id,summary,reporter,owner,description,type,status,priority,milestone,component,version,resolution,keywords,cc
119,[patch] Encryption scheme doesn't use proper random seed to encrypt,guest,,"Red Hat security team discovered a vulnerability in Elixir caused by improper use of Blowfish encryption. Encryption is done roughly with following code:
{{{
def encrypt_value(value, secret):
    return Blowfish.new(secret, Blowfish.MODE_CFB) \
                   .encrypt(value).encode('string_escape')
}}}

This code doesn't create proper random seed (IV argument for Blowfish) and therefore attacker with access to both database and able to add new data into database will be able to decrypt contents even without knowing the password. 

Unfortunately to properly fix this issue a change of database is required as well and this change is backward incompatible since we need to store seed (IV) in the database.

I am attaching a proposed patch that should fix the issue. It adds new encryption mechanism that is enabled when acts_as_encrypted is used with ""with_aes=True"" parameter. It also prints out warning to stderr about insecure Blowfish method when it's used.

Apart from that I attach tarball with example migration that could help with migration of current databases. Users should be able to modify this example to properly migrate their databases. It is possible with minimal changes to the current code, provided database schema used fields that are big enough to contain IV seed together with encrypted data.
",defect,new,blocker,,extensions,,,security encryption migration,