Closed rg-ac closed 5 years ago
I am also getting the 16 byte key error on 4.0.2 of redmine, I get an internal server error when I try to add a key, and looking at the redmine log I see the 16 byte error.
An update, I get the error regardless of what I do, so basically plugin does not work as it's impossible to add any keys of any sort.
We will try to reproduce this bug asap
looks your encryption key changed or small key must be 16 bytes
or you switched from Redmine encryption to Vault
In fact I just figured that out, I had a 64 byte key, it should not be so picky to have to be exactly 16 bytes
In fact I just figured that out, I had a 64 byte key, it should not be so picky to have to be exactly 16 bytes
we agree, we will fix this issue
We didn't change the key but the key is 24 characters. May be old versions accepted this length of key?
NoShutdown, any news about this issue? Or is there a work around to get back to the keys in the vault?
Sorry not investigated, yet, will push this task forward
If you want to quick fix this issues, change line 22
cipher.key = cipher_key[0..15]
Sorry for this delay, we checked issue, encryption key must be at least 16 symbols, we will append alert. Also 64 symbols keys should work.
The quick fix didn't work for me. Our master key is 24 chars in length. I changed line 22 in lib/vault_cipher.rb from cipher.key = cipher_key to cipher.key = cipher_key[0..23] Restartet the Redmine and still have the following error:
ArgumentError (key must be 16 bytes):
plugins/vault/lib/vault_cipher.rb:22:in key=' plugins/vault/lib/vault_cipher.rb:22:in
decrypt_text'
plugins/vault/lib/encryptor.rb:11:in decrypt' plugins/vault/app/models/vault/password.rb:14:in
decrypt!'
plugins/vault/app/controllers/keys_controller.rb:66:in map' plugins/vault/app/controllers/keys_controller.rb:66:in
index'
lib/redmine/sudo_mode.rb:63:in `sudo_mode'
I would like to get my passwords back :-)
why you decide try fix ? this is not a bug, for encryption you shouldn't use short password
can you provide more info for help you
The quick fix didn't work for me. Our master key is 24 chars in length. I changed line 22 in lib/vault_cipher.rb from cipher.key = cipher_key to cipher.key = cipher_key[0..23] Restartet the Redmine and still have the following error:
ArgumentError (key must be 16 bytes): plugins/vault/lib/vault_cipher.rb:22:in
key=' plugins/vault/lib/vault_cipher.rb:22:in
decrypt_text' plugins/vault/lib/encryptor.rb:11:indecrypt' plugins/vault/app/models/vault/password.rb:14:in
decrypt!' plugins/vault/app/controllers/keys_controller.rb:66:inmap' plugins/vault/app/controllers/keys_controller.rb:66:in
index' lib/redmine/sudo_mode.rb:63:in `sudo_mode'I would like to get my passwords back :-)
Can you revert changes back. And can you tell what type of encryption do you use and what lengths of encryption key ?
We use a 24 chars key (didn't change for long time - I think so). The key is defined in the web gui of redmine inside the vault plugin configuration area. But vault seems to fail after upgrade to 0.3.11 - don't know the last version which was working fine - may be 0.3.10? Everything else (redmine version and so on) you see at the beginning of this issue. If I revert to the 'cipher.key = cipher_key' variant it's still the same error.
We use a 24 chars key (didn't change for long time - I think so). The key is defined in the web gui of redmine inside the vault plugin configuration area. But vault seems to fail after upgrade to 0.3.11 - don't know the last version which was working fine - may be 0.3.10? Everything else (redmine version and so on) you see at the beginning of this issue. If I revert to the 'cipher.key = cipher_key' variant it's still the same error.
can you create new project and in new project create test key, will it work ?
it is possible what you used before Redmine encryption ? it is possible what encryption password was changed ?
We use a 24 chars key (didn't change for long time - I think so). The key is defined in the web gui of redmine inside the vault plugin configuration area. But vault seems to fail after upgrade to 0.3.11 - don't know the last version which was working fine - may be 0.3.10? Everything else (redmine version and so on) you see at the beginning of this issue. If I revert to the 'cipher.key = cipher_key' variant it's still the same error.
can you create new project and in new project create test key, will it work ? Created new project, added new key -> same error as soon as I press save.
it is possible what you used before Redmine encryption ? it is possible what encryption password was changed ? 99,9% -> No to both questions.
Is there a script to test the decryption of an exported encrypted password with the master key?
can you try make backup ? can you update encryption key, remove/paste same again ?
I've a second redmine instance with the vault plugin. Here I have the same error. But there are still no real production passwords saved. So I shortened the master key to 16 characters and then I was able to save und modify passwords.
I've a second redmine instance with the vault plugin. Here I have the same error. But there are still no real production passwords saved. So I shortened the master key to 16 characters and then I was able to save und modify passwords.
I increased the master key to 17 characters and again: saving passwords fails.
strange, can you show me list of installed gem's ?
Btw. when I shorten the master key on the production system to 16 characters I can access my allready stored passwords :-) Does it mean only the first 16 characters are used for encryption? How can a generate the gem list?
Btw. when I shorten the master key on the production system to 16 characters I can access my allready stored passwords :-) Does it mean only the first 16 characters are used for encryption? How can a generate the gem list?
it shouldn't be so
we will check it
you can get list of installed gem's by this command gem list
strange, on our test installation, we tried secret key with 16,17 symbols and it working
@rg-artcom so for you it working properly with 16 symbols key ?
Yes, it's working with 16 symbols. Here the gem list: LOCAL GEMS
actionmailer (4.2.11) actionpack (4.2.11) actionpack-xml_parser (1.0.2) actionview (4.2.11) activejob (4.2.11) activemodel (4.2.11) activerecord (4.2.11) activesupport (4.2.11) addressable (2.6.0) arel (6.0.4) bigdecimal (default: 1.3.2) builder (3.2.3) bundler (default: 1.17.3) bundler-unload (1.0.2) coderay (1.1.2) concurrent-ruby (1.1.4) crass (1.0.4) css_parser (1.6.0) did_you_mean (1.1.0) erubis (2.7.0) executable-hooks (1.6.0) gem-wrappers (1.4.0) globalid (0.4.2) htmlentities (4.3.4) i18n (0.7.0) iconv (1.0.8) io-console (default: 0.4.6) jquery-rails (3.1.5) json (default: 2.0.4) liquid (2.6.3) loofah (2.2.3) mail (2.6.6) mime-types (3.2.2) mime-types-data (3.2018.0812) mimemagic (0.3.3) mini_portile2 (2.3.0) minitest (5.11.3, 5.10.1) mysql2 (0.4.10) net-ldap (0.12.1) net-telnet (0.1.1) nokogiri (1.8.5) openssl (default: 2.0.9) passenger (6.0.2) power_assert (0.4.1) protected_attributes (1.1.4) psych (default: 2.2.2) public_suffix (3.0.3) rack (1.6.11) rack-openid (1.4.2) rack-test (0.6.3) rails (4.2.11) rails-deprecated_sanitizer (1.0.3) rails-dom-testing (1.0.9) rails-html-sanitizer (1.0.4) railties (4.2.11) rake (12.3.2, 12.0.0) rbpdf (1.19.8) rbpdf-font (1.19.1) rdoc (default: 5.0.0) redcarpet (3.4.0) RedCloth (4.3.2) redmine_crm (0.0.42) request_store (1.0.5) rmagick (2.16.0) roadie (3.2.2) roadie-rails (1.1.1) roo (2.8.2) ruby-openid (2.3.0) rubygems-bundler (1.4.5) rubyzip (1.2.2) rvm (1.11.3.9) slim (4.0.1) slim-rails (3.2.0) sprockets (3.7.2) sprockets-rails (3.2.1) temple (0.8.0) test-unit (3.2.3) thor (0.20.3) thread_safe (0.3.6) tilt (2.0.9) tzinfo (1.2.5) validate_url (1.0.2) xmlrpc (0.2.1)
Today I noticed that the vault plugin 0.3.11 is not running anymore. I don't know when/why it started to give a server error. The error log says:
Started GET "/projects/****/keys" for 10.1.1.116 at 2019-04-11 12:45:02 +0200 Processing by KeysController#index as HTML Parameters: {"project_id"=>"****"} Current user: ***** (id=24) Completed 500 Internal Server Error in 37ms (ActiveRecord: 5.9ms)
ArgumentError (key must be 16 bytes): plugins/vault/lib/vault_cipher.rb:22:in
key=' plugins/vault/lib/vault_cipher.rb:22:in
decrypt_text' plugins/vault/lib/encryptor.rb:11:indecrypt' plugins/vault/app/models/vault/password.rb:14:in
decrypt!' plugins/vault/app/controllers/keys_controller.rb:66:inmap' plugins/vault/app/controllers/keys_controller.rb:66:in
index' lib/redmine/sudo_mode.rb:63:in `sudo_mode'The current setup is: Environment: Redmine version 3.4.8.stable Ruby version 2.4.6-p354 (2019-04-01) [x86_64-linux] Rails version 4.2.11 Environment production Database adapter Mysql2
Because of the error I upgraded today from ruby 2.4.5 to 2.4.6. But it does not help.