mirror of https://github.com/postgres/postgres
f5576a21b0
Use the padding provided by OpenSSL instead of doing it ourselves. The internal implementation was once applicable to the non-OpenSSL code paths, but those have since been removed. The padding algorithm is still the same. The OpenSSL padding implementation is stricter than the previous internal one: Bad padding during decryption is now an error, and encryption without padding now requires the input size to be a multiple of the block size, otherwise it is also an error. Previously, these cases silently proceeded, in spite of the documentation saying otherwise. Add some test cases about this, too. (The test cases are in rijndael.sql, but they apply to all encryption algorithms.) Reviewed-by: Jacob Champion <pchampion@vmware.com> Reviewed-by: Nathan Bossart <nathandbossart@gmail.com> Discussion: https://www.postgresql.org/message-id/flat/ba94c26b-0c58-c97e-7a44-f44e08b4cca2%40enterprisedb.com |
||
|---|---|---|
| .. | ||
| 3des.sql | ||
| blowfish.sql | ||
| cast5.sql | ||
| crypt-blowfish.sql | ||
| crypt-des.sql | ||
| crypt-md5.sql | ||
| crypt-xdes.sql | ||
| des.sql | ||
| hmac-md5.sql | ||
| hmac-sha1.sql | ||
| init.sql | ||
| md5.sql | ||
| pgp-armor.sql | ||
| pgp-compression.sql | ||
| pgp-decrypt.sql | ||
| pgp-encrypt.sql | ||
| pgp-info.sql | ||
| pgp-pubkey-decrypt.sql | ||
| pgp-pubkey-encrypt.sql | ||
| pgp-zlib-DISABLED.sql | ||
| rijndael.sql | ||
| sha1.sql | ||
| sha2.sql | ||