core: use fips-compatible padding for provider passwords (#677)

* core: use fips-compatible padding for provider passwords Use OAEP with SHA256 and MGF1 padding in password encryption and decryption during authenticating with ovirt-ovn-provider on el9 deployments where FIPS is enabled. New provide passwords are only encrypted using the new padding, with "$" added in front of he encrypted string. Keep backward compatibility by checking the first character of the provider password field. "$" means the new padding is used and the rest of the string should be decoded using OAEP, otherwise it's the old padding and the whole string is decoded as is. Signed-off-by: Eitan Raviv <eraviv@redhat.com> Signed-off-by: Marcin Sobczyk <msobczyk@redhat.com> Signed-off-by: Milan Zamazal <mzamazal@redhat.com>
oVirt · Sep 27, 2022 · 793e184 · 793e184
1 parent ce8b692
commit 793e184
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 8 deletions.
diff --git a/.../modules/utils/src/main/java/org/ovirt/engine/core/utils/crypt/EngineEncryptionUtils.java b/.../modules/utils/src/main/java/org/ovirt/engine/core/utils/crypt/EngineEncryptionUtils.java
@@ -151,11 +151,13 @@ public static String encrypt(String source) throws GeneralSecurityException {
         if (source == null || source.length() == 0) {
             return source;
         } else {
-            Cipher rsa = Cipher.getInstance("RSA");
+            String encrypted = "$";
+            Cipher rsa = Cipher.getInstance("RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING");
             rsa.init(Cipher.ENCRYPT_MODE, getCertificate().getPublicKey());
-            return new Base64(0).encodeToString(
+            encrypted += new Base64(0).encodeToString(
                 rsa.doFinal(source.getBytes(StandardCharsets.UTF_8))
             );
+            return encrypted;
         }
     }
 
@@ -170,7 +172,14 @@ public static String decrypt(String source) throws GeneralSecurityException {
         if (source == null || source.length() == 0) {
             return source;
         } else {
-            Cipher rsa = Cipher.getInstance("RSA");
+            String cipherString = "RSA";
+
+            if (source.charAt(0) == '$') {
+                cipherString = "RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING";
+                source = source.substring(1);
+            }
+
+            Cipher rsa = Cipher.getInstance(cipherString);
             rsa.init(Cipher.DECRYPT_MODE, getPrivateKeyEntry().getPrivateKey());
             return new String(
                 rsa.doFinal(new Base64().decode(source)),

diff --git a/...ules/utils/src/test/java/org/ovirt/engine/core/utils/crypt/EngineEncryptionUtilsTest.java b/...ules/utils/src/test/java/org/ovirt/engine/core/utils/crypt/EngineEncryptionUtilsTest.java
@@ -37,6 +37,20 @@ public void testEncrypt() throws Exception {
         assertEquals(plain, plain2);
     }
 
+    @Test
+    public void testDecryptLegacyPKCS1Padding() throws Exception {
+        String plain = "Test123!32@";
+        String encrypted = "Qqvu8XdQUQpXI4NRElDcgg+kcL9aFuN/ypbLacLNxZvOgBzMumg" +
+                           "yx8WcZZIHHuKBXpBgrIjoNiZ1Xa4NxG5PBtwrWVc1aw5Ax59m3u" +
+                           "AN46O4wtz2hNAQTjIHAPvAiXqxwZAeeX7+FxqNsDso4UofujCoT" +
+                           "X/crOpNZmBTm7Y4TIsQ4oYiM2J2viGgK6GlvnpIfI5L6vKzXA/k" +
+                           "nq3ht5h8bPipNJmDMY7xD3HBf9Dac5SPV/A20ouL62CISmXexyp" +
+                           "YxKhRCur7KPWFk86o2h9L0wKQDYr7VxJ9fEi6ciPWtXZUqxnftu" +
+                           "E/Zb6XqnQK/M+cb2k26mDRhPqBL332rz4Hvg==";
+        String plain2 = EngineEncryptionUtils.decrypt(encrypted);
+        assertEquals(plain, plain2);
+    }
+
     @Test
     public void testEncryptThreads() throws Exception {
         List<Thread> l = new LinkedList<>();

diff --git a/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/network/ovirtproviderovn.py b/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/network/ovirtproviderovn.py
@@ -23,6 +23,7 @@
 from collections import namedtuple
 
 from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives import hashes
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric import padding
 
@@ -404,12 +405,11 @@ def _getRSA():
 
         encrypted_password = _getRSA().public_key().encrypt(
             password.encode(),
-            # TODO replace PKCS1v15 with PSS if/when we know we do not
-            # need m2crypto compatibility. Would likely require changes
-            # also in the engine and in the ovn provider.
-            padding=padding.PKCS1v15(),
+            padding=padding.OAEP(
+                padding.MGF1(hashes.SHA256()), hashes.SHA256(), None
+            ),
         )
-        return base64.b64encode(encrypted_password)
+        return b'$' + base64.b64encode(encrypted_password)
 
     def _query_install_ovn(self):
         return dialog.queryBoolean(