Re: [PATCHES] pgcrypto: openssl digest fix
Marko Kreen wrote: The patch itself is simply "cvs diff -r1.10 -r1.11 openssl.c", so there should not be any recent typos in it. Now I also tested it with both REL7_3_STABLE and REL7_2_STABLE and found no problems. So I think its fine. I've applied both this patch and the original patch (fix-openssl.diff) to REL7_3_STABLE and REL7_2_STABLE. Thanks for the patches. -Neil ---(end of broadcast)--- TIP 3: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
Re: [PATCHES] pgcrypto: openssl digest fix
On Sun, Mar 13, 2005 at 09:43:02PM +1100, Neil Conway wrote: > Marko Kreen wrote: > >Ah, ofcourse. > > The patch seems rather large to be applying to 7.3 and 7.2 -- but it's > your contrib/ module, so I'll assume you're pretty confident this > doesn't cause any regressions... The patch itself is simply "cvs diff -r1.10 -r1.11 openssl.c", so there should not be any recent typos in it. Now I also tested it with both REL7_3_STABLE and REL7_2_STABLE and found no problems. So I think its fine. > I'll apply the patch to 7.3 and 7.2 stable branches tomorrow. Cool. -- marko ---(end of broadcast)--- TIP 9: the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match
Re: [PATCHES] pgcrypto: openssl digest fix
Marko Kreen wrote: Ah, ofcourse. The patch seems rather large to be applying to 7.3 and 7.2 -- but it's your contrib/ module, so I'll assume you're pretty confident this doesn't cause any regressions... I'll apply the patch to 7.3 and 7.2 stable branches tomorrow. -Neil ---(end of broadcast)--- TIP 2: you can get off all lists at once with the unregister command (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])
Re: [PATCHES] pgcrypto: openssl digest fix
On Sun, Mar 13, 2005 at 11:12:42AM +1100, Neil Conway wrote:
> Marko Kreen wrote:
> >Would you apply this one aswell? I see that the original
> >patch (openssl.c r1.11) applies to both branches without problems.
> >It is a bit larger than this one tho'.
>
> Should there have been a patch attached to this mail?
Ah, ofcourse.
--
marko
Index: contrib/pgcrypto/openssl.c
===
RCS file: /projects/cvsroot/pgsql/contrib/pgcrypto/openssl.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- contrib/pgcrypto/openssl.c 20 Nov 2001 18:54:07 - 1.10
+++ contrib/pgcrypto/openssl.c 15 Nov 2002 02:54:44 - 1.11
@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openssl.c,v 1.10 2001/11/20 18:54:07 momjian Exp $
+ * $Id: openssl.c,v 1.11 2002/11/15 02:54:44 momjian Exp $
*/
#include
@@ -34,8 +34,10 @@
#include "px.h"
#include
-#include
+/*
+ * Hashes
+ */
static unsigned
digest_result_size(PX_MD * h)
{
@@ -84,15 +86,63 @@
px_free(h);
}
-/* CIPHERS */
+static int px_openssl_initialized = 0;
+
+/* PUBLIC functions */
+
+int
+px_find_digest(const char *name, PX_MD ** res)
+{
+ const EVP_MD *md;
+ EVP_MD_CTX *ctx;
+ PX_MD *h;
+
+ if (!px_openssl_initialized)
+ {
+ px_openssl_initialized = 1;
+ OpenSSL_add_all_algorithms();
+ }
+
+ md = EVP_get_digestbyname(name);
+ if (md == NULL)
+ return -1;
+
+ ctx = px_alloc(sizeof(*ctx));
+ EVP_DigestInit(ctx, md);
+
+ h = px_alloc(sizeof(*h));
+ h->result_size = digest_result_size;
+ h->block_size = digest_block_size;
+ h->reset = digest_reset;
+ h->update = digest_update;
+ h->finish = digest_finish;
+ h->free = digest_free;
+ h->p.ptr = (void *) ctx;
+
+ *res = h;
+ return 0;
+}
/*
+ * Ciphers
+ *
* The problem with OpenSSL is that the EVP* family
* of functions does not allow enough flexibility
* and forces some of the parameters (keylen,
* padding) to SSL defaults.
+ *
+ * So need to manage ciphers ourselves.
*/
+struct ossl_cipher {
+ int (*init) (PX_Cipher * c, const uint8 *key, unsigned klen,
const uint8 *iv);
+ int (*encrypt) (PX_Cipher * c, const uint8 *data, unsigned
dlen, uint8 *res);
+ int (*decrypt) (PX_Cipher * c, const uint8 *data, unsigned
dlen, uint8 *res);
+
+ int block_size;
+ int max_key_size;
+ int stream_cipher;
+};
typedef struct
{
@@ -103,45 +153,49 @@
BF_KEY key;
int num;
} bf;
- EVP_CIPHER_CTX evp_ctx;
+ struct
+ {
+ des_key_schedule key_schedule;
+ } des;
+ CAST_KEYcast_key;
} u;
- const EVP_CIPHER *evp_ciph;
uint8 key[EVP_MAX_KEY_LENGTH];
uint8 iv[EVP_MAX_IV_LENGTH];
unsignedklen;
unsignedinit;
+ const struct ossl_cipher *ciph;
} ossldata;
-/* generic EVP */
+/* generic */
static unsigned
-gen_evp_block_size(PX_Cipher * c)
+gen_ossl_block_size(PX_Cipher * c)
{
ossldata *od = (ossldata *) c->ptr;
- return EVP_CIPHER_block_size(od->evp_ciph);
+ return od->ciph->block_size;
}
static unsigned
-gen_evp_key_size(PX_Cipher * c)
+gen_ossl_key_size(PX_Cipher * c)
{
ossldata *od = (ossldata *) c->ptr;
- return EVP_CIPHER_key_length(od->evp_ciph);
+ return od->ciph->max_key_size;
}
static unsigned
-gen_evp_iv_size(PX_Cipher * c)
+gen_ossl_iv_size(PX_Cipher * c)
{
unsignedivlen;
ossldata *od = (ossldata *) c->ptr;
- ivlen = EVP_CIPHER_iv_length(od->evp_ciph);
+ ivlen = od->ciph->block_size;
return ivlen;
}
static void
-gen_evp_free(PX_Cipher * c)
+gen_ossl_free(PX_Cipher * c)
{
ossldata *od = (ossldata *) c->ptr;
@@ -150,149 +204,211 @@
pfree(c);
}
-/* fun */
+/* Blowfish */
static int
-gen_evp_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
+bf_init(PX_Cipher * c, const uint8 *key, unsigned klen, const uint8 *iv)
{
- ossldata *od = (ossldata *) c->ptr;
- unsignedbs = gen_evp_block_size(c);
+ ossldata *od = c->ptr;
+ BF_set_key(&od->u.bf.key, klen, key);
if (iv)
- memcpy(od->iv, iv, bs);
+ memcpy(od->iv, iv, BF_BLOCK);
else
- memset(od->iv, 0, bs);
- memcpy(od->key, key, klen);
- od->klen = klen;
- od->init = 0;
+ memset(od->iv, 0, BF_BLOCK);
+ od->u.bf.num = 0;
ret
Re: [PATCHES] pgcrypto: openssl digest fix
Marko Kreen wrote: Would you apply this one aswell? I see that the original patch (openssl.c r1.11) applies to both branches without problems. It is a bit larger than this one tho'. Should there have been a patch attached to this mail? -Neil ---(end of broadcast)--- TIP 9: the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match
Re: [PATCHES] pgcrypto: openssl digest fix
On Sat, Mar 12, 2005 at 05:59:24PM +1100, Neil Conway wrote: > Marko Kreen wrote: > >Please apply this also to stable branches (8.0 / 7.4). > > Should it be backpatched to 7.3 and 7.2 as well? It would be nice. I didn't know there are releases of those planned as well. Now looking into it, 7.3 and 7.2 branch are missing the OpenSSL EVP cipher functions removal patch - which is even more nasty as it does not crash but silently corrupts data. 'make installcheck' detects it, but if somebody forgets to run it... (Thankfully encrypt()/decrypt() are not used much.) Would you apply this one aswell? I see that the original patch (openssl.c r1.11) applies to both branches without problems. It is a bit larger than this one tho'. -- marko ---(end of broadcast)--- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faq
Re: [PATCHES] pgcrypto: openssl digest fix
Marko Kreen wrote: Some builds (depends on crypto engine support?) of OpenSSL 0.9.7x have EVP_DigestFinal function which which clears all of EVP_MD_CTX. This makes pgcrypto crash in functions which re-use one digest context several times: hmac() and crypt() with md5 algorithm. Following patch fixes it by carring the digest info around EVP_DigestFinal and re-initializing cipher. Applied to HEAD, REL8_0_STABLE and REL7_4_STABLE. Thanks for the patch. Please apply this also to stable branches (8.0 / 7.4). Should it be backpatched to 7.3 and 7.2 as well? -Neil ---(end of broadcast)--- TIP 6: Have you searched our list archives? http://archives.postgresql.org
[PATCHES] pgcrypto: openssl digest fix
Some builds (depends on crypto engine support?) of OpenSSL
0.9.7x have EVP_DigestFinal function which which clears all of
EVP_MD_CTX. This makes pgcrypto crash in functions which
re-use one digest context several times: hmac() and crypt()
with md5 algorithm.
Following patch fixes it by carring the digest info around
EVP_DigestFinal and re-initializing cipher.
Please apply this also to stable branches (8.0 / 7.4).
Note that this can be blamed on OpenSSL 0.9.7x backwards-
compatibility functions: 0.9.6x and new 0.9.7x API
(EVP_DigestFinal_ex) do clear the "secret data" but keep the
general algorithm info.
But still, the fact is that pgcrypto was relying on
undocumented beheviour.
--
marko
Index: contrib/pgcrypto/openssl.c
===
RCS file: /opt/cvs2/pgsql/contrib/pgcrypto/openssl.c,v
retrieving revision 1.13
diff -u -c -r1.13 openssl.c
*** contrib/pgcrypto/openssl.c 29 Nov 2003 22:39:28 - 1.13
--- contrib/pgcrypto/openssl.c 11 Mar 2005 15:39:34 -
***
*** 73,80
--- 73,87
digest_finish(PX_MD * h, uint8 *dst)
{
EVP_MD_CTX *ctx = (EVP_MD_CTX *) h->p.ptr;
+ const EVP_MD *md = EVP_MD_CTX_md(ctx);
EVP_DigestFinal(ctx, dst, NULL);
+
+ /*
+* Some builds of 0.9.7x clear all of ctx in EVP_DigestFinal.
+* Fix it by reinitializing ctx.
+*/
+ EVP_DigestInit(ctx, md);
}
static void
---(end of broadcast)---
TIP 6: Have you searched our list archives?
http://archives.postgresql.org
