Thread: Feature Request: Add AES-128-CFB Mode Support to pgcrypto
Dear PostgreSQL Development Team,
I would like to request the addition of support for the AES-128-CFB mode in the pgcrypto extension. Currently, pgcrypto supports AES encryption modes like ECB and CBC, but it does not include CFB mode, which is essential for certain use cases.
In managed environments such as Azure Database for PostgreSQL - Flexible Server, users are unable to create or install custom extensions. This restriction makes it challenging to work with encrypted data that relies on AES-128-CFB, as we cannot use custom solutions to handle this algorithm. Adding CFB mode support to pgcrypto would address this limitation and expand its usability in managed PostgreSQL environments.
Implementing AES-128-CFB in pgcrypto should require only minimal changes, as it is already built on OpenSSL, which supports the CFB mode natively. Including this functionality would also align pgcrypto with the principle of providing robust cryptographic support, similar to other database solutions.
Why This Matters:
- Compatibility: Many existing systems encrypt data using AES-128-CFB, and without native support in
pgcrypto, PostgreSQL users must resort to inefficient workarounds. - Consistency:
pgcryptoalready supports other AES modes (e.g., ECB, CBC). Including CFB would ensure that its AES capabilities are complete. - Ease of Implementation: OpenSSL already provides a straightforward API for AES-128-CFB, so adding it to
pgcryptoshould require only a few lines of code.
This enhancement would greatly benefit users in managed environments and improve the flexibility of PostgreSQL as a whole.
Thank you for considering this request. I would be happy to assist in testing or providing further information if needed.
Best regards,
Vladyslav Nebozhyn
> On 28 Jan 2025, at 11:46, Vladyslav Nebozhyn <vlad@liberatii.com> wrote: > • Ease of Implementation: OpenSSL already provides a straightforward API for AES-128-CFB, so adding it to pgcryptoshould require only a few lines of code. IIRC we already support CFB for Blowfish so I think it would be quite easy to add. If you propose a patch for adding this I can volunteer to review it. -- Daniel Gustafsson
Dear Umar,
I sincerely apologize for missing your email earlier. I truly
appreciate the time and effort you put into creating the patch—it
looks great! Thank you for your work on this and for contributing to
the solution so quickly.
I’m really glad to see this enhancement being added to pgcrypto, and I
appreciate your support in making it happen. Thanks again!
Best regards,
Vladyslav Nebozhyn
On Wed, 29 Jan 2025 at 12:11, Vladyslav Nebozhyn <vlad@liberatii.com> wrote:
>
> Dear Daniel Gustafsson,
>
> Thank you for your response and for offering to review the patch. I
> really appreciate your time and willingness to assist with this!
>
> I've prepared a patch to add AES-CFB support to pgcrypto, following
> the existing structure used for other AES modes. Integrating it for
> AES requires only minimal modifications.
>
> The patch is included below for reference and is also attached as a
> file (Encription-AES-CFB-is-added.patch). Please let me know if any
> adjustments are needed. I’d be happy to refine it further based on
> your feedback.
>
> Patch:
> From 2e246ed3c3f8909c42a192e0bb07535713987e80 Mon Sep 17 00:00:00 2001
> From: vlne <vlad@liberatii.com>
> Date: Wed, 29 Jan 2025 11:42:56 +0200
> Subject: [PATCH] Encription AES-CFB is added
>
> ---
> contrib/pgcrypto/openssl.c | 38 ++++++++++++++++++++++++++++++++++++++
> 1 file changed, 38 insertions(+)
>
> diff --git a/contrib/pgcrypto/openssl.c b/contrib/pgcrypto/openssl.c
> index 75f40a2d03..184aa1cac3 100644
> --- a/contrib/pgcrypto/openssl.c
> +++ b/contrib/pgcrypto/openssl.c
> @@ -617,6 +617,36 @@ ossl_aes_cbc_init(PX_Cipher *c, const uint8 *key,
> unsigned klen, const uint8 *iv
> return err;
> }
>
> +static int
> +ossl_aes_cfb_init(PX_Cipher *c, const uint8 *key, unsigned klen,
> const uint8 *iv)
> +{
> + OSSLCipher *od = c->ptr;
> + int err;
> +
> + err = ossl_aes_init(c, key, klen, iv);
> + if (err)
> + return err;
> +
> + switch (od->klen)
> + {
> + case 128 / 8:
> + od->evp_ciph = EVP_aes_128_cfb();
> + break;
> + case 192 / 8:
> + od->evp_ciph = EVP_aes_192_cfb();
> + break;
> + case 256 / 8:
> + od->evp_ciph = EVP_aes_256_cfb();
> + break;
> + default:
> + /* shouldn't happen */
> + err = PXE_CIPHER_INIT;
> + break;
> + }
> +
> + return err;
> +}
> +
> /*
> * aliases
> */
> @@ -707,6 +737,13 @@ static const struct ossl_cipher ossl_aes_cbc = {
> 128 / 8, 256 / 8
> };
>
> +static const struct ossl_cipher ossl_aes_cfb = {
> + ossl_aes_cfb_init,
> + NULL, /* EVP_aes_XXX_cfb(), determined in init
> + * function */
> + 128 / 8, 256 / 8
> +};
> +
> /*
> * Special handlers
> */
> @@ -728,6 +765,7 @@ static const struct ossl_cipher_lookup
> ossl_cipher_types[] = {
> {"cast5-cbc", &ossl_cast_cbc},
> {"aes-ecb", &ossl_aes_ecb},
> {"aes-cbc", &ossl_aes_cbc},
> + {"aes-cfb", &ossl_aes_cfb},
> {NULL}
> };
>
> --
> 2.40.1.windows.1
>
> Best regards,
> Vladyslav Nebozhyn
> <br><div class="gmail_quote gmail_quote_container"><div dir="ltr"
> class="gmail_attr">On Tue, 28 Jan 2025 at 14:14, Daniel Gustafsson
> <daniel@yesql.se> wrote:<br></div><blockquote
> class="gmail_quote" style="margin: 0px 0px 0px 0.8ex; border-left: 1px
> solid rgb(204, 204, 204); padding-left: 1ex;">> On 28 Jan 2025, at
> 11:46, Vladyslav Nebozhyn <<a href="mailto:vlad@liberatii.com"
> target="_blank">vlad@liberatii.com</a>> wrote:<br>
> <br>
> > • Ease of Implementation: OpenSSL already
> provides a straightforward API for AES-128-CFB, so adding it to
> pgcrypto should require only a few lines of code.<br>
> <br>
> IIRC we already support CFB for Blowfish so I think it would be quite
> easy to<br>
> add. If you propose a patch for adding this I can volunteer to
> review it.<br>
> <br>
> --<br>
> Daniel Gustafsson<br>
> <br>
> </blockquote></div>
Hi Vladyslav, No Problem, I also did not realize that you will be implementing it. So I spent a couple of hours and provided a patch. Also created commitfest entry as well, Please do review the patch and let me know if this is sufficient at least for your use case. Regards, Umar Hayat Bitnine (https://bitnine.net/)
On 2025-Jan-29, Umar Hayat wrote:
> Hi Daniel Gustafsson and Vladyslav Nebozhyn,
> I created a patch for CFB mode for AES encryption. Please have a look
> and let me know what you think.
> Patch covers implementation, tests and documentation changes.
>
> OpenSSL profives aes-cfb1, aes-cfb8 and aes-cfb128 modes where aes-cfb
> defaults to aes-cfb128. For simplicity I only added aes-cfb, which is
> the most common method used, lower number of bits will introduce
> performance degradation, but if it's desirable I can add them as well.
I kicked the tires on this by encrypting a file with
openssl aes-128-cfb -K afe908123efcba901230afe908eb5a04 -iv 912387caedade123912387c7ec0b9d0f -pbkdf2
then importing that into a bytea column. Then I can sort-of obtain the
file back with
select decrypt_iv from data, decrypt_iv(a, '\xafe908123efcba901230', '\x912387caedade123', 'aes-cfb');
... Except that appears that openssl will encode UTF8 characters in my file
as \ooo octal escapes in the encrypted output, which is really weird, so
the file doesn't roundtrip exactly. Maybe this is a pgcrypto shortcoming, not
sure. The final output looks like this (shortened):
=# select decrypt_iv from data, decrypt_iv(a, '\xafe908123efcba901230afe908eb5a04',
'\x912387caedade123912387c7ec0b9d0f','aes-cfb');
>
─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────>
\302\241Hoy ha sido un d\303\255a genial! Era el cumple de la abuela, que es la mam\303\241 de mam\303\241,
Anyway, at least the bytes appear to be interpreted the same by both
openssl and this new function, so that's good news.
--
Álvaro Herrera PostgreSQL Developer — https://www.EnterpriseDB.com/
"Having your biases confirmed independently is how scientific progress is
made, and hence made our great society what it is today" (Mary Gardiner)
> On 5 Feb 2025, at 18:24, Álvaro Herrera <alvherre@alvh.no-ip.org> wrote: > Anyway, at least the bytes appear to be interpreted the same by both > openssl and this new function, so that's good news. Thanks for confirming. Short of a very small doc change (which I don't have handy on this laptop) I think this patch is ready. I wish we had a better way of adding support for ciphers in OpenSSL but it's not the responsibility of this patch to solve that. -- Daniel Gustafsson
> On 5 Feb 2025, at 18:28, Daniel Gustafsson <daniel@yesql.se> wrote: > >> On 5 Feb 2025, at 18:24, Álvaro Herrera <alvherre@alvh.no-ip.org> wrote: > >> Anyway, at least the bytes appear to be interpreted the same by both >> openssl and this new function, so that's good news. > > Thanks for confirming. Short of a very small doc change (which I don't have > handy on this laptop) I think this patch is ready. I wish we had a better way > of adding support for ciphers in OpenSSL but it's not the responsibility of > this patch to solve that. I took another look at this, fixed the trivial detail in the docs, and applied it. Thanks for the submission! -- Daniel Gustafsson