Re: BUG #17796: pgcrypto undecryptable blowfish data previous stored with openssl 1.1.1 with builtin decrypter one

From: Daniel Gustafsson <daniel(at)yesql(dot)se>
To: "agharta82(at)gmail(dot)com" <agharta82(at)gmail(dot)com>
Cc: pgsql-bugs(at)lists(dot)postgresql(dot)org
Subject: Re: BUG #17796: pgcrypto undecryptable blowfish data previous stored with openssl 1.1.1 with builtin decrypter one
Date: 2023-02-15 14:09:28
Message-ID: CDC0431F-6CD4-4B7A-9D52-D59E87050E32@yesql.se
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

> On 15 Feb 2023, at 15:03, agharta82(at)gmail(dot)com wrote:

> Meanwhile, to solve the case:
>
> • in Linux is quite simple (but insecure), enable legacy ciphers.

Enabling the legacy ciphers provider isn't insecure per se, the use of said
ciphers might be insecure but having the code loaded isn't.

> • in Windows....uh....i've not found how to solve it because (if i am not wrong) PG 15 is built with openssl 3 internally and i don't known how to enable legacy mode in it.

I don't know Windows very well, but there should be an OPENSSLDIR set and in
there one can change the openssl conf file just like on Linux AFAIK. It should
be reasonably similar to on Linux.

--
Daniel Gustafsson

In response to

Responses

Browse pgsql-bugs by date

  From Date Subject
Next Message agharta82@gmail.com 2023-02-15 14:29:43 Re: BUG #17796: pgcrypto undecryptable blowfish data previous stored with openssl 1.1.1 with builtin decrypter one
Previous Message agharta82@gmail.com 2023-02-15 14:03:49 Re: BUG #17796: pgcrypto undecryptable blowfish data previous stored with openssl 1.1.1 with builtin decrypter one