Uploaded image for project: 'Percona Server for MySQL'
  1. Percona Server for MySQL
  2. PS-8149

asymmetric_verify() UDF fails to verify signature against digest when external RSA keys are used for encryption

    XMLWordPrintable

Details

    • Yes

    Description

      Please find below steps to repeat the problem.

      mysql> CREATE TABLE key_holder (priv varchar(2000), pub varchar(2000));
Query OK, 0 rows affected (0.06 sec)

mysql> INSERT INTO key_holder VALUES (LOAD_FILE('/home/mohit.joshi/PS-7044/bld_01apr_2022/install/rsa.private'), LOAD_FILE('/home/mohit.joshi/PS-7044/bld_01apr_2022/install/rsa.public'));
Query OK, 1 row affected (0.03 sec)

mysql> SELECT priv FROM key_holder INTO @external_priv;
Query OK, 1 row affected (0.01 sec)

mysql> SELECT pub from key_holder INTO @external_pub;
Query OK, 1 row affected (0.00 sec)

mysql> SET @dig_type = 'SHA224';
Query OK, 0 rows affected (0.01 sec)

mysql> SET @dig = create_digest(@dig_type, 'My text to digest');
Query OK, 0 rows affected (0.00 sec)

mysql> SET @algo = 'RSA';
Query OK, 0 rows affected (0.00 sec)

mysql> select priv from key_holder into @external_priv;
Query OK, 1 row affected (0.00 sec)

mysql> select pub from key_holder into @external_pub;
Query OK, 1 row affected (0.00 sec)

mysql> SET @sig = asymmetric_sign(@algo, @dig, @external_priv, @dig_type);
Query OK, 0 rows affected (0.00 sec)

mysql> SET @verf = asymmetric_verify(@algo, @dig, @sig, @external_pub, @dig_type);
ERROR 3200 (HY000): asymmetric_verify<int> UDF failed; cannot import RSA key from PEM PUBLIC KEY: error:0909006C:PEM routines:get_name:no start line

      Refer to additional attached shell script.

      Attachments

        Issue Links

          relates to

          New Feature - A new feature of the product, which has yet to be developed. PS-7044 Provide Enterprise Encryption UDFs for OpenSSL

          • Medium - Minor loss of function, or other problem where easy workaround is present.
          • Done

          Activity

            People

              yura.sorokin Yura Sorokin
              mohit.joshi Mohit Joshi
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - Not Specified
                  Not Specified
                  Logged:
                  Time Spent - 1 hour, 10 minutes
                  1h 10m

                  Smart Checklist