Re: pgcrypto: PGP signatures

Поиск
Список
Период
Сортировка
От Joel Jacobson
Тема Re: pgcrypto: PGP signatures
Дата
Msg-id CAASwCXfoUFKp8+BwgnXkPTa-9ev1jgbHyNMzmqbinAX3u8is3w@mail.gmail.com
обсуждение исходный текст
Ответ на Re: pgcrypto: PGP signatures  (Marko Tiikkaja <marko@joh.to>)
Ответы Re: pgcrypto: PGP signatures  (Marko Tiikkaja <marko@joh.to>)
Список pgsql-hackers
Дерево обсуждения 
Marko, et al,

This is a review of the pgcrypto PGP signatures patch:
http://www.postgresql.org/message-id/53EDBCF0.9070205@joh.to

There hasn't been any discussion, at least that I've been able to find.

Contents & Purpose
==================
This patch add functions to create, verify and extract infromation
from OpenPGP signatures. Previously pgcrypto only peformed
PGP encrypt/decrypt, not sign/verify. This is a painful limitation
since a very common use-case for OpenPGP is the signature-part,
where two parties want to verify messages originate from each other,
and not only encrypt the messages.

Included in the patch are updated regression test cases and documentation.

Initial Run
===========
The patch applies cleanly to HEAD after changing a single line in the patch:
< !     Giving this function a secret key will produce an error.
---
> !     Giving this function a secret key will produce a error.
This grammar fix was already fixed in 05258761bf12a64befc9caec1947b254cdeb74c5,
and therefore caused the conflict.

The 144 regression tests all pass successfully against the new patch.

Conclusion
==========
Since I'm using these functions in the BankAPI project,
https://github.com/trustly/bankapi, I have tested them
by actually using them in production, in addition to the provided
regression tests, which is a good sign they are working not just
in theory.

+1 for committer review after the changes suggested by Jeff Janes and
Thomas Munro.


On Fri, Aug 15, 2014 at 9:55 AM, Marko Tiikkaja <marko@joh.to> wrote:
> Hi,
>
>
> On 8/7/14 12:15 PM, I wrote:
>>
>> Here's v2 of the patch.  I've changed the info-extracting code to not
>> look for signatures beyond the data, which also meant that it had to
>> parse one-pass signatures (which it didn't do before).  This matches the
>> behaviour of the main decryption code.
>
>
> Here's the latest version where I've added the option to extract the
> creation time from the signatures.
>
>
>
> .marko
>
>
> --
> Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-hackers
>

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Atri Sharma
Дата:
Сообщение: Re: Join push-down support for foreign tables
Следующее
От: Robert Haas
Дата:
Сообщение: Re: B-Tree support function number 3 (strxfrm() optimization)