projects / postgresql.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c669915) | patch
pgcrypto: Report errant decryption as "Wrong key or corrupt data".
authorNoah Misch <noah@leadboat.com>
Mon, 18 May 2015 14:02:31 +0000 (10:02 -0400)
committerNoah Misch <noah@leadboat.com>
Mon, 18 May 2015 14:02:37 +0000 (10:02 -0400)
commit7b758b7d605aca10b36aa1c26bbf16c33f8ac726
tree9b21e63a2062ca83dc80eb43e38664c4fc0653fetree
parentc669915fd978c5667ce209a827635befb52819c7commit | diff
pgcrypto: Report errant decryption as "Wrong key or corrupt data".

This has been the predominant outcome.  When the output of decrypting
with a wrong key coincidentally resembled an OpenPGP packet header,
pgcrypto could instead report "Corrupt data", "Not text data" or
"Unsupported compression algorithm".  The distinct "Corrupt data"
message added no value.  The latter two error messages misled when the
decrypted payload also exhibited fundamental integrity problems.  Worse,
error message variance in other systems has enabled cryptologic attacks;
see RFC 4880 section "14. Security Considerations".  Whether these
pgcrypto behaviors are likewise exploitable is unknown.

In passing, document that pgcrypto does not resist side-channel attacks.
Back-patch to 9.0 (all supported versions).

Security: CVE-2015-3167
contrib/pgcrypto/expected/pgp-decrypt.out diff | blob | blame | history
contrib/pgcrypto/expected/pgp-pubkey-decrypt.out diff | blob | blame | history
contrib/pgcrypto/mbuf.c diff | blob | blame | history
contrib/pgcrypto/pgp-decrypt.c diff | blob | blame | history
contrib/pgcrypto/pgp.h diff | blob | blame | history
contrib/pgcrypto/px.c diff | blob | blame | history
contrib/pgcrypto/px.h diff | blob | blame | history
contrib/pgcrypto/sql/pgp-decrypt.sql diff | blob | blame | history
doc/src/sgml/pgcrypto.sgml diff | blob | blame | history
This is the main PostgreSQL git repository.