Open Stack

^ Nope I was wrong, I was working from memory and thought that
MAX_CB_SIZE was used for the modulus, in fact it's the block_size of the
cipher which in this case defaults to 128.

-- 
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1326474

Title:
  crypto/utils.py may use too much padding

Status in Oslo - a Library of Common OpenStack Code:
  Invalid

Bug description:
  I've been reviewing some of the crypto code available in OpenStack and
  noticed something interesting in the padding of
  common/crypto/utils.py.

  
  If the message length is the same as the cipher block size an entire extra block of padding is sent along with the message, I'm not sure if this is desired behaviour (if it is, this bug is invalid) but it certainly doesn't seem quite right.

  If the message length is ever the same as the boundary size ( % 256)
  then an entirely extra block of padding will be applied:

  ---code---
     r = len(msg) % self.cipher.block_size
          padlen = self.cipher.block_size - r - 1
          msg += b'\x00' * padlen
          msg += bchr(padlen)
  ---/code---

  So if our msg length is 256,512,,, then 'r' will be 0
  padlen will be 256-0-1 or 255
  msg gets 255 * b'\x00' added and then the number 255 tagged on the end.

To manage notifications about this bug go to:
https://bugs.launchpad.net/oslo/+bug/1326474/+subscriptions