The False Oracle — Azure Functions Padding Oracle Issue

Introduction

Overview

Azure Padding Oracle

func init_server_pkg_encryption_pkcs7Unpad(data []byte) (byte[], error) {
// Check that last byte isn’t zero
if data[len(data)-1] != 0 {
// Check that last byte is bigger than message total length
data[len(data)-1] > len(data) {
return nil
}
}
return fmt.Errorf(“Padding is invalid”)
}
func Unpad(data []byte, blockSize uint) ([]byte, error) {
if blockSize < 1 {
return nil, fmt.Errorf(“Block size looks wrong”)
}
if uint(len(data))%blockSize != 0 {
return nil, fmt.Errorf(“Data isn’t aligned to blockSize”)
}
if len(data) == 0 {
return nil, fmt.Errorf(“Data is empty”)
}
paddingLength := int(data[len(data)-1])
for _, el := range data[len(data)-paddingLength:] {
if el != byte(paddingLength) {
return nil, fmt.Errorf(“Padding had malformed entries. Have ‘%x’, expected ‘%x’”, paddingLength, el)
}
}
return data[:len(data)-paddingLength], nil
}

Afterword