The large one adds support for RSA keys and reorganizes

the pubkey functions a bit. The actual RSA-specific code there is tiny, most of the patch consists of reorg of the pubkey code, as lots of it was written as elgamal-only. --------------------------------------------------------------------------- The SHLIB section was copy-pasted from somewhere and contains several unnecessary libs. This cleans it up a bit. -lcrypt we don't use system crypt() -lssl, -lssleay32 no SSL here -lz in win32 section already added on previous line -ldes The chance anybody has it is pretty low. And the chance pgcrypto works with it is even lower. Also trim the win32 section. --------------------------------------------------------------------------- It is already disabled in Makefile, remove code too. --------------------------------------------------------------------------- I was bit hasty making the random exponent 'k' a prime. Further researh shows that Elgamal encryption has no specific needs in respect to k, any random number is fine. It is bit different for signing, there it needs to be 'relatively prime' to p - 1, that means GCD(k, p-1) == 1, which is also a lot lighter than full primality. As we don't do signing, this can be ignored. This brings major speedup to Elgamal encryption. --------------------------------------------------------------------------- o pgp_mpi_free: Accept NULLs o pgp_mpi_cksum: result should be 16bit o Remove function name from error messages - to be similar to other SQL functions, and it does not match anyway the called function o remove couple junk lines --------------------------------------------------------------------------- o Support for RSA encryption o Big reorg to better separate generic and algorithm-specific code. o Regression tests for RSA. --------------------------------------------------------------------------- o Tom stuck a CVS id into file. I doubt the usefulness of it, but if it needs to be in the file then rather at the end. Also tag it as comment for asciidoc. o Mention bytea vs. text difference o Couple clarifications --------------------------------------------------------------------------- There is a choice whether to update it with pgp functions or remove it. I decided to remove it, updating is pointless. I've tried to keep the core of pgcrypto relatively independent from main PostgreSQL, to make it easy to use externally if needed, and that is good. Eg. that made development of PGP functions much nicer. But I have no plans to release it as generic library, so keeping such doc up-to-date is waste of time. If anyone is interested in using it in other products, he can probably bother to read the source too. Commented source is another thing - I'll try to make another pass over code to see if there is anything non-obvious that would need more comments. --------------------------------------------------------------------------- Marko Kreen
2025-07-28 23:42:10 +03:00 · 2005-08-13 02:06:21 +00:00
parent abecf1afc2
commit 87688ddf87
23 changed files with 815 additions and 285 deletions
--- a/contrib/pgcrypto/README.pgcrypto
+++ b/contrib/pgcrypto/README.pgcrypto
@ -1,4 +1,3 @@
-$PostgreSQL: pgsql/contrib/pgcrypto/README.pgcrypto,v 1.12 2005/07/18 17:17:12 tgl Exp $

 pgcrypto - cryptographic functions for PostgreSQL
 =================================================
@ -278,7 +277,7 @@ cracking.  Or may not.
 -------------------

 The functions here implement the encryption part of OpenPGP (RFC2440)
-standard.
+standard.   Supported are both symmetric-key and public-key encryption.


 5.1.  Overview
@ -334,6 +333,10 @@ Options are described in section 5.7.

 Decrypt a symmetric-key encrypted PGP message.

+Decrypting bytea data with `pgp_sym_decrypt` is disallowed.
+This is to avoid outputting invalid character data.  Decrypting
+originally textual data with `pgp_sym_decrypt_bytea` is fine.
+
 Options are described in section 5.7.


@ -362,6 +365,10 @@ key is password-protected, you must give the password in `psw`.  If
 there is no password, but you want to specify option for function, you
 need to give empty password.

+Decrypting bytea data with `pgp_pub_decrypt` is disallowed.
+This is to avoid outputting invalid character data.  Decrypting
+originally textual data with `pgp_pub_decrypt_bytea` is fine.
+
 Options are described in section 5.7.


@ -422,7 +429,6 @@ cipher-algo::
  Default: aes128
  Applies: pgp_sym_encrypt, pgp_pub_encrypt

-
 compress-algo::
  Which compression algorithm to use.  Needs building with zlib.

@ -492,7 +498,7 @@ s2k-cipher-algo::
  Which cipher to use for encrypting separate session key.

  Values: bf, aes, aes128, aes192, aes256
-  Default: same as cipher-algo.
+  Default: use cipher-algo.
  Applies: pgp_sym_encrypt

 unicode-mode::
@ -513,7 +519,10 @@ Generate a new key:

    gpg --gen-key

-You need to pick "DSA and Elgamal" key type, others are sign-only.
+The preferred key type is "DSA and Elgamal".
+
+For RSA encryption you must create either DSA or RSA sign-only key
+as master and then add RSA encryption subkey with `gpg --edit-key`.

 List keys:

@ -531,6 +540,9 @@ You need to use `dearmor()` on them before giving giving them to
 pgp_pub_* functions.  Or if you can handle binary data, you can drop
 "-a" from gpg.

+For more details see `man gpg`, http://www.gnupg.org/gph/en/manual.html[
+The GNU Privacy Handbook] and other docs on http://www.gnupg.org[] site.
+

 5.10.  Limitations of PGP code
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@ -538,9 +550,13 @@ pgp_pub_* functions.  Or if you can handle binary data, you can drop
 - No support for signing.  That also means that it is not checked
  whether the encryption subkey belongs to master key.

- No support for RSA keys.  Only Elgamal encryption keys are supported
+- No support for encryption key as master key.  As such practice
+  is generally discouraged, it should not be a problem.

- No support for several encryption subkeys.
+- No support for several subkeys.  This may seem like a problem, as this
+  is common practice.  On the other hand, you should not use your regular
+  GPG/PGP keys with pgcrypto, but create new ones, as the usage scenario
+  is rather different.


 6.  Raw encryption
@ -631,6 +647,9 @@ I have used code from following sources:
 9.1.  Useful reading
 ~~~~~~~~~~~~~~~~~~~~~

+http://www.gnupg.org/gph/en/manual.html[]::
+	The GNU Privacy Handbook
+
 http://www.openwall.com/crypt/[]::
 	Describes the crypt-blowfish algorithm.

@ -673,3 +692,7 @@ http://jlcooke.ca/random/[]::

 http://www.cs.ut.ee/~helger/crypto/[]::
 	Collection of cryptology pointers.
+
+
+// $PostgreSQL: pgsql/contrib/pgcrypto/README.pgcrypto,v 1.13 2005/08/13 02:06:20 momjian Exp $
+