From: | neilc(at)svr1(dot)postgresql(dot)org (Neil Conway) |
---|---|
To: | pgsql-committers(at)postgresql(dot)org |
Subject: | pgsql: pgcrypto update: Reserve px_get_random_bytes() for strong |
Date: | 2005-03-21 05:22:16 |
Message-ID: | 20050321052216.1EDC256494@svr1.postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-committers |
Log Message:
-----------
pgcrypto update:
Reserve px_get_random_bytes() for strong randomness,
add new function px_get_pseudo_random_bytes() for
weak randomness and use it in gen_salt().
On openssl case, use RAND_pseudo_bytes() for
px_get_pseudo_random_bytes().
Final result is that is user has not configured random
souce but kept the 'silly' one, gen_salt() keeps
working, but pgp_encrypt() will throw error.
Marko Kreen
Modified Files:
--------------
pgsql/contrib/pgcrypto:
px-crypt.c (r1.10 -> r1.11)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/pgcrypto/px-crypt.c.diff?r1=1.10&r2=1.11)
px.c (r1.10 -> r1.11)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/pgcrypto/px.c.diff?r1=1.10&r2=1.11)
px.h (r1.11 -> r1.12)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/pgcrypto/px.h.diff?r1=1.11&r2=1.12)
random.c (r1.9 -> r1.10)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/pgcrypto/random.c.diff?r1=1.9&r2=1.10)
From | Date | Subject | |
---|---|---|---|
Next Message | Neil Conway | 2005-03-21 05:24:53 | pgsql: pgcrypto update: * test error handling * add tests for des, |
Previous Message | Neil Conway | 2005-03-21 05:21:05 | pgsql: pgcrypto update: * openssl.c: Add 3des and AES support * |