Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

operator/pkg/certs: validate X509 Cert key types and improve error handling #5561

Merged
merged 1 commit into from
Oct 19, 2024
Merged

operator/pkg/certs: validate X509 Cert key types and improve error handling #5561

merged 1 commit into from
Oct 19, 2024

Conversation

mohamedawnallah
Copy link
Contributor

Description
In this commit, we enhance the GeneratePrivateKey and ParsePrivateKeyPEM functions:

  • Added validation for unsupported key types and provided a more descriptive error message. This function supports ECDSA (using P-256) and RSA (with a key size of 3072 bits) algorithms. It returns an error for unsupported key types.
  • Improved error handling to include the type of the unsupported key format in the error message. This function now provides more informative feedback when the private key format is neither RSA nor ECDSA.

Motivation and Context
During the testing of the Certificate Manager and Karmada Store (#5559), it was observed that when unsupported key types such as UnknownPublicKeyAlgorithm, DSA, or Ed25519 (as documented in the Go standard library crypto package) are passed to the GeneratePrivateKey function, the function incorrectly returns an RSA key. Instead, it should return an error when encountering unsupported key types.

What type of PR is this?
/kind bug

Does this PR introduce a user-facing change?:

NONE

@karmada-bot karmada-bot added the kind/bug Categorizes issue or PR as related to a bug. label Sep 16, 2024
@karmada-bot karmada-bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Sep 16, 2024
This was referenced Sep 16, 2024
Merged
Open
@codecov-commenter
Copy link

codecov-commenter commented Sep 16, 2024
edited
Loading

⚠️ Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

Attention: Patch coverage is 23.07692% with 10 lines in your changes missing coverage. Please review.

Project coverage is 39.75%. Comparing base (4c8bcd4) to head (ad7a70b).
Report is 179 commits behind head on master.

Files with missing lines Patch % Lines
operator/pkg/certs/certs.go 0.00% 7 Missing ⚠️
pkg/karmadactl/cmdinit/cert/cert.go 50.00% 3 Missing ⚠️

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #5561      +/-   ##
==========================================
+ Coverage   34.14%   39.75%   +5.60%     
==========================================
  Files         643      650       +7     
  Lines       44524    55131   +10607     
==========================================
+ Hits        15203    21915    +6712     
- Misses      28165    31809    +3644     
- Partials     1156     1407     +251
Flag Coverage Δ
unittests 39.75% <23.07%> (+5.60%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@zhzhuang-zju
Copy link
Contributor

/assign

@zhzhuang-zju
Copy link
Contributor

The method GeneratePrivateKey currently uses the CertConfig.PublicKeyAlgorithm that is not yet exposed to users. In practice, the operator only uses the algorithm x509.RSA. The purpose of this PR is to strictly limit the values of CertConfig.PublicKeyAlgorithm to ECDSA or RSA. Therefore, rather than categorizing this as /kind bug, I lean more towards /kind cleanup

/remove-kind bug
/kind cleanup

@karmada-bot karmada-bot added kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. and removed kind/bug Categorizes issue or PR as related to a bug. labels Sep 18, 2024
@XiShanYongYe-Chang
Copy link
Member

/retest

@mohamedawnallah
Copy link
Contributor Author

@XiShanYongYe-Chang all test cases passed :)

@XiShanYongYe-Chang
Copy link
Member

cc @zhzhuang-zju

@mohamedawnallah mohamedawnallah mentioned this pull request Oct 1, 2024
Merged
@mohamedawnallah
Copy link
Contributor Author

mohamedawnallah commented Oct 16, 2024
edited
Loading

Hi @XiShanYongYe-Chang and @zhzhuang-zju,

Could we please get this PR merged? The unit test certificates PR (#5625 and #5559), which depends on this, has been stale for a while. If anything is needed to move it forward, please let me know.

Thanks! 🙏

@XiShanYongYe-Chang
Copy link
Member

Hi @zhzhuang-zju, can you help take a review?

@zhzhuang-zju
Copy link
Contributor

Hi @zhzhuang-zju, can you help take a review?

sure, review is in progress

zhzhuang-zju
zhzhuang-zju reviewed Oct 17, 2024
View reviewed changes
Copy link
Contributor

@zhzhuang-zju zhzhuang-zju left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, others LGTM

operator/pkg/certs/certs.go Outdated Show resolved Hide resolved
operator/pkg/certs/certs.go Outdated Show resolved Hide resolved
@mohamedawnallah mohamedawnallah force-pushed the validateKeyAndHandleErrors branch 3 times, most recently from a2171c3 to 70a5d9e Compare October 17, 2024 17:32
@mohamedawnallah
Copy link
Contributor Author

Thanks @zhzhuang-zju for the feedback! I've integrated it! Could you please take a look if everything looks good? 🙏

@mohamedawnallah
operator/pkg/certs: validate key types and val err
ad7a70b 
In this commit, we enhance the `GeneratePrivateKey` and `ParsePrivateKeyPEM` functions:

- Added validation for unsupported key types and provided a more descriptive error message.
This function supports ECDSA (using P-256) and RSA (with a key size of 3072 bits) algorithms.
It returns an error for unsupported key types.
- Improved error handling to include the type of the unsupported key format in the error message.
This function now provides more informative feedback when the private key format is neither RSA nor ECDSA.

Signed-off-by: Mohamed Awnallah <mohamedmohey2352@gmail.com>
@mohamedawnallah mohamedawnallah force-pushed the validateKeyAndHandleErrors branch from 70a5d9e to ad7a70b Compare October 18, 2024 12:48
@karmada-bot karmada-bot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Oct 18, 2024
@zhzhuang-zju
Copy link
Contributor

/lgtm
cc @XiShanYongYe-Chang for confirm

@karmada-bot karmada-bot added the lgtm Indicates that a PR is ready to be merged. label Oct 19, 2024
XiShanYongYe-Chang
XiShanYongYe-Chang reviewed Oct 19, 2024
View reviewed changes
Copy link
Member

@XiShanYongYe-Chang XiShanYongYe-Chang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks~
/approve

@karmada-bot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: XiShanYongYe-Chang

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@karmada-bot karmada-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 19, 2024
@karmada-bot karmada-bot merged commit 4294e60 into karmada-io:master Oct 19, 2024
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@XiShanYongYe-Chang XiShanYongYe-Chang XiShanYongYe-Chang left review comments

@calvin0327 calvin0327 Awaiting requested review from calvin0327

@Poor12 Poor12 Awaiting requested review from Poor12

@zhzhuang-zju zhzhuang-zju Awaiting requested review from zhzhuang-zju

Assignees

@zhzhuang-zju zhzhuang-zju

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lgtm Indicates that a PR is ready to be merged. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@mohamedawnallah @codecov-commenter @zhzhuang-zju @XiShanYongYe-Chang @karmada-bot