From 9eae8d891a8b5d5320cb38b8e697681802cbf573 Mon Sep 17 00:00:00 2001 From: Christian Heimes Date: Thu, 23 Jul 2015 20:30:21 +0200 Subject: [PATCH] Asymmetric vault: validate public key in client The ipa vault commands now load and validate the public key for asymmetric encryption, before sending it to the server. This prevents invalid vaults and prohibits accidental exposure of private key material. https://fedorahosted.org/freeipa/ticket/5142 https://fedorahosted.org/freeipa/ticket/5143 Reviewed-By: Petr Vobornik --- ipalib/plugins/vault.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/ipalib/plugins/vault.py b/ipalib/plugins/vault.py index 055e8d00f1616c15b217e7570eeedd46efba7c81..ac608f5c7e2779da138c75a0f02bd5546f4aeffd 100644 --- a/ipalib/plugins/vault.py +++ b/ipalib/plugins/vault.py @@ -665,6 +665,19 @@ class vault_add(PKQuery, Local): name='ipavaultpublickey', error=_('Missing vault public key')) + # validate public key and prevent users from accidentally + # sending a private key to the server. + try: + load_pem_public_key( + data=public_key, + backend=default_backend() + ) + except ValueError as e: + raise errors.ValidationError( + name='ipavaultpublickey', + error=_('Invalid or unsupported vault public key: %s') % e, + ) + # create vault response = self.api.Command.vault_add_internal(*args, **options) -- 2.4.3