Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-11476

AES_ENCRYPT/DECRYPT: Improper key sizes aren't handled correctly

    XMLWordPrintable

    Details

    • Sprint:
      10.3.3-1

      Description

      The AES_ENCRYPT and AES_DECRYPT functions accept keys of any size and transform them internally to 128-bit key.

      • A key shorter than128-bit will be right filled with zeros
      • A key larger than 128 bit will be xored with redundant bytes.

      The AES standard (FIPS 197) doesn't cover non standard key sizes, it mentions only that key size have to be 128, 192 or 256 (depending on block cipher mode).

      Bad side effects of current implementation:

      • Encrypted data is no interoperable with other applications (most applications and crypto libraries reject wrong key sizes)
      • It can result in producing very weak keys, e.g.

        select aes_encrypt("foo", repeat(X'000102030405060708090A0B0C0D0E0F',2)) = aes_encrypt("foo", X'0000000000000000000000') as borked\G
        *************************** 1. row ***************************
        borked: 1
        

      Proposal:
      Add session variable

      block_encryption_derivation

      which allows the following modes:
      *OFF: use old key and iv derivation routines
      *STRICT: only accept keys and ivs with correct sizes

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              georg Georg Richter
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated: