Skip site navigation (1) Skip section navigation (2)

pgcrypto pgp_pub_decrypt with passphrase broken

From: Ron Peterson <rpeterso(at)mtholyoke(dot)edu>
To: pgsql-admin(at)postgresql(dot)org
Subject: pgcrypto pgp_pub_decrypt with passphrase broken
Date: 2011-04-29 20:30:26
Message-ID: 20110429203026.GG11013@mtholyoke.edu (view raw or flat)
Thread:
Lists: pgsql-admin
AFAIKT, pgp_pub_decrypt is broken if you protect your private key with a
passphrase.  e.g.

works:
pgp_pub_decrypt( pgp_pub_encrypt( 'secret', dearmor(pubkey) ),
                 dearmor(privkey) )

fails:
pgp_pub_decrypt( pgp_pub_encrypt( 'secret', dearmor(pubkey) ),
                 dearmor(privkey),
                 'passphrase' )
                 
The error maps to PXE_MBUF_SHORT_READ, which is only thrown by mbuf.c,
in the pullf_read_fixed function.  This function is called from various
places; tracing the problem back, I believe the problem arises in
process_secret_key from pgp-pubkey.c, on this call to pgp_mpi_read:

        case PGP_PUB_RSA_ENCRYPT_SIGN:
            res = pgp_mpi_read(pkt, &pk->sec.rsa.d);
            if (res < 0)
                break;

That's as far back as I went (just throwing in fprintf statements to
trace things).

PostgreSQL 9.0.3
Keys created by GPG 1.4.10

Any ideas how to fix this?

-Ron-

pgsql-admin by date

Next:From: Anibal David AcostaDate: 2011-04-30 04:13:22
Subject: Postgres TimeZone
Previous:From: c kDate: 2011-04-28 17:14:09
Subject: Re: plpython module import errors

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group