Use a 32-byte version of db_key_base for web hooks (!23573) · Merge requests · GitLab.org / GitLab FOSS

The source project of this merge request has been removed.

Nick Thomas requested to merge (removed):53659-use-padded-key-for-gcm-ciphers into master Dec 04, 2018

What does this MR do?

AES-256-GCM cipher mode requires a key that is exactly 32 bytes long. We already handle the case when the key is too long, by truncating, but the key can also be too short in some installations. Switching to a key that is always exactly the right length (by virtue of right-padding ASCII 0 characters) allows encryption to proceed, without breaking backward compatibility.

When the key is too short, encryption fails with an ArgumentError, causing the web hooks functionality to be unusable. As a result, zero rows can exist with values encrypted with the too-short key.

When the key is too long, it is silently truncated. In this case, the key is unchanged, so values encrypted with the new too-long key will still be successfully decrypted.

What are the relevant issue numbers?

Closes #53659 (closed)

Does this MR meet the acceptance criteria?

Changelog entry added, if necessary
[-] Documentation created/updated
[-] Tests added for this feature/bug
Conforms to the code review guidelines
Conforms to the merge request performance guidelines
Conforms to the style guides
[-] Conforms to the database guides
[-] Link to e2e tests MR added if this MR has Requires e2e tests label. See the Test Planning Process.
[-] Security reports checked/validated by reviewer

Edited Dec 05, 2018 by Nick Thomas

Use a 32-byte version of db_key_base for web hooks

What does this MR do?

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

Merge request reports