On Fri, Dec 19, 2014 at 3:57 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: > > Magnus Hagander <mag...@hagander.net> writes: > > On Fri, Dec 19, 2014 at 11:52 AM, Christoph Berg <c...@df7cb.de> wrote: > >> Googling for "digest too big for rsa key" seems to indicate that this > >> problem occurs when you are using (client?) certificates with short > >> RSA keys. 512 bits is most often cited in the problem reports, > >> something like 768 is around the minimum size that works, and of > >> course, anything smaller than 1024 or really 1536 (or 2048) bits is > >> too small for today's crypto standards. > >> > >> So the question here is if this is also the problem you saw - are you > >> using client or server certificates with short keys? > >> > >> What this explanation doesn't explain is why the problem occurs with > >> 9.4's libpq5 while it works with 9.3's. The libssl version used for > >> building these packages should really be the same, 9.3.5-2.pgdg70+1 > >> was built just two days ago as well. > > > Some googling shows that this could be because it's negotiating TLS 1.2 > > which the key is just too small for. And we did change that in 9.4 - > commit > > 326e1d73c476a0b5061ef00134bdf57aed70d5e7 disabled SSL in favor of always > > using TLS for security reasons. > > Hm ... the 9.4 release notes fail to describe that change adequately, and > certainly don't mention that it would have any compatibility implications. > Guess that needs to be fixed. Does anyone know offhand what the change in > the minimum key length is across SSL/TLS versions, exactly? >
I haven't seen a specific number, it might depend on exactly which cipher is negotiated. See for example http://openssl.6102.n7.nabble.com/What-is-the-reason-for-error-quot-SSL-negotiation-failed-error-04075070-rsa-routines-RSA-sign-digest-td43953.html All references I have foud say at least 2014 is safe and 512 is broken, but there are points in betwee nthat apparently works in some cases only. I think if we say "use 1024 bits or more" we err on the safe side. -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/
