pgcrypto: PGP signatures - Mailing list pgsql-hackers

From Marko Tiikkaja
Subject pgcrypto: PGP signatures
Date
Msg-id 53E223B0.90506@joh.to
Whole thread Raw
Responses Re: pgcrypto: PGP signatures
Re: pgcrypto: PGP signatures
List pgsql-hackers
Hi hackers,

Attached is a patch to add support for PGP signatures in encrypted
messages into pgcrypto.

Currently, the list of limitations is the following:

     - It only knows how to generate one signature per message.  I don't
see that as a problem.
     - If a message has been signed with multiple keys which have the
same keyid as the one specified to verify the message, an error is
returned.  Naively, it seems that we should try all of them and return
"OK" if even one of them matches, but that seems icky.
     - Only RSA signatures are supported.  It wouldn't be too hard for
someone familiar with DSA to add it in, but I'm not volunteering to do
it.  Personally I think supporting RSA is better than no support at all.

As per usual, I'll also add this to the upcoming commitfest.  Any
feedback appreciated before that, of course.


.marko

Attachment

pgsql-hackers by date:

Previous
From: Fujii Masao
Date:
Subject: Re: pg_receivexlog add synchronous mode
Next
From: Fabien COELHO
Date:
Subject: Re: A worst case for qsort