Problem with encode () and hmac() in pgcrypto

From: hlcborg <h(dot)luis(dot)cardoso(at)gmail(dot)com>
To: pgsql-general(at)postgresql(dot)org
Subject: Problem with encode () and hmac() in pgcrypto
Date: 2011-02-01 15:36:56
Message-ID: 1296574616113-3366420.post@n5.nabble.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general


Hi,

I am trying to compute a hash string with 172 bytes.
I have a openssl RSA private key stored in the postgresql db and a string
with some text.

I want to sign that string with the private key and the SHA1 algorithm and
encode the result in the base64 format.

I am writing it inside the pg database in a function that performs other
stuff.

String to sign:

v_em_crt_conc = '2011-01-31;2011-02-01T13:33:38;100036;684.40; '

Private RSA Key:
This Key was genarated in OpenSSL with this command:
~$openssl genrsa -out abc.pem 1024 and then copied the content to v_Private

v_Private =
'MIICXAIBAAKBgQCfaFpbOjsz0fKygWc9zdvu1XjOSJEZJ9XwlAyayxt2A57OUjxJ
GJZBwZDLWx+rYga2B04v5MigY9q/TfrSzbQZpmPf6hC/U36y7pgPce1ijosl7/on
4UejIlLAcqJgkoJVrkaRp0NuX5hcmFiR2z8b+ypHtF3t/JOHkz+gUAmc7wIDAQAB
AoGBAIuNcbz356hgHpaDjvyeYfJe1FnTUaOyKitpkPda5HmWhcqeV8SuT6zVZouB
BOKm+LUXBC4Nnk473N8px3IRP57rCaLwFdQCrfVMieAkdVPoLIryofo81jF4bbOo
yUJ1E901lCbSW8bnPhrWz1zFVWBUHoik2aWIiETs8v7HD8RBAkEA0YKX0SngYo6J
5BX8en9kG0cpE/oXrTOP5cTXuyOK/bG2pikVXfozSIZx3rbszAtAjSH72Mi/djLo
WsbEKL0KEQJBAMLHpLOssg06Hyj6XYGi8l6Yhxy2Vsv6qtwbxZ3soysuZrcmxgNm
ek1wVyDsuTKRPQYcFgyi2fhaucXPKgzNNv8CQAIqDDFv8k5yVIBTrdECIeGaQZVg
PwBeCP2BpAzd2CC4xj8/K2ZWIFN+eAyp7RZKg3cxw61AnaG18uqFJR+anFECQB8b
yadUpp9MMBvYWMTSpIkNLU8dpCEx6MX8vYQqfijwYUFRNQDoBhKGJbRBepaj8a4f
IDpmbA+pVdBM9PdUczsCQGrwaHYQw0NhUz2WIGvog8HUbkyAPLiWLpwWvwpjoAFs
LcoEyU/UxuNTwGSL3o5aYCo1RFCZH0sBnhd4S0DH0JI='

The FUNCTION:

encode(hmac(v_em_crt_conc, v_Private,'sha1'),'base64');

The Result:

h6CpmrP1QCE/Mp3xn3utUEPtftg= This hash has 28 chars

When I use OpenSSL in command line like this:

~$ echo "2011-01-31;2011-02-01T13:33:38;100036;684.40; " | openssl dgst
-sha1 -sign abc.pem | openssl enc -base64 -A

The Result is:

nKfxnt31+kk/RnKihJ0jKufq+nZvmPjVauGo8+tqJ1Y/ah/mAu4jSS1wnzU+wRygZ4CLIV9DGSs9bxBc4r9e71C8s9B5ms6Kpggmc12kdmqVHBRO28bPWb/YLCej59gZFFkvcCudweNAT4qHvVqWsOtFCf9kE4q92UIv1JcwSDU=

This hash has 172 chars

Does someone know where is my problem? Is there other way to implement? or
is it simply impossible??

Thanks in advance

Luis

--
View this message in context: http://postgresql.1045698.n5.nabble.com/Problem-with-encode-and-hmac-in-pgcrypto-tp3366420p3366420.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Nicolas Grilly 2011-02-01 15:52:10 Using the copy protocol, is there a way to be notified of a potential error before sending?
Previous Message Andy Colson 2011-02-01 15:19:17 Re: Select for update with offset interferes with concurrent transactions