| From: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-committers(at)postgresql(dot)org, dpage(at)postgresql(dot)org |
| Subject: | Re: pgsql: Use OpenSSL EVP API for symmetric encryption in pgcrypto. |
| Date: | 2016-10-18 08:10:07 |
| Message-ID: | 6207afd5-caa5-9444-c143-e2643a66afef@iki.fi |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
On 10/18/2016 12:28 AM, Tom Lane wrote:
> Heikki Linnakangas <heikki(dot)linnakangas(at)iki(dot)fi> writes:
>> Use OpenSSL EVP API for symmetric encryption in pgcrypto.
>
> BTW, "narwhal" seems to have a problem with this.
> Not very clear what, maybe an incompatibility with old openssl versions?
Dave, what version of OpenSSL are 'narwhal' and 'baiji' using? I've
tried to reproduce this on my laptop, by compiling different versions of
OpenSSL, between 0.9.8beta1 and 0.9.8 head, but without success..
Googling for the failed test vector, I found this:
https://www.mail-archive.com/openssl-users(at)openssl(dot)org/msg68108.html
It looks like the same issue, given the symptoms, but AFAICS the
pgcrypto code is correctly calling EVP_EncryptInit_ex() twice.
- Heikki
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Page | 2016-10-18 09:52:14 | Re: pgsql: Use OpenSSL EVP API for symmetric encryption in pgcrypto. |
| Previous Message | Tom Lane | 2016-10-18 03:34:52 | Re: Re: [COMMITTERS] pgsql: Replace PostmasterRandom() with a stronger way of generating ran |