From 9caf586e94d36d3861929745b51680b7eabe3e17 Mon Sep 17 00:00:00 2001
From: Simon Leary <simon.leary42@proton.me>
Date: Mon, 7 Apr 2025 13:23:52 -0400
Subject: [PATCH 2/4] bad_request not implemented yet

---
 webroot/js/ajax/ssh_generate.php | 2 --
 1 file changed, 2 deletions(-)

diff --git a/webroot/js/ajax/ssh_generate.php b/webroot/js/ajax/ssh_generate.php
index 92e0e65e..8cceb9d3 100644
--- a/webroot/js/ajax/ssh_generate.php
+++ b/webroot/js/ajax/ssh_generate.php
@@ -13,8 +13,6 @@
     case "ppk":
         $private = $private->toString("PuTTY");
         break;
-    default:
-        $SITE->bad_request("invalid type '" . $_GET["type"] . "'");
 }
 
 echo json_encode([

From 44865cbfd6e9da2dfb31462f64a084c893c955a4 Mon Sep 17 00:00:00 2001
From: Simon Leary <simon.leary42@proton.me>
Date: Mon, 7 Apr 2025 13:26:07 -0400
Subject: [PATCH 3/4] end of file

---
 webroot/js/ajax/ssh_generate.php | 1 -
 1 file changed, 1 deletion(-)

diff --git a/webroot/js/ajax/ssh_generate.php b/webroot/js/ajax/ssh_generate.php
index 8cceb9d3..eadae718 100644
--- a/webroot/js/ajax/ssh_generate.php
+++ b/webroot/js/ajax/ssh_generate.php
@@ -20,4 +20,3 @@
     "privkey" => $private
 ]);
 
-

From 299063c44ce9127437f38d2eef18df9cb33f88be Mon Sep 17 00:00:00 2001
From: Simon Leary <simon.leary42@proton.me>
Date: Mon, 7 Apr 2025 13:42:58 -0400
Subject: [PATCH 4/4] fix style

---
 webroot/js/ajax/ssh_generate.php | 1 -
 1 file changed, 1 deletion(-)

diff --git a/webroot/js/ajax/ssh_generate.php b/webroot/js/ajax/ssh_generate.php
index eadae718..5a70f51d 100644
--- a/webroot/js/ajax/ssh_generate.php
+++ b/webroot/js/ajax/ssh_generate.php
@@ -19,4 +19,3 @@
     "pubkey" => $public->toString('OpenSSH'),
     "privkey" => $private
 ]);
-