Skip site navigation (1) Skip section navigation (2)

Re: pgcrypto & strong ciphers limitation

From: Bruce Momjian <bruce(at)momjian(dot)us>
To: Zdenek Kotala <Zdenek(dot)Kotala(at)Sun(dot)COM>
Cc: PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Stefan Kaltenbrunner <stefan(at)kaltenbrunner(dot)cc>
Subject: Re: pgcrypto & strong ciphers limitation
Date: 2007-09-26 08:37:33
Message-ID: 200709260837.l8Q8bX911675@momjian.us (view raw or flat)
Thread:
Lists: pgsql-hackers
Just confirming, this should be applied to 8.3, right?

---------------------------------------------------------------------------

Zdenek Kotala wrote:
> Stefan reported me that prcrypto regression test fails on solaris 10 
> with openssl support. I investigated this problem and the result is that 
> Solaris 10 delivers only support for short keys up to 128. Strong crypto 
> (SUNWcry and SUNWcryr packages) is available on web download pages. (It 
> is result of US crypto export policy.)
> 
> However, on default installation  (which is commonly used) it is a 
> problem. Regression test cannot be fixed because it tests strong 
> ciphers, but there two very strange issue:
> 
> 1) First issue is blowfish cipher. Because pgcrypto uses old interface 
> instead new "evp" it calls bf_set_key function which does not return any 
> output and cut key if it is too long. See 
> http://src.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/common/openssl/crypto/bf/bf_skey.c
> line 84.
> 
> If user installs strong crypto he will not be able decrypt data which 
> has been encrypted before.
> 
> The fix of this issue is ugly, because there is not way how to verify 
> supported key length with old openssl API and only new API return err if 
> length is not supported.
> 
> 
> 2) AES ciphere crashes when key is longer. It happens because return 
> value from AES_set_encrypt_key is ignored and AES_encrypt is called with 
> uninitialized structure.
> 
> 
> I attach patch which fix both issues, but main problem is there that old 
> openssl API is used and supported key lengths are hardcoded. I think we 
> can add to TODO list rewrite pgcrypto to use evp openssl interface.
> 
> 
> 	Any comments?
> 
> 		Zdenek
> 


> 
> ---------------------------(end of broadcast)---------------------------
> TIP 6: explain analyze is your friend

-- 
  Bruce Momjian  <bruce(at)momjian(dot)us>          http://momjian.us
  EnterpriseDB                               http://www.enterprisedb.com

  + If your life is a hard drive, Christ can be your backup. +

In response to

Responses

pgsql-hackers by date

Next:From: Bruce MomjianDate: 2007-09-26 08:38:54
Subject: Re: allow CSV quote in NULL
Previous:From: Bruce MomjianDate: 2007-09-26 08:36:30
Subject: Re: Reviewing new index types (was Re: [PATCHES] Updated bitmap indexpatch)

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group