From 9eae8d891a8b5d5320cb38b8e697681802cbf573 Mon Sep 17 00:00:00 2001
From: Christian Heimes <cheimes@redhat.com>
Date: Thu, 23 Jul 2015 20:30:21 +0200
Subject: [PATCH] Asymmetric vault: validate public key in client

The ipa vault commands now load and validate the public key for
asymmetric encryption, before sending it to the server. This prevents
invalid vaults and prohibits accidental exposure of private key
material.

https://fedorahosted.org/freeipa/ticket/5142
https://fedorahosted.org/freeipa/ticket/5143

Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
---
 ipalib/plugins/vault.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/ipalib/plugins/vault.py b/ipalib/plugins/vault.py
index 055e8d00f1616c15b217e7570eeedd46efba7c81..ac608f5c7e2779da138c75a0f02bd5546f4aeffd 100644
--- a/ipalib/plugins/vault.py
+++ b/ipalib/plugins/vault.py
@@ -665,6 +665,19 @@ class vault_add(PKQuery, Local):
                     name='ipavaultpublickey',
                     error=_('Missing vault public key'))
 
+            # validate public key and prevent users from accidentally
+            # sending a private key to the server.
+            try:
+                load_pem_public_key(
+                    data=public_key,
+                    backend=default_backend()
+                )
+            except ValueError as e:
+                raise errors.ValidationError(
+                    name='ipavaultpublickey',
+                    error=_('Invalid or unsupported vault public key: %s') % e,
+                )
+
         # create vault
         response = self.api.Command.vault_add_internal(*args, **options)
 
-- 
2.4.3