From 7126f3e1d1fa7238788c23d01ec9f67b132e5f50 Mon Sep 17 00:00:00 2001
From: Alex Auvolat <alex@adnab.me>
Date: Tue, 13 Jun 2023 15:56:48 +0200
Subject: [PATCH] garage key import: add checks and `--yes` CLI flag (fix #278)

---
 src/garage/admin/key.rs   | 15 +++++++++++++++
 src/garage/cli/structs.rs |  4 ++++
 2 files changed, 19 insertions(+)

diff --git a/src/garage/admin/key.rs b/src/garage/admin/key.rs
index a4064539..8a1c02af 100644
--- a/src/garage/admin/key.rs
+++ b/src/garage/admin/key.rs
@@ -118,10 +118,25 @@ impl AdminRpcHandler {
 	}
 
 	async fn handle_import_key(&self, query: &KeyImportOpt) -> Result<AdminRpc, Error> {
+		if !query.yes {
+			return Err(Error::BadRequest("This command is intended to re-import keys that were previously generated by Garage. If you want to create a new key, use `garage key new` instead. Add the --yes flag if you really want to re-import a key.".to_string()));
+		}
+
+		if query.key_id.len() != 26
+			|| &query.key_id[..2] != "GK"
+			|| hex::decode(&query.key_id[2..]).is_err()
+		{
+			return Err(Error::BadRequest(format!("The specified key ID is not a valid Garage key ID (starts with `GK`, followed by 12 hex-encoded bytes)")));
+		}
+		if query.secret_key.len() != 64 || hex::decode(&query.secret_key).is_err() {
+			return Err(Error::BadRequest(format!("The specified secret key is not a valid Garage secret key (composed of 32 hex-encoded bytes)")));
+		}
+
 		let prev_key = self.garage.key_table.get(&EmptyKey, &query.key_id).await?;
 		if prev_key.is_some() {
 			return Err(Error::BadRequest(format!("Key {} already exists in data store. Even if it is deleted, we can't let you create a new key with the same ID. Sorry.", query.key_id)));
 		}
+
 		let imported_key = Key::import(&query.key_id, &query.secret_key, &query.name);
 		self.garage.key_table.insert(&imported_key).await?;
 
diff --git a/src/garage/cli/structs.rs b/src/garage/cli/structs.rs
index 5dc99a0d..2547fb8d 100644
--- a/src/garage/cli/structs.rs
+++ b/src/garage/cli/structs.rs
@@ -408,6 +408,10 @@ pub struct KeyImportOpt {
 	/// Key name
 	#[structopt(short = "n", default_value = "Imported key")]
 	pub name: String,
+
+	/// Confirm key import
+	#[structopt(long = "yes")]
+	pub yes: bool,
 }
 
 #[derive(Serialize, Deserialize, StructOpt, Debug, Clone)]