From 9eae8d891a8b5d5320cb38b8e697681802cbf573 Mon Sep 17 00:00:00 2001

From: Christian Heimes <cheimes@redhat.com>

Date: Thu, 23 Jul 2015 20:30:21 +0200

Subject: [PATCH] Asymmetric vault: validate public key in client

The ipa vault commands now load and validate the public key for

asymmetric encryption, before sending it to the server. This prevents

invalid vaults and prohibits accidental exposure of private key

material.

https://fedorahosted.org/freeipa/ticket/5142

https://fedorahosted.org/freeipa/ticket/5143

Reviewed-By: Petr Vobornik <pvoborni@redhat.com>

---

 ipalib/plugins/vault.py | 13 +++++++++++++

 1 file changed, 13 insertions(+)

diff --git a/ipalib/plugins/vault.py b/ipalib/plugins/vault.py

index 055e8d00f1616c15b217e7570eeedd46efba7c81..ac608f5c7e2779da138c75a0f02bd5546f4aeffd 100644

--- a/ipalib/plugins/vault.py

+++ b/ipalib/plugins/vault.py

@@ -665,6 +665,19 @@ class vault_add(PKQuery, Local):

                     name='ipavaultpublickey',

                     error=_('Missing vault public key'))

+            # validate public key and prevent users from accidentally

+            # sending a private key to the server.

+            try:

+                load_pem_public_key(

+                    data=public_key,

+                    backend=default_backend()

+                )

+            except ValueError as e:

+                raise errors.ValidationError(

+                    name='ipavaultpublickey',

+                    error=_('Invalid or unsupported vault public key: %s') % e,

+                )

+

         # create vault

         response = self.api.Command.vault_add_internal(*args, **options)

-- 

2.4.3