Bug 1362312
Summary: | ipa vault-retrieve internal error when using the wrong public key | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Scott Poore <spoore> | ||||
Component: | ipa | Assignee: | IPA Maintainers <ipa-maint> | ||||
Status: | CLOSED ERRATA | QA Contact: | Kaleem <ksiddiqu> | ||||
Severity: | unspecified | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | 7.3 | CC: | dkupka, pvoborni, rcritten | ||||
Target Milestone: | rc | ||||||
Target Release: | --- | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | ipa-4.4.0-5.el7 | Doc Type: | If docs needed, set a value | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2016-11-04 05:59:51 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Scott Poore
2016-08-02 00:08:47 UTC
Created attachment 1186578 [details]
debug output for vault-retrieve with incorrect private-key-file
Upstream ticket: https://fedorahosted.org/freeipa/ticket/6160 Fixed upstream master: https://fedorahosted.org/freeipa/changeset/8ab0ad5b9ef59eca7b25a150baeb4a9bf8faa582 Verified. Version :: ipa-server-4.4.0-5.el7.x86_64 Results :: [root@rhel7-5 ~]# openssl genrsa -out /tmp/key1.prv 2048 Generating RSA private key, 2048 bit long modulus ..................+++ ............+++ e is 65537 (0x10001) [root@rhel7-5 ~]# openssl rsa -in /tmp/key1.prv -out /tmp/key1.pub -pubout writing RSA key [root@rhel7-5 ~]# openssl genrsa -out /tmp/key2.prv 2048 Generating RSA private key, 2048 bit long modulus ................+++ ....................+++ e is 65537 (0x10001) [root@rhel7-5 ~]# openssl rsa -in /tmp/key2.prv -out /tmp/key2.pub -pubout writing RSA key [root@rhel7-5 ~]# ipa vault-add --type=asymmetric testvault1 --public-key-file=/tmp/key1.pub ------------------------ Added vault "testvault1" ------------------------ [root@rhel7-5 ~]# ipa vault-archive testvault1 --data="U2VjcmV0MTIzCg==" ------------------------------------- Archived data into vault "testvault1" ------------------------------------- [root@rhel7-5 ~]# ipa vault-retrieve testvault1 --private-key-file=/tmp/key2.prv ipa: ERROR: Invalid credentials [root@rhel7-5 ~]# Just to show that retrieve worked: [root@rhel7-5 ~]# ipa vault-retrieve testvault1 --private-key-file=/tmp/key1.prv -------------------------------------- Retrieved data from vault "testvault1" -------------------------------------- Data: U2VjcmV0MTIzCg== Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-2404.html |