Обсуждение: pgcrypto: Fix RSA password-protected keys

Поиск
Список
Период
Сортировка

pgcrypto: Fix RSA password-protected keys

От
Marko Kreen
Дата:
RSA secret key extraction code uses wrong variable so
that decryption is skipped and only secret keys without
password work for pgp_pub_decrypt().

Attached patch fixes it and also adds regtest.

Please apply to all branches.


Reported-by: Keith Fiske <keith@omniti.com>

--
marko
Вложения

Re: pgcrypto: Fix RSA password-protected keys

От
Tom Lane
Дата:
Marko Kreen <markokr@gmail.com> writes:
> RSA secret key extraction code uses wrong variable so
> that decryption is skipped and only secret keys without
> password work for pgp_pub_decrypt().

> Attached patch fixes it and also adds regtest.

> Please apply to all branches.

Will do, thanks for the fix!
        regards, tom lane

Re: pgcrypto: Fix RSA password-protected keys

От
Marko Kreen
Дата:
On Fri, May 10, 2013 at 12:52:55PM -0400, Tom Lane wrote:
> Marko Kreen <markokr@gmail.com> writes:
> > RSA secret key extraction code uses wrong variable so
> > that decryption is skipped and only secret keys without
> > password work for pgp_pub_decrypt().
> 
> > Attached patch fixes it and also adds regtest.
> 
> > Please apply to all branches.
> 
> Will do, thanks for the fix!

Thanks.

Re: future changelog entry

The problem is specific to RSA keys, password-protected DSA+ElGamal
keys work fine.  Sorry for not mentioning it earlier.

RSA code was added later than ElGamal, and the bug is probably
because of copy-paste from public key code...

-- 
marko