pgcrypto: Fix RSA password-protected keys

Started by Marko Kreenalmost 13 years ago3 messageshackers

markokr@gmail.com

almost 13 years ago

RSA secret key extraction code uses wrong variable so
that decryption is skipped and only secret keys without
password work for pgp_pub_decrypt().

Attached patch fixes it and also adds regtest.

Please apply to all branches.

Reported-by: Keith Fiske <keith@omniti.com>

--
marko

Tom Lane

tgl@sss.pgh.pa.us

almost 13 years ago

In reply to: Marko Kreen (#1)

Re: pgcrypto: Fix RSA password-protected keys

Marko Kreen <markokr@gmail.com> writes:

RSA secret key extraction code uses wrong variable so
that decryption is skipped and only secret keys without
password work for pgp_pub_decrypt().

Attached patch fixes it and also adds regtest.

Please apply to all branches.

Will do, thanks for the fix!

regards, tom lane

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Marko Kreen

markokr@gmail.com

almost 13 years ago

In reply to: Tom Lane (#2)

Re: pgcrypto: Fix RSA password-protected keys

On Fri, May 10, 2013 at 12:52:55PM -0400, Tom Lane wrote:

Marko Kreen <markokr@gmail.com> writes:

RSA secret key extraction code uses wrong variable so
that decryption is skipped and only secret keys without
password work for pgp_pub_decrypt().

Attached patch fixes it and also adds regtest.

Please apply to all branches.

Will do, thanks for the fix!

Thanks.

Re: future changelog entry

The problem is specific to RSA keys, password-protected DSA+ElGamal
keys work fine. Sorry for not mentioning it earlier.

RSA code was added later than ElGamal, and the bug is probably
because of copy-paste from public key code...

--
marko

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

pgcrypto: Fix RSA password-protected keys

Attachments: