Do not store password on exports.

2021-07-28 15:22:21 -07:00 · 2021-07-28 15:22:21 -07:00 · e62d7988b8
commit e62d7988b8
parent ac363d7824
1 changed files with 9 additions and 3 deletions
--- a/authority/export.go
+++ b/authority/export.go
@ -13,6 +13,11 @@ import (
 	"google.golang.org/protobuf/types/known/structpb"
 )

+// Export creates a linkedca configuration form the current ca.json and loaded
+// authorities.
+//
+// Note that export will not export neither the pki password nor the certificate
+// issuer password.
 func (a *Authority) Export() (c *config.Configuration, err error) {
 	// Recover from panics
 	defer func() {
@ -22,6 +27,8 @@ func (a *Authority) Export() (c *config.Configuration, err error) {
 	}()

 	files := make(map[string][]byte)
+
+	// The exported configuration should not include the password in it.
 	c = &config.Configuration{
 		Version:         "1.0",
 		Root:            mustReadFilesOrUris(a.config.Root, files),
@ -40,8 +47,7 @@ func (a *Authority) Export() (c *config.Configuration, err error) {
 			DisableIssuedAtCheck: a.config.AuthorityConfig.DisableIssuedAtCheck,
 			Backdate:             a.config.AuthorityConfig.Backdate.String(),
 		},
-		Password: mustPassword(a.config.Password),
-		Files:    files,
+		Files: files,
 	}

 	// SSH
@ -109,12 +115,12 @@ func (a *Authority) Export() (c *config.Configuration, err error) {
 			if !ok {
 				return nil, errors.Errorf("unknown certificate issuer type %s", iss.Type)
 			}
+			// The exporte certificate issuer should not include the password.
 			c.Authority.CertificateIssuer = &config.CertificateIssuer{
 				Type:        config.CertificateIssuer_Type(typ),
 				Provisioner: iss.Provisioner,
 				Certificate: mustReadFileOrUri(iss.Certificate, files),
 				Key:         mustReadFileOrUri(iss.Key, files),
-				Password:    mustPassword(iss.Password),
 			}
 		}
 	}