database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-11-03 09:13:20 +03:00
Code Activity
Files
be26c77ef9b8613a2583853b9dd7097c5d373f48
postgres/contrib/pgcrypto/expected/pgp-encrypt.out
Peter Eisentraut 3af0d17ace pgcrypto: Split off pgp-encrypt-md5 test 
In FIPS mode, these tests will fail.  By having them in a separate
file, it would make it easier to have an alternative output file or
selectively disable these tests.  This isn't done here; this is just
some preparation.

Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us>
Discussion: https://www.postgresql.org/message-id/2766054.1700080156@sss.pgh.pa.us
2023-11-16 16:16:07 +01:00

201 lines
4.8 KiB
Plaintext
Raw Blame History

--
-- PGP encrypt
--
select pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key'), 'key');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
-- check whether the defaults are ok
select pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key'),
'key', 'expect-cipher-algo=aes128,
expect-disable-mdc=0,
expect-sess-key=0,
expect-s2k-mode=3,
expect-s2k-digest-algo=sha1,
expect-compress-algo=0
');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
-- maybe the expect- stuff simply does not work
select pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key'),
'key', 'expect-cipher-algo=bf,
expect-disable-mdc=1,
expect-sess-key=1,
expect-s2k-mode=0,
expect-s2k-digest-algo=md5,
expect-compress-algo=1
');
NOTICE: pgp_decrypt: unexpected cipher_algo: expected 4 got 7
NOTICE: pgp_decrypt: unexpected s2k_mode: expected 0 got 3
NOTICE: pgp_decrypt: unexpected s2k_digest_algo: expected 1 got 2
NOTICE: pgp_decrypt: unexpected use_sess_key: expected 1 got 0
NOTICE: pgp_decrypt: unexpected disable_mdc: expected 1 got 0
NOTICE: pgp_decrypt: unexpected compress_algo: expected 1 got 0
pgp_sym_decrypt
-----------------
Secret.
(1 row)
-- bytea as text
select pgp_sym_decrypt(pgp_sym_encrypt_bytea('Binary', 'baz'), 'baz');
ERROR: Not text data
-- text as bytea
select encode(pgp_sym_decrypt_bytea(pgp_sym_encrypt('Text', 'baz'), 'baz'), 'escape');
encode
--------
Text
(1 row)
-- algorithm change
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=bf'),
'key', 'expect-cipher-algo=bf');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes'),
'key', 'expect-cipher-algo=aes128');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes192'),
'key', 'expect-cipher-algo=aes192');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
-- s2k change
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret.', 'key', 's2k-mode=0'),
'key', 'expect-s2k-mode=0');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret.', 'key', 's2k-mode=1'),
'key', 'expect-s2k-mode=1');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret.', 'key', 's2k-mode=3'),
'key', 'expect-s2k-mode=3');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
-- s2k count change
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret.', 'key', 's2k-count=1024'),
'key', 'expect-s2k-count=1024');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
-- s2k_count rounds up
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret.', 'key', 's2k-count=65000000'),
'key', 'expect-s2k-count=65000000');
NOTICE: pgp_decrypt: unexpected s2k_count: expected 65000000 got 65011712
pgp_sym_decrypt
-----------------
Secret.
(1 row)
-- s2k digest change
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret.', 'key', 's2k-digest-algo=sha1'),
'key', 'expect-s2k-digest-algo=sha1');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
-- sess key
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret.', 'key', 'sess-key=0'),
'key', 'expect-sess-key=0');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret.', 'key', 'sess-key=1'),
'key', 'expect-sess-key=1');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret.', 'key', 'sess-key=1, cipher-algo=bf'),
'key', 'expect-sess-key=1, expect-cipher-algo=bf');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret.', 'key', 'sess-key=1, cipher-algo=aes192'),
'key', 'expect-sess-key=1, expect-cipher-algo=aes192');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret.', 'key', 'sess-key=1, cipher-algo=aes256'),
'key', 'expect-sess-key=1, expect-cipher-algo=aes256');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
-- no mdc
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret.', 'key', 'disable-mdc=1'),
'key', 'expect-disable-mdc=1');
pgp_sym_decrypt
-----------------
Secret.
(1 row)
-- crlf
select pgp_sym_decrypt_bytea(
pgp_sym_encrypt(E'1\n2\n3\r\n', 'key', 'convert-crlf=1'),
'key');
pgp_sym_decrypt_bytea
------------------------
\x310d0a320d0a330d0d0a
(1 row)
-- conversion should be lossless
select digest(pgp_sym_decrypt(
pgp_sym_encrypt(E'\r\n0\n1\r\r\n\n2\r', 'key', 'convert-crlf=1'),
'key', 'convert-crlf=1'), 'sha1') as result,
digest(E'\r\n0\n1\r\r\n\n2\r', 'sha1') as expect;
result | expect
--------------------------------------------+--------------------------------------------
\x47bde5d88d6ef8770572b9cbb4278b402aa69966 | \x47bde5d88d6ef8770572b9cbb4278b402aa69966
(1 row)
View Git Blame Copy Permalink