render / rpms / libvirt

Forked from rpms/libvirt 9 months ago
Clone
3e5111
From 603a58f73e71323294c0d840bbfef4b5d9676e32 Mon Sep 17 00:00:00 2001
3e5111
Message-Id: <603a58f73e71323294c0d840bbfef4b5d9676e32@dist-git>
3e5111
From: "Daniel P. Berrange" <berrange@redhat.com>
3e5111
Date: Wed, 3 May 2017 08:52:13 +0200
3e5111
Subject: [PATCH] Fix padding of encrypted data
3e5111
3e5111
If we are encoding a block of data that is 16 bytes in length,
3e5111
we cannot leave it as 16 bytes, we must pad it out to the next
3e5111
block boundary, 32 bytes. Without this padding, the decoder will
3e5111
incorrectly treat the last byte of plain text as the padding
3e5111
length, as it can't distinguish padded from non-padded data.
3e5111
3e5111
The problem exhibited itself when using a 16 byte passphrase
3e5111
for a LUKS volume
3e5111
3e5111
  $ virsh secret-set-value 55806c7d-8e93-456f-829b-607d8c198367 \
3e5111
       $(echo -n 1234567812345678 | base64)
3e5111
  Secret value set
3e5111
3e5111
  $ virsh start demo
3e5111
  error: Failed to start domain demo
3e5111
  error: internal error: process exited while connecting to monitor: >>>>>>>>>>Len 16
3e5111
  2017-05-02T10:35:40.016390Z qemu-system-x86_64: -object \
3e5111
    secret,id=virtio-disk1-luks-secret0,data=SEtNi5vDUeyseMKHwc1c1Q==,\
3e5111
    keyid=masterKey0,iv=zm7apUB1A6dPcH53VW960Q==,format=base64: \
3e5111
    Incorrect number of padding bytes (56) found on decrypted data
3e5111
3e5111
Notice how the padding '56' corresponds to the ordinal value of
3e5111
the character '8'.
3e5111
3e5111
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
3e5111
(cherry picked from commit 71890992daf37ec78b00b4ce873369421dc99731)
3e5111
3e5111
https://bugzilla.redhat.com/show_bug.cgi?id=1447297
3e5111
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
3e5111
---
3e5111
 src/util/vircrypto.c | 10 ++++++++--
3e5111
 1 file changed, 8 insertions(+), 2 deletions(-)
3e5111
3e5111
diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c
3e5111
index 8748e1c4e..48b04fc8c 100644
3e5111
--- a/src/util/vircrypto.c
3e5111
+++ b/src/util/vircrypto.c
3e5111
@@ -152,8 +152,14 @@ virCryptoEncryptDataAESgnutls(gnutls_cipher_algorithm_t gnutls_enc_alg,
3e5111
     uint8_t *ciphertext;
3e5111
     size_t ciphertextlen;
3e5111
 
3e5111
-    /* Allocate a padded buffer, copy in the data */
3e5111
-    ciphertextlen = VIR_ROUND_UP(datalen, 16);
3e5111
+    /* Allocate a padded buffer, copy in the data.
3e5111
+     *
3e5111
+     * NB, we must *always* have at least 1 byte of
3e5111
+     * padding - we can't skip it on multiples of
3e5111
+     * 16, otherwise decoder can't distinguish padded
3e5111
+     * data from non-padded data. Hence datalen + 1
3e5111
+     */
3e5111
+    ciphertextlen = VIR_ROUND_UP(datalen + 1, 16);
3e5111
     if (VIR_ALLOC_N(ciphertext, ciphertextlen) < 0)
3e5111
         return -1;
3e5111
     memcpy(ciphertext, data, datalen);
3e5111
-- 
3e5111
2.12.2
3e5111