From 9ecc19c481384b0405e92845a01ea4144c1d95f2 Mon Sep 17 00:00:00 2001
From: alwaysjolley <chris@alwaysjolley.com>
Date: Fri, 12 Apr 2019 09:53:06 -0400
Subject: [PATCH 1/5] adding san filter

---
 lemur/plugins/lemur_vault_dest/plugin.py | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/lemur/plugins/lemur_vault_dest/plugin.py b/lemur/plugins/lemur_vault_dest/plugin.py
index 91f6a07a..94647c03 100644
--- a/lemur/plugins/lemur_vault_dest/plugin.py
+++ b/lemur/plugins/lemur_vault_dest/plugin.py
@@ -9,6 +9,7 @@
 
 .. moduleauthor:: Christopher Jolley <chris@alwaysjolley.com>
 """
+import re
 import hvac
 from flask import current_app
 
@@ -19,7 +20,6 @@ from lemur.plugins.bases import DestinationPlugin
 from cryptography import x509
 from cryptography.hazmat.backends import default_backend
 
-
 class VaultDestinationPlugin(DestinationPlugin):
     """Hashicorp Vault Destination plugin for Lemur"""
     title = 'Vault'
@@ -76,6 +76,13 @@ class VaultDestinationPlugin(DestinationPlugin):
             ],
             'required': True,
             'helpMessage': 'Bundle the chain into the certificate'
+        },
+        {
+            'name': 'sanFilter',
+            'type': 'str',
+            'required': False,
+            'validation': '^[0-9a-zA-Z\\\?\[\](){}^$+._-]+$',
+            'helpMessage': 'Valid regex filter'
         }
     ]
 
@@ -98,6 +105,14 @@ class VaultDestinationPlugin(DestinationPlugin):
         path = self.get_option('vaultPath', options)
         bundle = self.get_option('bundleChain', options)
         obj_name = self.get_option('objectName', options)
+        san_filter = self.get_option('sanFilter', options)
+
+        san_list = get_san_list(body)
+        for san in san_list:
+            if not re.match(san_filter, san):
+                current_app.logger.exception(
+                    "Exception uploading secret to vault: invalid SAN in certificate",
+                    exc_info=True)
 
         with open(token_file, 'r') as file:
             token = file.readline().rstrip('\n')
@@ -119,7 +134,6 @@ class VaultDestinationPlugin(DestinationPlugin):
         else:
             secret['data'][cname]['crt'] = body
         secret['data'][cname]['key'] = private_key
-        san_list = get_san_list(body)
         if isinstance(san_list, list):
             secret['data'][cname]['san'] = san_list
         try:

From 1667c057428c58e6c25ff3a9ae76621f8639c9d7 Mon Sep 17 00:00:00 2001
From: alwaysjolley <chris@alwaysjolley.com>
Date: Thu, 18 Apr 2019 13:57:10 -0400
Subject: [PATCH 2/5] removed unused functions

---
 lemur/plugins/lemur_vault_dest/plugin.py | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/lemur/plugins/lemur_vault_dest/plugin.py b/lemur/plugins/lemur_vault_dest/plugin.py
index 93134e7f..1b07cd83 100644
--- a/lemur/plugins/lemur_vault_dest/plugin.py
+++ b/lemur/plugins/lemur_vault_dest/plugin.py
@@ -21,14 +21,6 @@ from lemur.plugins.bases import DestinationPlugin
 from cryptography import x509
 from cryptography.hazmat.backends import default_backend
 
-class Error(Exception):
-    """Base exception class"""
-    pass
-
-class InvalidSanError(Error):
-    """Invlied SAN in SAN list as defined by regex in destination"""
-    pass
-
 class VaultDestinationPlugin(DestinationPlugin):
     """Hashicorp Vault Destination plugin for Lemur"""
     title = 'Vault'

From 8dccaaf54450eb8e35e8e46804c6c910d040ca5f Mon Sep 17 00:00:00 2001
From: alwaysjolley <chris@alwaysjolley.com>
Date: Mon, 22 Apr 2019 07:58:01 -0400
Subject: [PATCH 3/5] simpler validation

---
 lemur/plugins/lemur_vault_dest/.plugin.py.swp | Bin 0 -> 16384 bytes
 lemur/plugins/lemur_vault_dest/plugin.py      |   2 +-
 2 files changed, 1 insertion(+), 1 deletion(-)
 create mode 100644 lemur/plugins/lemur_vault_dest/.plugin.py.swp

diff --git a/lemur/plugins/lemur_vault_dest/.plugin.py.swp b/lemur/plugins/lemur_vault_dest/.plugin.py.swp
new file mode 100644
index 0000000000000000000000000000000000000000..b82010b3d3acbd7728a41aa95e77a928b96bc16d
GIT binary patch
literal 16384
zcmeHOU2Ggz6`rJ}4TQ9%g$HP<ZcU}xP1dt^XiL1wQe0<KoW^bx{~+Nwqw(zB-HB&s
zCNr~ZZ;hJ=Bp!moLs6?fl)muK14YV1B@izyCHzPT34sJE@YbXf@Km)3fy8(2oxk0+
z9k-<tm1d;RyL;!JbI(2J+;h)8GhP{6oStEy(H>B6-JvLVfB&avpS^rp`72ixo3}eY
zwcp?p{l><%HKW%sxUZRRdrOM)+S*!KbdLUdcBg4Mf&8U+jgB4absmIec|-GhTk^>p
za}DGgcqbY-pnUr9_!v=sYUDn4*PRRRgh@`5YarJ^u7O+wxdw6#<Qm8|kZT~<!247K
zp|@AL2-){W@^_=pJp-RNMZc$`&$WU3(a-!N*Fdg;Tm!iVat-7f$Tg5_AlE>yfm{Q*
z267GL8u&ldfKgYJ+acFYQ~<#9|M>j>Z#4cIcoBFWI1gCBCxF*)Q<Uq#4}k9g&jC*X
zUjbS`6PN(@0e?84D8C0@1fB#ofm6W8fIYygA6AsF0+)amPzE&MUf`p^8~YXIkHAlW
zF9XMc37`zz0$l%)qWlK90z3~~0ycnU;FG|ez&_wFA5@f=fo}s(0w;i@z&LO_@WwvK
z3S0qfzyQ7gJOtbg{O49h`4w;pxCnHBIp7HJao}&aD9Sg1XMwK)tH2C!2)F}y>jR4N
zXW%8^3h*>=26z;x0`~xWfY)wTl&ipZfi<8FG=T<C1>Qm-=1t&xz;nO_zys!i37`Pn
z16+eWUjwcHE^q`O8}9`ME*4#$5w=*B1>A0EO&;p57h0}UP{n&0r*Ts)G1(Rrm6)jQ
zcARiqsu{Yw6<O%6az}4iHs6+ZvJ<xEsoM$k+KNZVx3?u;@a-%~BChEeZ5k4<sI*;2
zr(Xrn@B^-!+z+jWWf~zbthn`FF`eVc$VkGV;`6ZMJC(En<VKqjxo)-$YxtJuTU~I~
zS9!0ZBy<a&?HYAK7Y)k{r_Q3z44sp%@%VM#U>!kLAS0C+iC<zQZ7C+CQA!zU5|fqK
z!Go)7hTjZ|87YE}$Nj=0y?JvSFWy*=K{h`v-peToS14+_ZaG${>xF|vo#7({B%zWX
zQmny#(Rj<rgf^3J442yCwl~9rz-V%{!qi2>w(891O}@_HAtCqG{{CI+AOxlE+CjC{
zf8Xa9I+oAtxO>8|13qvY<Q*~4FlE^D#GN4Y2bq$tX}G{3ha{m=wj0U#n`t9vHZ-+I
zI!+xfAGSCXzQQagbmh;~{RU>6na#Z48JNs+|9E0d$Cb?c`G{MSo?*7Im=yYzz0_H}
zh_ya&Lp8dFWg9D4eigQ)^z~1aNRH23$L<XhC%WV|HxUH->0@=S2#rk9!pU^mwL)iU
zIYWh#jqv+`fhG4#%xbU|+i+G{CxE)0esv(KWu0hgY;?jHePVL-ixquz`A|j_nzfp-
z!B!rXOm%y=aaYbm3nXra_pYZo(+NVh!kNK@*i0-~EKd{BC}0%0cbwh1!jhaEW=Yd4
zKU_R?e@2eMIS%`ox{E1h_KC#S|DzeoU50$-zMUs}cJ95JShSVB`<aPNk4(1nR0`##
zbLHhj#hrZdUD#=0cYXWQTI7C!t%A7?5x=BIKDNjvPfyc=#F`thRAvng%e_?`JKWDe
zIO+JH*X|}n9Ude~oO#F4B>efY?xbf$bIq{XwO=oa&1~V!DN@Skji6;kix=;`hK6Gf
zYN<agooj`m7d%`km(vBTRj`8Jqtz?YrU74wQa&V2OEP;gkeIo?F4HenNC*L&R@myS
z(7V57!^WGy!FkuVc~8FED=jGr!APBI`Bo6RUW@zer0Azg-gx`h^evHiQol*tcGrY|
z$-KvMn&fbqTrC*Xs}V$TQH~iPl_5?oQvIkf=_tKo9A!GPQ)q=E5k=~OL`b$F=@RBL
zUEhmLmdTKqd_$QvT%Vny*Q6;&Gi@UXWZz6znM@UiS||-`_%2dMzvqQ+(>J_UPiq-Z
zw2e?(F-&B>^?+Gz&&39dEK9r{9kmY=#vRum9Gi&viZ`t_DQEzW0Z-Ts2_qRw3Yi;g
zozSuqf}tFF3xY_-geH??M-nxlpw(DXv*Y{R33bEslxUW%u3^UCeI9>v1BJA!X{_zm
zJ2sbYRH?9GFJi|`@~qEgJ&;`Tvr*n1wv3ROhC_R)*MWc5S>0X3&mM!endc%OV~$(r
zfhJagw4JbW>VSRTH;}Wl#Qn%Gh0|fnhEquaDz;^EC*Tz(GciiBIXg8yRhylviDBBV
z&tdHliB}{;#dN)%Z#7$Cg%!*qJ3KZ%A%v@Vwh_Vs+ZDFpSnH{RDy-l1;#cPN`p74Q
zR_XlzL!1}?fwLu@|EHtF;Z>aTF9XxSZNLHG8qV{-1zrH?oc|E;C!FE00AB~50vf=B
zzykoC?|+Un{42nZfG+_KPz8<w`+@5?!(Rh_46Fi2f&IYmaAto6cp6v%jsmv=|H4_F
z&hZz43&2T$0l&l<{TIMh;01ur?ls^Ta2IeDXLJ*|A9xez@z;S@fu8{{11|yJ0Oo)R
zU<~*t&g0(#o&hSry}(C+n*q|--$`frm1`i^!23i4lta=bi#YfQC^S<`0||j`qd-GH
z=<=|aEA)l0o7@Z8l<PP+!6D_X`M&F?9jT9GggnEvE$nGpbTZRcyIS|K=5wR2%O<@m
z(`FQ%!d8|3l(4IzNT!Rurz*aul_!qs#qLKM&yKXq5pYNzmO0KgR=cshtco0JT$Qqf
zex#>l+8ZkBF$Ssx8=JDWgAJRM>~qWNa;Om59_4P-i;1L1p6EycqU;qJq;3ff8-9<`
zmQS@MszgfN6{Mh%!cg%7F(pw7S%9vH2`V(YjR6&EyP;hvVbb_|h;13R4YXSPb=D0}
zz%unz|1o3O83Y<q^$r)6Qt>U&u@~!fv?vIk$7kp0xSuiRIu%MOd&rJQ^Gk*oEL^KD
zIp9kw&g0X^wYh~yPS&R8^~qE7wKKDm^V5qpeRguDmX0B+F;yl6p!%Zj@wQIC`s<rL
zlp|%?FgA6RSQav6&y~0rq^8aqcTA*41+^14Mvtg+(8L!q%2|??KJo#PH)iv7k>t!x
z&WhS)khMLTtQ6ajx4p2(s0p<t#%aa%dqiYoS*p!C0U4dHk(yYybVN;4H|a=}nu(+g
z{yMffqEQZIgawRJEYWgDy|dv~>5!T#mRM#oR?T*sP5i5)3=SBipimFGwvHE+7-E3b
znW$?&durJ!EKssY1)r+?Sdwclt*R3J@LC216`$$A=3)8qcrhu|ovy@!@+XT%iP<lS
zlKJuy6+YEvxI%1bCGL+9Vg>PWwh-Sg3F~2f#@+g*PS~PeE!bwN<OvCpZbN4Jp&%p2
zO!^Op%k8K|y^&@^3r5!M6E1ImRH`(}$}WY;sK_dOJ7u3LVi){X_~lt=V|-JMol~yX
zlwImN{e#Oo?$FrD<hE1@^stfE<YgDM-5~U)ftO|^LOEs+$;(;6sT~g_sCJjiJZz|)
z$x%HO&uUT*n04G3JzgLohTT7oZ`rMk8J-nyYzmRlB}p-BI)rLdVjnM{#!&@Ih!{AI
zSH<6A|GY&T$f&F*_Fvm_c%i8Ic!pqk1@){GMM@fE4Mh?>L*q_CkckIiC6t%dBE<({
zk(mq;#Frar*d?s6FrKO)z88P)5V_(m^trphXgQ)1#Sp4#S5JZ@mUpqglppinU383l
z!+wq%BHU{Ty=F^<4a^_URS@P3r^HYzXa-f>pMG@q@iVol$+=o4m=GJPy`U?ep(HUW
zU1Z=-kw~&ko2gCgDv@{hZ6m2+Q&L!V=z%Eio`@a+4L=ag_|{gmV&Ca6Dh~6AJ$ow#
V*#`;3lyMju7Fynk9<-!{{{?&E-R}SZ

literal 0
HcmV?d00001

diff --git a/lemur/plugins/lemur_vault_dest/plugin.py b/lemur/plugins/lemur_vault_dest/plugin.py
index 1b07cd83..a9c85dd7 100644
--- a/lemur/plugins/lemur_vault_dest/plugin.py
+++ b/lemur/plugins/lemur_vault_dest/plugin.py
@@ -94,7 +94,7 @@ class VaultDestinationPlugin(DestinationPlugin):
             'type': 'str',
             'value': '.*',
             'required': False,
-            'validation': '^[0-9a-zA-Z\\\?\[\](){}|^$+*,._-]+$',
+            'validation': '.*',
             'helpMessage': 'Valid regex filter'
         }
     ]

From f9dadb2670de7c8f4414870ac6cb1b11c7d9c546 Mon Sep 17 00:00:00 2001
From: alwaysjolley <chris@alwaysjolley.com>
Date: Mon, 22 Apr 2019 09:38:44 -0400
Subject: [PATCH 4/5] fixing validation

---
 lemur/plugins/lemur_vault_dest/plugin.py | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/lemur/plugins/lemur_vault_dest/plugin.py b/lemur/plugins/lemur_vault_dest/plugin.py
index a9c85dd7..8d2ca6c6 100644
--- a/lemur/plugins/lemur_vault_dest/plugin.py
+++ b/lemur/plugins/lemur_vault_dest/plugin.py
@@ -124,11 +124,16 @@ class VaultDestinationPlugin(DestinationPlugin):
         san_list = get_san_list(body)
         if san_filter:
             for san in san_list:
-                if not re.match(san_filter, san, flags=re.IGNORECASE):
+                try:
+                    if not re.match(san_filter, san, flags=re.IGNORECASE):
+                        current_app.logger.exception(
+                            "Exception uploading secret to vault: invalid SAN: {}".format(san),
+                            exc_info=True)
+                        os._exit(1)
+                except re.error:
                     current_app.logger.exception(
-                        "Exception uploading secret to vault: invalid SAN: {}".format(san),
+                        "Exception compiling regex filter: invalid filter",
                         exc_info=True)
-                    os._exit(1)
 
         with open(token_file, 'r') as file:
             token = file.readline().rstrip('\n')

From 85efb6a99e9fae62e318652c841597c2c2beacf7 Mon Sep 17 00:00:00 2001
From: alwaysjolley <chris@alwaysjolley.com>
Date: Mon, 22 Apr 2019 09:54:19 -0400
Subject: [PATCH 5/5] cleanup tmp files

---
 lemur/plugins/lemur_vault_dest/.plugin.py.swp | Bin 16384 -> 0 bytes
 lemur/plugins/lemur_vault_dest/plugin.py      |   1 +
 2 files changed, 1 insertion(+)
 delete mode 100644 lemur/plugins/lemur_vault_dest/.plugin.py.swp

diff --git a/lemur/plugins/lemur_vault_dest/.plugin.py.swp b/lemur/plugins/lemur_vault_dest/.plugin.py.swp
deleted file mode 100644
index b82010b3d3acbd7728a41aa95e77a928b96bc16d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 16384
zcmeHOU2Ggz6`rJ}4TQ9%g$HP<ZcU}xP1dt^XiL1wQe0<KoW^bx{~+Nwqw(zB-HB&s
zCNr~ZZ;hJ=Bp!moLs6?fl)muK14YV1B@izyCHzPT34sJE@YbXf@Km)3fy8(2oxk0+
z9k-<tm1d;RyL;!JbI(2J+;h)8GhP{6oStEy(H>B6-JvLVfB&avpS^rp`72ixo3}eY
zwcp?p{l><%HKW%sxUZRRdrOM)+S*!KbdLUdcBg4Mf&8U+jgB4absmIec|-GhTk^>p
za}DGgcqbY-pnUr9_!v=sYUDn4*PRRRgh@`5YarJ^u7O+wxdw6#<Qm8|kZT~<!247K
zp|@AL2-){W@^_=pJp-RNMZc$`&$WU3(a-!N*Fdg;Tm!iVat-7f$Tg5_AlE>yfm{Q*
z267GL8u&ldfKgYJ+acFYQ~<#9|M>j>Z#4cIcoBFWI1gCBCxF*)Q<Uq#4}k9g&jC*X
zUjbS`6PN(@0e?84D8C0@1fB#ofm6W8fIYygA6AsF0+)amPzE&MUf`p^8~YXIkHAlW
zF9XMc37`zz0$l%)qWlK90z3~~0ycnU;FG|ez&_wFA5@f=fo}s(0w;i@z&LO_@WwvK
z3S0qfzyQ7gJOtbg{O49h`4w;pxCnHBIp7HJao}&aD9Sg1XMwK)tH2C!2)F}y>jR4N
zXW%8^3h*>=26z;x0`~xWfY)wTl&ipZfi<8FG=T<C1>Qm-=1t&xz;nO_zys!i37`Pn
z16+eWUjwcHE^q`O8}9`ME*4#$5w=*B1>A0EO&;p57h0}UP{n&0r*Ts)G1(Rrm6)jQ
zcARiqsu{Yw6<O%6az}4iHs6+ZvJ<xEsoM$k+KNZVx3?u;@a-%~BChEeZ5k4<sI*;2
zr(Xrn@B^-!+z+jWWf~zbthn`FF`eVc$VkGV;`6ZMJC(En<VKqjxo)-$YxtJuTU~I~
zS9!0ZBy<a&?HYAK7Y)k{r_Q3z44sp%@%VM#U>!kLAS0C+iC<zQZ7C+CQA!zU5|fqK
z!Go)7hTjZ|87YE}$Nj=0y?JvSFWy*=K{h`v-peToS14+_ZaG${>xF|vo#7({B%zWX
zQmny#(Rj<rgf^3J442yCwl~9rz-V%{!qi2>w(891O}@_HAtCqG{{CI+AOxlE+CjC{
zf8Xa9I+oAtxO>8|13qvY<Q*~4FlE^D#GN4Y2bq$tX}G{3ha{m=wj0U#n`t9vHZ-+I
zI!+xfAGSCXzQQagbmh;~{RU>6na#Z48JNs+|9E0d$Cb?c`G{MSo?*7Im=yYzz0_H}
zh_ya&Lp8dFWg9D4eigQ)^z~1aNRH23$L<XhC%WV|HxUH->0@=S2#rk9!pU^mwL)iU
zIYWh#jqv+`fhG4#%xbU|+i+G{CxE)0esv(KWu0hgY;?jHePVL-ixquz`A|j_nzfp-
z!B!rXOm%y=aaYbm3nXra_pYZo(+NVh!kNK@*i0-~EKd{BC}0%0cbwh1!jhaEW=Yd4
zKU_R?e@2eMIS%`ox{E1h_KC#S|DzeoU50$-zMUs}cJ95JShSVB`<aPNk4(1nR0`##
zbLHhj#hrZdUD#=0cYXWQTI7C!t%A7?5x=BIKDNjvPfyc=#F`thRAvng%e_?`JKWDe
zIO+JH*X|}n9Ude~oO#F4B>efY?xbf$bIq{XwO=oa&1~V!DN@Skji6;kix=;`hK6Gf
zYN<agooj`m7d%`km(vBTRj`8Jqtz?YrU74wQa&V2OEP;gkeIo?F4HenNC*L&R@myS
z(7V57!^WGy!FkuVc~8FED=jGr!APBI`Bo6RUW@zer0Azg-gx`h^evHiQol*tcGrY|
z$-KvMn&fbqTrC*Xs}V$TQH~iPl_5?oQvIkf=_tKo9A!GPQ)q=E5k=~OL`b$F=@RBL
zUEhmLmdTKqd_$QvT%Vny*Q6;&Gi@UXWZz6znM@UiS||-`_%2dMzvqQ+(>J_UPiq-Z
zw2e?(F-&B>^?+Gz&&39dEK9r{9kmY=#vRum9Gi&viZ`t_DQEzW0Z-Ts2_qRw3Yi;g
zozSuqf}tFF3xY_-geH??M-nxlpw(DXv*Y{R33bEslxUW%u3^UCeI9>v1BJA!X{_zm
zJ2sbYRH?9GFJi|`@~qEgJ&;`Tvr*n1wv3ROhC_R)*MWc5S>0X3&mM!endc%OV~$(r
zfhJagw4JbW>VSRTH;}Wl#Qn%Gh0|fnhEquaDz;^EC*Tz(GciiBIXg8yRhylviDBBV
z&tdHliB}{;#dN)%Z#7$Cg%!*qJ3KZ%A%v@Vwh_Vs+ZDFpSnH{RDy-l1;#cPN`p74Q
zR_XlzL!1}?fwLu@|EHtF;Z>aTF9XxSZNLHG8qV{-1zrH?oc|E;C!FE00AB~50vf=B
zzykoC?|+Un{42nZfG+_KPz8<w`+@5?!(Rh_46Fi2f&IYmaAto6cp6v%jsmv=|H4_F
z&hZz43&2T$0l&l<{TIMh;01ur?ls^Ta2IeDXLJ*|A9xez@z;S@fu8{{11|yJ0Oo)R
zU<~*t&g0(#o&hSry}(C+n*q|--$`frm1`i^!23i4lta=bi#YfQC^S<`0||j`qd-GH
z=<=|aEA)l0o7@Z8l<PP+!6D_X`M&F?9jT9GggnEvE$nGpbTZRcyIS|K=5wR2%O<@m
z(`FQ%!d8|3l(4IzNT!Rurz*aul_!qs#qLKM&yKXq5pYNzmO0KgR=cshtco0JT$Qqf
zex#>l+8ZkBF$Ssx8=JDWgAJRM>~qWNa;Om59_4P-i;1L1p6EycqU;qJq;3ff8-9<`
zmQS@MszgfN6{Mh%!cg%7F(pw7S%9vH2`V(YjR6&EyP;hvVbb_|h;13R4YXSPb=D0}
zz%unz|1o3O83Y<q^$r)6Qt>U&u@~!fv?vIk$7kp0xSuiRIu%MOd&rJQ^Gk*oEL^KD
zIp9kw&g0X^wYh~yPS&R8^~qE7wKKDm^V5qpeRguDmX0B+F;yl6p!%Zj@wQIC`s<rL
zlp|%?FgA6RSQav6&y~0rq^8aqcTA*41+^14Mvtg+(8L!q%2|??KJo#PH)iv7k>t!x
z&WhS)khMLTtQ6ajx4p2(s0p<t#%aa%dqiYoS*p!C0U4dHk(yYybVN;4H|a=}nu(+g
z{yMffqEQZIgawRJEYWgDy|dv~>5!T#mRM#oR?T*sP5i5)3=SBipimFGwvHE+7-E3b
znW$?&durJ!EKssY1)r+?Sdwclt*R3J@LC216`$$A=3)8qcrhu|ovy@!@+XT%iP<lS
zlKJuy6+YEvxI%1bCGL+9Vg>PWwh-Sg3F~2f#@+g*PS~PeE!bwN<OvCpZbN4Jp&%p2
zO!^Op%k8K|y^&@^3r5!M6E1ImRH`(}$}WY;sK_dOJ7u3LVi){X_~lt=V|-JMol~yX
zlwImN{e#Oo?$FrD<hE1@^stfE<YgDM-5~U)ftO|^LOEs+$;(;6sT~g_sCJjiJZz|)
z$x%HO&uUT*n04G3JzgLohTT7oZ`rMk8J-nyYzmRlB}p-BI)rLdVjnM{#!&@Ih!{AI
zSH<6A|GY&T$f&F*_Fvm_c%i8Ic!pqk1@){GMM@fE4Mh?>L*q_CkckIiC6t%dBE<({
zk(mq;#Frar*d?s6FrKO)z88P)5V_(m^trphXgQ)1#Sp4#S5JZ@mUpqglppinU383l
z!+wq%BHU{Ty=F^<4a^_URS@P3r^HYzXa-f>pMG@q@iVol$+=o4m=GJPy`U?ep(HUW
zU1Z=-kw~&ko2gCgDv@{hZ6m2+Q&L!V=z%Eio`@a+4L=ag_|{gmV&Ca6Dh~6AJ$ow#
V*#`;3lyMju7Fynk9<-!{{{?&E-R}SZ

diff --git a/lemur/plugins/lemur_vault_dest/plugin.py b/lemur/plugins/lemur_vault_dest/plugin.py
index 8d2ca6c6..819ba22b 100644
--- a/lemur/plugins/lemur_vault_dest/plugin.py
+++ b/lemur/plugins/lemur_vault_dest/plugin.py
@@ -21,6 +21,7 @@ from lemur.plugins.bases import DestinationPlugin
 from cryptography import x509
 from cryptography.hazmat.backends import default_backend
 
+
 class VaultDestinationPlugin(DestinationPlugin):
     """Hashicorp Vault Destination plugin for Lemur"""
     title = 'Vault'