| From: | Ron Peterson <rpeterso(at)mtholyoke(dot)edu> |
|---|---|
| To: | pgsql-admin(at)postgresql(dot)org |
| Subject: | pgcrypto pgp_pub_decrypt with passphrase broken |
| Date: | 2011-04-29 20:30:26 |
| Message-ID: | 20110429203026.GG11013@mtholyoke.edu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
AFAIKT, pgp_pub_decrypt is broken if you protect your private key with a
passphrase. e.g.
works:
pgp_pub_decrypt( pgp_pub_encrypt( 'secret', dearmor(pubkey) ),
dearmor(privkey) )
fails:
pgp_pub_decrypt( pgp_pub_encrypt( 'secret', dearmor(pubkey) ),
dearmor(privkey),
'passphrase' )
The error maps to PXE_MBUF_SHORT_READ, which is only thrown by mbuf.c,
in the pullf_read_fixed function. This function is called from various
places; tracing the problem back, I believe the problem arises in
process_secret_key from pgp-pubkey.c, on this call to pgp_mpi_read:
case PGP_PUB_RSA_ENCRYPT_SIGN:
res = pgp_mpi_read(pkt, &pk->sec.rsa.d);
if (res < 0)
break;
That's as far back as I went (just throwing in fprintf statements to
trace things).
PostgreSQL 9.0.3
Keys created by GPG 1.4.10
Any ideas how to fix this?
-Ron-
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Anibal David Acosta | 2011-04-30 04:13:22 | Postgres TimeZone |
| Previous Message | c k | 2011-04-28 17:14:09 | Re: plpython module import errors |