pgcrypto decrypt_iv() issue
От | Stefan Kaltenbrunner |
---|---|
Тема | pgcrypto decrypt_iv() issue |
Дата | |
Msg-id | 4F1DB7BF.60304@kaltenbrunner.cc обсуждение исходный текст |
Ответы |
Re: pgcrypto decrypt_iv() issue
(Stefan Kaltenbrunner <stefan@kaltenbrunner.cc>)
|
Список | pgsql-bugs |
We are using the raw decryption features of contrib/pgcrypto here to decode certain AES128 encrypted data. However depending on the data to decode and what statements have been executed in the same session before we are seeing different (and sometimes completely wrong) answers this is 9.1.2 on Debian/amd64 compiled with -enable-debug (note that the the first and the third query do not result in the same answer): mastermind@mastermind:~/playground$ ./pginst/bin/psql -p 5435 postgres psql (9.1.2) Type "help" for help. postgres=# select encode(decrypt_iv(decode('c89a929fa8dbefaa88609ea3b637d783ce926b8a0985ae02a100c0f89d8a8e5aca793d1519f5829a61b9fbd1d582fb66ff','hex')::bytea, decode('636F6E73756D65723267726964303333','hex')::bytea, decode('2D4C526240141e029696969696969696','hex')::bytea, 'aes-cbc/pad:none')::bytea, 'hex'); encode ---------------------------------------------------------------------------------------------------- 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 (1 row) postgres=# select encode(decrypt_iv(decode('c89a929fa8dbefaa88609ea3b637d783ce926b8a0985ae02a100c0f89d8a8e5aca793d1519f5829a61b9fbd1d582fb66','hex')::bytea, decode('636F6E73756D65723267726964303333','hex')::bytea, decode('2D4C526240141e029696969696969696','hex')::bytea, 'aes-cbc/pad:none')::bytea, 'hex'); encode -------------------------------------------------------------------------------------------------- 2f2f066d198694b1030b040369540d0004833c00000000042b3300000004ab3c000000002f2f2f2f2f2f2f2f2f2f2f2f (1 row) postgres=# select encode(decrypt_iv(decode('c89a929fa8dbefaa88609ea3b637d783ce926b8a0985ae02a100c0f89d8a8e5aca793d1519f5829a61b9fbd1d582fb66ff','hex')::bytea, decode('636F6E73756D65723267726964303333','hex')::bytea, decode('2D4C526240141e029696969696969696','hex')::bytea, 'aes-cbc/pad:none')::bytea, 'hex'); encode ---------------------------------------------------------------------------------------------------- 2f2f066d198694b1030b040369540d0004833c00000000042b3300000004ab3c000000002f2f2f2f2f2f2f2f2f2f2f2f00 (1 row) on some other 9.1.1 installation(standard debian package) we get: test=# select encode(decrypt_iv(decode('c89a929fa8dbefaa88609ea3b637d783ce926b8a0985ae02a100c0f89d8a8e5aca793d1519f5829a61b9fbd1d582fb66ff','hex')::bytea, decode('636F6E73756D65723267726964303333','hex')::bytea, decode('2D4C526240141e029696969696969696','hex')::bytea, 'aes-cbc/pad:none')::bytea, 'hex'); encode ---------------------------------------------------------------------------------------------------- 00000000230000002a0a000000c69327907f00000000000000000000000000000000000000000000000000000000000000 (1 row) test=# select encode(decrypt_iv(decode('c89a929fa8dbefaa88609ea3b637d783ce926b8a0985ae02a100c0f89d8a8e5aca793d1519f5829a61b9fbd1d582fb66ff','hex')::bytea, decode('636F6E73756D65723267726964303333','hex')::bytea, decode('2D4C526240141e029696969696969696','hex')::bytea, 'aes-cbc/pad:none')::bytea, 'hex'); encode ---------------------------------------------------------------------------------------------------- 19000000ffffffff64000000000000000300000003000000ffffffff000000000000000000000000000000000000000000 (1 row) test=# select encode(decrypt_iv(decode('c89a929fa8dbefaa88609ea3b637d783ce926b8a0985ae02a100c0f89d8a8e5aca793d1519f5829a61b9fbd1d582fb66ff','hex')::bytea, decode('636F6E73756D65723267726964303333','hex')::bytea, decode('2D4C526240141e029696969696969696','hex')::bytea, 'aes-cbc/pad:none')::bytea, 'hex'); encode ---------------------------------------------------------------------------------------------------- 907f0000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000 (1 row) on 8.3 we even managed to produce(slightly different version of the query) the following once: select decrypt_iv(data, key, iv, 'aes-cbc/pad:none') from (select decode('c89a929fa8dbefaa88609ea3b637d783ce926b8a0985ae02a100c0f89d8a8e5aca793d1519f5829a61b9fbd1d582fb66ff','hex')::bytea as data, decode('636F6E73756D65723267726964303333','hex')::bytea as key, decode('2D4C526240141e029696969696969696','hex')::bytea as iv) as c; decrypt_iv --------------------------------------------------------------------------------------------- /lib/postgresql/8.3/lib/pgcrypto.so\000\012\000\000\000\200\000\000\000\000\000\000\000\000 (1 row) which seems even more of a "wtf"?! Stefan
В списке pgsql-bugs по дате отправления:
Предыдущее
От: Vik ReykjaДата:
Сообщение: Re: Different error messages executing CREATE TABLE or ALTER TABLE to create a column "xmin"