| From: | raf <raf(at)raf(dot)org> |
|---|---|
| To: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: GPG signing |
| Date: | 2020-05-26 23:17:16 |
| Message-ID: | 20200526231716.drwyuv7hefu3ky2k@raf.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Marc Munro wrote:
> On Tue, 2020-05-26 at 12:04 -0700, Adrian Klaver wrote:
> > On 5/26/20 12:01 PM, Marc Munro wrote:
> > > I need to be able to cryptographically sign objects in my database
> > > using a public key scheme.
> > > [ . . . ]
> > > Any other options? Am I missing something?
> >
> > https://www.postgresql.org/docs/12/pgcrypto.html#id-1.11.7.34.7
>
> I looked at that but I must be missing something. In order to usefully
> sign something, the private, secret, key must be used to encrypt a
> disgest of the thing being signed (something of a simplification, but
> that's the gist). This can then be verified, by anyone, using the
> public key.
>
> But the pgcrypto functions, for good reasons, do not allow the private
> (secret) key to be used in this way. Encryption and signing algorithms
> are necessarily different as the secret key must be protected; and we
> don't want signatures to be huge, and it seems that pgcrypto has not
> implemented signing algorithms.
>
> What am I missing?
>
> __
> Marc
That page linked to above says:
F.25.3.10. Limitations of PGP Code
No support for signing.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Prashanth Talla | 2020-05-26 23:17:25 | Install PostgreSQL on windows 10 home 64-bit machine |
| Previous Message | Marc Munro | 2020-05-26 19:21:12 | Re: GPG signing |