I attach pgcrypto patch which fix two problems on system without strong
crypto support (e.g. default Solaris 10 installation):
1) postgres crashes when AES cipher uses long key
2) Blowfish silently cut longer keys. It could bring problem when
crypted data are transfered from one server to another with strong keys
support.
This patch was discussed there:
http://archives.postgresql.org/pgsql-hackers/2007-07/msg00762.php
This patch is applicable also on 8.2, 8.1 (and maybe older) version of
postgresql.
Zdenek
Index: contrib/pgcrypto/openssl.c
===================================================================
RCS file: /zfs_data/cvs_pgsql/cvsroot/pgsql/contrib/pgcrypto/openssl.c,v
retrieving revision 1.30
diff -c -r1.30 openssl.c
*** contrib/pgcrypto/openssl.c 2006/10/04 00:29:46 1.30
--- contrib/pgcrypto/openssl.c 2007/07/27 12:26:15
***************
*** 375,385 ****
--- 375,422 ----
/* Blowfish */
+ /* Check if strong crypto is supported. Some openssl installation could support only short keys
+ and unfortunatelly BF_sef_key does not return any error value. This function tests if is possible
+ use strong key.
+ */
+ static int
+ bf_check_supported_key_len()
+ {
+ static unsigned char key[] = "\360\341\322\303\264\245\226\207xiZK<-\036\017\000\021\"3DUfw\004h\221\004\302\375;/[EMAIL PROTECTED]";
+ static unsigned char data[16] = "\376\334\272\230vT2\020";
+ static unsigned char res[] = "\300E\004\001.N\037S";
+ static unsigned char out[16];
+ BF_KEY bf_key;
+ int n;
+
+ /* encrypt and th 448bits key and verify output */
+ BF_set_key(&bf_key,56, key);
+ BF_ecb_encrypt( data, out, &bf_key, BF_ENCRYPT);
+
+ for( n=0 ; n<8; n++)
+ {
+ if( out[n] != res[n] )
+ return 0; /* Output does not match -> strong cipher is not supported */
+ }
+ return 1;
+ }
+
static int
bf_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
{
ossldata *od = c->ptr;
+ static int bf_is_strong = -1;
+
+ /* Test if key len is supported. BF_set_key silently cut large keys and it could be
+ be a problem when user transfer crypted data from one server to another. */
+
+ if( bf_is_strong == -1)
+ bf_is_strong = bf_check_supported_key_len();
+
+ if( !bf_is_strong && klen>16 )
+ return PXE_KEY_TOO_BIG;
+ /* Key len is supported. We can use it. */
BF_set_key(&od->u.bf.key, klen, key);
if (iv)
memcpy(od->iv, iv, BF_BLOCK);
***************
*** 692,705 ****
return 0;
}
! static void
ossl_aes_key_init(ossldata * od, int type)
{
if (type == AES_ENCRYPT)
! AES_set_encrypt_key(od->key, od->klen * 8, &od->u.aes_key);
else
! AES_set_decrypt_key(od->key, od->klen * 8, &od->u.aes_key);
! od->init = 1;
}
static int
--- 729,753 ----
return 0;
}
! static int
ossl_aes_key_init(ossldata * od, int type)
{
+ int err;
+ /* Strong key support could miss on some openssl installation, we must
+ check return value, from set key function.
+ */
if (type == AES_ENCRYPT)
! err = AES_set_encrypt_key(od->key, od->klen * 8, &od->u.aes_key);
else
! err = AES_set_decrypt_key(od->key, od->klen * 8, &od->u.aes_key);
!
! if (err == 0)
! {
! od->init = 1;
! return 0;
! }
! od->init = 0;
! return PXE_KEY_TOO_BIG;
}
static int
***************
*** 709,717 ****
unsigned bs = gen_ossl_block_size(c);
ossldata *od = c->ptr;
const uint8 *end = data + dlen - bs;
if (!od->init)
! ossl_aes_key_init(od, AES_ENCRYPT);
for (; data <= end; data += bs, res += bs)
AES_ecb_encrypt(data, res, &od->u.aes_key, AES_ENCRYPT);
--- 757,767 ----
unsigned bs = gen_ossl_block_size(c);
ossldata *od = c->ptr;
const uint8 *end = data + dlen - bs;
+ int err;
if (!od->init)
! if( 0 != (err = ossl_aes_key_init(od, AES_ENCRYPT)) )
! return err;
for (; data <= end; data += bs, res += bs)
AES_ecb_encrypt(data, res, &od->u.aes_key, AES_ENCRYPT);
***************
*** 725,733 ****
unsigned bs = gen_ossl_block_size(c);
ossldata *od = c->ptr;
const uint8 *end = data + dlen - bs;
if (!od->init)
! ossl_aes_key_init(od, AES_DECRYPT);
for (; data <= end; data += bs, res += bs)
AES_ecb_encrypt(data, res, &od->u.aes_key, AES_DECRYPT);
--- 775,785 ----
unsigned bs = gen_ossl_block_size(c);
ossldata *od = c->ptr;
const uint8 *end = data + dlen - bs;
+ int err;
if (!od->init)
! if( 0 != (err = ossl_aes_key_init(od, AES_DECRYPT)) )
! return err;
for (; data <= end; data += bs, res += bs)
AES_ecb_encrypt(data, res, &od->u.aes_key, AES_DECRYPT);
***************
*** 739,748 ****
uint8 *res)
{
ossldata *od = c->ptr;
if (!od->init)
! ossl_aes_key_init(od, AES_ENCRYPT);
!
AES_cbc_encrypt(data, res, dlen, &od->u.aes_key, od->iv, AES_ENCRYPT);
return 0;
}
--- 791,802 ----
uint8 *res)
{
ossldata *od = c->ptr;
+ int err;
if (!od->init)
! if( 0 != (err = ossl_aes_key_init(od, AES_ENCRYPT)) )
! return err;
!
AES_cbc_encrypt(data, res, dlen, &od->u.aes_key, od->iv, AES_ENCRYPT);
return 0;
}
***************
*** 752,760 ****
uint8 *res)
{
ossldata *od = c->ptr;
if (!od->init)
! ossl_aes_key_init(od, AES_DECRYPT);
AES_cbc_encrypt(data, res, dlen, &od->u.aes_key, od->iv, AES_DECRYPT);
return 0;
--- 806,816 ----
uint8 *res)
{
ossldata *od = c->ptr;
+ int err;
if (!od->init)
! if( 0 != (err = ossl_aes_key_init(od, AES_DECRYPT)) )
! return err;
AES_cbc_encrypt(data, res, dlen, &od->u.aes_key, od->iv, AES_DECRYPT);
return 0;
---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly
