Use a 32-byte version of db_key_base for web hooks

AES-256-GCM cipher mode requires a key that is exactly 32 bytes long. We already handle the case when the key is too long, by truncating, but the key can also be too short in some installations. Switching to a key that is always exactly the right length (by virtue of right-padding ASCII 0 characters) allows encryption to proceed, without breaking backward compatibility. When the key is too short, encryption fails with an `ArgumentError`, causing the web hooks functionality to be unusable. As a result, zero rows can exist with values encrypted with the too-short key. When the key is too long, it is silently truncated. In this case, the key is unchanged, so values encrypted with the new too-long key will still be successfully decrypted.

Use a 32-byte version of db_key_base for web hooks
AES-256-GCM cipher mode requires a key that is exactly 32 bytes long. We already handle the case when the key is too long, by truncating, but the key can also be too short in some installations. Switching to a key that is always exactly the right length (by virtue of right-padding ASCII 0 characters) allows encryption to proceed, without breaking backward compatibility. When the key is too short, encryption fails with an `ArgumentError`, causing the web hooks functionality to be unusable. As a result, zero rows can exist with values encrypted with the too-short key. When the key is too long, it is silently truncated. In this case, the key is unchanged, so values encrypted with the new too-long key will still be successfully decrypted.
2f2b0ad3 · Nick Thomas · d2ef9876 · 2f2b0ad3 · 2f2b0ad3 · 2f2b0ad3
3 changed file
--- a/app/models/hooks/web_hook.rb
+++ b/app/models/hooks/web_hook.rb
@@ -6,12 +6,12 @@ class WebHook < ActiveRecord::Base
  attr_encrypted :token,
                 mode:      :per_attribute_iv,
                 algorithm: 'aes-256-gcm',
-                 key:       Settings.attr_encrypted_db_key_base_truncated
+                 key:       Settings.attr_encrypted_db_key_base_32

  attr_encrypted :url,
                 mode:      :per_attribute_iv,
                 algorithm: 'aes-256-gcm',
-                 key:       Settings.attr_encrypted_db_key_base_truncated
+                 key:       Settings.attr_encrypted_db_key_base_32

  has_many :web_hook_logs, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent


--- a/changelogs/unreleased/53659-use-padded-key-for-gcm-ciphers.yml
+++ b/changelogs/unreleased/53659-use-padded-key-for-gcm-ciphers.yml
+---
+title: Fix web hook functionality when the database encryption key is too short
+merge_request: 23573
+author:
+type: fixed
--- a/lib/gitlab/background_migration/models/encrypt_columns/web_hook.rb
+++ b/lib/gitlab/background_migration/models/encrypt_columns/web_hook.rb
@@ -15,12 +15,12 @@ module Gitlab
          attr_encrypted :token,
                         mode:      :per_attribute_iv,
                         algorithm: 'aes-256-gcm',
-                         key:       ::Settings.attr_encrypted_db_key_base_truncated
+                         key:       ::Settings.attr_encrypted_db_key_base_32

          attr_encrypted :url,
                         mode:      :per_attribute_iv,
                         algorithm: 'aes-256-gcm',
-                         key:       ::Settings.attr_encrypted_db_key_base_truncated
+                         key:       ::Settings.attr_encrypted_db_key_base_32
        end
      end
    end