Calculate the Subject Key Identifier as suggested in RFC 5280, Section 4.2.1.2
> (1) The keyIdentifier is composed of the 160-bit SHA-1 hash of the
value of the BIT STRING subjectPublicKey (excluding the tag,
length, and number of unused bits).
fixes#11153
This function call was previously used to generate mappings from
potential subjects (or SANs) to certificates within the TLS client
object. However, newer Go versions have deprecated this method, instead
building the mapping automatically based on present certificates at
request time. Because the corresponding client configuration field is
not used in Vault (NameToCertificate), it is safe to remove this call
and leave it nil.
See also: 67d894ee65
See also: https://pkg.go.dev/crypto/tls#Config.BuildNameToCertificate
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add auto_rotate_interval field to transit key creation path.
* Add auto_rotate_interval field to transit key config update path.
* Implement transit automatic key rotation on an hourly interval.
* Fixes transit key autorotation key listing typo.
* Add unit tests for transit key autorotation.
* Add unit tests for transit key creation with autorotation interval.
* Add unit tests for transit key config update with autorotation interval.
* Document new auto_rotate_interval fields in key creation and key config update endpoints.
* Add changelog for transit key autorotation.
* Wrap individual transit key autorotation in a policy lock.
* Add a safeguard to transit key autorotation to ensure only one execution happens simultaneously.
* use GetOkErr in patch handler so unknown fields result in error response
* do not error on unknown fields for patch handling
* godoc update for HandlePatchOperation
* Add a parameter that disables escaping characters in the username or password fields for secrets engines database connections
* Always disallow template variables inside the username or password
* Allow universal default for key_bits
This allows the key_bits field to take a universal default value, 0,
which, depending on key_type, gets adjusted appropriately into a
specific default value (rsa->2048, ec->256, ignored under ed25519).
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Handle universal default key size in certutil
Also move RSA < 2048 error message into certutil directly, instead of in
ca_util/path_roles.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add missing RSA key sizes to pki/backend_test.go
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Switch to returning updated values
When determining the default, don't pass in pointer types, but instead
return the newly updated value.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Re-add fix for ed25519 from #13254
Ed25519 internally specifies a hash length; by changing the default from
256 to 0, we fail validation in ValidateSignatureLength(...) unless we
specify the key algorithm.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* VAULT-1564 report in-flight requests
* adding a changelog
* Changing some variable names and fixing comments
* minor style change
* adding unauthenticated support for in-flight-req
* adding documentation for the listener.profiling stanza
* adding an atomic counter for the inflight requests
addressing comments
* addressing comments
* logging completed requests
* fixing a test
* providing log_requests_info as a config option to determine at which level requests should be logged
* removing a member and a method from the StatusHeaderResponseWriter struct
* adding api docks
* revert changes in NewHTTPResponseWriter
* Fix logging invalid log_requests_info value
* Addressing comments
* Fixing a test
* use an tomic value for logRequestsInfo, and moving the CreateClientID function to Core
* fixing go.sum
* minor refactoring
* protecting InFlightRequests from data race
* another try on fixing a data race
* another try to fix a data race
* addressing comments
* fixing couple of tests
* changing log_requests_info to log_requests_level
* minor style change
* fixing a test
* removing the lock in InFlightRequests
* use single-argument form for interface assertion
* adding doc for the new configuration paramter
* adding the new doc to the nav data file
* minor fix
* Adding support for SHA3 in the transit backend.
* Adds SHA-3 tests for transit sign/verify path. Adds SHA-3 tests for logical system tools path hash functionality. Updates documentation to include SHA-3 algorithms in system tools path hashing.
* Adds changelog entry.
Co-authored-by: robison jacka <robison@packetized.io>
* skip hash bits verification for ed25519 #13253
The default value or *hashBits is 0 and will fail
at ValidateSignatureLength for ed25519. ed25519
specifies its own hash, so avoid hashBits validation for
ed25519 curve.
* Unify NewHTTPResponseWriter ant NewStatusHeaderResponseWriter to fix ResponseWriter issues
* adding changelog
* removing unnecessary function from the WrappingResponseWriter interface
* changing logical requests responseWriter type
* reverting change to HTTPResponseWriter
In the Counter-mode KBKDF implementation, due to the nature of the PRF
(being implemented as a function rather than a hash.Hash instance), we
need to allocate a buffer capable of storing the entire input to the
PRF. This consists of the user-supplied context with 8 additional bytes
(4 before and 4 after) of encoded integers.
If the user supplies a maximally-sized context, the internally allocated
buffer's size computation will overflow, resulting in a runtime panic.
Guard against this condition.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add extra debugging to help identify failures within mssql test
* Switch up the AssertInitialized method for mssql tests by marking the test as failed instead of
immediately failing, this will also allow us to see what happens even if this assertion fails to the rest
of the test.
* Restrict ECDSA signatures with NIST P-Curve hashes
When using an ECDSA signature with a NIST P-Curve, we should follow
recommendations from BIS (Section 4.2) and Mozilla's root store policy
(section 5.1.2) to ensure that arbitrary selection of signature_bits
does not exceed what the curve is capable of signing.
Related: #11245
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Switch to certutil.ValidateKeyTypeSignatureLength(...)
Replaces previous calls to certutil.ValidateKeyTypeLength(...) and
certutil.ValidateSignatureLength(...) with a single call, allowing for
curve<->hash validation.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Switch to autodetection of signature_bits
This enables detection of whether the caller manually specified a value
for signature_bits or not; when not manually specified, we can provision
a value that complies with new NIST P-Curve policy.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Select hash function length automatically
Due to our change in behavior (to default to -1 as the value to
signature_bits to allow for automatic hash selection), switch
ValidateKeyTypeSignatureLength(...) to accept a pointer to hashBits and
provision it with valid default values.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Prevent invalid Curve size lookups
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Switch from -1 to 0 as default SignatureBits
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* certutil: select appropriate hash algorithm for ECDSA signature
Select the appropriate signature algorithm for certificates signed
with an ECDSA private key.
The algorithm is selected based on the curve:
- P-256 -> x509.ECDSAWithSHA256
- P-384 -> x509.ECDSAWithSHA384
- P-521 -> x509.ECDSAWithSHA512
- Other -> x509.ECDSAWithSHA256
fixes#11006
* fix adding clientID to request in audit log
* fix boolean statement
* use standard encoding for client ID instead of urlEncoding
* change encoding in tests
* add in client counts to request handling
* remove redundant client ID generation in request handling
* directly add clientID to req after handling token usage
* Modernize SSH key lengths
No default change was made in this commit; note that the code already
enforced a default of 2048 bits. ssh-keygen and Go's RSA key generation
allows for key sizes including 3072, 4096, 8192; update the values of
SSH key generation to match PKI's allowed RSA key sizes (from
certutil.ValidateKeyTypeLength(...)). We still allow the legacy SSH key
size of 1024; in the near future we should likely remove it.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Ensure minimum of 2048-bit PKI RSA keys
While the stated path is a false-positive, verifying all paths is
non-trivial. We largely validate API call lengths using
certutil.ValidateKeyTypeLength(...), but ensuring no other path calls
certutil.generatePrivateKey(...) --- directly or indirectly --- is
non-trivial. Thus enforcing a minimum in this method sounds like a sane
compromise.
Resolves: https://github.com/hashicorp/vault/security/code-scanning/55
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* handle HTTP PATCH requests as logical.PatchOperation
* update go.mod, go.sum
* a nil response for logical.PatchOperation should result in 404
* respond with 415 for incorrect MIME type in PATCH Content-Type header
* add abstraction to handle PatchOperation requests
* add ACLs for patch
* Adding JSON Merge support to the API client
* add HTTP PATCH tests to check high level response logic
* add permission-based 'kv patch' tests in prep to add HTTP PATCH
* adding more 'kv patch' CLI command tests
* fix TestHandler_Patch_NotFound
* Fix TestKvPatchCommand_StdinValue
* add audit log test for HTTP PATCH
* patch CLI changes
* add patch CLI tests
* change JSONMergePatch func to accept a ctx
* fix TestKVPatchCommand_RWMethodNotExists and TestKVPatchCommand_RWMethodSucceeds to specify -method flag
* go fmt
* add a test to verify patching works by default with the root token
* add changelog entry
* get vault-plugin-secrets-kv@add-patch-support
* PR feedback
* reorder some imports; go fmt
* add doc comment for HandlePatchOperation
* add json-patch@v5.5.0 to go.mod
* remove unnecessary cancelFunc for WriteBytes
* remove default for -method
* use stable version of json-patch; go mod tidy
* more PR feedback
* temp go get vault-plugin-secrets-kv@master until official release
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
* store unauthenticated path wildcards in map
* working unauthenticated paths with basic unit tests
* refactor wildcard logic
* add parseUnauthenticatedPaths unit tests
* use parseUnauthenticatedPaths when reloading backend
* add more wildcard test cases
* update special paths doc; add changelog
* remove buggy prefix check; add test cases
* prevent false positives for prefix matches
If we ever encounter a mismatched segment, break and set a flag to
prevent false positives for prefix matches.
If it is a match we need to do a prefix check. But we should not return
unless HasPrefix also evaluates to true. Otherwise we should let the for
loop continue to check other possibilities and only return false once
all wildcard paths have been evaluated.
* refactor switch and add more test cases
* remove comment leftover from debug session
* add more wildcard path validation and test cases
* update changelong; feature -> improvement
* simplify wildcard segment matching logic
* refactor wildcard matching into func
* fix glob matching, add more wildcard validation, refactor
* refactor common wildcard errors to func
* move doc comment to logical.Paths
* optimize wildcard paths storage with pre-split slices
* fix comment typo
* fix test case after changing wildcard paths storage type
* move prefix check to parseUnauthenticatedPaths
* tweak regex, remove unneeded array copy, refactor
* add test case around wildcard and glob matching
* remove cruft
use helper
Add a helper for getting public key sizes
wip
* error names
* Fix ecdsa
* only if trace is on
* Log listener side as well
* rename
* Add remote address
* Make the log level configurable via the env var, and a member of the Listener and thus modifiable by tests
* Fix certutil_test
* Adds ability to define an inline policy and internal metadata to tokens
* Update comment on fetchEntityAndDerivedPolicies
* Simplify handling of inline policy
* Update comment on InternalMeta
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
* Improve argument name
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
* Use explicit SkipIdentityInheritance token field instead of implicit InlinePolicy behavior
* Add SkipIdentityInheritance to pb struct in token store create method
* Rename SkipIdentityInheritance to NoIdentityPolicies
* Merge latest from main and make proto
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
