Thread: [patch 4/7] small fixes

[patch 4/7] small fixes

From
Marko Kreen
Date:
o  pgp_mpi_free: Accept NULLs
o  pgp_mpi_cksum: result should be 16bit
o  Remove function name from error messages - to be similar to other
   SQL functions, and it does not match anyway the called function
o  remove couple junk lines


Index: pgsql/contrib/pgcrypto/pgp-mpi.c
===================================================================
*** pgsql.orig/contrib/pgcrypto/pgp-mpi.c
--- pgsql/contrib/pgcrypto/pgp-mpi.c
*************** int pgp_mpi_create(uint8 *data, int bits
*** 66,71 ****
--- 66,73 ----

  int pgp_mpi_free(PGP_MPI *mpi)
  {
+     if (mpi == NULL)
+         return 0;
      memset(mpi, 0, sizeof(*mpi) + mpi->bytes);
      px_free(mpi);
      return 0;
*************** unsigned pgp_mpi_cksum(unsigned cksum, P
*** 129,134 ****
      for (i = 0; i < n->bytes; i++)
          cksum += n->data[i];

!     return cksum;
  }

--- 131,136 ----
      for (i = 0; i < n->bytes; i++)
          cksum += n->data[i];

!     return cksum & 0xFFFF;
  }

Index: pgsql/contrib/pgcrypto/pgp-pubkey.c
===================================================================
*** pgsql.orig/contrib/pgcrypto/pgp-pubkey.c
--- pgsql/contrib/pgcrypto/pgp-pubkey.c
***************
*** 34,41 ****
  #include "mbuf.h"
  #include "pgp.h"

- #define PXE_PGP_BAD_KEY -90
-
  int pgp_key_alloc(PGP_PubKey **pk_p)
  {
      PGP_PubKey *pk;
--- 34,39 ----
Index: pgsql/contrib/pgcrypto/pgp-pgsql.c
===================================================================
*** pgsql.orig/contrib/pgcrypto/pgp-pgsql.c
--- pgsql/contrib/pgcrypto/pgp-pgsql.c
*************** encrypt_internal(int is_pubenc, int is_t
*** 496,502 ****
          mbuf_free(dst);
          ereport(ERROR,
                  (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
!                  errmsg("pgp_encrypt error: %s", px_strerror(err))));
      }

      /* res_len includes VARHDRSZ */
--- 496,502 ----
          mbuf_free(dst);
          ereport(ERROR,
                  (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
!                  errmsg("%s", px_strerror(err))));
      }

      /* res_len includes VARHDRSZ */
*************** out:
*** 591,597 ****
              mbuf_free(dst);
          ereport(ERROR,
                  (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
!                  errmsg("pgp_decrypt error: %s", px_strerror(err))));
      }

      res_len = mbuf_steal_data(dst, &restmp);
--- 591,597 ----
              mbuf_free(dst);
          ereport(ERROR,
                  (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
!                  errmsg("%s", px_strerror(err))));
      }

      res_len = mbuf_steal_data(dst, &restmp);
*************** pg_dearmor(PG_FUNCTION_ARGS)
*** 879,885 ****
      if (res_len < 0)
          ereport(ERROR,
                  (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
!                  errmsg("dearmor: %s", px_strerror(res_len))));
      if (res_len > guess_len)
          ereport(ERROR,
                  (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
--- 879,885 ----
      if (res_len < 0)
          ereport(ERROR,
                  (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
!                  errmsg("%s", px_strerror(res_len))));
      if (res_len > guess_len)
          ereport(ERROR,
                  (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
*************** pgp_key_id_w(PG_FUNCTION_ARGS)
*** 909,917 ****
      buf = create_mbuf_from_vardata(data);
      res = palloc(VARHDRSZ + 17);

-     px_set_debug_handler(show_debug);
      res_len = pgp_get_keyid(buf, VARDATA(res));
-     px_set_debug_handler(NULL);
      mbuf_free(buf);
      if (res_len < 0)
          ereport(ERROR,
--- 909,915 ----
Index: pgsql/contrib/pgcrypto/px.c
===================================================================
*** pgsql.orig/contrib/pgcrypto/px.c
--- pgsql/contrib/pgcrypto/px.c
*************** static const struct error_desc px_err_li
*** 72,85 ****
      {PXE_PGP_SHORT_ELGAMAL_KEY, "Elgamal keys must be at least 1024 bits long"},
      {PXE_PGP_RSA_UNSUPPORTED, "pgcrypto does not support RSA keys"},
      {PXE_PGP_UNKNOWN_PUBALGO, "Unknown public-key encryption algorithm"},
!     {PXE_PGP_WRONG_KEYID, "Data is not encrypted with this key"},
      {PXE_PGP_MULTIPLE_KEYS,
          "Several keys given - pgcrypto does not handle keyring"},
      {PXE_PGP_EXPECT_PUBLIC_KEY, "Refusing to encrypt with secret key"},
      {PXE_PGP_EXPECT_SECRET_KEY, "Cannot decrypt with public key"},
      {PXE_PGP_NOT_V4_KEYPKT, "Only V4 key packets are supported"},
      {PXE_PGP_KEYPKT_CORRUPT, "Corrupt key packet"},
!     {PXE_PGP_NO_USABLE_KEY, "No usable key found (expecting Elgamal key)"},
      {PXE_PGP_NEED_SECRET_PSW, "Need password for secret key"},
      {PXE_PGP_BAD_S2K_MODE, "Bad S2K mode"},
      {PXE_PGP_UNSUPPORTED_PUBALGO, "Unsupported public key algorithm"},
--- 72,85 ----
      {PXE_PGP_SHORT_ELGAMAL_KEY, "Elgamal keys must be at least 1024 bits long"},
      {PXE_PGP_RSA_UNSUPPORTED, "pgcrypto does not support RSA keys"},
      {PXE_PGP_UNKNOWN_PUBALGO, "Unknown public-key encryption algorithm"},
!     {PXE_PGP_WRONG_KEY, "Wrong key"},
      {PXE_PGP_MULTIPLE_KEYS,
          "Several keys given - pgcrypto does not handle keyring"},
      {PXE_PGP_EXPECT_PUBLIC_KEY, "Refusing to encrypt with secret key"},
      {PXE_PGP_EXPECT_SECRET_KEY, "Cannot decrypt with public key"},
      {PXE_PGP_NOT_V4_KEYPKT, "Only V4 key packets are supported"},
      {PXE_PGP_KEYPKT_CORRUPT, "Corrupt key packet"},
!     {PXE_PGP_NO_USABLE_KEY, "No encryption key found"},
      {PXE_PGP_NEED_SECRET_PSW, "Need password for secret key"},
      {PXE_PGP_BAD_S2K_MODE, "Bad S2K mode"},
      {PXE_PGP_UNSUPPORTED_PUBALGO, "Unsupported public key algorithm"},
Index: pgsql/contrib/pgcrypto/px.h
===================================================================
*** pgsql.orig/contrib/pgcrypto/px.h
--- pgsql/contrib/pgcrypto/px.h
*************** void        px_free(void *p);
*** 101,107 ****
  #define PXE_PGP_SHORT_ELGAMAL_KEY    -110
  #define PXE_PGP_RSA_UNSUPPORTED        -111
  #define PXE_PGP_UNKNOWN_PUBALGO        -112
! #define PXE_PGP_WRONG_KEYID            -113
  #define PXE_PGP_MULTIPLE_KEYS        -114
  #define PXE_PGP_EXPECT_PUBLIC_KEY    -115
  #define PXE_PGP_EXPECT_SECRET_KEY    -116
--- 101,107 ----
  #define PXE_PGP_SHORT_ELGAMAL_KEY    -110
  #define PXE_PGP_RSA_UNSUPPORTED        -111
  #define PXE_PGP_UNKNOWN_PUBALGO        -112
! #define PXE_PGP_WRONG_KEY            -113
  #define PXE_PGP_MULTIPLE_KEYS        -114
  #define PXE_PGP_EXPECT_PUBLIC_KEY    -115
  #define PXE_PGP_EXPECT_SECRET_KEY    -116
Index: pgsql/contrib/pgcrypto/expected/pgp-armor.out
===================================================================
*** pgsql.orig/contrib/pgcrypto/expected/pgp-armor.out
--- pgsql/contrib/pgcrypto/expected/pgp-armor.out
*************** em9va2E=
*** 99,102 ****
  =ZZZZ
  -----END PGP MESSAGE-----
  ');
! ERROR:  dearmor: Corrupt ascii-armor
--- 99,102 ----
  =ZZZZ
  -----END PGP MESSAGE-----
  ');
! ERROR:  Corrupt ascii-armor
Index: pgsql/contrib/pgcrypto/expected/pgp-encrypt.out
===================================================================
*** pgsql.orig/contrib/pgcrypto/expected/pgp-encrypt.out
--- pgsql/contrib/pgcrypto/expected/pgp-encrypt.out
*************** NOTICE:  pgp_decrypt: unexpected compres
*** 43,49 ****

  -- bytea as text
  select pgp_sym_decrypt(pgp_sym_encrypt_bytea('Binary', 'baz'), 'baz');
! ERROR:  pgp_decrypt error: Not text data
  -- text as bytea
  select pgp_sym_decrypt_bytea(pgp_sym_encrypt('Text', 'baz'), 'baz');
   pgp_sym_decrypt_bytea
--- 43,49 ----

  -- bytea as text
  select pgp_sym_decrypt(pgp_sym_encrypt_bytea('Binary', 'baz'), 'baz');
! ERROR:  Not text data
  -- text as bytea
  select pgp_sym_decrypt_bytea(pgp_sym_encrypt('Text', 'baz'), 'baz');
   pgp_sym_decrypt_bytea
Index: pgsql/contrib/pgcrypto/expected/pgp-info.out
===================================================================
*** pgsql.orig/contrib/pgcrypto/expected/pgp-info.out
--- pgsql/contrib/pgcrypto/expected/pgp-info.out
*************** select pgp_key_id(dearmor(pubkey)) from
*** 21,27 ****
  (1 row)

  select pgp_key_id(dearmor(pubkey)) from keytbl where id=4; -- should fail
! ERROR:  No usable key found (expecting Elgamal key)
  select pgp_key_id(dearmor(pubkey)) from keytbl where id=5;
      pgp_key_id
  ------------------
--- 21,27 ----
  (1 row)

  select pgp_key_id(dearmor(pubkey)) from keytbl where id=4; -- should fail
! ERROR:  No encryption key found
  select pgp_key_id(dearmor(pubkey)) from keytbl where id=5;
      pgp_key_id
  ------------------
*************** select pgp_key_id(dearmor(seckey)) from
*** 47,53 ****
  (1 row)

  select pgp_key_id(dearmor(seckey)) from keytbl where id=4; -- should fail
! ERROR:  No usable key found (expecting Elgamal key)
  select pgp_key_id(dearmor(seckey)) from keytbl where id=5;
      pgp_key_id
  ------------------
--- 47,53 ----
  (1 row)

  select pgp_key_id(dearmor(seckey)) from keytbl where id=4; -- should fail
! ERROR:  No encryption key found
  select pgp_key_id(dearmor(seckey)) from keytbl where id=5;
      pgp_key_id
  ------------------
Index: pgsql/contrib/pgcrypto/expected/pgp-pubkey-decrypt.out
===================================================================
*** pgsql.orig/contrib/pgcrypto/expected/pgp-pubkey-decrypt.out
--- pgsql/contrib/pgcrypto/expected/pgp-pubkey-decrypt.out
*************** from keytbl, encdata where keytbl.id=3 a
*** 418,436 ****
  -- wrong key
  select pgp_pub_decrypt(dearmor(data), dearmor(seckey))
  from keytbl, encdata where keytbl.id=2 and encdata.id=1;
! ERROR:  pgp_decrypt error: Data is not encrypted with this key
  -- sign-only key
  select pgp_pub_decrypt(dearmor(data), dearmor(seckey))
  from keytbl, encdata where keytbl.id=4 and encdata.id=1;
! ERROR:  pgp_decrypt error: No usable key found (expecting Elgamal key)
  -- password-protected secret key, no password
  select pgp_pub_decrypt(dearmor(data), dearmor(seckey))
  from keytbl, encdata where keytbl.id=5 and encdata.id=1;
! ERROR:  pgp_decrypt error: Need password for secret key
  -- password-protected secret key, wrong password
  select pgp_pub_decrypt(dearmor(data), dearmor(seckey), 'foo')
  from keytbl, encdata where keytbl.id=5 and encdata.id=1;
! ERROR:  pgp_decrypt error: Corrupt data
  -- password-protected secret key, right password
  select pgp_pub_decrypt(dearmor(data), dearmor(seckey), 'parool')
  from keytbl, encdata where keytbl.id=5 and encdata.id=1;
--- 418,436 ----
  -- wrong key
  select pgp_pub_decrypt(dearmor(data), dearmor(seckey))
  from keytbl, encdata where keytbl.id=2 and encdata.id=1;
! ERROR:  Wrong key
  -- sign-only key
  select pgp_pub_decrypt(dearmor(data), dearmor(seckey))
  from keytbl, encdata where keytbl.id=4 and encdata.id=1;
! ERROR:  No encryption key found
  -- password-protected secret key, no password
  select pgp_pub_decrypt(dearmor(data), dearmor(seckey))
  from keytbl, encdata where keytbl.id=5 and encdata.id=1;
! ERROR:  Need password for secret key
  -- password-protected secret key, wrong password
  select pgp_pub_decrypt(dearmor(data), dearmor(seckey), 'foo')
  from keytbl, encdata where keytbl.id=5 and encdata.id=1;
! ERROR:  Corrupt data
  -- password-protected secret key, right password
  select pgp_pub_decrypt(dearmor(data), dearmor(seckey), 'parool')
  from keytbl, encdata where keytbl.id=5 and encdata.id=1;
Index: pgsql/contrib/pgcrypto/expected/pgp-pubkey-encrypt.out
===================================================================
*** pgsql.orig/contrib/pgcrypto/expected/pgp-pubkey-encrypt.out
--- pgsql/contrib/pgcrypto/expected/pgp-pubkey-encrypt.out
*************** select pgp_pub_decrypt(
*** 34,46 ****
          pgp_pub_encrypt('Secret msg', dearmor(pubkey)),
          dearmor(seckey))
  from keytbl where keytbl.id=4;
! ERROR:  pgp_encrypt error: No usable key found (expecting Elgamal key)
  -- try with secret key
  select pgp_pub_decrypt(
          pgp_pub_encrypt('Secret msg', dearmor(seckey)),
          dearmor(seckey))
  from keytbl where keytbl.id=1;
! ERROR:  pgp_encrypt error: Refusing to encrypt with secret key
  -- does text-to-bytea works
  select pgp_pub_decrypt_bytea(
          pgp_pub_encrypt('Secret msg', dearmor(pubkey)),
--- 34,46 ----
          pgp_pub_encrypt('Secret msg', dearmor(pubkey)),
          dearmor(seckey))
  from keytbl where keytbl.id=4;
! ERROR:  No encryption key found
  -- try with secret key
  select pgp_pub_decrypt(
          pgp_pub_encrypt('Secret msg', dearmor(seckey)),
          dearmor(seckey))
  from keytbl where keytbl.id=1;
! ERROR:  Refusing to encrypt with secret key
  -- does text-to-bytea works
  select pgp_pub_decrypt_bytea(
          pgp_pub_encrypt('Secret msg', dearmor(pubkey)),
*************** select pgp_pub_decrypt(
*** 56,59 ****
          pgp_pub_encrypt_bytea('Secret msg', dearmor(pubkey)),
          dearmor(seckey))
  from keytbl where keytbl.id=1;
! ERROR:  pgp_decrypt error: Not text data
--- 56,59 ----
          pgp_pub_encrypt_bytea('Secret msg', dearmor(pubkey)),
          dearmor(seckey))
  from keytbl where keytbl.id=1;
! ERROR:  Not text data
Index: pgsql/contrib/pgcrypto/pgp-pubdec.c
===================================================================
*** pgsql.orig/contrib/pgcrypto/pgp-pubdec.c
--- pgsql/contrib/pgcrypto/pgp-pubdec.c
*************** control_cksum(uint8 *msg, int msglen)
*** 77,83 ****
      unsigned my_cksum, got_cksum;

      if (msglen < 3)
!         return PXE_PGP_CORRUPT_DATA;

      my_cksum = 0;
      for (i = 1; i < msglen - 2; i++)
--- 77,83 ----
      unsigned my_cksum, got_cksum;

      if (msglen < 3)
!         return PXE_PGP_WRONG_KEY;

      my_cksum = 0;
      for (i = 1; i < msglen - 2; i++)
*************** control_cksum(uint8 *msg, int msglen)
*** 86,92 ****
      got_cksum = ((unsigned)(msg[msglen-2]) << 8) + msg[msglen-1];
      if (my_cksum != got_cksum) {
          px_debug("pubenc cksum failed");
!         return PXE_PGP_CORRUPT_DATA;
      }
      return 0;
  }
--- 86,92 ----
      got_cksum = ((unsigned)(msg[msglen-2]) << 8) + msg[msglen-1];
      if (my_cksum != got_cksum) {
          px_debug("pubenc cksum failed");
!         return PXE_PGP_WRONG_KEY;
      }
      return 0;
  }
*************** pgp_parse_pubenc_sesskey(PGP_Context *ct
*** 134,140 ****
       && memcmp(key_id, pk->key_id, 8) != 0)
      {
          px_debug("key_id's does not match");
!         return PXE_PGP_WRONG_KEYID;
      }

      GETBYTE(pkt, algo);
--- 134,140 ----
       && memcmp(key_id, pk->key_id, 8) != 0)
      {
          px_debug("key_id's does not match");
!         return PXE_PGP_WRONG_KEY;
      }

      GETBYTE(pkt, algo);
*************** pgp_parse_pubenc_sesskey(PGP_Context *ct
*** 170,176 ****
      msg = check_eme_pkcs1_v15(m->data, m->bytes);
      if (msg == NULL) {
          px_debug("check_eme_pkcs1_v15 failed");
!         return PXE_PGP_CORRUPT_DATA;
      }
      msglen = m->bytes - (msg - m->data);

--- 170,176 ----
      msg = check_eme_pkcs1_v15(m->data, m->bytes);
      if (msg == NULL) {
          px_debug("check_eme_pkcs1_v15 failed");
!         return PXE_PGP_WRONG_KEY;
      }
      msglen = m->bytes - (msg - m->data);


--