1447297 – Unable to use LUKS passphrase that is exactly 16 bytes long

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1447297 - Unable to use LUKS passphrase that is exactly 16 bytes long

Summary: Unable to use LUKS passphrase that is exactly 16 bytes long

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	libvirt
Sub Component:
Version:	7.3
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Peter Krempa
QA Contact:	yisun
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2017-05-02 10:48 UTC by Daniel Berrangé
Modified:	2017-08-02 01:32 UTC (History)
CC List:	8 users (show)
Fixed In Version:	libvirt-3.2.0-4.el7
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-08-02 00:08:25 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHEA-2017:1846	0	normal	SHIPPED_LIVE	libvirt bug fix and enhancement update	2017-08-01 18:02:50 UTC

Description Daniel Berrangé 2017-05-02 10:48:25 UTC

Description of problem:
If using a LUKS passphrase that is exactly 16 bytes, QEMU fails to decode the secret, due to incorrect plain text padding.


$ virsh secret-set-value 55806c7d-8e93-456f-829b-607d8c198367 $(echo -n 1234567812345678 | base64)
Secret value set

$ virsh start demo
error: Failed to start domain demo
error: internal error: process exited while connecting to monitor: 
2017-05-02T10:36:34.219574Z qemu-system-x86_64: -object secret,id=virtio-disk1-luks-secret0,data=RJX5KrWOe+YrAvZggnVkmw==,keyid=masterKey0,iv=Mtj0v/esNFNWoYelGZsCsA==,format=base64: Incorrect number of padding bytes (56) found on decrypted data

This is because the libvirt code is failing to correct round-up to the next block size when the plain text is a multiple of block size.

Version-Release number of selected component (if applicable):
2.0.0-10.el7_3.2

How reproducible:
Always

Steps to Reproduce:
1. Create a luks disk

$ qemu-img create -f luks -o key-secret=sec0 --object secret,id=sec0,data=1234567812345678 ~/VirtualMachines/demo.luks 1G

2. Add the following XML to a guest

    <disk type='file' device='disk'>
      <driver name='qemu' type='raw'/>
      <source file='/home/berrange/VirtualMachines/demo.luks'/>
      <target dev='vdb' bus='virtio'/>
      <encryption format='luks'>
        <secret type='passphrase' uuid='55806c7d-8e93-456f-829b-607d8c198367'/>
      </encryption>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
    </disk>

3. Set the secret value

$ virsh secret-set-value 55806c7d-8e93-456f-829b-607d8c198367 $(echo -n 1234567812345678 | base64)
Secret value set

4. Start the guest

 $ virsh start

Actual results:
Fails with padding error

Expected results:
Guest launches

Additional info:

Comment 3 Daniel Berrangé 2017-05-02 11:02:45 UTC

https://www.redhat.com/archives/libvir-list/2017-May/msg00030.html

Comment 4 Peter Krempa 2017-05-03 06:47:15 UTC

commit 71890992daf37ec78b00b4ce873369421dc99731
Author: Daniel P. Berrange <berrange>
Date:   Tue May 2 11:32:43 2017 +0100

    Fix padding of encrypted data
    
    If we are encoding a block of data that is 16 bytes in length,
    we cannot leave it as 16 bytes, we must pad it out to the next
    block boundary, 32 bytes. Without this padding, the decoder will
    incorrectly treat the last byte of plain text as the padding
    length, as it can't distinguish padded from non-padded data.
    
    The problem exhibited itself when using a 16 byte passphrase
    for a LUKS volume
    
      $ virsh secret-set-value 55806c7d-8e93-456f-829b-607d8c198367 \
           $(echo -n 1234567812345678 | base64)
      Secret value set
    
      $ virsh start demo
      error: Failed to start domain demo
      error: internal error: process exited while connecting to monitor: >>>>>>>>>>Len 16
      2017-05-02T10:35:40.016390Z qemu-system-x86_64: -object \
        secret,id=virtio-disk1-luks-secret0,data=SEtNi5vDUeyseMKHwc1c1Q==,\
        keyid=masterKey0,iv=zm7apUB1A6dPcH53VW960Q==,format=base64: \
        Incorrect number of padding bytes (56) found on decrypted data
    
    Notice how the padding '56' corresponds to the ordinal value of
    the character '8'.

Comment 7 yisun 2017-05-22 09:47:58 UTC

Verified on:
libvirt-3.2.0-5.virtcov.el7.x86_64
qemu-kvm-rhev-2.9.0-5.el7.x86_64

## qemu-img create -f luks -o key-secret=sec0 --object secret,id=sec0,data=1234567812345678 /var/lib/libvirt/images/luks.disk 1G
Formatting '/var/lib/libvirt/images/luks.disk', fmt=luks size=1073741824 key-secret=sec0

## cat sec.xml 
<secret ephemeral='no' private='no'>
  <uuid>f981dd17-143f-45bc-88e6-ed1fe20ce9da</uuid>
  <description>LUKS Secret</description>
  <usage type='volume'>
    <volume>/var/lib/libvirt/images/luks.disk</volume>
  </usage>
</secret>


## virsh secret-define sec.xml 
Secret f981dd17-143f-45bc-88e6-ed1fe20ce9da created

## virsh secret-set-value f981dd17-143f-45bc-88e6-ed1fe20ce9da $(echo -n 1234567812345678 | base64)
Secret value set


## virsh dumpxml r | grep disk -a10
...
    <disk type='file' device='disk'>
      <driver name='qemu' type='raw'/>
      <source file='/var/lib/libvirt/images/luks.disk'/>
      <target dev='vdb' bus='virtio'/>
      <encryption format='luks'>
        <secret type='passphrase' uuid='f981dd17-143f-45bc-88e6-ed1fe20ce9da'/>
      </encryption>
      <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
    </disk>
...

## virsh start r
Domain r started

also tried with 15/17 bytes password and passed.

Comment 8 errata-xmlrpc 2017-08-02 00:08:25 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1846

Comment 9 errata-xmlrpc 2017-08-02 01:32:35 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1846

Note You need to log in before you can comment on or make changes to this bug.