1-- 2-- pgp_descrypt tests 3-- 4-- Checking ciphers 5select pgp_sym_decrypt(dearmor(' 6-----BEGIN PGP MESSAGE----- 7Comment: dat1.blowfish.sha1.mdc.s2k3.z0 8 9jA0EBAMCfFNwxnvodX9g0jwB4n4s26/g5VmKzVab1bX1SmwY7gvgvlWdF3jKisvS 10yA6Ce1QTMK3KdL2MPfamsTUSAML8huCJMwYQFfE= 11=JcP+ 12-----END PGP MESSAGE----- 13'), 'foobar'); 14 pgp_sym_decrypt 15----------------- 16 Secret message. 17(1 row) 18 19select pgp_sym_decrypt(dearmor(' 20-----BEGIN PGP MESSAGE----- 21Comment: dat1.aes.sha1.mdc.s2k3.z0 22 23jA0EBwMCci97v0Q6Z0Zg0kQBsVf5Oe3iC+FBzUmuMV9KxmAyOMyjCc/5i8f1Eest 24UTAsG35A1vYs02VARKzGz6xI2UHwFUirP+brPBg3Ee7muOx8pA== 25=XtrP 26-----END PGP MESSAGE----- 27'), 'foobar'); 28 pgp_sym_decrypt 29----------------- 30 Secret message. 31(1 row) 32 33select pgp_sym_decrypt(dearmor(' 34-----BEGIN PGP MESSAGE----- 35Comment: dat1.aes192.sha1.mdc.s2k3.z0 36 37jA0ECAMCI7YQpWqp3D1g0kQBCjB7GlX7+SQeXNleXeXQ78ZAPNliquGDq9u378zI 385FPTqAhIB2/2fjY8QEIs1ai00qphjX2NitxV/3Wn+6dufB4Q4g== 39=rCZt 40-----END PGP MESSAGE----- 41'), 'foobar'); 42 pgp_sym_decrypt 43----------------- 44 Secret message. 45(1 row) 46 47select pgp_sym_decrypt(dearmor(' 48-----BEGIN PGP MESSAGE----- 49Comment: dat1.aes256.sha1.mdc.s2k3.z0 50 51jA0ECQMC4f/5djqCC1Rg0kQBTHEPsD+Sw7biBsM2er3vKyGPAQkuTBGKC5ie7hT/ 52lceMfQdbAg6oTFyJpk/wH18GzRDphCofg0X8uLgkAKMrpcmgog== 53=fB6S 54-----END PGP MESSAGE----- 55'), 'foobar'); 56 pgp_sym_decrypt 57----------------- 58 Secret message. 59(1 row) 60 61-- Checking MDC modes 62select pgp_sym_decrypt(dearmor(' 63-----BEGIN PGP MESSAGE----- 64Comment: dat1.aes.sha1.nomdc.s2k3.z0 65 66jA0EBwMCnv07rlXqWctgyS2Dm2JfOKCRL4sLSLJUC8RS2cH7cIhKSuLitOtyquB+ 67u9YkgfJfsuRJmgQ9tmo= 68=60ui 69-----END PGP MESSAGE----- 70'), 'foobar'); 71 pgp_sym_decrypt 72----------------- 73 Secret message. 74(1 row) 75 76select pgp_sym_decrypt(dearmor(' 77-----BEGIN PGP MESSAGE----- 78Comment: dat1.aes.sha1.mdc.s2k3.z0 79 80jA0EBwMCEeP3idNjQ1Bg0kQBf4G0wX+2QNzLh2YNwYkQgQkfYhn/hLXjV4nK9nsE 818Ex1Dsdt5UPvOz8W8VKQRS6loOfOe+yyXil8W3IYFwUpdDUi+Q== 82=moGf 83-----END PGP MESSAGE----- 84'), 'foobar'); 85 pgp_sym_decrypt 86----------------- 87 Secret message. 88(1 row) 89 90-- Checking hashes 91select pgp_sym_decrypt(dearmor(' 92-----BEGIN PGP MESSAGE----- 93Comment: dat1.aes.md5.mdc.s2k3.z0 94 95jA0EBwMClrXXtOXetohg0kQBn0Kl1ymevQZRHkdoYRHgzCwSQEiss7zYff2UNzgO 96KyRrHf7zEBuZiZ2AG34jNVMOLToj1jJUg5zTSdecUzQVCykWTA== 97=NyLk 98-----END PGP MESSAGE----- 99'), 'foobar'); 100 pgp_sym_decrypt 101----------------- 102 Secret message. 103(1 row) 104 105select pgp_sym_decrypt(dearmor(' 106-----BEGIN PGP MESSAGE----- 107Comment: dat1.aes.sha1.mdc.s2k3.z0 108 109jA0EBwMCApbdlrURoWJg0kQBzHM/E0o7djY82bNuspjxjAcPFrrtp0uvDdMQ4z2m 110/PM8jhgI5vxFYfNQjLl8y3fHYIomk9YflN9K/Q13iq8A8sjeTw== 111=FxbQ 112-----END PGP MESSAGE----- 113'), 'foobar'); 114 pgp_sym_decrypt 115----------------- 116 Secret message. 117(1 row) 118 119-- Checking S2K modes 120select pgp_sym_decrypt(dearmor(' 121-----BEGIN PGP MESSAGE----- 122Comment: dat1.aes.sha1.mdc.s2k0.z0 123 124jAQEBwAC0kQBKTaLAKE3xzps+QIZowqRNb2eAdzBw2LxEW2YD5PgNlbhJdGg+dvw 125Ah9GXjGS1TVALzTImJbz1uHUZRfhJlFbc5yGQw== 126=YvkV 127-----END PGP MESSAGE----- 128'), 'foobar'); 129 pgp_sym_decrypt 130----------------- 131 Secret message. 132(1 row) 133 134select pgp_sym_decrypt(dearmor(' 135-----BEGIN PGP MESSAGE----- 136Comment: dat1.aes.sha1.mdc.s2k1.z0 137 138jAwEBwEC/QTByBLI3b/SRAHPxKzI6SZBo5lAEOD+EsvKQWO4adL9tDY+++Iqy1xK 1394IaWXVKEj9R2Lr2xntWWMGZtcKtjD2lFFRXXd9dZp1ZThNDz 140=dbXm 141-----END PGP MESSAGE----- 142'), 'foobar'); 143 pgp_sym_decrypt 144----------------- 145 Secret message. 146(1 row) 147 148select pgp_sym_decrypt(dearmor(' 149-----BEGIN PGP MESSAGE----- 150Comment: dat1.aes.sha1.mdc.s2k3.z0 151 152jA0EBwMCEq4Su3ZqNEJg0kQB4QG5jBTKF0i04xtH+avzmLhstBNRxvV3nsmB3cwl 153z+9ZaA/XdSx5ZiFnMym8P6r8uY9rLjjNptvvRHlxIReF+p9MNg== 154=VJKg 155-----END PGP MESSAGE----- 156'), 'foobar'); 157 pgp_sym_decrypt 158----------------- 159 Secret message. 160(1 row) 161 162select pgp_sym_decrypt(dearmor(' 163-----BEGIN PGP MESSAGE----- 164Comment: dat1.aes192.sha1.mdc.s2k0.z0 165 166jAQECAAC0kQBBDnQWkgsx9YFaqDfWmpsiyAJ6y2xG/sBvap1dySYEMuZ+wJTXQ9E 167Cr3i2M7TgVZ0M4jp4QL0adG1lpN5iK7aQeOwMw== 168=cg+i 169-----END PGP MESSAGE----- 170'), 'foobar'); 171 pgp_sym_decrypt 172----------------- 173 Secret message. 174(1 row) 175 176select pgp_sym_decrypt(dearmor(' 177-----BEGIN PGP MESSAGE----- 178Comment: dat1.aes192.sha1.mdc.s2k1.z0 179 180jAwECAECruOfyNDFiTnSRAEVoGXm4A9UZKkWljdzjEO/iaE7mIraltIpQMkiqCh9 1817h8uZ2u9uRBOv222fZodGvc6bvq/4R4hAa/6qSHtm8mdmvGt 182=aHmC 183-----END PGP MESSAGE----- 184'), 'foobar'); 185 pgp_sym_decrypt 186----------------- 187 Secret message. 188(1 row) 189 190select pgp_sym_decrypt(dearmor(' 191-----BEGIN PGP MESSAGE----- 192Comment: dat1.aes192.sha1.mdc.s2k3.z0 193 194jA0ECAMCjFn6SRi3SONg0kQBqtSHPaD0m7rXfDAhCWU/ypAsI93GuHGRyM99cvMv 195q6eF6859ZVnli3BFSDSk3a4e/pXhglxmDYCfjAXkozKNYLo6yw== 196=K0LS 197-----END PGP MESSAGE----- 198'), 'foobar'); 199 pgp_sym_decrypt 200----------------- 201 Secret message. 202(1 row) 203 204select pgp_sym_decrypt(dearmor(' 205-----BEGIN PGP MESSAGE----- 206Comment: dat1.aes256.sha1.mdc.s2k0.z0 207 208jAQECQAC0kQB4L1eMbani07XF2ZYiXNK9LW3v8w41oUPl7dStmrJPQFwsdxmrDHu 209rQr3WbdKdY9ufjOE5+mXI+EFkSPrF9rL9NCq6w== 210=RGts 211-----END PGP MESSAGE----- 212'), 'foobar'); 213 pgp_sym_decrypt 214----------------- 215 Secret message. 216(1 row) 217 218select pgp_sym_decrypt(dearmor(' 219-----BEGIN PGP MESSAGE----- 220Comment: dat1.aes256.sha1.mdc.s2k1.z0 221 222jAwECQECKHhrou7ZOIXSRAHWIVP+xjVQcjAVBTt+qh9SNzYe248xFTwozkwev3mO 223+KVJW0qhk0An+Y2KF99/bYFl9cL5D3Tl43fC8fXGl3x3m7pR 224=SUrU 225-----END PGP MESSAGE----- 226'), 'foobar'); 227 pgp_sym_decrypt 228----------------- 229 Secret message. 230(1 row) 231 232select pgp_sym_decrypt(dearmor(' 233-----BEGIN PGP MESSAGE----- 234Comment: dat1.aes256.sha1.mdc.s2k3.z0 235 236jA0ECQMCjc8lwZu8Fz1g0kQBkEzjImi21liep5jj+3dAJ2aZFfUkohi8b3n9z+7+ 2374+NRzL7cMW2RLAFnJbiqXDlRHMwleeuLN1up2WIxsxtYYuaBjA== 238=XZrG 239-----END PGP MESSAGE----- 240'), 'foobar'); 241 pgp_sym_decrypt 242----------------- 243 Secret message. 244(1 row) 245 246-- Checking longer passwords 247select pgp_sym_decrypt(dearmor(' 248-----BEGIN PGP MESSAGE----- 249Comment: dat1.aes.sha1.mdc.s2k3.z0 250 251jA0EBwMCx6dBiuqrYNRg0kQBEo63AvA1SCslxP7ayanLf1H0/hlk2nONVhTwVEWi 252tTGup1mMz6Cfh1uDRErUuXpx9A0gdMu7zX0o5XjrL7WGDAZdSw== 253=XKKG 254-----END PGP MESSAGE----- 255'), '0123456789abcdefghij'); 256 pgp_sym_decrypt 257----------------- 258 Secret message. 259(1 row) 260 261select pgp_sym_decrypt(dearmor(' 262-----BEGIN PGP MESSAGE----- 263Comment: dat1.aes.sha1.mdc.s2k3.z0 264 265jA0EBwMCBDvYuS990iFg0kQBW31UK5OiCjWf5x6KJ8qNNT2HZWQCjCBZMU0XsOC6 266CMxFKadf144H/vpoV9GA0f22keQgCl0EsTE4V4lweVOPTKCMJg== 267=gWDh 268-----END PGP MESSAGE----- 269'), '0123456789abcdefghij2jk4h5g2j54khg23h54g2kh54g2khj54g23hj54'); 270 pgp_sym_decrypt 271----------------- 272 Secret message. 273(1 row) 274 275select pgp_sym_decrypt(dearmor(' 276-----BEGIN PGP MESSAGE----- 277Comment: dat1.aes.sha1.mdc.s2k3.z0 278 279jA0EBwMCqXbFafC+ofVg0kQBejyiPqH0QMERVGfmPOjtAxvyG5KDIJPYojTgVSDt 280FwsDabdQUz5O7bgNSnxfmyw1OifGF+W2bIn/8W+0rDf8u3+O+Q== 281=OxOF 282-----END PGP MESSAGE----- 283'), 'x'); 284 pgp_sym_decrypt 285----------------- 286 Secret message. 287(1 row) 288 289-- Checking various data 290select encode(digest(pgp_sym_decrypt(dearmor(' 291-----BEGIN PGP MESSAGE----- 292Comment: dat1.aes.sha1.mdc.s2k3.z0 293 294jA0EBwMCGJ+SpuOysINg0kQBJfSjzsW0x4OVcAyr17O7FBvMTwIGeGcJd99oTQU8 295Xtx3kDqnhUq9Z1fS3qPbi5iNP2A9NxOBxPWz2JzxhydANlgbxg== 296=W/ik 297-----END PGP MESSAGE----- 298'), '0123456789abcdefghij'), 'sha1'), 'hex'); 299 encode 300------------------------------------------ 301 0225e3ede6f2587b076d021a189ff60aad67e066 302(1 row) 303 304-- expected: 0225e3ede6f2587b076d021a189ff60aad67e066 305select encode(digest(pgp_sym_decrypt(dearmor(' 306-----BEGIN PGP MESSAGE----- 307Comment: dat2.aes.sha1.mdc.s2k3.z0 308 309jA0EBwMCvdpDvidNzMxg0jUBvj8eS2+1t/9/zgemxvhtc0fvdKGGbjH7dleaTJRB 310SaV9L04ky1qECNDx3XjnoKLC+H7IOQ== 311=Fxen 312-----END PGP MESSAGE----- 313'), '0123456789abcdefghij'), 'sha1'), 'hex'); 314 encode 315------------------------------------------ 316 da39a3ee5e6b4b0d3255bfef95601890afd80709 317(1 row) 318 319-- expected: da39a3ee5e6b4b0d3255bfef95601890afd80709 320select encode(digest(pgp_sym_decrypt(dearmor(' 321-----BEGIN PGP MESSAGE----- 322Comment: dat3.aes.sha1.mdc.s2k3.z0 323 324jA0EBwMCxQvxJZ3G/HRg0lgBeYmTa7/uDAjPyFwSX4CYBgpZWVn/JS8JzILrcWF8 325gFnkUKIE0PSaYFp+Yi1VlRfUtRQ/X/LYNGa7tWZS+4VQajz2Xtz4vUeAEiYFYPXk 32673Hb8m1yRhQK 327=ivrD 328-----END PGP MESSAGE----- 329'), '0123456789abcdefghij'), 'sha1'), 'hex'); 330 encode 331------------------------------------------ 332 5e5c135efc0dd00633efc6dfd6e731ea408a5b4c 333(1 row) 334 335-- expected: 5e5c135efc0dd00633efc6dfd6e731ea408a5b4c 336-- Checking CRLF 337select encode(digest(pgp_sym_decrypt(dearmor(' 338-----BEGIN PGP MESSAGE----- 339Comment: crlf mess 340 341ww0ECQMCt7VAtby6l4Bi0lgB5KMIZiiF/b3CfMfUyY0eDncsGXtkbu1X+l9brjpMP8eJnY79Amms 342a3nsOzKTXUfS9VyaXo8IrncM6n7fdaXpwba/3tNsAhJG4lDv1k4g9v8Ix2dfv6Rs 343=mBP9 344-----END PGP MESSAGE----- 345'), 'key', 'convert-crlf=0'), 'sha1'), 'hex'); 346 encode 347------------------------------------------ 348 9353062be7720f1446d30b9e75573a4833886784 349(1 row) 350 351-- expected: 9353062be7720f1446d30b9e75573a4833886784 352select encode(digest(pgp_sym_decrypt(dearmor(' 353-----BEGIN PGP MESSAGE----- 354Comment: crlf mess 355 356ww0ECQMCt7VAtby6l4Bi0lgB5KMIZiiF/b3CfMfUyY0eDncsGXtkbu1X+l9brjpMP8eJnY79Amms 357a3nsOzKTXUfS9VyaXo8IrncM6n7fdaXpwba/3tNsAhJG4lDv1k4g9v8Ix2dfv6Rs 358=mBP9 359-----END PGP MESSAGE----- 360'), 'key', 'convert-crlf=1'), 'sha1'), 'hex'); 361 encode 362------------------------------------------ 363 7efefcab38467f7484d6fa43dc86cf5281bd78e2 364(1 row) 365 366-- expected: 7efefcab38467f7484d6fa43dc86cf5281bd78e2 367-- check BUG #11905, problem with messages 6 less than a power of 2. 368select pgp_sym_decrypt(pgp_sym_encrypt(repeat('x',65530),'1'),'1') = repeat('x',65530); 369ERROR: generating random data is not supported by this build 370DETAIL: This functionality requires a source of strong random numbers. 371HINT: You need to rebuild PostgreSQL using --enable-strong-random. 372-- expected: true 373-- Negative tests 374-- Decryption with a certain incorrect key yields an apparent Literal Data 375-- packet reporting its content to be binary data. Ciphertext source: 376-- iterative pgp_sym_encrypt('secret', 'key') until the random prefix gave 377-- rise to that property. 378select pgp_sym_decrypt(dearmor(' 379-----BEGIN PGP MESSAGE----- 380 381ww0EBwMCxf8PTrQBmJdl0jcB6y2joE7GSLKRv7trbNsF5Z8ou5NISLUg31llVH/S0B2wl4bvzZjV 382VsxxqLSPzNLAeIspJk5G 383=mSd/ 384-----END PGP MESSAGE----- 385'), 'wrong-key', 'debug=1'); 386NOTICE: dbg: prefix_init: corrupt prefix 387NOTICE: dbg: parse_literal_data: data type=b 388NOTICE: dbg: mdcbuf_finish: bad MDC pkt hdr 389ERROR: Wrong key or corrupt data 390-- Routine text/binary mismatch. 391select pgp_sym_decrypt(pgp_sym_encrypt_bytea('P', 'key'), 'key', 'debug=1'); 392ERROR: generating random data is not supported by this build 393DETAIL: This functionality requires a source of strong random numbers. 394HINT: You need to rebuild PostgreSQL using --enable-strong-random. 395-- Decryption with a certain incorrect key yields an apparent BZip2-compressed 396-- plaintext. Ciphertext source: iterative pgp_sym_encrypt('secret', 'key') 397-- until the random prefix gave rise to that property. 398select pgp_sym_decrypt(dearmor(' 399-----BEGIN PGP MESSAGE----- 400 401ww0EBwMC9rK/dMkF5Zlt0jcBlzAQ1mQY2qYbKYbw8h3EZ5Jk0K2IiY92R82TRhWzBIF/8cmXDPtP 402GXsd65oYJZp3Khz0qfyn 403=Nmpq 404-----END PGP MESSAGE----- 405'), 'wrong-key', 'debug=1'); 406NOTICE: dbg: prefix_init: corrupt prefix 407NOTICE: dbg: parse_compressed_data: bzip2 unsupported 408NOTICE: dbg: mdcbuf_finish: bad MDC pkt hdr 409ERROR: Wrong key or corrupt data 410-- Routine use of BZip2 compression. Ciphertext source: 411-- echo x | gpg --homedir /nonexistent --personal-compress-preferences bzip2 \ 412-- --personal-cipher-preferences aes --no-emit-version --batch \ 413-- --symmetric --passphrase key --armor 414select pgp_sym_decrypt(dearmor(' 415-----BEGIN PGP MESSAGE----- 416 417jA0EBwMCRhFrAKNcLVJg0mMBLJG1cCASNk/x/3dt1zJ+2eo7jHfjgg3N6wpB3XIe 418QCwkWJwlBG5pzbO5gu7xuPQN+TbPJ7aQ2sLx3bAHhtYb0i3vV9RO10Gw++yUyd4R 419UCAAw2JRIISttRHMfDpDuZJpvYo= 420=AZ9M 421-----END PGP MESSAGE----- 422'), 'key', 'debug=1'); 423NOTICE: dbg: parse_compressed_data: bzip2 unsupported 424ERROR: Unsupported compression algorithm 425