Create ed25519 key files with secure permissions to avoid risk of insecure chmode call/race condition (LP: #2017430)

2023-04-30 09:25:28 -04:00
parent 2fc00b0218
commit 810d543085
2 changed files with 6 additions and 1 deletions
@@ -1,6 +1,9 @@
 Version 1.1.3
   - Catch nacl.exceptions.ValueError and raise KeyFormatError, similar to how
     RSA key errors are treated (LP: #2018021)
+   - Create ed25519 key files with secure permissions to avoid risk of
+     insecure chmode call/race condition (Thanks to Hanno Böck for the report
+     and the suggested fix) (LP: #2017430)

 2023-04-09 Version 1.1.2
   - Verify correct AMS header is used for ARC seal verification (André Cruz)
@@ -64,10 +64,12 @@ def GenEd25519Keys(private_key_file, verbose=True):
    if verbose:
        eprint('generating ' + private_key_file)
    priv_key = skg.generate()
+    if os.name == 'posix':
+        old_umask = os.umask(0o077)
    with open(private_key_file, 'w') as pkf:
        pkf.write(priv_key.encode(encoder=nacl.encoding.Base64Encoder).decode("utf-8"))
    if os.name == 'posix':
-        os.chmod(private_key_file, 0o600)
+        os.umask(old_umask)
    return(priv_key)

 def ExtractRSADnsPublicKey(private_key_file, dns_file, verbose=True):