Re: pgcrypto decrypt_iv() issue

Stefan Kaltenbrunner <stefan(at)kaltenbrunner(dot)cc> writes:
> from some looking at the code in pgcrypto.c it seems to me that the
> coding pattern in most functions there only checks for errors from the
> corresponding initialization function, in the case of say decrypt_iv()
> that means only the IV and the key are actually "validated" because that
> is what the init function sees(it never sees that data!), if the actual
> decrypt call fails (because the data is maybe a bit weird^broken) it
> will happily ignore that and return random data.

Yeah. In pg_decrypt() we have

err = px_combo_init(c, (uint8 *) VARDATA(key), klen, NULL, 0);
if (!err)
err = px_combo_decrypt(c, (uint8 *) VARDATA(data), dlen,
(uint8 *) VARDATA(res), &rlen);

but in pg_decrypt_iv() it's just

err = px_combo_init(c, (uint8 *) VARDATA(key), klen,
(uint8 *) VARDATA(iv), ivlen);
if (!err)
px_combo_decrypt(c, (uint8 *) VARDATA(data), dlen,
(uint8 *) VARDATA(res), &rlen);

It looks to me like the result of px_combo_decrypt should be assigned to
"err" here. If I make that change, the test case you provide is
rejected:

ERROR: decrypt_iv error: Data not a multiple of block size

but the module's regression tests all still pass, indicating that this
sort of case isn't tested.

pg_encrypt_iv() has the identical usage error with respect to
px_combo_encrypt.

Marko, does this look right to you?

regards, tom lane