Bug 1447297 - Unable to use LUKS passphrase that is exactly 16 bytes long
Summary: Unable to use LUKS passphrase that is exactly 16 bytes long
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: libvirt
Version: 7.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Peter Krempa
QA Contact: yisun
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-05-02 10:48 UTC by Daniel Berrangé
Modified: 2017-08-02 01:32 UTC (History)
8 users (show)

Fixed In Version: libvirt-3.2.0-4.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-08-02 00:08:25 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2017:1846 normal SHIPPED_LIVE libvirt bug fix and enhancement update 2017-08-01 18:02:50 UTC

Description Daniel Berrangé 2017-05-02 10:48:25 UTC
Description of problem:
If using a LUKS passphrase that is exactly 16 bytes, QEMU fails to decode the secret, due to incorrect plain text padding.


$ virsh secret-set-value 55806c7d-8e93-456f-829b-607d8c198367 $(echo -n 1234567812345678 | base64)
Secret value set

$ virsh start demo
error: Failed to start domain demo
error: internal error: process exited while connecting to monitor: 
2017-05-02T10:36:34.219574Z qemu-system-x86_64: -object secret,id=virtio-disk1-luks-secret0,data=RJX5KrWOe+YrAvZggnVkmw==,keyid=masterKey0,iv=Mtj0v/esNFNWoYelGZsCsA==,format=base64: Incorrect number of padding bytes (56) found on decrypted data

This is because the libvirt code is failing to correct round-up to the next block size when the plain text is a multiple of block size.

Version-Release number of selected component (if applicable):
2.0.0-10.el7_3.2

How reproducible:
Always

Steps to Reproduce:
1. Create a luks disk

$ qemu-img create -f luks -o key-secret=sec0 --object secret,id=sec0,data=1234567812345678 ~/VirtualMachines/demo.luks 1G

2. Add the following XML to a guest

    <disk type='file' device='disk'>
      <driver name='qemu' type='raw'/>
      <source file='/home/berrange/VirtualMachines/demo.luks'/>
      <target dev='vdb' bus='virtio'/>
      <encryption format='luks'>
        <secret type='passphrase' uuid='55806c7d-8e93-456f-829b-607d8c198367'/>
      </encryption>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
    </disk>

3. Set the secret value

$ virsh secret-set-value 55806c7d-8e93-456f-829b-607d8c198367 $(echo -n 1234567812345678 | base64)
Secret value set

4. Start the guest

 $ virsh start

Actual results:
Fails with padding error

Expected results:
Guest launches

Additional info:

Comment 4 Peter Krempa 2017-05-03 06:47:15 UTC
commit 71890992daf37ec78b00b4ce873369421dc99731
Author: Daniel P. Berrange <berrange@redhat.com>
Date:   Tue May 2 11:32:43 2017 +0100

    Fix padding of encrypted data
    
    If we are encoding a block of data that is 16 bytes in length,
    we cannot leave it as 16 bytes, we must pad it out to the next
    block boundary, 32 bytes. Without this padding, the decoder will
    incorrectly treat the last byte of plain text as the padding
    length, as it can't distinguish padded from non-padded data.
    
    The problem exhibited itself when using a 16 byte passphrase
    for a LUKS volume
    
      $ virsh secret-set-value 55806c7d-8e93-456f-829b-607d8c198367 \
           $(echo -n 1234567812345678 | base64)
      Secret value set
    
      $ virsh start demo
      error: Failed to start domain demo
      error: internal error: process exited while connecting to monitor: >>>>>>>>>>Len 16
      2017-05-02T10:35:40.016390Z qemu-system-x86_64: -object \
        secret,id=virtio-disk1-luks-secret0,data=SEtNi5vDUeyseMKHwc1c1Q==,\
        keyid=masterKey0,iv=zm7apUB1A6dPcH53VW960Q==,format=base64: \
        Incorrect number of padding bytes (56) found on decrypted data
    
    Notice how the padding '56' corresponds to the ordinal value of
    the character '8'.

Comment 7 yisun 2017-05-22 09:47:58 UTC
Verified on:
libvirt-3.2.0-5.virtcov.el7.x86_64
qemu-kvm-rhev-2.9.0-5.el7.x86_64

## qemu-img create -f luks -o key-secret=sec0 --object secret,id=sec0,data=1234567812345678 /var/lib/libvirt/images/luks.disk 1G
Formatting '/var/lib/libvirt/images/luks.disk', fmt=luks size=1073741824 key-secret=sec0

## cat sec.xml 
<secret ephemeral='no' private='no'>
  <uuid>f981dd17-143f-45bc-88e6-ed1fe20ce9da</uuid>
  <description>LUKS Secret</description>
  <usage type='volume'>
    <volume>/var/lib/libvirt/images/luks.disk</volume>
  </usage>
</secret>


## virsh secret-define sec.xml 
Secret f981dd17-143f-45bc-88e6-ed1fe20ce9da created

## virsh secret-set-value f981dd17-143f-45bc-88e6-ed1fe20ce9da $(echo -n 1234567812345678 | base64)
Secret value set


## virsh dumpxml r | grep disk -a10
...
    <disk type='file' device='disk'>
      <driver name='qemu' type='raw'/>
      <source file='/var/lib/libvirt/images/luks.disk'/>
      <target dev='vdb' bus='virtio'/>
      <encryption format='luks'>
        <secret type='passphrase' uuid='f981dd17-143f-45bc-88e6-ed1fe20ce9da'/>
      </encryption>
      <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
    </disk>
...

## virsh start r
Domain r started

also tried with 15/17 bytes password and passed.

Comment 8 errata-xmlrpc 2017-08-02 00:08:25 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1846

Comment 9 errata-xmlrpc 2017-08-02 01:32:35 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1846


Note You need to log in before you can comment on or make changes to this bug.