totemcrypto: Fix importing of the private key

Import key with length not dividable by wrap key block size was not
possible.

Wrapping of the key is standard crypto operation which needs data
aligned to cipher block size, otherwise it fails.

Possible solution is to use a zero filled buffer with size aligned to
required wrap key block size. Private key is copied to the beginning of
the buffer and unwrap operation keeps using only required private key
size.

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>

exec/totemcrypto.c

@@ -247,7 +247,9 @@ static PK11SymKey *import_symmetric_key(struct crypto_instance *instance, enum s
 	SECItem tmp_sec_item;
 	SECItem wrapped_key;
 	int wrapped_key_len;
+	int wrap_key_block_size;
 	unsigned char wrapped_key_data[MAX_WRAPPED_KEY_LEN];
+	unsigned char pad_key_data[MAX_WRAPPED_KEY_LEN];
 	int case_processed;
 
 	memset(&key_item, 0, sizeof(key_item));
@@ -256,8 +258,15 @@ static PK11SymKey *import_symmetric_key(struct crypto_instance *instance, enum s
 	res_key = NULL;
 	wrap_key_crypt_context = NULL;
 
+	if (instance->private_key_len > sizeof(pad_key_data)) {
+		log_printf(instance->log_level_security, "Import symmetric key failed. Private key is too long");
+		goto exit_res_key;
+	}
+	memset(pad_key_data, 0, sizeof(pad_key_data));
+	memcpy(pad_key_data, instance->private_key, instance->private_key_len);
+
 	key_item.type = siBuffer;
-	key_item.data = instance->private_key;
+	key_item.data = pad_key_data;
 
 	case_processed = 0;
 	switch (key_type) {
@@ -317,6 +326,22 @@ static PK11SymKey *import_symmetric_key(struct crypto_instance *instance, enum s
 	 * Encrypt authkey with wrapping key
 	 */
 
+	/*
+	 * Key must be padded to a block size
+	 */
+	wrap_key_block_size = PK11_GetBlockSize(wrap_mechanism, 0);
+	if (wrap_key_block_size < 0) {
+		log_printf(instance->log_level_security, "Unable to get wrap key block size (%d): %s",
+		    PR_GetError(), PR_ErrorToString(PR_GetError(), PR_LANGUAGE_I_DEFAULT));
+		goto exit_res_key;
+	}
+	if (sizeof(pad_key_data) % wrap_key_block_size != 0) {
+		log_printf(instance->log_level_security, "Padded key buffer size (%zu) is not dividable by "
+		    "wrap key block size (%u).", sizeof(pad_key_data), (unsigned int)wrap_key_block_size);
+
+		goto exit_res_key;
+	}
+
 	/*
 	 * Initialization of IV is not needed because PK11_GetBestWrapMechanism should return ECB mode
 	 */
@@ -332,7 +357,7 @@ static PK11SymKey *import_symmetric_key(struct crypto_instance *instance, enum s
 	wrapped_key_len = (int)sizeof(wrapped_key_data);
 
 	if (PK11_CipherOp(wrap_key_crypt_context, wrapped_key_data, &wrapped_key_len,
-	    sizeof(wrapped_key_data), key_item.data, key_item.len) != SECSuccess) {
+	    sizeof(wrapped_key_data), key_item.data, sizeof(pad_key_data)) != SECSuccess) {
 		log_printf(instance->log_level_security, "Unable to encrypt authkey (%d): %s",
 			   PR_GetError(), PR_ErrorToString(PR_GetError(), PR_LANGUAGE_I_DEFAULT));
 		goto exit_res_key;