Skip site navigation (1) Skip section navigation (2)

Re: pgcrypto decrypt_iv() issue

From: Marko Kreen <markokr(at)gmail(dot)com>
To: Stefan Kaltenbrunner <stefan(at)kaltenbrunner(dot)cc>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Postgres-Bugs <pgsql-bugs(at)postgresql(dot)org>
Subject: Re: pgcrypto decrypt_iv() issue
Date: 2012-01-27 17:54:49
Message-ID: CACMqXCLEYQ-TLeew4+8VvKOCjAgk_nvFkY7rrDaauJzuQEYR8w@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-bugs
On Fri, Jan 27, 2012 at 7:34 PM, Stefan Kaltenbrunner
<stefan(at)kaltenbrunner(dot)cc> wrote:
> On 01/27/2012 04:20 PM, Marko Kreen wrote:
>> On Fri, Jan 27, 2012 at 01:37:11AM -0500, Tom Lane wrote:
>> Yeah, it should be fixed.  But note that "random data" is part of
>> decrypt() spec - the validation it can do is a joke.
>>
>> Its more important to do proper checks in encrypt() to avoid invalid
>> stored data, but there the recommended modes (CBC, CFB) can work
>> with any length data, so even there the impact is low.
>
> I agree - but in my case the input to those functions is actually coming
> from external untrusted systems - so if the data is (completely) invalid
> really want to get a proper error message instead of random memory content.

You *will* get random memory content.  If your app is exploitable with
invalid data, you *will* get exploited.  The decrypt() checks are
more for developer convenience than anything more serious.

Please fix your app to survive invalid data...

-- 
marko

In response to

Responses

pgsql-bugs by date

Next:From: Magnus HaganderDate: 2012-01-27 18:00:01
Subject: Re: pgcrypto decrypt_iv() issue
Previous:From: Marko KreenDate: 2012-01-27 17:43:16
Subject: Re: pgcrypto decrypt_iv() issue

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group