Asymmetric vault: validate public key in client

The ipa vault commands now load and validate the public key for asymmetric encryption, before sending it to the server. This prevents invalid vaults and prohibits accidental exposure of private key material. https://fedorahosted.org/freeipa/ticket/5142 https://fedorahosted.org/freeipa/ticket/5143 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
2025-02-25 18:55:28 -06:00 · 2015-07-23 20:30:21 +02:00
parent 391ccabb9f
commit e4dff25838
1 changed files with 13 additions and 0 deletions
--- a/ipalib/plugins/vault.py
+++ b/ipalib/plugins/vault.py
@@ -665,6 +665,19 @@ class vault_add(PKQuery, Local):
                    name='ipavaultpublickey',
                    error=_('Missing vault public key'))

+            # validate public key and prevent users from accidentally
+            # sending a private key to the server.
+            try:
+                load_pem_public_key(
+                    data=public_key,
+                    backend=default_backend()
+                )
+            except ValueError as e:
+                raise errors.ValidationError(
+                    name='ipavaultpublickey',
+                    error=_('Invalid or unsupported vault public key: %s') % e,
+                )
+
        # create vault
        response = self.api.Command.vault_add_internal(*args, **options)