Fix generation of padding message before encrypting Elgamal in pgcrypto
Michael Paquier <michael@paquier.xyz>
Fix generation of padding message before encrypting Elgamal in pgcrypto fe0a0b5, which has added a stronger random source in Postgres, has introduced a thinko when creating a padding message which gets encrypted for Elgamal. The padding message cannot have zeros, which are replaced by random bytes. However if pg_strong_random() failed, the message would finish by being considered in correct shape for encryption with zeros. Author: Tom Lane Reviewed-by: Michael Paquier Discussion: https://postgr.es/m/20186.1546188423@sss.pgh.pa.us Backpatch-through: 10
Files
| Path | Change | +/− |
|---|---|---|
| contrib/pgcrypto/pgp-pubenc.c | modified | +1 −1 |
Discussion
- Removing --disable-strong-random from the code 10 messages · 2018-12-30 → 2019-01-01