@@ -224,7 +224,7 @@ static void cfs_rc4_encrypt_block(void* block, uint32 offs, uint32 block_size)
224224 }
225225}
226226
227- static void cfs_rc4_init (void )
227+ static void cfs_crypto_init (void )
228228{
229229 int index1 = 0 ;
230230 int index2 = 0 ;
@@ -233,6 +233,7 @@ static void cfs_rc4_init(void)
233233 int key_length ;
234234 int x = 0 , y = 0 ;
235235 char * cipher_key ;
236+ uint8 aes_key [32 ] = {0 }; /* at most 256 bits */
236237 uint8 * rc4_init_state = cfs_state -> rc4_init_state ;
237238
238239 cipher_key = getenv ("PG_CIPHER_KEY" );
@@ -241,6 +242,8 @@ static void cfs_rc4_init(void)
241242 }
242243 unsetenv ("PG_CIPHER_KEY" ); /* make it not possible to inspect this environment variable through plperl */
243244 key_length = strlen (cipher_key );
245+
246+ ////// AALEKSEEV TODO GET RID OF THIS
244247 for (i = 0 ; i < CFS_CIPHER_KEY_SIZE ; ++ i ) {
245248 rc4_init_state [i ] = (uint8 )i ;
246249 }
@@ -258,6 +261,15 @@ static void cfs_rc4_init(void)
258261 rc4_init_state [x ] = rc4_init_state [y ];
259262 rc4_init_state [y ] = temp ;
260263 }
264+ //////
265+
266+ memcpy (& aes_key , cipher_key , key_length > sizeof (aes_key ) ? sizeof (aes_key ) : key_length );
267+ rijndael_set_key (
268+ & cfs_state -> aes_context , /* context */
269+ (u4byte * )& aes_key , /* key */
270+ sizeof (aes_key ) * 8 /* key size in bits */ ,
271+ 1 /* for CTR mode we need only encryption */
272+ );
261273}
262274
263275/*
@@ -346,7 +358,7 @@ void cfs_initialize()
346358 cfs_state -> max_iterations = 0 ;
347359
348360 if (cfs_encryption ) {
349- cfs_rc4_init ();
361+ cfs_crypto_init ();
350362 }
351363 elog (LOG , "Start CFS version %s compression algorithm %s encryption %s" ,
352364 CFS_VERSION , cfs_algorithm (), cfs_encryption ? "enabled" : "disabled" );
0 commit comments