Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use PKCS5Padding instead of ISO10126Padding for secrets encryption #14193

Merged
merged 6 commits into from Dec 14, 2022
Merged

Use PKCS5Padding instead of ISO10126Padding for secrets encryption #14193

merged 6 commits into from Dec 14, 2022

Commits on Dec 13, 2022

  1. Use PKCS5 instead of ISO10126 padding for secrets encryption 

    If Graylog is run in an FIPS environment there is no
crypto provider available that supports "AES/CBC/ISO10126Padding".
This is likely because this padding standard was withdrawn from ISO in
2007.
It is considered bad practice to leave a subliminal channel in the
padding.

We tried to workaround this by explicitly using BouncyCastle
for the encryption/decryption.

This however creates problems with Oracle Java, because
we strip the signature off the bouncy castle jar while repackaging
it into our Uber-Jar.
In contrast to OpenJDK, Oracle Java does not allow the use
of unsigned Security Providers.

Solution:

Change our secret encryption to using PKCS5Padding instead.
There is a FIPS compatible provider "SunPKCS11-NSS-FIPS"
available which supports "AES/CBC/PKCS5Padding".

For backwards compatibility, we decrypt the ISO10126Padded keys
without stripping the padding, and do that manually.

Fixes #14153

Refs #13525
    @mpfz0r
    mpfz0r committed Dec 13, 2022
    Configuration menu
    Copy the full SHA
    7ac06a7 View commit details
    Browse the repository at this point in the history

  2. use explicit type to simplify backport

    @mpfz0r
    mpfz0r committed Dec 13, 2022
    Configuration menu
    Copy the full SHA
    87d496d View commit details
    Browse the repository at this point in the history

  3. Also try legacy decoding when catching a ProviderException 

    This seems to happen with FIPS enabled OpenJDK 17
    @mpfz0r
    mpfz0r committed Dec 13, 2022
    Configuration menu
    Copy the full SHA
    28c5dab View commit details
    Browse the repository at this point in the history

  4. Try decrypting legacy keys on any Exception

    @mpfz0r
    mpfz0r committed Dec 13, 2022
    Configuration menu
    Copy the full SHA
    176c338 View commit details
    Browse the repository at this point in the history

  5. improve wording on comments

    @mpfz0r
    mpfz0r committed Dec 13, 2022
    Configuration menu
    Copy the full SHA
    20bf7fd View commit details
    Browse the repository at this point in the history

Commits on Dec 14, 2022

  1. improve changelog

    @mpfz0r
    mpfz0r committed Dec 14, 2022
    Configuration menu
    Copy the full SHA
    58d235f View commit details
    Browse the repository at this point in the history