1
0
mirror of https://github.com/postgres/postgres.git synced 2025-10-25 13:17:41 +03:00
Commit Graph

12 Commits

Author SHA1 Message Date
Daniel Gustafsson
9ad1b3d01f pgcrypto: Add support for CFB mode in AES encryption
Cipher Feedback Mode, CFB, is a self-synchronizing stream cipher which
is very similar to CBC performed in reverse. Since OpenSSL supports it,
we can easily plug it into the existing cipher selection code without
any need for infrastructure changes.

This patch was simultaneously submitted by Umar Hayat and Vladyslav
Nebozhyn, the latter whom suggested the feauture. The committed patch
is Umar's version.

Author: Umar Hayat <postgresql.wizard@gmail.com>
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Reviewed-by: Álvaro Herrera <alvherre@alvh.no-ip.org>
Discussion: https://postgr.es/m/CAPBGcbxo9ASzq14VTpQp3mnUJ5omdgTWUJOvWV0L6nNigWE5jw@mail.gmail.com
2025-02-14 21:18:37 +01:00
Peter Eisentraut
f5576a21b0 pgcrypto: Remove internal padding implementation
Use the padding provided by OpenSSL instead of doing it ourselves.
The internal implementation was once applicable to the non-OpenSSL
code paths, but those have since been removed.  The padding algorithm
is still the same.

The OpenSSL padding implementation is stricter than the previous
internal one: Bad padding during decryption is now an error, and
encryption without padding now requires the input size to be a
multiple of the block size, otherwise it is also an error.
Previously, these cases silently proceeded, in spite of the
documentation saying otherwise.

Add some test cases about this, too.  (The test cases are in
rijndael.sql, but they apply to all encryption algorithms.)

Reviewed-by: Jacob Champion <pchampion@vmware.com>
Reviewed-by: Nathan Bossart <nathandbossart@gmail.com>
Discussion: https://www.postgresql.org/message-id/flat/ba94c26b-0c58-c97e-7a44-f44e08b4cca2%40enterprisedb.com
2022-03-22 08:58:44 +01:00
Peter Eisentraut
814e1d9ff7 pgcrypto: Remove explicit hex encoding/decoding from tests
This was from before the hex format was available in bytea.  Now we
can remove the extra explicit encoding/decoding calls and rely on the
default output format.

Discussion: https://www.postgresql.org/message-id/flat/17dcb4f7-7ac1-e2b6-d5f7-2dfba06cd9ee%40enterprisedb.com
2021-12-08 06:06:22 +01:00
Robert Haas
d40d97d6c7 pgcrypto's encrypt() supports AES-128, AES-192, and AES-256
Previously, only 128 was mentioned, but the others are also supported.

Thomas Munro, reviewed by Michael Paquier and extended a bit by me.

Discussion: http://postgr.es/m/CAEepm=1XbBHXYJKofGjnM2Qfz-ZBVqhGU4AqvtgR+Hegy4fdKg@mail.gmail.com
2018-01-31 16:33:11 -05:00
Peter Eisentraut
fc946c39ae Remove useless whitespace at end of lines 2010-11-23 22:34:55 +02:00
Peter Eisentraut
3f11971916 Remove extra newlines at end and beginning of files, add missing newlines
at end of files.
2010-08-19 05:57:36 +00:00
Tom Lane
bcba09e27c Ooops, missed that a couple of contrib modules have calls to byteacmp.
Add bytea.h inclusions as needed.  Some of the contrib regression tests
need to be de-hexified, too.  Per buildfarm.
2009-08-04 18:49:50 +00:00
Tom Lane
807bbe6051 More pgcrypto fixes: handle long messages correctly, suppress
compiler warnings.  Marko Kreen and Kris Jurka.
2005-07-12 20:27:45 +00:00
Neil Conway
6a8eb1a7b6 pgcrypto update:
* test error handling
* add tests for des, 3des, cast5
* add some tests to blowfish, rijndael
* Makefile: ability to specify different tests for different crypto
  libraries, so we can skip des, 3des and cast5 for builtin.

Marko Kreen
2005-03-21 05:24:52 +00:00
Bruce Momjian
e5cf1a8a26 SET autocommit no longer needed in /contrib because pg_regress.sh does
it automatically now on regression session startup.
2002-10-21 01:42:14 +00:00
Bruce Momjian
aa4c702eac Update /contrib for "autocommit TO 'on'".
Create objects in public schema.

Make spacing/capitalization consistent.

Remove transaction block use for object creation.

Remove unneeded function GRANTs.
2002-10-18 18:41:22 +00:00
Bruce Momjian
43cadb9231 Add missing pgcrypto files. 2001-10-01 16:12:23 +00:00