| From: | Jan Wieck <jan(at)wi3ck(dot)info> |
|---|---|
| To: | PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Possible problem with pgcrypto |
| Date: | 2015-02-05 15:48:46 |
| Message-ID: | 54D390DE.20707@wi3ck.info |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
I have encountered a small instability in the behavior of pgcrypto's
pgp_sym_decrypt() function. Attached is a script that can reproduce the
problem. It may have to be run repeatedly because the symptom occurs
rather seldom.
What the script does is to encode a small string with pgp_sym_encrypt()
and then repeatedly try to decrypt it with different "wrong" passwords.
The expected error message for that is of course
"Wrong key or corrupt data".
Every now and then, I get a different error message. Things I've seen are:
"Not text data"
"pgcrypto bug"
This seems to be triggered by a combination of the random data included
in the encrypted data as well as the wrong password, because for an
instance of encrypted data only certain passwords cause this symptom.
I wonder if this may actually be a bug in pgcrypto or if this is an
error inherent in the way, the encrypted data is encoded. I.e. that the
decryption algorithm cannot really figure out what is wrong and just
sometimes gets a little further in the attempt to decrypt.
Jan
--
Jan Wieck
Senior Software Engineer
http://slony.info
| Attachment | Content-Type | Size |
|---|---|---|
| pgcrypto_test.sh | application/x-shellscript | 522 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2015-02-05 15:58:53 | Re: Possible problem with pgcrypto |
| Previous Message | Stephen Frost | 2015-02-05 15:48:14 | Re: GRANT USAGE on FOREIGN SERVER exposes passwords |