From 1c73485c695af2dfa7a7f7bec6e1ab8d4eaab7ab Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Tue, 11 Nov 2014 17:22:15 -0500 Subject: [PATCH] Loop when necessary in contrib/pgcrypto's pktreader_pull(). This fixes a scenario in which pgp_sym_decrypt() failed with "Wrong key or corrupt data" on messages whose length is 6 less than a power of 2. Per bug #11905 from Connor Penhale. Fix by Marko Tiikkaja, regression test case from Jeff Janes. --- contrib/pgcrypto/expected/pgp-decrypt.out | 8 ++++++++ contrib/pgcrypto/pgp-decrypt.c | 2 +- contrib/pgcrypto/sql/pgp-decrypt.sql | 4 ++++ 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/contrib/pgcrypto/expected/pgp-decrypt.out b/contrib/pgcrypto/expected/pgp-decrypt.out index 859f4d681b..7193dca026 100644 --- a/contrib/pgcrypto/expected/pgp-decrypt.out +++ b/contrib/pgcrypto/expected/pgp-decrypt.out @@ -364,3 +364,11 @@ a3nsOzKTXUfS9VyaXo8IrncM6n7fdaXpwba/3tNsAhJG4lDv1k4g9v8Ix2dfv6Rs (1 row) -- expected: 7efefcab38467f7484d6fa43dc86cf5281bd78e2 +-- check BUG #11905, problem with messages 6 less than a power of 2. +select pgp_sym_decrypt(pgp_sym_encrypt(repeat('x',65530),'1'),'1') = repeat('x',65530); + ?column? +---------- + t +(1 row) + +-- expected: true diff --git a/contrib/pgcrypto/pgp-decrypt.c b/contrib/pgcrypto/pgp-decrypt.c index e03ee7f5f0..1fd7cf3976 100644 --- a/contrib/pgcrypto/pgp-decrypt.c +++ b/contrib/pgcrypto/pgp-decrypt.c @@ -182,7 +182,7 @@ pktreader_pull(void *priv, PullFilter *src, int len, if (pkt->type == PKT_CONTEXT) return pullf_read(src, len, data_p); - if (pkt->len == 0) + while (pkt->len == 0) { /* this was last chunk in stream */ if (pkt->type == PKT_NORMAL) diff --git a/contrib/pgcrypto/sql/pgp-decrypt.sql b/contrib/pgcrypto/sql/pgp-decrypt.sql index 93535ab016..5457152ccf 100644 --- a/contrib/pgcrypto/sql/pgp-decrypt.sql +++ b/contrib/pgcrypto/sql/pgp-decrypt.sql @@ -264,3 +264,7 @@ a3nsOzKTXUfS9VyaXo8IrncM6n7fdaXpwba/3tNsAhJG4lDv1k4g9v8Ix2dfv6Rs -----END PGP MESSAGE----- '), 'key', 'convert-crlf=1'), 'sha1'), 'hex'); -- expected: 7efefcab38467f7484d6fa43dc86cf5281bd78e2 + +-- check BUG #11905, problem with messages 6 less than a power of 2. +select pgp_sym_decrypt(pgp_sym_encrypt(repeat('x',65530),'1'),'1') = repeat('x',65530); +-- expected: true