| From: | Marko Tiikkaja <marko(at)joh(dot)to> |
|---|---|
| To: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | pgcrypto: PGP signatures |
| Date: | 2014-08-06 12:46:40 |
| Message-ID: | 53E223B0.90506@joh.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi hackers,
Attached is a patch to add support for PGP signatures in encrypted
messages into pgcrypto.
Currently, the list of limitations is the following:
- It only knows how to generate one signature per message. I don't
see that as a problem.
- If a message has been signed with multiple keys which have the
same keyid as the one specified to verify the message, an error is
returned. Naively, it seems that we should try all of them and return
"OK" if even one of them matches, but that seems icky.
- Only RSA signatures are supported. It wouldn't be too hard for
someone familiar with DSA to add it in, but I'm not volunteering to do
it. Personally I think supporting RSA is better than no support at all.
As per usual, I'll also add this to the upcoming commitfest. Any
feedback appreciated before that, of course.
.marko
| Attachment | Content-Type | Size |
|---|---|---|
| pgcrypto_sigs.v1.patch | text/plain | 141.2 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Fabien COELHO | 2014-08-06 13:56:24 | Re: A worst case for qsort |
| Previous Message | Fujii Masao | 2014-08-06 12:33:36 | Re: pg_receivexlog add synchronous mode |