I attach pgcrypto patch which fix two problems on system without strong crypto support (e.g. default Solaris 10 installation):

1) postgres crashes when AES cipher uses long key
2) Blowfish silently cut longer keys. It could bring problem when crypted data are transfered from one server to another with strong keys support.


This patch was discussed there:
http://archives.postgresql.org/pgsql-hackers/2007-07/msg00762.php

This patch is applicable also on 8.2, 8.1 (and maybe older) version of postgresql.

        
                Zdenek
Index: contrib/pgcrypto/openssl.c
===================================================================
RCS file: /zfs_data/cvs_pgsql/cvsroot/pgsql/contrib/pgcrypto/openssl.c,v
retrieving revision 1.30
diff -c -r1.30 openssl.c
*** contrib/pgcrypto/openssl.c	2006/10/04 00:29:46	1.30
--- contrib/pgcrypto/openssl.c	2007/07/27 12:26:15
***************
*** 375,385 ****
--- 375,422 ----
  
  /* Blowfish */
  
+ /* Check if strong crypto is supported. Some openssl installation could support only short keys
+   and unfortunatelly BF_sef_key does not return any error value. This function tests if is possible
+   use strong key.
+ */ 
+ static int
+ bf_check_supported_key_len()
+ {
+ 	static unsigned char key[] = "\360\341\322\303\264\245\226\207xiZK<-\036\017\000\021\"3DUfw\004h\221\004\302\375;/[EMAIL PROTECTED]";
+ 	static unsigned char data[16] =  "\376\334\272\230vT2\020";
+ 	static unsigned char res[] = "\300E\004\001.N\037S";
+ 	static unsigned char out[16];
+ 	BF_KEY bf_key;
+ 	int n;
+ 
+ 	/* encrypt and th 448bits key and verify output */
+ 	BF_set_key(&bf_key,56, key);
+ 	BF_ecb_encrypt(	data, out, &bf_key, BF_ENCRYPT);
+ 	
+ 	for( n=0 ; n<8; n++)
+ 	{
+ 		if( out[n] != res[n] )
+ 			return 0;	/* Output does not match -> strong cipher is not supported */ 
+ 	}
+ 	return 1;
+ }
+ 
  static int
  bf_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
  {
  	ossldata   *od = c->ptr;
+ 	static int bf_is_strong = -1;
+ 
+ 	/* Test if key len is supported. BF_set_key silently cut large keys and it could be
+ 	 be a problem when user transfer crypted data from one server to another. */
+ 	
+ 	if( bf_is_strong == -1)
+ 		bf_is_strong = bf_check_supported_key_len();
+ 
+ 	if( !bf_is_strong && klen>16 )
+ 		return PXE_KEY_TOO_BIG; 
  
+ 	/* Key len is supported. We can use it. */
  	BF_set_key(&od->u.bf.key, klen, key);
  	if (iv)
  		memcpy(od->iv, iv, BF_BLOCK);
***************
*** 692,705 ****
  	return 0;
  }
  
! static void
  ossl_aes_key_init(ossldata * od, int type)
  {
  	if (type == AES_ENCRYPT)
! 		AES_set_encrypt_key(od->key, od->klen * 8, &od->u.aes_key);
  	else
! 		AES_set_decrypt_key(od->key, od->klen * 8, &od->u.aes_key);
! 	od->init = 1;
  }
  
  static int
--- 729,753 ----
  	return 0;
  }
  
! static int
  ossl_aes_key_init(ossldata * od, int type)
  {
+ 	int err;
+ 	/* Strong key support could miss on some openssl installation, we must
+ 		check return value, from set key function.
+ 	*/ 
  	if (type == AES_ENCRYPT)
! 	    err = AES_set_encrypt_key(od->key, od->klen * 8, &od->u.aes_key);
  	else
! 		err = AES_set_decrypt_key(od->key, od->klen * 8, &od->u.aes_key);
! 
! 	if (err == 0)
! 	{
! 		od->init = 1;
! 		return 0;
! 	}
! 	od->init = 0;
! 	return PXE_KEY_TOO_BIG;
  }
  
  static int
***************
*** 709,717 ****
  	unsigned	bs = gen_ossl_block_size(c);
  	ossldata   *od = c->ptr;
  	const uint8 *end = data + dlen - bs;
  
  	if (!od->init)
! 		ossl_aes_key_init(od, AES_ENCRYPT);
  
  	for (; data <= end; data += bs, res += bs)
  		AES_ecb_encrypt(data, res, &od->u.aes_key, AES_ENCRYPT);
--- 757,767 ----
  	unsigned	bs = gen_ossl_block_size(c);
  	ossldata   *od = c->ptr;
  	const uint8 *end = data + dlen - bs;
+ 	int err;
  
  	if (!od->init)
! 		if( 0 != (err = ossl_aes_key_init(od, AES_ENCRYPT)) )
! 			return err;
  
  	for (; data <= end; data += bs, res += bs)
  		AES_ecb_encrypt(data, res, &od->u.aes_key, AES_ENCRYPT);
***************
*** 725,733 ****
  	unsigned	bs = gen_ossl_block_size(c);
  	ossldata   *od = c->ptr;
  	const uint8 *end = data + dlen - bs;
  
  	if (!od->init)
! 		ossl_aes_key_init(od, AES_DECRYPT);
  
  	for (; data <= end; data += bs, res += bs)
  		AES_ecb_encrypt(data, res, &od->u.aes_key, AES_DECRYPT);
--- 775,785 ----
  	unsigned	bs = gen_ossl_block_size(c);
  	ossldata   *od = c->ptr;
  	const uint8 *end = data + dlen - bs;
+ 	int err;
  
  	if (!od->init)
! 		if( 0 != (err = ossl_aes_key_init(od, AES_DECRYPT)) )
! 			return err;
  
  	for (; data <= end; data += bs, res += bs)
  		AES_ecb_encrypt(data, res, &od->u.aes_key, AES_DECRYPT);
***************
*** 739,748 ****
  					 uint8 *res)
  {
  	ossldata   *od = c->ptr;
  
  	if (!od->init)
! 		ossl_aes_key_init(od, AES_ENCRYPT);
! 
  	AES_cbc_encrypt(data, res, dlen, &od->u.aes_key, od->iv, AES_ENCRYPT);
  	return 0;
  }
--- 791,802 ----
  					 uint8 *res)
  {
  	ossldata   *od = c->ptr;
+ 	int err;
  
  	if (!od->init)
! 		if( 0 != (err = ossl_aes_key_init(od, AES_ENCRYPT)) )
! 			return err;
! 	
  	AES_cbc_encrypt(data, res, dlen, &od->u.aes_key, od->iv, AES_ENCRYPT);
  	return 0;
  }
***************
*** 752,760 ****
  					 uint8 *res)
  {
  	ossldata   *od = c->ptr;
  
  	if (!od->init)
! 		ossl_aes_key_init(od, AES_DECRYPT);
  
  	AES_cbc_encrypt(data, res, dlen, &od->u.aes_key, od->iv, AES_DECRYPT);
  	return 0;
--- 806,816 ----
  					 uint8 *res)
  {
  	ossldata   *od = c->ptr;
+ 	int err;
  
  	if (!od->init)
! 		if( 0 != (err = ossl_aes_key_init(od, AES_DECRYPT)) )
! 			return err;
  
  	AES_cbc_encrypt(data, res, dlen, &od->u.aes_key, od->iv, AES_DECRYPT);
  	return 0;
---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
       subscribe-nomail command to [EMAIL PROTECTED] so that your
       message can get through to the mailing list cleanly

Reply via email to