Thread: pgcrypto: Fix RSA password-protected keys
RSA secret key extraction code uses wrong variable so that decryption is skipped and only secret keys without password work for pgp_pub_decrypt(). Attached patch fixes it and also adds regtest. Please apply to all branches. Reported-by: Keith Fiske <keith@omniti.com> -- marko
Attachment
Marko Kreen <markokr@gmail.com> writes: > RSA secret key extraction code uses wrong variable so > that decryption is skipped and only secret keys without > password work for pgp_pub_decrypt(). > Attached patch fixes it and also adds regtest. > Please apply to all branches. Will do, thanks for the fix! regards, tom lane
On Fri, May 10, 2013 at 12:52:55PM -0400, Tom Lane wrote: > Marko Kreen <markokr@gmail.com> writes: > > RSA secret key extraction code uses wrong variable so > > that decryption is skipped and only secret keys without > > password work for pgp_pub_decrypt(). > > > Attached patch fixes it and also adds regtest. > > > Please apply to all branches. > > Will do, thanks for the fix! Thanks. Re: future changelog entry The problem is specific to RSA keys, password-protected DSA+ElGamal keys work fine. Sorry for not mentioning it earlier. RSA code was added later than ElGamal, and the bug is probably because of copy-paste from public key code... -- marko